diff --git a/blueprints/networking/ha-vpn-over-interconnect/README.md b/blueprints/networking/ha-vpn-over-interconnect/README.md
index db89d87e..a4b29ca1 100644
--- a/blueprints/networking/ha-vpn-over-interconnect/README.md
+++ b/blueprints/networking/ha-vpn-over-interconnect/README.md
@@ -32,7 +32,7 @@ The two Dedicated Interconnect connections should already exist, either in the s
| [overlay_config](variables.tf#L24) | Configuration for the overlay resources. | object({…}) | ✓ | |
| [project_id](variables.tf#L66) | The project id. | string | ✓ | |
| [region](variables.tf#L71) | GCP Region. | string | ✓ | |
-| [underlay_config](variables.tf#L76) | Configuration for the underlay resources. | object({…}) | ✓ | |
+| [underlay_config](variables.tf#L76) | Configuration for the underlay resources. | object({…}) | ✓ | |
## Outputs
diff --git a/blueprints/networking/ha-vpn-over-interconnect/underlay.tf b/blueprints/networking/ha-vpn-over-interconnect/underlay.tf
index 6ad9c450..bb8709cc 100644
--- a/blueprints/networking/ha-vpn-over-interconnect/underlay.tf
+++ b/blueprints/networking/ha-vpn-over-interconnect/underlay.tf
@@ -38,13 +38,16 @@ module "va-a" {
create = false
name = google_compute_router.encrypted-interconnect-underlay-router.name
}
- dedicated_interconnect_config = {
+ vpn_gateways_ip_range = var.underlay_config.attachments.a.vpn_gateways_ip_range
+ dedicated_interconnect_config = var.underlay_config.interconnect_type != "DEDICATED" ? null : {
bandwidth = var.underlay_config.attachments.a.bandwidth
bgp_range = var.underlay_config.attachments.a.bgp_range
interconnect = var.underlay_config.attachments.a.interconnect_self_link
vlan_tag = var.underlay_config.attachments.a.vlan_tag
}
- vpn_gateways_ip_range = var.underlay_config.attachments.a.vpn_gateways_ip_range
+ partner_interconnect_config = var.underlay_config.interconnect_type != "PARTNER" ? null : {
+ edge_availability_domain = "zone1"
+ }
}
module "va-b" {
@@ -59,11 +62,14 @@ module "va-b" {
create = false
name = google_compute_router.encrypted-interconnect-underlay-router.name
}
- dedicated_interconnect_config = {
+ vpn_gateways_ip_range = var.underlay_config.attachments.b.vpn_gateways_ip_range
+ dedicated_interconnect_config = var.underlay_config.interconnect_type != "DEDICATED" ? null : {
bandwidth = var.underlay_config.attachments.b.bandwidth
bgp_range = var.underlay_config.attachments.b.bgp_range
interconnect = var.underlay_config.attachments.b.interconnect_self_link
vlan_tag = var.underlay_config.attachments.b.vlan_tag
}
- vpn_gateways_ip_range = var.underlay_config.attachments.b.vpn_gateways_ip_range
+ partner_interconnect_config = var.underlay_config.interconnect_type != "PARTNER" ? null : {
+ edge_availability_domain = "zone2"
+ }
}
diff --git a/blueprints/networking/ha-vpn-over-interconnect/variables.tf b/blueprints/networking/ha-vpn-over-interconnect/variables.tf
index 163ea1ac..196ef269 100644
--- a/blueprints/networking/ha-vpn-over-interconnect/variables.tf
+++ b/blueprints/networking/ha-vpn-over-interconnect/variables.tf
@@ -88,5 +88,10 @@ variable "underlay_config" {
gcp_bgp = object({
asn = number
})
+ interconnect_type = optional(string, "DEDICATED")
})
+ validation {
+ condition = var.underlay_config.interconnect_type == "DEDICATED" || var.underlay_config.interconnect_type == "PARTNER"
+ error_message = "var.underlay_config.interconnect_type must by either \"DEDICATED\" or \"PARTNER\""
+ }
}