From 91dfff60112db7a8308d583616d9ae7fda6996a8 Mon Sep 17 00:00:00 2001
From: mamrajyadav <themamraj0131@gmail.com>
Date: Fri, 12 Jan 2024 23:22:09 +0530
Subject: [PATCH] fix: add attributes and latest versions

---
 .deepsource.toml                              |   4 +
 .github/dependabot.yml                        |  65 +++++-
 .github/workflows/auto_assignee.yml           |  14 ++
 .github/workflows/automerge.yml               |  12 +
 .github/workflows/changelog.yml               |   6 +-
 .github/workflows/readme.yml                  |  11 +-
 .github/workflows/semantic-releaser.yml       |  30 ---
 .github/workflows/static-checks.yml           |  74 ------
 .github/workflows/tf-checks.yml               |  21 ++
 .github/workflows/tflint.yml                  |  11 +
 .github/workflows/tfsec.yml                   |   4 +-
 README.yaml                                   |  68 +++---
 .../point-to-site-with-ad/example.tf          |  34 +--
 _example/point-to-site-with-ad/output.tf      |   9 +
 _example/point-to-site-with-ad/versions.tf    |  13 ++
 .../point-to-site-with-certificate/example.tf |  32 +--
 .../point-to-site-with-certificate}/output.tf |   2 +-
 .../versions.tf                               |  13 ++
 .../site-to-site/example.tf                   |  28 +--
 {example => _example}/site-to-site/output.tf  |   7 +-
 _example/site-to-site/versions.tf             |  13 ++
 _test/vpn_gateway_test.go                     |  33 ---
 .../point-to-site-with-certificate/output.tf  |   5 -
 main.tf                                       |  91 +++++---
 output.tf                                     |  19 +-
 variables.tf                                  | 220 +++++++++++-------
 versions.tf                                   |   8 +-
 27 files changed, 478 insertions(+), 369 deletions(-)
 create mode 100644 .deepsource.toml
 create mode 100644 .github/workflows/auto_assignee.yml
 create mode 100644 .github/workflows/automerge.yml
 delete mode 100644 .github/workflows/semantic-releaser.yml
 delete mode 100644 .github/workflows/static-checks.yml
 create mode 100644 .github/workflows/tf-checks.yml
 create mode 100644 .github/workflows/tflint.yml
 rename example/point-to-site-with-ad/main.tf => _example/point-to-site-with-ad/example.tf (81%)
 create mode 100644 _example/point-to-site-with-ad/output.tf
 create mode 100644 _example/point-to-site-with-ad/versions.tf
 rename example/point-to-site-with-certificate/main.tf => _example/point-to-site-with-certificate/example.tf (87%)
 rename {example/point-to-site-with-ad => _example/point-to-site-with-certificate}/output.tf (56%)
 create mode 100644 _example/point-to-site-with-certificate/versions.tf
 rename example/site-to-site/main.tf => _example/site-to-site/example.tf (86%)
 rename {example => _example}/site-to-site/output.tf (60%)
 create mode 100644 _example/site-to-site/versions.tf
 delete mode 100644 _test/vpn_gateway_test.go
 delete mode 100644 example/point-to-site-with-certificate/output.tf

diff --git a/.deepsource.toml b/.deepsource.toml
new file mode 100644
index 0000000..18b001a
--- /dev/null
+++ b/.deepsource.toml
@@ -0,0 +1,4 @@
+version = 1
+
+[[analyzers]]
+name = "terraform"
\ No newline at end of file
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 812c152..a94273e 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,19 +5,78 @@
 
 version: 2
 updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 3
+    assignees:
+      - "clouddrove-ci"
+    reviewers:
+      - "approvers"
+
   - package-ecosystem: "terraform" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
       interval: "weekly"
+    # Add assignees
+    assignees:
+      - "clouddrove-ci"
+    # Add reviewer
+    reviewers:
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
+
+  - package-ecosystem: "terraform" # See documentation for possible values
+    directory: "/_example/complete" # Location of package manifests
+    schedule:
+      interval: "weekly"
+    # Add assignees
+    assignees:
+      - "clouddrove-ci"
+    # Add reviewer
+    reviewers:
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
+
   - package-ecosystem: "terraform" # See documentation for possible values
-    directory: "example/point-to-site-with-ad" # Location of package manifests
+    directory: "/_example/point-to-site-with-certificate" # Location of package manifests
     schedule:
       interval: "weekly"
+    # Add assignees
+    assignees:
+      - "clouddrove-ci"
+    # Add reviewer
+    reviewers:
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
+
   - package-ecosystem: "terraform" # See documentation for possible values
-    directory: "example/point-to-site-with-certificate" # Location of package manifests
+    directory: "/_example/point-to-site-with-ad" # Location of package manifests
     schedule:
       interval: "weekly"
+    # Add assignees
+    assignees:
+      - "clouddrove-ci"
+    # Add reviewer
+    reviewers:
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
+
   - package-ecosystem: "terraform" # See documentation for possible values
-    directory: "example/site-to-site" # Location of package manifests
+    directory: "/_example/site-to-site" # Location of package manifests
     schedule:
       interval: "weekly"
+    # Add assignees
+    assignees:
+      - "clouddrove-ci"
+    # Add reviewer
+    reviewers:
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
diff --git a/.github/workflows/auto_assignee.yml b/.github/workflows/auto_assignee.yml
new file mode 100644
index 0000000..d10f4a1
--- /dev/null
+++ b/.github/workflows/auto_assignee.yml
@@ -0,0 +1,14 @@
+name: Auto Assign PRs
+
+on:
+  pull_request:
+    types: [opened, reopened]
+
+  workflow_dispatch:
+jobs:
+  assignee:
+    uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@1.0.10
+    secrets:
+      GITHUB: ${{ secrets.GITHUB }}
+    with:
+      assignees: 'clouddrove-ci'
diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml
new file mode 100644
index 0000000..728924c
--- /dev/null
+++ b/.github/workflows/automerge.yml
@@ -0,0 +1,12 @@
+---
+name: Auto merge
+on:
+  pull_request:
+jobs:
+  auto-merge:
+    uses: clouddrove/github-shared-workflows/.github/workflows/auto_merge.yml@1.0.10
+    secrets:
+      GITHUB: ${{ secrets.GITHUB }}
+    with:
+      tfcheck: 'point-to-site-with-ad-example / Check code format'
+...
diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml
index 3e88b85..c2a8cd4 100644
--- a/.github/workflows/changelog.yml
+++ b/.github/workflows/changelog.yml
@@ -6,8 +6,8 @@ on:
       - "*"
   workflow_dispatch:
 jobs:
-  call-workflow-changelog:
-    uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@master
+  changelog:
+    uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@1.0.10
     secrets: inherit
     with:
-      branch: 'master'
\ No newline at end of file
+      branch: 'master'
diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml
index 8b60bee..1eb0243 100644
--- a/.github/workflows/readme.yml
+++ b/.github/workflows/readme.yml
@@ -13,29 +13,28 @@ jobs:
         uses: actions/checkout@master
 
       - name: 'Set up Python 3.7'
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         with:
           python-version: '3.x'
 
       - name: 'create readme'
-        uses: 'clouddrove/github-actions@v9.0.2'
+        uses: 'clouddrove/github-actions@9.0.3'
         with:
           actions_subcommand: 'readme'
           github_token: '${{ secrets.GITHUB }}'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-
       - name: 'pre-commit check errors'
-        uses: pre-commit/action@v2.0.0
+        uses: pre-commit/action@v3.0.0
         continue-on-error: true
 
