This recipe demonstrates how to create highly available VPN connections between Google Cloud and Amazon Web Services (AWS) for direct communication between VPC networks across the two cloud platforms using a Virtual Private Gateway in AWS. For more details on this architecture have a look here
The architecture deployed by this recipe is the one depicted below:
| name | description | type | required | default |
|---|---|---|---|---|
| aws_asn | AWS ASN. | string |
✓ | |
| aws_region | AWS Region. | string |
✓ | |
| aws_vpc_cidr_block | CIDR block. | string |
✓ | |
| gcp_asn | Google ASN. | string |
✓ | |
| gcp_region | GCP Region. | string |
✓ | |
| project_id | Project ID. | string |
✓ | |
| shared_secret | Shared secret. | string |
✓ | |
| _testing | Populate this variable to avoid triggering the data source. | object({…}) |
null |
|
| propagate_routes | Flag indicating whether routed received by AWS's Virtual Private Gateway should be propagated to main route table. | bool |
false |
| name | description | sensitive |
|---|---|---|
| external_gateway | External VPN gateway resource. | |
| gateway | VPN gateway resource (only if auto-created). | |
| id | Fully qualified VPN gateway id. |
module "gcp_vpn" {
source = "./fabric/modules/net-vpn-ha/recipe-vpn-aws-gcp"
project_id = "project-1"
_testing = {
name = "project-1"
number = 1234567890
}
aws_asn = 65001
gcp_asn = 65534
aws_region = "us-east-1"
gcp_region = "us-east1"
aws_vpc_cidr_block = "10.0.0.0/16"
shared_secret = "test123456"
}
# tftest modules=4 resources=36