f07e4f64e9
* exposing the network_id from the net-vpc module for use with tag bindings * convert vpc_create to vpc_reuse * Changed the reuse vars to standardised attributes * fixed readme tests and schemas * modified apigee blueprint to use vpc_reuse with network_id passthrough --------- Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
HA VPN connections between Google Cloud and AWS
This recipe demonstrates how to create highly available VPN connections between Google Cloud and Amazon Web Services (AWS) for direct communication between VPC networks across the two cloud platforms using a Virtual Private Gateway in AWS. For more details on this architecture have a look here
The architecture deployed by this recipe is the one depicted below:
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| aws_asn | AWS ASN. | string |
✓ | |
| aws_region | AWS Region. | string |
✓ | |
| aws_vpc_cidr_block | CIDR block. | string |
✓ | |
| gcp_asn | Google ASN. | string |
✓ | |
| gcp_region | GCP Region. | string |
✓ | |
| project_id | Project ID. | string |
✓ | |
| shared_secret | Shared secret. | string |
✓ | |
| _testing | Populate this variable to avoid triggering the data source. | object({…}) |
null |
|
| propagate_routes | Flag indicating whether routed received by AWS's Virtual Private Gateway should be propagated to main route table. | bool |
false |
Outputs
| name | description | sensitive |
|---|---|---|
| external_gateway | External VPN gateway resource. | |
| gateway | VPN gateway resource (only if auto-created). | |
| id | Fully qualified VPN gateway id. |
Test
module "gcp_vpn" {
source = "./fabric/modules/net-vpn-ha/recipe-vpn-aws-gcp"
project_id = "project-1"
_testing = {
name = "project-1"
number = 1234567890
}
aws_asn = 65001
gcp_asn = 65534
aws_region = "us-east-1"
gcp_region = "us-east1"
aws_vpc_cidr_block = "10.0.0.0/16"
shared_secret = "test123456"
}
# tftest modules=4 resources=36