Skip to content
This repository has been archived by the owner on Mar 27, 2022. It is now read-only.

Latest commit

 

History

History
61 lines (43 loc) · 1.15 KB

README.md

File metadata and controls

61 lines (43 loc) · 1.15 KB
Raw

fleet-cdk

(WIP)

Install Kolide Fleet in an AWS account using the CDK.

Installation

$ npm install --save fleet-cdk

Usage

import createFleet from 'fleet-cdk';

const app = new App();

createFleet(app, {
  env: {
    account: '123456789012',
    region: 'ca-central-1'
  }
});

Dependencies

These can be either passed as a dependency or provisioned by this library.

  1. ACM TLS Certificate
  2. Route53 CName Record
  3. JWT Secret
  4. EC2 VPC Subnets
  5. ECS Fargate Cluster

Components

  1. IAM Roles & Policies
  2. RDS MySQL Instance
  3. ELB Network Load Balancer
  4. ECS Service
  5. Elasticache Redis

Ideas

  • File integrity monitoring (FIM)
  • IOC (indicator of compromise) intrusion detection
    • (IPs, domains, ports, file names/paths/hashes, …)
  • State-based intrusion detection
    • (shell history, /etc/hosts, NFS shares, firewall settings, …)
  • Flexible remote logging
  • Syslog collection

Reference