Skip to main content
All CollectionsCloudGen Access Proxy
Install proxy in AWS (HA)
Install proxy in AWS (HA)
Barracuda Admin avatar
Written by Barracuda Admin
Updated over 3 years ago

Terraform Modules

  1. Get a CloudGen Access Proxy enrollment link by creating a new CloudGen Access Proxy. Since there is still no value for Host parameters, insert a placeholder (e.g., temp.example.org)

  2. Go to Terraform modules for detailed deployment steps.

  3. After the installation, update the created CloudGen Access Proxy Host with the CloudGen Access Proxy DNS name obtained in the terraform output resource Network_Load_Balancer_DNS_Name

Cloudformation Templates

Install Steps

  1. Get a CloudGen Access Proxy enrollment link by creating a new CloudGen Access Proxy. Since there is still no value for Host parameters, insert a placeholder (e.g., temp.example.org)

  2. Choose one of the templates:

  3. Update the created CloudGen Access Proxy Host with the DNS name obtained in the stack output key NetworkLoadBalancerDnsName

  4. Configure access to the desired resources with the security group id obtained in the stack output key SecurityGroupforResources

ASG with NLB

  • Contains all the resources and steps needed to deploy the CloudGen Access Proxy in an ASG behind an NLB.

  • The template creates a highly available / self-healing infrastructure with a minimum of 2 EC2 instances that are part of an ASG and sit behind an NLB.

  • All the resources are created with the principle of least privilege.

  • The latest AMI for the deployed region is automatically configured, at the date of the deploy.

  • When the parameter EC2ASGDesiredCapacity is higher than 1 (defaults to 2), the stack will deploy a Redis Replication Group with 2 nodes on different Availability Zones. This is required for communication between CloudGen Access Orchestrators.

  • Template available here

Launch

ECS on AWS Fargate

  • Contains all the resources and steps needed to deploy CloudGen Access Proxy in an ECS cluster hosted on AWS Fargate

  • The template creates the required containers behind an NLB. Required security groups are included. The template will use the latest container versions.

  • Template available here

Launch

AMI

  • CloudGen Access Proxy AMI is based on the official Amazon Linux 2 AMI.

  • The AMI is available in the account 766535289950 in all regions under the prefix amazonlinux-2-base_*

  • CloudGen Access Proxy AMI includes the following: CIS recommendations for CentOS CIS recommendations for SSHUpdated regularly to ensure the latest packagesPerforms automatic install of security updates via yum-cron

Latest AMIsap-northeast-1: ami-0e0313875a5d5e6eb ap-northeast-2: ami-0f23a2f6eac85ddad ap-south-1: ami-0d16041bffb3c0325 ap-southeast-1: ami-0c27b55ffe958e7ad ap-southeast-2: ami-09f1391351e80b115 ca-central-1: ami-00302b74d7dec8b5f eu-central-1: ami-00d752df7a2d84347 eu-north-1: ami-01de00f26f31eaaac eu-west-1: ami-0d2ef373a5b0adf10 eu-west-2: ami-0c05321fc62d47126 eu-west-3: ami-0e1f41f834e33bd3f sa-east-1: ami-0189741b4f7063ebe us-east-1: ami-09dea62ce16b051ca us-east-2: ami-0bb58cf9c890b60a3 us-west-1: ami-08e6bfb27a03b8a07 us-west-2: ami-0c5d9af262b1c0c54


Listing the available AMIs with aws-cli tools

  • Please note that CloudGen Access software is not included in the AMI. This image is intended to be used as the base to install the latest packages available with the provided scripts in Install in Bare Metal / Virtual Machine.

Did this answer your question?