Cloudest - 블로그 이사했습니다
노션으로 블로그를 옮겼습니다.
흥미로운 포스팅이 올라옵니다!
cloudest.oopy.io
🛠
준비물 !
AWS 계정 및 Terraform 사용이 가능한 IAM
Terraform 실행이 가능한 환경 ( Linux & Windows & MAC 등)
코드 작성 환경 ( VSC & 텍스트 에디터 등)
AWS 계정 및 Terraform 사용이 가능한 IAM
Terraform 실행이 가능한 환경 ( Linux & Windows & MAC 등)
코드 작성 환경 ( VSC & 텍스트 에디터 등)
시작 전
- 테라폼으로 하나씩 차근차근 빌드업 해나갈 것이다.
Transit Gateway란?
- VPC간에 통신이 가능하도록 하는 게이트웨이! (피어링은 Point-to-Point 방식으로 연결해야 하므로 VPC가 많아질수록 기하급수적으로 관리의 어려움을 겪는다.)
- Hub & Spoke 방식으로 Transit Gateway가 다른 VPC들의 Hub 역할을 수행한다.
- VPC 입장에서 혹은 아키텍처를 그릴 때 라우터와 같은 역할을 한다.
- 계정 내 VPC 뿐 아니라 타 계정의 VPC와도 연결 할 수 있다.
- VPN, DX 서비스를 통해 On-Premise와의 연결도 가능하다.
1. 변수 구성
1. 변수 구성
aws-variables.tf파일에 AWS에서 사용할 기본 정보들을 변수로 선언한다. (선언하지 않고 실제 파일에서 하드코딩 해도 되지만 테라폼으로 관리하는 리소스가 많아질수록 관리의 편의성과 코드의 재사용성을 위한 변수선언이 중요해진다.)########################################################################################## #AWS authentication variables variable "aws_access_key" { type = string description = "AWS Access Key" } variable "aws_secret_key" { type = string description = "AWS Secret Key" } variable "aws_key_pair" { type = string description = "AWS Key Pair" } ########################################################################################## #AWS region variable "aws_region" { description = "AWS region" default = "ap-northeast-2" } ########################################################################################## #AWS AZ variable "aws_az_a" { type = string description = "AWS AZ" default = "ap-northeast-2a" } variable "aws_az_c" { type = string description = "AWS AZ" default = "ap-northeast-2c" } ########################################################################################## #VPC생성 variable "aws_vpc_a_cidr" { type = string description = "CIDR for the VPC" default = "10.11.0.0/16" } variable "aws_vpc_b_cidr" { type = string description = "CIDR for the VPC" default = "10.22.0.0/16" } ########################################################################################## #서브넷 생성 variable "aws_vpc_a_subnet_a_cidr" { type = string description = "CIDR for the subnet" default = "10.11.1.0/24" } variable "aws_vpc_a_subnet_b_cidr" { type = string description = "CIDR for the subnet" default = "10.11.2.0/24" } variable "aws_vpc_b_subnet_a_cidr" { type = string description = "CIDR for the subnet" default = "10.22.1.0/24" } variable "aws_vpc_b_subnet_b_cidr" { type = string description = "CIDR for the subnet" default = "10.22.2.0/24" }common-variables.tf#Define application environment variable "app_environment" { type = string description = "Application environment" default = "TGW with Terraform by Cloudest" }terraform.tfvars파일에 테라폼을 통해 AWS에 접근하기 위한 IAM 유저의 정보를 입력해준다.tfvars확장자를 가진 파일 내부 내용은 자동으로 변수로 인식한다.aws_access_key = "[My AWS IAM User Access Key]" aws_secret_key = "[My AWS IAM User Secret Access Key]" aws_key_pair = "[My AWS Key Pair]"
2. Provider 생성
provider.tf파일로 작업중인 폴더에서 접근할 AWS 계정을 지정하기 위해 Provider를 지정해줘야 한다.#Initialize the AWS Provider = 아래 계정 정보로 활동! provider "aws" { access_key = var.aws_access_key secret_key = var.aws_secret_key region = var.aws_region }
2. VPC & 네트워크
1. VPC 2개 생성 (다른 언급 없는 모든 리소스는 VPC마다 각각 생성)
