aburan28/gist:6a18f47ac24151925c66d42801b09559

## gistfile1.txt
version: '2'
services:
  aqua-csp-service:
    image: aquasec/csp:3.0
    hostname: aqua-csp
    environment:
      BATCH_INSTALL_ENFORCE_MODE: n
      BATCH_INSTALL_GATEWAY: csp
      BATCH_INSTALL_NAME: default
      BATCH_INSTALL_TOKEN: aqua-csp
      SCALOCK_GATEWAY_NAME: csp
    volumes:
    - /var/run/docker.sock:/var/run/docker.sock
    - /tmp/aqua-data:/var/lib/postgresql/data
    ports:
    - 8080:8080/tcp
    - 8443:8443/tcp
    - 3622:3622/tcp
    user: root


Internet

Aqua Console

443

HTTPs access to Aqua Console

Aqua Console

Aqua Gateway

3622

Console connects to Gateway

Aqua Console

Aqua Database

5432

Console connects to Database

Aqua Gateway

Aqua Database

5432

Gateway connects to Database

ELB

Aqua Gateway

3622,80

ELB connects to Gateway. Port 80 is needed for health check

Aqua Agent

ELB

3622

Agent connects to Gateway through ELB

aquasec/server:3.0

sha256:4531ffa4ced763b1eaf3ccb13789ec59721122c18b1392f48bfb539501eabfca

aquasec/gateway:3.0

sha256:303bfba459814c5266c959b3b5b837c5f646b9365d27eadec0ebd4553f981b4d

aquasec/database:3.0

sha256:ed39f34314e19a1ef3e42faed7a5c408ea0b1c009d8075a999759835aabcb553

aquasec/scanner-cli:3.0

sha256:5113ea2b4c891cf05070e4a5d5abbff5385ca7665276bb36e573b974ac66d43d

aquasec/agent:3.0

sha256:8c266860206a0c02240c6a28a4af7c3456ebd5badf55d9a4640e3b91958d4b3f

version: '2'
services:
  aqua-enforcer:
    privileged: true
    image: aquasec/agent:3.0
    hostname: aqua-agent
    environment:
      AQUA_NETWORK_CONTROL: '0'
      AQUA_SERVER: <Your aqua-csp-service IP address>
      AQUA_TOKEN: aqua-csp
      RESTART_CONTAINERS: 'yes'
    volumes:
    - /var/run:/var/run
    - /dev:/dev
    - /sys:/host/sys:ro
    - /proc:/host/proc:ro
    - /etc:/host/etc
    - /opt/aquasec:/host/opt/aquasec:ro
    - /opt/aquasec/tmp:/opt/aquasec/tmp
    - /opt/aquasec/audit:/opt/aquasec/audit
    pid: host
	version: '2'
	services:
	aqua-csp-service:
	image: aquasec/csp:3.0
	hostname: aqua-csp
	environment:
	BATCH_INSTALL_ENFORCE_MODE: n
	BATCH_INSTALL_GATEWAY: csp
	BATCH_INSTALL_NAME: default
	BATCH_INSTALL_TOKEN: aqua-csp
	SCALOCK_GATEWAY_NAME: csp
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock
	- /tmp/aqua-data:/var/lib/postgresql/data
	ports:
	- 8080:8080/tcp
	- 8443:8443/tcp
	- 3622:3622/tcp
	user: root


	Internet

	Aqua Console

	443

	HTTPs access to Aqua Console

	Aqua Console

	Aqua Gateway

	3622

	Console connects to Gateway

	Aqua Console

	Aqua Database

	5432

	Console connects to Database

	Aqua Gateway

	Aqua Database

	5432

	Gateway connects to Database

	ELB

	Aqua Gateway

	3622,80

	ELB connects to Gateway. Port 80 is needed for health check

	Aqua Agent

	ELB

	3622

	Agent connects to Gateway through ELB

	aquasec/server:3.0

	sha256:4531ffa4ced763b1eaf3ccb13789ec59721122c18b1392f48bfb539501eabfca

	aquasec/gateway:3.0

	sha256:303bfba459814c5266c959b3b5b837c5f646b9365d27eadec0ebd4553f981b4d

	aquasec/database:3.0

	sha256:ed39f34314e19a1ef3e42faed7a5c408ea0b1c009d8075a999759835aabcb553

	aquasec/scanner-cli:3.0

	sha256:5113ea2b4c891cf05070e4a5d5abbff5385ca7665276bb36e573b974ac66d43d

	aquasec/agent:3.0

	sha256:8c266860206a0c02240c6a28a4af7c3456ebd5badf55d9a4640e3b91958d4b3f

	version: '2'
	services:
	aqua-enforcer:
	privileged: true
	image: aquasec/agent:3.0
	hostname: aqua-agent
	environment:
	AQUA_NETWORK_CONTROL: '0'
	AQUA_SERVER: <Your aqua-csp-service IP address>
	AQUA_TOKEN: aqua-csp
	RESTART_CONTAINERS: 'yes'
	volumes:
	- /var/run:/var/run
	- /dev:/dev
	- /sys:/host/sys:ro
	- /proc:/host/proc:ro
	- /etc:/host/etc
	- /opt/aquasec:/host/opt/aquasec:ro
	- /opt/aquasec/tmp:/opt/aquasec/tmp
	- /opt/aquasec/audit:/opt/aquasec/audit
	pid: host