I. Create the Batfish Enterprise CloudFormation Stack
Sign-in to the AWS account that you want to analyze in the AWS console and access the CloudFormation template for Batfish Enterprise. By default, Batfish Enterprise will pull data from a group of regions based on the deployment region. You can change the set of polled regions from cloud settings page after Batfish Enterprise is up and running.
This CloudFormation template will create a new VPC and allocate a new public IP for the EC2 instance running Batfish Enterprise.
CloudFormation will open in your AWS console, starting at Step 1 – Specify template.
Don’t change any of the options on the Create stack page. The S3 template is already selected.
Click Next to go to Step 2 – Specify Stack Details
You do not need to configure anything on this page.
Optionally, you can update the input fields to specify your own SSL cert + key for the UI (just copy the full cert text and key text into these input fields), change the CloudFormation stack name, specify the VPC and Subnet CIDR blocks, select the instance size, restrict access based on IP address and change the polling interval.
Click Next to go to Step 3 – Configure stack options
On Configure stack options, you don’t need to configure any options.
Optionally, you can add tags to the resources that will be created, set the IAM role that the stack will assume, configure the stack policy, or adjust any of the other settings. Any tags that you create will be added to all resources created using the template. By default, all resources will have a tag called Name with a value Batfish Enterprise AWS Trial
Click Next to go to Step 4 – Review.
On the Review page, click the box reading I acknowledge that AWS CloudFormation might create IAM resources. By checking this box, you are giving Batfish Enterprise read-only access to the AWS configuration and access to attach/detach the volume storing persistent Batfish Enterprise data. The specific IAM role and policy can be seen in the AWS IAM Role and Policy Requirements section.
Click Create Stack. Stack creation can take up to 5 minutes. Once the stack has been created, click the Outputs tab and make a note of the BatfishEnterpriseUrl and DefaultAdminPassword values. You will need this information to connect to the Batfish Enterprise service.
