Terraform Destroy a targeting resource

Terraform Destroy a targeting resource

terraform plan -destroy -target=”resource_type.resource name” -out=plan.tfplan <– look the option -destroy in the plan.With this command you can create a file plan.tfplan with the plan of the resource to destroy.then use apply with the plan file to destroy the resource selected, NEVER USE TERRAFORM DESTROY:terraform apply plan.tfplan

Microtik IPSEC Ike2 VPN

Microtik IPSEC Ike2 VPN

/certificateadd common-name=ca name=casign “ca” ca-crl-host=x.x.x.xadd common-name=x.x.x.x subject-alt-name=IP:x.x.x.x key-usage=tls-server name=server1sign server1 ca=ca /ip ipsec profileadd name=ike2/ip ipsec proposaladd name=ike2 auth-algorithms=sha256 enc-algorithms=aes-256-cbc pfs-group=none /ip pooladd name=ike2-pool ranges=y.y.y.10-y.y.y.90/ip ipsec mode-configadd address-pool=ike2-pool address-prefix-length=32 name=ike2-conf /ip ipsec policy groupadd name=ike2-policies/ip ipsec policyadd dst-address=y.y.y.0/24 group=ike2-policies proposal=ike2 src-address=0.0.0.0/0 template=yes /ip ipsec peeradd exchange-mode=ike2 name=ike2 passive=yes profile=ike2 /ip ipsec identityadd auth-method=digital-signature certificate=server1 generate-policy=port-strict mode-config=ike2-conf peer=ike2 policy-template-group=ike2-policies /certificateadd common-name=rw-client1 name=rw-client1 key-usage=tls-clientsign rw-client1 ca=ca /certificateexport-certificate rw-client1 export-passphrase=12345 type=pkcs12 /certificateexport-certificate ca type=pem /certificateexport-certificate caexport-certificate rw-client1 export-passphrase=12345

Initial setup to git-gitlab-terraform connection.

Initial setup to git-gitlab-terraform connection.

PC to AWS connection config. create amazon account. configure the aws account to use MFA, could be admin permision or limited permission. Use authy app to auhenticate. configure aws account with a access key to be used with aws vault. install aws-vault run aws-vault add “awsuserhere” vi ~/.aws/config add [awsuserhere]region=”regionhere” mfa_serial=”mfaserialhere” mfa serial is under the user credential a string like aws:iam::202575445566:mfa/userforaws run ./brew/aws-vault exec userterraform –duration=12h PC git to Gitalb config. Create a ssh public key to remote access…

Read More Read More

Enable And Disable Firewalld on Centos 8

Enable And Disable Firewalld on Centos 8

Start and enable firewalld $ sudo systemctl start firewalld$ sudo systemctl enable firewalld Stop and disable firewalld $ sudo systemctl stop firewalld$ sudo systemctl disable firewalld Check the firewalld status $ sudo firewall-cmd –state