Showing posts with label regions. Show all posts
Showing posts with label regions. Show all posts

Monday, June 23, 2014

AWS CLI multiple profiles

Details on multiple AWS CLI profiles can be found here: http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-multiple-profiles

 Here is a summary of the highlights:
1. Location and name of configuration file:  Directory ~/.aws. File name is config.

 2. Define a profile by tying this at command prompt: aws configure --profile tomlaszeast (tomlaszeast is the name of the profile)

 3. Setting the profile to use is done using this command:
aws configure --profile tomlaszeast

Posted by at 1 comment:
Labels: , , , , , , , , , , ,

Sunday, June 22, 2014

OpenSwan on AWS

A common use case for using a third party VPN solution such as OpenSwan is to connect two regions VPCs through the use of an IPSec VPN server.  
First, set up a VPC in both regions with, here is what I did:
Region 1 (US-West-2) - VPC 10.0.0.0/16 with private subnet 10.0.0.0/24
Region 2 (Australia)- VPC 172.0.0.0/16 with private subnet 172.0.0.0/24

==================================================================================================================

Configure the VPN server software for the EC2 instances - Region 1

==================================================================================================================

Step 1
------
sudo yum install openswan

Step 2
------
nano /etc/ipsec.conf

Step 3
------
sudo vi /etc/ipsec.d/vpc1-to-vpc2.conf

Step 4
------
conn vpc1-to-vpc2
 type=tunnel
 authby=secret
 left=%defaultroute
 leftid=<EIP1>
 leftnexthop=%defaultroute
 leftsubnet=<VPC1 CIDR>
 right=<EIP2>
 rightsubnet=<VPC2 CIDR>
 pfs=yes
 auto=start

Step 5
------
sudo vi /etc/ipsec.d/vpc1-to-vpc2.secrets

Step 6
------
<EIP1> <EIP2>: PSK "<TYPE A KEY HERE>"



==================================================================================================================

Configure the VPN server software for the EC2 instances - Region 2

==================================================================================================================




Step 7
------
sudo vi /etc/ipsec.d/vpc2-to-vpc1.conf

Step 8
------
conn vpc2-to-vpc1
 type=tunnel
 authby=secret
 left=%defaultroute
 leftid=<EIP2>
 leftnexthop=%defaultroute
 leftsubnet=<VPC2 CIDR>
 right=<EIP1>
 rightsubnet=<VPC1 CIDR>
 pfs=yes
 auto=start




Note the CIDR needs to include the block range. For example: 10.0.0.0/16

Step 9
------
sudo vi /etc/ipsec.d/vpc2-to-vpc1.secrets

Step 10
-------
<EIP2> <EIP1>: PSK "<TYPE THE SAME KEY FROM STEP 6 HERE>"




==================================================================================================================

Configuration in each region

==================================================================================================================




Step 11
-------
a-
sudo service ipsec start

b-
sudo chkconfig ipsec on

c-
sudo vi /etc/sysctl.conf

net.ipv4.ip_forward = 1

d-
sudo service network restart


==================================================================================================================

Test your connections

==================================================================================================================

Step 1 - Region 1
------
ping 172.0.0.50




Step 2 - Region 2


ping 10.0.0.50


























Posted by



at





No comments:
  


















Labels:
,
,
,
,
,
,
,
,
,
,
,
,
,
,

















          

        

          

        

Monday, January 27, 2014


          

        









AWS getting started partner accreditation 














Great place to start for business and technical partners new to AWS:













Posted by



at





No comments:
  


















Labels:
,
,
,
,
,
,
,
,
,
,
,
,
,
,

























AWS Services : New Services and and updates 












Here are the number and an example of significant services and updates since 2008:

1. 2008 : 24 news services and features including Amazon EBS, Amazon CloudFront and EC2 Availability Zones

2. 2009 : 48 news services and features including Amazon RDS, Amazon VPC, Amazon EMR, and EC2 Auto Scaling.

3. 2010 : 61 new services and features including Amazon SNS, Amazon Route 53, Amazon IAM, and AWS Singapore Region.

4. 2011 : 82 new services and features including AWS San Paulo Region, AWS Oregon Region, AWS Tokoyo Region, and Amazon Oracle RDS.

5. 2012 : 159 new services and features including Amazon DynamoDB, Amazon Glacier, AWS Marketplace, and Amazon Storage Gateway.

6. 2013 : 245+ new services and features including AWS China Region, Amazon Redshift, Amazon Workspaces, and Amazon Kinesis.










Posted by



at





No comments:
  


















Labels:
,
,
,
,
,
,
,
,

















        

      









Subscribe to:
Posts (Atom)