Skip to content
This repository has been archived by the owner on Jul 27, 2023. It is now read-only.
/ deep-security-chef Public archive
forked from deep-security/chef-agent

A cookbook of Chef recipes for the Deep Security agent

License

MIT license
0 stars 22 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

arvatoSystemsNA/deep-security-chef

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
deep-security-agent
deep-security-agent
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Chef

A cookbook of Chef recipes for the Deep Security agent. This allows for the easy deployment of the Deep Security agent as well as taking some common actions from the agent.

OpsWorks

This repository is also setup for use from AWS OpsWorks. You can enable this as a custom cookbook within your stack. This makes is very easy to ensure that the Deep Security agent is running on all of the EC2 instances within your stack.

To enable a custom cookbook:

  1. From within your stack, click the "Stack Settings" button
  2. On the stack setting page, click the blue "Edit" button
  3. Slide the "Use custom Chef cookbooks" toggle to "Yes"
  4. Set the follow:
  5. Click the blue "Save" button
  6. On the "Deployments" page for your stack, click the gray "Run Command" button

If you have existing instances running, do the following;

  1. Select "Update Custom Cookbooks" from the "Command" drop-down
  2. Click the blue, "Update Custom Cookbooks" button to run the command

In the Layers section of the OpsWorks Management Console, for your layer;

  1. Click Recipes
  2. Under "Custom Recipes", in the "Configuration" life cycle enter deep-security-agent::default
  3. Click the General Settings section
  4. In the "Custom JSON" section, enter the necessary recipe settings

The recipe settings will be along the lines of;

{
  "tenant_id": "11111111-2222-3333-4444-555555555555",
  "policy_name": "Policy Name",
  "tenant_password": "11111111-2222-3333-4444-555555555555"
}

The recipes within this repo are now available to you from within your AWS OpsWorks stack.

Multiple custom cookbooks

--This technique is still being tested--

Since AWS OpsWorks only allows one custom cookbook per stack. You have to do a little extra work if you want to incorporate multiple custom cookbooks. Thankfully, git makes this easy.

  1. Create a new repo that you will use as your custom cookbook
  2. Add each cookbook you want to use as a git submodule
  3. Create a symbolic link to the recipe at the top level of the new repo (ln -s clone/recipe recipe)

This will keep each of the customer cookbook in it's own git repo but allow you to point OpsWorks to one place.

Contributing

We're always open to PRs from the community. To submit one:

  1. Fork the repo
  2. Create a new feature branch
  3. Make your changes
  4. Submit a PR with an explanation of what/why/cavaets/etc.

We'll review and work with you to make sure that the fix gets pushed out quickly.

About

A cookbook of Chef recipes for the Deep Security agent

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Ruby 100.0%