azurermPointToSiteVpnGateway
Manages a Point-to-Site VPN Gateway.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "example-resources",
}
);
const azurermVirtualWanExample = new azurerm.virtualWan.VirtualWan(
this,
"example_1",
{
location: azurermResourceGroupExample.location,
name: "example-virtualwan",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualWanExample.overrideLogicalId("example");
const azurermVpnServerConfigurationExample =
new azurerm.vpnServerConfiguration.VpnServerConfiguration(this, "example_2", {
client_root_certificate: [
{
name: "DigiCert-Federated-ID-Root-CA",
public_cert_data:
"MIIDuzCCAqOgAwIBAgIQCHTZWCM+IlfFIRXIvyKSrjANBgkqhkiG9w0BAQsFADBn\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSYwJAYDVQQDEx1EaWdpQ2VydCBGZWRlcmF0ZWQgSUQg\nUm9vdCBDQTAeFw0xMzAxMTUxMjAwMDBaFw0zMzAxMTUxMjAwMDBaMGcxCzAJBgNV\nBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdp\nY2VydC5jb20xJjAkBgNVBAMTHURpZ2lDZXJ0IEZlZGVyYXRlZCBJRCBSb290IENB\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAEB4pcCqnNNOWE6Ur5j\nQPUH+1y1F9KdHTRSza6k5iDlXq1kGS1qAkuKtw9JsiNRrjltmFnzMZRBbX8Tlfl8\nzAhBmb6dDduDGED01kBsTkgywYPxXVTKec0WxYEEF0oMn4wSYNl0lt2eJAKHXjNf\nGTwiibdP8CUR2ghSM2sUTI8Nt1Omfc4SMHhGhYD64uJMbX98THQ/4LMGuYegou+d\nGTiahfHtjn7AboSEknwAMJHCh5RlYZZ6B1O4QbKJ+34Q0eKgnI3X6Vc9u0zf6DH8\nDk+4zQDYRRTqTnVO3VT8jzqDlCRuNtq6YvryOWN74/dq8LQhUnXHvFyrsdMaE1X2\nDwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNV\nHQ4EFgQUGRdkFnbGt1EWjKwbUne+5OaZvRYwHwYDVR0jBBgwFoAUGRdkFnbGt1EW\njKwbUne+5OaZvRYwDQYJKoZIhvcNAQELBQADggEBAHcqsHkrjpESqfuVTRiptJfP\n9JbdtWqRTmOf6uJi2c8YVqI6XlKXsD8C1dUUaaHKLUJzvKiazibVuBwMIT84AyqR\nQELn3e0BtgEymEygMU569b01ZPxoFSnNXc7qDZBDef8WfqAV/sxkTi8L9BkmFYfL\nuGLOhRJOFprPdoDIUBB+tmCl3oDcBy3vnUeOEioz8zAkprcb3GHwHAK+vHmmfgcn\nWsfMLH4JCLa/tRYL+Rw/N3ybCkDp00s0WUZ+AoDywSl0Q/ZEnNY0MsFiw6LyIdbq\nM/s/1JRtO3bDSzD9TazRVzn2oBqzSa8VgIo5C1nOnoAKJTlsClJKvIhnRlaLQqk=\n",
},
],
location: azurermResourceGroupExample.location,
name: "example-config",
resource_group_name: azurermResourceGroupExample.name,
vpn_authentication_types: ["Certificate"],
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVpnServerConfigurationExample.overrideLogicalId("example");
const azurermVirtualHubExample = new azurerm.virtualHub.VirtualHub(
this,
"example_3",
{
address_prefix: "10.0.0.0/23",
location: azurermResourceGroupExample.location,
name: "example-virtualhub",
resource_group_name: azurermResourceGroupExample.name,
virtual_wan_id: azurermVirtualWanExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualHubExample.overrideLogicalId("example");
const azurermPointToSiteVpnGatewayExample =
new azurerm.pointToSiteVpnGateway.PointToSiteVpnGateway(this, "example_4", {
connection_configuration: [
{
name: "example-gateway-config",
vpn_client_address_pool: [
{
address_prefixes: ["10.0.2.0/24"],
},
],
},
],
location: azurermResourceGroupExample.location,
name: "example-vpn-gateway",
resource_group_name: azurermResourceGroupExample.name,
scale_unit: 1,
virtual_hub_id: azurermVirtualHubExample.id,
vpn_server_configuration_id: azurermVpnServerConfigurationExample.id,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermPointToSiteVpnGatewayExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
-
name
- (Required) Specifies the name of the Point-to-Site VPN Gateway. Changing this forces a new resource to be created. -
resourceGroupName
- (Required) The name of the resource group in which to create the Point-to-Site VPN Gateway. Changing this forces a new resource to be created. -
location
- (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. -
connectionConfiguration
- (Required) AconnectionConfiguration
block as defined below. -
scaleUnit
- (Required) The Scale Unit for this Point-to-Site VPN Gateway. -
virtualHubId
- (Required) The ID of the Virtual Hub where this Point-to-Site VPN Gateway should exist. Changing this forces a new resource to be created. -
vpnServerConfigurationId
- (Required) The ID of the VPN Server Configuration which this Point-to-Site VPN Gateway should use. Changing this forces a new resource to be created. -
dnsServers
- (Optional) A list of IP Addresses of DNS Servers for the Point-to-Site VPN Gateway. -
routingPreferenceInternetEnabled
- (Optional) Is the Routing Preference for the Public IP Interface of the VPN Gateway enabled? Defaults tofalse
. Changing this forces a new resource to be created. -
tags
- (Optional) A mapping of tags to assign to the Point-to-Site VPN Gateway.
A connectionConfiguration
block supports the following:
-
name
- (Required) The Name which should be used for this Connection Configuration. -
vpnClientAddressPool
- (Required) AvpnClientAddressPool
block as defined below. -
route
- (Optional) Aroute
block as defined below. -
internetSecurityEnabled
- (Optional) Should Internet Security be enabled to secure internet traffic? Changing this forces a new resource to be created. Defaults tofalse
.
A vpnClientAddressPool
block supports the following:
addressPrefixes
- (Required) A list of CIDR Ranges which should be used as Address Prefixes.
A route
block supports the following:
-
associatedRouteTableId
- (Required) The Virtual Hub Route Table resource id associated with this Routing Configuration. -
inboundRouteMapId
- (Optional) The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes. -
outboundRouteMapId
- (Optional) The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes. -
propagatedRouteTable
- (Optional) ApropagatedRouteTable
block as defined below.
A propagatedRouteTable
block supports the following:
-
ids
- (Required) The list of Virtual Hub Route Table resource id which the routes will be propagated to. -
labels
- (Optional) The list of labels to logically group Virtual Hub Route Tables which the routes will be propagated to.
Attributes Reference
The following attributes are exported:
id
- The ID of the Point-to-Site VPN Gateway.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 90 minutes) Used when creating the Point-to-Site VPN Gateway.update
- (Defaults to 90 minutes) Used when updating the Point-to-Site VPN Gateway.read
- (Defaults to 5 minutes) Used when retrieving the Point-to-Site VPN Gateway.delete
- (Defaults to 90 minutes) Used when deleting the Point-to-Site VPN Gateway.
Import
Point-to-Site VPN Gateway's can be imported using the resourceId
, e.g.