CustomizationsConfig / Ec2FirewallConfig
EC2 firewall configuration. Used to define EC2-based firewall and management appliances
Standalone instances:
instances: - name: accelerator-firewall launchTemplate: name: firewall-lt blockDeviceMappings: - deviceName: /dev/xvda ebs: deleteOnTermination: true encrypted: true volumeSize: 20 enforceImdsv2: true iamInstanceProfile: firewall-profile imageId: ami-123xyz instanceType: c6i.xlarge networkInterfaces: - deleteOnTermination: true description: Primary interface deviceIndex: 0 groups: - firewall-data-sg subnetId: firewall-data-subnet-a - deleteOnTermination: true description: Management interface deviceIndex: 1 groups: - firewall-mgmt-sg subnetId: firewall-mgmt-subnet-a userData: path/to/userdata.txt vpc: Network-InspectiontargetGroups: - name: firewall-gwlb-tg port: 6081 protocol: GENEVE type: instance healthCheck: enabled: true port: 80 protocol: TCP targets: - accelerator-firewall
Autoscaling group:
autoscalingGroups: - name: accelerator-firewall-asg autoscaling: name: firewall-asg maxSize: 4 minSize: 1 desiredSize: 2 launchTemplate: firewall-lt healthCheckGracePeriod: 300 healthCheckType: ELB targetGroups: - firewall-gwlb-tg subnets: - firewall-subnet-a - firewall-subnet-b launchTemplate: name: firewall-lt blockDeviceMappings: - deviceName: /dev/xvda ebs: deleteOnTermination: true encrypted: true volumeSize: 20 enforceImdsv2: true iamInstanceProfile: firewall-profile imageId: ami-123xyz instanceType: c6i.xlarge networkInterfaces: - deleteOnTermination: true description: Primary interface deviceIndex: 0 groups: - firewall-data-sg - deleteOnTermination: true description: Management interface deviceIndex: 1 groups: - firewall-mgmt-sg userData: path/to/userdata.txt vpc: Network-Inspection targetGroups: - name: firewall-gwlb-tg port: 6081 protocol: GENEVE type: instance healthCheck: enabled: true port: 80 protocol: TCP
Define EC2-based firewall instances in autoscaling groups
Define EC2-based firewall standalone instances
Define EC2-based firewall management instances
Define target groups for EC2-based firewalls
Generated using TypeDoc
CustomizationsConfig / Ec2FirewallConfig
EC2 firewall configuration. Used to define EC2-based firewall and management appliances
Standalone instances:
Autoscaling group: