Sysdig Secure for cloud is deployed using AWS CloudFormation. To connect your cloud account to Sysdig and deploy the CF Template,
Log into Sysdig Secure, and browse to Getting Started, then Connect your Cloud Account, then click Launch Stack
Note: Make sure you switch to your desired AWS region for deployment of the associated resources. For the purposes of the workshop, make sure you’re in US-East (i.e. ‘N. Virginia’).
The AWS Console should open the CF Template
Mandatory parameters are:
Stack Name: You can leave this as its default ‘Sysdig-CloudVision’
Sysdig Secure Endpoint: Enter the value in your Sysdig Secure domain name, i.e. one of the following
Remember to include
https:// at the beginning, and no trailing slash at the end.
Sysdig Secure API Token: enter your ‘Sysdig Secure API Token’ for your Sysdig Secure account. You can find this in your Sysdig Secure User Profile.
Make sure to check the two tick boxes at the end
✅ I acknowledge that AWS CloudFormation might create IAM resources with custom names.
✅ I acknowledge that AWS CloudFormation might require the following capability: CAPABILITY_AUTO_EXPAND
The first of these is required to create the IAM roles for the new resources, and the second is to execute sub-templates that this template incorporates for the different features of Sysdig Secure for cloud.
Click Create stack
You will first see the stack “Sysdig-CloudVision” in “CREATE_IN_PROGRESS” state. It will also start to create 7 sub-stacks associated with the main one. When you refresh the status of the template and it shows “CREATE_COMPLETE” for all of them, the installation is finished.
There is one last step to complete once the CF Template has successfully deployed - enable the “Sysdig AWS Best Practices” policy in the Sysdig UI.