4 docs tagged with "vpn"

A Virtual Private Cloud is a logically isolated network within in AWS.

Terraform module to create a peering connection between two VPCs

Terraform module to create a peering connection between any two VPCs existing in different AWS accounts. This module supports performing this action from a 3rd account (e.g. a "root" account) by specifying the roles to assume for each member account. **IMPORTANT:** AWS allows a multi-account VPC Peering Connection to be deleted from either the requester's or accepter's side. However, Terraform only allows the VPC Peering Connection to be deleted from the requester's side by removing the corresponding `aws_vpc_peering_connection` resource from your configuration. [Read more about this](https://www.terraform.io/docs/providers/aws/r/vpc_peering_accepter.html) on Terraform's documentation portal.

Terraform module to provision a [site-to-site](https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) [VPN connection](https://docs.aws.amazon.com/vpc/latest/userguide/vpn-connections.html) between a VPC and an on-premises network. The module can do the following: - Create a Virtual Private Gateway (VPG) and attach it to the VPC - Create a Customer Gateway (CGW) pointing to the provided Internet-routable IP address of the external interface on the on-premises network - Create a Site-to-Site Virtual Private Network (VPN) connection - Request automatic route propagation between the VPG and the provided route tables in the VPC - If the VPN connection is configured to use static routes, provision a static route between the VPN connection and the CGW Exactly what it does depends on the input parameters. The module is designed to be flexible and can be used in a variety of scenarios. - If you supply `customer_gateway_ip_address` and set `transit_gateway_enabled` to `true`, the module will create a CGW, then create a VPN connection, and then assign the connection to the Transit Gateway identified by `existing_transit_gateway_id` and the created CGW - If you supply `customer_gateway_ip_address` and set `transit_gateway_enabled` to `false`, the module will create a VPG and CGW, then create a VPN connection, and then assign it to the VPG and CGW - If you do not supply `customer_gateway_ip_address` (set it to `null`) then the module will only create a VPG The module also provides some options for adding routes to the VPC or TGW route tables. You need to use the options that correspond to the kind of attachment point (VPC or TGW) you are using.