AWS CloudFormation templates for deploying Trend Micro Deep Security Manager and its underlying infrastructure.
Home Page: https://trendmicro.com/aws
License: Apache License 2.0
Unable to add AWS accounts using cross account role due to missing sts:AssumeRole permission. Results in the following:
SEVERE: ThID:105|TID:0|TNAME:Primary|UID:1|UNAME:MasterAdmin|Unable to add AWS account with error AWS sync exception, RequestRegion=ap-south-1, Credentials=INSTANCE_ROLE Error: AWS was not able to validate the provided access credentials (Service: AmazonEC2; Status Code: 401; Error Code: AuthFailure; Request ID: 2bec52d1-e3cf-43f4-836d-e7b347d72724)
Feb 06, 2018 3:18:07 AM com.trendmicro.ds.platform.rest.ext.AllExceptionMapper toResponse
SEVERE: ThID:105|TID:0|TNAME:Primary|UID:1|UNAME:MasterAdmin|REST API method at /cloudaccounts/aws encountered error
AWS sync exception, RequestRegion=ap-south-1, Credentials=INSTANCE_ROLE Error: com.amazonaws.services.ec2.model.AmazonEC2Exception: AWS was not able to validate the provided access credentials (Service: AmazonEC2; Status Code: 401; Error Code: AuthFailure; Request ID: 2bec52d1-e3cf-43f4-836d-e7b347d72724)
Feb 06, 2018 3:36:43 AM com.thirdbrigade.manager.webclient.screens.CloudProviderAmazonWizardBean testAWSAccountCredentials
SEVERE: ThID:109|TID:0|TNAME:Primary|UID:1|UNAME:MasterAdmin|Error adding aws account:
com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException: User: arn:aws:sts:::assumed-role/trend-DSMNode1-5NO7EQAZRFKO-DSMRole-16IV47LCXEUGK/i-071675f1a2ca4 is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam:::role/Trend (Service: AWSSecurityTokenService; Status Code: 403; Error Code: AccessDenied; Request ID: f25d3990-0aee-11e8-89a1-47a99feb393f)
Feb 06, 2018 4:21:22 AM com.thirdbrigade.manager.webclient.screens.CloudProviderAmazonWizardBean$AWSImportThread run
SEVERE: ThID:172|TID:0|TNAME:Primary|UID:1|UNAME:MasterAdmin|Error unable to add aws account :
AWS sync exception, RequestRegion=ap-south-1, Credentials=INSTANCE_ROLE Error: com.amazonaws.services.ec2.model.AmazonEC2Exception: AWS was not able to validate the provided access credentials (Service: AmazonEC2; Status Code: 401; Error Code: AuthFailure; Request ID: d9bf88d8-dc9e-4356-9681-833e6e892dec)
Resolved by #20 but not merged.
Using the latest version of "master-rhel.template" under 'cloudformation/templates/rhel path'
The Stack of CloudFormation fails during the following step:
`
| 16:49:41 UTC+1200 | CREATE_FAILED | AWS::CloudFormation::Stack | DSDatabaseAbstract | Parameters: [AWSKeyPairName] do not exist in the template |
|---|---|---|---|---|
| ` |
I would like to know if there are more people facing the same problem
Thank you for great CloudFormation template.
I tried to build DeepSecurity using a RHEL template, but it failed.
I receive an error message below in the /tmp/dsmInstallLog.
[ERROR] The Manager Address cannot be blank. Please enter a hostname, IP or domain name.
I added the parameter AddressAndPortsScreen.ManagerAddress=<local ip address> to dsmConfiguration.properties, installation succeeded.
Isn't the parameter needed?
If not needed, how can I create stack without adding the parameter.
Hello Smart Protection Server Team,
I attempted to deploy template listed @ https://help.deepsecurity.trendmicro.com/20_0/on-premise/smart-protection-aws.html in AWS GovCloud and got the following error within CloudFormation:
Template error: Unable to get mapping for RegionToAMI::us-gov-west-1::64
Please add support for GovCloud
Hi,
I'm trying yo deploy the BYOL template using the quickstart docs. After 54 minutes the deployment fails with this error
This happens with v.5.22 from official docs links and with v.5.27 from github
| Timestamp | Logical ID | Status | Status reason |
|---|---|---|---|
| 2019-09-27 13:24:40 UTC+0900 | MasterMP | DELETE_IN_PROGRESS | - |
| 2019-09-27 13:24:28 UTC+0900 | Deep-Security | ROLLBACK_IN_PROGRESS | The following resource(s) failed to create: [MasterMP]. . Rollback requested by user. |
| 2019-09-27 13:24:27 UTC+0900 | MasterMP | CREATE_FAILED | Embedded stack arn:aws:cloudformation:ap-northeast-1:521406273796:stack/Deep-Security-MasterMP-9F5D63BVBSY3/1a8253d0-e0d7-11e9-91eb-06fa24220ee8 was not successfully created: The following resource(s) failed to create: [DSM1CompleteWaitCondition]. |
| 2019-09-27 12:30:09 UTC+0900 | MasterMP | CREATE_IN_PROGRESS | Resource creation Initiated |
| 2019-09-27 12:30:07 UTC+0900 | MasterMP | CREATE_IN_PROGRESS | - |
| 2019-09-27 12:30:00 UTC+0900 | Deep-Security | CREATE_IN_PROGRESS | User Initiated |
Any idea on how to fix this ? I could not find a more helpful log...
User has full administrator access
thanks
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.