.Darktrace appliance configuration
[width="100%",cols="16%,11%,73%",options="header",]
|===
|Parameter label (name) |Default value|Description|Appliance host name
(`ApplianceHostname`)|`**__Requires input__**`|Host name of the Darktrace appliance.|Appliance port
(`AppliancePort`)|`443`|Connection port between vSensor and the Darktrace appliance.|Appliance push token
(`AppliancePushtoken`)|`**__Requires input__**`|Push token to authenticate with the appliance. For more information, see the https://customerportal.darktrace.com/login[Darktrace Customer Portal].
|===
.Darktrace vSensor configuration
[width="100%",cols="16%,11%,73%",options="header",]
|===
|Parameter label (name) |Default value|Description|EC2 instance type
(`InstanceType`)|`t3.medium`|EC2 instance type. Default is `t3.medium`.|EC2 key pair Name
(`KeyPairName`)|`**__Requires input__**`|EC2 key pair to use to connect to vSensor.|Security groups
(`InstanceSecurityGroups`)|`**__Requires input__**`|Darktrace vSensor security group IDs. A basic vSensor connectivity Security Group (port 80, 443, 4789 for the VPC) will be added by this cloudformation.|Update key
(`VsensorUpdatekey`)|`XXXXXX:XXXX`|Darktrace update key. If you don't have one, contact your Darktrace representative.|Desired vSensor instance capacity
(`DesiredCapacityASG`)|`1`|Desired number of vSensor instances in the Auto-Scaling group.|Minimum vSensor instance capacity
(`MinSizeASG`)|`1`|Minimum number of vSensor instances in the Auto-Scaling group.|Maximum vSensor instance capacity
(`MaxSizeASG`)|`5`|Maximum number of vSensor instances in the Auto-Scaling group.|osSensor HMAC Token
(`osSensorHMAC`)|`**__Blank string__**`|Hash-based message authentication code (HMAC) token to authenticate osSensors with vSensor.
|===
.Network configuration
[width="100%",cols="16%,11%,73%",options="header",]
|===
|Parameter label (name) |Default value|Description|Deployment VPC
(`DeploymentVPC`)|`**__Requires input__**`|VPC of target deployment.|VPC CIDR block
(`VpcCIDRBlock`)|`172.16.0.0/12`|VPC CIDR block.|SSH CIDR block
(`SshCIDRBlock`)|`172.16.0.0/12`|Allowed CIDR block for SSH (Secure Shell) access to vSensor.|Subnets
(`Subnets`)|`**__Requires input__**`|List the Subnet Ids that the vSensor should be launched into. You can specify at most one subnet per Availability Zone.
|===
.VPC Traffic Mirror configuration
[width="100%",cols="16%,11%,73%",options="header",]
|===
|Parameter label (name) |Default value|Description|Traffic Mirror rule number
(`TrafficMirrorRuleNumber`)|`100`|Enter a priority to assign to the rule.|Source traffic CIDR to filter (0.0.0.0/0 for all traffic)
(`TrafficMirrorSourceCIDR`)|`0.0.0.0/0`|Source CIDR for the Traffic Mirror filter. Enter `0.0.0.0/0` for all traffic.|Destination traffic CIDR to filter (0.0.0.0/0 for all traffic)
(`TrafficMirrorDestCIDR`)|`0.0.0.0/0`|Destination CIDR for the Traffic Mirror filter. Enter `0.0.0.0/0` for all traffic.
|===
.Logs and captured packet retention
[width="100%",cols="16%,11%,73%",options="header",]
|===
|Parameter label (name) |Default value|Description|CloudWatch logs retention (days)
(`LogGroupRetention`)|`30`|Number of days to retain Cloudwatch logs.|Captured packets storage retention (days)
(`LifecycleS3BucketDays`)|`7`|Number of days to retain captured packets in Amazon S3.
|===
.Quick Start configuration
[width="100%",cols="16%,11%,73%",options="header",]
|===
|Parameter label (name) |Default value|Description|Quick Start S3 bucket name
(`QSS3BucketName`)|`aws-quickstart`|Name of the S3 bucket for your copy of the Quick Start assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new Quick Start location. This name can include numbers, lowercase letters, uppercase letters, and hyphens, but do not start or end with a hyphen (-). See https://aws-quickstart.github.io/option1.html.|Quick Start S3 bucket Region
(`QSS3BucketRegion`)|`us-east-1`|AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing this Region updates code references to point to a new Quick Start location. When using your own bucket, specify the Region. See https://aws-quickstart.github.io/option1.html.|Quick Start S3 key prefix
(`QSS3KeyPrefix`)|`quickstart-darktrace-vsensor/`|S3 key prefix that is used to simulate a directory for your copy of the Quick Start assets. Keep the default prefix unless you are customizing the template. Changing this prefix updates code references to point to a new Quick Start location. This prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). End with a forward slash. See https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html and https://aws-quickstart.github.io/option1.html.|Quick Start unique run ID (12 characters or less)
(`ShortID`)|`**__Blank string__**`|Quick Start short unique ID used to identify resources from other installations of this Quick Start. If left empty, a random string is generated.
|===