avm-res-network-connection
Azure/avm-res-network-connection/azurerm
Terraform Azure Verified Resource Module for Virtual Network Gateway Connection
terraform-azurerm-avm-res-network-connection This the AVM module that creates a Virtual Network Gateway Connection. > [!IMPORTANT] > As the overall AVM framework is not GA (generally available) yet - the CI framework and test automation is not fully functional and implemented across all supported languages yet - breaking changes are expected, and additional customer feedback is yet to be gathered and incorporated. Hence, modules MUST NOT be published at version 1.0.0 or higher at this time. > > All module MUST be published as a pre-release version (e.g., 0.1.0, 0.1.1, 0.2.0, etc.) until the AVM framework becomes GA. > > However, it is important to note that this DOES NOT mean that the modules cannot be consumed and utilized. They CAN be leveraged in all types of environments (dev, test, pr
| Name | Type | Description | Default |
|---|---|---|---|
| type | string | The type of connection. Must be one of 'Vnet2Vnet', 'ExpressRoute', or 'IPsec'. | |
| location | string | Azure region where the resource should be deployed. | |
| virtual_network_gateway_resource_id | string | The ID of the Azure Virtual Network Gateway to connect to. | |
| resource_group_name | string | The resource group where the resources will be deployed. | |
| name | string | Connection name | |
| egress_nat_rule_resource_ids | list(string) | A list of the egress NAT Rule Ids. | null |
| express_route_circuit_resource_id | string | The ID of the Express Route Circuit when creating an ExpressRoute connection (i. | null |
| routing_weight | number | The routing weight. Defaults to 10 | null |
| tags | map(string) | (Optional) Tags of the resource. | null |
| use_policy_based_traffic_selectors | bool | If true, policy-based traffic selectors are enabled for this connection. Enablin | null |
| enable_telemetry | bool | This variable controls whether or not telemetry is enabled for the module. For m | true |
| ipsec_policy | map(object({ dh_group | CIDR blocks for traffic selectors - `dh_group ` - (Required) - Th | {} |
| local_azure_ip_address_enabled | bool | Use private local Azure IP for the connection. Changing this forces a new resour | null |
| authorization_key | string | The authorization key for the connection. This field is required only if the typ | null |
| connection_mode | string | Possible values are Default, InitiatorOnly and ResponderOnly. Defaults to Defaul | "Default" |
| connection_protocol | string | Possible values are `IKEv1` and `IKEv2`. Defaults to `IKEv2`. Changing this forc | "IKEv2" |
| express_route_gateway_bypass | bool | If `true`, data packets will bypass ExpressRoute Gateway for data forwarding Thi | null |
| ingress_nat_rule_resource_ids | list(string) | A list of the ingress NAT Rule Ids. | null |
| private_link_fast_path_enabled | bool | Bypass the Express Route gateway when accessing private-links. When enabled `exp | false |
| traffic_selector_policy | map(object({ local_address | CIDR blocks for traffic selectors - `local_address_cidrs` - Required - List of | {} |
| custom_bgp_addresses | object({ primary = strin | Custom APIPA Adresses for BGP - `primary` - (Required) - A single IP address th | null |
| dpd_timeout_seconds | string | The dead peer detection timeout of this connection in seconds. Changing this for | null |
| enable_bgp | bool | If true, BGP (Border Gateway Protocol) is enabled for this connection. Defaults | false |
| local_network_gateway_resource_id | string | The ID of the Azure Local Network Gateway to connect to when creating a Site-to- | null |
| lock | object({ kind = string | Controls the Resource Lock configuration for this resource. The following proper | null |
resource_id — The full Azure resource ID of the Virtual Network Gateway Connection.