Ever since I started in cloud industry, almost 10 years ago, one of the Great Conundrums has always been the management of Virtual Private Network (VPN) connections in multicloud environment. All major public cloud providers have had an IaaS VPN included in the service offering from the beginning. Provisioning and management of VPN services is fairly straight forward manually, you just need to bounce back and forth in different cloud vendor portals. All good, but we don’t do management by clicks in Cloud2, we automate everything. We automate automation if possible.
How to connect AWS to Azure and vice versa
Automating the task of provisioning and configuration of IaaS VPNs in multicloud environment has proven to be an actual conjecture. Problem within is a classic chicken or the egg dilemma. One needs to know the public IP addresses of VPN gateways on both sides before provisioning VPN services, manage auto-provisioned PSK secrets and the lifecycle of different network components. By now you should know we love Terraform at Cloud2, mainly for 2 reasons; it is heavily stateful orchestrator and by default, it is multicloud friendly. Terraform manages the lifecycle and the configuration of the IaaS components for you, all you need to do is describe your architecture and let Terraform build it for you. AWS has supported IKEv2 in VPN sessions for few weeks. One of our customers challenged us to resolve this, so this morning I and my esteem colleague Antti Malmia started developing a turnkey solution that would interconnect AWS and Azure VPCs without any human intervention. As it takes roughly 30-45 minutes for Azure Virtual Network Gateway to provision, we had plenty of time to catch some chowder and by the time we reached back to our HQ, we had green light on both ends of VPN. We are pretty stoked about this and have plans of demostrating the turnkey solution in AWS Meetup Helsinki during the spring. #cloud2 #terraform #awsmeetup
