Feature/update ike version vpn

.gitignore

@@ -6,3 +6,4 @@ terraform.tfvars
 .idea
 .external_momdules
 *.xml
+.DS_Store

examples/client-vpn/README.md

@@ -6,7 +6,7 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3, < 2.0.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0, < 7.0 |
 
 ## Providers
 

examples/client-vpn/main.tf

@@ -7,7 +7,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.0"
+      version = ">= 5.0, < 7.0"
     }
   }
 }

examples/site-to-site-vpn/README.md

@@ -6,13 +6,13 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3, < 2.0.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0, < 7.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.11.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.100.0 |
 
 ## Modules
 
@@ -25,6 +25,7 @@
 
 | Name | Type |
 |------|------|
+| [aws_route_tables.private](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route_tables) | data source |
 | [aws_vpc.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
 
 ## Inputs

examples/site-to-site-vpn/main.tf

@@ -7,7 +7,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.0"
+      version = ">= 5.0, < 7.0"
     }
   }
 }
@@ -36,19 +36,32 @@ data "aws_vpc" "this" {
   filter {
     name = "tag:Name"
     values = [
-      "aws-vpc-test-iac"
+      "arc-poc-vpc"
     ]
   }
 }
 
+# Fetch all route tables in the VPC
+data "aws_route_tables" "private" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.this.id]
+  }
+
+  filter {
+    name   = "tag:Type"
+    values = ["private"]
+  }
+}
+
 ################################################################################
 ## Site to Site VPN
 ################################################################################
 module "vpn" {
   source = "../../"
   #version = "1.0.0" # pin the correct version
 
-  name        = "${var.namespace}-${var.environment}-vpn-example"
+  name        = "${var.namespace}-${var.environment}-site-to-site-vpn-example"
   namespace   = var.namespace
   environment = var.environment
   vpc_id      = data.aws_vpc.this.id
@@ -63,12 +76,11 @@ module "vpn" {
 
     vpn_gateway = {
       vpc_id          = data.aws_vpc.this.id
-      route_table_ids = ["rtb-0bacb41a2947c7b8c", "rtb-0362a413a6bdaca0e"]
+      route_table_ids = data.aws_route_tables.private.ids
     }
 
     vpn_connection = {
-      static_routes_only = true
-
+      static_routes_only       = true
       local_ipv4_network_cidr  = "10.3.0.0/16"
       remote_ipv4_network_cidr = "10.0.0.0/16"
 
@@ -77,12 +89,14 @@ module "vpn" {
           inside_cidr           = null
           log_enabled           = true
           log_retention_in_days = 7
+          ike_versions          = ["ikev2"]
         }
 
         tunnel2 = {
           inside_cidr           = null # CIDR block of the second tunnel
           log_enabled           = true
           log_retention_in_days = 7
+          ike_versions          = ["ikev2"]
         }
       }
 

examples/site-to-site-vpn/outputs.tf

@@ -1,14 +1,14 @@
 output "vpn_gateway_id" {
-  value       = module.vpn.vpn_gateway_id
+  value       = nonsensitive(module.vpn.vpn_gateway_id)
   description = "The VPN Gateway ID"
 }
 
 output "site_to_site_vpn_id" {
-  value       = module.vpn.site_to_site_vpn_id
+  value       = nonsensitive(module.vpn.site_to_site_vpn_id)
   description = "The site to site vpn ID"
 }
 
 output "customer_gateway_id" {
-  value       = module.vpn.customer_gateway_id
+  value       = nonsensitive(module.vpn.customer_gateway_id)
   description = "Customer Gateway ID"
 }

modules/site-to-site-vpn/local.tf

@@ -1,3 +1,5 @@
 locals {
-  prefix = "${var.namespace}-${var.environment}"
+  prefix                   = "${var.namespace}-${var.environment}"
+  vpn_routes               = nonsensitive(var.vpn_connection_config.routes)
+  vpn_gateway_route_tables = nonsensitive(var.vpn_gateway_config.route_table_ids)
 }