This code helps deploy all the resources required to successfully demonstrate the VM-Series reference architecture with the AWS Gateway Load Balancer. This deployment Post the successful deployment of the resources, including the Palo Alto Networks VM-Series Next Generation Firewall, you will be able to secure all Inbound, Outbound and East traffic to the 2 spoke servers also deployed as part of the demonstration.
In this section, we will launch the lab environment. These are the steps that we will accomplish at this time.
git clone https://github.com/PaloAltoNetworks/aws-vmseries-gwlb-poc.git && cd aws-vmseries-gwlb-poc
If you are attempting to deploy from your local workspace, you would need to update the below values on the aws-vmseries-gwlb-poc/terraform/vmseries/student.auto.tfvars file.
access-key = ""
secret-key = ""
region = ""
ssh-key-name = ""
In case you are using AWS CloudShell, you can ignore this step.
Once you have completed the above steps as required, ensure that you are in the root directory of the cloned repo and run the below command.
./setup.sh
It will take around 5 minutes to deploy all the lab components. Status will be updated on the cloudshell console as deployment progresses. At the end of deployment, you should see the message “Completed successfully!”
Ensure that you have the permissions to delete all the resources that were created as part of the setup. Adjust the "cd" command below to change the directory as required. Run the below commands to teardown the setup.
cd ~/aws-vmseries-gwlb-poc/terraform/vmseries
terraform destroy -auto-approve
We will be using the user ‘ec2-user’ as the username to login to these applications.
aws ec2-instance-connect ssh --instance-id <instance-id>
You could also connect to the servers directly on the EC2 console by selecting the instance that you want to connect to, and clicking on the Connect button provided above the instance list. Ensure that you use the username as ec2-user for logging in.