Course Hero Logo

Comma separated list outsidesubnetid the arn of an

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 13 - 16 out of 22 pages.

Comma separatedlistOutsideSubnetIdThe ARN of an existing KMS (AWS KMS key to encryptat rest). If specified, the management center and threatdefense virtual passwords should be encrypted. Thepassword encryption should be done using only thespecified ARN.Generating Encrypted Password Example: " aws kmsencrypt --key-id <KMS ARN> --plaintext <password> ".Please used such generated passwords as shown.Example: arn:aws:kms:us-east-1:[AWSAccount]:key/7d586a25-5875-43b1-bb68-a452e2f6468eStringKmsArnDeploy the Threat Defense Virtual Auto Scale for AWS13Deploy the Threat Defense Virtual Auto Scale for AWSInput Parameters
DescriptionAllowedValues/TypeParameterAll the threat defense virtual instances come up with adefault password, which is entered in theUserdatafieldof the Launch Template (Autoscale Group).This input will change the password to new providedpassword once the threat defense virtual is accessible.Please use a plain text password if KMS ARN is not used.If KMS ARN is used, then an encrypted password shouldbe used.Example: Cisco123789! orAQIAgcQFAGtz/hvaxMtJvY/x/rfHnI3lPpSXUStringngfwPasswordThe IP address of managing the management center, whichis reachable to both Lambda functions and the threatdefense virtual management interface.Example: 10.10.17.21Numeric stringfmcServerThe Network-Admin or higher privileged user created inmanaging the management center. See the informationabout creating users and roles in theCisco Secure FirewallManagement Center Device Configuration Guide.Example: apiuser-1StringfmcOperationsUsernamePlease use a plain text password if KMS ARN is notmentioned. If mentioned, then an encrypted passwordshould be used.Example: [email protected] orAQICAHgcQAtz/hvaxMtJvY/x/rnKI3clFPpSXUHQRnCAajBStringfmcOperationsPasswordThe management center device group name.Example: AWS-Cisco-NGFW-VMs-1StringfmcDeviceGrpNameIf set to "TRUE", then a Lambda function will be createdwhich runs once in every 2 minutes to fetch the memoryconsumption of registered threat defense virtual sensorsin the provided device group.Allowed values: TRUE, FALSEExample: TRUEBooleanfmcPublishMetricsDeploy the Threat Defense Virtual Auto Scale for AWS14Deploy the Threat Defense Virtual Auto Scale for AWSInput Parameters
DescriptionAllowedValues/TypeParameterThe unique management center user name for metricpublication to AWS CloudWatch. See the informationabout creating users and roles in theCisco Secure FirewallManagement Center Device Configuration Guide.If the "fmcPublishMetrics' is set to "FALSE" then there isno need to provide this input.Example: publisher-1StringfmcMetricsUsernameThe management center password for metric publicationto AWS CloudWatch. Please use a plain text password ifKMS ARN is not mentioned. If mentioned, then anencrypted password should be used.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 22 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
NoProfessor
Tags
IP address, AWS, Amazon Elastic Compute Cloud

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture