Created
March 30, 2026 15:15
-
-
Save ninejuan/5f08116a433b3fa8d6d178c86d73564d to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| # ─── 사용법 ────────────────────────────────────────────────────────────────── | |
| # Peering: ./add_routes.sh <vpc1-name> <vpc2-name> pcx <peering-name> | |
| # TGW: ./add_routes.sh <vpc1-name> <vpc2-name> tgw <tgw-name> | |
| # ───────────────────────────────────────────────────────────────────────────── | |
| VPC1_NAME="${1:?Usage: $0 <vpc1-name> <vpc2-name> <pcx|tgw> <connection-name>}" | |
| VPC2_NAME="${2:?}" | |
| CONN_TYPE="${3:?}" # pcx or tgw | |
| CONN_NAME="${4:?}" | |
| REGION="${AWS_DEFAULT_REGION:-ap-northeast-2}" | |
| [[ "$CONN_TYPE" != "pcx" && "$CONN_TYPE" != "tgw" ]] \ | |
| && echo "❌ 연결 타입은 pcx 또는 tgw 만 가능합니다." && exit 1 | |
| # ─── VPC 조회 ───────────────────────────────────────────────────────────────── | |
| get_vpc() { | |
| local name=$1 | |
| local id=$(aws ec2 describe-vpcs \ | |
| --filters "Name=tag:Name,Values=$name" \ | |
| --query 'Vpcs[0].VpcId' \ | |
| --output text --region $REGION) | |
| [[ "$id" == "None" || -z "$id" ]] && echo "❌ VPC 없음: $name" && exit 1 | |
| echo $id | |
| } | |
| get_cidr() { | |
| aws ec2 describe-vpcs \ | |
| --vpc-ids $1 \ | |
| --query 'Vpcs[0].CidrBlock' \ | |
| --output text --region $REGION | |
| } | |
| echo "🔍 VPC 조회 중..." | |
| VPC1_ID=$(get_vpc $VPC1_NAME) && echo " ✅ VPC1: $VPC1_NAME → $VPC1_ID" | |
| VPC2_ID=$(get_vpc $VPC2_NAME) && echo " ✅ VPC2: $VPC2_NAME → $VPC2_ID" | |
| VPC1_CIDR=$(get_cidr $VPC1_ID) | |
| VPC2_CIDR=$(get_cidr $VPC2_ID) | |
| echo " ✅ VPC1 CIDR: $VPC1_CIDR" | |
| echo " ✅ VPC2 CIDR: $VPC2_CIDR" | |
| # ─── PCX / TGW 조회 ─────────────────────────────────────────────────────────── | |
| echo "" | |
| echo "🔍 연결 리소스 조회 중: [$CONN_TYPE] $CONN_NAME" | |
| if [[ "$CONN_TYPE" == "pcx" ]]; then | |
| CONN_ID=$(aws ec2 describe-vpc-peering-connections \ | |
| --filters "Name=tag:Name,Values=$CONN_NAME" \ | |
| "Name=status-code,Values=active" \ | |
| --query 'VpcPeeringConnections[0].VpcPeeringConnectionId' \ | |
| --output text --region $REGION) | |
| [[ "$CONN_ID" == "None" || -z "$CONN_ID" ]] \ | |
| && echo "❌ Active Peering Connection 없음: $CONN_NAME" && exit 1 | |
| TARGET_ARG_VPC1="--vpc-peering-connection-id $CONN_ID" | |
| TARGET_ARG_VPC2="--vpc-peering-connection-id $CONN_ID" | |
| else | |
| CONN_ID=$(aws ec2 describe-transit-gateways \ | |
| --filters "Name=tag:Name,Values=$CONN_NAME" \ | |
| "Name=state,Values=available" \ | |
| --query 'TransitGateways[0].TransitGatewayId' \ | |
| --output text --region $REGION) | |
| [[ "$CONN_ID" == "None" || -z "$CONN_ID" ]] \ | |
| && echo "❌ Available TGW 없음: $CONN_NAME" && exit 1 | |
| TARGET_ARG_VPC1="--transit-gateway-id $CONN_ID" | |
