Learn how creating a custom Amazon Machine Image (AMI)
can speed your deployment process.
| Where Can I Use This? | What Do I Need? |
|---|
|
|
- AWS account
- Amazon Machine Image (AMI) ID
- VM-Series License (PAYG or BYOL)
- VM-Series plugin
- Panorama
- Panorama plugin for AWS
|
A custom VM-Series AMI gives you the consistency and flexibility to deploy a
VM-Series firewall with the PAN-OS version you want to use on your network, instead
of restricting to using only an AMI that is published to the AWS public Marketplace
or to the AWS GovCloud Marketplace. Using a custom AMI speeds up the process of
deploying a firewall with the PAN-OS version of your choice because it reduces the
time to provision the firewall with an AMI published on the AWS public or AWS
GovCloud marketplace, and then performing software upgrades to get to the PAN-OS
version you have qualified or want to use on your network.
You can create a custom AMI with the BYOL, Bundle 1, or Bundle 2 licenses. The process of
creating a custom AMI requires you to remove all configuration from the firewall and
reset it to factory defaults. In this workflow, you’ll launch a new instance of the
firewall from the AWS Marketplace instead of using an existing firewall that you
have fully configured.
When creating a custom AMI with a BYOL version of the firewall, you must first activate the
license on the firewall. This allows you to access and download PAN-OS software
updates to upgrade your firewall. You then have to deactivate the license on the
firewall before you reset the firewall to factory defaults and create the custom
AMI. If you don’t deactivate the license, you lose the license that you applied
on this firewall instance.
