Steps for Deploying the Threat Stack Agent via Amazon AMI's

Agent 1.x Series

Do not run the cloudsight setup command as part of your Amazon Machine Image (AMI) build process. The cloudsight setup command registers the Agent with the Threat Stack service. This registration process assigns a custom token to the Agent. If you include the cloudsight setup command as part of your AMI build process, then the same Agent token will be included on every system deployed using that AMI. This means that multiple Agents will report as a single Agent in the Threat Stack Cloud Security PlatformⓇ.

To prevent an AMI from including a registered Agent, follow these steps:

  • As part of your AMI build process, install the Threat Stack Agent using the apt or yum process described in the Deploy the Threat Stack Agent article.

    Warning

    Do not install the Threat Stack Agent using curl as this registers the Agent.

  • Create the AMI.
  • When you deploy the AMI, as part of your node provisioning or as part of the Amazon User Data run the cloudsight setup --deploy-key= command. Replace with your Threat Stack Agent deploy key. When your client boots up it registers and starts the Threat Stack Agent.

Agent 2.x Series

Do not run the tsagent setup command as part of your Amazon Machine Image (AMI) build process. The tsagent setup command registers the Agent with the Threat Stack service. This registration process assigns a custom token to the Agent. If you include the tsagent setup command as part of your AMI build process, then the same Agent token will be included on every system deployed using that AMI. This means that multiple Agents will report as a single Agent in the Threat Stack Cloud Security PlatformⓇ.

To prevent an AMI from including a registered Agent, follow these steps:

  • As part of your AMI build process, install the Threat Stack Agent using the apt or yum process described in the Deploy the Threat Stack Agent article.

    Warning

    Do not install the Threat Stack Agent using curl as this registers the Agent.

  • Create the AMI.
  • When you deploy the AMI, as part of your node provisioning or as part of the Amazon User Data run the tsagent setup --deploy-key= command. Replace with your Threat Stack Agent deploy key. When your client boots up it registers and starts the Threat Stack Agent.
Was this article helpful?
3 out of 3 found this helpful
Have more questions? Submit a request