Azure Deployment
Lacework Edge connectors enable access for your users to Azure networks and the resources in them. For more information on connectors, see Lacework Edge Connectors. To deploy connectors to Azure networks, use the Lacework Edge Azure Resource Manager (ARM) template, as described here.
Before starting, create a connector token, as described in Lacework Edge Connectors.
Deploy a Connector
-
Click here to open the ARM Template in your Azure Portal.
Alternately, you can deploy the template manually:
- Download the template here.
- Open your Azure Portal.
- Under Marketplace choose Template deployment (deploy using custom templates).
- In the Select A Template dialog, choose Build your own template in the editor.
- Paste the contents of the template you downloaded into the editor and click Save.
-
Once the Template is loaded, fill in the parameters accordingly. See the table below for details on each parameters.
-
Click on Review + create at the bottom of the form once the parameters are filled in.
-
Once Azure validates your entries, click Create at the bottom to create your connector VM and its resources.
-
Once created, please wait ~5 minutes for the post-creation scripts to install the connector software on the newly minted VM.
-
Verify that the connector appears in the console, as described in Verify Connector State.
ARM Template Parameters
| Parameter | Default Value | Allowed Values | Description |
|---|---|---|---|
| connectorToken | EdgeGuardian Connector Token. To generate one, visit https://app.edge-guardian.io/ui/directory/connectors | ||
| location | [resourceGroup().location] | Region in which to deploy the Virtual Machine and its resources. | |
| vmName | edgeguardian-connector | Name to use for this Virtual Machine. | |
| vmSize | Standard_B2s | Size of the Virtual Machine. Standard_B2s is recommended. | |
| adminUsername | azureuser | User name for the Virtual Machine. | |
| adminPasswordOrKey | SSH Key or password for the Virtual Machine. SSH key is recommended. | ||
| adminAuthType | sshPublicKey | sshPublicKey, password | Type of authentication to use on the Virtual Machine. SSH key is recommended. |
| allowSsh | FALSE | FALSE, TRUE | Allow SSH traffic to this Virtual Machine. |
| vmDiskDeleteOption | Delete | Delete, Detach | Determines whether to delete or detach the OS Disk if this Virtual Machine is deleted. |
| vmDiskType | Standard_LRS | Standard_LRS, Premium_LRS, StandardSSD_LRS | The type of disk storage to use with this Virtual Machine. |
| vmNicDeleteOption | Delete | Delete, Detach | Determines whether to delete or detach the NIC if this Virtual Machine is deleted. |
| vnetNewOrExisting | new | new, existing | Determines whether or not a new virtual network should be provisioned. |
| vnetName | edgeguardian-connector-vnet | Name of the new or existing virtual network. | |
| vnetResourceGroupName | [resourceGroup().name] | Name of the resource group for the virtual network. | |
| vnetAddressPrefixes | 10.0.0.0/16 | Address prefix of the virtual network (ignored if existing). | |
| subnetName | default | Name of the subnet | |
| subnetPrefix | 10.0.0.0/24 | Subnet prefix of the virtual network | |
| publicIpNewOrExisting | new | new, existing, none | Determines whether a public IP should be provisioned (new), reused (existing) or not assigned (none). |
| publicIpName | edgeguardian-connector-pip | Name of the public IP address | |
| publicIpResourceGroupName | [resourceGroup().name] | Name of the resource group for the public IP address | |
| publicIpAllocationMethod | Dynamic | Dynamic, Static | Allocation method for the public IP address |
| publicIpSku | Basic | Basic, Standard | SKU to use for the public IP address (https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/public-ip-addresses#sku) |