From 9f733b5f999c784dd70444635911f4d5facc7058 Mon Sep 17 00:00:00 2001 From: Ricky Hariady Date: Fri, 28 Feb 2025 16:01:09 +0700 Subject: [PATCH] add interconnect support in HA VPN Signed-off-by: Ricky Hariady --- modules/vpn_ha/README.md | 1 + modules/vpn_ha/main.tf | 7 +++++++ modules/vpn_ha/variables.tf | 6 ++++++ 3 files changed, 14 insertions(+) diff --git a/modules/vpn_ha/README.md b/modules/vpn_ha/README.md index a1610c4..8474208 100644 --- a/modules/vpn_ha/README.md +++ b/modules/vpn_ha/README.md @@ -268,6 +268,7 @@ module "vpn_ha" { |------|-------------|------|---------|:--------:| | create\_vpn\_gateway | create a VPN gateway | `bool` | `true` | no | | external\_vpn\_gateway\_description | An optional description of external VPN Gateway | `string` | `"Terraform managed external VPN gateway"` | no | +| interconnect\_attachment | URL of the interconnect attachment resource. When the value of this field is present, the VPN Gateway will be used for IPsec-encrypted Cloud Interconnect. | `list(string)` | `[]` | no | | ipsec\_secret\_length | The lnegth the of shared secret for VPN tunnels | `number` | `8` | no | | keepalive\_interval | The interval in seconds between BGP keepalive messages that are sent to the peer. | `number` | `20` | no | | labels | Labels for vpn components | `map(string)` | `{}` | no | diff --git a/modules/vpn_ha/main.tf b/modules/vpn_ha/main.tf index 7132a3c..9f504f9 100644 --- a/modules/vpn_ha/main.tf +++ b/modules/vpn_ha/main.tf @@ -42,6 +42,13 @@ resource "google_compute_ha_vpn_gateway" "ha_gateway" { network = var.network stack_type = var.stack_type labels = var.labels + dynamic "vpn_interfaces" { + for_each = { for idx, val in var.interconnect_attachment : idx => val } + content { + id = vpn_interfaces.key + interconnect_attachment = vpn_interfaces.value + } + } } resource "google_compute_external_vpn_gateway" "external_gateway" { diff --git a/modules/vpn_ha/variables.tf b/modules/vpn_ha/variables.tf index 0f1c75b..ba193f6 100644 --- a/modules/vpn_ha/variables.tf +++ b/modules/vpn_ha/variables.tf @@ -44,6 +44,12 @@ variable "stack_type" { default = "IPV4_ONLY" } +variable "interconnect_attachment" { + description = "URL of the interconnect attachment resource. When the value of this field is present, the VPN Gateway will be used for IPsec-encrypted Cloud Interconnect." + type = list(string) + default = [] +} + variable "network" { description = "VPC used for the gateway and routes." type = string