       - name: 'pre-commit fix erros'
-        uses: pre-commit/action@v2.0.0
+        uses: pre-commit/action@v3.0.0
         continue-on-error: true
 
       - name: 'push readme'
-        uses: 'clouddrove/github-actions@v9.0.2'
+        uses: 'clouddrove/github-actions@9.0.3'
         continue-on-error: true
         with:
           actions_subcommand: 'push'
diff --git a/.github/workflows/semantic-releaser.yml b/.github/workflows/semantic-releaser.yml
deleted file mode 100644
index 6e685a0..0000000
--- a/.github/workflows/semantic-releaser.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-name: Release
-
-on:
-  push:
-    branches:
-      - main
-    paths:
-      - '**.tf'
-      - '!examples/**.tf'
-
-jobs:
-  release:
-    name: Release
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-          persist-credentials: false
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v1
-        with:
-          node-version: 14
-
-      - name: Release
-        env:
-          GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }}
-        run: npx semantic-release
diff --git a/.github/workflows/static-checks.yml b/.github/workflows/static-checks.yml
deleted file mode 100644
index 27cbe32..0000000
--- a/.github/workflows/static-checks.yml
+++ /dev/null
@@ -1,74 +0,0 @@
-name: static-checks
-
-on:
-  pull_request:
-
-jobs:
-  versionExtract:
-    name: Get min/max versions
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-
-      - name: Terraform min/max versions
-        id: minMax
-        uses: clowdhaus/terraform-min-max@main
-    outputs:
-      minVersion: ${{ steps.minMax.outputs.minVersion }}
-      maxVersion: ${{ steps.minMax.outputs.maxVersion }}
-
-  versionEvaluate:
-    name: Evaluate Terraform versions
-    runs-on: ubuntu-latest
-    needs: versionExtract
-    strategy:
-      fail-fast: false
-      matrix:
-        version:
-          - ${{ needs.versionExtract.outputs.minVersion }}
-          - ${{ needs.versionExtract.outputs.maxVersion }}
-        directory:
-          - example/
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-
-      - name: Install Terraform v${{ matrix.version }}
-        uses: hashicorp/setup-terraform@v1
-        with:
-          terraform_version: ${{ matrix.version }}
-
-      - name: Init & validate v${{ matrix.version }}
-        run: |
-          cd ${{ matrix.directory }}
-          terraform init
-          terraform validate
-      - name: tflint
-        uses: reviewdog/action-tflint@master
-        with:
-          tflint_version: v0.29.0
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          working_directory: ${{ matrix.directory }}
-          fail_on_error: 'true'
-          filter_mode: 'nofilter'
-          flags: '--module'
-
-  format:
-    name: Check code format
-    runs-on: ubuntu-latest
-    needs: versionExtract
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-
-      - name: Install Terraform v${{ needs.versionExtract.outputs.maxVersion }}
-        uses: hashicorp/setup-terraform@v1
-        with:
-          terraform_version: ${{ needs.versionExtract.outputs.maxVersion }}
-
-      - name: Check Terraform format changes
-        run: terraform fmt --recursive -check=true
diff --git a/.github/workflows/tf-checks.yml b/.github/workflows/tf-checks.yml
new file mode 100644
index 0000000..2b010aa
--- /dev/null
+++ b/.github/workflows/tf-checks.yml
@@ -0,0 +1,21 @@
+name: tf-checks
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+  workflow_dispatch:
+jobs:
+  point-to-site-with-ad-example:
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.10
+    with:
+      working_directory: './_example/point-to-site-with-ad/'
+
+  point-to-site-with-certificate-example:
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.10
+    with:
+      working_directory: './_example/point-to-site-with-certificate/'
+
+  site-to-site-example:
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.10
+    with:
+      working_directory: './_example/site-to-site/'
diff --git a/.github/workflows/tflint.yml b/.github/workflows/tflint.yml
new file mode 100644
index 0000000..e52fe96
--- /dev/null
+++ b/.github/workflows/tflint.yml
@@ -0,0 +1,11 @@
+name: tf-lint
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+  workflow_dispatch:
+jobs:
+  tf-lint:
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@1.0.10
+    secrets:
+      GITHUB: ${{ secrets.GITHUB }}
diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml
index 9aaf588..cac5e20 100644
--- a/.github/workflows/tfsec.yml
+++ b/.github/workflows/tfsec.yml
@@ -5,7 +5,7 @@ on:
   workflow_dispatch:
 jobs:
   tfsec:
-    uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master
+    uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@1.0.10
     secrets: inherit
     with:
-      working_directory: '.'
\ No newline at end of file
+      working_directory: '.'
diff --git a/README.yaml b/README.yaml
index 4e9ac20..4babaaf 100644
--- a/README.yaml
+++ b/README.yaml
@@ -15,9 +15,12 @@ github_repo: clouddrove/terraform-azure-vpn
 
