| diagnostic_setting_enable |
n/a |
bool |
false |
no |
| enable |
Flag to control module creation. |
bool |
true |
no |
| enable_active_active |
If true, an active-active Virtual Network Gateway will be created. An active-active gateway requires a HighPerformance or an UltraPerformance sku. If false, an active-standby gateway will be created. Defaults to false. |
bool |
false |
no |
| enable_bgp |
If true, BGP (Border Gateway Protocol) will be enabled for this Virtual Network Gateway. Defaults to false |
bool |
false |
no |
| environment |
Environment (e.g. prod, dev, staging). |
string |
"" |
no |
| eventhub_authorization_rule_id |
Specifies the ID of an Event Hub Namespace Authorization Rule used to send Diagnostics Data. |
string |
null |
no |
| eventhub_name |
Specifies the name of the Event Hub where Diagnostics Data should be sent. |
string |
null |
no |
| express_route_circuit_id |
The ID of the Express Route Circuit when creating an ExpressRoute connection |
string |
null |
no |
| gateway_connection_protocol |
The IKE protocol version to use. Possible values are IKEv1 and IKEv2. Defaults to IKEv2 |
string |
"IKEv2" |
no |
| gateway_connection_type |
The type of connection. Valid options are IPsec (Site-to-Site), ExpressRoute (ExpressRoute), and Vnet2Vnet (VNet-to-VNet) |
string |
"IPsec" |
no |
| gateway_type |
The type of the Virtual Network Gateway. Valid options are Vpn or ExpressRoute |
string |
"Vpn" |
no |
| label_order |
Label order, e.g. sequence of application name and environment name,environment,'attribute' [webserver,qa,devops,public,] . |
list(any) |
[
"name",
"environment"
] |
no |
| local_bgp_settings |
Local Network Gateway's BGP speaker settings |
list(object({ asn_number = number, peering_address = string, peer_weight = number })) |
null |
no |
| local_networks |
List of local virtual network connections to connect to gateway |
list(object({ local_gw_name = string, local_gateway_address = string, local_address_space = list(string), shared_key = string })) |
[] |
no |
| local_networks_ipsec_policy |
IPSec policy for local networks. Only a single policy can be defined for a connection. |
map(string) |
null |
no |
| log_analytics_destination_type |
Possible values are AzureDiagnostics and Dedicated, default to AzureDiagnostics. When set to Dedicated, logs sent to a Log Analytics workspace will go into resource specific tables, instead of the legacy AzureDiagnostics table. |
string |
"AzureDiagnostics" |
no |
| log_analytics_workspace_id |
n/a |
string |
null |
no |
| log_category |
Categories of logs to be recorded in diagnostic setting. Acceptable values are MySqlSlowLogs , MySqlAuditLogs |
list(string) |
[
"MySqlAuditLogs"
] |
no |
| managedby |
ManagedBy, eg ''. |
string |
"" |
no |
| metric_enabled |
Whether metric diagnonsis should be enable in diagnostic settings for flexible Mysql. |
bool |
true |
no |
| name |
Name (e.g. app or cluster). |
string |
"" |
no |
| peer_virtual_network_gateway_id |
The ID of the peer virtual network gateway when creating a VNet-to-VNet connection |
string |
null |
no |
| public_ip_allocation_method |
Defines the allocation method for this IP address. Possible values are Static or Dynamic. Defaults to Dynamic |
string |
"Static" |
no |
| public_ip_sku |
The SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic |
string |
"Standard" |
no |
| repository |
Terraform current module repo |
string |
"" |
no |
| resource_group_name |
A container that holds related resources for an Azure solution |
string |
"" |
no |
| sku |
Configuration of the size and capacity of the virtual network gateway |
string |
"VpnGw1" |
no |
| storage_account_id |
The ID of the Storage Account where logs should be sent. |
string |
null |
no |
| sts_vpn |
Set to false to prevent the module from creating any resources. |
bool |
false |
no |
| subnet_id |
The ID of the Subnet where this Network Interface should be located in. |
string |
"" |
no |
| vpn_ad |
Set to false to prevent the module from creating any resources. |
bool |
false |
no |
| vpn_client_configuration |
Virtual Network Gateway client configuration to accept IPSec point-to-site connections |
object({ address_space = string, vpn_client_protocols = list(string), aad_tenant = string, aad_audience = string, aad_issuer = string, vpn_auth_types = list(string) }) |
null |
no |
| vpn_client_configuration_c |
Virtual Network Gateway client configuration to accept IPSec point-to-site connections |
object({ address_space = string, vpn_client_protocols = list(string), certificate = string }) |
null |
no |
| vpn_gw_generation |
The Generation of the Virtual Network gateway. Possible values include Generation1, Generation2 or None |
string |
"Generation1" |
no |
| vpn_gw_sku |
Configuration of the size and capacity of the virtual network gateway. Valid options are Basic, VpnGw3, VpnGw2, VpnGw3, VpnGw4,VpnGw5, VpnGw3AZ, VpnGw3, VpnGw3AZ,VpnGw4AZ and VpnGw5AZ and depend on the type, vpn_type and generation arguments |
string |
"VpnGw1" |
no |
| vpn_type |
The routing type of the Virtual Network Gateway. Valid options are RouteBased or PolicyBased. Defaults to RouteBased |
string |
"RouteBased" |
no |
| vpn_with_certificate |
Set to false to prevent the module from creating any resources. |
bool |
false |
no |