Skip to content

Commit 357ffee

Browse files
author
iru
authored
doc: update questionnaire
1 parent 9e08f74 commit 357ffee

File tree

1 file changed

+16
-9
lines changed

1 file changed

+16
-9
lines changed

use-cases/_questionnaire.md

Lines changed: 16 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -2,16 +2,18 @@
22

33
This questionnaire is aimed to help you/us find the most suitable way of deploying [Sysdig Secure for Cloud](https://docs.sysdig.com/en/docs/installation/sysdig-secure-for-cloud/).
44

5-
Despite wanting only to trial it, we suggest that you deploy, and test it, in the most-similar situation to what
6-
you have on your production environment.
5+
Despite wanting only to trial it, we suggest that you deploy, and test it, in th **most-similar situation to what
6+
you have on your production environment**.
77

88
We are aware that current examples don't suit all situations, and we will keep improving them to be as configurable as possible.
99
Contact us with these questions answered to help us.
1010

11-
> Sysdig Secure for Cloud is served in Terraform [AWS](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud), [GCP](https://github.com/sysdiglabs/terraform-google-secure-for-cloud) and [Azure](https://github.com/sysdiglabs/terraform-azurerm-secure-for-cloud)
11+
<br/>
12+
13+
Sysdig Secure for Cloud is served in Terraform [AWS](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud), [GCP](https://github.com/sysdiglabs/terraform-google-secure-for-cloud) and [Azure](https://github.com/sysdiglabs/terraform-azurerm-secure-for-cloud)
1214
modules, and we also offer [AWS Cloudformation templates](https://github.com/sysdiglabs/aws-templates-secure-for-cloud)
1315

14-
<br/><br/>
16+
<br/>
1517

1618
## Client Infrastructure
1719

@@ -23,11 +25,13 @@ modules, and we also offer [AWS Cloudformation templates](https://github.com/sys
2325
- is it an organizational cloudtrail?
2426
- does the cloudtrail report to an SNS? if no, could you enable it?
2527
- if it's not organizational, does each trail report to the same s3 bucket?
26-
- how do you handle IAM permissions? any restriction we may be aware of? do you want us to set them up for you or would you just require a guidance and you will set them yourself?
27-
- deployment type
28-
- are you familiar with the installation stack? Terraform, Cloudformation, AWS CDK, ...?
28+
- how do you handle **IAM permissions**? would you let our Terraform scripts set them up for you, or you want to set them yourself manually? any restriction we may be aware of?
29+
- how do you handle **outbound newtwork connection** securization? does your infrastructure have any customized VPC/firewally setup?
30+
- **Deployment** type
31+
- are you familiar with the installation stack? Terraform, Cloudformation, AWS CDK, ...? Do you use any other InfraAsCode frameworks?
2932
- if you want to use Kubernetes compute for Sysdig deployment, what's your current way of deploying helm charts?
3033

34+
<br/>
3135

3236
## Sysdig Features
3337

@@ -39,7 +43,7 @@ In what [Sysdig For Cloud Features](https://docs.sysdig.com/en/docs/sysdig-secur
3943
- Scanning
4044
- Push-based registry/repository image scanning
4145
- Runtime workload image scanning (ecs on Aws, cloudrun on GCP, or container instances on Azure)
42-
- Note: Sysdig offers many other ways of performing scanning, and we recommend you to [Check all Scanning options in the Vulnerability Management](https://docs.sysdig.com/en/docs/sysdig-secure/vulnerabilities/)
46+
- Note: Sysdig offers many other ways of performing scanning, and we recommend you to [Check all Scanning options in the Vulnerability Management](https://docs.sysdig.com/en/docs/sysdig-secure/vulnerabilities/) to push this task as far to the left as possible (dev side)
4347

4448

4549
<br/><br/>
@@ -55,6 +59,8 @@ In what [Sysdig For Cloud Features](https://docs.sysdig.com/en/docs/sysdig-secur
5559

5660
With both examples `single` and `org`, you can customize the desired features to de deployed with the `deploy_*` input vars to avoid deploying more than wanted.
5761

62+
<br/>
63+
5864
### Compute Workload Type
5965

6066
| Cloud | Example Options |
@@ -64,6 +70,7 @@ With both examples `single` and `org`, you can customize the desired features to
6470
| Azure | K8S `-k8s`, AzureContainerInstances |
6571

6672
<br/><br/>
73+
6774
## Available Optionals
6875

6976
We enable following optionals, to allow user to re-use their pre-existing / configured resources.
@@ -74,5 +81,5 @@ We enable following optionals, to allow user to re-use their pre-existing / conf
7481
| | ECS, VPC, Subnet | `ecs_cluster_name`, `ecs_vpc_id`, `ecs_vpc_subnets_private_ids` | if used, the three are mandatory |
7582
| GCP | - | - | - |
7683
| Azure | ResourceGroup | `resource_group_name` | - |
77-
| | ACR (registry) | `registry_name`, `registry_resource_group_name` | - |
84+
| | ACR | `registry_name`, `registry_resource_group_name` | - |
7885
| * | Compute Workload | - | All clouds allow Sysdig Secure for cloud to be deployed on a pre-existing K8S cluster|

0 commit comments

Comments
 (0)