| TARGET_ARG_VPC2="--transit-gateway-id $CONN_ID" | |
| fi | |
| echo " ✅ $CONN_TYPE ID: $CONN_ID" | |
| # ─── RTB 조회 + 라우트 추가 함수 ────────────────────────────────────────────── | |
| add_routes_to_vpc() { | |
| local VPC_ID=$1 | |
| local VPC_NAME=$2 | |
| local DEST_CIDR=$3 # 상대방 VPC CIDR | |
| local TARGET_ARG=$4 | |
| echo "" | |
| echo "📋 [$VPC_NAME] 라우팅 테이블 전체 조회..." | |
| RTB_IDS=$(aws ec2 describe-route-tables \ | |
| --filters "Name=vpc-id,Values=$VPC_ID" \ | |
| --query 'RouteTables[*].RouteTableId' \ | |
| --output text --region $REGION) | |
| [[ -z "$RTB_IDS" ]] && echo " ⚠️ 라우팅 테이블 없음" && return | |
| for RTB_ID in $RTB_IDS; do | |
| # Name 태그 조회 (없으면 "(no name)" 표시) | |
| RTB_NAME=$(aws ec2 describe-route-tables \ | |
| --route-table-ids $RTB_ID \ | |
| --query 'RouteTables[0].Tags[?Key==`Name`].Value' \ | |
| --output text --region $REGION) | |
| RTB_LABEL="${RTB_NAME:-"(no name)"}" | |
| # 이미 동일한 목적지 라우트 있는지 체크 | |
| EXISTING=$(aws ec2 describe-route-tables \ | |
| --route-table-ids $RTB_ID \ | |
| --query "RouteTables[0].Routes[?DestinationCidrBlock=='$DEST_CIDR'].DestinationCidrBlock" \ | |
| --output text --region $REGION) | |
| if [[ -n "$EXISTING" ]]; then | |
| echo " ⏭️ 스킵 ($RTB_ID / $RTB_LABEL) → $DEST_CIDR 이미 존재" | |
| continue | |
| fi | |
| # 라우트 추가 | |
| if aws ec2 create-route \ | |
| --route-table-id $RTB_ID \ | |
| --destination-cidr-block $DEST_CIDR \ | |
| $TARGET_ARG \ | |
| --region $REGION > /dev/null 2>&1; then | |
| echo " ✅ 추가 완료 ($RTB_ID / $RTB_LABEL) → $DEST_CIDR via $CONN_ID" | |
| else | |
| echo " ❌ 실패 ($RTB_ID / $RTB_LABEL) → $DEST_CIDR" | |
| fi | |
| done | |
| } | |
| # ─── 양방향 라우트 추가 ─────────────────────────────────────────────────────── | |
| # VPC1의 모든 RTB에 → VPC2 CIDR 추가 | |
| add_routes_to_vpc "$VPC1_ID" "$VPC1_NAME" "$VPC2_CIDR" "$TARGET_ARG_VPC1" | |
| # VPC2의 모든 RTB에 → VPC1 CIDR 추가 | |
| add_routes_to_vpc "$VPC2_ID" "$VPC2_NAME" "$VPC1_CIDR" "$TARGET_ARG_VPC2" | |
| # ─── 최종 확인 ──────────────────────────────────────────────────────────────── | |
| echo "" | |
| echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" | |
| echo "📋 최종 라우팅 테이블 확인" | |
| echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" | |
| for VPC_ID in $VPC1_ID $VPC2_ID; do | |
| VPC_LABEL=$(aws ec2 describe-vpcs --vpc-ids $VPC_ID \ | |
| --query 'Vpcs[0].Tags[?Key==`Name`].Value' \ | |
| --output text --region $REGION) | |
| echo "" | |
| echo "🔹 $VPC_LABEL ($VPC_ID)" | |
| aws ec2 describe-route-tables \ | |
| --filters "Name=vpc-id,Values=$VPC_ID" \ | |
| --query 'RouteTables[*].{RTB:RouteTableId, Routes:Routes[*].{Dest:DestinationCidrBlock,Target:GatewayId||VpcPeeringConnectionId||TransitGatewayId}}' \ | |
| --output table --region $REGION | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment