Upgrading the AWS CloudFormation Template for a Deployed Sensor

Role Availability Read-Only Investigator Analyst Manager

This document outlines the steps to replace the Amazon Web Services (AWS) CloudFormation template for a previously deployed USM Anywhere Sensor. This process is recommended to ensure your USM Anywhere Sensor has the latest permissions to collect the information from your AWS account. Follow each step carefully to ensure a seamless update.

Prerequisites

Please remove any termination protection that can be applied to your AWS instance.

Warning: When CloudFormation replaces your instance, the new instance will claim a new private IP address. If you have the existing IP address configured within outside services, you should reconfigure those services to use the new private IP address.

Upgrading your AWS CloudFormation Template

To upgrade your AWS CloudFormation template

  1. Log in to the AWS console.

  2. Navigate to the AWS CloudFormation section.

  3. Select the stack corresponding to the USM Anywhere Sensor you wish to update.

  4. Choose Update, and then select Replace Current Template.

  5. In the Template source section, select Amazon S3 URL.

  6. Enter the URL of the new template.
    You can download the latest AWS template from USM Anywhere Sensors: Download Now | LevelBlue.

  7. Verify and adjust parameters as needed.
    Adjustments are usually not necessary.

  8. Review the configuration, and then click Next.

  9. Monitor the progress in the Events tab.

Once you have performed these steps, you have successfully completed the process of upgrading the AWS CloudFormation template for your USM Anywhere Sensor. Be sure to check the stack status to confirm the update was successful.