Interface ITransitGatewayConfig

NetworkConfig / TransitGatewayConfig

Transit Gateway (TGW) configuration.

Description

Use this configuration to define Transit Gateways for your environment. A transit gateway acts as a virtual router for traffic flowing between your virtual private clouds (VPCs) and on-premises networks.

The following example creates a TGW called Network-Main in the Network account in the us-east-1 region.

Example

transitGateways:
  - name: Network-Main
    account: Network
    region: us-east-1
    shareTargets:
      organizationalUnits: []
    asn: 65000
    dnsSupport: enable
    vpnEcmpSupport: enable
    defaultRouteTableAssociation: disable
    defaultRouteTablePropagation: disable
    autoAcceptSharingAttachments: enable
    routeTables: []
    tags: []

The following example creates a TGW with a static IPv4 and IPv6 address

Example

transitGateways:
  - name: Network-Main
    account: Network
    region: us-east-1
    transitGatewayCidrBlocks:
      - 10.5.0.0/24
    transitGatewayIpv6CidrBlocks:
      - 2001:db8::/64
    shareTargets:
      organizationalUnits: []
    asn: 65000
    dnsSupport: enable
    vpnEcmpSupport: enable
    defaultRouteTableAssociation: disable
    defaultRouteTablePropagation: disable
    autoAcceptSharingAttachments: enable
    routeTables: []
    tags: []
interface ITransitGatewayConfig {
    account: string;
    asn: number;
    autoAcceptSharingAttachments: EnableDisable;
    defaultRouteTableAssociation: EnableDisable;
    defaultRouteTablePropagation: EnableDisable;
    dnsSupport: EnableDisable;
    name: string;
    region:
        | "af-south-1"
        | "ap-east-1"
        | "ap-northeast-1"
        | "ap-northeast-2"
        | "ap-northeast-3"
        | "ap-south-1"
        | "ap-south-2"
        | "ap-southeast-1"
        | "ap-southeast-2"
        | "ap-southeast-3"
        | "ap-southeast-4"
        | "ap-southeast-5"
        | "ca-central-1"
        | "ca-west-1"
        | "cn-north-1"
        | "cn-northwest-1"
        | "eu-central-1"
        | "eu-central-2"
        | "eu-north-1"
        | "eu-south-1"
        | "eu-south-2"
        | "eu-west-1"
        | "eu-west-2"
        | "eu-west-3"
        | "eu-isoe-west-1"
        | "il-central-1"
        | "me-central-1"
        | "me-south-1"
        | "mx-central-1"
        | "sa-east-1"
        | "us-east-1"
        | "us-east-2"
        | "us-gov-west-1"
        | "us-gov-east-1"
        | "us-iso-east-1"
        | "us-isob-east-1"
        | "us-iso-west-1"
        | "us-isof-south-1"
        | "us-isof-east-1"
        | "us-west-1"
        | "us-west-2";
    routeTables: ITransitGatewayRouteTableConfig[];
    shareTargets?: IShareTargets;
    tags?: ITag[];
    transitGatewayCidrBlocks?: string[];
    transitGatewayIpv6CidrBlocks?: string[];
    vpnEcmpSupport: EnableDisable;
}

Properties

account asn autoAcceptSharingAttachments defaultRouteTableAssociation defaultRouteTablePropagation dnsSupport name region routeTables shareTargets? tags? transitGatewayCidrBlocks? transitGatewayIpv6CidrBlocks? vpnEcmpSupport

Properties

Readonlyaccount

account: string

The friendly name of the account to deploy the Transit Gateway.

Remarks

This is the logical name property of the account as defined in accounts-config.yaml.

Readonlyasn

asn: number

A Border Gateway Protocol (BGP) Autonomous System Number (ASN).

Remarks

CAUTION: Changing this value after initial deployment will cause the Transit Gateway to be recreated. Please be aware that any downstream dependencies may cause this property update to fail.

The range is 64512 to 65534 for 16-bit ASNs.

The range is 4200000000 to 4294967294 for 32-bit ASNs.

ReadonlyautoAcceptSharingAttachments

autoAcceptSharingAttachments: EnableDisable

Enable this option to automatically accept cross-account attachments.

ReadonlydefaultRouteTableAssociation

defaultRouteTableAssociation: EnableDisable

Configure default route table association.

Remarks

Enable this option to automatically associate transit gateway attachments with the default route table for the transit gateway.

ReadonlydefaultRouteTablePropagation

defaultRouteTablePropagation: EnableDisable

Configure default route table propagation.

Remarks

Enable this option to automatically propagate transit gateway attachments to the default route table for the transit gateway.

ReadonlydnsSupport

dnsSupport: EnableDisable

Configure DNS support between VPCs.

Remarks

Enable this option if you need the VPC to resolve public IPv4 DNS host names to private IPv4 addresses when queried from instances in another VPC attached to the transit gateway.

Readonlyname

name: string

A friendly name for the Transit Gateway.

Remarks

CAUTION: Changing this value after initial deployment will cause the Transit Gateway to be recreated. Please be aware that any downstream dependencies may cause this property update to fail.

Readonlyregion

region:
    | "af-south-1"
    | "ap-east-1"
    | "ap-northeast-1"
    | "ap-northeast-2"
    | "ap-northeast-3"
    | "ap-south-1"
    | "ap-south-2"
    | "ap-southeast-1"
    | "ap-southeast-2"
    | "ap-southeast-3"
    | "ap-southeast-4"
    | "ap-southeast-5"
    | "ca-central-1"
    | "ca-west-1"
    | "cn-north-1"
    | "cn-northwest-1"
    | "eu-central-1"
    | "eu-central-2"
    | "eu-north-1"
    | "eu-south-1"
    | "eu-south-2"
    | "eu-west-1"
    | "eu-west-2"
    | "eu-west-3"
    | "eu-isoe-west-1"
    | "il-central-1"
    | "me-central-1"
    | "me-south-1"
    | "mx-central-1"
    | "sa-east-1"
    | "us-east-1"
    | "us-east-2"
    | "us-gov-west-1"
    | "us-gov-east-1"
    | "us-iso-east-1"
    | "us-isob-east-1"
    | "us-iso-west-1"
    | "us-isof-south-1"
    | "us-isof-east-1"
    | "us-west-1"
    | "us-west-2"

The region name to deploy the Transit Gateway.

ReadonlyrouteTables

routeTables: ITransitGatewayRouteTableConfig[]

An array of Transit Gateway route table configuration objects.

See

TransitGatewayRouteTableConfig

Optional ReadonlyshareTargets

shareTargets?: IShareTargets

(OPTIONAL) Resource Access Manager (RAM) share targets.

Remarks

Targets can be account names and/or organizational units.

See

ShareTargets

Optional Readonlytags

tags?: ITag[]

(OPTIONAL) An array of tag objects for the Transit Gateway.

Optional ReadonlytransitGatewayCidrBlocks

transitGatewayCidrBlocks?: string[]

(OPTIONAL) A list of transit gateway IPv4 CIDR blocks.

Optional ReadonlytransitGatewayIpv6CidrBlocks

transitGatewayIpv6CidrBlocks?: string[]

(OPTIONAL) A list of transit gateway IPv6 CIDR blocks.

ReadonlyvpnEcmpSupport

vpnEcmpSupport: EnableDisable

Equal Cost Multipath (ECMP) routing support between VPN tunnels.

Remarks

Enable this option if you need Equal Cost Multipath (ECMP) routing support between VPN tunnels. If connections advertise the same CIDRs, the traffic is distributed equally between them.

Settings

Member Visibility

On This Page

Properties