Skip to content

sysdiglabs/terraform-eksblueprints-sysdig-addon

BranchesTags

Repository files navigation

Sysdig Addon for EKS Blueprints

This project is currently in BETA stage

Introduction

Sysdig is a security and monitoring platform that helps organizations to confidently drive cloud and containers by providing insight from source to run. Sysdig is built on open standards like Falco, OPA and Prometheus.

This project contains the Sysdig Terraform add-on for AWS EKS Blueprints as well as a set of prebuilt blueprint(s) ready to start creating clusters fast and easy.

EKS add-ons and blueprints

With this Sysdig Addon for EKS Blueprints you can provision EKS clusters tailored to your needs and secured from day-zero as they are deployed together with the Sysdig agents. This add-on and the blueprints extends the framework AWS EKS Blueprints.

  • Getting Started The Getting Started Blueprint provisions a basic cluster with the most common Sysdig instrumentation for both Secure and Monitor use cases.

  • Security Laboratory The Security Lab Blueprint creates a cluster with an example application to generate suspicious runtime events and vulnerabilities to be detected out of the box by the Sysdig probe that is also installed with this automation.

  • Monitor and Alerting The Monitor and alerting set up a cluster monitored by the sysdig agents and defines Notification Channels and Alerts as code.

Requirements

  • Terraform >= 1.0.0 (Recommended > 1.3.0)
  • AWS Command Line and credentials
  • A Sysdig account. You can register your Sysdig Free Trial and start experimenting on how to secure an EKS cluster now.

Training

Terraform Documentation

Requirements

Name Version
terraform >= 1.0
helm >= 2.10

Providers

Name Version
helm >= 2.10

Modules

No modules.

Resources

Name Type
helm_release.this resource

Inputs

Name Description Type Default Required
chart_version The version of the Sysdig Helm Chart to deploy string "1.17.0" no
create_namespace Whether to create the namespace to deploy the Sysdig Helm Chart into bool true no
description The description of the Sysdig Helm Chart to deploy string "Sysdig agent Helm chart" no
namespace The namespace to deploy the Sysdig Helm Chart into string "sysdig" no
set Value block with custom values to be merged with the values yaml any [] no
set_sensitive Value block with custom sensitive values to be merged with the values yaml that won't be exposed in the plan's diff any [] no
values The values to pass to the Sysdig Helm Chart list(string) 
[
  "global:\n  kspm:\n    deploy: true\nebpf:\n    enabled: false\nnodeAnalyzer:\n  nodeAnalyzer:\n    benchmarkRunner:\n      deploy: false\n    runtimeScanner:\n      settings:\n        eveEnabled: true\n  secure:\n    vulnerabilityManagement:\n      newEngineOnly: true\n"
]
 no

Outputs

No outputs.

About

Sysdig Terraform AWS EKS Blueprint and addon

Resources

Readme

License

UPL-1.0 license
Activity
Custom properties

Stars

6 stars

Watchers

9 watching

Forks

3 forks
Report repository

Releases 9

0.0.9 Latest
Aug 2, 2023
+ 8 releases

Packages

No packages published

Contributors 6

Languages