Welcome,
You came here because you want to automate your AWS VPC/VPN setup.
Please find the below code snippet for your reference, make sure you have puppet installed.
Below code should help you with:
1. Setting up VPS in AWS
2. Setting up VPN Gateway
3. Setting up Subnet
4. Setting up Security Group
5. Setting up Instance
6. Setting up load balancer
#Setting up VPC using Puppet:
ec2_vpc { 'name-of-vpc':
ensure => present,
region => 'us-east-1',
cidr_block => '10.0.0.0/24',
tags => {
tag_name => 'value',
},
}
#setup VPN Gateway:
ec2_vpc_vpn_gateway { 'sample2-vgw':
ensure => present,
region => 'us-east-1',
vpc => 'sample2-vpc',
type => 'ipsec.1',
}
#setup customer gateway:
ec2_vpc_customer_gateway { 'sample2-cgw':
ensure => present,
region => 'us-east-1',
ip_address => '177.255.196.143',
bgp_asn => 65000,
type => 'ipsec.1',
}
#Setup VPC VPN to connect:
ec2_vpc_vpn { 'sample2-vpn':
ensure => present,
region => 'us-east-1',
vpn_gateway => 'sample2-vgw',
customer_gateway => 'sample2-cgw',
type => 'ipsec.1',
routes => ['0.0.0.0/0'],
static_routes => true,
}
#Setup a subnet:
ec2_vpc_subnet { 'name-of-subnet':
ensure => present,
region => 'us-east-1',
cidr_block => '10.0.0.0/24',
availability_zone => 'us-east-1a',
map_public_ip_on_launch => true,
vpc => 'name-of-vpc,
tags => {
tag_name => 'value',
},
}
#Setup a security group:
ec2_securitygroup { 'name-of-security-group':
ensure => present,
region => 'us-east-1',
vpc => 'name-of-vpc',
description => 'a description of the group',
ingress => [{
protocol => 'tcp',
port => 22,
cidr => '0.0.0.0/0',
}],
tags => {
tag_name => 'value',
},
}
#Setup an Instance:
ec2_instance { 'name-of-instance':
ensure => running,
region => 'us-east-1',
availability_zone => 'us-east-1a',
image_id => 'ami-123456', # you need to select your own AMI
instance_type => 't2.micro',
key_name => 'name-of-existing-key',
subnet => 'name-of-subnet',
security_groups => ['name-of-security-group'],
tags => {
tag_name => 'value',
},
}
#Setup Load Balancer:
elb_loadbalancer { 'name-of-load-balancer':
ensure => present,
region => 'us-east-1',
availability_zones => ['us-east-1a', 'us-east-1b'],
instances => ['name-of-instance', 'another-instance'],
security_groups => ['name-of-security-group'],
listeners => [
{
protocol => 'HTTP',
load_balancer_port => 80,
instance_protocol => 'HTTP',
instance_port => 80,
},{
protocol => 'HTTPS',
load_balancer_port => 443,
instance_protocol => 'HTTPS',
instance_port => 8080,
ssl_certificate_id => 'arn:aws:iam::123456789000:server-certificate/yourcert.com',
policies => [
{
'policy_type' => 'SSLNegotiationPolicyType',
'policy_attributes' => {
'Protocol-TLSv1.1' => false,
'Protocol-TLSv1.2' => true,
}
}
]
}
],
health_check => {
'healthy_threshold' => '10',
'interval' => '30',
'target' => 'HTTP:80/health_check',
'timeout' => '5',
'unhealthy_threshold' => '2'
},
tags => {
tag_name => 'value',
},
}
You came here because you want to automate your AWS VPC/VPN setup.
Please find the below code snippet for your reference, make sure you have puppet installed.
Below code should help you with:
1. Setting up VPS in AWS
2. Setting up VPN Gateway
3. Setting up Subnet
4. Setting up Security Group
5. Setting up Instance
6. Setting up load balancer
#Setting up VPC using Puppet:
ec2_vpc { 'name-of-vpc':
ensure => present,
region => 'us-east-1',
cidr_block => '10.0.0.0/24',
tags => {
tag_name => 'value',
},
}
#setup VPN Gateway:
ec2_vpc_vpn_gateway { 'sample2-vgw':
ensure => present,
region => 'us-east-1',
vpc => 'sample2-vpc',
type => 'ipsec.1',
}
#setup customer gateway:
ec2_vpc_customer_gateway { 'sample2-cgw':
ensure => present,
region => 'us-east-1',
ip_address => '177.255.196.143',
bgp_asn => 65000,
type => 'ipsec.1',
}
#Setup VPC VPN to connect:
ec2_vpc_vpn { 'sample2-vpn':
ensure => present,
region => 'us-east-1',
vpn_gateway => 'sample2-vgw',
customer_gateway => 'sample2-cgw',
type => 'ipsec.1',
routes => ['0.0.0.0/0'],
static_routes => true,
}
#Setup a subnet:
ec2_vpc_subnet { 'name-of-subnet':
ensure => present,
region => 'us-east-1',
cidr_block => '10.0.0.0/24',
availability_zone => 'us-east-1a',
map_public_ip_on_launch => true,
vpc => 'name-of-vpc,
tags => {
tag_name => 'value',
},
}
#Setup a security group:
ec2_securitygroup { 'name-of-security-group':
ensure => present,
region => 'us-east-1',
vpc => 'name-of-vpc',
description => 'a description of the group',
ingress => [{
protocol => 'tcp',
port => 22,
cidr => '0.0.0.0/0',
}],
tags => {
tag_name => 'value',
},
}
#Setup an Instance:
ec2_instance { 'name-of-instance':
ensure => running,
region => 'us-east-1',
availability_zone => 'us-east-1a',
image_id => 'ami-123456', # you need to select your own AMI
instance_type => 't2.micro',
key_name => 'name-of-existing-key',
subnet => 'name-of-subnet',
security_groups => ['name-of-security-group'],
tags => {
tag_name => 'value',
},
}
#Setup Load Balancer:
elb_loadbalancer { 'name-of-load-balancer':
ensure => present,
region => 'us-east-1',
availability_zones => ['us-east-1a', 'us-east-1b'],
instances => ['name-of-instance', 'another-instance'],
security_groups => ['name-of-security-group'],
listeners => [
{
protocol => 'HTTP',
load_balancer_port => 80,
instance_protocol => 'HTTP',
instance_port => 80,
},{
protocol => 'HTTPS',
load_balancer_port => 443,
instance_protocol => 'HTTPS',
instance_port => 8080,
ssl_certificate_id => 'arn:aws:iam::123456789000:server-certificate/yourcert.com',
policies => [
{
'policy_type' => 'SSLNegotiationPolicyType',
'policy_attributes' => {
'Protocol-TLSv1.1' => false,
'Protocol-TLSv1.2' => true,
}
}
]
}
],
health_check => {
'healthy_threshold' => '10',
'interval' => '30',
'target' => 'HTTP:80/health_check',
'timeout' => '5',
'unhealthy_threshold' => '2'
},
tags => {
tag_name => 'value',
},
}
Let me know if you have any questions around. Thanks!
