Welcome to the GitHub repository for F5's CloudFormation templates for deploying F5 in Amazon Web Services. All of the templates in this repository have been developed by F5 Networks engineers. Across all branches in this repository, there are two directories: supported and experimental
-
supported
The supported directory contains CloudFormation templates that have been created and fully tested by F5 Networks. These templates are fully supported by F5, meaning you can get assistance if necessary from F5 Technical Support via your typical methods. -
experimental
The experimental directory also contains CloudFormation templates that have been created by F5 Networks. However, these templates have not completed full testing and are subject to change. F5 Networks does not offer technical support for templates in the experimental directory, so use these templates with caution.
Descriptions for each template are contained at the top of each template in the Description key. For additional information, including how the templates are generated, and assistance in deploying a template, see the README file on the individual template pages.
F5 has created a matrix that contains all of the tagged releases of the F5 Cloud Formation Templates (CFTs) for Amazon AWS, and the corresponding BIG-IP versions, license types, and throughput levels available for a specific tagged release. See https://github.com/F5Networks/f5-aws-cloudformation/blob/master/aws-bigip-version-matrix.md.
If you have launched an F5 CFT template from a prior release, see the important note at the bottom of this page.
The following is a list of the current supported F5 CloudFormation templates. Click the links to view the README files which include the Launch buttons and additional information, or click the Launch Stack buttons to immediately launch the stack. Because individual templates may have specific prerequisites, we strongly recommend you view the README file before attempting to launch a template.
Important: You may have to select the AWS region in which you want to deploy after clicking the Launch Stack button
Standalone BIG-IP VE - Single NIC
-
Hourly, which uses pay-as-you-go hourly billing
-
Launch the existing stack template which includes an external IP address (typical):
-
Launch the production stack template, which does not include a public IP address (as described in the README):
-
-
BYOL (bring your own license), which allows you to use an existing BIG-IP license.
- Launch the existing stack template which includes an external IP address (typical):
- Launch the production stack template, which does not include a public IP address (as described in the README):
- Launch the existing stack template which includes an external IP address (typical):
-
BIG-IQ for licensing, which allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s).
- Launch the existing stack template which includes an external IP address (typical):
- Launch the production stack template, which does not include a public IP address (as described in the README):
- Launch the existing stack template which includes an external IP address (typical):
-
Hourly, which uses pay-as-you-go hourly billing
-
Launch the existing stack template which includes an external IP address (typical):
-
Launch the production stack template, which does not include a public IP address (as described in the README):
-
-
BYOL (bring your own license), which allows you to use an existing BIG-IP license.
- Launch the existing stack template which includes an external IP address (typical):
- Launch the production stack template, which does not include a public IP address (as described in the README):
- Launch the existing stack template which includes an external IP address (typical):
-
BIG-IQ for licensing, which allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s).
- Launch the existing stack template which includes an external IP address (typical):
- Launch the production stack template, which does not include a public IP address (as described in the README):
- Launch the existing stack template which includes an external IP address (typical):
-
Hourly, which uses pay-as-you-go hourly billing
-
Launch the existing stack template which includes an external IP address (typical):
-
Launch the production stack template, which does not include a public IP address (as described in the README):
-
-
BYOL (bring your own license), which allows you to use an existing BIG-IP license.
- Launch the existing stack template which includes an external IP address (typical):
- Launch the production stack template, which does not include a public IP address (as described in the README):
- Launch the existing stack template which includes an external IP address (typical):
-
BIG-IQ for licensing, which allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s).
- Launch the existing stack template which includes an external IP address (typical):
- Launch the production stack template, which does not include a public IP address (as described in the README):
- Launch the existing stack template which includes an external IP address (typical):
Clustered BIG-IP VE - 2 NICs
-
- Hourly, which uses pay-as-you-go hourly billing
- Launch the existing stack template which includes an external IP address (typical):
- Launch the production stack template, which does not include a public IP address (as described in the README):
- Launch the existing stack template which includes an external IP address (typical):
- BYOL (bring your own license), which allows you to use an existing BIG-IP license.
- Launch the existing stack template which includes an external IP address (typical):
- Launch the production stack template, which does not include a public IP address (as described in the README):
- Launch the existing stack template which includes an external IP address (typical):
- BIG-IQ for licensing, which allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s).
- Launch the existing stack template which includes an external IP address (typical):
- Launch the production stack template, which does not include a public IP address (as described in the README):
- Launch the existing stack template which includes an external IP address (typical):
- Hourly, which uses pay-as-you-go hourly billing
-
-
Hourly
-
BYOL
-
Using BIG-IQ for Licensing
-
Auto Scaling the BIG-IP Web Application Firewall in AWS
Auto Scaling the BIG-IP LTM in AWS
| If you used an F5 CFT template prior to release 2.7.1, BIG-IP virtual servers configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack, CVE-2017-6168). For complete information on this vulnerability, see https://support.f5.com/csp/article/K21905460. F5 has released hotfixes for all vulnerable releases. All of the templates in the current release in this repository use non-vulnerable BIG-IP VE images. If you are using a BIG-IP image launched from a previous version of a template, use the following guidance:
|
Copyright 2014-2017 F5 Networks Inc.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Individuals or business entities who contribute to this project must have completed and submitted the F5 Contributor License Agreement