ACE Cloud Ops Infrastructure
This repository builds out a completed representation of the infrastructure created for the Aviatrix ACE Cloud Operations course.
It builds the following:
- Aviatrix Transit FireNet in AWS (with Fortinet FortiGate Firewall) with 2 spokes
- Aviatrix Transit in Azure with 2 spokes
- Aviatrix Transit in GCP with 1 spoke
- Ubuntu VMs with password authentication (1 per spoke)
- Multi-Cloud Segmentation (2 security domains, no connection policy)
- Site2Cloud connection between Spoke in GCP and On-Prem Cisco CSR (emulated in AWS)
- Site2Cloud connection between Transit in AWS and a separate On-Prem Cisco CSR (emulated in AWS)
- Egress FQDN gateway in Azure Spoke 1 and 2
|Aviatrix Controller||UserConnect-6.7.1319 (6.7)|
|Aviatrix Terraform Provider||> 2.22.1|
|Azure Terraform Provider||> 3.0.0|
|GCP Terraform Provider||> 4.0|
|AWS Terraform Provider||> 4.0|
- Software version requirements met
- Aviatrix Controller with Access Accounts defined for AWS, and GCP. Default account names are 'aws-account' and 'gcp-account' respectively.
- Azure account will be onboarded matching the TF credentials provided as environment variables.
- Sufficient limits in place for CSPs and regions in scope (EIPs, Compute quotas, etc.)
- Active subscriptions for the NGFW firewall images in scope
- Terraform 1.0 in the user environment
- Terraform provider requirements are met (AWS, GCP, Azure) in the runtime environment
- Account credentials for each CSP defined in environment. The following environment variables will be needed: