This article describes how to disable and enable Auto Scaling for the EC2 instance used by Alert Logic® Cloud Insight™ to perform vulnerability scans.
Cloud Insight uses a vulnerability scanner hosted on an EC2 instance in your VPC to scan your instances for security vulnerabilities using the Amazon Web Services (AWS) Auto Scaling feature. Instances are scanned when they are first discovered and then re-scanned periodically to look for new or resolved vulnerabilities. Cloud Insight will terminate the scanning instance from your VPC when there is no active work (i.e. instances to scan) in that VPC and will automatically recreate the scanning instance when work becomes available. This process is automatic and helps reduce your cost of running instances continuously.
If you have an internal requirement to continuously keep the vulnerability scanner running, you can manually disable Auto Scaling using the process described below and subsequently enable Auto Scaling as needed.
Solution
To manually disable Auto Scaling, use the operational tuning service (otis) through the Alert Logic API. Use the option “scanner_autoscaling_enabled”.
Note: All Cloud Insight APIs require an Access and Identity Management Service (AIMS) authorization token in each request, noted as ${TOKEN} in the commands below. Refer to our AIMS resources for details on authenticating.
Disable Auto Scaling
Use the following command to disable Auto Scaling. This example uses a placeholder account number of “123456789”.
curl -i -X POST -H "x-aims-auth-token: ${TOKEN}"
https://api.cloudinsight.alertlogic.com/otis/v2/123456789/options -d '{"name":
"scanner_autoscaling_enabled", "value": false}'
This command will create an output similar to the following:
$ curl -i -X POST -H "x-aims-auth-token: ${TOKEN}"
https://api.cloudinsight.alertlogic.com/otis/v2/123456789/options -d '{"name":
"scanner_autoscaling_enabled", "value": false}'
HTTP/2 201
date: Mon, 05 Mar 2018 23:34:05 GMT
content-type: application/json
content-length: 96
server: nginx/1.12.1
{"value":false,"name":"scanner_autoscaling_enabled","id":"06B8F101-3545-EDAA-B3A3-570B085D469B"}
Enable Auto Scaling
Use the following command to manually enable Auto Scaling. This example uses a placeholder account number of “123456789”.
curl -i -X POST -H "x-aims-auth-token: ${TOKEN}"
https://api.cloudinsight.alertlogic.com/otis/v2/123456789/options -d '{"name":
"scanner_autoscaling_enabled", "value": true}'
Comments
0 comments
Please sign in to leave a comment.