1-01-vpc.tf파일에 VPC를 생성하는 코드 작성#Create the VPC resource "aws_vpc" "vpc-a" { cidr_block = var.aws_vpc_a_cidr enable_dns_hostnames = false enable_dns_support = true tags = { Name = "vpc_a" Environment = var.app_environment } } resource "aws_vpc" "vpc-b" { cidr_block = var.aws_vpc_b_cidr enable_dns_hostnames = false enable_dns_support = true tags = { Name = "vpc_b" Environment = var.app_environment } }
2. 서브넷 2개 생성
1-02-subnet.tf파일에 VPC내부에 서브넷을 생성하는 코드 작성#Define the subnet resource "aws_subnet" "vpc-a-subnet-a" { vpc_id = aws_vpc.vpc-a.id cidr_block = var.aws_vpc_a_subnet_a_cidr availability_zone = var.aws_az_a tags = { Name = "vpc-a-sub-a" Environment = var.app_environment } } resource "aws_subnet" "vpc-a-subnet-b" { vpc_id = aws_vpc.vpc-a.id cidr_block = var.aws_vpc_a_subnet_b_cidr availability_zone = var.aws_az_c tags = { Name = "vpc-a-sub-b" Environment = var.app_environment } } resource "aws_subnet" "vpc-b-subnet-a" { vpc_id = aws_vpc.vpc-b.id cidr_block = var.aws_vpc_b_subnet_a_cidr availability_zone = var.aws_az_a tags = { Name = "vpc-b-sub-a" Environment = var.app_environment } } resource "aws_subnet" "vpc-b-subnet-b" { vpc_id = aws_vpc.vpc-b.id cidr_block = var.aws_vpc_b_subnet_b_cidr availability_zone = var.aws_az_c tags = { Name = "vpc-b-sub-b" Environment = var.app_environment } }
3. IGW 생성 및 VPC에 연결
1-03-igw.tf파일에 IGW 생성 및 VPC에 연결하는 코드 작성#Define the internet gateway resource "aws_internet_gateway" "vpc-a-igw" { vpc_id = aws_vpc.vpc-a.id tags = { Name = "vpc-a-igw" Environment = var.app_environment } } resource "aws_internet_gateway" "vpc-b-igw" { vpc_id = aws_vpc.vpc-b.id tags = { Name = "vpc-b-igw" Environment = var.app_environment } }
4. 라우팅 테이블 생성
1-04-rtb.tf파일에 라우팅 테이블 정책을 포함해 생성하는 코드 작성#Define the route table to the internet resource "aws_route_table" "vpc-a-rtb-subnet-a" { vpc_id = aws_vpc.vpc-a.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-a-igw.id } tags = { Name = "vpc-a-rtb-subnet-a" Environment = var.app_environment } } resource "aws_route_table" "vpc-a-rtb-subnet-b" { vpc_id = aws_vpc.vpc-a.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-a-igw.id } tags = { Name = "vpc-a-rtb-subnet-b" Environment = var.app_environment } } resource "aws_route_table" "vpc-b-rtb-subnet-a" { vpc_id = aws_vpc.vpc-b.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-b-igw.id } tags = { Name = "vpc-b-rtb-subnet-a" Environment = var.app_environment } } resource "aws_route_table" "vpc-b-rtb-subnet-b" { vpc_id = aws_vpc.vpc-b.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-b-igw.id } tags = { Name = "vpc-b-rtb-subnet-b" Environment = var.app_environment } }
5. 라우팅 테이블 편집 및 연결 (로컬 + 0.0.0.0/0 → IGW)
1-05-rtb-attach.tf파일에 rtb를 subnet에 연결하는 코드 작성#Assign the public route table to the subnet resource "aws_route_table_association" "vpc-a-rtb-subnet-a-attach"{ subnet_id = aws_subnet.vpc-a-subnet-a.id route_table_id = aws_route_table.vpc-a-rtb-subnet-a.id } resource "aws_route_table_association" "vpc-a-rtb-subnet-b-attach"{ subnet_id = aws_subnet.vpc-a-subnet-b.id route_table_id = aws_route_table.vpc-a-rtb-subnet-b.id } resource "aws_route_table_association" "vpc-b-rtb-subnet-a-attach"{ subnet_id = aws_subnet.vpc-b-subnet-a.id route_table_id = aws_route_table.vpc-b-rtb-subnet-a.id } resource "aws_route_table_association" "vpc-b-rtb-subnet-b-attach"{ subnet_id = aws_subnet.vpc-b-subnet-b.id route_table_id = aws_route_table.vpc-b-rtb-subnet-b.id }
