Deploy AWS AMI Agent

Background

If you already have a web app running in AWS, you can quickly and easily protect your web application hosted in AWS with tCell’s AMI, which contains an NGINX proxy server and tCell agent. Here is a sample deployment with existing application:

New deployment will be as follows:

Prerequisites

This use case assumes you already have a tCell application and tCell application API Key configured for use with this preconfigured agent. For instructions on how to configure and download the agent configuration with this information, see the Server Agent Config documentation and the Quickstart guide.
You have an AWS account.
You have a running web application that can receive traffic from the tCell proxy.

Steps

Multiple options are available when using this AMI:

Use a Cloud Formation Template: Follow the instructions here.
See example: https://github.com/rapid7/tcell-deployment-examples/tree/master/cloudformation
Manual EC2 creation: For manual EC2 creation, search for the AMI by owner account ID 606696011804.
Using userdata script: tcell-cfg nginx --app-id <your app id value> --api-key <your api key> --forward-address http://<your web app address>

Validation

The easiest way to validate an agent is online is to log into the tCell console as documented in the Quick Start guide.

Troubleshooting

If no data shows up in the tCell console while validating, wait a few minutes. Otherwise either the AppID/API Key may be invalid. Check the tcell.log file to see if errors occurred while sending data.
Check the NGINX logs to verify traffic is being proxied correctly to your web application. You may need to work with your cloud or networking team to ensure the web application can receive traffic from the proxy.

Next Steps

The above steps are meant to be a minimal quick deployment and to demonstrate how easy it is to get up and running with tCell for your existing web application. You can use the AMI as the basis for your own golden image for advanced deployments which may involve load balancers, multiple VPCs or subnets, and auto-scaling.

FAQ

Note

While using this AMI is free, you will incur the standard usage fees for these resources until you terminate them.

How can I change my app ID, API key, and web app address?
You can ssh into the instance and run:
tcell-cfg nginx --app-id <your new app id value> --api-key <your new api key> --forward-address http://<your new web app address>
Where are the configs located?
tCell agent configuration: /etc/nginx/tcell_agent.config
NGINX proxy configuration: /etc/nginx/proxy_block.conf
How can I view NGINX and tCell logs?
Logs will be available in the running instance in /var/log/nginx
Can I use this AMI in other regions besides us-east-1?
You can create your own AMI from our image and then copy it into your desired region by following these instructions.
Where can I learn more about reverse proxies?
This deployment methodology is a Reverse-Proxy-based configuration as explained here.
What OS does the AMI run on?
Ubuntu 18.04 LTS.
Can I customize my NGINX deployment?
Yes, you can edit the NGINX configuration files in /etc/nginx on your EC2 instance. Please refer to the NGINX docs to learn more about NGINX configuration.

Did this page help you?

SETUP AND DEPLOY

Deploy Prebuilt NGINX Agent Image

SETUP AND DEPLOY

Set Up Log Rolling