Skip to content
This repository was archived by the owner on Oct 15, 2025. It is now read-only.

Commit b153f14

Browse files
424D57424D57
committed
final gc migration fixes
1 parent 507c6c5 commit b153f14

9 files changed

Lines changed: 459 additions & 32 deletions

File tree

DeepSecurity/Common/DB/DSDBAbstract.template

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -122,7 +122,7 @@
122122
"Type" : "AWS::CloudFormation::Stack",
123123
"Condition" : "DBTypeIsOracle",
124124
"Properties" : {
125-
"TemplateURL" : "https://s3.amazonaws.com/trend-micro-quick-start/v3.2/Common/DB/DSDBOracleRDS.template",
125+
"TemplateURL" : "https://s3-us-gov-west-1.amazonaws.com/trend-micro-quick-start/v3.2/Common/DB/DSDBOracleRDS.template",
126126
"TimeoutInMinutes" : "10",
127127
"Parameters" : {
128128
"DBIRDSInstanceSize" : {
@@ -156,7 +156,7 @@
156156
"Type" : "AWS::CloudFormation::Stack",
157157
"Condition" : "DBTypeIsSQL",
158158
"Properties" : {
159-
"TemplateURL" : "https://s3.amazonaws.com/trend-micro-quick-start/v3.2/Common/DB/DSDBSQLRDS.template",
159+
"TemplateURL" : "https://s3-us-gov-west-1.amazonaws.com/trend-micro-quick-start/v3.2/Common/DB/DSDBSQLRDS.template",
160160
"TimeoutInMinutes" : "10",
161161
"Parameters" : {
162162
"DBIRDSInstanceSize" : {

DeepSecurity/Common/DSM96ELB.template

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@
4747
"ELBSG" : {
4848
"Type" : "AWS::CloudFormation::Stack",
4949
"Properties" : {
50-
"TemplateURL" : "https://s3.amazonaws.com/trend-micro-quick-start/v3.2/Common/SecurityGroups/DSELBSG.template",
50+
"TemplateURL" : "https://s3-us-gov-west-1.amazonaws.com/trend-micro-quick-start/v3.2/Common/SecurityGroups/DSELBSG.template",
5151
"Parameters" : {
5252
"AWSIVPC" : {
5353
"Ref" : "AWSIVPC"

DeepSecurity/Common/Scripts/create-console-listener

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
if [ $5 -eq 1 ]; then
55
openssl req -nodes -new -sha256 -newkey rsa:2048 -subj '/CN='DeepSecurityManager'/O=Trend Micro/OU=Deep Security Manager' -keyout /etc/cfn/privatekey -out /etc/cfn/csr;
66
openssl x509 -req -days 3650 -in /etc/cfn/csr -signkey /etc/cfn/privatekey -out /etc/cfn/certificatebody;
7-
aws iam upload-server-certificate --server-certificate-name DeepSecurityElbCertificate-$4 --certificate-body file:///etc/cfn/certificatebody --private-key file:///etc/cfn/privatekey
7+
aws iam upload-server-certificate --server-certificate-name DeepSecurityElbCertificate-$4 --certificate-body file:///etc/cfn/certificatebody --private-key file:///etc/cfn/privatekey --region $6
88
fi
99

1010
loop=1
@@ -15,7 +15,7 @@ do
1515
if [ $loop -eq 1 ]; then echo 'checking for cert availability in iam'; else echo 'cert not yet available in iam'; fi
1616
loop=$((loop+1))
1717
sleep 10
18-
certid=$(aws iam get-server-certificate --server-certificate-name DeepSecurityElbCertificate-$4 --query ServerCertificate.ServerCertificateMetadata.Arn --output text)
18+
certid=$(aws iam get-server-certificate --server-certificate-name DeepSecurityElbCertificate-$4 --query ServerCertificate.ServerCertificateMetadata.Arn --region $6 --output text)
1919
done
2020

2121
loadbalancer=" "

