Interface IEc2FirewallConfig

CustomizationsConfig / Ec2FirewallConfig

Description

EC2 firewall configuration. Used to define EC2-based firewall and management appliances

Example

Standalone instances:

instances:
  - name: accelerator-firewall
    launchTemplate:
      name: firewall-lt
      blockDeviceMappings:
        - deviceName: /dev/xvda
          ebs:
            deleteOnTermination: true
            encrypted: true
            volumeSize: 20
      enforceImdsv2: true
      iamInstanceProfile: firewall-profile
      imageId: ami-123xyz
      instanceType: c6i.xlarge
      networkInterfaces:
        - deleteOnTermination: true
          description: Primary interface
          deviceIndex: 0
          groups:
            - firewall-data-sg
          subnetId: firewall-data-subnet-a
        - deleteOnTermination: true
          description: Management interface
          deviceIndex: 1
          groups:
            - firewall-mgmt-sg
          subnetId: firewall-mgmt-subnet-a
      userData: path/to/userdata.txt
    vpc: Network-Inspection
targetGroups:
  - name: firewall-gwlb-tg
    port: 6081
    protocol: GENEVE
    type: instance
    healthCheck:
      enabled: true
      port: 80
      protocol: TCP
    targets:
      - accelerator-firewall

Autoscaling group:

autoscalingGroups:
  - name: accelerator-firewall-asg
    autoscaling:
      name: firewall-asg
      maxSize: 4
      minSize: 1
      desiredSize: 2
      launchTemplate: firewall-lt
      healthCheckGracePeriod: 300
      healthCheckType: ELB
      targetGroups:
       - firewall-gwlb-tg
      subnets:
        - firewall-subnet-a
        - firewall-subnet-b
      maxInstanceLifetime: 86400
    launchTemplate:
      name: firewall-lt
      blockDeviceMappings:
        - deviceName: /dev/xvda
          ebs:
            deleteOnTermination: true
            encrypted: true
            volumeSize: 20
      enforceImdsv2: true
      iamInstanceProfile: firewall-profile
      imageId: ami-123xyz
      instanceType: c6i.xlarge
      networkInterfaces:
        - deleteOnTermination: true
          description: Primary interface
          deviceIndex: 0
          groups:
            - firewall-data-sg
        - deleteOnTermination: true
          description: Management interface
          deviceIndex: 1
          groups:
            - firewall-mgmt-sg
      userData: path/to/userdata.txt
    vpc: Network-Inspection
  targetGroups:
  - name: firewall-gwlb-tg
    port: 6081
    protocol: GENEVE
    type: instance
    healthCheck:
      enabled: true
      port: 80
      protocol: TCP

interface IEc2FirewallConfig {
    autoscalingGroups?: IEc2FirewallAutoScalingGroupConfig[];
    instances?: IEc2FirewallInstanceConfig[];
    managerInstances?: IEc2FirewallInstanceConfig[];
    targetGroups?: ITargetGroupItem[];
}

Index

Properties

autoscalingGroups? instances? managerInstances? targetGroups?

Properties

`Optional` `Readonly`autoscalingGroups

autoscalingGroups?: IEc2FirewallAutoScalingGroupConfig[]

Define EC2-based firewall instances in autoscaling groups

`Optional` `Readonly`instances

instances?: IEc2FirewallInstanceConfig[]

Define EC2-based firewall standalone instances

`Optional` `Readonly`managerInstances

managerInstances?: IEc2FirewallInstanceConfig[]

Define EC2-based firewall management instances

`Optional` `Readonly`targetGroups

targetGroups?: ITargetGroupItem[]

Define target groups for EC2-based firewalls

Interface IEc2FirewallConfig

Description

Example

Index

Properties

Properties

`Optional` `Readonly`autoscalingGroups

`Optional` `Readonly`instances

`Optional` `Readonly`managerInstances

`Optional` `Readonly`targetGroups

Settings

On This Page

Interface IEc2FirewallConfig

Description

Example

Index

Properties

Properties

Optional ReadonlyautoscalingGroups

Optional Readonlyinstances

Optional ReadonlymanagerInstances

Optional ReadonlytargetGroups

Settings

On This Page

`Optional` `Readonly`autoscalingGroups

`Optional` `Readonly`instances

`Optional` `Readonly`managerInstances

`Optional` `Readonly`targetGroups