malcolm.cloud

Transit Gateway Lab Environment

By Malcolm van Staden on 3rd June 2020

Anybody that's needed to setup a networking lab in AWS appreciates how much manual "wiring" needs to be done to get something working - especially if doing this via the console. Usually in a Lab environment you'd want to experiment, make some changes and observe the effect, reset and then repeat with other variables. Reverting these changes to reset the lab can be time consuming and if you've missed steps the lab won't be baselined to a known good state, such an easy trap to fall into.

Here's where CloudFormation really comes into it's own. I needed something to experiment with Transit Gateway and I needed a consistent baseline. I wasn't going to build three VPCs and manually setup the routing between them each time. Neither should you! So I coded up a CloudFormation template that builds out a basic VPC structure repeated thrice and connects them together via the Transit Gateway. Optionally you can chose to deploy test EC2 instances as bastion hosts in each VPC to test the routing. This gave me a good starting point for playing with varous routing and NACL scenarios to simulate a real world environment and a super easy way to reset the environment.

The below architecture diagram outlines the infrastructure that the code builds if you select the default options. You can customise the VPC names and CIDR ranges when deploying the stack.

Get the CloudFormation code from my GitHub repo here...