Comment on page
How to Deploy
Once you've subscribed to the Antivirus and/or Data Classification for Amazon S3 listing(s), the next step is to start your deployment.
Ensure you have properly subscribed to Antivirus and/or Data Classification for Amazon S3 before you attempt to deploy the CloudFormation template. If you are not properly subscribed, the deployment will fail to start. Antivirus and/or Data Classification for Amazon S3 won't run because it will fail the AWS Marketplace entitlement check.
Deploying Antivirus for Amazon S3 and/or Data Classification for Amazon S3 is accomplished by using a CloudFormation Template that will install the necessary infrastructure components as well as the required roles and permissions. This section will help you fill out and run the CloudFormation Template.
During deployment the CloudFormation Template will create the following resources:
Once running, the Management Console will create the following resources:
- Services and Tasks (Scanning Agents) in the region cluster where you deployed your Management Console. This is used to run the scanning agents that process the objects.
- 1 ECS Cluster + Services and Tasks in each additional region you scan buckets in. This is used to run the scanning agents in additional regions.
- SNS Topic, SQS Queue, S3 Bucket events, CloudWatch Log Groups --> Streams. These are used to keep track of the object work.
Launching the deployment template from the Marketplace Listing will default you to the
us-east-1region. If you'd like to deploy in a different region, please ensure to change regions before proceeding.
- us-east-1 (N. Virginia)
- us-east-2 (Ohio)
- us-west-1 (California)
- us-west-2 (Oregon)
- ap-south-1 (Mumbai)
- ap-northeast-2 (Seoul)
- ap-southeast-1 (Singapore)
- ap-southeast-2 (Sydney)
- ap-northeast-1 (Tokyo)
- ca-central-1 (Canada)
- eu-central-1 (Frankfurt)
- eu-west-1 (Ireland)
- eu-west-2 (London)
- eu-west-3 (Paris)
- eu-north-1 (Stockholm)
- me-south-1 (Bahrain)
- sa-east-1 (Sao Paulo)
- GovCloud (West) AWS regions
Missing regions in this list are due to Amazon Cognito not being supported in those regions.
The scanning agent will run in any region that supports Amazon ECS Fargate.