From d768638e251787c19298f1f1dda187976fa37507 Mon Sep 17 00:00:00 2001 From: Kishore Vinjam Date: Sun, 1 Oct 2023 22:03:40 -0400 Subject: [PATCH 1/3] Added tracker info to the templates --- .tracker_info.yml | 14 ++++++++++++++ templates/abi-enable-qradar-integration.yaml | 2 +- .../enable-cloudtrail-integrations.yaml | 2 +- .../enable-guardduty-integrations.yaml | 2 +- .../enable-sqs-s3-integrations.yaml | 2 +- templates/enable-integrations/setup-iam-role.yaml | 2 +- 6 files changed, 19 insertions(+), 5 deletions(-) create mode 100644 .tracker_info.yml diff --git a/.tracker_info.yml b/.tracker_info.yml new file mode 100644 index 0000000..b09cb2d --- /dev/null +++ b/.tracker_info.yml @@ -0,0 +1,14 @@ +project_id: 'abip-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln8885t0' +project_name: 'ABI Deepwatch MDR' +project_code: 'bffb7631-0830-42a1-8d12-82482b5ffca6' +project_type: 'ABI CloudFormation Project Type' +partner_name: 'DeepWatch' +launch_date: '2023-10-04' +repo_name: 'cfn-abi-deepwatch-mdr' +templates_info: + - template_id: 'abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln8886kt' + file_name: 'templates/deepwatch-root-stack.yaml' + count_flag: 'true' + - template_id: 'abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln8887cq' + file_name: 'templates/deepwatch-logging-resource-configuration.yaml' + count_flag: 'false' diff --git a/templates/abi-enable-qradar-integration.yaml b/templates/abi-enable-qradar-integration.yaml index 88eb162..fafe3f3 100644 --- a/templates/abi-enable-qradar-integration.yaml +++ b/templates/abi-enable-qradar-integration.yaml @@ -1,5 +1,5 @@ AWSTemplateFormatVersion: 2010-09-09 -Description: QRadar Integration +Description: "QRadar Integration (abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88rqsi)" Parameters: PrincipalArn: diff --git a/templates/enable-integrations/enable-cloudtrail-integrations.yaml b/templates/enable-integrations/enable-cloudtrail-integrations.yaml index aa03c59..abf74f2 100644 --- a/templates/enable-integrations/enable-cloudtrail-integrations.yaml +++ b/templates/enable-integrations/enable-cloudtrail-integrations.yaml @@ -1,5 +1,5 @@ AWSTemplateFormatVersion: 2010-09-09 -Description: CloudTrail Integration for QRadar +Description: "CloudTrail Integration for QRadar. (abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88tcpg)" Parameters: pSRASourceS3BucketName: diff --git a/templates/enable-integrations/enable-guardduty-integrations.yaml b/templates/enable-integrations/enable-guardduty-integrations.yaml index 319c0de..b6a5682 100644 --- a/templates/enable-integrations/enable-guardduty-integrations.yaml +++ b/templates/enable-integrations/enable-guardduty-integrations.yaml @@ -1,5 +1,5 @@ AWSTemplateFormatVersion: 2010-09-09 -Description: GuardDuty Integration for QRadar +Description: "GuardDuty Integration for QRadar. (abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88rrkg)" Parameters: pSRASourceS3BucketName: diff --git a/templates/enable-integrations/enable-sqs-s3-integrations.yaml b/templates/enable-integrations/enable-sqs-s3-integrations.yaml index 03f69e4..61c3ca5 100644 --- a/templates/enable-integrations/enable-sqs-s3-integrations.yaml +++ b/templates/enable-integrations/enable-sqs-s3-integrations.yaml @@ -1,5 +1,5 @@ AWSTemplateFormatVersion: 2010-09-09 -Description: SQS and S3 Integration for QRadar +Description: "SQS and S3 Integration for QRadar. (abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88rt4b)" Parameters: pBucketName: Type: String diff --git a/templates/enable-integrations/setup-iam-role.yaml b/templates/enable-integrations/setup-iam-role.yaml index fbdda64..d3ce238 100644 --- a/templates/enable-integrations/setup-iam-role.yaml +++ b/templates/enable-integrations/setup-iam-role.yaml @@ -1,5 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: Setup IAM role for QRadar +Description: "Setup IAM role for QRadar. (abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88rscd)" Parameters: PrincipalArn: Type: String From 2eade5f8d5b99726d23f87857e619aae364ffe7c Mon Sep 17 00:00:00 2001 From: Kishore Vinjam Date: Thu, 5 Oct 2023 12:58:28 -0400 Subject: [PATCH 2/3] updated tracker file --- .tracker_info.yml => .project_metadata.