The next step is to run the Resource Discovery Tool docker image, which will enumerate the resources in your environment that Red Canary will monitor.
- Open a terminal window.
- Change to a suitable directory where you can save your .csv file.
- Run the following command:
- You will need to paste in your aws access key id
- You will need to paste in your your aws secret access key
- Enter the aws role name. If you left this as the default it is red-canary-resource-discovery-role
docker run --rm -it \
-v ~/.aws:/home/rc/.aws \
-v $(pwd):/workdir \
-e AWS_ACCESS_KEY_ID=YOUR_ACCESS_KEY_ID_HERE \
-e AWS_SECRET_ACCESS_KEY=YOUR_SECRET_ACCESS_KEY_HERE \
-e AWS_ROLE_NAME=red-canary-resource-discovery-role \
-e AWS_REGION=us-east-1 \
If you don't already have the resource discovery tool image installed, it will be downloaded and installed automatically. When you launch the tool, it will iterate through your environment, enumerating your resources.When the resource scan is finished, it will generate a list of your resources and save a.csv file to the directory you're currently working in.
When the resource scan is finished, it will generate a list of your resources and save a.csv file to the directory you're currently working in.
The cloud-resource-discovery csv will help your sales engineer in identifying the resources Red Canary can monitor and defend.
Note: Once this process is completed, continue on with tearing down and cleaning up your StackSet.