Closed s01ipsist closed 5 years ago
@s01ipsist We're running it in the UserData of our launch configs. We're actually executing Ansible, but if you're not able to, this page tells you what you need to run: https://threatstack.zendesk.com/hc/en-us/articles/204289149-Steps-for-Deploying-the-Threat-Stack-Agent-via-Amazon-AMI-s
During baking, we:
In UserData, do something like:
sudo cloudsight setup --config=<config file from baking step 2> --agent_type=<agent type>
sudo service cloudsight restart
We use ansible with packer to bake AMIs for use in Auto Scaling Groups.
The
threatstack_configure_agent: false
option sounds appropriate for our use case as this instance is not live when ansible is run.Can you please elaborate on what would be the expected process to configure the agent at a later stage? We're not able to run Ansible against the instance once it goes live, although we could set config vars as part of the CloudInit process.