1. 创建 VPC 和子网

首先，需要在 AWS Management Console 中创建一个 Virtual Private Cloud (VPC)。假设 VPC 的 IP 地址范围为 10.0.0.0/16。在这个 VPC 中创建一个公共子网，我们假设子网 IP 范围为 10.0.1.0/24。

2. 创建 VPN 网关

接下来，需要创建一个 VPN 网关并将其附加到 VPC 上。在这里，我们将使用 Amazon 提供的 Amazon Virtual Private Cloud (Amazon VPC) 服务。以下是创建 VPN 网关的代码示例：

# Import the required modules
import boto3
from botocore.exceptions import ClientError

# Create an EC2 client
ec2 = boto3.client('ec2')

# Create a VPN gateway
try:
     response = ec2.create_vpn_gateway(Type='ipsec.1', AmazonSideAsn=65000)
     vpn_gateway_id = response['VpnGateway']['VpnGatewayId']
     print(f'VPN gateway created with ID {vpn_gateway_id}')
except ClientError as e:
     print(f'Error creating VPN gateway: {e}')

3. 配置路由表和安全组

接下来，需要配置路由表和安全组，以确保 VPN 网关可以与 VPC 连接。以下是为 VPC 配置路由表和安全组的代码示例：

# Create a new route table for the VPC
try:
     response = ec2.create_route_table(VpcId=vpc_id)
     route_table_id = response['RouteTable']['RouteTableId']
     print(f'Route table created with ID {route_table_id}')
except ClientError as e:
     print(f'Error creating route table: {e}')

# Associate the route table with the public subnet
try:
     response = ec2.associate_route_table(SubnetId=subnet_id, RouteTableId=route_table_id)
except ClientError as e:
     print(f'Error associating route table with subnet: {e}')

# Add a