narayan-iyengar
commented
6 years ago @pkleanthous this template will not cover egress only ingress. Ideally this is what you would do. Launch https://github.com/PaloAltoNetworks/aws-transit-vpc and have spokes that connect into the Transit VPC.
Then you can deploy elb-autoscaling template in the spokes that need ingress protection.
Technically you can use the transit firewalls to also be ingress, but you scaling needs for ingress and egress will be different. So we recommend separating the two sets of firewalls.
HTH
Dear PaloAltoNetworks,
Does this template cover the egress traffic? If not, how can I combine this template with https://github.com/PaloAltoNetworks/aws-transit-vpc ?