Deploying 'n' Cisco FTDv in AWS in multiple Availability Zones using Terraform

Introduction

Terraform is an open source "Infrastructure as Code" tool, used by DevOps and SysOps engineers to?codify?their cloud infrastructure requirements. Terraform is a broadly used tool that developers use to provision infrastructure as code workloads across multiple infrastructure providers. It allows development teams to write, test, and deploy workloads into cloud data centers such as AWS and on-premises using HashiCorp Configuration Language directly from their CI/CD pipelines.

Requirement

Customers are moving their application to Cloud and hence there is need to secure the communication to these applications which can be from Internet, On-Premise or within Cloud itself depending upon Customer's Requirement. To cater to these requirements Cisco FTDv is available on all major cloud platforms.

Most of the customers will be having already designed network in cloud for the application which are to be moved to cloud. In such scenario, tools like Terraform becomes very handy which can leverage the existing infrastructures and build the instances as per requirement.

In this article, we will be looking at the scenario where, let's assume the required network connectivity is present and and Customer needs to build the FTDv instance in AWS Cloud.

Consider the following scenario

Assuming that VPC, Subnets are already made ready. We will use the Terraform Template to build the mentioned instances in each availability zone.

The complete Terraform Template used to build the FTDv is available here. Please visit the link and check out.

Template Details

The configuration are segregated in different files as below:

Complete details about the usage of the template has been explained in the README.md file.

User will need to modify the config.json, provider.tf, terraform.tfvars and main.tf to be able to use for their environment.

Details of each file:

1. config.json : This file contains the day0 config for FTD which will enable user to pass the details like password, Registeration Key, FMC IP during the instance build process itself.
2. provider.tf: This file contains the provider information. Providers are the plugins which is used to interact with specific cloud providers, SaaS providers, and other APIs. In this file user will have to define the access key and secret key which will be then used to connect to the AWS.
3. variables.tf: This files defines the variable which are used in main.tf.
4. terraform.tfvars: This file will be providing the values to the variables defined in variable.tf
5. main.tf : This file will have the entire functioning where it will create the Network Interfaces, Security Groups and using them to build the instance.
6. output.tf: This file contains the output of the execution.

README.md file will provide all the necessary steps required for the execution and which line modification is needed.

Post successful execution of Terraform Template following results will be seen.

On AWS Console the FTDv instances will be created as shown below:

From above diagram, we can see as we had defined instance count of 4 for each availability zone same is create by the template, with define naming convention[This can be controlled via the code] also the instance got spun across the two availability zone.

Feel free to explore the code at Github and provide your feedback!!

Thanks and Happy Coding!!