project0/cf-s2s-vpn.yaml

## cf-s2s-vpn.yaml
AWSTemplateFormatVersion: '2010-09-09'
Description: Site to Site VPN
Parameters:
  RemoteIP:
    Description: Remote IP for the ipsec connection
    Type: String

  RemoteCIDR:
    Description: The destination network CIDR
    Type: String

Resources:

  VPNGateway:
    Type: AWS::EC2::VPNGateway
    Properties:
      Type: ipsec.1
      Tags:
        - Key: Name
          Value: leasingmarkt-s2s-vpn

  VPNAttachGateway:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !ImportValue vpc-stack-id
      VpnGatewayId: !Ref VPNGateway

  VPNRemoteGateway:
    Type: AWS::EC2::CustomerGateway
    Properties:
      BgpAsn: 65000 # Amazon default
      IpAddress: !Ref RemoteIP
      Type: ipsec.1
      Tags:
        - Key: Name
          Value: leasingmarkt-s2s-vpn

  VPNSiteToSite:
    DependsOn:
      - VPNAttachGateway
    Type: AWS::EC2::VPNConnection
    Properties:
      CustomerGatewayId: !Ref VPNRemoteGateway
      StaticRoutesOnly: true
      Type: ipsec.1
      VpnGatewayId: !Ref VPNGateway
      Tags:
        - Key: Name
          Value: leasingmarkt-s2s-vpn

  VPNRoute:
    DependsOn:
      - VPNAttachGateway
    Type: AWS::EC2::VPNConnectionRoute
    Properties:
      DestinationCidrBlock: !Ref RemoteCIDR
      VpnConnectionId: !Ref VPNSiteToSite

  VPNRoutePropagation:
    DependsOn:
      - VPNAttachGateway
      - VPNSiteToSite
    Type: AWS::EC2::VPNGatewayRoutePropagation
    Properties:
      RouteTableIds:
        - !ImportValue vpc-stack-PublicRouteTable
      VpnGatewayId: !Ref VPNGateway

#DestinationRoute:
#  DependsOn:
#    - VPNAttachGateway
#  Type: AWS::EC2::Route
#  Properties:
#    RouteTableId: !ImportValue vpc-stack-PublicRouteTable
#    DestinationCidrBlock: !Ref RemoteCIDR
#    GatewayId: !Ref VPNGateway
#
	AWSTemplateFormatVersion: '2010-09-09'
	Description: Site to Site VPN
	Parameters:
	RemoteIP:
	Description: Remote IP for the ipsec connection
	Type: String

	RemoteCIDR:
	Description: The destination network CIDR
	Type: String

	Resources:

	VPNGateway:
	Type: AWS::EC2::VPNGateway
	Properties:
	Type: ipsec.1
	Tags:
	- Key: Name
	Value: leasingmarkt-s2s-vpn

	VPNAttachGateway:
	Type: AWS::EC2::VPCGatewayAttachment
	Properties:
	VpcId: !ImportValue vpc-stack-id
	VpnGatewayId: !Ref VPNGateway

	VPNRemoteGateway:
	Type: AWS::EC2::CustomerGateway
	Properties:
	BgpAsn: 65000 # Amazon default
	IpAddress: !Ref RemoteIP
	Type: ipsec.1
	Tags:
	- Key: Name
	Value: leasingmarkt-s2s-vpn

	VPNSiteToSite:
	DependsOn:
	- VPNAttachGateway
	Type: AWS::EC2::VPNConnection
	Properties:
	CustomerGatewayId: !Ref VPNRemoteGateway
	StaticRoutesOnly: true
	Type: ipsec.1
	VpnGatewayId: !Ref VPNGateway
	Tags:
	- Key: Name
	Value: leasingmarkt-s2s-vpn

	VPNRoute:
	DependsOn:
	- VPNAttachGateway
	Type: AWS::EC2::VPNConnectionRoute
	Properties:
	DestinationCidrBlock: !Ref RemoteCIDR
	VpnConnectionId: !Ref VPNSiteToSite

	VPNRoutePropagation:
	DependsOn:
	- VPNAttachGateway
	- VPNSiteToSite
	Type: AWS::EC2::VPNGatewayRoutePropagation
	Properties:
	RouteTableIds:
	- !ImportValue vpc-stack-PublicRouteTable
	VpnGatewayId: !Ref VPNGateway

	#DestinationRoute:
	# DependsOn:
	# - VPNAttachGateway
	# Type: AWS::EC2::Route
	# Properties:
	# RouteTableId: !ImportValue vpc-stack-PublicRouteTable
	# DestinationCidrBlock: !Ref RemoteCIDR
	# GatewayId: !Ref VPNGateway
	#