Deployes a virtual network gateway in Azure as Vpn, does not support Expressroute setup. VPN can be configured in active-active mode with optional point-to-site configuration activated.
Based of original module: https://github.com/avinor/terraform-azurerm-vpn
It supports creating:
- Public IP
- Network Gateway
- Network Gateway Connection
- Diagnostic Logging
Review the examples folder: examples
Perform the following commands on the root folder:
terraform init
to get the pluginsterraform plan
to see the infrastructure planterraform apply
to apply the infrastructure buildterraform destroy
to destroy the built infrastructure
< use terraform-docs to create Inputs and Outpus documentation terraform-docs
terraform-docs markdown .
The following dependencies must be installed on the development system:
Azure
- Terraform Provider for Azure
- CLI Tool az
Name | Version |
---|---|
azurerm | n/a |
random | n/a |
No modules.
Name | Type |
---|---|
azurerm_local_network_gateway.local | resource |
azurerm_monitor_diagnostic_setting.gw | resource |
azurerm_monitor_diagnostic_setting.gw_aa_pip | resource |
azurerm_monitor_diagnostic_setting.gw_pip | resource |
azurerm_public_ip.gw | resource |
azurerm_public_ip.gw_aa | resource |
azurerm_virtual_network_gateway.gw | resource |
azurerm_virtual_network_gateway_connection.local | resource |
random_string.dns | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
active_active | If true, an active-active Virtual Network Gateway will be created. An active-active gateway requires a HighPerformance or an UltraPerformance sku. If false, an active-standby gateway will be created. Defaults to false. | bool |
false |
no |
client_configuration | If set it will activate point-to-site configuration. | object({ address_space = string, protocols = list(string), certificate = string }) |
null |
no |
enable_bgp | If true, BGP (Border Gateway Protocol) will be enabled for this Virtual Network Gateway. Defaults to false. | bool |
false |
no |
local_networks | List of local virtual network connections to connect to gateway. | list(object({ name = string, gateway_address = string, address_space = list(string), shared_key = string, ipsec_policy = any })) |
[] |
no |
location | The Azure Region in which to create resource. | any |
n/a | yes |
log_analytics_workspace_id | Specifies the ID of a Log Analytics Workspace where Diagnostics Data should be sent. | any |
null |
no |
name | Name of virtual gateway. | any |
n/a | yes |
resource_group_name | Name of resource group to deploy resources in. | any |
n/a | yes |
sku | Configuration of the size and capacity of the virtual network gateway. | any |
n/a | yes |
subnet_id | Id of subnet where gateway should be deployed, have to be names GatewaySubnet. | any |
n/a | yes |
tags | Tags to apply to all resources created. | map(string) |
{} |
no |
Name | Description |
---|---|
fqdns | List of the fqdn for gateway. Will return 2 for active_ac |
Refer to the contribution guidelines for information on contributing to this module.