> Software > Threat Analysis > Virtual Machines > Performing Threat Analysis for Virtual Machines > Scheduling Threat Analysis with Disk Only Restore > Threat Analysis Scan for Amazon EC2 Instances

Configure VaultConfig Workflow to Scan Amazon EC2 Instances

Configure the VaultConfig workflow parameters required to run the AWS_ControllerScan and AWS_VMScan workflows responsible to scan the Amazon EC2 instances. You can specify parameters such as the credentials for hypervisor, storage library to scan and the number of scans to run in parallel.

Before You Begin

Download and extract the AWSThreatScan app configuration file from the Commvault Store.

Procedure

  1. Import the AWS_VaultConfig XML. For instructions, see Importing a Workflow.

  2. In the Workflows page, in the row for the AWS_VaultConfig workflow, click the action button actions button***use the other one ->86655***, and then click Configuration.

    The AWS_VaultConfig - Configuration dialog box appears.

  3. Configure the following parameters:

    Parameter Description
    vaultClient The name of the destination Amazon EC2 hypervisor.
    vaultDatastore The name of the S3 bucket where the Commvault software creates or attaches the disks during restore operation.
    workerClientGroup The name of the server group of the restore worker VMs.
    PythonPath The installation path of Python on Windows worker VM.
    vaultClientCred The credentials to access the destination Amazon EC2 hypervisor. You can configure the credentials using the Credential Vault. For information on how to configure credentials, see .

    Note: Ensure that you create credentials with STS assume role with IAM policy.
    maxSimultaneousRestores The number of parallel VM restores and scans you want to run. By default, the Commvault software scans 10 VMs in parallel.
    vaultLibraries The name of the storage containing VM backups that you want to scan. The Commvault software uses primary copy of the library to pick the VM backups to scan.
    LinuxWorkerBasePath The Base directory where Commvault is installed on the Linux restore worker VM. By default, the value is set to /opt/commvault.
    WinWorkerBasePath The Base directory where Commvault is installed on the Windows restore worker VM. By default, the value is set to C:\Program Files\Commvault\ContentStore.
    PythonPathUnix The installation path of Python on the Unix worker VM. Default path is /usr/bin.
    vaultClientHost The region where the EC2 instances reside.
    VMRescanDays The duration (in days) before a VM can be scanned again following the previous scan. The VM will be considered only if it has a new backup job after the specified duration.

  4. Click OK.

  5. Deploy the AWS_VaultConfig workflow. For instructions, see Deploying a Workflow.

    Note

    Only CommCell administrators or users with administrative permissions can access, create, and edit workflows on the Developer tools > Workflows page. For more information about creating and editing workflows, see Creating and Managing Workflows.

×

Loading...