The Deployment Overview page was created to give you a better understanding of the current infrastructure you've deployed.


The Deployment Overview also portrays a general protection status for the account(s) you are monitoring with the solution. At a quick glance you can see which regions have some level of protection (event scanning, scheduled scanning or an API endpoint) configured and which do not. You can also easily determine which regions you have Amazon S3 buckets in and how many are being protected.

The Deployment Overview page has a second function to it which is the ability to clean up (uninstall) parts or the entirety of the solution.

Infrastructure Overview

In the collapsed card view, as seen in the picture below, you can quickly see there are 16 regions with buckets (16 region cards appear) in the account(s) this deployment is monitoring. I can also see that 7 of the regions have current protection setup (bucket icon is not red) and 8 of the regions have or have had some level of protection enabled (8 of the 16 cards are white) indicated by the fact the Event Agent is present. We can also determine that 9 of the regions are not currently being protected (indicated by red bucket icons) and 8 of the regions have never had any level of protection configured (indicated by red cards). The red bucket icons and red cards and the fraction of buckets could be indicators for where more protection should be considered.

This can also be see in the expanded card view:

The expanded card view gives you additional details about the deployment such as: whether or not agents are currently running and the count, the aggregate runtime hours for the agents (current month) and whether or not Smart Scan is enabled for that region. You will also get a count of buckets protected either by real-time protection or through a schedule.

Solution Cleanup / Uninstall

There are a number of infrastructure items initially created during the CloudFormation deployment. There are additional items that are created post deployment by during console operations. This can make it challenging to clean up the solution. We wanted to make it simple for you to clean up a portion or completely uninstall when needed. There are a number of scenarios where this may make sense and we'll leave it to you to determine what that is for your situation, but here are a few:

  1. You decide you no longer want to protect buckets in a particular region so you want to scrub that region of infrastructure.

  2. You did a POC install and want to remove it now that you will be doing a fresh Prod install.

  3. The case where you tried the product and do not want to proceed with it (our least favorite).

Types of cleanup available:

Delete Event Agent (if present)

Deletes all infrastructure related to the Event Agent (Fargate service, SNS topic, SQS queue, bucket events).

Delete API Agent (if present)

Deletes all infrastructure related to the API Agent (Fargate service and Load Balancer).

Delete Retro Agent (if present)

Deletes all infrastructure related to the Retro Agent (Fargate service, SNS topic, SQS queue).

In the v5.03.000 release the Scheduled Scan and On-Demand Scan functionality was re-architected to no longer use the Retro Service. The upgrade process when going to v5.03.000 or later will automatically remove this service from all regions it had been installed.

Deactivate Region (if present)

Performs the delete functionality for the Event, API and Retro agents.

Delete Application

This cleanup type deletes all infrastructure created by the Console across all regions.

  • Security Groups will be left behind and must be manually removed.

  • Make sure to unprotect all buckets first to get rid of all S3 Event Notifications Subscription in each of them

You will have the option to keep or delete the quarantine buckets that were created to house infected files.

You can only trigger the Delete Application function through the action menu for the region your console is deployed in. Unless you chose otherwise during deployment, the default region set in the deployment template is us-east-1.

Upon completion, you will be provided with a link provided to complete the uninstall by deleting the CloudFormation Stack used during the initial deployment.

If you originally deployed using our PAYG listing, are deleting the entire application, and no longer wish to use our solution you must unsubscribe in AWS Marketplace after deleting the application. If you do not unsubscribe you will continue to be charged our base subscription.

Last updated