Skip to content

Commit 003345d

Browse files
mjabascal10yllada
mjabascal10
and
yllada
authored
Release/v11.1.7 (#1555)
* feat(updater): implement UTMStack Updater service * feat(agent): enhance updater service integration and management * feat(pipeline): update build process for Linux and Windows binaries of the updater service * refactor(agent): remove obsolete CleanOldServices function * refactor(agent): remove self * feat(aws): optimize AWS log collection * feat(guide): enhance AWS IAM user setup instructions and improve clarity Signed-off-by: Manuel Abascal <mjabascal10@gmail.com> * Revert "refactor(agent): remove self" This reverts commit 865588b. * Revert "refactor(agent): remove obsolete CleanOldServices function" This reverts commit eea8f42. * Revert "feat(pipeline): update build process for Linux and Windows binaries of the updater service" This reverts commit 0a35cd4. * Revert "feat(agent): enhance updater service integration and management" This reverts commit dcda957. * Revert "feat(updater): implement UTMStack Updater service" This reverts commit c2a6b80. * chore: update CHANGELOG for UTMStack v11.1.7 release * feat(guide): enhance AWS IAM user setup instructions and improve clarity Signed-off-by: Manuel Abascal <mjabascal10@gmail.com> * feat(guide): enhance AWS IAM user setup instructions and improve clarity Signed-off-by: Manuel Abascal <mjabascal10@gmail.com> --------- Signed-off-by: Manuel Abascal <mjabascal10@gmail.com> Co-authored-by: Yadian Llada Lopez <yadian.llada@gmail.com>
1 parent d06848a commit 003345d

File tree

30 files changed

+208
-147
lines changed

30 files changed

+208
-147
lines changed

CHANGELOG.md

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,7 @@
1-
# UTMStack 11.1.6 – Release Notes
1+
# UTMStack 11.1.7 – Release Notes
22

3-
The **UTMStack v11.1.6** update delivers important fixes and usability improvements to enhance stability and user experience.
3+
The **UTMStack v11.1.7** update delivers important fixes and usability improvements to enhance stability and user experience.
44

55
## Improvements & Fixes
6-
- Enhanced Threat and Windows activity dashboards with new filters and aggregations for better data analysis.
7-
- Improved email notifications for alerts, providing clearer information and enhanced formatting for better user experience.
6+
- Improved AWS integration: updated setup guides and more reliable log processing.
87

frontend/src/app/app-module/guides/guide-aws-iam-user/guide-aws-iam-user.component.html

