Hybrid deployment
In a hybrid deployment, the detection engine is managed in the customer's environment, while the UI and Amazon S3 are managed in the Swift environment.
Last updated
In a hybrid deployment, the detection engine is managed in the customer's environment, while the UI and Amazon S3 are managed in the Swift environment.
Last updated
In the detection engine, we deploy a model through Stack Storm.
To deploy our product, you will need to create a user in your AWS account and attach the following policy to this user:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "eks:", "elasticfilesystem:", "s3:", "iam:CreateRole" ], "Resource": "" } ] }
Additionally, create an Access Key and Secret Access Key for this user, as these credentials will be required in the later steps.
AMI Provisioning and StackStorm Setup
We will provide you with an Amazon Machine Image (AMI) that includes StackStorm installed with all necessary prerequisites. Follow these steps to set up:
Launch an EC2 Instance:
Use the provided AMI to spin up an EC2 instance.
Please allow port 80 & 5000 in security group.
Once the instance is running, you can access the StackStorm UI.
Configure Workflow in StackStorm:
In the StackStorm UI, fill in the required details under the workflow section:
■ AWS Access Key
■ AWS Secret Access Key
■ Cluster Name
■ Forensic Bucket Checkbox/Dropdown (Optional)
Workflow Execution
Upon running the workflow, the following tasks will be performed:
Trigger Terraform Script:
VPC: (Details to be provided)
Public Subnet
Internet Gateway (IGW)
EKS Cluster:
■ EC2 Nodes: 3 x r6a.xlarge
■ Horizontal Pod Autoscaler (HPA)
■ Vertical Pod Autoscaler (VPA)
Access Point
Elastic File System (EFS)
Launch Template
Elastic Load Balancer (ELB-4)
S3 Bucket for Forensic: with IAM Roles for Service Accounts (IRSA)
Service Deployment:
Deploy all detection engines and related services.
Python Script Execution:
Retrieve outputs such as:
■ Filesystem ID
■ Access Point ID
■ VPC Endpoint
■ Cluster Name
■ Cluster Role ARN
■ ELB
■ Forensic Bucket Name (if provided)
Golang API Execution:
Database Update: Store the retrieved information in the Swift database.
Swift Account S3 Role ARN : To be pasted in Customer EKS SA.
Automated Updates and Upgrades
Workflow 2 will be auto-triggered for performing updates and upgrades as required.
