我正在尝试编写CloudFormation模板以部署Transit网关,并希望将区域的所有VPC连接到该网关。我已经编写了一个模板,但无法设置GatewayRoutetable路由
TransitGateway:
Type: "AWS::EC2::TransitGateway"
Properties:
AmazonSideAsn: 65000
Description: "TGW Route Integration "
AutoAcceptSharedAttachments: "disable"
DefaultRouteTableAssociation: "enable"
DnsSupport: "enable"
VpnEcmpSupport: "enable"
Tags:
- Key: Name
Value: !Join ["-", ["ath", !Ref 'Env', "transit", "gateway", !Ref 'AWS::Region']]
- Key: Env
Value: !Ref 'Env'
- Key: Region
Value: !Ref 'AWS::Region'
TransitGatewayAttachment:
Type: "AWS::EC2::TransitGatewayAttachment"
Properties:
SubnetIds:
- !Ref SubnetPublic1
- !Ref SubnetPublic2
- !Ref SubnetWorker1
- !Ref SubnetWorker2
TransitGatewayId: !Ref TransitGateway
VpcId: !Ref 'VPC'
TransitGatewayRouteTable:
Type: "AWS::EC2::TransitGatewayRouteTable"
Properties:
Tags:
- Key: Name
Value: !Join ["-", ["ath", !Ref 'Env', "RouteTable", "TransitGateway", !Ref 'AWS::Region']]
- Key: Env
Value: !Ref 'Env'
- Key: Region
Value: !Ref 'AWS::Region'
TransitGatewayId: !Ref TransitGateway
TransitGatewayRouting:
Type: "AWS::EC2::TransitGatewayRoute"
Properties:
Blackhole: true
DestinationCidrBlock:
TransitGatewayAttachmentId: !Ref TransitGatewayAttachment
TransitGatewayRouteTableId: !Ref TransitGateway
TransitGatewayRouteTableAssociation:
Type: "AWS::EC2::TransitGatewayRouteTableAssociation"
Properties:
TransitGatewayAttachmentId: !Ref TransitGatewayAttachment
TransitGatewayRouteTableId: !Ref TransitGatewayRouteTable
TransitGatewayRouteTablePropagation:
Type: "AWS::EC2::TransitGatewayRouteTablePropagation"
Properties:
TransitGatewayAttachmentId: !Ref TransitGatewayAttachment
TransitGatewayRouteTableId: !Ref TransitGatewayRouteTable
现在,我能够部署我的Transit Gateway,并将其附加到能够创建路由表的VPC上,但是我的问题是,当我来到TransitGatewayRouting时,它提示我输入CIDRdestination。我对它指的是哪个CIDR目的地感到困惑,因为它不能保持VPC的路由,所以现在应该说些什么使它开始工作。
问题的另一部分是我将如何进行编码,以便即使将来在同一区域中创建新的VPC时,也能够将该VPC连接到这个非常相同的传输网关。