Documentation VyOS Deployment on AWS and Azure for Secure Cloud-to-Cloud Connectivity (#1673)

* Added documentation pages for AWS/Azure HA deployment and modified pages AWS,Azure,GCP

* Update docs/installation/cloud/azure-ha.rst

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Added documentation page VyOS Deployment on AWS and Azure for Secure Cloud-to-Cloud Connectivity

* Modified diagram name

* Update docs/installation/cloud/aws-to-azure.rst

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

docs/installation/cloud/aws-to-azure.rst

@@ -0,0 +1,189 @@
+##########
+VyOS Deployment on AWS and Azure for Secure Cloud-to-Cloud Connectivity
+##########
+
+This document provides step-by-step guidance for deploying VyOS routers on both AWS and Azure. 
+It describes how to establish secure inter-cloud connectivity using IPsec tunnels with BGP, 
+automated through Terraform. Example workloads (Amazon Linux EC2 on AWS and Ubuntu VM on Azure) 
+are also deployed for connectivity validation.
+
+Why Cloud-to-Cloud Connectivity?
+--------------------------------
+
+Cloud-to-cloud connectivity is needed in modern multi-cloud environments for several reasons:
+
+- **Inter-Cloud Connectivity**
+
+  Enable secure and reliable communication between workloads in different clouds  
+  (for example, AWS applications connecting to Azure-hosted identity services).
+
+- **Cloud-to-Cloud Migration**
+
+  During migration projects, workloads may temporarily run in both clouds.  
+  Direct tunnels ensure smooth transition and synchronization.
+
+- **Testing and Validation**
+
+  Labs and proof-of-concepts often simulate multi-cloud architectures.  
+  A VyOS-based tunnel lets teams test routing, encryption, and failover before production rollout.
+
+Architecture
+------------
+
+The architecture consists of VyOS routers deployed in both AWS and Azure, connected via secure IPsec tunnels.  
+BGP is used for dynamic routing between the clouds, allowing for seamless communication.
+
+.. figure:: /_static/images/cloud-aws-to-azure.png
+   :alt: VyOS Cloud-to-Cloud topology diagram
+
+Terraform Automation
+--------------------
+
+To streamline and standardize the deployment process, a set of **Terraform projects** has been developed.  
+These projects automate the provisioning of **VyOS instances** and the required networking resources across **AWS** and **Azure**.
+
+In addition to deploying VyOS, these projects also provision an **Amazon Linux EC2 instance** on AWS and an **Ubuntu VM** on Azure.  
+These serve as test endpoints to validate connectivity between the cloud environments.
+
+Prerequisites
+-------------
+
+AWS Environment
+^^^^^^^^^^^^^^^
+
+- Active AWS account with permissions for EC2, VPC, Transit Gateway, Route Server, and IAM (for keypair and role management).
+
+Local Environment:
+
+- AWS CLI installed: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
+
+- Terraform installed: https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
+
+Set AWS credentials in your shell:
+
+.. code-block:: none
+
+   export AWS_ACCESS_KEY_ID="<AWS_ACCESS_KEY_ID>"
+   export AWS_SECRET_ACCESS_KEY="<AWS_SECRET_ACCESS_KEY>"
+   export AWS_SESSION_TOKEN="<AWS_SESSION_TOKEN>"
+   export AWS_DEFAULT_REGION="<AWS_REGION>"  # e.g., us-east-1
+
+Obtain VyOS AMI ID and Owner ID:
+
+Subscribe to VyOS via AWS Marketplace. Then run:
+
+.. code-block:: none
+
+   aws ec2 describe-images \
+     --owners aws-marketplace \
+     --filters "Name=product-code,Values=8wqdkv3u2b9sa0y73xob2yl90" \
+     --query 'Images[*].[ImageId,OwnerId,Name]' \
+     --output table
+
+Alternatively, set the ``vyos_ami_id`` variable directly in ``variables.tf``.
+
+Generate an SSH keypair (or use the included demo key):
+
+.. code-block:: none
+
+   ssh-keygen -b 2048 -t rsa -m PEM -f keys/vyos_custom_key.pem
+   chmod 400 keys/vyos_custom_key.pem
+
+Azure Environment
+^^^^^^^^^^^^^^^^^
+
+- Active Azure subscription:
+
+.. code-block:: none
+
+   az account set --subscription "<subscription ID or name>"
+
+- Azure CLI installed:
+
+  https://learn.microsoft.com/en-us/cli/azure/install-azure-cli
+
+- Logged in with Azure credentials:
+
+.. code-block:: none
+
+   az version
+   az login
+
+- Azure Resource Group (RG) created:
+
+.. code-block:: none
+
+   az group create --name demoResourceGroup --location westus
+   az group list
+   az group show --name demoResourceGroup
+
+- Terraform installed:
+
+  https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
+
+- SSH key generated:
+
+.. code-block:: none
+
+   ssh-keygen -t rsa -b 4096 -f keys/id_rsa
+   chmod 400 keys/id_rsa
+
+Usage
+-----
+
+AWS
+^^^
+
+All variables needed for customization are defined in ``variables.tf``.  
+Adjust them according to your requirements, such as EC2 instance type and networking configurations.  
+
+Before deployment, ensure you check ``aws_region``, ``availability_zone``, and update ``vyos_ami_id`` as necessary.
+
+Azure
+^^^^^
+
+All variables needed for customization are defined in ``variables.tf``.  
+Adjust them according to your requirements, such as VM size and networking configurations.  
+
+Before deployment, ensure you check ``azure_region``, ``availability_zone``, and update ``subscription_id`` and ``resource_group_name`` as necessary.
+
+Terraform Workflow
+^^^^^^^^^^^^^^^^^^
+
+.. code-block:: none
+
+   terraform init
+   terraform fmt
+   terraform validate
+   terraform plan
+   terraform apply
+
+On completion, run:
+
+.. code-block:: none
+
+   terraform output
+
+This displays the public IP addresses of the VyOS instances.
+
+To clean up:
+
+.. code-block:: none
+
+   terraform destroy
+
+Management
+----------
+
+SSH into VyOS:
+
+.. code-block:: none
+
+   ssh vyos@<vyos_public_ip> -i keys/vyos_custom_key.pem
+
+GitHub Repository
+-----------------
+
+You can clone or download the Terraform projects and use them in your environment:
+
+https://github.com/vyos/vyos-automation/tree/main/Terraform/Cloud-to-Cloud

docs/installation/cloud/index.rst

@@ -11,5 +11,6 @@ Running VyOS in Cloud Environments
    aws-ha
    azure
    azure-ha
+   aws-to-azure
    gcp
    oracle