Solved

Deploy Lacework stack again

  • 24 October 2023
  • 3 replies
  • 433 views
L

Hello,

Our naming convention has changed, and I would like to rename the stack of Lacework that I already deployed on an account (stack created about 1 year ago). The only way to do that is to delete the stack and create a new one.

Will Lacework be capable to match the new stack with the old configuration using the new template (using account ID for example), particularly the Cloudtrail part that has learned about users behaviours during 1 year ?

Kind regards,

Lucas

Agent

Agentless (Workload Scanning)

Platform

Deploy Lacework/Installation

Cloud

AWS

icon

Best answer by ys009 24 October 2023, 22:09

View original

3 replies

C
Userlevel 3
Badge

Hi Lucas, thank you for posting your question in the Lacework Community! 

Could you please share which Lacework CloudFormation Stack Template you are referring to? 

 

The Lacework Polygraph will not lose behavior data unless it has been manually reset by the Lacework Engineering team. 

Please let me know if you have any further questions that I could help out with.

Y
Rank
Badge

Hello Lucas,

Thanks for reaching out and posting the question in the community. 

First of all, Kudos to you for proactively keeping up with the changes in naming convention and maintaining your cloud hygiene! 
 

Regarding your inquiry, Lacework Polygraph will remember your cloud resources and its learned behavior if you run the stack to integrate the same cloud accounts again.

At a high level, you should perform the steps in below order with minimal time gap to reduce potential data loss:

1. Delete the stack in AWS environment
2. In Lacework UI, delete the Cloud Accounts integrations under Settings> Integrations
3. Click Add New
4. Select Integration Type and respective method (CloudFormation) to integrate
5. Run CloudFormation Template
6. Add appropriate parameters and run the template

Hoping this is helpful for you. Please feel free to reach in case of any additional questions. 

Thank you!

----
Yashesh Shah - CSDA Lacework 
 

L

Hello,

I was referring to the CloudTrail+Configuration template.

Thank you for your answers and for the procedure. Made it today, hope everything will be fine.

Have a nice day !

Lucas

Reply


Terms of UseCookie settings