결과 ( 1~5 종합코드)
vpc.tf파일에 작성한 코드를 모아준다.########################################################################################## ### VPC 및 기본 네트워크 구성 #Create the VPC resource "aws_vpc" "vpc-a" { cidr_block = var.aws_vpc_a_cidr enable_dns_hostnames = false enable_dns_support = true tags = { Name = "vpc_a" Environment = var.app_environment } } resource "aws_vpc" "vpc-b" { cidr_block = var.aws_vpc_b_cidr enable_dns_hostnames = false enable_dns_support = true tags = { Name = "vpc_b" Environment = var.app_environment } } ########################################################################################## #Define the subnet resource "aws_subnet" "vpc-a-subnet-a" { vpc_id = aws_vpc.vpc-a.id cidr_block = var.aws_vpc_a_subnet_a_cidr availability_zone = var.aws_az_a tags = { Name = "vpc-a-sub-a" Environment = var.app_environment } } resource "aws_subnet" "vpc-a-subnet-b" { vpc_id = aws_vpc.vpc-a.id cidr_block = var.aws_vpc_a_subnet_b_cidr availability_zone = var.aws_az_c tags = { Name = "vpc-a-sub-b" Environment = var.app_environment } } resource "aws_subnet" "vpc-b-subnet-a" { vpc_id = aws_vpc.vpc-b.id cidr_block = var.aws_vpc_b_subnet_a_cidr availability_zone = var.aws_az_a tags = { Name = "vpc-b-sub-a" Environment = var.app_environment } } resource "aws_subnet" "vpc-b-subnet-b" { vpc_id = aws_vpc.vpc-b.id cidr_block = var.aws_vpc_b_subnet_b_cidr availability_zone = var.aws_az_c tags = { Name = "vpc-b-sub-b" Environment = var.app_environment } } ########################################################################################## #Define the internet gateway resource "aws_internet_gateway" "vpc-a-igw" { vpc_id = aws_vpc.vpc-a.id tags = { Name = "vpc-a-igw" Environment = var.app_environment } } resource "aws_internet_gateway" "vpc-b-igw" { vpc_id = aws_vpc.vpc-b.id tags = { Name = "vpc-b-igw" Environment = var.app_environment } } ########################################################################################## #Define the route table to the internet resource "aws_route_table" "vpc-a-rtb-subnet-a" { vpc_id = aws_vpc.vpc-a.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-a-igw.id } tags = { Name = "vpc-a-rtb-subnet-a" Environment = var.app_environment } } resource "aws_route_table" "vpc-a-rtb-subnet-b" { vpc_id = aws_vpc.vpc-a.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-a-igw.id } tags = { Name = "vpc-a-rtb-subnet-b" Environment = var.app_environment } } resource "aws_route_table" "vpc-b-rtb-subnet-a" { vpc_id = aws_vpc.vpc-b.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-b-igw.id } tags = { Name = "vpc-b-rtb-subnet-a" Environment = var.app_environment } } resource "aws_route_table" "vpc-b-rtb-subnet-b" { vpc_id = aws_vpc.vpc-b.