Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Restructured repo and brought tf examples #3

Merged
merged 3 commits into from
Nov 6, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/dev.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
role-duration-seconds: 1200
- name: Push Files
run: |
aws s3 cp cloud-native-iac/AWS/*.yaml s3://${{ env.S3_BUCKET }}
aws s3 cp cloudformation/*.yaml s3://${{ env.S3_BUCKET }}
permissions:
id-token: write
contents: read
contents: read
4 changes: 2 additions & 2 deletions .github/workflows/prod.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
role-duration-seconds: 1200
- name: Push Files
run: |
aws s3 cp cloud-native-iac/AWS/*.yaml s3://${{ env.S3_BUCKET }}
aws s3 cp cloudformation/*.yaml s3://${{ env.S3_BUCKET }}
permissions:
id-token: write
contents: read
contents: read
59 changes: 18 additions & 41 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,52 +1,29 @@
# Corelight Cloud
# Corelight Deployment Guide

IaC used to deploy Corelight Sensors into various Cloud Providers.
This repository provides sample configurations for deploying Corelight products
across AWS, Azure, and Google Cloud Platform (GCP). The examples offer both
**Terraform-based** and **native IaC solutions**, allowing users to choose
the approach that best fits their platform requirements and preferences.

## Cloud Enrichment Service
## Directory Structure Overview

Code to deploy Corelight's Cloud Enrichment services.
### `cloudformation/`

### AWS
This directory includes **AWS CloudFormation templates** for deploying Corelight
solutions within AWS environments using native AWS IaC. Each template provides
configurations tailored for Corelight.

* [Terraform][terraform-aws-enrichment]
### `terraform/`

[terraform-aws-enrichment]: https://github.com/corelight/terraform-aws-enrichment/
The `terraform/` directory contains **Terraform modules** structured by cloud
provider. Each subdirectory under `terraform/` is organized by provider and
service, with individual `README.md` files for specific guidance on deploying
Corelight products within that cloud.

### Azure
#### Integrations

* [Terraform][terraform-azure-enrichment]

[terraform-azure-enrichment]: https://github.com/corelight/terraform-azure-enrichment/

### GCP

* [Terraform][terraform-gcp-enrichment]

[terraform-gcp-enrichment]: https://github.com/corelight/terraform-gcp-sensor/

## Cloud Sensor

Code to deploy Corelight's Cloud Sensor.

### AWS

* [CFN][cfn-aws-sensor]
* [Terraform][terraform-aws-sensor]

[cfn-aws-sensor]: https://github.com/corelight/corelight-cloud/tree/main/cloud-native-iac/AWS
[terraform-aws-sensor]: https://github.com/corelight/terraform-aws-sensor/

### Azure

* [Terraform][terraform-azure-sensor]

[terraform-azure-sensor]: https://github.com/corelight/terraform-azure-sensor/

### GCP

* [Terraform][terraform-gcp-sensor]

[terraform-gcp-sensor]: https://github.com/corelight/terraform-gcp-enrichment/
Within `terraform/integrations/`, you’ll find subdirectories for integrating
Corelight products with partner solutions.

## License

Expand Down
20 changes: 7 additions & 13 deletions cloud-native-iac/AWS/README.md → cloudformation/README.md
Original file line number Diff line number Diff line change
@@ -1,22 +1,18 @@
# AWS
# Corelight CloudFormation Templates

AWS specific deployment scripts.
This directory contains AWS CloudFormation templates for deploying Corelight
solutions within AWS environments.

## Cloud Formation
## Templates

A Cloud Formation template for deploying Corelight Sensors.
- **`autoscaling-sensor.yaml`**: Sets up an Auto Scaling group for Corelight Sensors,
enabling automatic scaling based on demand.

## Dependencies

* Install [AWS Command Line Interface][awscli]

### Deployment Instructions
## Usage

Execute the following commands making sure to provide the appropriate
parameters for your environment.

#### Sensor

Create a new stack:

```bash
Expand Down Expand Up @@ -52,5 +48,3 @@ aws cloudformation update-stack --region <AWS_REGION> \
ParameterKey=KeyPairName,ParameterValue=<SENSOR_KEY_PAIR_NAME> \
--template-body file://cfn.yaml
```

[awscli]: https://aws.amazon.com/cli/
File renamed without changes.
26 changes: 26 additions & 0 deletions terraform/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# Terraform

This directory contains **Terraform** modules used to deploy Corelight solutions
across multiple cloud providers.