Lines changed: 140 additions & 57 deletions
Original file line numberDiff line numberDiff line change
@@ -9,138 +9,221 @@ <h4 class="card-title mb-0 text-primary">
99
<li>
1010
<p class="step-guide">
1111
<span class="step_number">1</span>
12-
Go to IAM configuration panel and click on "Users".
12+
Open the AWS console, navigate to the IAM dashboard and select <strong>Users</strong>.
1313
</p>
14-
<img alt="IAM configuration" class="step-img"
15-
src="../../../../assets/img/guides/aws/beantalk/iam_config.png">
14+
<img alt="IAM dashboard - Users" class="step-img"
15+
src="../../../../assets/img/guides/aws/iam/1.png">
1616
</li>
17+
1718
<li>
1819
<p class="step-guide">
1920
<span class="step_number">2</span>
20-
Add a new user filling the name and marking the access type "Programmatic access". Then click on Next.
21+
Click <strong>Add user</strong>, enter a descriptive user name, and proceed to the next step.
2122
</p>
22-
<img alt="Programmatic access" class="step-img"
23-
src="../../../../assets/img/guides/aws/beantalk/programmatic_access.png">
23+
<img alt="Add new IAM user" class="step-img"
24+
src="../../../../assets/img/guides/aws/iam/2.png">
2425
</li>
26+
2527
<li>
2628
<p class="step-guide">
2729
<span class="step_number">3</span>
28-
Click on Attach existing policies directly. Find CloudWatchReadOnlyAccess and mark it. Then click on next.
30+
Under <strong>Permissions</strong>, attach the required policy. For read-only CloudWatch access select <strong>CloudWatchLogsReadOnlyAccess</strong>.
2931
</p>
30-
<img alt="CloudWatchReadOnlyAccess" class="step-img"
31-
src="../../../../assets/img/guides/aws/beantalk/policies_directly.png">
32+
<img alt="Attach CloudWatchLogsReadOnlyAccess policy" class="step-img"
33+
src="../../../../assets/img/guides/aws/iam/4.png">
3234
</li>
35+
3336
<li>
3437
<p class="step-guide">
3538
<span class="step_number">4</span>
36-
In the tags page click on next.
39+
Review the configuration and click <strong>Create user</strong> to provision the account.
3740
</p>
38-
<img alt="Tags" class="step-img"
39-
src="../../../../assets/img/guides/aws/beantalk/tags.png">
41+
<img alt="Create IAM user confirmation" class="step-img"
42+
src="../../../../assets/img/guides/aws/iam/5.png">
4043
</li>
44+
4145
<li>
4246
<p class="step-guide">
4347
<span class="step_number">5</span>
44-
Create user and then download the csv file with the access and secret keys.
48+
Open the newly created user by clicking its name to view details and manage credentials.
4549
</p>
46-
<img alt="Tags" class="step-img"
47-
src="../../../../assets/img/guides/aws/beantalk/user_secret.png">
50+
<img alt="Select created IAM user" class="step-img"
51+
src="../../../../assets/img/guides/aws/iam/6.png">
4852
</li>
53+
4954
<li>
5055
<p class="step-guide">
5156
<span class="step_number">6</span>
52-
Fill the following inputs with the info obtained in previous steps.
57+
Go to the <strong>Security credentials</strong> tab to create programmatic access keys.
5358
</p>
54-
<div class="row mt-3">
55-
<div class="col-lg-12 col-md-12 col-sm-12">
56-
<app-int-generic-group-config [moduleId]="integrationId"
57-
(configValidChange)="configValidChange($event)"
58-
[serverId]="serverId"></app-int-generic-group-config>
59-
</div>
60-
</div>
59+
<img alt="Security credentials tab" class="step-img"
60+
src="../../../../assets/img/guides/aws/iam/8.png">
6161
</li>
62-
</ol>
63-
<div class="card-header pl-0 d-flex justify-content-between align-items-center">
64-
<h4 class="card-title mb-0 text-primary">
65-
Configuring AWS Cloudwatch
66-
</h4>
67-
</div>
68-
<ol class="setup_list">
62+
6963
<li>
7064
<p class="step-guide">
7165
<span class="step_number">7</span>
72-
In the CloudTrail panel, select “Create trail”.
66+
Click <strong>Create access key</strong> and choose the option for an application running outside AWS (programmatic access).
7367
</p>
74-
<img alt="Welcome page" class="step-img"
75-
src="../../../../assets/img/guides/aws/cloudtrail/welcome-page.png">
68+
<img alt="Create access key option" class="step-img"
69+
src="../../../../assets/img/guides/aws/iam/9.png">
7670
</li>
71+
7772
<li>
7873
<p class="step-guide">
7974
<span class="step_number">8</span>
80-
Fill in the "Trail name" field.
75+
Confirm creation of the access key. AWS will generate an Access Key ID and Secret Access Key.
8176
</p>
82-
<img alt="Trial name" class="step-img"
83-
src="../../../../assets/img/guides/aws/cloudtrail/trail-name.png">
77+
<img alt="Access key creation confirmation" class="step-img"
78+
