Data Source: azurermVirtualNetworkGateway
Use this data source to access information about an existing Virtual Network Gateway.
Example Usage
import * as cdktf from "cdktf";
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const dataAzurermVirtualNetworkGatewayExample =
new azurerm.dataAzurermVirtualNetworkGateway.DataAzurermVirtualNetworkGateway(
this,
"example",
{
name: "production",
resource_group_name: "networking",
}
);
new cdktf.TerraformOutput(this, "virtual_network_gateway_id", {
value: dataAzurermVirtualNetworkGatewayExample.id,
});
Argument Reference
name
- Specifies the name of the Virtual Network Gateway.resourceGroupName
- Specifies the name of the resource group the Virtual Network Gateway is located in.
Attributes Reference
-
id
- The ID of the Virtual Network Gateway. -
location
- The location/region where the Virtual Network Gateway is located. -
type
- The type of the Virtual Network Gateway. -
vpnType
- The routing type of the Virtual Network Gateway. -
enableBgp
- Will BGP (Border Gateway Protocol) will be enabled for this Virtual Network Gateway. -
activeActive
- Is this an Active-Active Gateway? -
privateIpAddressEnabled
- Whether a private IP will be used for this gateway for connections. -
defaultLocalNetworkGatewayId
- The ID of the local network gateway through which outbound Internet traffic from the virtual network in which the gateway is created will be routed (forced tunneling). Refer to the Azure documentation on forced tunneling. -
sku
- Configuration of the size and capacity of the Virtual Network Gateway. -
generation
- The Generation of the Virtual Network Gateway. -
ipConfiguration
- One or twoipConfiguration
blocks documented below. -
vpnClientConfiguration
- AvpnClientConfiguration
block which is documented below. -
tags
- A mapping of tags assigned to the resource.
The ipConfiguration
block supports:
-
id
- The resource ID of the IP configuration. -
name
- A user-defined name of the IP configuration. -
privateIpAddressAllocation
- Defines how the private IP address of the gateways virtual interface is assigned. -
subnetId
- The ID of the gateway subnet of a virtual network in which the virtual network gateway will be created. It is mandatory that the associated subnet is namedgatewaySubnet
. Therefore, each virtual network can contain at most a single Virtual Network Gateway. -
publicIpAddressId
- The ID of the Public IP Address associated with the Virtual Network Gateway.
The vpnClientConfiguration
block supports:
-
addressSpace
- The address space out of which IP addresses for vpn clients will be taken. You can provide more than one address space, e.g. in CIDR notation. -
aadTenant
- AzureAD Tenant URL This setting is incompatible with the use ofrootCertificate
andrevokedCertificate
,radiusServerAddress
, andradiusServerSecret
. -
aadAudience
- The client id of the Azure VPN application. See Create an Active Directory (AD) tenant for P2S OpenVPN protocol connections for values This setting is incompatible with the use ofrootCertificate
andrevokedCertificate
,radiusServerAddress
, andradiusServerSecret
. -
aadIssuer
- The STS url for your tenant This setting is incompatible with the use ofrootCertificate
andrevokedCertificate
,radiusServerAddress
, andradiusServerSecret
. -
rootCertificate
- One or morerootCertificate
blocks which are defined below. These root certificates are used to sign the client certificate used by the VPN clients to connect to the gateway. This setting is incompatible with the use ofaadTenant
,aadAudience
,aadIssuer
,radiusServerAddress
, andradiusServerSecret
. -
revokedCertificate
- One or morerevokedCertificate
blocks which are defined below. This setting is incompatible with the use ofaadTenant
,aadAudience
,aadIssuer
,radiusServerAddress
, andradiusServerSecret
. -
radiusServerAddress
- The address of the Radius server. This setting is incompatible with the use ofaadTenant
,aadAudience
,aadIssuer
,rootCertificate
andrevokedCertificate
. -
radiusServerSecret
- The secret used by the Radius server. This setting is incompatible with the use ofaadTenant
,aadAudience
,aadIssuer
,rootCertificate
andrevokedCertificate
. -
vpnClientProtocols
- List of the protocols supported by the vpn client. The supported values aresstp
,ikeV2
andopenVpn
.
The bgpSettings
block supports:
-
asn
- The Autonomous System Number (ASN) to use as part of the BGP. -
peeringAddress
- The BGP peer IP address of the virtual network gateway. This address is needed to configure the created gateway as a BGP Peer on the on-premises VPN devices. -
peerWeight
- The weight added to routes which have been learned through BGP peering.
A customRoute
block exports the following:
addressPrefixes
- A list of address blocks reserved for this virtual network in CIDR notation.
The rootCertificate
block supports:
-
name
- The user-defined name of the root certificate. -
publicCertData
- The public certificate of the root certificate authority. The certificate must be provided in Base-64 encoded X.509 format (PEM).
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
read
- (Defaults to 5 minutes) Used when retrieving the Virtual Network Gateway.