Create a Broker VM AMI Image

After you download your Cortex XDR Broker
VMDK
image, you can covert the image to Amazon Web Services (AWS) AMI.
To convert the image:

Set up AWS CLI

(
Optional
) If you haven’t done so already, set up your AWS CLI as follows:
  1. Install the AWS zip file by running the following command on your local machine:
    curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"unzip awscli-bundle.zipsudo /usr/local/bin/python3.7 awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws
  2. Connect to your AWS account by running:
    aws configure

Create an AMI Image

  1. Navigate and log in to your AWS account.
  2. In the AWS Console, navigate to
    Services
    Storage
    S3
    Buckets
    .
  3. In the
    S3 buckets
    page,
    + Create bucket
    to upload your broker image to.
  4. Upload the Broker VM VMDK you downloaded from Cortex XDR to the AWS S3 bucket.
    Run
    aws s3 cp ~/<path/to/broker-vm-version.vmdk> s3://<your_bucket/broker-vm-version.vmdk>
  5. Prepare a configuration file on your hard drive.
    For example:
    [ { "Description":"<Broker VM Version>", "Format":"vmdk", "UserBucket":{ "S3Bucket":"<your_bucket>", "S3Key":"<broker-vm-version.vmdk>" } }]
  6. Create a AMI image from the VMDK file.
    Run
    aws ec2 import-image --description="<Broker VM Version>" --disk-containers="file:///<file:///path/to/configuration.json>"
    Creating an AMI image can take up to 60 minutes to complete.
    To track the progress, use the
    task id
    value from the output and run:
    aws ec2 describe-import-image-tasks --import-task-ids import-ami-<task-id>
    .
    Completed status output example:
    { "ImportImageTasks":[ { "...", "SnapshotDetails":[ { "Description":"Broker VM version", "DeviceName":"/dev/<name>", "DiskImageSize":2976817664.0, "Format":"VMDK", "SnapshotId":"snap-1234567890", "Status":"completed", "UserBucket":{ "S3Bucket":"broker-vm", "S3Key":"broker-vm-<version>.vmdk" } } ], "Status":"completed", "..." } ]}
    .
  7. (
    Optional
    ) After the AMI image has been created, you can define a new name for the image.
    Navigate to
    Services
    EC2
    IMAGES
    AMIs
    and locate your AMI image using the task ID. Select the pencil icon to enter a new name.

Launch an Instance

  1. Navigate to
    Services
    EC2
    Instances
    .
  2. Search for your AMI image and
    Launch
    the file.
  3. In the
    Launch Instance Wizard
    define the instance according to your company requirements and
    Launch
    .
  4. (
    Optional
    ) In the
    Instances
    page, locate your instance and use the pencil icon to rename the instance
    Name
    .
  5. Define HTTPS and SSH access to your instance.
    Right-click your instance and navigate to
    Networking
    Change Security Groups
    .
    In the
    Change Security Groups
    pop-up, select HTTPS to be able to access the Broker VM Web UI, and SSH to allow for remote access when troubleshooting. Make sure to allow these connection to the broker from secure networks only.
    Assigning security groups can take up to 15 minutes.
  6. Verify the broker VM has started correctly.
    Locate your instance, right-click and navigate to
    Instance Settings
    Get Instance Screenshot
    .
    You are directed to your broker VM console listing your broker details.

Recommended For You