src="../../../../assets/img/guides/aws/iam/10.png">
8479
</li>
80+
8581
<li>
8682
<p class="step-guide">
8783
<span class="step_number">9</span>
88-
Mark "Select all S3 buckets in your account".
84+
Download the credentials or copy the Access Key ID and Secret Access Key to a secure location. Treat the secret as sensitive.
8985
</p>
90-
<img alt="Buckets" class="step-img"
91-
src="../../../../assets/img/guides/aws/cloudtrail/s3-buckets.png">
86+
<img alt="Download access key" class="step-img"
87+
src="../../../../assets/img/guides/aws/iam/11.png">
9288
</li>
89+
9390
<li>
9491
<p class="step-guide">
9592
<span class="step_number">10</span>
96-
Fill in the "S3 bucket" field. The name of the bucket must be unique in S3. Then click on “Create”.
93+
Enter the obtained credentials into the integration form below and validate the configuration.
9794
</p>
98-
<img alt="Bucket name" class="step-img"
99-
src="../../../../assets/img/guides/aws/cloudtrail/bucket-name.png">
95+
<div class="row mt-3">
96+
<div class="col-lg-12 col-md-12 col-sm-12">
97+
<app-int-generic-group-config [moduleId]="integrationId"
98+
(configValidChange)="configValidChange($event)"
99+
[serverId]="serverId"></app-int-generic-group-config>
100+
</div>
101+
</div>
100102
</li>
103+
</ol>
104+
105+
<div class="card-header pl-0 d-flex justify-content-between align-items-center">
106+
<h4 class="card-title mb-0 text-primary">
107+
Configuring AWS CloudWatch
108+
</h4>
109+
</div>
110+
111+
<ol class="setup_list">
101112
<li>
102113
<p class="step-guide">
103114
<span class="step_number">11</span>
104-
Click on the name of the trail to edit.
115+
<strong>Create a CloudWatch Log Group.</strong> Open the CloudWatch console, choose <strong>Log management</strong> and click <strong>Create log group</strong>.
105116
</p>
106-
<img alt="Edit trial" class="step-img"
107-
src="../../../../assets/img/guides/aws/cloudtrail/edit-trail.png">
117+
<img alt="CloudWatch Log management - Create log group" class="step-img"
118+
src="../../../../assets/img/guides/aws/cloudwatch/1.png">
108119
</li>
120+
109121
<li>
110122
<p class="step-guide">
111123
<span class="step_number">12</span>
112-
Configure CloudWatch Logs.
124+
<strong>Name and retention.</strong> Enter the log group name <code>utmstack</code> and set retention to <strong>1 day</strong>. Click <strong>Create log group</strong>.
113125
</p>
114-
<img alt="Cloud Watch config" class="step-img"
115-
src="../../../../assets/img/guides/aws/cloudtrail/cloud-watch-config.png">
126+
<img alt="Create log group name and retention" class="step-img"
127+
src="../../../../assets/img/guides/aws/cloudwatch/3.png">
116128
</li>
129+
117130
<li>
118131
<p class="step-guide">
119132
<span class="step_number">13</span>
120-
Fill the group name and continue.
133+
<strong>Open CloudTrail and start trail creation.</strong> In the CloudTrail console click <strong>Create trail</strong> to begin configuring a new trail.
121134
</p>
122-
<img alt="Cloud Watch config" class="step-img"
123-
src="../../../../assets/img/guides/aws/cloudtrail/trial-group.png">
135+
<img alt="CloudTrail dashboard" class="step-img"
136+
src="../../../../assets/img/guides/aws/cloudwatch/cloudtrail/2.png">
124137
</li>
138+
125139
<li>
126140
<p class="step-guide">
127141
<span class="step_number">14</span>
128-
Click on “Allow” to grant CloudTrail permissions.
142+
<strong>Configure delivery, validation and CloudWatch integration (single form).</strong>
143+
On the CloudTrail creation form set the following options as shown in the screenshot:
129144
</p>
130-
<img alt="CloudTrail permissions." class="step-img"
131-
src="../../../../assets/img/guides/aws/cloudtrail/trial-permissions.png">
145+
146+
<ul class="step-details pt-1">
147+
<li><strong>Trail name and scope:</strong> enter a descriptive name; enable <strong>Apply trail to all accounts in my organization</strong> if you require org‑wide collection.</li>
148+
<li><strong>S3 destination:</strong> choose <strong>Create new S3 bucket</strong> (or select an existing bucket) for raw log delivery.</li>
149+
<li><strong>Encryption:</strong> enable <strong>Log file SSE‑KMS</strong> and select the appropriate KMS key.</li>
150+
<li><strong>Log file validation:</strong> enable to ensure integrity of delivered logs (recommended).</li>
151+
<li><strong>CloudWatch Logs:</strong> enable delivery to CloudWatch and select <strong>Use existing log group</strong>, then enter the exact name <code>utmstack</code>.</li>
152+
