Notice
Requires a Cortex XDR license that has the Cloud Posture Security or Cloud Runtime Security add-on.
In order to make changes to your onboarded CSP configuration, you first modify the cloud instance settings in Cortex XDR and download an updated authentication template. After uploading the updated template to the CSP environment, you execute the template and then the changes take affect.
Navigate to → .
Identify the Cloud Service Provider you want to update and click View Details.
In the Cloud Instances page, identify the cloud instance you want to edit and click the Configuration pencil to edit the instance.
Make changes to the configuration settings. Click Save.
If the changes you made require reexecuting the authentication template, you will be prompted to to download the file. Click Download CloudFormation or Download Terraform as relevant to your CSP type.
Important
When using Terraform authentication templates, you must execute the updated Terraform template from the same folder where the original Terraform template was executed.
In the Cloud Instances page, a notification appears stating that there are pending changes for the cloud instance you updated. These changes are not applied until you execute the updated template in the CSP environment.
Execute the updated authentication template in your CSP environment by selecting the appropriate procedure below.
After you have downloaded the updated CloudFormation authentication template, connect to AWS Management Console to perform a direct update to the stack using the updated template file. With a direct update, you submit a template or input parameters that specify updates to the resources in the stack, and CloudFormation immediately deploys them.
Log in to the AWS Management Console and open the CloudFormation console.
On the Stacks page, select the existing stack that you want to update.
In the stack details pane, select → .
On the Update stack page, select Replace existing template.
Under Specify template, select Upload a template file. Select the updated authentication template you downloaded from Cortex XDR.
Click Next and Next again.
Select to acknowledge that AWS CloudFormation might create IAM resources with custom names. Click Next.
Click Submit. The stack update is complete when it appears in the Stacks list with status of UPDATE_COMPLETE.
After you have downloaded the updated Terraform template file, connect to Google Cloud Console to update the stack using the updated template file.
Open your local terminal (Command prompt, PowerShell, or Terminal).
Log in to your GCP account using the gcloud CLI:
gcloud auth login
Navigate to the directory you originally used for the Terraform template when onboarding your CSP and extract the Terraform files.
cd ~/terraform/gcp-connector-1 tar -xzvf <your_template>.tar.gz
Initialize the upgrade of the Terraform in your project directory:
terraform init -upgrade
Apply your Terraform configuration using the downloaded parameter file. When prompted, enter the project ID if you configured one in the onboarding wizard:
terraform apply --var-file=template_params.tfvars
The updated Terraform template is deployed.
After you have downloaded the updated authentication template file, lot in to Azure portal to update the stack using the updated template file.
Log in to the Azure portal. Select Cloud Shell from the top navigation and then select Bash.
Navigate to the directory you originally used for the authentication template when onboarding your CSP and extract the files.
cd ~/azure-connector-1 tar -xzvf <your_template>.tar.gz.
In Cloud Shell, run the onboard.sh file:
bash onboard.sh
The updated authentication template is deployed.
After you have downloaded the updated authentication template file, use the same method you used initially to execute the template in Microsoft Azure: