-
Notifications
You must be signed in to change notification settings - Fork 1
/
deploy_cloudformation_template.json
140 lines (140 loc) · 5.91 KB
/
deploy_cloudformation_template.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
{
"AWSTemplateFormatVersion": "2010-09-09",
"Transform": "AWS::Serverless-2016-10-31",
"Description": "Misconfigured AWS CloudFormation Template for Cloud Conformity **WARNING** This template creates AWS Resources in the AWS US-EAST-1 Region. You will be billed for the AWS resources used if you create a stack from this template. Please delete this CloudFormation Stack when no longer in use. For cost and billing purposes, all resources are tagged with Project=TrendMicro tags. Use AWS Resource Groups' tag filter to identify created resources.",
"Parameters": {
"VpcId": {
"Type": "AWS::EC2::VPC::Id",
"Description": "VpcId of your existing Virtual Private Cloud (VPC)",
"ConstraintDescription": "must be the VPC Id of an existing Virtual Private Cloud."
},
"SubnetId": {
"Type": "AWS::EC2::Subnet::Id",
"Description": "SubnetId of an existing subnet (for the primary network) in your Virtual Private Cloud (VPC)",
"ConstraintDescription": "must be an existing subnet in the selected Virtual Private Cloud."
},
"C1WSApiSecretKey": {
"Type": "String",
"Description": "Cloud One Workload Security API Secret Key. To create an API key, refer https://cloudone.trendmicro.com/docs/workload-security/api-send-request/#create-an-api-key",
"ConstraintDescription": "must be a valid Cloud One Workload Security API Secret."
},
"S3QuarantineBucketName": {
"Type": "String",
"Description": "FSS S3 Quarantine Bucket Name"
},
"DDANApiKey": {
"Type": "String",
"Description": "DDAN API Key"
},
"DDANHost": {
"Type": "String",
"Description": "DDAN Host"
}
},
"Mappings": {
"RegionMap": {
"amzn-linux":{
"us-east-1": {
"AMI": "ami-0915bcb5fa77e4892"
},
"us-east-2": {
"AMI": "ami-09246ddb00c7c4fef"
},
"us-west-1": {
"AMI": "ami-066c82dabe6dd7f73"
},
"us-west-2": {
"AMI": "ami-09c5e030f74651050"
},
"ca-central-1": {
"AMI": "ami-0df612970f825f04c"
}
}
}
},
"Resources": {
"DDANEc2Instance": {
"Type": "AWS::EC2::Instance",
"Properties": {
"IamInstanceProfile": "<!-- ARN --> ",
"ImageId": {
"Fn::FindInMap": [
"RegionMap",
"amzn-linux",
{
"Ref": "AWS::Region"
},
"AMI"
]
},
"InstanceType": "t2.micro",
"InstanceInitiatedShutdownBehavior": "stop",
"KeyName": "CloudOne",
"SecurityGroups": [],
"SubnetId": "",
"Tags": [
{
"Key": "Owner",
"Value": "TrendMicro"
},
{
"Key": "Product",
"Value": "CloudOneFileStorageSecurity"
},
{
"Key": "Name",
"Value": "FileStorageSecurity-DDAN-FileSandbox-PushScan"
}
]
},
"UserData": {
"Fn::Sub": [
{
"Fn::Join": [
"",
[
"#!/bin/bash",
"yum update -y",
"yum install wget unzip glibc.i686 zlib.i686 python3 python3-pip git -y",
"wget -P ~ https://files.trendmicro.com/products/network/Deep%20Discovery%20Analyzer/5.x/new/submission_linux_v1.2.1070.zip",
"mkdir -p ~/ddan",
"unzip -o -u submission_linux_v1.2.1070.zip -d ~/ddan",
"chmod +x ~/ddan/dtascli",
"~/ddan/dtascli -u",
"export S3_QUARANTINE_BUCKET_NAME=S3QuarantineBucketName",
"export DDAN_HOST=DDANHost",
"export DDAN_API_KEY=DDANApiKey",
"echo `export S3_QUARANTINE_BUCKET_NAME=S3QuarantineBucketName` | sudo tee -a /etc/profile",
"echo `export DDAN_HOST=DDANHost` | sudo tee -a /etc/profile",
"echo `export DDAN_API_KEY=DDANApiKey` | sudo tee -a /etc/profile",
"git clone https://github.com/GeorgeDavis-TM/FileStorageSecurity-DDAN-Sandbox-Scan.git",
"cd FileStorageSecurity-DDAN-Sandbox-Scan",
"pip3 install -r requirements.txt",
"python3 ./push-artifacts-to-ddan.py"
]
]
},
{
"S3QuarantineBucketName": {
"Ref": "S3_QUARANTINE_BUCKET_NAME"
},
"DDANHost": {
"Ref": "DDAN_HOST"
},
"DDANApiKey": {
"Ref": "DDAN_API_KEY"
}
}
]
}
}
},
"Outputs": {
"DDANEc2Instance": {
"Description": "EC2 Instance IP Address",
"Value": {
"Ref": "DDANEc2Instance"
}
}
}
}