 # Badges to display
 badges:
-  - name: "Terraform"
-    image: "https://img.shields.io/badge/Terraform-v1.1.7-green"
-    url: "https://www.terraform.io"
+  - name: "Latest Release"
+    image: "https://img.shields.io/github/release/clouddrove/terraform-azure-dns.svg"
+    url: "https://github.com/clouddrove/terraform-azure-dns/releases/latest"
+  - name: "tfsec"
+    image: "https://github.com/clouddrove/terraform-azure-dns/actions/workflows/tfsec.yml/badge.svg"
+    url: "https://github.com/clouddrove/terraform-azure-dns/actions/workflows/tfsec.yml"
   - name: "Licence"
     image: "https://img.shields.io/badge/License-APACHE-blue.svg"
     url: "LICENSE.md"
@@ -43,48 +46,52 @@ usage: |-
     name                        = "app"
     environment                 = "test"
     label_order                 = ["name", "environment"]
-    vpn_ad                      = true
-    resource_group_name         = module.resource_group.resource_group_name
-    virtual_network_name        = module.vnet.vnet_name[0]
-    vpn_client_configuration    = {
+    vpn_ad              = true
+    resource_group_name = module.resource_group.resource_group_name
+    subnet_id           = module.subnet.specific_subnet_id[0]
+    vpn_gw_generation   = "Generation1"
+    sku                 = "VpnGw1"
+    vpn_client_configuration = {
       address_space        = "172.16.200.0/24"
       vpn_client_protocols = ["OpenVPN"]
       vpn_auth_types       = ["AAD"]
-      aad_tenant           = "https://login.microsoftonline.com/bcffb719XXXXXXXXXXXX7ebfb2f7bdd"
+      aad_tenant           = "https://login.microsoftonline.com/xxxxxxxxxxxxxxx"
       aad_audience         = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
-      aad_issuer           = "https://sts.windows.net/bcffb719XXXXXXXXXXXX7ebfb2f7bdd/"
+      aad_issuer           = "https://sts.windows.net/xxxxxxxxxxxxxxxxxxxx/"
     }
     #### enable diagnostic setting
     diagnostic_setting_enable  = false
     log_analytics_workspace_id = ""
-    }
-    ```
+   }
+  ```
   ```hcl
-  #  vpn with certificate
+    # vpn with certificate
     module "vpn" {
-    source                      = "clouddrove/vpn/azure"
-    version                     = "1.0.0"
-    depends_on                  = [module.vnet]
-    name                        = "app"
-    environment                 = "test"
-    label_order                 = ["name", "environment"]
-    vpn_with_certificate        = true
-    resource_group_name         = module.resource_group.resource_group_name
-    virtual_network_name        = module.vnet.vnet_name[0]
+    source               = "clouddrove/vpn/azure"
+    version              = "1.0.0"
+    depends_on           = [module.vnet]
+    name                 = "app"
+    environment          = "test"
+    label_order          = ["name", "environment"]
+    vpn_with_certificate = true
+    resource_group_name  = module.resource_group.resource_group_name
+    subnet_id            = module.subnet.specific_subnet_id[0]
+    vpn_gw_generation    = "Generation1"
+    sku                  = "Basic"
     #### enable diagnostic setting
     diagnostic_setting_enable  = false
     log_analytics_workspace_id = ""
-    vpn_client_configuration_c  = {
+    vpn_client_configuration_c = {
       address_space        = "172.16.201.0/24"
-      vpn_client_protocols = ["OpenVPN", "IkeV2"]
+      vpn_client_protocols = ["SSTP"]
       certificate          = <<EOF
     MIIC5jCCAc6gAwIBAgIIUeUhLYf6UNwwDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE
     AxMGVlBOIENBMB4XDTIyMTExMTE0MzA1NFoXDTI1MTExMDE0MzA1NFowETEPMA0G
-    A1UEAxMGVlBOIENBMIIBIjaNBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bxr
-    s1kwbRztA7mH79EoIlyZsmAhdIXV8ehbzNIakk1ByOqtBpQK1Xvde1z6rjL1hzCn
+    A1UEAxMGVlBOIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bxr
+    s1kwbRztA7mH79EoIlyZsmAhdIXV8ehbzNIank1ByOqtBpQK1Xvde1z6rjL1hzCn
     XD6xjW+xfF+yQ/zMyc6udrK2OvtuFmAsBYL5Bbb+Nf7U6Rp9IWZA6f/HO+XLft6q
     sC0UD1wEK6LSn/1u+fCfT3UCMCjpskAtE3ossZCuhUjJ8jGNUb07Z84dQEQf0s3n
-    13V0kqNfpaxAhlWUVWrvKWlEGigoTqk4NcTNAzUEGR1b4Rt8qNzIwk8DhODfiOwT
+    13V0kqNfpaxAhlWUVWrvKWlEGigoTqk6NcTNAzUEGR1b4Rt8qNzIwk8DhODfiOwT
     ILsB3XWyA/IOv2eL3Eqx/lkykIBSEJALPE7j6igyTMoSPHtQA7NWrgYeWgiWh1AQ
     VJpuY1vAIm3gfMAEoQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
     /wQEAwIBBjAdBgNVHQ4EFgQUiEbr34wufRJ6+1Fh5am89bxRCuswDQYJKoZIhvcN
@@ -96,10 +103,10 @@ usage: |-
     Mb0BNzEPxRFt+L8A72gd/nTcxGrxEcQlqEc=
     EOF
     }
-    }
-    ```
+  }
+  ```
   ```hcl
-  #  site-to-site vpn
+    #site-to-site vpn
     module "vpn" {
     source                      = "clouddrove/vpn/azure"
     version                     = "1.0.0"
@@ -110,7 +117,6 @@ usage: |-
     resource_group_name         = module.resource_group.resource_group_name
     virtual_network_name        = module.vnet.vnet_name[0]
     gateway_type                = "Vpn"
-
     #### enable diagnostic setting
     diagnostic_setting_enable  = false
     log_analytics_workspace_id = ""
@@ -123,7 +129,7 @@ usage: |-
       },
     ]
    }
-   ```
+  ```
 
 
 
diff --git a/example/point-to-site-with-ad/main.tf b/_example/point-to-site-with-ad/example.tf
similarity index 81%
rename from example/point-to-site-with-ad/main.tf
rename to _example/point-to-site-with-ad/example.tf
index e8fb5a3..a6a5343 100644
--- a/example/point-to-site-with-ad/main.tf
+++ b/_example/point-to-site-with-ad/example.tf
@@ -8,7 +8,7 @@ locals {
   environment = "test"
 }
 
-##----------------------------------------------------------------------------- 
+##-----------------------------------------------------------------------------
 ## Resource Group module call
 ## Resource group in which all resources will be deployed.
 ##-----------------------------------------------------------------------------
@@ -21,35 +21,35 @@ module "resource_group" {
   location    = "Canada Central"
 }
 
-##----------------------------------------------------------------------------- 
+##-----------------------------------------------------------------------------
 ## Virtual Network module call.
-## Virtual Network in which vpn subnet(Gateway Subnet) will be created. 
+## Virtual Network in which vpn subnet(Gateway Subnet) will be created.
 ##-----------------------------------------------------------------------------
 module "vnet" {
   source              = "clouddrove/vnet/azure"
-  version             = "1.0.3"
+  version             = "1.0.4"
   name                = local.name
   environment         = local.environment
   resource_group_name = module.resource_group.resource_group_name
   location            = module.resource_group.resource_group_location
-  address_space       = "10.0.0.0/16"
+  address_spaces      = ["10.0.0.0/16"]
 }
 
-##----------------------------------------------------------------------------- 
-## Subnet module call. 
-## Name specific subnet for vpn will be created. 
+##-----------------------------------------------------------------------------
+## Subnet module call.
+## Name specific subnet for vpn will be created.
 ##-----------------------------------------------------------------------------
 module "subnet" {
   source               = "clouddrove/subnet/azure"
-  version              = "1.0.2"
+  version              = "1.1.0"
   name                 = local.name
   environment          = local.environment
   resource_group_name  = module.resource_group.resource_group_name
   location             = module.resource_group.resource_group_location
-  virtual_network_name = join("", module.vnet.vnet_name)
+  virtual_network_name = module.vnet.vnet_name
   #subnet
   specific_name_subnet  = true
-  specific_subnet_names = "GatewaySubnet"
+  specific_subnet_names = ["GatewaySubnet"]
   subnet_prefixes       = ["10.0.1.0/24"]
   # route_table
   enable_route_table = false
@@ -62,9 +62,9 @@ module "subnet" {
   ]
 }
 
-##----------------------------------------------------------------------------- 
-## VPN module call. 
-## Following module will deploy point to site vpn in azure infratsructure.  
+##-----------------------------------------------------------------------------
+## VPN module call.
+## Following module will deploy point to site vpn in azure infratsructure.
 ##-----------------------------------------------------------------------------
 module "vpn" {
   depends_on          = [module.vnet]
@@ -74,13 +74,15 @@ module "vpn" {
   vpn_ad              = true
   resource_group_name = module.resource_group.resource_group_name
   subnet_id           = module.subnet.specific_subnet_id[0]
+  vpn_gw_generation   = "Generation1"
+  sku                 = "VpnGw1"
   vpn_client_configuration = {
     address_space        = "172.16.200.0/24"
     vpn_client_protocols = ["OpenVPN"]
     vpn_auth_types       = ["AAD"]
-    aad_tenant           = "https://login.microsoftonline.com/bcffb719XXXXXXXXXXXX7ebfb2f7bdd"
+    aad_tenant           = "https://login.microsoftonline.com/xxxxxxxxxxx"
     aad_audience         = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
-    aad_issuer           = "https://sts.windows.net/bcffb719XXXXXXXXXXXX7ebfb2f7bdd/"
+    aad_issuer           = "https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxx/"
   }
   #### enable diagnostic setting
   diagnostic_setting_enable  = false
diff --git a/_example/point-to-site-with-ad/output.tf b/_example/point-to-site-with-ad/output.tf
new file mode 100644
index 0000000..3e27632
--- /dev/null
+++ b/_example/point-to-site-with-ad/output.tf
@@ -0,0 +1,9 @@
+output "vpn_gw_id" {
+  value       = join("", module.vpn[*].vpn_gw_id)
+  description = "The ID of the Virtual Network Gateway."
+}
+
+output "vpn_gw_public_ip_fqdn" {
+  description = "Fully qualified domain name of the virtual network gateway"
+  value       = module.vpn.vpn_gateway_public_ip_fqdn
+}
diff --git a/_example/point-to-site-with-ad/versions.tf b/_example/point-to-site-with-ad/versions.tf
new file mode 100644
index 0000000..fb49866
--- /dev/null
+++ b/_example/point-to-site-with-ad/versions.tf
@@ -0,0 +1,13 @@
+# Terraform version
+terraform {
+  required_version = ">= 1.6.6"
+}
+
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">=3.86.0"
+    }
+  }
+}
diff --git a/example/point-to-site-with-certificate/main.tf b/_example/point-to-site-with-certificate/example.tf
similarity index 87%
rename from example/point-to-site-with-certificate/main.tf
rename to _example/point-to-site-with-certificate/example.tf
index 1088500..32f7299 100644
--- a/example/point-to-site-with-certificate/main.tf
+++ b/_example/point-to-site-with-certificate/example.tf
@@ -8,7 +8,7 @@ locals {
   environment = "test"
 }
 
