Installation of DAST and RASP tools
In this section, we will install OWASP ZAP in an EC2 instance, which will be used by the DevSecOps pipeline to scan the application once the new service is deployed in an eks-staging cluster. After the OWASP ZAP installation, we will install Falco in the EKS cluster.
Installing OWASP ZAP
We will be installing OWASP ZAP using the CloudFormation template. Perform the following tasks to configure OWASP ZAP to be used by CodePipeline:
- Make sure you have the
chapter-09/owasp-zap.yamlfile in your local machine. - Go to the CloudFormation home page, click on Create stack, then select With new resource. In the Specify template section, select Upload a template file. Click on Choose file and select the
owasp-zap.yamlfile, and then click on Next.
Figure 9.15 – Uploading a CloudFormation template
- Enter the stack name as
owasp-zap. Modify the instance type. It is recommended to chooset2.mediumor above...
