A fintech firm has a global client. To ensure the availability of its services. The chief solutions architect has suggested keeping the services running on a multi cloud environment. They want to deploy app resources in Azure and AWS and allow them to communicate with each other without exposing them to public access as the data on these resources will be confidential and should not be compromised.
Create an architecture and the step-by-step guide to provide a solution for this scenario.
Features of the project:
• Virtual network and subnet in Azure
• Virtual private cloud in AWS
• Gateways in AWS and Azure
Build a VPN connection in Azure and AWS and set security rules to allow communication between VMs in an multicloud environment.
Tasks:
1. Creating a Virtual Network and a subnet for VPN and VM in Azure
2. Creating Gateways in Azure
3. Creating a Virtual Private Cloud (VPC) and a subnet for VM in AWS
4. Creating Gateways in AWS
5. Creating a VPN connection between Azure and AWS network
6. Testing the VPN connection
1. Open terminal
2. Before you can execute the terraform script, your need to create your access key and configure your AWS environment first.
aws configure
AWS Access Key ID: See IAM > Security credentials > Access keys > Create access key
AWS Secret Access Key: See IAM > Security credentials > Access keys > Create access key
Default region name: us-east-1
Default output format: json
3. Before you can execute the terraform script, your need to configure your Azure environment first.
az login --user myAlias@myCompany.onmicrosoft.com --password
Update subscription_id in main.tf (az account subscription list)
Update tenant_id in main.tf (az account tenant list)
4. Now you can apply the terraform changes.
terraform init
terraform apply --auto-approve
5. Connect to VMs and ping the other VMs.
Test result: Ping answer messages received.
6. At the end you can cleanup the created AWS resources.
terraform destroy --auto-approve