This is an example repo to demonstrate WireGuard VPN deployed on Amazon EC2 with Network Load Balancer, a Route53 Domain and Amazon Linux 2. Keys are handled via AWS Parameter Store, encrypted with AWS KMS to prevent the need for reconfiguration when instances are scaled, updated or terminated.
Disclaimer: provided as an example and some assumptions have been made for network layout.
Reach out on Reddit with any queries or tips!
- Generate keys for your server and peer with
wg genkey | tee privatekey | wg pubkey > publickeythen save them in encrypted SSM Parameters called/wireguard/privateand/wireguard/peerpublic - Set Cloudformation parameters in
config/wireguard-${your region}.jsonto suit - Deploy
pipeline.ymlvia Cloudformation - Configure and connect your peer