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-b-igw.id } tags = { Name = "vpc-b-rtb-subnet-b" Environment = var.app_environment } } ######################################################################################### #Assign the public route table to the subnet resource "aws_route_table_association" "vpc-a-rtb-subnet-a-attach"{ subnet_id = aws_subnet.vpc-a-subnet-a.id route_table_id = aws_route_table.vpc-a-rtb-subnet-a.id } resource "aws_route_table_association" "vpc-a-rtb-subnet-b-attach"{ subnet_id = aws_subnet.vpc-a-subnet-b.id route_table_id = aws_route_table.vpc-a-rtb-subnet-b.id } resource "aws_route_table_association" "vpc-b-rtb-subnet-a-attach"{ subnet_id = aws_subnet.vpc-b-subnet-a.id route_table_id = aws_route_table.vpc-b-rtb-subnet-a.id } resource "aws_route_table_association" "vpc-b-rtb-subnet-b-attach"{ subnet_id = aws_subnet.vpc-b-subnet-b.id route_table_id = aws_route_table.vpc-b-rtb-subnet-b.id }
3. EC2
1. 보안그룹 생성
2-01-sg.tf파일에 EC2에 적용 할 보안그룹을 생성한다.# SG - allow SSH and ICMP to EC2 resource "aws_security_group" "vpc-a-sg-ec2" { name = "vpc-a-sg-ec2" description = "Allow incoming HTTP connections" vpc_id = aws_vpc.vpc-a.id ingress { from_port = 22 #ssh 접속을 위한 Inbound to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { from_port = 8 #ping test를 위한 Inbound to_port = 0 protocol = "icmp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } tags = { Name = "vpc-a-sg-ec2" Environment = var.app_environment } } resource "aws_security_group" "vpc-b-sg-ec2" { name = "vpc-b-sg-ec2" description = "Allow incoming HTTP connections" vpc_id = aws_vpc.vpc-b.id ingress { from_port = 22 #ssh 접속을 위한 Inbound to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { from_port = 8 #ping test를 위한 Inbound to_port = 0 protocol = "icmp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } tags = { Name = "vpc-b-sg-ec2" Environment = var.app_environment } }
2. EIP 생성
2-02-eip.tf파일에 EC2 SSH 연결을 위해 EIP를 생성해준다.#Create Elastic IP for web server resource "aws_eip" "vpc-a-eip-ec2" { vpc = true tags = { Name = "elastic-ip" Environment = var.app_environment } } resource "aws_eip" "vpc-b-eip-ec2" { vpc = true tags = { Name = "elastic-ip" Environment = var.app_environment } }
3. EC2 생성 ( 아마존 리눅스 2 + public IP )
2-03-ec2.tf파일에 EC2 인스턴스 생성 코드를 작성한다.#Create EC2 Instances for Web Server resource "aws_instance" "vpc-a-ec2-test" { ami = "ami-09282971cf2faa4c9" instance_type = "t2.micro" subnet_id = aws_subnet.vpc-a-subnet-a.id vpc_security_group_ids = [aws_security_group.vpc-a-sg-ec2.id] associate_public_ip_address = true source_dest_check = false key_name = "keykey" tags = { Name = "vpc-a-ec2-test" Environment = var.app_environment } } resource "aws_instance" "vpc-b-ec2-test" { ami = "ami-09282971cf2faa4c9" instance_type = "t2.micro" subnet_id = aws_subnet.vpc-b-subnet-a.id vpc_security_group_ids = [aws_security_group.vpc-b-sg-ec2.id] associate_public_ip_address = true source_dest_check = false key_name = "keykey" tags = { Name = "vpc-b-ec2-test" Environment = var.app_environment } }
4. EIP ↔ EC2 연결
2-04-eip-attach.tf파일에 EIP를 EC2에 연결하는 코드를 작성한다.#Associate Elastic IP to Web Server resource "aws_eip_association" "vpc-a-eip-association" { instance_id = aws_instance.vpc-a-ec2-test.id allocation_id = aws_eip.vpc-a-eip-ec2.id } resource "aws_eip_association" "vpc-b-eip-association" { instance_id = aws_instance.vpc-b-ec2-test.id allocation_id = aws_eip.vpc-b-eip-ec2.id }
5. SSH접속 후 핑 통신 불가 확인
각 VPC의 EC2들이 서로의 EIP 혹은 자신의 EIP로는 정상적으로 Ping이 성공한다.
