add RHEL quickstart; add heartbeat url to Master output

Author: 424D57

DeepSecurity/DeepSecurity.cfproj

@@ -63,6 +63,9 @@
     <Compile Include="Quickstart\TMQuickStartPPU.template">
       <SubType>Code</SubType>
     </Compile>
+    <Compile Include="Quickstart\TMQuickStartRHEL.template">
+      <SubType>Code</SubType>
+    </Compile>
     <Compile Include="RHEL\DSM96RH.template">
       <SubType>Code</SubType>
     </Compile>

DeepSecurity/Quickstart/TMQuickStartRHEL.template

@@ -0,0 +1,358 @@
+{
+    "AWSTemplateFormatVersion" : "2010-09-09",
+    "Description"              : "v3.2 Quick Start that deploys Trend Micro Deep Security into an exisintg VPC with a Multi-AZ Oracle RDS instance  **WARNING** This template uses images from the AWS Marketplace and an active subscription is required - Please see the Quick Start documentation for more details. You will be billed for the AWS resources used if you create a stack from this template.",
+    "Metadata" : {
+		"AWS::CloudFormation::Interface" : {
+			"ParameterGroups" : [
+				{
+					"Label" : { "default" : "Deep Security Manager Configuration" },
+					"Parameters" : [ "DeepSecurityAdminName", "DeepSecurityAdminPass", "AWSKeyPairName", "ProtectedInstances" ]
+				},
+				{
+					"Label" : { "default" : "Network Configuration" },
+					"Parameters" : [ "AWSVPC", "DeepSecuritySubnet", "DatabaseSubnet1", "DatabaseSubnet2" ]
+				}
+
+			],
+			"ParameterLabels" : {
+				"AWSKeyPairName" : { "default" : "EC2 Key Pair for SSH access" },
+				"AWSVPC" : { "default" : "VPC for Deep Security Components" },
+				"DeepSecuritySubnet" : { "default" : "Public Subnet for Deep Security Managers" },
+				"DeepSecurityAdminName" : { "default" : "Administrator username for Deep Security" },
+				"DeepSecurityAdminPass" : { "default" : "Administrator password for Deep Security" },
+				"DatabaseSubnet1" : { "default" : "Primary private subnet for RDS" },
+				"DatabaseSubnet2" : { "default" : "Secondary private subnet for RDS" },
+				"ProtectedInstances" : { "default" : "Number of instances you expect to protect with Deep Security Agents" }
+			}
+		}
+	},
+	"Parameters"               : {
+        "AWSKeyPairName" : {
+            "Description" : "Select an existing key pair to use for connecting to your Deep Security Manager Instance.",
+            "Type"        : "AWS::EC2::KeyPair::KeyName",
+            "MinLength"   : "1",
+            "MaxLength"   : "255",
+            "AllowedPattern" : "[-_a-zA-Z0-9]*",
+            "ConstraintDescription" : "Select an existing EC2 Key Pair."
+        },
+        "AWSVPC"         : {
+            "Description" : "Select an existing VPC to deploy Deep Security Manager.",
+            "Type"        : "AWS::EC2::VPC::Id",
+            "MinLength"   : "1",
+            "MaxLength"   : "255",
+            "AllowedPattern" : "[-_a-zA-Z0-9]*"
+        },
+		"DatabaseSubnet1"           : {
+            "Description" : "Select a private subnet for the RDS database.  Must be a private subnet contained the in VPC chosen above.",
+            "Type"        : "AWS::EC2::Subnet::Id",
+            "ConstraintDescription" : "RDS Subnet Groups must be comprised of 2 subnets in seperate availability zones within the specified VPC for deploying this template"
+        },
+        "DatabaseSubnet2"           : {
+            "Description" : "Select a second private subnet for the RDS database.  Must be a private subnet contained the in VPC chosen above.",
+            "Type"        : "AWS::EC2::Subnet::Id",
+            "ConstraintDescription" : "RDS Subnet Groups must be comprised of 2 subnets in seperate availability zones within the specified VPC for deploying this template"
+        },
+		"DeepSecuritySubnet"   : {
+            "Description" : "Select an existing Subnet for Deep Seucurity Manager. Must be a public subnet contained the in VPC chosen above.",
+            "Type"        : "AWS::EC2::Subnet::Id",
+            "MinLength"   : "1",
+            "MaxLength"   : "255",
+            "AllowedPattern" : "[-_a-zA-Z0-9]*",
+            "ConstraintDescription" : "Subnet ID must exist in the chosen VPC"
+        },
+        "DeepSecurityAdminName"         : {
+            "Default" : "MasterAdmin",
