It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda Web Application Firewall
Overview Documentation Training Certification Materials

User Data Tags for AWS Auto Scaling

  • Last updated on

User Data for Barracuda Web Application Firewall on AWS Auto Scaling

This article describes the flags supported by the user data to launch an Auto Scaling group for the Barracuda WAF instances. The format of the user data is as below:

Sample user data used for BYOL backup bootstrapped auto scaling launch

#!/bin/bash
/opt/aws/bwaf/aws_autoscale.pl --command init-config --enableRestoreBackup --saveSystemDataOnTermination --dumpEC2Details --enableTurboMode --stack wafqaauto-online-stack-07 --resource BWAFAutoScaleLaunchConfig --clustersecret secret123 --region us-west-2 --vpc vpc-ec0c458a --type m5.large --s3ClusterBucket <> --s3LicensingBucket <> --hostname C1-IN --timezone Asia/Kolkata --ntp test1.bc.com,test2.bc.com --s3LicensingFolder <> --s3BootstrappingBucket <> --s3BackupFolder <> --configBackup <>

BYOL Licensing Options: --licensebucket <> --subdirectory <> --defaultdomain <> --offlinelicensebucket <> --offlinelicensesubdir <> --healthcheck None
Eula Options: --signature user name --organization barracuda --email test@barracuda.com
Proxy Server:--prx_username <username> --prx_password <Password> --prx_server <IP> --prx_port <Port>
Stack Detail: --stack_name wafqaauto-online-stack-07

The following are the mandatory flags that must be used:

--command init-config: This should have the value “init-config”.
--enableRestoreBackup: This flag is for the Backup Bootstraping.
--stack <name>: Stack name.
--resource BWAFAutoScaleLaunchConfig :
--region <region>: Region where the stack is launched.
--vpc vpc-ec0c88a: VPC where the stack is launched.
--type m5.large: Instance type that is used by the instances.
--s3ClusterBucket <S3Bucketname>: S3 bucket name, which is created for managing the clustering.
--s3BootstrappingBucket <S3BucketName>: S3 Bucket name where the backup file exists.
--s3BackupFolder <FolderName>: Folder from bootstrap bucket where the backup file exists.
--configBackup <Backfilename>: Backup file to be used for bootstrapping.
--signature: Name of the user to sign the license agreement
--organization: Organization name.
--email: Email address.

Mandatory flags for a BYOL Auto scaling instance launch:

--s3LicensingBucket <S3BucketName>: S3 bucket name, where license file exists.
--s3LicensingFolder <FolderName>: Folder from the license bucket.
--licensebucket: S3 bucket name where the license file exists.
--subdirectory: Folder from the license bucket.
--defaultdomain: Default domain name that is used during the licensing.
--offlinelicensebucket: S3 bucket name where the license file exists.
--offlinelicensesubdir: Folder from the license bucket.
--healthcheck: This takes two values: None and ec2Describe.
--stack_name <name>: Stack name (the values for this is same as the --Stack flag )

Flags that are required for the Basic Bootstrapping:

--config <>: The value will be in the following format:

serviceName:ServicePort:ServerIP/Hostname:ServerPort

Advanced Flags

--saveSystemDataOnTermination: When instance gets terminated, the system snapshot will be saved to the cluster bucket.
--dumpEC2Details: Instance details will be written to the license bucket with the name InstanceDetails.dat.
--enableTurboMode: It enables turbo mode for the hostname resolution.
--maskAdminPassword: It disables the admin user for the UI.

Caveats:

flag –maskAdminPassword should only be used with backup-based bootstrapping. The backup should have the external LDAP configured under the Admin Access Control because the web interface admin password will be disabled. To access the web interface, you should use the LDAP user.