This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is there a CloudFormation template that will allow you to stand up an HA-UTM cluster in an existing VPC

It seems like the current UTM CF templates here: https://github.com/sophos-iaas/aws-cf-templates want to create a brand-new VPC.

I'm not super-familiar with modifying cloud formation templates -- but it seems like there ought to be an option to set up an HA UTM in an existing VPC.

Has anyone done this?   I can do this with the "standalone" template... but that one requires an additional step of configuring the UTM via the web console after launch.

I'm trying to automate the whole process so I can spin up a new UTM in an existing VPC purely from code, without interactive configuration steps.



This thread was automatically locked due to age.
Parents
  • Hi Iprikockis, Sophos doesn't formally maintain Cloudformation templates to deploy HA or Autoscaling into an existing VPC, excluding the standalone conversion templates.  

    However, reach out to the Public Cloud (formally IaaS) team and see if they might be able to help you out.  Sometimes they have templates which aren't on the main GitHub site for cases such as this.  iaas@sophos.com. 

    Tim

  • Thanks... I'll do that... 

    I find it strange that this isn't a more commonly asked for use-case though.  It seems hard to believe Sophos doesn't officially support (without going the extra step of finding "custom" templates) of standing up a new UTM in an existing environment.

Reply
  • Thanks... I'll do that... 

    I find it strange that this isn't a more commonly asked for use-case though.  It seems hard to believe Sophos doesn't officially support (without going the extra step of finding "custom" templates) of standing up a new UTM in an existing environment.

Children
  • Not so hard to believe if you consider the potential repercussions of releasing a CFT to the public which launches a bunch of resources into an existing environment.  Something like this I'm sure has been well thought through.  I assume the reasoning for it is justified, IMO.  

    Tim