+            "NoEcho"  : false,
+            "Description" : "The Deep Security Manager administrator username for Web Console Access.",
+            "Type"        : "String",
+            "MinLength"   : 1,
+            "MaxLength"   : 16,
+            "AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
+            "ConstraintDescription" : "Must begin with a letter and contain only alphanumeric characters. Min length 1, max length 16"
+        },
+        "DeepSecurityAdminPass"     : {
+            "NoEcho" : true,
+            "Description" : "The Deep Security Manager administrator password. Must be 8-41 characters long and can only contain alphanumeric characters or the following special characters !^*-_+",
+            "Type"        : "String",
+            "MinLength"   : 8,
+            "MaxLength"   : 41,
+            "AllowedPattern" : "[a-zA-Z0-9!^*\\-_+]*",
+            "ConstraintDescription" : "Can only contain alphanumeric characters or the following special characters !^*-_+ Min length 8, max length 41"
+        },
+		"ProtectedInstances"           : {
+            "Description" : "Select how many instances would you like to protect.",
+            "Type"        : "String",
+            "AllowedValues" : [
+                "1-100",
+                "101-500",
+				"501-1000",
+				"1001-2000"
+            ]
+        }
+    },
+    "Mappings"                 : {
+		"DSMSIZE" : {
+	        "us-east-1"      : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "c3.xlarge",
+				"4" : "c3.xlarge"
+            },
+			"us-west-1"      : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "c3.xlarge",
+				"4" : "c3.xlarge"
+            },
+            "us-west-2"      : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "c3.xlarge",
+				"4" : "c3.xlarge"
+            },
+			"eu-west-1"      : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "c3.xlarge",
+				"4" : "c3.xlarge"
+            },
+			"eu-central-1" : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "c3.xlarge",
+				"4" : "c3.xlarge"
+            },
+            "sa-east-1"    : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "c3.xlarge",
+				"4" : "c3.xlarge"
+            },
+            "ap-northeast-1" : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "c3.xlarge",
+				"4" : "c3.xlarge"
+            },
+            "ap-southeast-1" : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "c3.xlarge",
+				"4" : "c3.xlarge"
+            },
+            "ap-southeast-2" : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "c3.xlarge",
+				"4" : "c3.xlarge"
+            },
+			"ap-northeast-2" : {
+                "1" : "m4.large",
+				"2" : "m4.large",
+				"3" : "m4.xlarge",
+				"4" : "m4.xlarge"
+            },
+			"us-gov-west-1" : {
+                "1" : "m3.large",
+				"2" : "m3.large",
+				"3" : "m3.xlarge",
+				"4" : "m3.xlarge"
+            }
+        },
+		"RDSStorageSize" : {
+            "1-100"   : {
+                "Size" : "50"
+            },
+            "101-500"   : {
+                "Size" : "150"
+            },
+            "501-1000"  : {
+                "Size" : "200"
+            },
+			"1001-2000" : {
+				"Size" : "300"
+			}
+        },
+        "RDSInstanceSize" : {
+            "us-east-1"      : {
+                "1" : "db.m4.large",
+				"2" : "db.m4.large",
+				"3" : "db.m4.xlarge",
+				"4" : "db.m4.xlarge"
+            },
+			"us-west-1"      : {
+                "1" : "db.m4.large",
+				"2" : "db.m4.large",
+				"3" : "db.m4.xlarge",
+				"4" : "db.m4.xlarge"
+            },
+            "us-west-2"      : {
+                "1" : "db.m4.large",
+				"2" : "db.m4.large",
+				"3" : "db.m4.xlarge",
+				"4" : "db.m4.xlarge"
+            },
+			"eu-west-1"      : {
+                "1" : "db.m4.large",
+				"2" : "db.m4.large",
+				"3" : "db.m4.xlarge",
+				"4" : "db.m4.xlarge"
+            },
+			"eu-central-1" : {
+                "1" : "db.m4.large",
+				"2" : "db.m4.large",
+				"3" : "db.m4.xlarge",
+				"4" : "db.m4.xlarge"
+            },
+            "sa-east-1"    : {
+                "1" : "db.m3.large",
+				"2" : "db.m3.large",
+				"3" : "db.m3.xlarge",
+				"4" : "db.m3.xlarge"
+            },
+            "ap-northeast-1" : {
