menu
arrow_back

Building a VPN Between Google Cloud and AWS with Terraform

search share 参加 ログイン

Building a VPN Between Google Cloud and AWS with Terraform

1時間 30分 クレジット: 7

GSP854

Google Cloud Self-Paced Labs

Overview

This lab will show you how to use Terraform by HashiCorp to create secure, private, site-to-site connections between Google Cloud and Amazon Web Services (AWS) using virtual private networks (VPNs). This is a multi-cloud deployment.

In this lab, you will deploy virtual machine (VM) instances into custom virtual private cloud (VPC) networks in Google Cloud and AWS. You then deploy supporting infrastructure to construct a VPN connection with two Internet Protocol security (IPsec) tunnels between the Google Cloud and AWS VPC networks. The environment and tunnel deployment usually completes within four minutes. This lab is based off of the Automated Network Deployment tutorial.

Deployment Architecture

In this lab, you build the following deployment environment:

automated-network-deployment-3-architecture.png

Objectives

In this lab, you will:

  • Build custom VPC networks with user-specified CIDR blocks in Google Cloud and AWS
  • Deploy a VM instance in each VPC network
  • Create VPN gateways in each VPC network and related resources for two IPsec tunnels

While Google Cloud uses routes to support equal-cost multi-path (ECMP) routing, AWS supports VPN gateways with two tunnels, active and standby, for redundancy and availability.

Routing

The lab configuration uses Cloud Router to demonstrate dynamic routing. Cloud Router exchanges your VPC network route updates with your environment in AWS using Border Gateway Protocol (BGP). Dynamic routing by Cloud Router requires a separate Cloud Router for each IPsec tunnel. Alternatively, you can configure a setup with static routes. Both configurations are covered in the Cloud VPN Interop Guide.

Qwiklabs に参加してこのラボの残りの部分や他のラボを確認しましょう。

  • Cloud Console への一時的なアクセス権を取得します。
  • 初心者レベルから上級者レベルまで 200 を超えるラボが用意されています。
  • ご自分のペースで学習できるように詳細に分割されています。
参加してこのラボを開始