-##----------------------------------------------------------------------------- 
+##-----------------------------------------------------------------------------
 ## Resource Group module call
 ## Resource group in which all resources will be deployed.
 ##-----------------------------------------------------------------------------
@@ -21,35 +21,35 @@ module "resource_group" {
   location    = "Canada Central"
 }
 
-##----------------------------------------------------------------------------- 
+##-----------------------------------------------------------------------------
 ## Virtual Network module call.
-## Virtual Network in which vpn subnet(Gateway Subnet) will be created. 
+## Virtual Network in which vpn subnet(Gateway Subnet) will be created.
 ##-----------------------------------------------------------------------------
 module "vnet" {
   source              = "clouddrove/vnet/azure"
-  version             = "1.0.3"
+  version             = "1.0.4"
   name                = local.name
   environment         = local.environment
   resource_group_name = module.resource_group.resource_group_name
   location            = module.resource_group.resource_group_location
-  address_space       = "10.0.0.0/16"
+  address_spaces      = ["10.0.0.0/16"]
 }
 
-##----------------------------------------------------------------------------- 
-## Subnet module call. 
-## Name specific subnet for vpn will be created. 
+##-----------------------------------------------------------------------------
+## Subnet module call.
+## Name specific subnet for vpn will be created.
 ##-----------------------------------------------------------------------------
 module "subnet" {
   source               = "clouddrove/subnet/azure"
-  version              = "1.0.2"
+  version              = "1.1.0"
   name                 = local.name
   environment          = local.environment
   resource_group_name  = module.resource_group.resource_group_name
   location             = module.resource_group.resource_group_location
-  virtual_network_name = join("", module.vnet.vnet_name)
+  virtual_network_name = module.vnet.vnet_name
   #subnet
   specific_name_subnet  = true
-  specific_subnet_names = "GatewaySubnet"
+  specific_subnet_names = ["GatewaySubnet"]
   subnet_prefixes       = ["10.0.1.0/24"]
   # route_table
   enable_route_table = false
@@ -62,9 +62,9 @@ module "subnet" {
   ]
 }
 
-##----------------------------------------------------------------------------- 
-## VPN module call. 
-## Following module will deploy point to site vpn with ssl certificate in azure infratsructure.  
+##-----------------------------------------------------------------------------
+## VPN module call.
+## Following module will deploy point to site vpn with ssl certificate in azure infratsructure.
 ##-----------------------------------------------------------------------------
 module "vpn" {
   source               = "../../"
@@ -74,12 +74,14 @@ module "vpn" {
   vpn_with_certificate = true
   resource_group_name  = module.resource_group.resource_group_name
   subnet_id            = module.subnet.specific_subnet_id[0]
+  vpn_gw_generation    = "Generation1"
+  sku                  = "Basic"
   #### enable diagnostic setting
   diagnostic_setting_enable  = false
   log_analytics_workspace_id = ""
   vpn_client_configuration_c = {
     address_space        = "172.16.201.0/24"
-    vpn_client_protocols = ["OpenVPN", "IkeV2"]
+    vpn_client_protocols = ["SSTP"]
     certificate          = <<EOF
 MIIC5jCCAc6gAwIBAgIIUeUhLYf6UNwwDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE
 AxMGVlBOIENBMB4XDTIyMTExMTE0MzA1NFoXDTI1MTExMDE0MzA1NFowETEPMA0G
diff --git a/example/point-to-site-with-ad/output.tf b/_example/point-to-site-with-certificate/output.tf
similarity index 56%
rename from example/point-to-site-with-ad/output.tf
rename to _example/point-to-site-with-certificate/output.tf
index f5cb2bd..5377b0e 100644
--- a/example/point-to-site-with-ad/output.tf
+++ b/_example/point-to-site-with-certificate/output.tf
@@ -1,5 +1,5 @@
 output "vpn_gw_id" {
-  value       = join("", module.vpn.*.vpn_gw_id)
+  value       = join("", module.vpn[*].vpn_gw_id_certificate)
   description = "The ID of the Virtual Network Gateway."
 }
 
diff --git a/_example/point-to-site-with-certificate/versions.tf b/_example/point-to-site-with-certificate/versions.tf
new file mode 100644
index 0000000..fb49866
--- /dev/null
+++ b/_example/point-to-site-with-certificate/versions.tf
@@ -0,0 +1,13 @@
+# Terraform version
+terraform {
+  required_version = ">= 1.6.6"
+}
+
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">=3.86.0"
+    }
+  }
+}
diff --git a/example/site-to-site/main.tf b/_example/site-to-site/example.tf
similarity index 86%
rename from example/site-to-site/main.tf
rename to _example/site-to-site/example.tf
index 1e3bf5c..71bbbef 100644
--- a/example/site-to-site/main.tf
+++ b/_example/site-to-site/example.tf
@@ -8,7 +8,7 @@ locals {
   environment = "test"
 }
 
-##----------------------------------------------------------------------------- 
+##-----------------------------------------------------------------------------
 ## Resource Group module call
 ## Resource group in which all resources will be deployed.
 ##-----------------------------------------------------------------------------
@@ -21,35 +21,35 @@ module "resource_group" {
   location    = "Canada Central"
 }
 
-##----------------------------------------------------------------------------- 
+##-----------------------------------------------------------------------------
 ## Virtual Network module call.
-## Virtual Network in which vpn subnet(Gateway Subnet) will be created. 
+## Virtual Network in which vpn subnet(Gateway Subnet) will be created.
 ##-----------------------------------------------------------------------------
 module "vnet" {
   source              = "clouddrove/vnet/azure"
-  version             = "1.0.3"
+  version             = "1.0.4"
   name                = local.name
   environment         = local.environment
   resource_group_name = module.resource_group.resource_group_name
   location            = module.resource_group.resource_group_location
-  address_space       = "10.0.0.0/16"
+  address_spaces      = ["10.0.0.0/16"]
 }
 
-##----------------------------------------------------------------------------- 
-## Subnet module call. 
-## Name specific subnet for vpn will be created. 
+##-----------------------------------------------------------------------------
+## Subnet module call.
+## Name specific subnet for vpn will be created.
 ##-----------------------------------------------------------------------------
 module "subnet" {
   source               = "clouddrove/subnet/azure"
-  version              = "1.0.2"
+  version              = "1.1.0"
   name                 = local.name
   environment          = local.environment
   resource_group_name  = module.resource_group.resource_group_name
   location             = module.resource_group.resource_group_location
-  virtual_network_name = join("", module.vnet.vnet_name)
+  virtual_network_name = module.vnet.vnet_name
   #subnet
   specific_name_subnet  = true
-  specific_subnet_names = "GatewaySubnet"
+  specific_subnet_names = ["GatewaySubnet"]
   subnet_prefixes       = ["10.0.1.0/24"]
   # route_table
   enable_route_table = false
@@ -62,9 +62,9 @@ module "subnet" {
   ]
 }
 
