menu
arrow_back
Back

Building a VPN Between Google Cloud and AWS with Terraform

—/100

Checkpoints

arrow_forward

Create service key for default service account

Deploy with Terraform

Building a VPN Between Google Cloud and AWS with Terraform

1 hour 30 minutes 7 Credits

GSP854

Google Cloud Self-Paced Labs

Overview

This lab will show you how to use Terraform by HashiCorp to create secure, private, site-to-site connections between Google Cloud and Amazon Web Services (AWS) using virtual private networks (VPNs). This is a multi-cloud deployment.

In this lab, you will deploy virtual machine (VM) instances into custom virtual private cloud (VPC) networks in Google Cloud and AWS. You then deploy supporting infrastructure to construct a VPN connection with two Internet Protocol security (IPsec) tunnels between the Google Cloud and AWS VPC networks. The environment and tunnel deployment usually completes within four minutes. This lab is based off of the Automated Network Deployment tutorial.

Deployment Architecture

In this lab, you build the following deployment environment:

automated-network-deployment-3-architecture.png

Objectives

In this lab, you will:

  • Build custom VPC networks with user-specified CIDR blocks in Google Cloud and AWS
  • Deploy a VM instance in each VPC network
  • Create VPN gateways in each VPC network and related resources for two IPsec tunnels

While Google Cloud uses routes to support equal-cost multi-path (ECMP) routing, AWS supports VPN gateways with two tunnels, active and standby, for redundancy and availability.

Routing

The lab configuration uses Cloud Router to demonstrate dynamic routing. Cloud Router exchanges your VPC network route updates with your environment in AWS using Border Gateway Protocol (BGP). Dynamic routing by Cloud Router requires a separate Cloud Router for each IPsec tunnel. Alternatively, you can configure a setup with static routes. Both configurations are covered in the Cloud VPN Interop Guide.

Join Qwiklabs to read the rest of this lab...and more!

  • Get temporary access to the cloud console.
  • Over 200 labs from beginner to advanced levels.
  • Bite-sized so you can learn at your own pace.
Join to Start This Lab