Terraform AWS Transit Gateway 和 VPN 静态路由
[英]Terraform AWS Transit Gateway and VPN Static Routes
问题描述
Using Terraform, I have created the Transit Gateway, VPN definitions and associated them with the Transit Gateway.
使用 Terraform,我创建了 Transit Gateway、VPN 定义并将它们与 Transit Gateway 相关联。 However, unable to to define static routes.但是,无法定义静态路由。
when trying to add the static routes, the error says it must be added via the Transit Gateway API.尝试添加静态路由时,错误提示必须通过 Transit Gateway API 添加。 However, I cannot find that syntax.但是,我找不到那个语法。
resource "aws_vpn_connection_route" "vpn-p-usw2-xxxxxx-route-001" {
destination_cidr_block = "10.10.0.0/16"
vpn_connection_id = "${aws_vpn_connection.vpn-p-usw2-xxxxxx.id}"
}
Error: Error creating VPN connection route:
InvalidVpnConnection.InvalidType: Static routes for vpn-0f6d1ac578b957bf1
must be added through the Transit Gateway API.
status code: 400, request id:
f4e1c61c-be16-4dc7-a608- d7a5d6ad57c7
1 个解决方案
解决方案1
1 2019-08-27 15:25:01
Per https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpn-attachments.html根据https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpn-attachments.html
"For static VPNs, add the static routes to the transit gateway route table."
You need to:你需要:
- Create a Transit Gateway Route Table创建中转网关路由表
- Add static routes targeting your VPN connection添加针对您的 VPN 连接的静态路由
You won't see these prefixes in the VPN console.您不会在 VPN 控制台中看到这些前缀。 The TGW is the one that needs to know about those routes and will send the traffic there correctly. TGW 是需要知道这些路由并正确发送流量的那个。
This also means that if you are using more than one Transit Gateway Route Table, you will need to add the static routes to all of the tables associated with VPCs that you want to route to this VPN.这也意味着,如果您使用多个 Transit Gateway 路由表,则需要将静态路由添加到与要路由到此 VPN 的 VPC 关联的所有表中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.