fix(core): Add static routing to Customer Gateway and vpnConnection (#741)

naveenkoppula · web-flow · commit 4b4bd9954175 · 2021-05-26T07:25:12.000-04:00
* Fixing TGW Static Route

* Fixing tgw routes

* Add static routing to Customer Gateway and vpnConnection
diff --git a/src/deployments/cdk/src/deployments/firewall/cluster/step-2.ts b/src/deployments/cdk/src/deployments/firewall/cluster/step-2.ts
@@ -108,6 +108,7 @@ async function createCustomerGateways(props: {
 
   const firewallCgwName = firewallConfig['fw-cgw-name'];
   const firewallCgwAsn = firewallConfig['fw-cgw-asn'];
+  const firewallCgwRouting = firewallConfig['fw-cgw-routing'].toLowerCase();
 
   const addTagsDependencies = [];
   const addTagsToResources: AddTagsToResource[] = [];
@@ -127,13 +128,14 @@ async function createCustomerGateways(props: {
       customerGateway = new ec2.CfnCustomerGateway(scope, `${prefix}_cgw`, {
         type: 'ipsec.1',
         ipAddress: port.eipIpAddress,
-        bgpAsn: firewallCgwAsn,
+        bgpAsn: firewallCgwRouting === 'dynamic' ? firewallCgwAsn : 65000,
       });
 
       vpnConnection = new ec2.CfnVPNConnection(scope, `${prefix}_vpn`, {
         type: 'ipsec.1',
         transitGatewayId: transitGateway.tgwId,
         customerGatewayId: customerGateway.ref,
+        staticRoutesOnly: firewallCgwRouting === 'static' ? true : false,
       });
 
       const options = new VpnTunnelOptions(scope, `VpnTunnelOptions${index}`, {
