notes.md 792 B
TODO:
Create an ebs key to encrypt the drive!
Ignore the below, HA is only possible in the same AZ. For HA, it needs an instance policy to move ENIs: (???) AttachNetworkInterface—For permission to attach an ENI to an instance. DescribeNetworkInterface—For fetching the ENI parameters in order to attach an interface to the instance. DetachNetworkInterface—For permission to detach the ENI from the EC2 instance. DescribeInstances—For permission to obtain information on the EC2 instances in the VPC. Wild card (*)—In the Amazon Resource Name (ARN) field use the * as a wild card. screenshot here: https://docs.paloaltonetworks.com/vm-series/7-1/vm-series-deployment/set-up-the-vm-series-firewall-in-aws/high-availability-for-vm-series-firewall-in-aws.html#22689