-
Notifications
You must be signed in to change notification settings - Fork 0
/
aws-vpn.yaml
89 lines (75 loc) · 1.97 KB
/
aws-vpn.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
AWSTemplateFormatVersion: "2010-09-09"
Description: >
Creates CustomerGateway and enables static router if applicable
Metadata:
License: >
Copyright 2017 Google Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Parameters:
PeerIp:
Type: String
Description: IP Address of Peer
VPNGatewayId:
Type: String
BgpAsn:
Type: Number
MinValue: 64512
MaxValue: 65534
Description: Use private ASN 64512-65534 not used elsewhere in the network
Default: 65534
StaticRoutesOnly:
Type: String
Default: false
AllowedValues:
- false
- true
StaticRoute:
Type: String
Default: ""
Conditions:
CreateStaticRoute: !Not [ !Equals [ !Ref StaticRoute, "" ] ]
Resources:
GcpGw:
Type: "AWS::EC2::CustomerGateway"
Properties:
Type: ipsec.1
BgpAsn:
!Ref BgpAsn
IpAddress:
!Ref PeerIp
Tags:
-
Key: Name
Value: !Ref "AWS::StackName"
Vpn:
Type: "AWS::EC2::VPNConnection"
Properties:
Type: ipsec.1
CustomerGatewayId:
!Ref GcpGw
VpnGatewayId:
!Ref VPNGatewayId
StaticRoutesOnly:
!Ref StaticRoutesOnly
Tags:
-
Key: Name
Value: !Ref "AWS::StackName"
Route0:
Type: "AWS::EC2::VPNConnectionRoute"
Condition: CreateStaticRoute
Properties:
DestinationCidrBlock: !Ref StaticRoute
VpnConnectionId:
!Ref Vpn
Outputs:
VpnId:
Value: !Ref Vpn