don't understand what is aws_route in vpc and it's purpose?
360 views
Skip to first unread message
Koby Meir
Jul 27, 2016, 5:53:08 PM7/27/16
to Terraform
I have configured my own aws vpc with terraform and i was unable to access my serves until i looked in the aws-2-tier examples and found this snippet:
# Grant the VPC internet access on its main route table
resource "aws_route" "internet_access" {
route_table_id = "${aws_vpc.default.main_route_table_id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.default.id}"
}
Once i added it everything started to work again, but i'm still unsure to what it actually does and what does it change within AWS assets?
Thanks,
Koby
Andrew Langhorn
Jul 27, 2016, 6:52:47 PM7/27/16
to terrafo...@googlegroups.com
Hi Koby,
The aws_route resource adds a route to the route table to direct traffic destined for a particular CIDR block through a specific gateway. That gateway is then responsible for routing the traffic for that CIDR block onward.
In this case, you're adding a destination (0.0.0.0/0, which is shorthand for everything) to the route table defined by aws_vpc.default.main_route_table_id and defining the gateway defined by aws_internet_gateway.default.id as being responsible for routing packets destined toward that route through the internet gateway.
An internet gateway sits as a bridge between the outside world and a public subnet in a VPC, allowing internet access in to your VPC.
Does that make things a little clearer?
Andrew
Koby Meir
Jul 28, 2016, 8:28:27 AM7/28/16
to Terraform, andrew....@thoughtworks.com
I understand the meaning of IGW and routing, i still don't understand why i need aws_route defined while i have aws_route_table and aws_route_table_association defined for each one of my subet?
And what this piece of code actually does on AWS account, as i couldn't notice any change on my AWS VPC configuration with or without this code.
Thanks for the help.
Koby
Andrew Hodgson
Jul 28, 2016, 8:34:22 AM7/28/16
to terrafo...@googlegroups.com, andrew....@thoughtworks.com
Hi,
I had a similar issue when I first started using Terraform. The routes are the individual entries in the route table. Routes can also be defined inline with the route table, but I have found it is better to define them separately and assign them to the route table as if define inline you can end up with some dependency problems.
It's the same with security groups, you define the security group, then create each security group rule and assign it to the group. Those can also be defined inline.
Hope this helps,
Andrew.
________________________________________
From: terrafo...@googlegroups.com [terrafo...@googlegroups.com] on behalf of Koby Meir [koby...@gmail.com]
Sent: 28 July 2016 13:28
To: Terraform
Cc: andrew....@thoughtworks.com
Subject: Re: [terraform] don't understand what is aws_route in vpc and it's purpose?
I understand the meaning of IGW and routing, i still don't understand why i need aws_route defined while i have aws_route_table and aws_route_table_association defined for each one of my subet?
And what this piece of code actually does on AWS account, as i couldn't notice any change on my AWS VPC configuration with or without this code.
Thanks for the help.
Koby
On Thursday, July 28, 2016 at 1:52:47 AM UTC+3, Andrew Langhorn wrote:
Hi Koby,
The aws_route resource adds a route to the route table to direct traffic destined for a particular CIDR block through a specific gateway. That gateway is then responsible for routing the traffic for that CIDR block onward.
In this case, you're adding a destination (0.0.0.0/0<http://0.0.0.0/0>, which is shorthand for everything) to the route table defined by aws_vpc.default.main_route_table_id and defining the gateway defined by aws_internet_gateway.default.id<http://aws_internet_gateway.default.id> as being responsible for routing packets destined toward that route through the internet gateway.
An internet gateway sits as a bridge between the outside world and a public subnet in a VPC, allowing internet access in to your VPC.
Does that make things a little clearer?
Andrew
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Terraform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to terraform-too...@googlegroups.com<mailto:terraform-too...@googlegroups.com>.
To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/d82b192d-0e17-4a95-9055-eacd37cde1aa%40googlegroups.com<https://groups.google.com/d/msgid/terraform-tool/d82b192d-0e17-4a95-9055-eacd37cde1aa%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
I had a similar issue when I first started using Terraform. The routes are the individual entries in the route table. Routes can also be defined inline with the route table, but I have found it is better to define them separately and assign them to the route table as if define inline you can end up with some dependency problems.
It's the same with security groups, you define the security group, then create each security group rule and assign it to the group. Those can also be defined inline.
Hope this helps,
Andrew.
________________________________________
From: terrafo...@googlegroups.com [terrafo...@googlegroups.com] on behalf of Koby Meir [koby...@gmail.com]
Sent: 28 July 2016 13:28
To: Terraform
Cc: andrew....@thoughtworks.com
Subject: Re: [terraform] don't understand what is aws_route in vpc and it's purpose?
I understand the meaning of IGW and routing, i still don't understand why i need aws_route defined while i have aws_route_table and aws_route_table_association defined for each one of my subet?
And what this piece of code actually does on AWS account, as i couldn't notice any change on my AWS VPC configuration with or without this code.
Thanks for the help.
Koby
On Thursday, July 28, 2016 at 1:52:47 AM UTC+3, Andrew Langhorn wrote:
Hi Koby,
The aws_route resource adds a route to the route table to direct traffic destined for a particular CIDR block through a specific gateway. That gateway is then responsible for routing the traffic for that CIDR block onward.
An internet gateway sits as a bridge between the outside world and a public subnet in a VPC, allowing internet access in to your VPC.
Does that make things a little clearer?
Andrew
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Terraform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to terraform-too...@googlegroups.com<mailto:terraform-too...@googlegroups.com>.
To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/d82b192d-0e17-4a95-9055-eacd37cde1aa%40googlegroups.com<https://groups.google.com/d/msgid/terraform-tool/d82b192d-0e17-4a95-9055-eacd37cde1aa%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages