create a Web site-to-Web site VPN in Terraform

To create a site-to-site VPN utilizing Terraform, you should utilize the aws_vpn_gateway and aws_vpn_connection assets from the AWS supplier. Right here’s an instance Terraform configuration to create a site-to-site VPN:

useful resource "aws_vpn_gateway" "vpn_gateway" {
  vpc_id       = "<VPC_ID>"
  tags = {
    Identify = "SiteToSiteVPN"

useful resource "aws_vpn_connection" "vpn_connection" {
  customer_gateway_id = "<CUSTOMER_GATEWAY_ID>"
  vpn_gateway_id     =
  kind               = "ipsec.1"
  static_routes_only = true

  tags = {
    Identify = "SiteToSiteVPNConnection"

useful resource "aws_vpn_connection_route" "vpn_connection_route" {
  destination_cidr_block = "<DESTINATION_CIDR_BLOCK>"
  vpn_connection_id     =

Within the above Terraform configuration, it is advisable change <VPC_ID> with the ID of the VPC the place the VPN gateway might be connected, <CUSTOMER_GATEWAY_ID> with the ID of the client gateway representing the distant website, and <DESTINATION_CIDR_BLOCK> with the CIDR block of the distant community you wish to connect with.

This configuration creates a VPN gateway (aws_vpn_gateway), a VPN connection (aws_vpn_connection), and a VPN connection route (aws_vpn_connection_route). The VPN gateway is connected to the required VPC, and the VPN connection is related to the client gateway and the VPN gateway. The VPN connection route specifies the vacation spot CIDR block that needs to be routed by way of the VPN connection.

After you have the Terraform configuration prepared, you may initialize the Terraform venture, plan the infrastructure adjustments, and apply them utilizing the Terraform CLI. The VPN assets might be provisioned based mostly on the configuration offered.

Leave a Reply

Your email address will not be published. Required fields are marked *