Skip to content

CloudFormation Template

Setup your AWS account as described in the previous section using the CloudFormation template. Check the TechNotes for the details of the resources created by the CloudFormation Template

Run CloudFormation Template

  1. Click this link to launch the CloudFormation template
  2. Log into the required AWS Account using the AWS Management Console
  3. Select the AWS region. Even though IAM is region independent, this template creates a CloudWatch Event Rule that requires a region
  4. Enter the parameter values as required:
    • Enter a Stack name. For example, valtix-resources.
    • DeploymentName – Enter the information which was provided by Valtix at the time of onboarding. This is the Valtix Controller name assigned to you.
    • RoleNamePrefix – Enter a prefix to be added to all of the IAM roles that are created. For example, prefix valtix would create an IAM role called valtix-firewall-role. It is recommended that valtix or valtix-<some-other-word> is used as prefix so you can easily identify the roles that were created for Valtix in the IAM page. (This tutorial assumes the prefix as valtix and all the examples use that to refer to the resources. If you use a different prefix replace the example resource names appropriately)
    • S3Bucket - Provide a name of the S3 Bucket that will be used to store the Route53 DNS Query Logs, CloudTrail events and the VPC Flow Logs. The content of the bucket is ready by the Valtix Controller and used for Inventory/Discovery purposes. If you don't intend to use the Inventory/Discovery features leave this field to empty
    • ValtixControllerAccount – Enter the information which was provided by Valtix at the time of onboarding. This is the AWS Account ID where the Valtix Controller operates. This account is owned and operated by Valtix.
  5. Select the checkbox I acknowledge that AWS CloudFormation might create IAM resources with custom names, and then click Create Stack.
  6. Check the Events and Outputs tab of the CloudFormation Stack details for the progress. Allow 2 to 3 minutes for successful completion. If an error is displayed, check the AWS message to verify that the user running the CloudFormation template has the required IAM permissions to run templates and create IAM roles.

Outputs

From the Outputs tab, copy and paste the following information in to a text editor:

  • CurrentAccount (This is your AWS Account ID where applications run and Valtix Gateways will be deployed)
  • ValtixControllerRoleArn
  • ValtixFirewallRoleName
  • ValtixS3BucketArn
  • ValtixS3BucketName