chore: require apitoken (#62)

* doc: contribute

* chore: require apitoken

Author: iru

README.md

@@ -4,3 +4,53 @@ This repository contains the CloudFormation templates to deploy the Sysdig
 CloudVision suite in an AWS Account.
 
 [Deploy latest version!](https://console.aws.amazon.com/cloudformation/home#/stacks/quickCreate?stackName=Sysdig-CloudVision&templateURL=https://cf-templates-cloudvision-ci.s3-eu-west-1.amazonaws.com/master/entry-point.yaml)
+
+
+## Contribute
+
+
+### Release
+
+- Template is [uploaded on the CI release cycle](https://github.com/sysdiglabs/aws-cloudvision-templates/blob/main/.github/workflows/release.yaml#L63) to `cf-templates-cloudvision-ci` on Sysdig `draios-demo` account
+
+Leading to the latest entry-point, which will be used on the Sysdig Secure > Getting Started > AWS Cloudformation
+<br/>`https://cf-templates-cloudvision-ci.s3-eu-west-1.amazonaws.com/master/entry-point.yaml`
+
+
+### Pull Request
+
+When the PR is drafter a new template will be available for  testing at 
+<br/>`https://cf-templates-cloudvision-ci.s3-eu-west-1.amazonaws.com/pr/<PR_NAME>/entry-point.yaml`
+
+
+### Testing
+
+see [Makefile](./templates/Makefile)
+
+- Validation
+
+```bash
+$ aws cloudformation validate-template --template-body file://./templates/CloudVision.yaml
+```
+
+- Launch Template
+
+full cycle
+
+```
+-- test
+$ aws cloudformation delete-stack --stack-name test ; \
+sleep 10 ; \
+aws cloudformation deploy --template-file templates/CloudVision.yaml --stack-name test ; \
+aws cloudformation describe-stack-events --stack-name test
+```
+
+- Test Template wizard (UI)
+  ```
+  Aws console > cloudformation > create new stack (template, upload template: select ./templates/Cloudvision.yaml)
+  ```
+  - note: this will upload the template into an s3 bucket, remember to delete it afterwards 
+
+
+- **Cleanup** <br/>Delete stack to clean test environment. [CFT limitation does not allow to automatically delete non-empty S3 bucket](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html), so Stack deletion will fail when you request it. Delete S3 bucket manually and relaunch deletion for a full cleanup.
+

templates/CloudVision.yaml

@@ -96,15 +96,21 @@ Parameters:
   SysdigSecureAPIToken:
     Type: String
     NoEcho: true
+    AllowedPattern: ".+"
+    ConstraintDescription: "SysdigSecureAPIToken is required"    
+    
   SysdigSecureEndpoint:
     Type: String
     Default: "https://secure.sysdig.com"
+
   SysdigRoleName:
     Type: String
     Default: "SysdigAgentlessRole"
+    
   SysdigExternalID:
     Type: String
     Default: ""
+    
   SysdigTrustedIdentity:
     Type: String
     Default: ""