Skip to content

Commit

Permalink
feat(vpn_gateway): Support policy based traffic selectors
Browse files Browse the repository at this point in the history
  • Loading branch information
tomrss committed Nov 27, 2024
1 parent 551a56a commit fb87036
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 2 deletions.
11 changes: 11 additions & 0 deletions vpn_gateway/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,17 @@ resource "azurerm_virtual_network_gateway_connection" "local" {
virtual_network_gateway_id = azurerm_virtual_network_gateway.gw.id
local_network_gateway_id = azurerm_local_network_gateway.local[count.index].id

use_policy_based_traffic_selectors = var.local_networks[count.index].use_policy_based_traffic_selectors

dynamic "traffic_selector_policy" {
for_each = var.local_networks[count.index].traffic_selector_policies
iterator = ts_policy
content {
local_address_cidrs = ts_policy.value.local_address_cidrs
remote_address_cidrs = ts_policy.value.remote_address_cidrs
}
}

shared_key = var.local_networks[count.index].shared_key

dynamic "ipsec_policy" {
Expand Down
15 changes: 13 additions & 2 deletions vpn_gateway/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -83,8 +83,19 @@ variable "vpn_client_configuration" {

variable "local_networks" {
description = "List of local virtual network connections to connect to gateway."
type = list(object({ name = string, gateway_address = string, address_space = list(string), shared_key = string, ipsec_policy = any }))
default = []
type = list(object({
name = string
gateway_address = string
address_space = list(string)
shared_key = string
ipsec_policy = any
use_policy_based_traffic_selectors = optional(bool, false)
traffic_selector_policies = optional(list(object({
local_address_cidrs = list(string)
remote_address_cidrs = list(string)
})), [])
}))
default = []
}

variable "log_analytics_workspace_id" {
Expand Down

0 comments on commit fb87036

Please sign in to comment.