This project shows how Cloud ACI works on public clouds such as AWS, how it normalizes and translates the ACI policy model into public cloud native constructs, and how Terraform can be leveraged to automate Cloud ACI operations.
High Level Diagram
Use Case: Single Region/Tenant/VRF
The code builds a VPC on us-east-1 region (same region as the infra VPC where cAPIC is deployed) with TGW, then creates two EPGs (Web & DB) which translates to 2 Security Groups, and enable Web access from Internet using contracts.
Pre-requisites
Cloud ACI running in AWS on a dedicated account/infra VPC. The Cloud APIC credentials and AWS account to be used for the user Tenant/VPC are defined in a variable file, as well as the name of the tenant.
Providers
Installation
- Install and set up your terraform environment
- Clone/copy the .tf files (main.tf, variables.tf, outputs.tf, and versions.tf) onto your terraform environment
- Create a terraform.tfvars file with your Cloud APIC credentials and AWS account used for the user tenant/VPC
- Optionally, the aws.tf file deploys two EC2 instances (web-vm and db-vm) for testing purposes.
Usage
terraform init
terraform plan
terraform apply
End State on Cloud ACI
Cloud Networking