DeepSecurity/Common/Scripts/createCloudAccountGc

Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
#!/bin/bash
2+
# createcloudaccount dsmuser dsmpass connectorName guiPort accesskey secretkey
3+
username=$1
4+
password=$2
5+
accesskey=$5
6+
secretkey=$6
7+
8+
# replace this with your DSM IP or FQDN
9+
DSMURL="localhost:$4"
10+
11+
# Remove regions you don't want from this list
12+
#REGIONS=(useast1 uswest1 uswest2 euwest1 apsoutheast1 apsoutheast2 apnortheast1 saeast1 eucentral1 apnortheast2)
13+
14+
# map aws regions to dsm region keys
15+
#useast1=amazon.cloud.region.key.1
16+
#uswest2=amazon.cloud.region.key.2
17+
#uswest1=amazon.cloud.region.key.3
18+
#euwest1=amazon.cloud.region.key.4
19+
#apsoutheast1=amazon.cloud.region.key.5
20+
#apnortheast1=amazon.cloud.region.key.6
21+
#saeast1=amazon.cloud.region.key.7
22+
#apsoutheast2=amazon.cloud.region.key.8
23+
#eucentral1=amazon.cloud.region.key.9
24+
#apnortheast2=amazon.cloud.region.key.12
25+
26+
# map aws regions to ec2 endpoints
27+
#useast1ep=ec2.us-east-1.amazonaws.com
28+
#uswest2ep=ec2.us-west-2.amazonaws.com
29+
#uswest1ep=ec2.us-west-1.amazonaws.com
30+
#euwest1ep=ec2.eu-west-1.amazonaws.com
31+
#apsoutheast1ep=ec2.ap-southeast-1.amazonaws.com
32+
#apnortheast1ep=ec2.ap-northeast-1.amazonaws.com
33+
#saeast1ep=ec2.sa-east-1.amazonaws.com
34+
#apsoutheast2ep=ec2.ap-southeast-2.amazonaws.com
35+
#eucentral1ep=ec2.eu-central-1.amazonaws.com
36+
#apnortheast2ep=ec2.ap-northeast-2.amazonaws.com
37+
38+
39+
echo "#####Login to DSM"
40+
tempDSSID=$(curl -k -H "Content-Type: application/json" -X POST "https://$DSMURL/rest/authentication/login/primary" -d "{"dsCredentials":{"userName":"$username","password":"$password"}}")
41+
42+
echo "#####Looping through regions to create connectors"
43+
#for region in "${REGIONS[@]}"
44+
#do
45+
# endpoint="${region}ep"
46+
# echo "##### creating connector for $region region with endpoint ${!endpoint}"
47+
# curl -ks -H "Content-Type: application/json" "Accept: application/json" -X POST "https://$DSMURL/rest/cloudaccounts" -d '{"createCloudAccountRequest":{"cloudAccountElement":{"accessKey":"'${accesskey}'","cloudRegion":"'${!region}'","cloudType":"AMAZON","name":"'$3'","secretKey":"'${secretkey}'","endpoint":"'${!endpoint}'","azureCertificate":"-"},"sessionId":"'$tempDSSID'"}}'
48+
#done
49+
50+
curl -ks -H "Content-Type: application/json" "Accept: application/json" -X POST "https://$DSMURL/rest/cloudaccounts" -d '{"createCloudAccountRequest":{"cloudAccountElement":{"accessKey":"'${accesskey}'","cloudRegion":"'amazon.cloud.region.key.10'","cloudType":"AMAZON","name":"'$3'","secretKey":"'${secretkey}'","endpoint":"'ec2.us-gov-west-1.amazonaws.com'","azureCertificate":"-"},"sessionId":"'$tempDSSID'"}}'
51+
52+
curl -k -X DELETE https://$DSMURL/rest/authentication/logout?sID=$tempDSSID
53+
54+
unset accesskey
55+
unset secretkey
56+
unset tempDSSID
57+
unset username
58+
unset password
59+
60+
61+

DeepSecurity/Common/Scripts/set-aiaSettings

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -24,11 +24,6 @@ curl -k -v -H "Content-Type: text/xml;charset=UTF-8" -H 'SOAPAction: "systemSett
2424
'<urn:settingUnit>NONE</urn:settingUnit>'\
2525
'<urn:settingValue>2</urn:settingValue>'\
2626
'</urn:editableSettings>'\
27-
'<urn:editableSettings>'\
28-
'<urn:settingKey>CONFIGURATION_AGENTCOMMUNICATIONS</urn:settingKey>'\
29-
'<urn:settingUnit>NONE</urn:settingUnit>'\
30-
'<urn:settingValue>1</urn:settingValue>'\
31-
'</urn:editableSettings>'\
3227
'<urn:sID>'${SID}'</urn:sID>'\
3328
'</urn:systemSettingSet>'\
3429
'</soapenv:Body>'\

DeepSecurity/DeepSecurity.cfproj

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,9 @@
6363
<Compile Include="Quickstart\TMQuickStartPPU.template">
6464
<SubType>Code</SubType>
6565
</Compile>
66+
<Compile Include="Quickstart\TMQuickStartRHEL-gc.template">
67+
<SubType>Code</SubType>
68+
</Compile>
6669
<Compile Include="RHEL\DSM96RH.template">
6770
<SubType>Code</SubType>
6871
</Compile>
@@ -89,6 +92,9 @@
8992
<Content Include="Common\Scripts\createCloudAccount">
9093
<SubType>Content</SubType>
9194
</Content>
95+
<Content Include="Common\Scripts\createCloudAccountGc">
96+
<SubType>Content</SubType>
97+
</Content>
9298
<Content Include="Common\Scripts\dsm_s.service">
9399
<SubType>Content</SubType>
94100
</Content>

0 commit comments

Comments
 (0)