≡ Menu

24 Examples to Manage AWS Transit Gateway and Attachments from CLI

AWS Transit gateway acts as a hub to connect multiple VPC and on-prem networks. Apart from attaching a VPC to transit hub and routing traffic, you can also attach a VPN connection or Direct Connect gateway to your transit gateway. You can also peer two transit gateways and route traffic between them.

In a multi-account environment, you can create Transit gateway in a central network account and share them with external accounts or with accounts within your organization.

(more…)

PaloAlto releases software updates on an on-going basis. It’s essential that you stay current with the latest stable release of firewall.

On a high-level the following are 5 easy steps to upgrade PaloAlto firewall:

  1. Pre-install: Verify current software version
  2. Check Available Software Versions
  3. Download Latest Version of PaloAlto
  4. Install the Latest version of Firewall Software
  5. Post-install: Reboot and verify new software version

Apart from upgrading from CLI, this tutorial also explains how to upgrade PAN-OS from PaloAlto console.

(more…)

[Python Functions]Functions are code snippets in a block that is assigned a name. It takes input, performs computation or an action and returns the output.

Functions enhances the reusability of the code.

In this tutorial, we’ll discuss the following examples:
(more…)

Once you create a Managed AD in an AWS account, you can share this AD with other accounts.

This is a common use-case when you have AWS Managed Active Directory in a shared services account that needs to be shared with other workload accounts.

The following are few points to keep in mind:

  • Sharing to another account can happen only within the same region where the Managed AD resides
  • Shared directory will be visible to all the VPCs in the workload accounts
  • The shared directory on the workload account will get a directory id that is different than the original directory id in the shared services account.
  • If Managed AD directory is in an account where organization is enabled, then you also have the option of sharing it with all the accounts within the organization or with a specific account

(more…)

While working with PaloAlto firewall, sometimes you’ll find it easier to use CLI instead of console.

Working on CLI is very helpful when you are testing something on a dev/test firewall, where you repeatedly try-out the same thing with different values, and don’t want to do multiple clicks from the UI and retype everything.

In this tutorial, we’ll explain how to create and manage PaloAlto security and NAT rules from CLI. The following examples are explained:
(more…)

[Elasticsearch Cluster Setup]In our previous elasticsearch tutorial, we discussed how to install and setup a stand-alone elasticsearch instance.

While stand-alone installation is good for dev/test, for production, it is recommended to setup elasticsearch cluster. Elasticsearch cluster has many advantages over stand-alone.

(more…)

[Python Exception Handling]Exceptions in python are error thrown by syntactically correct statements.

They terminate the execution of the script. Some example of exceptions are NameError, TypeError, AssertionError, ConnectionAbortedError, etc.

These abortions can be handled to prevent the script from terminating unpredictable. Description of all python exceptions can be found here.

(more…)

[Elasticsearch CURD Operations]Elasticsearch supports storing documents in JSON format. It also provides REST interface to interact with elasticsearch datastore.

In this article, we will discuss how to do basic CRUD operations on elasticsearch datastore using the following examples:
(more…)