Enabling automated quarantine of malware infected workloads is a critical capability that safeguards workloads without the need of manual intervention.
Add the following environment variables under configuration tab
KEY | VALUE | OPTIONS |
---|---|---|
AUTO_RELEASE_QUARANTINE_BINARY_FLAG | 1 | 0 - For Indefinite Quarantine / 1 - Timed release of workload |
QUARANTINE_PERIOD_IN_SECS_INT | 180 | Any valid whole number, ensure its below Max threshold for delay period supported in AWS Step function |
STEP_FUNCTION_REGION_NAME | us-east-1 | Any valid AWS region |
TM_AUTOISOLATE_WORKLOAD_STATE_MACHINE_ARN | arn:aws:states:us-east-1:XXXXXXXXXXXX:stateMachine:TM-AutoIsolate-Workload-State-Machine |
Add the following environment variables under configuration tab
KEY | VALUE |
---|---|
MS_TEAMS_WEB_HOOK_URL | https://someorg.webhook.office.com/webhookb2/validurl |
Add the following environment variables under configuration tab
KEY | VALUE |
---|---|
APIKEY | API-KEY-STORED-IN-AWS-SECRET-STORE |
HOST_ID_KEY | HOST_ID |
SECRETMANAGER_REGION_NAME | us-east-1 |
Add the following environment variables under configuration tab
KEY | VALUE |
---|---|
APIKEY | API-KEY-STORED-IN-AWS-SECRET-STORE |
HOST_ID_KEY | HOST_ID |
SECRETMANAGER_REGION_NAME | us-east-1 |