Alert Logic® scanning for Amazon Web Services (AWS) has two different deployment modes – guided and automatic. Guided mode allows you to deploy scanning appliances to a pre-existing subnet, while automatic mode creates a new subnet automatically.
The automatic deployment option requires a /28 subnet to operate and attempts to take the next naturally occurring /28 subnet inside of your VPC. If there are no available /28 subnets available to deploy in, you will receive a message similar to the following:
"To deploy properly, Alert Logic needs access to an available CIDR range within the VPC <VPC-ID> in the Region <REGION>. Please reconfigure your environment to allow us access. After you grant us access, we can continue protecting your environment."
You then have the options "Maybe later" and "Try again" to choose from.
To deploy Alert Logic scanning appliances in AWS, the subnets within the VPC need to be reconfigured to allow a free /28 CIDR range. Once this is completed, the scanning appliance will successfully deploy.