Deployes a virtual network gateway in Azure as Vpn, does not support Expressroute setup. VPN can be configured in active-active mode with optional point-to-site configuration activated.
Based of original module: https://github.com/avinor/terraform-azurerm-vpn
It supports creating:
- Public IP
- Network Gateway
- Network Gateway Connection
- Diagnostic Logging
Review the examples folder: examples
Perform the following commands on the root folder:
terraform initto get the pluginsterraform planto see the infrastructure planterraform applyto apply the infrastructure buildterraform destroyto destroy the built infrastructure
< use terraform-docs to create Inputs and Outpus documentation terraform-docs
terraform-docs markdown .
The following dependencies must be installed on the development system:
Azure
- Terraform Provider for Azure
- CLI Tool az
| Name | Version |
|---|---|
| azurerm | n/a |
| random | n/a |
No modules.
| Name | Type |
|---|---|
| azurerm_local_network_gateway.local | resource |
| azurerm_monitor_diagnostic_setting.gw | resource |
| azurerm_monitor_diagnostic_setting.gw_aa_pip | resource |
| azurerm_monitor_diagnostic_setting.gw_pip | resource |
| azurerm_public_ip.gw | resource |
| azurerm_public_ip.gw_aa | resource |
| azurerm_virtual_network_gateway.gw | resource |
| azurerm_virtual_network_gateway_connection.local | resource |
| random_string.dns | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| active_active | If true, an active-active Virtual Network Gateway will be created. An active-active gateway requires a HighPerformance or an UltraPerformance sku. If false, an active-standby gateway will be created. Defaults to false. | bool |
false |
no |
| client_configuration | If set it will activate point-to-site configuration. | object({ address_space = string, protocols = list(string), certificate = string }) |
null |
no |
| enable_bgp | If true, BGP (Border Gateway Protocol) will be enabled for this Virtual Network Gateway. Defaults to false. | bool |
false |
no |
| local_networks | List of local virtual network connections to connect to gateway. | list(object({ name = string, gateway_address = string, address_space = list(string), shared_key = string, ipsec_policy = any })) |
[] |
no |
| location | The Azure Region in which to create resource. | any |
n/a | yes |
| log_analytics_workspace_id | Specifies the ID of a Log Analytics Workspace where Diagnostics Data should be sent. | any |
null |
no |
| name | Name of virtual gateway. | any |
n/a | yes |
| resource_group_name | Name of resource group to deploy resources in. | any |
n/a | yes |
| sku | Configuration of the size and capacity of the virtual network gateway. | any |
n/a | yes |
| subnet_id | Id of subnet where gateway should be deployed, have to be names GatewaySubnet. | any |
n/a | yes |
| tags | Tags to apply to all resources created. | map(string) |
{} |
no |
| Name | Description |
|---|---|
| fqdns | List of the fqdn for gateway. Will return 2 for active_ac |
Refer to the contribution guidelines for information on contributing to this module.