The following flowchart explains how the Barracuda CloudFormation Template works:
With regard to the flowchart, the following steps describe how a Barracuda CloudFormation Template works:
- A CloudFormation Template (CFT) is uploaded and a stack is created on Amazon Web Services. With this:
- An Amazon S3 bucket gets created with the specified stack name and unique ID.
- An appropriate IAM role to access the S3 bucket is added.
- The Barracuda Web Application Firewall VM(s) will be deployed and provisioned in the Virtual Private Cloud (VPC) specified while creating the stack.
- After the Barracuda Web Application Firewall VM(s) is/are up and ready to serve the traffic:
- It checks the S3 bucket created in step 1 (a) for any other existing VM(s) in this Auto Scaling group.
- If there is no VM data available in the S3 bucket, the VM is configured based on the service configuration data provided during CFT upload.
- If there is any VM information available in the S3 bucket, the VM clusters with the existing VM and gets all configuration synchronized to it.
- Adds its information to the S3 bucket created in step 1 (a). Typically, an S3 bucket stores the instance data such as serial number and primary IP address (i.e., WAN IP address) of the deployed Barracuda Web Application Firewall VM(s).
- It checks the S3 bucket created in step 1 (a) for any other existing VM(s) in this Auto Scaling group.
- The Barracuda Web Application Firewall is now ready to serve the traffic to the configured services.
- If the instance encounters high traffic flow and triggers any of the created alarms, such as high bandwidth utilization, CPU usage, etc., then:
- A new Barracuda Web Application Firewall for AWS instance gets initiated automatically.
- Looks at the S3 bucket created in step 1 (a) and clusters with it.
- Adds its information to the S3 bucket, and is ready to serve the traffic.
- Traffic gets distributed among the instances through ELB.
Next Step
Continue with the Importing the Barracuda Web Application Firewall PAYG CFT and Deploying the Instance article to import the CFT and deploy the instance.