-##----------------------------------------------------------------------------- 
-## VPN module call. 
-## Following module will deploy site to site vpn with ssl certificate in azure infratsructure.  
+##-----------------------------------------------------------------------------
+## VPN module call.
+## Following module will deploy site to site vpn with ssl certificate in azure infratsructure.
 ##-----------------------------------------------------------------------------
 module "vpn" {
   depends_on          = [module.vnet]
diff --git a/example/site-to-site/output.tf b/_example/site-to-site/output.tf
similarity index 60%
rename from example/site-to-site/output.tf
rename to _example/site-to-site/output.tf
index 9096924..5181c36 100644
--- a/example/site-to-site/output.tf
+++ b/_example/site-to-site/output.tf
@@ -1,13 +1,14 @@
 output "vpn_gw_id" {
-  value       = join("", module.vpn.*.vpn_gw_id)
+  value       = join("", module.vpn[*].vpn_gw_id)
   description = "The ID of the Virtual Network Gateway."
 }
+
 output "local_network_gw_id" {
-  value       = join("", module.vpn.*.local_network_gw_id)
+  value       = join("", module.vpn[*].local_network_gw_id)
   description = "The ID of the Local Network Gateway."
 }
 
 output "local_network_gw_connection_id" {
-  value       = join("", module.vpn.*.local_network_gw_connection_id)
+  value       = join("", module.vpn[*].local_network_gw_connection_id)
   description = "The ID of the Virtual Network Gateway Connection."
 }
diff --git a/_example/site-to-site/versions.tf b/_example/site-to-site/versions.tf
new file mode 100644
index 0000000..fb49866
--- /dev/null
+++ b/_example/site-to-site/versions.tf
@@ -0,0 +1,13 @@
+# Terraform version
+terraform {
+  required_version = ">= 1.6.6"
+}
+
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">=3.86.0"
+    }
+  }
+}
diff --git a/_test/vpn_gateway_test.go b/_test/vpn_gateway_test.go
deleted file mode 100644
index a635eab..0000000
--- a/_test/vpn_gateway_test.go
+++ /dev/null
@@ -1,33 +0,0 @@
-// Managed By : CloudDrove
-// Description : This Terratest is used to test the Terraform VPC module.
-// Copyright @ CloudDrove. All Right Reserved.
-package test
-
-import (
-	"testing"
-	"github.com/gruntwork-io/terratest/modules/terraform"
-	"github.com/stretchr/testify/assert"
-)
-
-func Test(t *testing.T) {
-	t.Parallel()
-
-	terraformOptions := &terraform.Options{
-		// Source path of Terraform directory.
-		TerraformDir: "../_example",
-	}
-
-	// This will run 'terraform init' and 'terraform application' and will fail the test if any errors occur
-	terraform.InitAndApply(t, terraformOptions)
-
-	// To clean up any resources that have been created, run 'terraform destroy' towards the end of the test
-	defer terraform.Destroy(t, terraformOptions)
-
-	// To get the value of an output variable, run 'terraform output'
-	Id := terraform.Output(t, terraformOptions, "vpn_gateway_id")
-	Tags := terraform.OutputMap(t, terraformOptions, "tags")
-
-	// Check that we get back the outputs that we expect
-	assert.Equal(t, "test-clouddrove-vpn-gateway", Tags["Name"])
-	assert.Contains(t, Id, "/subscriptions")
-}
diff --git a/example/point-to-site-with-certificate/output.tf b/example/point-to-site-with-certificate/output.tf
deleted file mode 100644
index 529228c..0000000
--- a/example/point-to-site-with-certificate/output.tf
+++ /dev/null
@@ -1,5 +0,0 @@
-output "vpn_gw_id" {
-  value       = join("", module.vpn.*.vpn_gw_id_certificate)
-  description = "The ID of the Virtual Network Gateway."
-}
-
diff --git a/main.tf b/main.tf
index 1bd13fb..f148a57 100644
--- a/main.tf
+++ b/main.tf
@@ -12,7 +12,7 @@ module "labels" {
 }
 
 ##-----------------------------------------------------------------------------
-## data block called for resource group. 
+## data block called for resource group.
 ##-----------------------------------------------------------------------------
 data "azurerm_resource_group" "rg" {
   name = var.resource_group_name
@@ -20,7 +20,7 @@ data "azurerm_resource_group" "rg" {
 
 ##-----------------------------------------------------------------------------
 ## Random string called
-## Will be used further in public ip resource in domain name label. 
+## Will be used further in public ip resource in domain name label.
 ##-----------------------------------------------------------------------------
 resource "random_string" "str" {
   count   = var.enable ? 1 : 0
@@ -47,24 +47,28 @@ resource "azurerm_public_ip" "pip_gw" {
   tags                 = module.labels.tags
 }
 
-
 ##-----------------------------------------------------------------------------
 ## Virtual Network Gateway
 ##-----------------------------------------------------------------------------
 resource "azurerm_virtual_network_gateway" "vpngw" {
-  count               = var.enable && (var.vpn_ad || var.sts_vpn) ? 1 : 0
-  name                = format("%s-vpn-gateway", module.labels.id, )
-  resource_group_name = data.azurerm_resource_group.rg.name
-  location            = data.azurerm_resource_group.rg.location
-  type                = var.gateway_type
-  vpn_type            = var.vpn_type
-  sku                 = var.sku
-  active_active       = var.vpn_gw_sku != "Basic" ? var.enable_active_active : false
-  enable_bgp          = var.vpn_gw_sku != "Basic" ? var.enable_bgp : false
-  generation          = var.vpn_gw_generation
-
-
-
+  count                                 = var.enable && (var.vpn_ad || var.sts_vpn) ? 1 : 0
+  name                                  = format("%s-vpn-gateway", module.labels.id, )
+  resource_group_name                   = data.azurerm_resource_group.rg.name
+  location                              = data.azurerm_resource_group.rg.location
+  type                                  = var.gateway_type
+  vpn_type                              = var.vpn_type
+  sku                                   = var.sku
+  active_active                         = var.vpn_gw_sku != "Basic" ? var.enable_active_active : false
+  enable_bgp                            = var.vpn_gw_sku != "Basic" ? var.enable_bgp : false
+  generation                            = var.vpn_gw_generation
+  default_local_network_gateway_id      = var.default_local_network_gateway_id
+  edge_zone                             = var.edge_zone
+  private_ip_address_enabled            = var.private_ip_address_enabled
+  bgp_route_translation_for_nat_enabled = var.bgp_route_translation_for_nat_enabled
+  dns_forwarding_enabled                = var.dns_forwarding_enabled
+  ip_sec_replay_protection_enabled      = var.ip_sec_replay_protection_enabled
+  remote_vnet_traffic_enabled           = var.remote_vnet_traffic_enabled
+  virtual_wan_traffic_enabled           = var.virtual_wan_traffic_enabled
   ip_configuration {
     name                          = "vnetGatewayConfig"
     public_ip_address_id          = azurerm_public_ip.pip_gw[0].id
@@ -76,7 +80,7 @@ resource "azurerm_virtual_network_gateway" "vpngw" {
     for_each = var.enable_active_active ? [true] : []
     content {
       name                          = "vnetGatewayAAConfig"
-      public_ip_address_id          = azurerm_public_ip.pip_gw.id
+      public_ip_address_id          = azurerm_public_ip.pip_gw[0].id
       private_ip_address_allocation = "Dynamic"
       subnet_id                     = var.subnet_id
     }
@@ -97,24 +101,29 @@ resource "azurerm_virtual_network_gateway" "vpngw" {
   tags = module.labels.tags
 }
 
