To create a site-to-site VPN utilizing Terraform, you need to use the aws_vpn_gateway
and aws_vpn_connection
sources from the AWS supplier. Right here’s an instance Terraform configuration to create a site-to-site VPN:
useful resource "aws_vpn_gateway" "vpn_gateway" {
vpc_id = "<VPC_ID>"
tags = {
Title = "SiteToSiteVPN"
}
}
useful resource "aws_vpn_connection" "vpn_connection" {
customer_gateway_id = "<CUSTOMER_GATEWAY_ID>"
vpn_gateway_id = aws_vpn_gateway.vpn_gateway.id
kind = "ipsec.1"
static_routes_only = true
tags = {
Title = "SiteToSiteVPNConnection"
}
}
useful resource "aws_vpn_connection_route" "vpn_connection_route" {
destination_cidr_block = "<DESTINATION_CIDR_BLOCK>"
vpn_connection_id = aws_vpn_connection.vpn_connection.id
}
Within the above Terraform configuration, it’s worthwhile to exchange <VPC_ID>
with the ID of the VPC the place the VPN gateway shall be hooked up, <CUSTOMER_GATEWAY_ID>
with the ID of the shopper gateway representing the distant web site, and <DESTINATION_CIDR_BLOCK>
with the CIDR block of the distant community you wish to connect with.
This configuration creates a VPN gateway (aws_vpn_gateway
), a VPN connection (aws_vpn_connection
), and a VPN connection route (aws_vpn_connection_route
). The VPN gateway is hooked up to the desired VPC, and the VPN connection is related to the shopper gateway and the VPN gateway. The VPN connection route specifies the vacation spot CIDR block that needs to be routed by way of the VPN connection.
After getting the Terraform configuration prepared, you’ll be able to initialize the Terraform mission, plan the infrastructure modifications, and apply them utilizing the Terraform CLI. The VPN sources shall be provisioned primarily based on the configuration supplied.