With these steps completed, you will have successfully configured a VPN connection between your AWS VPC and your on-premises network. This allows secure communication between the two environments, enabling data exchange and resource access as if they were part of the same private network.
Let’s understand how we can accomplish the same using Cloud Shell.
Configuring a VPN in an AWS environment using Cloud Shell involves several steps. Here is a step-by-step guide to setting up a VPN:

1. Launch Cloud Shell: Open AWS Cloud Shell from the AWS Management Console. It provides an integrated CLI with the necessary tools pre-installed for managing AWS resources.
2. Create a VGW: Use the aws ec2 create-vpn-gateway command to create a VGW in AWS. This VGW will act as the entry and exit point for VPN traffic to and from your VPC:

aws ec2 create-vpn-gateway –type ipsec.1 –tag-specifications ‘ResourceType=vpn-gateway,Tags=[{Key=Name,Value=my-vpn-gateway}]’

3. Describe the VGW and note down its ID: Use the aws ec2 describe-vpn-gateways command to get information about the VGW you just created. Note down the VGW ID; it will be needed in the following steps:

aws ec2 describe-vpn-gateways –filters “Name=tag:Name,Values=my-vpn-gateway”

4. Create a CGW: Next, set up a CGW on your on-premises network. Use the aws ec2 create-customer-gateway command to create the CGW. Replace with the public IP address of your on-premises VPN device:

aws ec2 create-customer-gateway –type ipsec.1 –public-ip –tag-specifications ‘ResourceType=customer-gateway,Tags=[{Key=Name,Value=my-customer-gateway}]
‘

5. Describe the CGW and note down the ID: Use the aws ec2 describe-customer-gateways command to get information about the CGW you just created. Note down the CGW ID as it will be needed in the following steps:

aws ec2 describe-customer-gateways –filters “Name=tag:Name,Values=my-customer-gateway”

6. Create a VPN connection: Create a site-to-site VPN connection using the aws ec2 create-vpn-connection command. Replace with the VGW ID you obtained in Step 3, and with the CGW ID you obtained in Step 5:

aws ec2 create-vpn-connection –type ipsec.1 –customer-gateway-id –vpn-gateway-id –tag-specifications ‘ResourceType=vpn-connection,Tags=[{Key=Name,Value=my-vpn-connection}]’

7. Describe the VPN connection and note down the configuration details: Use the aws ec2 describe-vpn-connections command to get information about the VPN connection you just created. Note down the configuration details, including the pre-shared key and the configuration file, as you will need them to configure your CGW:

aws ec2 describe-vpn-connections –filters “Name=tag:Name,Values=my-vpn-connection”

8. Configure your CGW: On your on-premises network, use the downloaded configuration information (pre-shared key and configuration file) to configure your CGW device or software.
9. Verify and monitor the VPN connection: Once the VPN has been configured, verify the status of the VPN connection in the AWS Management Console or using the aws ec2 describe-vpn-connections command. You can also monitor VPN performance and connection status using Amazon CloudWatch.