Open menu
-->

How to setup Cloud Conformity Real-time threat monitoring?

Here are the steps to configure Real-Time Threat Monitoring

Real-time threat monitoring setup

On Linux you can install through the installer script. The script will download and install the latest version of Cloud Conformity Threat Monitoring on your AWS account.

Requirements

Ensure CloudTrail is enabled
https://www.cloudconformity.com/conformity-rules/CloudTrail/cloudtrail-enabled.html

Install the AWS Command Line Interface
http://docs.aws.amazon.com/cli/latest/userguide/installing.html

Export your Access Key and Secret Access Key
http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html

export AWS_ACCESS_KEY_ID=YOUR_AWS_ACCESS_KEY_ID
export AWS_SECRET_ACCESS_KEY=YOUR_AWS_SECRET_ACCESS_KEY

Note: The keys used must belong to a user with access to:

AWS CloudFormation
AWS IAM Role
AWS Lambda Function
AWS Events Rule
AWS Lambda Permission

Or switch your AWS profile

export AWS_PROFILE=your-account-profile

Setup

To create or update Cloud Conformity Threat Monitoring, open a command prompt, copy the specifically generated command line for you and run it on your command line interface.

Real-time Monitoring Installation Command Line
curl -L https://s3-us-west-2.amazonaws.com/cloudconformity/monitoring/install.sh | bash -s SECURITY_TOKEN

After finishing the installation, open CloudFromation console (https://console.aws.amazon.com/cloudformation) and verify the status of CloudConformityMonitoring stack is CREATE_COMPLETE or UPDATE_COMPLETE when updating.
The stack creation might take a while to complete.

The above stack will create a series of CloudWatch Event Rules to monitor changes within your AWS account, and sends them to Cloud Conformity to ingest and process.
You can see the updates on Cloud Conformity in near real-time on the Real-time monitoring dashboard of your Cloud Conformity account.

Note: You can re-run the same command to update your stack to get the latest updates from Cloud Conformity.

Note: To delete Conformity Threat Monitoring from you account, open a command prompt or shell and run the following command

curl -L https://s3-us-west-2.amazonaws.com/cloudconformity/monitoring/uninstall.sh | bash

Troubleshoot