Setup Guide
This brief guide walks you through the entire process from tool configuration to final deployment of the cloud node.
Amazon Web Services Setup
In order to deploy the cloud node, you must first setup an AWS account. Registering for the platform is free, but will require a credit card to be associated with the account. Once setup, you need to ensure your user has the proper settings. Visit the IAM service within your account and add a new user. Select "Programmatic access" for the account type.
Add the "AdministratorAccess" policy to your user account.
Your account should look like this during the review.
Once confirmed, you will see your new user and gain access to an Access ID and Secret Key. Copy these both down and treat them like a security password. This user has direct access to your entire AWS account and those credentials enable anything to be done on your behalf.
Now that your account is setup, you need to install the AWS CLI tools. Once installed for your platform of choice, run aws configure on the command line and you will be prompted for your security credentials along with some other data. This configuration will be saved into your home directory under ~/.aws/credentials.
Analyst Toolbench Setup
Blockade offers a suite of tools for users who wish to interact with the cloud node. These tools have been updated to include a script that will automatically setup and configure the AWS serverless setup for a cloud node.
Install the toolbench using pip:
$ pip install blockade-toolkit
Run the AWS deployment script included within the tool setup:
$ blockade-aws-deploy setup --region <your-aws-region> --debug
After a minute or two, you will be prompted by the script to setup an administrator for the cloud node. Enter an email address and name for the user. This information will be sent via the cloud node API in order to complete the setup. Upon a successful setup, a quick copy link will be included along with user details.
$ blockade-cfg setup <admin-email> <admin-api-key> --api-node=<node>
This sets up the workbench for use with the newly deployed cloud node.
Extension Configuration
By default, the Blockade browser extension will use the public cloud node. In order to use the newly deployed AWS cloud node, you will need to add it to the extension configuration. Install the extension within your browser if you haven't already.
Visit the options page, add in your configuration details then press the green plus button to finish adding the node. In order to trigger a initial database sync, click save on the options. Your browser is now set to use Blockade and will continually update from the cloud node every 15 minutes.
Post Installation
With everything installed, it's best to consider removing the "AdministratorAccess" policy from your AWS user account to avoid any potential risk. Included with the toolbench is an additional tool, blockade that allows you to send indicators to the node and get events back out of the system. For more information, see the tool usage information via the help command..
$ blockade -h