-
 ##-----------------------------------------------------------------------------
 ## Virtual Network Gateway
-## Following resource will deploy virtual network gateway with certificate. 
+## Following resource will deploy virtual network gateway with certificate.
 ##-----------------------------------------------------------------------------
 resource "azurerm_virtual_network_gateway" "vpngw2" {
-  count               = var.enable && var.vpn_with_certificate ? 1 : 0
-  name                = format("%s-vpn-gateway", module.labels.id, )
-  resource_group_name = data.azurerm_resource_group.rg.name
-  location            = data.azurerm_resource_group.rg.location
-  type                = var.gateway_type
-  vpn_type            = var.vpn_type
-  sku                 = var.sku
-  active_active       = var.vpn_gw_sku != "Basic" ? var.enable_active_active : false
-  enable_bgp          = var.vpn_gw_sku != "Basic" ? var.enable_bgp : false
-  generation          = var.vpn_gw_generation
-
-
+  count                                 = var.enable && var.vpn_with_certificate ? 1 : 0
+  name                                  = format("%s-vpn-gateway", module.labels.id, )
+  resource_group_name                   = data.azurerm_resource_group.rg.name
+  location                              = data.azurerm_resource_group.rg.location
+  type                                  = var.gateway_type
+  vpn_type                              = var.vpn_type
+  sku                                   = var.sku
+  active_active                         = var.vpn_gw_sku != "Basic" ? var.enable_active_active : false
+  enable_bgp                            = var.vpn_gw_sku != "Basic" ? var.enable_bgp : false
+  generation                            = var.vpn_gw_generation
+  default_local_network_gateway_id      = var.default_local_network_gateway_id
+  edge_zone                             = var.edge_zone
+  private_ip_address_enabled            = var.private_ip_address_enabled
+  bgp_route_translation_for_nat_enabled = var.bgp_route_translation_for_nat_enabled
+  dns_forwarding_enabled                = var.dns_forwarding_enabled
+  ip_sec_replay_protection_enabled      = var.ip_sec_replay_protection_enabled
+  remote_vnet_traffic_enabled           = var.remote_vnet_traffic_enabled
+  virtual_wan_traffic_enabled           = var.virtual_wan_traffic_enabled
 
   ip_configuration {
     name                          = "vnetGatewayConfig"
@@ -147,6 +156,7 @@ resource "azurerm_virtual_network_gateway" "vpngw2" {
   }
   tags = module.labels.tags
 }
+
 ##-----------------------------------------------------------------------------
 ## Local Network Gateway
 ##-----------------------------------------------------------------------------
@@ -157,6 +167,7 @@ resource "azurerm_local_network_gateway" "localgw" {
   location            = data.azurerm_resource_group.rg.location
   gateway_address     = var.local_networks[count.index].local_gateway_address
   address_space       = var.local_networks[count.index].local_address_space
+  gateway_fqdn        = var.gateway_fqdn
 
   dynamic "bgp_settings" {
     for_each = var.local_bgp_settings != null ? [true] : []
@@ -178,12 +189,17 @@ resource "azurerm_virtual_network_gateway_connection" "az-hub-onprem" {
   resource_group_name             = data.azurerm_resource_group.rg.name
   location                        = data.azurerm_resource_group.rg.location
   type                            = var.gateway_connection_type
-  virtual_network_gateway_id      = var.sts_vpn == true ? join("", azurerm_virtual_network_gateway.vpngw.*.id) : join("", azurerm_virtual_network_gateway.vpngw2.*.id)
+  virtual_network_gateway_id      = var.sts_vpn == true ? join("", azurerm_virtual_network_gateway.vpngw[*].id) : join("", azurerm_virtual_network_gateway.vpngw2[*].id)
   local_network_gateway_id        = var.gateway_connection_type != "ExpressRoute" ? azurerm_local_network_gateway.localgw[count.index].id : null
   express_route_circuit_id        = var.gateway_connection_type == "ExpressRoute" ? var.express_route_circuit_id : null
   peer_virtual_network_gateway_id = var.gateway_connection_type == "Vnet2Vnet" ? var.peer_virtual_network_gateway_id : null
   shared_key                      = var.gateway_connection_type != "ExpressRoute" ? var.local_networks[count.index].shared_key : null
-  connection_protocol             = var.gateway_connection_type == "IPSec" && var.vpn_gw_sku == ["VpnGw1", "VpnGw2", "VpnGw3", "VpnGw1AZ", "VpnGw2AZ", "VpnGw3AZ"] ? var.gateway_connection_protocol : null
+  connection_protocol             = var.gateway_connection_type == "IPSec" && var.vpn_gw_sku == ["Basic", "VpnGw1", "VpnGw2", "VpnGw3", "VpnGw1AZ", "VpnGw2AZ", "VpnGw3AZ"] ? var.gateway_connection_protocol : null
+  authorization_key               = var.authorization_key
+  dpd_timeout_seconds             = var.dpd_timeout_seconds
+  local_azure_ip_address_enabled  = var.local_azure_ip_address_enabled
+  routing_weight                  = var.routing_weight
+  connection_mode                 = var.connection_mode
 
   dynamic "ipsec_policy" {
     for_each = var.local_networks_ipsec_policy != null ? [true] : []
@@ -202,12 +218,12 @@ resource "azurerm_virtual_network_gateway_connection" "az-hub-onprem" {
 }
 
 ##-----------------------------------------------------------------------------
-## Following resource will deploy diagnostic setting for virtual network gateway. 
+## Following resource will deploy diagnostic setting for virtual network gateway.
 ##-----------------------------------------------------------------------------
 resource "azurerm_monitor_diagnostic_setting" "main" {
   count                          = var.enable && var.diagnostic_setting_enable ? 1 : 0
   name                           = format("%s-vpn-gateway-diagnostic-log", module.labels.id)
-  target_resource_id             = var.vpn_ad || var.sts_vpn ? join("", azurerm_virtual_network_gateway.vpngw.*.id) : join("", azurerm_virtual_network_gateway.vpngw2.*.id)
+  target_resource_id             = var.vpn_ad || var.sts_vpn ? join("", azurerm_virtual_network_gateway.vpngw[*].id) : join("", azurerm_virtual_network_gateway.vpngw2[*].id)
   storage_account_id             = var.storage_account_id
   eventhub_name                  = var.eventhub_name
   eventhub_authorization_rule_id = var.eventhub_authorization_rule_id
@@ -246,12 +262,12 @@ resource "azurerm_monitor_diagnostic_setting" "main" {
 }
 
