cloud-automation-demo

This repo enables you to perform cloud automation demos using Terraform or Ansible

cloud-automation-demo

This repo enables you to perform cloud automation demos using Terraform or Ansible

Prereqs

  1. Install golang 1.13 or later
  2. go get golang.org/x/crypto/ssh
  3. Install terraform (developed against 0.12)
  4. Local environment is assumed to be either a Mac or Linux (one of the steps is to invoke a /bin/bash shell script)
  5. Whatever PAN-OS AMI you want to use, you'll need to have accepted the licensing agreement manually through the AWS marketplace (BYOL is used by default)

Setup

Every variable in vars.tf without a default must be defined in a terraform.tfvars file. Here's all of the variables and what they're used for:

  • github_account - Your github account name (this is used to filter incoming push events in the off chance that multiple people are doing demos at the same time)
  • github_token - A github access token for your account. Your github access token can be generated by going to Settings > Developer Settings > Personal Access Tokens. The token only needs admin:org_hook permissions.
  • aws_ssh_key_name - The SSH key name stored on AWS to use. This is the public key that is paired with local_ssh_key_path.
  • local_ssh_key_path - The path to the SSH key that should be used to connect to the firewall and linux servers. This is the private key that works with aws_ssh_key_name.
  • aws_access_key - Your AWS access key.
  • aws_secret_key - Your AWS secret key.
  • aws_region - Which AWS region to create everything in.
  • panos_ami - Which PAN-OS firewall AMI to use.
  • panos_username - The user account to use on the firewall. If this is not admin, then it is created as part of the firewall initialization. The password for this user is random and is output at the end of terraform apply.
  • linux_ami - The linux AMI to use.
  • linux_instance_type - Which instance type to use. If you don't want to use t2.micro, then you may specify a larger instance type here.

Once those are done, you should be able to perform terraform init in this directory, which will download all necessary providers to do the deployment.

Running the demo

To deploy the demo environment:

terraform apply -auto-approve

To tear down the demo environment:

terraform destroy -auto-approve

Developer Sites

Social


Copyright © 2024 Palo Alto Networks, Inc. All rights reserved.