+                "1" : "db.m4.large",
+				"2" : "db.m4.large",
+				"3" : "db.m4.xlarge",
+				"4" : "db.m4.xlarge"
+            },
+            "ap-southeast-1" : {
+                "1" : "db.m4.large",
+				"2" : "db.m4.large",
+				"3" : "db.m4.xlarge",
+				"4" : "db.m4.xlarge"
+            },
+            "ap-southeast-2" : {
+                "1" : "db.m3.large",
+				"2" : "db.m3.large",
+				"3" : "db.m3.xlarge",
+				"4" : "db.m3.xlarge"
+            },
+			"ap-northeast-2" : {
+                "1" : "db.m4.large",
+				"2" : "db.m4.large",
+				"3" : "db.m4.xlarge",
+				"4" : "db.m4.xlarge"
+            },
+			"us-gov-west-1" : {
+                "1" : "db.m3.large",
+				"2" : "db.m3.large",
+				"3" : "db.m3.xlarge",
+				"4" : "db.m3.xlarge"
+            }
+        },
+		"DeploymentSize" : {
+			"1-100" : {
+				"Size" : "1"
+			},
+			"101-500" : {
+				"Size" : "2"
+			},
+			"501-1000" : {
+				"Size" : "3"
+			},
+			"1001-2000" : {
+				"Size" : "4"
+			}
+		}
+    },
+    "Resources"                : {
+        "MasterRH96" : {
+            "Type" : "AWS::CloudFormation::Stack",
+            "Properties" : {
+                "TemplateURL" : "https://s3.amazonaws.com/trend-micro-quick-start/v3.4/RHEL/MasterRH96.template",
+                "Parameters"  : {
+                    "AWSIKeyPairName" : {
+                        "Ref" : "AWSKeyPairName"
+                    },
+                    "AWSIVPC"         : {
+                        "Ref" : "AWSVPC"
+                    },
+					"DSISubnetID"         : {
+                        "Ref" : "DeepSecuritySubnet"
+                    },
+					"DBIRDSInstanceSize"         : {
+						"Fn::FindInMap" : [
+							"RDSInstanceSize",
+							{
+								"Ref" : "AWS::Region"
+							},
+							{
+								"Fn::FindInMap" : [
+									"DeploymentSize",
+									{
+										"Ref" : "ProtectedInstances"
+									},
+									"Size"
+								]	
+							}
+						]				
+					},
+					"DBIStorageAllocation"         : {
+						"Fn::FindInMap" : [
+							"RDSStorageSize",
+							{
+								"Ref" : "ProtectedInstances"
+							},
+								"Size"
+						]					
+					},
+					"DBPBackupDays"         : "5",
+					"DBPCreateDbInstance"         : "Yes" ,
+					"DBICAdminName"         : "dsmadmin",
+					"DBICAdminPassword"         : {
+                        "Ref" : "DeepSecurityAdminPass"
+                    },
+					"DBPEngine"         : "Oracle",
+					"DBPEndpoint" : "" ,
+					"DBPName"         :"dsm",
+					"DSCAdminName"         : {
+                        "Ref" : "DeepSecurityAdminName"
+                    },
+					"DSCAdminPassword"         : {
+                        "Ref" : "DeepSecurityAdminPass"
+                    },
+					"DSIMultiNode"         : "2" ,
+					"DSIPLicenseKey" : "XX-XXXX-XXXXX-XXXXX-XXXXX-XXXXX-XXXXX",
+					"DSIPHeartbeatPort" : "4120",
+					"DSIPGUIPort"       : "443",
+					"DSIPInstanceType"         : {
+						"Fn::FindInMap" : [
+							"DSMSIZE",
+							{
+								"Ref" : "AWS::Region"
+							},
+							{
+								"Fn::FindInMap" : [
+									"DeploymentSize",
+									{
+										"Ref" : "ProtectedInstances"
+									},
+									"Size"
+								]	
+							}
+						]		
+					},
+					"DBISubnet1"         : {
+                        "Ref" : "DatabaseSubnet1"
+                    },
+					"DBISubnet2"         : {
+                        "Ref" : "DatabaseSubnet2"
+                    },
+					"DBIInstanceIdentifier" : "deep-security",
+					"DBPMultiAZ": "true"
+                }
+            }
+        }
+    },
+	"Outputs"                  : {
+        "DeepSecurityConsole" : {
+            "Value" : {
+	            "Fn::GetAtt" : [
+					"MasterRH96",
+                    "Outputs.DeepSecurityConsole"
+				]
+            }
+        }
+    }
+}

DeepSecurity/RHEL/MasterRH96.template

@@ -844,6 +844,26 @@
                     ]
                 ]
             }
-        }
+        },
+		"DeepSecurityHeartbeat" : {
+			"Value" : {
+				"Fn::Join" : [
+					"",[
+						"dsm://",
+						{
+							"Fn::GetAtt" : [
+								"DSIELB",
+								"Outputs.ELBFQDN"
+							]
+						},
+						":",
+						{
+							"Ref" : "DSIPHeartbeatPort"
+						},
+						"/"
+					]
+				]
+			}
+		}
     }
 }