Sentinel helping you in Terraform
How to make sure standard format or practising , enforce accross to all terraform user. In Terraform Cloud / Terraform enterprise is allowing your to put sentinel policy in place. Prevent certain actions or configurations that may violate your organization’s compliance or security standards Being with Terraform Cloud Using terraform with Github responsitories. You can trigger the run on each […]
Exploring AWS SSM Parameter Store!
In today’s cloud-driven world, managing configurations, secrets, and other sensitive information securely is paramount. AWS System Manager – Parameter Store that can help to store information, secure password and share it. For Example, we can use it for Database Password, Database username, EFS files system End point…..etc When we are auto scaling up our infrastructure, We want to ensure information […]
Reach to internet via other firewall in AWS
Internet In previous post, in order to secure our VM in the private subnet. Using NAT Gateway, is very good option. In the other hand, AWS will charge it on the NAT Gateway usage. below info: NAT gateway will do NAT gateway do. It will not filter specific URL…..or other function. In this case, we can put third party firewall […]
AWS – CI/CD Pipline with Github & S3 Bucket static website
Using the cloud to build Static website with AWS Pipeline. We will need Github help as well. AWS S3 Bucket Git Hub account AWS pipline Connect AWS codebuild to Github (Source Stage). Pipeline select S3 (Deploy stage) Create S3 Bucket & Static Website + Bucket Policy First, we will create an S3 bucket and pickup an unique Name for your […]
VPC flow in Terraform
Create Flow Log via terraform We are using Previously project scripit, but we will add “VPC Flow capture” on the VPC which we create via terraform. We will create a new file tf.log , input code as below Terraform plan / apply Terraform apply -> EC2 instance will be created with EIP with internet access. Additional it created as below: […]
Terraform – AWS
TERRAFORM We will use terraform to manage cloud infrastructure and deploy in AWS. 2 VPC ( Frontend VPC, Backend VPC) Subnet for both VPC and Routing table Internet gateway -> Frontend VPC Security Group -> Frontend and Backend VPC Peering store tfstate in S3 Lockfile located in DynamoDB AWS After we build, we want to destroy all the related resources. […]
What is VRF, VRF-Lite
Virtual Router Forwarding (“VRF“), It allows router to have many logical routing tables. Services Provider they take this as advantage on it with MPLS, so as to separate the network to Customers. VLAN = VRF? Virtual Local Area network & Virtual Router Forwarding, they are both separating the network. BUT 1 is in Layer 2 1 is in Layer 3 […]
Encapsulation – VPN, GRE Tunnel ?
Why do we need GRE Tunnel GRE Tunnel, it Encapsulate the packet which is quite similiar with VPN IPSEC. GRE Tunnel can support Dynamic Routing protocol through the tunnel, it is the reason why it takes an advantages. In DMVPN, GRE will play its role. Another advantage of GRE Tunnel, is easiler to be configured. CONFIGURATION Between R1-R2-R3 both has […]
Cisco MERAKI- What do we need to know
WHAT DO WE NEED TO KNOW CISCO MERAKI has different variety product. Mostly I use is Security appliance, Wireless & Switch. Mainly they are cloud base product which mean. Without internet, it is not much you can do on the devices. Such as you can change vlan trunk/ access or add DHCP on Security appliance. But you can configure IP […]