amazon-web-services - AWS Transit Gatway 连接一个区域中的多个 VPC(新 AWS 服务)
问题描述
我正在尝试编写一个 CloudFormation 模板来部署一个中转网关,并希望将我的一个区域的所有 VPC 连接到该网关。我写了一个模板,但无法设置 GatewayRoutetable 路由
TransitGateway:
Type: "AWS::EC2::TransitGateway"
Properties:
AmazonSideAsn: 65000
Description: "TGW Route Integration "
AutoAcceptSharedAttachments: "disable"
DefaultRouteTableAssociation: "enable"
DnsSupport: "enable"
VpnEcmpSupport: "enable"
Tags:
- Key: Name
Value: !Join ["-", ["ath", !Ref 'Env', "transit", "gateway", !Ref 'AWS::Region']]
- Key: Env
Value: !Ref 'Env'
- Key: Region
Value: !Ref 'AWS::Region'
TransitGatewayAttachment:
Type: "AWS::EC2::TransitGatewayAttachment"
Properties:
SubnetIds:
- !Ref SubnetPublic1
- !Ref SubnetPublic2
- !Ref SubnetWorker1
- !Ref SubnetWorker2
TransitGatewayId: !Ref TransitGateway
VpcId: !Ref 'VPC'
TransitGatewayRouteTable:
Type: "AWS::EC2::TransitGatewayRouteTable"
Properties:
Tags:
- Key: Name
Value: !Join ["-", ["ath", !Ref 'Env', "RouteTable", "TransitGateway", !Ref 'AWS::Region']]
- Key: Env
Value: !Ref 'Env'
- Key: Region
Value: !Ref 'AWS::Region'
TransitGatewayId: !Ref TransitGateway
TransitGatewayRouting:
Type: "AWS::EC2::TransitGatewayRoute"
Properties:
Blackhole: true
DestinationCidrBlock:
TransitGatewayAttachmentId: !Ref TransitGatewayAttachment
TransitGatewayRouteTableId: !Ref TransitGateway
TransitGatewayRouteTableAssociation:
Type: "AWS::EC2::TransitGatewayRouteTableAssociation"
Properties:
TransitGatewayAttachmentId: !Ref TransitGatewayAttachment
TransitGatewayRouteTableId: !Ref TransitGatewayRouteTable
TransitGatewayRouteTablePropagation:
Type: "AWS::EC2::TransitGatewayRouteTablePropagation"
Properties:
TransitGatewayAttachmentId: !Ref TransitGatewayAttachment
TransitGatewayRouteTableId: !Ref TransitGatewayRouteTable
现在我能够部署我的 Transit Gateway,也能够将它附加到能够创建路由表的 VPC,但是,我的问题是,当我来到 TransitGatewayRouting 时,它会提示我输入 CIDRdestination 。我对它指的是哪个 CIDR 目的地感到困惑,我应该提到什么才能让它现在工作,因为它没有保留 VPC 的路由。
另一个问题是我将如何编写代码,以便即使将来在同一区域创建新的 VPC,我也能够将该 VPC 连接到同一个中转网关。