You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: use-cases/_questionnaire.md
+12-8Lines changed: 12 additions & 8 deletions
Original file line number
Diff line number
Diff line change
@@ -17,21 +17,25 @@ modules, and we also offer [AWS Cloudformation templates](https://github.com/sys
17
17
18
18
## Client Infrastructure
19
19
20
+
### aws-specific
21
+
- do you have **existing aws cloudtrail**?
22
+
- is it an organizational cloudtrail in the organization management account?
23
+
- does this organizational cloudtrail report to an SNS? if yes, is it in the same management account? if no, could you enable it? ingestor-type: `aws-cloudtrail-sns-sqs`
24
+
- is the S3 bucket of that cloudtrail in the management account or a sepparated member account?
25
+
- if it's not organizational, does each trail report to the same s3 bucket?
26
+
- if so, does that S3 bucket already have any "Event Notification System"? Is it an SNS we could subscribe to? ingestor-type: `aws-cloudtrail-s3-sns-sqs`
27
+
- if so, does that S3 bucket already have an "Amazon EventBridge" system activated? ingestor-type: `aws-cloudtrail-s3-sns-sqs-eventbridge`
28
+
- whether it's organizational or not, could you give us a quick picture of the infra setup in terms of what resource is in what account? the resources of interest are the ones you may want to reuse, such as the cloudtrail, cloudtrail-sns, cloudtrail-s3, existing clusters where to deploy the workload, ...
29
+
30
+
31
+
### general
20
32
- does your company work under an **organization** (AWS/GCP) or tenant (Azure)?
21
33
- if so, how many member accounts (aws) /projects (gcp) /subscriptions (azure) does it have?
22
34
- regarding of the number, how many accounts would be required to enroll in the secure for cloud setup?
23
35
- do you have dynamic accounts/projects/subscriptions? what's their lifecycle?
24
36
- does it have any landing such as aws control-tower? what's event management there (if any)?
25
37
- sysdig secure for cloud is presented in different **compute workload** flavors; ecs on aws, cloudrun on gcp or azure container instances on azure, plus a K8s deployment an all three clouds, plus apprunner on aws (less resource-demaing than ecs, but region limited)
26
38
- in case of ECS or K8S, do you have an existing cluster you would like to re-use?
27
-
- (aws-only) do you have **existing aws cloudtrail**?
28
-
- is it an organizational cloudtrail?
29
-
- does the cloudtrail report to an SNS? if no, could you enable it? ingestor-type: `aws-cloudtrail-sns-sqs`
30
-
- is the S3 bucket of that cloudtrail in the management account or a sepparated member account?
31
-
- if it's not organizational, does each trail report to the same s3 bucket?
32
-
- if so, does that S3 bucket already have any "Event Notification System"? Is it an SNS we could subscribe to? ingestor-type: `aws-cloudtrail-s3-sns-sqs`
33
-
- if so, does that S3 bucket already have an "Amazon EventBridge" system activated? ingestor-type: `aws-cloudtrail-s3-sns-sqs-eventbridge`
34
-
- whether it's organizational or not, could you give us a quick picture of the infra setup?
35
39
- how many **regions** do you work with?
36
40
- if more than one, could you briefly explain the region usage/setup?
37
41
- secure for cloud requires both s3 and cloudtrail-sns to be deployed in the same region. would that apply to the use-case?
0 commit comments