-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdeploy.config
35 lines (26 loc) · 1.04 KB
/
deploy.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# CFN stack name targeted for deployment
STACK_NAME=my-stack
# S3 Bucket and object prefix to upload Lambda source code to
LAMBDA_BUCKET=my-lambda-bucket
LAMBDA_PREFIX=my-lambda-object-prefix
# S3 Bucket and object prefix where AWS Config stores artifacts
CONFIG_BUCKET=my-config-bucket
CONFIG_PREFIX=my-config-object-prefix
# Deep Security connection properties
# Note: username and password will be store in AWS Secret Manager
DS_HOSTNAME=0.0.0.0
DS_PORT=443
DS_TENANT=
DS_IGNORE_SSL_VALIDATION=true
# Deep Security Config rules use SSM Parameter Store and KMS to
# retrieve credentials securely
# Below are Parameter Store keys for username and password
DS_USERNAME_PARAM_STORE_KEY=my-ds-username-key
DS_PASSWORD_PARAM_STORE_KEY=my-ds-password-key
# Other Deep Security parameters
# Policy to check for DoesInstanceHavePolicy rule
DS_POLICY='my webserver policy'
# Control to check for IsInstanceProtectedBy rule
# Valid values are [ anti_malware, web_reputation, firewall,
# intrusion_prevention, integrity_monitoring, log_inspection ]
DS_CONTROL=firewall