»Transit Gateway Attachments
This topic describes how to create transit gateway attachments, which connect a HashiCorp Virtual Network (HVN) to an AWS transit gateway. A transit gateway is an AWS component that acts as a network transit hub in your AWS environment. A transit gateway attachment is a component in HCP that connects your HVN to a transit gateway in AWS.
»Introduction
The following overview describes the basic procedure for using transit gateway attachments to connect clusters in HCP to resources deployed to AWS:
- Connect one ore more VPCs in your AWS network to your transit gateway.
- Create a resource share using the AWS Resource Access Manager. The transit gateway and resource share must exist in the same region as the HVN to which you want to connect.
- Create a transit gateway attachment in HCP. The platform identifies the shared resource using the Amazon Resource Name (ARN) and the transit gateway ID.
- HCP initiates a request to AWS for access to the resources. The attachment request must be approved in the AWS account before HCP will route traffic through the transit gateway.
- Configure routes to direct traffic between the transit gateway attachment and the transit gateway.
You can create an transit gateway attachment in HCP or by using the HCP Terraform provider. This topic describes how to create attachments in HCP. Refer to the HCP provider documentation for instructions on how to create peering connections with Terraform.
Tutorial: Refer to the Connect an Amazon Transit Gateway to your HashiCorp Virtual Network tutorial for step-by-step guidance on using transit gateways to connect your HVN to AWS.
»Requirements
You must have the following information prior to creating a transit gateway attachment:
- AWS account ID
- AWS transit gateway ID
- ARN of the resource share in AWS
Refer to the AWS documentation informaton about getting this information. Note that the HCP interface provides links and other onscreen assistance for your convenience.
»Create a Transit Gateway Attachment
The HCP interface provides guided steps for creating transit gateway attachments. You can follow the command line or the web UI workflow, which are available from the Create attachment screen:
- Click on HashiCorp Virtual Network in the sidebar and click on the link to your HVN in the ID column.
- Click Transit gateway attachments in the sidebar and click Create attachment.
»Terminal
- Click the Terminal tab on the Create attachment screen and specify a name for the attachment in the Attachment ID field. The attachment name can be up to 36 characters and can only include letters, numbers, and dashes.
- Enter your AWS account and transit gateway IDs in the appropriate fields.
- Choose the AWS region from the drop-down menu. The transit gateway and resource share must exist in the same region as the HVN to which you want to connect.
- Copy the command printed to the Create resource share command field and run it in your terminal.
- Specify the ARN of your resource share in the Resource share ARN field and click Create attachment.
When the attachment has finished, you must create a route to direct traffic to your VPCs. Refer to Routes for instructions.
»Web Console
- Click the Web console tab on the Create attachment screen and specify a name for the attachment in the Attachment ID field. The attachment name can be up to 36 characters and can only include letters, numbers, and dashes.
- If you have not yet created a resource share, copy the ID printed to the AWS Account ID field and paste it into the Principles field when creating the share.
- Enter your transit gateway ID and ARN of your resource share in the appropriate fields and click Create attachment.
When the attachment has finished, you must create a route to direct traffic to your VPCs. Refer to Routes for instructions.