Use the following procedure to install sensors on your eligible AWS workloads (EC2 instances) through the Carbon Black Cloud console.

You can install sensors on eligible EC2 instances through the Carbon Black Cloud console. The AWS Systems Manager’s sendCommand API is used to run the sensor installation script remotely on the AWS EC2 instances.

Prerequisites

  • To prepare your onboarded AWS account for installing sensors on your running EC2 instances, you must create additional resources on the AWS account.
    • Enable the AWS services by running the event stream script in the AWS CLI of the AWS account. For information about enabling the event stream, see the Carbon Black Cloud User Guide documentation.
    • The EC2 instance upon which you install the sensor must be an SSM-managed node. A managed node is any machine that is configured for AWS Systems Manager. For more information, see Systems Manager prerequisites.
  • Install sensors on eligible EC2 instances. You can view which EC2 instances in your onboarded AWS accounts are available for sensor installation by referring to the Not Enabled tab.
    Eligibility column Description
    Eligible The eligible EC2 instances run the supported operating system (OS) and have SSM connectivity. You can install sensors on them.
    Not eligible The EC2 instances that are not eligible for sensor installation are either without AWS SSM connectivity or are running an unsupported OS. To minimize your installation effort, Carbon Black Cloud creates an AWS SSM document in your AWS account with a preconfigured sensor installation script.
    • You must run the AWS services setup script (event stream script), which creates the SSM document and other required resources on your AWS account.
    • The EC2 instance must be an SSM-managed instance. It must be running an SSM agent and have the appropriate IAM instance role.
    • To proceed with the sensor installation, the EC2 instance must be in a running state.
    Not supported The Carbon Black Cloud sensor does not support the OS or the OS version. You must upgrade to the supported OS or OS version as per the system requirements.

Procedure

  1. On the left navigation bar, click Inventory > AWS.
  2. Click the Not Enabled tab and select eligible EC2 instances.
  3. Select Install sensors from the Take Action drop-down menu.
  4. Select the sensor version to install.
  5. Click Install.
    A Sensor installation submitted notification displays. The install status for the instance changes to In Progress.

    It takes up to five minutes for the installation to complete.

Results

After the sensor installs, it displays on the Enabled tab.