CustomizationsConfig / Ec2FirewallConfig

EC2 firewall configuration. Used to define EC2-based firewall and management appliances

Example

Standalone instances:

instances:
- name: accelerator-firewall
launchTemplate:
name: firewall-lt
blockDeviceMappings:
- deviceName: /dev/xvda
ebs:
deleteOnTermination: true
encrypted: true
volumeSize: 20
enforceImdsv2: true
iamInstanceProfile: firewall-profile
imageId: ami-123xyz
instanceType: c6i.xlarge
networkInterfaces:
- deleteOnTermination: true
description: Primary interface
deviceIndex: 0
groups:
- firewall-data-sg
subnetId: firewall-data-subnet-a
- deleteOnTermination: true
description: Management interface
deviceIndex: 1
groups:
- firewall-mgmt-sg
subnetId: firewall-mgmt-subnet-a
userData: path/to/userdata.txt
vpc: Network-Inspection
targetGroups:
- name: firewall-gwlb-tg
port: 6081
protocol: GENEVE
type: instance
healthCheck:
enabled: true
port: 80
protocol: TCP
targets:
- accelerator-firewall

Autoscaling group:

autoscalingGroups:
- name: accelerator-firewall-asg
autoscaling:
name: firewall-asg
maxSize: 4
minSize: 1
desiredSize: 2
launchTemplate: firewall-lt
healthCheckGracePeriod: 300
healthCheckType: ELB
targetGroups:
- firewall-gwlb-tg
subnets:
- firewall-subnet-a
- firewall-subnet-b
launchTemplate:
name: firewall-lt
blockDeviceMappings:
- deviceName: /dev/xvda
ebs:
deleteOnTermination: true
encrypted: true
volumeSize: 20
enforceImdsv2: true
iamInstanceProfile: firewall-profile
imageId: ami-123xyz
instanceType: c6i.xlarge
networkInterfaces:
- deleteOnTermination: true
description: Primary interface
deviceIndex: 0
groups:
- firewall-data-sg
- deleteOnTermination: true
description: Management interface
deviceIndex: 1
groups:
- firewall-mgmt-sg
userData: path/to/userdata.txt
vpc: Network-Inspection
targetGroups:
- name: firewall-gwlb-tg
port: 6081
protocol: GENEVE
type: instance
healthCheck:
enabled: true
port: 80
protocol: TCP

Hierarchy

  • Ec2FirewallConfig

Implements

Constructors

Properties

autoscalingGroups: undefined | Ec2FirewallAutoScalingGroupConfig[] = undefined

Define EC2-based firewall instances in autoscaling groups

instances: undefined | Ec2FirewallInstanceConfig[] = undefined

Define EC2-based firewall standalone instances

managerInstances: undefined | Ec2FirewallInstanceConfig[] = undefined

Define EC2-based firewall management instances

targetGroups: undefined | TargetGroupItemConfig[] = undefined

Define target groups for EC2-based firewalls

Generated using TypeDoc