하지만 사설 IP의 Ping은 서로에게 전달되지 않고 자기 자신을 향한 Ping만 가능하다. = 즉 VPC끼리 격리되어있는 상황
지금은 SSH 접속을 통해 Ping 통신을 보기 위해 EIP를 연결했고 인터넷 통신이 가능하지만, VPC는 각각 격리되어있기 때문에 인터넷이 없는 Private Subnet간 통신은 불가능한 상황이다.
결과 (1~5 종합코드)
ec2.tf파일에 EC2 관련 코드를 모아준다.### EC2 ### # SG - allow SSH and ICMP to EC2 resource "aws_security_group" "vpc-a-sg-ec2" { name = "vpc-a-sg-ec2" description = "Allow incoming HTTP connections" vpc_id = aws_vpc.vpc-a.id ingress { from_port = 22 #ssh 접속을 위한 Inbound to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { from_port = 8 #ping test를 위한 Inbound to_port = 0 protocol = "icmp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } tags = { Name = "vpc-a-sg-ec2" Environment = var.app_environment } } resource "aws_security_group" "vpc-b-sg-ec2" { name = "vpc-b-sg-ec2" description = "Allow incoming HTTP connections" vpc_id = aws_vpc.vpc-b.id ingress { from_port = 22 #ssh 접속을 위한 Inbound to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { from_port = 8 #ping test를 위한 Inbound to_port = 0 protocol = "icmp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } tags = { Name = "vpc-b-sg-ec2" Environment = var.app_environment } } ######################################################################################### #Create Elastic IP for web server resource "aws_eip" "vpc-a-eip-ec2" { vpc = true tags = { Name = "elastic-ip" Environment = var.app_environment } } resource "aws_eip" "vpc-b-eip-ec2" { vpc = true tags = { Name = "elastic-ip" Environment = var.app_environment } } ######################################################################################### #Create EC2 Instances for Web Server resource "aws_instance" "vpc-a-ec2-test" { ami = "ami-09282971cf2faa4c9" instance_type = "t2.micro" subnet_id = aws_subnet.vpc-a-subnet-a.id vpc_security_group_ids = [aws_security_group.vpc-a-sg-ec2.id] associate_public_ip_address = true source_dest_check = false key_name = "keykey" tags = { Name = "vpc-a-ec2-test" Environment = var.app_environment } } resource "aws_instance" "vpc-b-ec2-test" { ami = "ami-09282971cf2faa4c9" instance_type = "t2.micro" subnet_id = aws_subnet.vpc-b-subnet-a.id vpc_security_group_ids = [aws_security_group.vpc-b-sg-ec2.id] associate_public_ip_address = true source_dest_check = false key_name = "keykey" tags = { Name = "vpc-b-ec2-test" Environment = var.app_environment } } ######################################################################################## #Associate Elastic IP to Web Server resource "aws_eip_association" "vpc-a-eip-association" { instance_id = aws_instance.vpc-a-ec2-test.id allocation_id = aws_eip.vpc-a-eip-ec2.id } resource "aws_eip_association" "vpc-b-eip-association" { instance_id = aws_instance.vpc-b-ec2-test.id allocation_id = aws_eip.vpc-b-eip-ec2.id }
4.TGW
1. TGW(Transit Gateway) 생성
3-01-tgw.tf파일에 TGW 생성 코드를 작성한다.#Create Transit Gateway resource "aws_ec2_transit_gateway" "test-tgw" { description = "Transit Gateway" auto_accept_shared_attachments = "enable" tags = { Name = "test-tgw" Environment = var.app_environment } }
2. 서브넷을 TGW에 연결
