AWS::NetworkManager::CustomerGatewayAssociation - AWS CloudFormation
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

AWS::NetworkManager::CustomerGatewayAssociation

指定客户网关、设备以及(可选)链接之间的关联。如果您指定某个链路,则该链路必须已与指定设备关联。客户网关必须连接到附加在中转网关上的 VPN,该中转网关在您的全局网络中注册。

您不能将客户网关与多个设备和链接关联。

语法

要在 AWS CloudFormation 模板中声明此实体,请使用以下语法:

JSON

{ "Type" : "AWS::NetworkManager::CustomerGatewayAssociation", "Properties" : { "CustomerGatewayArn" : String, "DeviceId" : String, "GlobalNetworkId" : String, "LinkId" : String } }

YAML

Type: AWS::NetworkManager::CustomerGatewayAssociation Properties: CustomerGatewayArn: String DeviceId: String GlobalNetworkId: String LinkId: String

属性

CustomerGatewayArn

客户网关的 Amazon 资源名称 (ARN)。

必需:是

类型:字符串

Update requires: Replacement

DeviceId

设备的 ID。

必需:是

类型:字符串

Update requires: Replacement

GlobalNetworkId

全局网络的 ID。

必需:是

类型:字符串

Update requires: Replacement

LinkId

链路的 ID。

必需:否

类型:字符串

Update requires: Replacement

返回值

Ref

在将此资源的逻辑 ID 传递给内部 Ref 函数时,Ref 返回全局网络的 ID 以及客户网关的 Amazon 资源名称 (ARN)。例如:global-network-01231231231231231|arn:aws:ec2:eu-central-1:123456789012:customer-gateway/cgw-00112233aabbcc112

For more information about using the Ref function, see Ref.

示例

客户网关关联

以下示例模板创建全局网络、设备、客户网关、VPN 连接和中转网关。它在全局网络中注册中转网关,并在客户网关和设备之间创建关联。客户网关关联的创建取决于 VPN 连接和中转网关注册。

JSON

{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "Create a global network and customer gateway association", "Resources": { "GlobalNetwork": { "Type": "AWS::NetworkManager::GlobalNetwork" }, "Device": { "Type": "AWS::NetworkManager::Device", "Properties": { "Description": "Chicago office device", "GlobalNetworkId": { "Ref": "GlobalNetwork" }, "Location": { "Address": "227 W Monroe St, Chicago, IL 60606", "Latitude": "41.8", "Longitude": "-87.6" } } }, "TransitGateway": { "Type": "AWS::EC2::TransitGateway" }, "TransitGatewayRegistration": { "Type": "AWS::NetworkManager::TransitGatewayRegistration", "Properties": { "GlobalNetworkId": { "Ref": "GlobalNetwork" }, "TransitGatewayArn": { "Fn::Sub": "arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:transit-gateway/${TransitGateway}" } } }, "CustomerGateway": { "Type": "AWS::EC2::CustomerGateway", "Properties": { "Type": "ipsec.1", "BgpAsn": 65534, "IpAddress": "12.1.2.3" } }, "VPNConnection": { "Type": "AWS::EC2::VPNConnection", "Properties": { "Type": "ipsec.1", "StaticRoutesOnly": true, "CustomerGatewayId": { "Ref": "CustomerGateway" }, "TransitGatewayId": { "Ref": "TransitGateway" } } }, "CustomerGatewayAssociation": { "DependsOn": [ "VPNConnection", "TransitGatewayRegistration" ], "Type": "AWS::NetworkManager::CustomerGatewayAssociation", "Properties": { "GlobalNetworkId": { "Ref": "GlobalNetwork" }, "DeviceId": { "Fn::GetAtt": [ "Device", "DeviceId" ] }, "CustomerGatewayArn": { "Fn::Sub": "arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:customer-gateway/${CustomerGateway}" } } } } }

YAML

AWSTemplateFormatVersion: 2010-09-09 Description: 'Create a global network and customer gateway association' Resources: GlobalNetwork: Type: AWS::NetworkManager::GlobalNetwork Device: Type: AWS::NetworkManager::Device Properties: Description: Chicago office device GlobalNetworkId: !Ref GlobalNetwork Location: Address: "227 W Monroe St, Chicago, IL 60606" Latitude: "41.8" Longitude: "-87.6" TransitGateway: Type: AWS::EC2::TransitGateway TransitGatewayRegistration: Type: AWS::NetworkManager::TransitGatewayRegistration Properties: GlobalNetworkId: !Ref GlobalNetwork TransitGatewayArn: !Sub 'arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:transit-gateway/${TransitGateway}' CustomerGateway: Type: AWS::EC2::CustomerGateway Properties: Type: ipsec.1 BgpAsn: 65534 IpAddress: 12.1.2.3 VPNConnection: Type: AWS::EC2::VPNConnection Properties: Type: ipsec.1 StaticRoutesOnly: true CustomerGatewayId: !Ref CustomerGateway TransitGatewayId: !Ref TransitGateway CustomerGatewayAssociation: DependsOn: - VPNConnection - TransitGatewayRegistration Type: AWS::NetworkManager::CustomerGatewayAssociation Properties: GlobalNetworkId: !Ref GlobalNetwork DeviceId: !GetAtt Device.DeviceId CustomerGatewayArn: !Sub 'arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:customer-gateway/${CustomerGateway}'