 ##-----------------------------------------------------------------------------
-## Following resource will deploy diagnostic setting for public ip. 
+## Following resource will deploy diagnostic setting for public ip.
 ##-----------------------------------------------------------------------------
 resource "azurerm_monitor_diagnostic_setting" "pip_gw" {
   count                          = var.enable && var.diagnostic_setting_enable ? 1 : 0
   name                           = format("%s-gw-pip-diagnostic-log", module.labels.id)
-  target_resource_id             = join("", azurerm_public_ip.pip_gw.*.id)
+  target_resource_id             = join("", azurerm_public_ip.pip_gw[*].id)
   storage_account_id             = var.storage_account_id
   eventhub_name                  = var.eventhub_name
   eventhub_authorization_rule_id = var.eventhub_authorization_rule_id
@@ -265,6 +281,7 @@ resource "azurerm_monitor_diagnostic_setting" "pip_gw" {
       days    = var.days
     }
   }
+
   log {
     category       = var.category
     category_group = "AllLogs"
diff --git a/output.tf b/output.tf
index da7c030..a063e82 100644
--- a/output.tf
+++ b/output.tf
@@ -1,18 +1,29 @@
 output "vpn_gw_id" {
-  value       = join("", azurerm_virtual_network_gateway.vpngw.*.id)
+  value       = join("", azurerm_virtual_network_gateway.vpngw[*].id)
   description = "The ID of the Virtual Network Gateway."
 }
 
 output "vpn_gw_id_certificate" {
-  value       = join("", azurerm_virtual_network_gateway.vpngw2.*.id)
+  value       = join("", azurerm_virtual_network_gateway.vpngw2[*].id)
   description = "The ID of the Virtual Network Gateway."
 }
 
 output "local_network_gw_id" {
-  value       = join("", azurerm_local_network_gateway.localgw.*.id)
+  value       = join("", azurerm_local_network_gateway.localgw[*].id)
   description = "The ID of the Local Network Gateway."
 }
+
 output "local_network_gw_connection_id" {
-  value       = join("", azurerm_virtual_network_gateway_connection.az-hub-onprem.*.id)
+  value       = join("", azurerm_virtual_network_gateway_connection.az-hub-onprem[*].id)
   description = "The ID of the Virtual Network Gateway Connection."
 }
+
+output "vpn_gateway_public_ip" {
+  description = "The public IP of the virtual network gateway"
+  value       = flatten(concat([azurerm_public_ip.pip_gw[0].ip_address], [var.enable_active_active != null ? azurerm_public_ip.pip_gw[0].ip_address : null]))
+}
+
+output "vpn_gateway_public_ip_fqdn" {
+  description = "Fully qualified domain name of the virtual network gateway"
+  value       = flatten(concat([azurerm_public_ip.pip_gw[0].fqdn], [var.enable_active_active != null ? azurerm_public_ip.pip_gw[0].fqdn : null]))
+}
diff --git a/variables.tf b/variables.tf
index 6404e27..2925d51 100644
--- a/variables.tf
+++ b/variables.tf
@@ -1,20 +1,25 @@
-variable "resource_group_name" {
+variable "environment" {
   type        = string
   default     = ""
-  description = "A container that holds related resources for an Azure solution"
+  description = "Environment (e.g. `prod`, `dev`, `staging`)."
 }
 
-variable "location" {
+variable "repository" {
   type        = string
   default     = ""
-  description = "The location/region to keep all your network resources. To get the list of all locations with table format from azure cli, run 'az account list-locations -o table'"
+  description = "Terraform current module repo"
+}
 
+variable "label_order" {
+  type        = list(string)
+  default     = ["name", "environment"]
+  description = "Label order, e.g. sequence of application name and environment `name`,`environment`,'attribute' [`webserver`,`qa`,`devops`,`public`,] ."
 }
 
-variable "subnet_id" {
+variable "managedby" {
   type        = string
   default     = ""
-  description = "The ID of the Subnet where this Network Interface should be located in."
+  description = "ManagedBy, eg ''."
 }
 
 variable "name" {
@@ -23,64 +28,58 @@ variable "name" {
   description = "Name  (e.g. `app` or `cluster`)."
 }
 
-variable "vpn_gateway_name" {
+variable "resource_group_name" {
   type        = string
   default     = ""
-  description = "The name of the Virtual Network Gateway"
+  description = "A container that holds related resources for an Azure solution"
+}
 
+variable "subnet_id" {
+  type        = string
+  default     = ""
+  description = "The ID of the Subnet where this Network Interface should be located in."
 }
 
 variable "public_ip_allocation_method" {
   type        = string
   default     = "Dynamic"
   description = "Defines the allocation method for this IP address. Possible values are Static or Dynamic. Defaults to Dynamic"
-
 }
 
 variable "public_ip_sku" {
-  description = "The SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic"
+  type        = string
   default     = "Basic"
+  description = "The SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic"
 }
 
 variable "gateway_type" {
   type        = string
   default     = "Vpn"
   description = "The type of the Virtual Network Gateway. Valid options are Vpn or ExpressRoute"
-
 }
 
 variable "vpn_type" {
   type        = string
   default     = "RouteBased"
   description = "The routing type of the Virtual Network Gateway. Valid options are RouteBased or PolicyBased. Defaults to RouteBased"
-
 }
 
 variable "vpn_gw_sku" {
   type        = string
-  default     = "VpnGw3"
+  default     = "Basic"
   description = "Configuration of the size and capacity of the virtual network gateway. Valid options are Basic, VpnGw3, VpnGw2, VpnGw3, VpnGw4,VpnGw5, VpnGw3AZ, VpnGw3, VpnGw3AZ,VpnGw4AZ and VpnGw5AZ and depend on the type, vpn_type and generation arguments"
 }
 
-variable "expressroute_sku" {
-  type        = string
-  default     = "Standard"
-  description = "Configuration of the size and capacity of the virtual network gateway for ExpressRoute type. Valid options are Standard, HighPerformance, UltraPerformance, ErGw1AZ, ErGw2AZ, ErGw3AZ and depend on the type, vpn_type and generation arguments"
-
-}
-
 variable "vpn_gw_generation" {
   type        = string
-  default     = "Generation2"
+  default     = "Generation1"
   description = "The Generation of the Virtual Network gateway. Possible values include Generation1, Generation2 or None"
-
 }
 
 variable "enable_active_active" {
   type        = bool
   default     = false
   description = "If true, an active-active Virtual Network Gateway will be created. An active-active gateway requires a HighPerformance or an UltraPerformance sku. If false, an active-standby gateway will be created. Defaults to false."
-
 }
 
 variable "enable_bgp" {
@@ -89,26 +88,6 @@ variable "enable_bgp" {
   description = "If true, BGP (Border Gateway Protocol) will be enabled for this Virtual Network Gateway. Defaults to false"
 }
 
-variable "bgp_asn_number" {
-  type        = string
-  default     = "65515"
-  description = "The Autonomous System Number (ASN) to use as part of the BGP"
-
-}
-
-variable "bgp_peering_address" {
-  type        = string
-  default     = ""
-  description = "The BGP peer IP address of the virtual network gateway. This address is needed to configure the created gateway as a BGP Peer on the on-premises VPN devices. The IP address must be part of the subnet of the Virtual Network Gateway."
-
-}
-
-variable "bgp_peer_weight" {
-  type        = string
-  default     = ""
-  description = "The weight added to routes which have been learned through BGP peering. Valid values can be between 0 and 100"
-}
-
 variable "vpn_client_configuration" {
   type        = object({ address_space = string, vpn_client_protocols = list(string), aad_tenant = string, aad_audience = string, aad_issuer = string, vpn_auth_types = list(string) })
   default     = null
@@ -134,75 +113,41 @@ variable "local_bgp_settings" {
 }
 
 variable "gateway_connection_type" {
-  description = "The type of connection. Valid options are IPsec (Site-to-Site), ExpressRoute (ExpressRoute), and Vnet2Vnet (VNet-to-VNet)"
+  type        = string
   default     = "IPsec"
+  description = "The type of connection. Valid options are IPsec (Site-to-Site), ExpressRoute (ExpressRoute), and Vnet2Vnet (VNet-to-VNet)"
 }
 
