Skip to content

Commit

Permalink
Merge pull request #10 from deep-security/v0.5
Browse files Browse the repository at this point in the history 
V0 5
  • Loading branch information
@424D57
424D57 committed Mar 7, 2016
2 parents 9a7827a + cf2d3c7 commit c17227a
Show file tree
Hide file tree
Showing 4 changed files with 11 additions and 8 deletions.
1 change: 1 addition & 0 deletions DeepSecurity/Common/helpers/cfn-rh-sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,4 @@ yum -y install freetds-devel
pip install pymssql
wget https://cf-deepsecurity.s3.amazonaws.com/96/v0.5/Scripts/create-DSM-SqlDB.py
chmod 755 create-DSM-SqlDB.py

10 changes: 5 additions & 5 deletions DeepSecurity/Common/helpers/create-console-listener
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
## create listenter on elb
## createlistener <elb name> <elb fqdn> <dsm console port> <StackName> <firstelb>
if [ $5 -eq 1 ]; then
openssl req -nodes -new -sha256 -newkey rsa:2048 -subj '/CN='$2'/O=Trend Micro/OU=Deep Security Manager' -keyout /etc/cfn/privatekey -out /etc/cfn/csr;
openssl req -nodes -new -sha256 -newkey rsa:2048 -subj '/CN='DeepSecurityManager'/O=Trend Micro/OU=Deep Security Manager' -keyout /etc/cfn/privatekey -out /etc/cfn/csr;
openssl x509 -req -days 3650 -in /etc/cfn/csr -signkey /etc/cfn/privatekey -out /etc/cfn/certificatebody;
aws iam upload-server-certificate --server-certificate-name DeepSecurityElbCertificate-$4 --certificate-body file:///etc/cfn/certificatebody --private-key file:///etc/cfn/privatekey
fi
Expand All @@ -23,14 +23,14 @@ loop=1

until [ -n "$loadbalancercert" -a "$loadbalancercert" != " " ]
do
if [ $loop -eq 1 ]; then echo 'attempting to create listener'; else echo 'listener not yet created, retrying command'; fi
if [ $loop -eq 1 ]; then echo 'attempting to create listener'; else echo 'listener not yet created, retrying command'; fi
loop=$((loop+1))
sleep 10
aws elb create-load-balancer-listeners --load-balancer-name $1 --listeners Protocol=HTTPS,LoadBalancerPort=$3,InstanceProtocol=HTTPS,InstancePort=$3,SSLCertificateId=$certid
aws elb create-load-balancer-listeners --load-balancer-name $1 --region $6 --listeners Protocol=HTTPS,LoadBalancerPort=$3,InstanceProtocol=HTTPS,InstancePort=$3,SSLCertificateId=$certid
loadbalancercert=$(aws elb describe-load-balancers --load-balancer-name $1 --region $6 --query 'LoadBalancerDescriptions[*].ListenerDescriptions[*].Listener.[SSLCertificateId]' --output text | grep $certid)
done

echo 'load balancer listener created'

aws elb create-load-balancer-policy --load-balancer-name $1 --policy-name DSMConsoleStickySessions --policy-type-name LBCookieStickinessPolicyType --policy-attributes AttributeName=CookieExpirationPeriod,AttributeValue=600
aws elb set-load-balancer-policies-of-listener --load-balancer-name $1 --load-balancer-port 443 --policy-names DSMConsoleStickySessions
aws elb create-load-balancer-policy --load-balancer-name $1 --policy-name DSMConsoleStickySessions --policy-type-name LBCookieStickinessPolicyType --region $6 --policy-attributes AttributeName=CookieExpirationPeriod,AttributeValue=600
aws elb set-load-balancer-policies-of-listener --load-balancer-name $1 --load-balancer-port 443 --policy-names DSMConsoleStickySessions --region $6
7 changes: 4 additions & 3 deletions DeepSecurity/Common/helpers/createCloudAccount
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,9 @@ tempDSSID=$(curl -k -H "Content-Type: application/json" -X POST "https://$DSMURL
echo "#####Looping through regions to create connectors"
for region in "${REGIONS[@]}"
do
endpoint="${region}ep"
echo "##### creating connector for $region region with endpoint ${!endpoint}"
curl -ks -H "Content-Type: application/json" "Accept: application/json" -X POST "https://$DSMURL/rest/cloudaccounts" -d '{"createCloudAccountRequest":{"cloudAccountElement":{"accessKey":"'${accesskey}'","cloudRegion":"'${!region}'","cloudType":"AMAZON","name":"'$3'","secretKey":"'${secretkey}'","endpoint":"'${!endpoint}'","azureCertificate":"-"},"sessionId":"'$tempDSSID'"}}'
endpoint="${region}ep"
echo "##### creating connector for $region region with endpoint ${!endpoint}"
curl -ks -H "Content-Type: application/json" "Accept: application/json" -X POST "https://$DSMURL/rest/cloudaccounts" -d '{"createCloudAccountRequest":{"cloudAccountElement":{"accessKey":"'${accesskey}'","cloudRegion":"'${!region}'","cloudType":"AMAZON","name":"'$3'","secretKey":"'${secretkey}'","endpoint":"'${!endpoint}'","azureCertificate":"-"},"sessionId":"'$tempDSSID'"}}'
done

curl -k -X DELETE https://$DSMURL/rest/authentication/logout?sID=$tempDSSID
Expand All @@ -56,3 +56,4 @@ unset username
unset password



1 change: 1 addition & 0 deletions DeepSecurity/Common/helpers/set-lbSettings
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,3 +45,4 @@ curl -k -v -H "Content-Type: text/xml;charset=UTF-8" -H 'SOAPAction: "systemSett
'</soapenv:Body>'\
'</soapenv:Envelope'\>


0 comments on commit c17227a

Please sign in to comment.