Use this procedure to install sensors on your eligible AWS workloads (EC2 instances) through the Carbon Black Cloud console.

You install sensors on eligible EC2 instances through the Carbon Black Cloud console. The AWS Systems Manager’s sendCommand API is used to run the sensor installation script remotely on the AWS EC2 instances.

Prerequisites

  • To prepare your onboarded AWS account for installing sensors on your running EC2 instances, you must create additional resources on the AWS account.
    • Enable the AWS services by running the event stream script in the AWS CLI of the AWS account. For more information, see Enable AWS Services.
    • The EC2 instance, on which you install the sensor, must be an SSM managed node. A managed node is any machine configured for AWS Systems Manager. For more information, see Systems Manager prerequisites.
      Note:

      There are Amazon Management Images (AMIs) that do not have the SSM agent installed. If you launch an EC2 instance from such an AMI, you must install the SSM agent manually on the EC2 instance. Then, synchronize the AWS account region to make that EC2 instance eligible for sensor installation. To synchronize the region, go to Settings > AWS Accounts, double-click your AWS account, locate the region holding the EC2 instance, and click Sync.

  • Install sensors on eligible EC2 instances. You can view which EC2 instances in your onboarded AWS accounts are available for sensor installation by referring to the Not Enabled tab.
    Eligibility column Description
    Eligible The eligible EC2 instances run the supported operating system (OS) and have SSM connectivity. You can install sensors on them.
    Not eligible The EC2 instances, not eligible for sensor installation, are either without AWS SSM connectivity or running unsupported OS. To minimize your installation effort, Carbon Black Cloud creates an AWS SSM document in your AWS account with preconfigured sensor installation script.
    • You must run the event stream setup script (event stream script), which creates the SSM document and other required resources on your AWS account.
    • The EC2 instance must be an SSM managed instance. It must be running an SSM agent and have the appropriate IAM instance role.
    • To proceed with the sensor installation, the EC2 instance must be in a running state.
    Not supported The Carbon Black Cloud sensor does not support the OS or the OS version. You must upgrade to the supported OS or OS version as per the system requirements.

Procedure

  1. On the left navigation bar, select Inventory > AWS.
  2. Click the Not Enabled tab and select eligible EC2 instances.
  3. Select Install sensors from the Take Action drop-down menu.
  4. Select the sensor version to install.
  5. Click Install.
    You see a Sensor installation submitted notification. The install status for the instance changes to In Progress.

    It takes up to 5 minutes for the installation to complete.

Results

After the sensor installs, it appears on the Enabled tab.