 variable "express_route_circuit_id" {
-  description = "The ID of the Express Route Circuit when creating an ExpressRoute connection"
+  type        = string
   default     = null
+  description = "The ID of the Express Route Circuit when creating an ExpressRoute connection"
 }
 
 variable "peer_virtual_network_gateway_id" {
-  description = "The ID of the peer virtual network gateway when creating a VNet-to-VNet connection"
+  type        = string
   default     = null
+  description = "The ID of the peer virtual network gateway when creating a VNet-to-VNet connection"
 }
 
 variable "gateway_connection_protocol" {
-  description = "The IKE protocol version to use. Possible values are IKEv1 and IKEv2. Defaults to IKEv2"
-  default     = "IKEv2"
   type        = string
+  default     = "IKEv2"
+  description = "The IKE protocol version to use. Possible values are IKEv1 and IKEv2. Defaults to IKEv2"
 }
 
 variable "local_networks_ipsec_policy" {
-  description = "IPSec policy for local networks. Only a single policy can be defined for a connection."
+  type        = string
   default     = null
-}
-
-variable "tags" {
-  description = "A map of tags to add to all resources"
-  type        = map(string)
-  default     = {}
+  description = "IPSec policy for local networks. Only a single policy can be defined for a connection."
 }
 
 variable "sku" {
   type        = string
-  default     = "VpnGw3"
+  default     = "VpnGw1"
   description = "Configuration of the size and capacity of the virtual network gateway"
 }
 
-#Module      : LABEL
-#Description : Terraform label module variables.
-variable "app_name" {
-  type        = string
-  default     = ""
-  description = "Name  (e.g. `app` or `cluster`)."
-}
-
-variable "environment" {
-  type        = string
-  default     = ""
-  description = "Environment (e.g. `prod`, `dev`, `staging`)."
-}
-
-variable "repository" {
-  type        = string
-  default     = ""
-  description = "Terraform current module repo"
-}
-
-variable "label_order" {
-  type        = list(any)
-  default     = ["name", "environment"]
-  description = "Label order, e.g. sequence of application name and environment `name`,`environment`,'attribute' [`webserver`,`qa`,`devops`,`public`,] ."
-}
-
-variable "managedby" {
-  type        = string
-  default     = ""
-  description = "ManagedBy, eg ''."
-}
-
 variable "vpn_ad" {
   type        = bool
   default     = false
@@ -214,6 +159,7 @@ variable "vpn_with_certificate" {
   default     = false
   description = "Set to false to prevent the module from creating any resources."
 }
+
 variable "sts_vpn" {
   type        = bool
   default     = false
@@ -226,25 +172,31 @@ variable "log_analytics_destination_type" {
   default     = "AzureDiagnostics"
   description = "Possible values are AzureDiagnostics and Dedicated, default to AzureDiagnostics. When set to Dedicated, logs sent to a Log Analytics workspace will go into resource specific tables, instead of the legacy AzureDiagnostics table."
 }
+
 variable "retention_policy_enabled" {
   type        = bool
   default     = false
   description = "Is this Retention Policy enabled?"
 }
+
 variable "days" {
   type        = number
   default     = "90"
   description = " The number of days for which this Retention Policy should apply."
 }
+
 variable "Metric_enable" {
   type        = bool
   default     = true
   description = "Is this Diagnostic Metric enabled? Defaults to true."
 }
+
 variable "diagnostic_setting_enable" {
-  type    = bool
-  default = false
+  type        = bool
+  default     = false
+  description = "Is this Diagnostic setting enabled? Defaults to false."
 }
+
 variable "log_analytics_workspace_id" {
   type    = string
   default = null
@@ -255,21 +207,25 @@ variable "category" {
   default     = null
   description = " The name of a Diagnostic Log Category Group for this Resource."
 }
+
 variable "log_enabled" {
   type        = string
   default     = true
   description = " Is this Diagnostic Log enabled? Defaults to true."
 }
+
 variable "storage_account_id" {
   type        = string
   default     = null
   description = "The ID of the Storage Account where logs should be sent."
 }
+
 variable "eventhub_name" {
   type        = string
   default     = null
   description = "Specifies the name of the Event Hub where Diagnostics Data should be sent."
 }
+
 variable "eventhub_authorization_rule_id" {
   type        = string
   default     = null
@@ -281,3 +237,87 @@ variable "enable" {
   default     = true
   description = "Flag to control module creation."
 }
+
+variable "default_local_network_gateway_id" {
+  type        = string
+  default     = null
+  description = "The ID of the local network gateway through which outbound Internet traffic from the virtual network in which the gateway is created will be routed (forced tunnelling). Refer to the Azure documentation on forced tunnelling. If not specified, forced tunnelling is disabled"
+}
+
+variable "edge_zone" {
+  type        = string
+  default     = null
+  description = "Specifies the Edge Zone within the Azure Region where this Virtual Network Gateway should exist. Changing this forces a new Virtual Network Gateway to be created."
+}
+
+variable "private_ip_address_enabled" {
+  type        = bool
+  default     = false
+  description = "Should private IP be enabled on this gateway for connections? Changing this forces a new resource to be created."
+}
+
+variable "bgp_route_translation_for_nat_enabled" {
+  type        = bool
+  default     = false
+  description = "Is BGP Route Translation for NAT enabled? Defaults to false."
+}
+
+variable "dns_forwarding_enabled" {
+  type        = bool
+  default     = false
+  description = "Is DNS forwarding enabled?"
+}
+
+variable "ip_sec_replay_protection_enabled" {
+  type        = bool
+  default     = true
+  description = "Is IP Sec Replay Protection enabled? Defaults to true."
+}
+
+variable "remote_vnet_traffic_enabled" {
+  type        = bool
+  default     = false
+  description = " Is remote vnet traffic that is used to configure this gateway to accept traffic from other Azure Virtual Networks enabled? Defaults to false."
+}
+
+variable "virtual_wan_traffic_enabled" {
+  type        = bool
+  default     = false
+  description = "Is remote vnet traffic that is used to configure this gateway to accept traffic from remote Virtual WAN networks enabled? Defaults to false."
+}
+
+variable "gateway_fqdn" {
+  type        = string
+  default     = null
+  description = "The gateway FQDN to connect with."
+}
+
+variable "authorization_key" {
+  type        = string
+  default     = null
+  description = "The authorization key associated with the Express Route Circuit. This field is required only if the type is an ExpressRoute connection."
+}
+
+variable "dpd_timeout_seconds" {
+  type        = number
+  default     = null
+  description = "The dead peer detection timeout of this connection in seconds. Changing this forces a new resource to be created."
+}
+
+variable "local_azure_ip_address_enabled" {
+  type        = string
+  default     = null
+  description = "Use private local Azure IP for the connection. Changing this forces a new resource to be created."
+}
+
+variable "routing_weight" {
+  type        = number
+  default     = 10
+  description = "The routing weight. Defaults to 10."
+}
+
+variable "connection_mode" {
+  type        = string
+  default     = "Default"
+  description = "Connection mode to use. Possible values are Default, InitiatorOnly and ResponderOnly. Defaults to Default. Changing this value will force a resource to be created."
+}
diff --git a/versions.tf b/versions.tf
index bd2c2d8..e660bf8 100644
--- a/versions.tf
+++ b/versions.tf
@@ -1,13 +1,17 @@
 # Terraform version
 terraform {
-  required_version = ">= 1.0.0"
+  required_version = ">= 1.6.6"
 }
 
 terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">=3.0.0"
+      version = ">=3.86.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "3.1.0"
     }
   }
 }