IaC & Terraform
Ensure you've visited our marketplace page and accepted the terms & conditions, and any private offers you may have been extended for your AWS account, first.
IMAGE IDENTIFIERS​
| key | value |
|---|---|
| owner-alias | aws-marketplace |
| product-code | bz1yq0sc5ta99w5j7jjwzym8g |
| architecture | x86_64 |
These filters will result in all the historic versions too. The latest among these is recommended.
TERRAFORM MODULES​
You may want to consider our fully-working modules at the Terraform Registry, which include preconfigured high availability, load balancing and auto scaling. The examples within extend from the canonical terraform-aws-modules/vpc/aws module at the registry.
Contact us for expert help at devsecops@chasersystems.com at any stage of your journey – we'll jump on a screen-sharing call right away!
CLOUDFORMATION​
Equivalent CloudFormation templates are available on our GitHub profile.
DEPLOYMENT ESSENTIALS​
For effective functioning, the DiscrimiNAT Firewall will need:
- A machine type with at least 2 vCPU and 2 GiB RAM. A
t3.smallshould suffice where throughput requirements are basic and allowlists small. Otherwise ac6a.large(orc6i.large) makes a good choice for constant throughput. Talk to our DevSecOps to get the sizing right! - An IAM policy that can read some EC2 metadata, write logs and set instance health (of itself). See the IAM Instance Profile page for details.
- Ability to forward IP packets with the
SourceDestCheckproperty of the network interface turned off. - A public IP with routing to the Internet via the AWS supplied Internet Gateway.
aws CLI EXAMPLE​
Lookup​
aws ec2 describe-images \
--query \
'sort_by(Images, &CreationDate)[-1].ImageId' \
--filters \
"Name=owner-alias,Values=aws-marketplace" \
"Name=product-code,Values=bz1yq0sc5ta99w5j7jjwzym8g" \
"Name=architecture,Values=x86_64" \
--no-cli-pager --output text