<li><strong>IAM role:</strong> provide or create the role CloudTrail will assume to write to S3 and publish to CloudWatch (example: <code>CloudTrail-UTMStack-DeliveryRole</code>).</li>
153+
</ul>
154+
155+
<img alt="CloudTrail configuration: S3, SSE-KMS, Log file validation, CloudWatch Logs and IAM role" class="step-img"
156+
src="../../../../assets/img/guides/aws/cloudwatch/cloudtrail/5.png">
132157
</li>
158+
133159
<li>
134-
<p class="step-guide mb-3">
160+
<p class="step-guide">
135161
<span class="step_number">15</span>
136-
Click on the button shown below, to activate the UTMStack features related to this integration
162+
<strong>Select event types.</strong>
163+
On this screen enable the event categories required for monitoring and auditing. Follow the three sections below and match the checkboxes shown in each screenshot.
164+
</p>
165+
166+
<!-- Management events -->
167+
<div class="step-subsection">
168+
<p class="step-desc pt-1"><strong>1. Management events</strong></p>
169+
<ul class="pl-3">
170+
<li>Enable <strong>Management events</strong> and select <strong>All</strong> (or the equivalent option) to record all API activity that manages AWS resources (create, update, delete).</li>
171+
<li>Reason: captures administrative changes and configuration actions needed for auditing and incident investigation.</li>
172+
</ul>
173+
<img alt="CloudTrail select management events" class="step-img"
174+
src="../../../../assets/img/guides/aws/cloudwatch/cloudtrail/6.png">
175+
</div>
176+
177+
<!-- Data events -->
178+
<div class="step-subsection mt-2">
179+
<p class="step-desc pt-1"><strong>2. Data events</strong></p>
180+
<ul class="pl-3">
181+
<li>Add at least one <strong>Data event</strong>. Choose <strong>S3</strong> and select <strong>Log all events</strong> (or <em>All S3 object-level events</em>) to capture object-level operations such as GetObject and PutObject.</li>
182+
</ul>
183+
<img alt="CloudTrail select data events" class="step-img"
184+
src="../../../../assets/img/guides/aws/cloudwatch/cloudtrail/6.1.png">
185+
</div>
186+
187+
<!-- Network activity events -->
188+
<div class="step-subsection">
189+
<p class="step-desc"><strong>3. Network activity events (photo: 8.png)</strong></p>
190+
<ul>
191+
<li>In the Network Activities section add at least one service. For example, select <code>ec2.amazonaws.com</code> and enable <strong>Log all events</strong> for that service.</li>
192+
</ul>
193+
<img alt="CloudTrail select network activity events" class="step-img"
194+
src="../../../../assets/img/guides/aws/cloudwatch/cloudtrail/8.png">
195+
</div>
196+
197+
<p class="step-note">
198+
After confirming these selections, click <strong>Next</strong> to continue. Ensure the options match the screenshots and cover the resources you need to audit.
199+
</p>
200+
201+
</li>
202+
203+
204+
<li>
205+
<p class="step-guide">
206+
<span class="step_number">16</span>
207+
<strong>Configure aggregation and review.</strong> On the <strong>Configure event aggregation</strong> screen accept the defaults (or adjust if required). Review all settings and click <strong>Create trail</strong>.
208+
</p>
209+
<img alt="CloudTrail configure aggregation and review" class="step-img"
210+
src="../../../../assets/img/guides/aws/cloudwatch/cloudtrail/12.png">
211+
</li>
212+
213+
<li>
214+
<p class="step-guide mb-3">
215+
<span class="step_number">17</span>
216+
<strong>Activate the integration.</strong> After the trail is created and events are flowing to <code>utmstack</code>, click the button below to enable UTMStack features for this integration.
137217
</p>
138218
<app-app-module-activate-button [module]="module.AWS_IAM_USER"
139219
[disabled]="configValidity"
140-
[type]="'integration'" [serverId]="serverId"
220+
[type]="'integration'"
221+
[serverId]="serverId"
141222
class="mt-3">
142223
</app-app-module-activate-button>
143224
</li>
144225
</ol>
226+
227+
145228
</div>
146229
</div>

frontend/src/assets/img/guides/aws/cloudwatch/1.png

391 KB
Loading

frontend/src/assets/img/guides/aws/cloudwatch/2.png

360 KB
Loading

frontend/src/assets/img/guides/aws/cloudwatch/3.png

421 KB
Loading

frontend/src/assets/img/guides/aws/cloudwatch/cloudtrail/10.png

413 KB
Loading

frontend/src/assets/img/guides/aws/cloudwatch/cloudtrail/11.png

134 KB
Loading

frontend/src/assets/img/guides/aws/cloudwatch/cloudtrail/12.png

340 KB
Loading

frontend/src/assets/img/guides/aws/cloudwatch/cloudtrail/2.png

461 KB
Loading

frontend/src/assets/img/guides/aws/cloudwatch/cloudtrail/3.png

1.85 MB
Loading

0 commit comments

Comments
 (0)