This example shows how to configure a single VPN tunnel using a couple of extra features
- custom advertisement on the tunnel's BGP session; if custom advertisement is not needed, simply set the
bgp_peer_options
attribute to null
- internally generated shared secret, which can be fetched from the module's
random_secret
output for reuse; a predefined secret can be used instead by assigning it to the shared_secret
attribute
name |
description |
type |
required |
default |
name |
VPN gateway name, and prefix used for dependent resources. |
string |
✓ |
|
network |
VPC used for the gateway and routes. |
string |
✓ |
|
project_id |
Project where resources will be created. |
string |
✓ |
|
region |
Region used for resources. |
string |
✓ |
|
gateway_address |
Optional address assigned to the VPN gateway. Ignored unless gateway_address_create is set to false. |
string |
|
"" |
gateway_address_create |
Create external address assigned to the VPN gateway. Needs to be explicitly set to false to use address in gateway_address variable. |
bool |
|
true |
route_priority |
Route priority, defaults to 1000. |
number |
|
1000 |
router_advertise_config |
Router custom advertisement configuration, ip_ranges is a map of address ranges and descriptions. |
object({…}) |
|
null |
router_asn |
Router ASN used for auto-created router. |
number |
|
64514 |
router_create |
Create router. |
bool |
|
true |
router_name |
Router name used for auto created router, or to specify existing router to use. Leave blank to use VPN name for auto created router. |
string |
|
"" |
tunnels |
VPN tunnel configurations, bgp_peer_options is usually null. |
map(object({…})) |
|
{} |