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .tracker_info.yml => .project_metadata.yml (100%) diff --git a/.tracker_info.yml b/.project_metadata.yml similarity index 100% rename from .tracker_info.yml rename to .project_metadata.yml From 69ed3ac476cdf2c0f17348defd1c77c17cee1a2d Mon Sep 17 00:00:00 2001 From: Kishore Vinjam Date: Mon, 23 Oct 2023 10:53:23 -0400 Subject: [PATCH 3/3] Updated project metadata --- .project_metadata.yml | 25 +++++++++++++++++-------- guide/content/deployment-steps.md | 16 ++++++++++------ 2 files changed, 27 insertions(+), 14 deletions(-) diff --git a/.project_metadata.yml b/.project_metadata.yml index b09cb2d..fbab368 100644 --- a/.project_metadata.yml +++ b/.project_metadata.yml @@ -1,14 +1,23 @@ project_id: 'abip-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln8885t0' -project_name: 'ABI Deepwatch MDR' -project_code: 'bffb7631-0830-42a1-8d12-82482b5ffca6' +project_name: 'ABI IBM Security QRadar' +project_code: '84bee679-c25e-49cd-8172-c727cc4f8fe1' project_type: 'ABI CloudFormation Project Type' -partner_name: 'DeepWatch' +partner_name: 'IBM' launch_date: '2023-10-04' -repo_name: 'cfn-abi-deepwatch-mdr' +repo_name: 'cfn-abi-ibmsecurity-qradar' templates_info: - - template_id: 'abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln8886kt' - file_name: 'templates/deepwatch-root-stack.yaml' + - template_id: 'abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88rqsi' + file_name: 'templates/abi-enable-qradar-integration.yaml' count_flag: 'true' - - template_id: 'abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln8887cq' - file_name: 'templates/deepwatch-logging-resource-configuration.yaml' + - template_id: 'abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88tcpg' + file_name: 'templates/enable-integrations/enable-cloudtrail-integrations.yaml' count_flag: 'false' + - template_id: 'abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88rrkg' + file_name: 'templates/enable-integrations/enable-guardduty-integrations.yaml' + count_flag: 'false' + - template_id: 'abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88rt4b' + file_name: 'enable-integrations/enable-sqs-s3-integrations.yaml' + count_flag: 'false' + - template_id: 'abi-1kirFQBF75MfEQ3RbMQHRb-5Qgs4qOsPgbXnTtlFjeTTo-ln88rscd' + file_name: 'enable-integrations/setup-iam-role.yaml' + count_flag: 'false' \ No newline at end of file diff --git a/guide/content/deployment-steps.md b/guide/content/deployment-steps.md index 7ccc3fc..10bcda4 100644 --- a/guide/content/deployment-steps.md +++ b/guide/content/deployment-steps.md @@ -44,16 +44,20 @@ To deploy this sample partner integration page using CfCT solution, add the foll ``` resources: - - name: sra-enable-partner1-solution - resource_file: https://aws-abi-pilot.s3.us-east-1.amazonaws.com/cfn-abi-aws-reference-guide/templates/abi-enable-partner1-securityhub-integration.yaml + - name: launch-qradar-main-abi + resource_file: https://aws-abi-pilot.s3.us-east-1.amazonaws.com/cfn-abi-ibmsecurity-qradar/templates/abi-enable-qradar-integration.yaml deploy_method: stack_set parameters: - - parameter_key: pProductArn - parameter_value: arn:aws:securityhub:us-east-1::product/cloud-custodian/cloud-custodian + - parameter_key: pEnableCloudTrial + parameter_value: 'false' # Set to 'true' to enable CloudTrail integration + - parameter_key: pEnableGuardDuty + parameter_value: 'false' # Set to 'true' to enable GuardDuty integration - parameter_key: pSRASourceS3BucketName - parameter_value: aws-abi-pilot + parameter_value: aws-abi + - parameter_key: pSRAS3BucketRegion + parameter_value: us-east-1 - parameter_key: pSRAStagingS3KeyPrefix - parameter_value: cfn-abi-aws-reference-guide + parameter_value: cfn-abi-ibmsecurity-qradar deployment_targets: accounts: - [[MANAGEMENT-AWS-ACCOUNT-ID]]