To create a site-to-site VPN (Digital Personal Community) utilizing AWS CloudFormation, you need to use the AWS::EC2::VPNGateway and AWS::EC2::VPNConnection sources. Right here’s an instance CloudFormation template to create a site-to-site VPN:
AWSTemplateFormatVersion: '2010-09-09'
Assets:
VpnGateway:
Sort: AWS::EC2::VPNGateway
Properties:
Sort: ipsec.1
Tags:
- Key: Identify
Worth: SiteToSiteVPN
VpnConnection:
Sort: AWS::EC2::VPNConnection
Properties:
Sort: ipsec.1
CustomerGatewayId: <CUSTOMER_GATEWAY_ID>
VpnGatewayId: !Ref VpnGateway
StaticRoutesOnly: true
Tags:
- Key: Identify
Worth: SiteToSiteVPNConnection
VpnConnectionRoute:
Sort: AWS::EC2::VPNConnectionRoute
Properties:
DestinationCidrBlock: <DESTINATION_CIDR_BLOCK>
VpnConnectionId: !Ref VpnConnection
Within the above template, you could change <CUSTOMER_GATEWAY_ID> with the ID of the client gateway representing the distant web site, and <DESTINATION_CIDR_BLOCK> with the CIDR block of the distant community you wish to connect with.
This template creates a VPN gateway (VpnGateway) and a VPN connection (VpnConnection). It additionally creates a VPN connection route (VpnConnectionRoute) to specify the vacation spot CIDR block that ought to be routed by means of the VPN connection.
Word that you could be want to switch the template primarily based in your particular necessities, akin to configuring the client gateway or making extra community changes.
Upon getting the CloudFormation template prepared, you possibly can create the stack utilizing the AWS CloudFormation console, AWS CLI, or AWS SDKs. The stack creation course of will provision the required sources to determine the site-to-site VPN connection.