#### Subdirectories

- **`aws-autoscaling-sensor/`**: Contains Terraform files for deploying an
autoscaling sensor within AWS, including `main.tf` and `versions.tf` files for configuration.
- **`aws-cloud-enrichment/`**: A Terraform module for setting up cloud enrichment
services on AWS.
- **`azure-cloud-enrichment/`**: Module to configure cloud enrichment capabilities
on Azure.
- **`azure-scaleset-sensor/`**: Azure Terraform configuration to deploy Corelight
sensors on a Virtual Machine Scale Set.
- **`gcp-mig-sensor/`**: A Terraform module for deploying a sensor with GCP’s
Managed Instance Groups (MIG).
- **`gcp-cloud-enrichment/`**: GCP-specific Terraform module for configuring cloud
enrichment services.
- **`integrations/`**: Subdirectories for integrating Corelight products with
partner solutions.

## How to Use

Navigate into the appropriate directory and follow the instructions provided in
the `README.md` for each module.
11 changes: 11 additions & 0 deletions terraform/aws-autoscaling-sensor/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# Corelight Sensor Deployment - AWS

This directory provides Terraform code for deploying Corelight's Cloud Sensor
on **AWS**.

## Overview

This deployment uses the [terraform-aws-sensor][] module, which simplifies the
setup of Corelight Sensors by automating the provisioning of AWS resources.

[terraform-aws-sensor]: https://github.com/corelight/terraform-aws-sensor/
59 changes: 59 additions & 0 deletions terraform/aws-autoscaling-sensor/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
locals {
vpc_id = "<vpc where resources are deployed>"
monitoring_subnet = "<monitoring subnet id>"
management_subnet = "<management subnet id>"
sensor_ssh_key_pair_name = "<name of the ssh key in AWS used to access the sensor EC2 instances>"
sensor_ami_id = "<sensor ami id from Corelight>"
license = "<your corelight sensor license key>"
tags = {
terraform : true,
purpose : "Corelight"
}
fleet_token = "b1cd099ff22ed8a41abc63929d1db126"
fleet_url = "https://fleet.example.com:1443/fleet/v1/internal/softsensor/websocket"
}

data "aws_subnet" "management" {
id = local.management_subnet
}

module "asg_lambda_role" {
source = "github.com/corelight/terraform-aws-sensor//modules/iam/lambda"

lambda_cloudwatch_log_group_arn = module.sensor.cloudwatch_log_group_arn
security_group_arn = module.sensor.management_security_group_arn
sensor_autoscaling_group_name = module.sensor.autoscaling_group_name
subnet_arn = data.aws_subnet.management.arn

tags = local.tags
}

module "sensor" {
source = "github.com/corelight/terraform-aws-sensor"

auto_scaling_availability_zones = ["us-east-1a"]
aws_key_pair_name = local.sensor_ssh_key_pair_name
corelight_sensor_ami_id = local.sensor_ami_id
license_key = local.license
management_subnet_id = local.management_subnet
monitoring_subnet_id = local.monitoring_subnet
community_string = "<password for the sensor api>"
vpc_id = local.vpc_id
asg_lambda_iam_role_arn = module.asg_lambda_role.role_arn
fleet_token = local.fleet_token
fleet_url = local.fleet_url

tags = local.tags
}

module "bastion" {
source = "github.com/corelight/terraform-aws-sensor//modules/bastion"

bastion_key_pair_name = "<AWS ssh key pair name for the bastion host>"
subnet_id = data.aws_subnet.management.id
management_security_group_id = module.sensor.management_security_group_id
vpc_id = local.vpc_id
public_ssh_allow_cidr_blocks = ["0.0.0.0/0"]

tags = local.tags
}
10 changes: 10 additions & 0 deletions terraform/aws-autoscaling-sensor/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
terraform {
required_version = ">=1.3.2"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 5"
}
}
}
11 changes: 11 additions & 0 deletions terraform/aws-cloud-enrichment/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# Corelight Cloud Enrichment Service Deployment - AWS

This directory provides Terraform code for deploying Corelight's Cloud Enrichment
on **AWS**.

## Overview

This deployment uses the [terraform-aws-enrichment][] module, which simplifies the
setup of Corelight Cloud Enrichment by automating the provisioning of AWS resources.

[terraform-aws-enrichment]: https://github.com/corelight/terraform-aws-enrichment/
Loading