Sysdig Secure for Cloud in AWS - Cloudformation Templates

This repository contains the CloudFormation templates to deploy Sysdig Secure for Cloud suite.

Features

Provides unified threat-detection, compliance, forensics and analysis through these major components:

• Threat Detection: Tracks abnormal and suspicious activities in your cloud environment based on Falco language. Managed through cloud-connector module.
  

• Compliance: Enables the evaluation of standard compliance frameworks. Requires both modules cloud-connector and cloud-bench.
  

• Identity and Access Management: Analyses user access overly permissive policies. Requires both modules cloud-connector and cloud-bench.
  

• Image Scanning: Automatically scans all container images pushed to the registry (ECR) and the images that run on the AWS workload (currently ECS). Managed through cloud-connector.
  Disabled by Default, can be enabled through deploy_image_scanning_ecr and deploy_image_scanning_ecs input variable parameters.
  

For Terraform flavor, check Secure for cloud - Terraform

UseCases

If you're unsure about what/how to use this module, please fill the questionnaire report as an issue and let us know your context, we will be happy to help and improve our module.

Single-Account

Deploy the latest versions using one of the workloads that most suit you:

ECS-based workload

Template for ECS workload

AppRunner-based workload

Less resource-demanding and economic deployment (ECS requires VPCs and Gateways), but Apprunner is not available on all regions yet

Template for AppRunner workload

If needed, we also have an Sysdig Secure for Cloud Terraform version

Organizational

No official cloudformation templates available yet.

If Terraform is not desired, you can approach the installation through the manual setup, following the so prefixed extra use-cases

---

Authors

Module is maintained and supported by Sysdig.

License

Apache 2 Licensed. See LICENSE for full details.