To create a site-to-site VPN (Digital Personal Community) utilizing AWS CloudFormation, you need to use the
AWS::EC2::VPNConnection assets. Right here’s an instance CloudFormation template to create a site-to-site VPN:
AWSTemplateFormatVersion: '2010-09-09' Sources: VpnGateway: Sort: AWS::EC2::VPNGateway Properties: Sort: ipsec.1 Tags: - Key: Identify Worth: SiteToSiteVPN VpnConnection: Sort: AWS::EC2::VPNConnection Properties: Sort: ipsec.1 CustomerGatewayId: <CUSTOMER_GATEWAY_ID> VpnGatewayId: !Ref VpnGateway StaticRoutesOnly: true Tags: - Key: Identify Worth: SiteToSiteVPNConnection VpnConnectionRoute: Sort: AWS::EC2::VPNConnectionRoute Properties: DestinationCidrBlock: <DESTINATION_CIDR_BLOCK> VpnConnectionId: !Ref VpnConnection
Within the above template, you might want to substitute
<CUSTOMER_GATEWAY_ID> with the ID of the shopper gateway representing the distant website, and
<DESTINATION_CIDR_BLOCK> with the CIDR block of the distant community you wish to hook up with.
This template creates a VPN gateway (
VpnGateway) and a VPN connection (
VpnConnection). It additionally creates a VPN connection route (
VpnConnectionRoute) to specify the vacation spot CIDR block that must be routed by the VPN connection.
Observe that you could be want to change the template primarily based in your particular necessities, equivalent to configuring the shopper gateway or making further community changes.
After you have the CloudFormation template prepared, you’ll be able to create the stack utilizing the AWS CloudFormation console, AWS CLI, or AWS SDKs. The stack creation course of will provision the mandatory assets to determine the site-to-site VPN connection.