-
Notifications
You must be signed in to change notification settings - Fork 2
/
README.yaml
129 lines (119 loc) · 4.59 KB
/
README.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
---
#
# This is the canonical configuration for the `README.md`
# Run `make readme` to rebuild the `README.md`
#
# Name of this project
name : Terraform AZURE VPN
# License of this project
license: "APACHE"
# Canonical GitHub repo
github_repo: clouddrove/terraform-azure-vpn
# Badges to display
badges:
- name: "Terraform"
image: "https://img.shields.io/badge/Terraform-v1.1.7-green"
url: "https://www.terraform.io"
- name: "Licence"
image: "https://img.shields.io/badge/License-APACHE-blue.svg"
url: "LICENSE.md"
# description of this project
description: |-
Terraform module to create vpn resource on AZURE.
# extra content
include:
- "terraform.md"
# How to use this project
# How to use this project
usage: |-
Here are some examples of how you can use this module in your inventory structure:
### Default vnet-peering
```hcl
# vpn with azure ad
module "vpn" {
source = "clouddrove/vpn/azure"
version = "1.0.0"
depends_on = [module.vnet]
name = "app"
environment = "test"
label_order = ["name", "environment"]
vpn_ad = true
resource_group_name = module.resource_group.resource_group_name
virtual_network_name = module.vnet.vnet_name[0]
vpn_client_configuration = {
address_space = "172.16.200.0/24"
vpn_client_protocols = ["OpenVPN"]
vpn_auth_types = ["AAD"]
aad_tenant = "https://login.microsoftonline.com/bcffb719XXXXXXXXXXXX7ebfb2f7bdd"
aad_audience = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
aad_issuer = "https://sts.windows.net/bcffb719XXXXXXXXXXXX7ebfb2f7bdd/"
}
#### enable diagnostic setting
diagnostic_setting_enable = false
log_analytics_workspace_id = ""
}
```
```hcl
# vpn with certificate
module "vpn" {
source = "clouddrove/vpn/azure"
version = "1.0.0"
depends_on = [module.vnet]
name = "app"
environment = "test"
label_order = ["name", "environment"]
vpn_with_certificate = true
resource_group_name = module.resource_group.resource_group_name
virtual_network_name = module.vnet.vnet_name[0]
#### enable diagnostic setting
diagnostic_setting_enable = false
log_analytics_workspace_id = ""
vpn_client_configuration_c = {
address_space = "172.16.201.0/24"
vpn_client_protocols = ["OpenVPN", "IkeV2"]
certificate = <<EOF
MIIC5jCCAc6gAwIBAgIIUeUhLYf6UNwwDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE
AxMGVlBOIENBMB4XDTIyMTExMTE0MzA1NFoXDTI1MTExMDE0MzA1NFowETEPMA0G
A1UEAxMGVlBOIENBMIIBIjaNBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bxr
s1kwbRztA7mH79EoIlyZsmAhdIXV8ehbzNIakk1ByOqtBpQK1Xvde1z6rjL1hzCn
XD6xjW+xfF+yQ/zMyc6udrK2OvtuFmAsBYL5Bbb+Nf7U6Rp9IWZA6f/HO+XLft6q
sC0UD1wEK6LSn/1u+fCfT3UCMCjpskAtE3ossZCuhUjJ8jGNUb07Z84dQEQf0s3n
13V0kqNfpaxAhlWUVWrvKWlEGigoTqk4NcTNAzUEGR1b4Rt8qNzIwk8DhODfiOwT
ILsB3XWyA/IOv2eL3Eqx/lkykIBSEJALPE7j6igyTMoSPHtQA7NWrgYeWgiWh1AQ
VJpuY1vAIm3gfMAEoQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
/wQEAwIBBjAdBgNVHQ4EFgQUiEbr34wufRJ6+1Fh5am89bxRCuswDQYJKoZIhvcN
AQELBQADggEBABHs7e6X2uLpUPkfv0r8TH3MnskPEGObcqGDS8WWH0FO7hsbSMeZ
bTxJue6WTUvwrxYrmfqRZU/K+TtDregsa+GAYsl0wbl82nu2gBivpARLXYenfmwc
Zgul+ZwQPw7FB9rLugW7qKMhGUxYYnywTyfZI1EjP6ZAjYn7xB9G7zOGpkVCErPn
LIO1Knhk7J2XIXs6wCw1OcLJfXhjEEbnYZaHYA3LCTot9LM+3ecloILUo7rQgooB
4/YOgmo7Q3Qv0ahFvsEI/ZqSop6NpLlzIQ/T3hC/6m4aG/1u+yaac4E9ygZNg184
Mb0BNzEPxRFt+L8A72gd/nTcxGrxEcQlqEc=
EOF
}
}
```
```hcl
# site-to-site vpn
module "vpn" {
source = "clouddrove/vpn/azure"
version = "1.0.0"
name = "site-to-site"
environment = "test"
label_order = ["name", "environment"]
sts_vpn = true
resource_group_name = module.resource_group.resource_group_name
virtual_network_name = module.vnet.vnet_name[0]
gateway_type = "Vpn"
#### enable diagnostic setting
diagnostic_setting_enable = false
log_analytics_workspace_id = ""
local_networks = [
{
local_gw_name = "app-test-onpremise"
local_gateway_address = "20.232.135.45"
local_address_space = ["30.1.0.0/16"]
shared_key = "xpCGkHTBQmDvZK9HnLr7DAvH"
},
]
}
```