Skip to content

cloudsecurelab/eksblueprints-sysdig-test

BranchesTags
 
 

Repository files navigation

Sysdig Addon for EKS Blueprints

This project is currently in BETA stage

Introduction

Sysdig is a security and monitoring platform that helps organizations to confidently drive cloud and containers by providing insight from source to run. Sysdig is built on open standards like Falco, OPA and Prometheus.

This project contains the Sysdig Terraform add-on for AWS EKS Blueprints as well as a set of prebuilt blueprint(s) ready to start creating clusters fast and easy.

EKS add-ons and blueprints

With this Sysdig Addon for EKS Blueprints you can provision EKS clusters tailored to your needs and secured from day-zero as they are deployed together with the Sysdig agents. This add-on and the blueprints extends the framework AWS EKS Blueprints.

  • Getting Started The Getting Started Blueprint provisions a basic cluster with the most common Sysdig instrumentation for both Secure and Monitor use cases.

  • Security Laboratory The Security Lab Blueprint creates a cluster with an example application to generate suspicious runtime events and vulnerabilities to be detected out of the box by the Sysdig probe that is also installed with this automation.

  • Monitor and Alerting The Monitor and alerting set up a cluster monitored by the sysdig agents and defines Notification Channels and Alerts as code.

Requirements

  • Terraform >= 1.0.0 (Recommended > 1.3.0)
  • AWS Command Line and credentials
  • A Sysdig account. You can register your Sysdig Free Trial and start experimenting on how to secure an EKS cluster now.

Training

Terraform Documentation

Inputs

Name Description Type Default Required
addon_context Input configuration for the addon 
object({
    aws_caller_identity_account_id = string
    aws_caller_identity_arn        = string
    aws_eks_cluster_endpoint       = string
    aws_partition_id               = string
    aws_region_name                = string
    eks_cluster_id                 = string
    eks_oidc_issuer_url            = string
    eks_oidc_provider_arn          = string
    tags                           = map(string)
  })
 n/a yes
cluster_name Cluster Name string "testcluster" no
helm_config Helm Configuration for Sysdig Agent any {} no
manage_via_gitops Determines if the add-on should be managed via GitOps bool false no

Outputs

Name Description
argocd_gitops_config Configuration used for managing the add-on with ArgoCD

About

Testing Sysdig Terraform AWS EKS Blueprint and addon

Resources

Readme

License

UPL-1.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • HCL 96.2%
  • Makefile 3.8%