Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp Enterprise deployment to Azure

Rob | Last updated: Aug 26, 2021 07:59PM UTC

Hi I have been following your tutorial guide to for deploying burp enterprise to azure. Everything appears to have deployed correctly. However I am stuck on the section for configuring connection security. Your guide says the following "...you need to set a VNet rule to allow the nodes subnet to access the Burp Suite Enterprise Edition VNet. In Azure Portal, select "Connection security" from the left-hand navigation menu." Where is this done? What context/blade? literally the only literally the only menu containing connection security I can see is is on the PostgresDB //Rob

Liam, PortSwigger Agent | Last updated: Aug 27, 2021 09:33AM UTC

Hi Rob, this requires a general DB, not a basic type in order to be able to add the VNET rule to DB FW. I've sent a screenshot of these settings to your email.

Rob | Last updated: Aug 27, 2021 10:35AM UTC

hi, so i'll have to scrap and redeploy the solution again.

Liam, PortSwigger Agent | Last updated: Aug 27, 2021 01:30PM UTC

Hi Rob. Unfortunately, I think that is the case, yes.

Rob | Last updated: Aug 27, 2021 08:09PM UTC

Hi Liam I deleted the old resource group and redeployed the solution. Everything appear to deploy correctly. When I VPN into Azure I am unable to connect to website. On investigation I found that the bsee-application container is not running. When i try running it successfully pulls the image and starts, but then immediately crashes. the logs on the application show the following: Running on Linux Generate the agent deployment Set up kubectl for Azure [ { "cloudName": "AzureCloud", "homeTenantId": "bc207e4a-3470-4893-9046-b1e070315a15", "id": "b1fcd7bf-39da-4892-824b-4e277c4d5e5e", "isDefault": true, "managedByTenants": [], "name": "Microsoft Partner Network", "state": "Enabled", "tenantId": "bc207e4a-3470-4893-9046-b1e070315a15", "user": { "name": "54491e3a-7961-4865-be9b-389a4fa3675b", "type": "servicePrincipal" } } ] Merged "bseeCluster0d72" as current context in /root/.kube/config Running pre deployment Error from server (AlreadyExists): error when creating "https://raw.githubusercontent.com/Azure/aad-pod-identity/master/deploy/infra/deployment.yaml": customresourcedefinitions.apiextensions.k8s.io "azureassignedidentities.aadpodidentity.k8s.io" already exists Error from server (AlreadyExists): error when creating "https://raw.githubusercontent.com/Azure/aad-pod-identity/master/deploy/infra/deployment.yaml": customresourcedefinitions.apiextensions.k8s.io "azureidentities.aadpodidentity.k8s.io" already exists Error from server (AlreadyExists): error when creating "https://raw.githubusercontent.com/Azure/aad-pod-identity/master/deploy/infra/deployment.yaml": customresourcedefinitions.apiextensions.k8s.io "azureidentitybindings.aadpodidentity.k8s.io" already exists Error from server (AlreadyExists): error when creating "https://raw.githubusercontent.com/Azure/aad-pod-identity/master/deploy/infra/deployment.yaml": customresourcedefinitions.apiextensions.k8s.io "azurepodidentityexceptions.aadpodidentity.k8s.io" already exists Error from server (AlreadyExists): error when creating "https://raw.githubusercontent.com/Azure/aad-pod-identity/master/deploy/infra/deployment.yaml": daemonsets.apps "nmi" already exists Error from server (AlreadyExists): error when creating "https://raw.githubusercontent.com/Azure/aad-pod-identity/master/deploy/infra/deployment.yaml": deployments.apps "mic" already exists any help would be much appreciated Rob

Liam, PortSwigger Agent | Last updated: Aug 31, 2021 03:18PM UTC

Rob, what method did you use to delete the original deployment?

Rob | Last updated: Sep 01, 2021 09:44AM UTC

Hi Liam I deleted all resource groups I created in the original deployment (using portal GUI). Deletion of resource groups would have/ should have deleted all other resource created within them. Rob

Liam, PortSwigger Agent | Last updated: Sep 02, 2021 07:54AM UTC

The error relates to the installation of the Azure Active Directory (AAD) Pod Identity. This is done outside of the resource group, hence deleting the resource group will not delete the relevant artifacts and the re-deployment is failing as they already exist. Could you try using the latest release (2021.8) instead? We have removed manual deployment of the Ingress controller in favor of using the Azure Ingress controller AKS addon (which does not require the AAD pod identity, so the same error should not occur).

Rob | Last updated: Sep 03, 2021 07:31AM UTC

Hi Liam, I will try with the newer version. However, are you able to share a resource that will give me some details on how to remove the Pod identity that was created? I am not a fan of leaving orphaned objects (especially identities) in active directory Rob

Alex, PortSwigger Agent | Last updated: Sep 06, 2021 12:17PM UTC

Hi Rob, This MS doc details how to list and then delete pod-identities: https://docs.microsoft.com/en-us/cli/azure/aks/pod-identity?view=azure-cli-latest Thanks

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.