terraformでbgp site2site vpn

sample.tf

resource "aws_customer_gateway" "cgw-main" {
  bgp_asn    = 65000
  ip_address = var.cgw1
  type       = "ipsec.1"

  tags = {
    Name = "cgw-main"
  }
}

resource "aws_customer_gateway" "cgw-sub" {
  bgp_asn    = 65000
  ip_address = var.cgw2
  type       = "ipsec.1"

  tags = {
    Name = "cgw-sub"
  }
}

resource "aws_vpn_gateway" "vpngw" {
  vpc_id = module.vpc.vpc_id
  amazon_side_asn = 64512
  tags = {
    Name = "vpngw"
  }
}

resource "aws_vpn_connection" "vpncon-main" {
  vpn_gateway_id      = aws_vpn_gateway.vpngw.id
  customer_gateway_id = aws_customer_gateway.cgw-main.id
  type                = "ipsec.1"
}

resource "aws_vpn_connection" "vpncon-sub" {
  vpn_gateway_id      = aws_vpn_gateway.vpngw.id
  customer_gateway_id = aws_customer_gateway.cgw-sub.id
  type                = "ipsec.1"
}

resource "aws_vpn_gateway_route_propagation" "private-c" {
  vpn_gateway_id = aws_vpn_gateway.vpngw.id
  route_table_id = module.vpc.private_route_table_ids[0]
}

resource "aws_vpn_gateway_route_propagation" "private-d" {
  vpn_gateway_id = aws_vpn_gateway.vpngw.id
  route_table_id = module.vpc.private_route_table_ids[1]
}