Reputation: 31
Terraform AWS Transit Gateway and VPN Static Routes
Using Terraform, I have created the Transit Gateway, VPN definitions and associated them with the Transit Gateway. However, unable to to define static routes.
when trying to add the static routes, the error says it must be added via the Transit Gateway API. However, I cannot find that syntax.
resource "aws_vpn_connection_route" "vpn-p-usw2-xxxxxx-route-001" {
destination_cidr_block = "10.10.0.0/16"
vpn_connection_id = "${aws_vpn_connection.vpn-p-usw2-xxxxxx.id}"
}
Error: Error creating VPN connection route:
InvalidVpnConnection.InvalidType: Static routes for vpn-0f6d1ac578b957bf1
must be added through the Transit Gateway API.
status code: 400, request id:
f4e1c61c-be16-4dc7-a608- d7a5d6ad57c7
Upvotes: 3
Views: 2205
Answers (1)
Reputation: 1318
Per https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpn-attachments.html
"For static VPNs, add the static routes to the transit gateway route table."
You need to:
- Create a Transit Gateway Route Table
- Add static routes targeting your VPN connection
You won't see these prefixes in the VPN console. The TGW is the one that needs to know about those routes and will send the traffic there correctly.
This also means that if you are using more than one Transit Gateway Route Table, you will need to add the static routes to all of the tables associated with VPCs that you want to route to this VPN.
Upvotes: 2
Related Questions
- How can I create route path in terraform for AWS apigateway version2?
- Configure Multiple NAT gateways
- Adding Extra Routes to route table using terraform module
- Terraform route table association with VPC Endpoint
- AWS IP address to use in terraform IPSec tunnels (via Transit Gateway)
- AWS Transit Gateway Routing
- Terraform NAT Gateway To Setup Route Table
- AWS Transit Gateway
- Terraform: programmatically generate multiple routing tables for multiple VPC peering connections
- How to route between two subnets in an AWS VPC w/ Terraform?