Skip to content

Latest commit

 

History

History
112 lines (89 loc) · 5.88 KB

File metadata and controls

112 lines (89 loc) · 5.88 KB

Requirements

No requirements.

Providers

Name Version
azurerm n/a

Modules

No modules.

Resources

Name Type
azurerm_point_to_site_vpn_gateway.p2svpng resource
azurerm_resource_group.rg resource

Inputs

Name Description Type Default Required
connection_configuration (Required) A connection_configuration block as defined below.
object({
name = string
vpn_client_address_pool = object({
address_prefixes = list(string)
})
route = optional(object({
associated_route_table_id = string
inbound_route_map_id = optional(string)
outbound_route_map_id = optional(string)
propagated_route_table = optional(object({
ids = list(string)
labels = optional(list(string))
}))
}))
internet_security_enabled = optional(bool)
})
n/a yes
deploy_resource_group (Optional) Specifies whether to deploy the resource group or not. Defaults to true. bool true no
dns_servers (Optional) A list of IP Addresses of DNS Servers for the Point-to-Site VPN Gateway. list(string) [] no
location (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. string "westeurope" no
managed_by (Optional) The ID of the resource or application that manages this Resource Group. string null no
name (Required) Specifies the name of the Point-to-Site VPN Gateway. Changing this forces a new resource to be created. string n/a yes
resource_group_name (Required) The name of the resource group in which to create the Point-to-Site VPN Gateway. Changing this forces a new resource to be created. string n/a yes
routing_preference_internet_enabled (Optional) Is the Routing Preference for the Public IP Interface of the VPN Gateway enabled? Defaults to false. Changing this forces a new resource to be created. bool false no
scale_unit (Required) The Scale Unit for this Point-to-Site VPN Gateway. number n/a yes
tags (Optional) A mapping of tags to assign to the resources any null no
virtual_hub_id (Required) The ID of the Virtual Hub where this Point-to-Site VPN Gateway should exist. Changing this forces a new resource to be created. string n/a yes
vpn_server_configuration_id (Required) The ID of the VPN Server Configuration which this Point-to-Site VPN Gateway should use. Changing this forces a new resource to be created. string n/a yes

Outputs

Name Description
id The ID of the Point-to-Site VPN Gateway.

Usage

data "azurerm_client_config" "current" {
}

data "azurerm_virtual_hub" "vhub" {
  name                = "example-vhub"
  resource_group_name = "example-rg"
}

data "azurerm_virtual_hub_route_table" "default" {
  name                = "defaultRouteTable"
  resource_group_name = "example-rg"
  virtual_hub_name    = data.azurerm_virtual_hub.vhub.name
}

data "azurerm_virtual_hub_route_table" "none" {
  name                = "noneRouteTable"
  resource_group_name = "example-rg"
  virtual_hub_name    = data.azurerm_virtual_hub.vhub.name
}

module "vpn_server_configuration" {
  source = "github.com/fjdev/terraform-azurerm-vpn-server-configuration"

  name                     = "example-vpnsc"
  deploy_resource_group    = false
  resource_group_name      = "example-rg"
  vpn_authentication_types = ["AAD"]
  vpn_protocols            = ["OpenVPN"]

  azure_active_directory_authentication = {
    audience = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
    issuer   = "https://sts.windows.net/${data.azurerm_client_config.current.tenant_id}/"
    tenant   = "https://login.microsoftonline.com/${data.azurerm_client_config.current.tenant_id}/"
  }
}

module "point_to_site_vpn_gateway" {
  source = "github.com/fjdev/terraform-azurerm-point-to-site-vpn-gateway"

  name                  = "example-p2svpng"
  deploy_resource_group = false
  resource_group_name   = "example-rg"

  connection_configuration = {
    name = "P2SConnectionConfig-OpenVN-AAD"
    vpn_client_address_pool = {
      address_prefixes = ["10.99.112.0/21"]
    }
    route = {
      associated_route_table_id = data.azurerm_virtual_hub_route_table.default.id
      propagated_route_table = {
        ids    = [data.azurerm_virtual_hub_route_table.none.id]
        labels = ["none"]
      }
    }
  }

  scale_unit                  = 4
  virtual_hub_id              = data.azurerm_virtual_hub.vhub.id
  vpn_server_configuration_id = module.vpn_server_configuration.id
  dns_servers                 = ["10.99.4.4"]
}