3-02-attach-sub-to-tgw.tf파일에 TGW ↔ RTB 연결 코드를 작성한다.#Attach subnet to TGW resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-a-tgw-attachment" { vpc_id = aws_vpc.vpc-a.id #서브넷이 위치하는 VPC subnet_ids = [aws_subnet.vpc-a-subnet-a.id, aws_subnet.vpc-a-subnet-b.id ]#TGW에 붙을 서브넷 transit_gateway_id = aws_ec2_transit_gateway.test-tgw.id #붙을 대상이되는 TGW tags = { Name = "test-tgw-attachment" } } resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-b-tgw-attachment" { vpc_id = aws_vpc.vpc-b.id subnet_ids = [aws_subnet.vpc-b-subnet-a.id, aws_subnet.vpc-b-subnet-b.id ] transit_gateway_id = aws_ec2_transit_gateway.test-tgw.id tags = { Name = "test-tgw-attachment" } }
3. 라우팅 테이블 수정
1-04-rtb.tf파일에서 생성한 RTB를 수정한다. (TGW로 라우팅을 해줘야 함)#Modify route tables resource "aws_route_table" "vpc-a-rtb-subnet-a" { vpc_id = aws_vpc.vpc-a.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-a-igw.id } route { cidr_block = var.aws_vpc_b_cidr transit_gateway_id = aws_ec2_transit_gateway.test-tgw.id } tags = { Name = "vpc-a-rtb-subnet-a" Environment = var.app_environment } } resource "aws_route_table" "vpc-a-rtb-subnet-b" { vpc_id = aws_vpc.vpc-a.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-a-igw.id } route { cidr_block = var.aws_vpc_b_cidr transit_gateway_id = aws_ec2_transit_gateway.test-tgw.id } tags = { Name = "vpc-a-rtb-subnet-b" Environment = var.app_environment } } resource "aws_route_table" "vpc-b-rtb-subnet-a" { vpc_id = aws_vpc.vpc-b.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-b-igw.id } route { cidr_block = var.aws_vpc_a_cidr transit_gateway_id = aws_ec2_transit_gateway.test-tgw.id } tags = { Name = "vpc-b-rtb-subnet-a" Environment = var.app_environment } } resource "aws_route_table" "vpc-b-rtb-subnet-b" { vpc_id = aws_vpc.vpc-b.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.vpc-b-igw.id } route { cidr_block = var.aws_vpc_a_cidr transit_gateway_id = aws_ec2_transit_gateway.test-tgw.id } tags = { Name = "vpc-b-rtb-subnet-b" Environment = var.app_environment } }
결과 (1~3 종합코드)
tgw.tf파일에 tgw 코드를 모아준다.#Create Transit Gateway resource "aws_ec2_transit_gateway" "test-tgw" { description = "Transit Gateway" auto_accept_shared_attachments = "enable" tags = { Name = "test-tgw" Environment = var.app_environment } } ########################################################################################## #Attach subnet to TGW resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-a-tgw-attachment" { vpc_id = aws_vpc.vpc-a.id #서브넷이 위치하는 VPC subnet_ids = [aws_subnet.vpc-a-subnet-a.id, aws_subnet.vpc-a-subnet-b.id ]#TGW에 붙을 서브넷 transit_gateway_id = aws_ec2_transit_gateway.test-tgw.id #붙을 대상이되는 TGW tags = { Name = "test-tgw-attachment" } } resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-b-tgw-attachment" { vpc_id = aws_vpc.vpc-b.id subnet_ids = [aws_subnet.vpc-b-subnet-a.id, aws_subnet.vpc-b-subnet-b.id ] transit_gateway_id = aws_ec2_transit_gateway.test-tgw.id tags = { Name = "test-tgw-attachment" } }
5. 결과 확인
- 최종 완성된 코드 파일들
- 최종 완성된 Workspaces에서 terraform apply 명령을 통해 적용한다.
- VPC간 통신 확인
Uploaded by Notion2Tistory v1.1.0