Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix vpn gateway creation #8

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Fix vpn gateway creation #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
59c8af6
add variable for enabling tg
lucasmacedot Feb 5, 2025
39c40b8
lint
lucasmacedot Feb 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions _outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,53 +1,53 @@
output "vpn_gateway_id" {
description = "Virtual Private Gateway ID"
value = join("", aws_vpn_gateway.default.*.id)
value = join("", aws_vpn_gateway.default[*].id)
}

output "customer_gateway_id" {
description = "Customer Gateway ID"
value = join("", aws_customer_gateway.default.*.id)
value = join("", aws_customer_gateway.default[*].id)
}

output "vpn_connection_id" {
description = "VPN Connection ID"
value = join("", aws_vpn_connection.default.*.id)
value = join("", aws_vpn_connection.default[*].id)
}

output "vpn_connection_customer_gateway_configuration" {
description = "The configuration information for the VPN connection's Customer Gateway (in the native XML format)"
value = join(
"",
aws_vpn_connection.default.*.customer_gateway_configuration,
aws_vpn_connection.default[*].customer_gateway_configuration,
)
}

output "vpn_connection_tunnel1_address" {
description = "The public IP address of the first VPN tunnel"
value = join("", aws_vpn_connection.default.*.tunnel1_address)
value = join("", aws_vpn_connection.default[*].tunnel1_address)
}

output "vpn_connection_tunnel1_cgw_inside_address" {
description = "The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway side)"
value = join("", aws_vpn_connection.default.*.tunnel1_cgw_inside_address)
value = join("", aws_vpn_connection.default[*].tunnel1_cgw_inside_address)
}

output "vpn_connection_tunnel1_vgw_inside_address" {
description = "The RFC 6890 link-local address of the first VPN tunnel (Virtual Private Gateway side)"
value = join("", aws_vpn_connection.default.*.tunnel1_vgw_inside_address)
value = join("", aws_vpn_connection.default[*].tunnel1_vgw_inside_address)
}

output "vpn_connection_tunnel2_address" {
description = "The public IP address of the second VPN tunnel"
value = join("", aws_vpn_connection.default.*.tunnel2_address)
value = join("", aws_vpn_connection.default[*].tunnel2_address)
}

output "vpn_connection_tunnel2_cgw_inside_address" {
description = "The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway side)"
value = join("", aws_vpn_connection.default.*.tunnel2_cgw_inside_address)
value = join("", aws_vpn_connection.default[*].tunnel2_cgw_inside_address)
}

output "vpn_connection_tunnel2_vgw_inside_address" {
description = "The RFC 6890 link-local address of the second VPN tunnel (Virtual Private Gateway side)"
value = join("", aws_vpn_connection.default.*.tunnel2_vgw_inside_address)
value = join("", aws_vpn_connection.default[*].tunnel2_vgw_inside_address)
}

13 changes: 8 additions & 5 deletions _variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,13 @@ variable "vpc_id" {

variable "vpn_gateway_amazon_side_asn" {
description = "The Autonomous System Number (ASN) for the Amazon side of the VPN gateway. If you don't specify an ASN, the Virtual Private Gateway is created with the default ASN"
type = number
default = 64512
}

variable "customer_gateway_bgp_asn" {
description = "The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN)"
type = number
default = 65000
}

Expand Down Expand Up @@ -193,6 +195,12 @@ variable "transit_gateway_id" {
default = null
}

variable "transit_gateway_enabled" {
type = bool
description = "If the transit gateway will be created"
default = false
}

variable "transit_gateway_default_route_table_id" {
type = string
description = "Define Transit gateway default route table id. Required when vpn_connection_static_routes_destinations is used"
Expand All @@ -214,8 +222,3 @@ variable "tags" {
description = "Extra tags to attach to resources"
}

variable "create_vpn_gateway" {
type = bool
description = "Create VPN Gateway"
default = true
}
20 changes: 11 additions & 9 deletions main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
data "aws_vpn_gateway" "default" {
count = var.create_vpn_gateway == "true" ? 1 : 0
attached_vpc_id = var.vpc_id
locals {
vpn_gateway_id = one(aws_vpn_gateway.default[*].id)
customer_gateway_id = join("", aws_customer_gateway.default[*].id)
vpn_connection_id = join("", aws_vpn_connection.default[*].id)
}

# https://www.terraform.io/docs/providers/aws/r/vpn_gateway.html
resource "aws_vpn_gateway" "default" {
count = var.transit_gateway_id != null ? (var.create_vpn_gateway ? 1 : 0) : 0
count = var.transit_gateway_enabled ? 0 : 1
vpc_id = var.vpc_id
amazon_side_asn = var.vpn_gateway_amazon_side_asn
tags = merge(
Expand All @@ -31,8 +32,8 @@ resource "aws_customer_gateway" "default" {

# https://www.terraform.io/docs/providers/aws/r/vpn_connection.html
resource "aws_vpn_connection" "default" {
vpn_gateway_id = try(lenght(aws_vpn_gateway.default.*.id) > 0 ? aws_vpn_gateway.default.*.id : var.create_vpn_gateway ? data.aws_vpn_gateway.default[0].id : null, null)
customer_gateway_id = join("", aws_customer_gateway.default.*.id)
vpn_gateway_id = var.transit_gateway_enabled ? null : local.vpn_gateway_id
customer_gateway_id = local.customer_gateway_id
transit_gateway_id = try(var.transit_gateway_id, null)
type = var.ipsec_type
static_routes_only = var.vpn_connection_static_routes_only
Expand Down Expand Up @@ -75,15 +76,15 @@ resource "aws_vpn_connection" "default" {

# https://www.terraform.io/docs/providers/aws/r/vpn_gateway_route_propagation.html
resource "aws_vpn_gateway_route_propagation" "default" {
count = var.transit_gateway_id != null && length(var.route_table_ids) > 0 ? 1 : 0
vpn_gateway_id = join("", aws_vpn_gateway.default.*.id)
count = var.transit_gateway_enabled ? 0 : length(var.route_table_ids)
vpn_gateway_id = local.vpn_gateway_id
route_table_id = element(var.route_table_ids, count.index)
}

# https://www.terraform.io/docs/providers/aws/r/vpn_connection_route.html
resource "aws_vpn_connection_route" "default" {
count = var.vpn_connection_static_routes_only && var.transit_gateway_id == null ? length(var.vpn_connection_static_routes_destinations) : 0
vpn_connection_id = join("", aws_vpn_connection.default.*.id)
vpn_connection_id = local.vpn_connection_id
destination_cidr_block = element(var.vpn_connection_static_routes_destinations, count.index)
}

Expand All @@ -93,3 +94,4 @@ resource "aws_ec2_transit_gateway_route" "default" {
transit_gateway_attachment_id = aws_vpn_connection.default.transit_gateway_attachment_id
transit_gateway_route_table_id = var.transit_gateway_default_route_table_id
}

1 change: 0 additions & 1 deletion versions.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
terraform {
required_version = ">= 0.13.0"

required_providers {
aws = {
source = "hashicorp/aws"
Expand Down
Loading