Adds bfd and md5 auth support to google_compute_router_peer (#2142)
* Adds support for md5 auth to net-vlan-attachment * Adds support for md5 auth to net-ipsec-over-interconnect * Adds support for md5 auth to net-vpn-ha * Adds support for BFD to net-vpn-ha
This commit is contained in:
Simone Ruffilli
@@ -104,6 +104,18 @@ module "vpn_ha" {
|
||||
bgp_peer = {
|
||||
address = "169.254.1.1"
|
||||
asn = 64513
|
||||
# BFD is optional
|
||||
bfd = {
|
||||
min_receive_interval = 1000
|
||||
min_transmit_interval = 1000
|
||||
multiplier = 5
|
||||
session_initialization_mode = "ACTIVE"
|
||||
}
|
||||
# MD5 Authentication is optional
|
||||
md5_authentication_key = {
|
||||
name = "foo"
|
||||
key = "bar"
|
||||
}
|
||||
}
|
||||
bgp_session_range = "169.254.1.2/30"
|
||||
peer_external_gateway_interface = 0
|
||||
@@ -114,6 +126,18 @@ module "vpn_ha" {
|
||||
bgp_peer = {
|
||||
address = "169.254.2.1"
|
||||
asn = 64513
|
||||
# BFD is optional
|
||||
bfd = {
|
||||
min_receive_interval = 1000
|
||||
min_transmit_interval = 1000
|
||||
multiplier = 5
|
||||
session_initialization_mode = "ACTIVE"
|
||||
}
|
||||
# MD5 Authentication is optional
|
||||
md5_authentication_key = {
|
||||
name = "foo"
|
||||
key = "bar"
|
||||
}
|
||||
}
|
||||
bgp_session_range = "169.254.2.2/30"
|
||||
peer_external_gateway_interface = 0
|
||||
@@ -187,11 +211,11 @@ module "vpn_ha" {
|
||||
| [network](variables.tf#L22) | VPC used for the gateway and routes. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L47) | Project where resources will be created. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L52) | Region used for resources. | <code>string</code> | ✓ | |
|
||||
| [router_config](variables.tf#L57) | Cloud Router configuration for the VPN. If you want to reuse an existing router, set create to false and use name to specify the desired router. | <code title="object({ create = optional(bool, true) asn = number name = optional(string) keepalive = optional(number) custom_advertise = optional(object({ all_subnets = bool ip_ranges = map(string) })) })">object({…})</code> | ✓ | |
|
||||
| [router_config](variables.tf#L57) | Cloud Router configuration for the VPN. If you want to reuse an existing router, set create to false and use name to specify the desired router. | <code title="object({ asn = number create = optional(bool, true) custom_advertise = optional(object({ all_subnets = bool ip_ranges = map(string) })) keepalive = optional(number) name = optional(string) })">object({…})</code> | ✓ | |
|
||||
| [peer_gateways](variables.tf#L27) | Configuration of the (external or GCP) peer gateway. | <code title="map(object({ external = optional(object({ redundancy_type = string interfaces = list(string) description = optional(string, "Terraform managed external VPN gateway") })) gcp = optional(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [tunnels](variables.tf#L72) | VPN tunnel configurations. | <code title="map(object({ bgp_peer = object({ address = string asn = number route_priority = optional(number, 1000) custom_advertise = optional(object({ all_subnets = bool all_vpc_subnets = bool all_peer_vpc_subnets = bool ip_ranges = map(string) })) ipv6 = optional(object({ nexthop_address = optional(string) peer_nexthop_address = optional(string) })) }) bgp_session_range = string ike_version = optional(number, 2) peer_external_gateway_interface = optional(number) peer_gateway = optional(string, "default") router = optional(string) shared_secret = optional(string) vpn_gateway_interface = number }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [vpn_gateway](variables.tf#L104) | HA VPN Gateway Self Link for using an existing HA VPN Gateway. Ignored if `vpn_gateway_create` is set to `true`. | <code>string</code> | | <code>null</code> |
|
||||
| [vpn_gateway_create](variables.tf#L110) | Create HA VPN Gateway. Set to null to avoid creation. | <code title="object({ description = optional(string, "Terraform managed external VPN gateway") ipv6 = optional(bool, false) })">object({…})</code> | | <code>{}</code> |
|
||||
| [tunnels](variables.tf#L72) | VPN tunnel configurations. | <code title="map(object({ bgp_peer = object({ address = string asn = number route_priority = optional(number, 1000) bfd = optional(object({ min_receive_interval = optional(number) min_transmit_interval = optional(number) multiplier = optional(number) session_initialization_mode = optional(string, "ACTIVE") })) custom_advertise = optional(object({ all_subnets = bool all_vpc_subnets = bool all_peer_vpc_subnets = bool ip_ranges = map(string) })) md5_authentication_key = optional(object({ name = string key = string })) ipv6 = optional(object({ nexthop_address = optional(string) peer_nexthop_address = optional(string) })) }) bgp_session_range = string ike_version = optional(number, 2) peer_external_gateway_interface = optional(number) peer_gateway = optional(string, "default") router = optional(string) shared_secret = optional(string) vpn_gateway_interface = number }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [vpn_gateway](variables.tf#L114) | HA VPN Gateway Self Link for using an existing HA VPN Gateway. Ignored if `vpn_gateway_create` is set to `true`. | <code>string</code> | | <code>null</code> |
|
||||
| [vpn_gateway_create](variables.tf#L120) | Create HA VPN Gateway. Set to null to avoid creation. | <code title="object({ description = optional(string, "Terraform managed external VPN gateway") ipv6 = optional(bool, false) })">object({…})</code> | | <code>{}</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
||||
Reference in New Issue
Block a user