AWS Amazon EC2 Transit Gateway Route Table
This page shows how to write Terraform and CloudFormation for Amazon EC2 Transit Gateway Route Table and write them securely.
aws_ec2_transit_gateway_route_table (Terraform)
The Transit Gateway Route Table in Amazon EC2 can be configured in Terraform with the resource name aws_ec2_transit_gateway_route_table
. The following sections describe 2 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_ec2_transit_gateway_route_table" "tgw_rt_a" {
transit_gateway_id = aws_ec2_transit_gateway.tgw.id
tags = {
Name = "Route-Table-TGW-A"
}
depends_on = [aws_ec2_transit_gateway.tgw]
resource "aws_ec2_transit_gateway_route_table" "shared-services" {
transit_gateway_id = aws_ec2_transit_gateway.this.id
tags = {
Name = "SharedServices"
Environment = "sharedservices"
Parameters
-
arn
optional computed - string -
default_association_route_table
optional computed - bool -
default_propagation_route_table
optional computed - bool -
id
optional computed - string -
tags
optional - map from string to string -
transit_gateway_id
required - string
Explanation in Terraform Registry
Manages an EC2 Transit Gateway Route Table.
Tips: Best Practices for The Other AWS Amazon EC2 Resources
In addition to the aws_default_vpc, AWS Amazon EC2 has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
aws_default_vpc
Ensure to avoid using default VPC
It is better to define the own VPC and use it.
aws_network_acl_rule
Ensure your network ACL rule blocks unwanted inbound traffic
It is better to block unwanted inbound traffic.
aws_ebs_volume
Ensure to use a customer-managed key for EBS volume encryption
It is better to use a customer-managed key for EBS volume encryption. It can be gain more control over the encryption by using customer-managed keys (CMK).
aws_instance
Ensure to avoid storing AWS access keys in user data
It is better to avoid storing AWS access keys in user data. `aws_iam_instance_profile` could be used instead.
aws_security_group
Ensure your security group blocks unwanted inbound traffic
It is better to block unwanted inbound traffic.
AWS::EC2::TransitGatewayRouteTable (CloudFormation)
The TransitGatewayRouteTable in EC2 can be configured in CloudFormation with the resource name AWS::EC2::TransitGatewayRouteTable
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::EC2::TransitGatewayRouteTable
Properties:
TransitGatewayId: !Ref rTGW
Tags:
- Key: Name
Value: !Sub "Lower Route Table ${AWS::StackName}"
Type: AWS::EC2::TransitGatewayRouteTable
Properties:
Tags:
- Key: Name
Value: internal-tgw-rt
TransitGatewayId: !Ref rTransitGateway
Type: AWS::EC2::TransitGatewayRouteTable
DependsOn: TransitGateway
Properties:
Tags:
- Key: Name
Value: VPN to All VPCs
Type: AWS::EC2::TransitGatewayRouteTable
Properties:
TransitGatewayId: !Ref TransitGateway
Tags:
- Key: Name
Value: !Sub ${WorkstreemName} VPC1-RT
Type: AWS::EC2::TransitGatewayRouteTable
Properties:
TransitGatewayId: !Ref SSTransitGateway
Tags:
- Key: Name
Value: AWSVFW-IDS-PROD-TGA-RT
"Type" : "AWS::EC2::TransitGatewayRouteTable",
"Properties" : {
"TransitGatewayId" : { "Ref" : "transitGatewayId" },
"Tags": [
{
"Key": "Name",
"AWS::EC2::TransitGatewayRouteTable": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html",
"Properties": {
"TransitGatewayId": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html#cfn-ec2-transitgatewayroutetable-transitgatewayid",
"AWS::EC2::TransitGatewayRouteTable": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html",
"Properties": {
"TransitGatewayId": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgatewayroutetable.html#cfn-ec2-transitgatewayroutetable-transitgatewayid",
"Type": "AWS::EC2::TransitGatewayRouteTable",
"Properties": {
"TransitGatewayId": {
"Ref": "rSccaTgw"
},
"Tags": [
"Type": "AWS::EC2::TransitGatewayRouteTable",
"Properties": {
"Tags": [
{
"Key": "Name",
"Value": "Dev-Route-Table"
Parameters
-
TransitGatewayId
required - String -
Tags
optional - List of Tag
Explanation in CloudFormation Registry
Specifies a route table for a transit gateway.
Frequently asked questions
What is AWS Amazon EC2 Transit Gateway Route Table?
AWS Amazon EC2 Transit Gateway Route Table is a resource for Amazon EC2 of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Amazon EC2 Transit Gateway Route Table?
For Terraform, the annagtaraujo/Terraform-TGW-with-VPN and rafaelleonardocruz/tgw-example source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the liangruibupt/aws-is-how, awslabs/compliant-framework-for-federal-and-dod-workloads-in-aws-govcloud-us and deiselira/aws source code examples are useful. See the CloudFormation Example section for further details.