An Ansible playbook for the Deep Security agent. This allows for the easy deployment of the Deep Security agent as well as taking some common actions from the agent.
This is a community project and while you will see contributions from the Deep Security team, there is no official Trend Micro support for this project. The official documentation for the Deep Security APIs is available from the Trend Micro Online Help Centre.
Tutorials, feature-specific help, and other information about Deep Security is available from the Deep Security Help Center.
For Deep Security specific issues, please use the regular Trend Micro support channels. For issues with the code in this repository, please open an issue here on GitHub.
For play dsa-deploy the follow vars need to be set. The are contained in the vars/dsa-deploy.yml file.
| Key | Type | Description | Default |
|---|---|---|---|
| dsm_agent_download_hostname | String | Hostname of the Deep Security manager | app.deepsecurity.trendmicro.com |
| dsm_agent_download_port | Int | The port to connect to the Deep Security manager on to download the agents. This is typically the same port as the admin web access | 443 |
| dsa_activation_hostname | String | The hostname for the agents to communicate with once deployed. For Marketplace AMI and software deployments this is typically the same hostname as 'dsm_agent_download_hostname' | agents.deepsecurity.trendmicro.com |
| dsa_activation_port | Int | The post to use for the agent heartbeat (the regular communication). For Marketplace AMI and software deployments, the default is 4118 | 443 |
| tenant_id | String | In a multi-tenant installation (like Deep Security as a Service), this identifies the tenant account to register the agent with | nil |
| tenant_password | String | In a multi-tenant installation (like Deep Security as a Service), this identifies the tenant account to register the agent with | nil |
| policy_id | String | The Deep Security ID assigned to the policy to apply to the agents on activation | nil |
We're always open to PRs from the community. To submit one:
- Fork the repo
- Create a new feature branch
- Make your changes
- Submit a PR with an explanation of what/why/cavaets/etc.
We'll review and work with you to make sure that the fix gets pushed out quickly.