AWS Marketplace
You can subscribe and deploy the CloudGen Access Proxy using the AWS Marketplace. Visit the Barracuda CloudGen Access offer to subscribe, and then deploy using the cloudformation template steps.
Terraform Modules
Get a CloudGen Access Proxy enrollment link by creating a new CloudGen Access Proxy. Since there is still no value for Host parameters, insert a placeholder (e.g., temp.example.org).
Go to Terraform modules for detailed deployment steps.
After the installation, update the created CloudGen Access Proxy Host with the CloudGen Access Proxy DNS name obtained in the terraform output resource
Network_Load_Balancer_DNS_Name
Cloudformation Templates
Installation Steps
Notes on configuration:
Required: Allow public access to Access Proxy set to True
Recommended: Get the latest Access Proxy install scripts set to True
Get a CloudGen Access Proxy enrollment link by creating a new CloudGen Access Proxy. Since there is still no value for Host parameters, insert a placeholder (e.g., temp.example.org).
Choose one of the templates:
ASG with NLB
ECS on AWS Fargate
Update the created CloudGen Access Proxy Host with the DNS name obtained in the stack output key
NetworkLoadBalancerDnsName
Configure access to the desired resources with the security group id obtained in the stack output key
SecurityGroupforResources
ASG with NLB
Contains all the resources and steps needed to deploy the CloudGen Access Proxy in an ASG behind an NLB.
The template creates a highly available / self-healing infrastructure with a minimum of 2 EC2 instances that are part of an ASG and sit behind an NLB.
All the resources are created with the security principle of least privilege.
The latest AMI for the deployed region is automatically configured, at the date of the deploy.
When the parameter
EC2ASGDesiredCapacity
is more than 1 (defaults to 2), the stack will deploy a Redis Replication Group with 2 nodes on different Availability Zones. This is required for communication between CloudGen Access Orchestrators.
โTemplate available here
ECS on AWS Fargate
Contains all the resources and steps needed to deploy the CloudGen Access Proxy in an ECS cluster hosted on AWS Fargate.
The template creates the required containers behind an NLB. Required security groups are included. The template will use the latest container versions.
Template available here
AMI
The templates use the official x64 Amazon Linux 2 AMI.
The latest version available at the date of deploy is selected.
Optionally, a custom x64 AMI can be selected (CentOS/Ubuntu based).
After installing the proxy, a hardening script will be executed. The script includes the following:
Upgrading CloudGen Access Proxy
To upgrade your CloudGen Access Proxy to the latest version, execute the following command:
sudo yum upgrade fydeproxy envoy