Skip to main content

IaC & Terraform

info

Ensure you've visited our marketplace page and accepted the terms & conditions, and any custom offers you may have been extended for your AWS account, first.

IMAGE IDENTIFIERS​

keyvalue
owner-id679593333241
product-codea83las5cq95zkg3x8i17x6wyy
architecturex86_64

These filters will result in all the historic versions too. The latest among these is recommended.

TERRAFORM MODULES​

You may want to consider our fully-working modules at the Terraform Registry, which include preconfigured high availability, load balancing and auto scaling. The examples within extend from the canonical terraform-aws-modules/vpc/aws module at the registry.

info

Contact us for expert help at devsecops@chasersystems.com at any stage of your journey – we'll jump on a screen-sharing call right away!

DEPLOYMENT ESSENTIALS​

For effective functioning, the DiscrimiNAT Firewall will need:

  1. A machine type with at least 2 vCPU and 2 GiB RAM. A t3.small should suffice where throughput requirements are basic and allowlists small. Otherwise a c5.large makes a good choice for constant throughput. Talk to our DevSecOps to get the sizing right!
  2. An IAM policy that can read some EC2 metadata, write logs and set instance health (of itself). See the IAM Instance Profile page for details.
  3. Ability to forward IP packets with the SourceDestCheck property of the network interface turned off.
  4. A public IP with routing to the Internet via the AWS supplied Internet Gateway.

aws CLI EXAMPLE​

Lookup​

aws ec2 describe-images                                \
--query \
'sort_by(Images, &CreationDate)[-1].ImageId' \
--filters \
"Name=owner-id,Values=679593333241" \
"Name=product-code,Values=a83las5cq95zkg3x8i17x6wyy" \
"Name=architecture,Values=x86_64" \
--no-cli-pager --output text