CloudFormation templates to deploy Graylog API Security in AWS.
- Running Graylog API Security on EKS
- Running Graylog API Security on ECS (deprecated)
- Kinesis Data Streams: Capture API call data from your AWS API Gateway
The recommended way to deploy Graylog API Security.
No problem! Our templates will help you get started with Graylog API Security in minutes. In fact, you won't even have to leave your browser before you have a brand new EKS cluster running your own self-hosted Graylog API Security instance.
Click the Launch Stack button below to deploy Graylog API Security together with all the necessary resources as a CloudFormation stack:
Note
What is being deployed here?
- An Elastic Kubernetes Service instance, with an EC2-based managed node group, as well as the required EKS addons to enable internal networking and persistent volume provisioning:
VPC CNI,CoreDNS, andEBS CSI. - A number of network resources, including a new VPC with 3 subnets, and an internet gateway to provide the EKS Cluster with internet access.
- A nested CloudFormation stack that, in turn, creates and deploys:
- A self-terminating EC2 instance that connects to the newly-created EKS cluster and uses helm to install both the Graylog API Security chart, and the Cert-manager dependency chart.
- An S3 bucket to host a static website with post-installation notes.
- The corresponding IAM roles and policies required to create, deploy and connect to EKS clusters, node groups, and EC2 instances.
Click to see dependency diagrams
| Main stack | Nested stack: HelmStack |
|---|---|
|
|
Parameters: Choose both a name for you cluster (EKSClusterName), and 3 availability zones (SubnetAZs) to create the subnets for your cluster.
-
If installing a single-node cluster it is recommended to decrease the EKS node count (EKSNodeCount) to 1.
-
Make sure to allow CloudFormation to create both IAM resources and nested stacks (
CAPABILITY_AUTO_EXPAND) -
If the CloudFormation stack deployment fails, please choose 3 different availability zones and try again.
Outputs: Once the automatic deployment finishes, go to the Outputs section and click on the SuccessURL link.
Click to expand
You should be greeted with a page containing post-installation notes. There you will find the URL to access the web UI for your very own Graylog API Security instance 🚀
Click to expand
🏁 That's it!
Even better! Our template will help you get started with Graylog API Security without having to run kubectl, helm or any commands at all. In fact, you won't even have to leave your browser before you are running your own self-hosted Graylog API Security instance.
Click the Launch Stack button below to deploy all necessary resources as a CloudFormation stack:
Note
What is being deployed here?
- A nested CloudFormation stack to deploy EC2-based managed EKS node group, as well as the
EBS CSIrequired EKS addon, to enable persistent volume provisioning. - A second nested CloudFormation stack that, in turn, creates and deploys:
- A self-terminating EC2 instance that connects to your existing EKS cluster and uses helm to install both the Graylog API Security chart, and the Cert-manager dependency chart.
- An S3 bucket to host a static website with post-installation notes.
- The corresponding IAM roles and policies required to create and deploy new EC2 instances, and connect to your EKS cluster.
Click to see dependency diagrams
| Main stack | Nested stack: NodeGroupStack | Nested stack: HelmStack |
|---|---|---|
|
|
|
Once the automatic deployment finishes, go to the Outputs section and click on the SuccessURL link.
Click to expand
You should be greeted with a page containing post-installation notes. There you will find the URL to access the web UI for your very own Graylog API Security instance 🚀
Click to expand
Currently, this option is not supported. If you are interested, please let us know by opening a new issue!
Deploy a Kinesis Data Stream instance to stream CloudWatch logs from your API Gateway instance to Graylog API Security.
For more information, please visit our aws-kds repo.
Please, visit our docs to learn more about Graylog API Security.
© 2016-2024 Graylog, Inc.