cloud-foundation-fabric/modules/net-vpn-static

Cloud VPN Route-based Module

Example

module "addresses" {
  source     = "./fabric/modules/net-address"
  project_id = var.project_id
  external_addresses = {
    vpn = { region = "europe-west1" }
  }
}

module "vpn" {
  source                 = "./fabric/modules/net-vpn-static"
  project_id             = var.project_id
  region                 = var.region
  network                = var.vpc.self_link
  name                   = "remote"
  gateway_address_create = false
  gateway_address        = module.addresses.external_addresses["vpn"].address
  remote_ranges          = ["10.10.0.0/24"]
  tunnels = {
    remote-0 = {
      peer_ip           = "1.1.1.1"
      shared_secret     = "mysecret"
      traffic_selectors = { local = ["0.0.0.0/0"], remote = ["0.0.0.0/0"] }
    }
  }
}
# tftest modules=2 resources=8

Variables

name	description	type	required	default
name	VPN gateway name, and prefix used for dependent resources.	string	✓
network	VPC used for the gateway and routes.	string	✓
project_id	Project where resources will be created.	string	✓
region	Region used for resources.	string	✓
gateway_address	Optional address assigned to the VPN gateway. Ignored unless gateway_address_create is set to false.	string		null
gateway_address_create	Create external address assigned to the VPN gateway. Needs to be explicitly set to false to use address in gateway_address variable.	bool		true
remote_ranges	Remote IP CIDR ranges.	list(string)		[]
route_priority	Route priority, defaults to 1000.	number		1000
tunnels	VPN tunnel configurations.	map(object({…}))		{}

Outputs

name	description	sensitive
address	VPN gateway address.
gateway	VPN gateway resource.
id	Fully qualified VPN gateway id.
name	VPN gateway name.
random_secret	Generated secret.
self_link	VPN gateway self link.
tunnel_names	VPN tunnel names.
tunnel_self_links	VPN tunnel self links.
tunnels	VPN tunnel resources.