As a Cloud security admin, you can secure your Azure workloads at the time of rollout through sensor installation scripts for the Ansible, Chef, or Puppet configuration management tools.

You can use the Carbon Black Cloud console to download the customized sensor install script and install the sensor as part of the Azure instance initialization. You can also install the sensor on an already existing in the Carbon Black Cloud console Azure virtual machine by using the sensor installation script.

Procedure

  1. On the left navigation pane, go to Inventory > Public Cloud > Azure.
  2. On the Azure Worklaods page, click the Sensor Options dropdown menu and select Download sensor install scripts.
    The Download Sensor Install Scripts windows opens.
  3. Locate the OS version for your instance and use the Sensor Version dropdown menu to select the related sensor version to install.
    These scripts are customized with pre-populated Org Keys and selected platform details.
  4. Click Download Scripts.
  5. After the package downloads, unzip it.
    You can see the sensor installation folders for each of the configuration management tools.
  6. Open the cloud-platform-scripts > Azure folder.
    It contains one script for Unix-based platforms and one PowerShell script for Windows.
  7. Create a virtual machine (VM) and use the sensor installation script (cloud_ini_linux.sh for a Linux VM or cloud_ini_windows.ps1 for a Windows VM) that is relevant to the configuration management tool in your environment.
    Create an Azure virtual machine (VM) with a sensor installation script running as a part of the instance initialization:
    1. Go to the Azure portal and click the Virtual machines option under Azure services.
    2. Click Create and select Azure virtual machine.
    3. Select the subscription with which to associate the VM, and the resource group from the relevant dropdown menus.
    4. Enter a name for the new VM and select the image type from the Image dropdown menu.
    5. From the Size dropdown menu, select the VM size that can support the workload.
    6. On the Advanced tab, select the Enable user data checkbox and paste the content of the sensor installation script (for Linux or Windows) into the User data text box.
    7. On the Tag tab, define the key-value pairs for categorizing your VM.
      For example:
      Name Value
      Environment Production
    8. Click Review + create.
      The sensor installation starts as part of the instance initialization.
    9. Click Create after the validation completes successfully.
      The Generate new key pair window opens.
    10. Click the Download private key and create resource option.
      The initializing deployment of the VM template begins.
  8. To install the Carbon Black sensor on Azure instances that are already available in the Carbon Black Cloud console but do not have the sensor installed, follow these steps:
    For these Azure VMs, the sensor installation script has not been executed.
    1. Go to the Azure portal and select your existing VM.
    2. Click the Run command operation.
    3. Select the RunShellScript.
      The Run Command Script text box displays.
    4. Paste the content of the sensor installation script and click Run.

Results

After the sensor installs, the VM displays on the Inventory > Public Cloud > Azure > Enabled tab in the Carbon Black Cloud console.