menu
arrow_back

Building a VPN Between Google Cloud and AWS with Terraform

search share Teilnehmen Anmelden

Building a VPN Between Google Cloud and AWS with Terraform

1 Stunde 30 Minuten 7 Guthabenpunkte

GSP854

Google Cloud Self-Paced Labs

Overview

This lab will show you how to use Terraform by HashiCorp to create secure, private, site-to-site connections between Google Cloud and Amazon Web Services (AWS) using virtual private networks (VPNs). This is a multi-cloud deployment.

In this lab, you will deploy virtual machine (VM) instances into custom virtual private cloud (VPC) networks in Google Cloud and AWS. You then deploy supporting infrastructure to construct a VPN connection with two Internet Protocol security (IPsec) tunnels between the Google Cloud and AWS VPC networks. The environment and tunnel deployment usually completes within four minutes. This lab is based off of the Automated Network Deployment tutorial.

Deployment Architecture

In this lab, you build the following deployment environment:

automated-network-deployment-3-architecture.png

Objectives

In this lab, you will:

  • Build custom VPC networks with user-specified CIDR blocks in Google Cloud and AWS
  • Deploy a VM instance in each VPC network
  • Create VPN gateways in each VPC network and related resources for two IPsec tunnels

While Google Cloud uses routes to support equal-cost multi-path (ECMP) routing, AWS supports VPN gateways with two tunnels, active and standby, for redundancy and availability.

Routing

The lab configuration uses Cloud Router to demonstrate dynamic routing. Cloud Router exchanges your VPC network route updates with your environment in AWS using Border Gateway Protocol (BGP). Dynamic routing by Cloud Router requires a separate Cloud Router for each IPsec tunnel. Alternatively, you can configure a setup with static routes. Both configurations are covered in the Cloud VPN Interop Guide.

Wenn Sie sich in Qwiklabs anmelden, erhalten Sie Zugriff auf den Rest des Labs – und mehr!

  • Sie erhalten vorübergehenden Zugriff auf Cloud Console.
  • Mehr als 200 Labs für Einsteiger und Experten.
  • In kurze Sinneinheiten eingeteilt, damit Sie in Ihrem eigenen Tempo lernen können.
Beitreten, um dieses Lab zu starten