This repo enables you to perform cloud automation demos using Terraform or Ansible
- Install golang 1.13 or later
go get golang.org/x/crypto/ssh
- Install terraform (developed against 0.12)
- Local environment is assumed to be either a Mac or Linux (one of the steps is to invoke a
- Whatever PAN-OS AMI you want to use, you'll need to have accepted the licensing agreement manually through the AWS marketplace (BYOL is used by default)
Every variable in
vars.tf without a default must be defined in a
terraform.tfvars file. Here's all of the variables and what they're used for:
github_account- Your github account name (this is used to filter incoming push events in the off chance that multiple people are doing demos at the same time)
github_token- A github access token for your account. Your github access token can be generated by going to Settings > Developer Settings > Personal Access Tokens. The token only needs
aws_ssh_key_name- The SSH key name stored on AWS to use. This is the public key that is paired with
local_ssh_key_path- The path to the SSH key that should be used to connect to the firewall and linux servers. This is the private key that works with
aws_access_key- Your AWS access key.
aws_secret_key- Your AWS secret key.
aws_region- Which AWS region to create everything in.
panos_ami- Which PAN-OS firewall AMI to use.
panos_username- The user account to use on the firewall. If this is not
admin, then it is created as part of the firewall initialization. The password for this user is random and is output at the end of
linux_ami- The linux AMI to use.
linux_instance_type- Which instance type to use. If you don't want to use
t2.micro, then you may specify a larger instance type here.
Once those are done, you should be able to perform
terraform init in this directory, which will download all necessary providers to do the deployment.
Running the demo
To deploy the demo environment:
terraform apply -auto-approve
To tear down the demo environment:
terraform destroy -auto-approve