Configuring Resource Discovery in the Console

Setup the Capsule8 Console to perform discovery on your AWS or vSphere resources. 

Requirements:

• Console 4.4.1 or later
• A value for crypto_key in the console configuration file must be set. Alternatively, the environment variable CAPSULE8_CONSOLE_CRYPTO_KEY may be used. It should be a 64 character hexadecimal string. This key is used to encrypt and decrypt the credentials stored in the database. If it changes after storing information, the console will be unable to decode the stored credentials.

Notes

•  Only one provider can be configured at this time.

How to configure

AWS

1. Set ec2_resource_discovery_enabled to true in the console configuration file.
   
   
2. The Capsule8 Console needs two new IAM permissions in order to identify EC2 instances. The required permissions are ec2:DescribeRegions and ec2:DescribeInstances. Create or update an IAM entity with those permissions (we recommend using the minimum set of required permissions, following the security principle of least privilege).
   
   
3. Generate AWS API credentials for that entity and save them for the next step.
   
   
4. Under the "Resources" page in the Capsule8 Console, select the "Providers" tab.
   
   
5. Select "AWS" under the "Provider" dropdown.

   

6. Complete all fields
   • Region: the region where the data center is located
   • Secret Key: newly generated secret
   • Access Key ID: newly generated key ID
     
     
7. Click "Save"

vSphere

1. Under the "Resources" page, select the "Providers" tab.
   
   
2. Select "VSphere" under the "Provider" dropdown.

   

3. Complete all fields
   • Host: your vSphere host
   • User: your vSphere user
   • Password: your vSphere password
     
     
4. click "Save".