Represents a VPN gateway running in GCP. This virtual device is managed by Google, but used only by you.
To get more information about VpnGateway, see:
resource "google_compute_vpn_gateway" "target_gateway" {
name = "vpn-1"
network = google_compute_network.network1.id
}
resource "google_compute_network" "network1" {
name = "network-1"
}
resource "google_compute_address" "vpn_static_ip" {
name = "vpn-static-ip"
}
resource "google_compute_forwarding_rule" "fr_esp" {
name = "fr-esp"
ip_protocol = "ESP"
ip_address = google_compute_address.vpn_static_ip.address
target = google_compute_vpn_gateway.target_gateway.id
}
resource "google_compute_forwarding_rule" "fr_udp500" {
name = "fr-udp500"
ip_protocol = "UDP"
port_range = "500"
ip_address = google_compute_address.vpn_static_ip.address
target = google_compute_vpn_gateway.target_gateway.id
}
resource "google_compute_forwarding_rule" "fr_udp4500" {
name = "fr-udp4500"
ip_protocol = "UDP"
port_range = "4500"
ip_address = google_compute_address.vpn_static_ip.address
target = google_compute_vpn_gateway.target_gateway.id
}
resource "google_compute_vpn_tunnel" "tunnel1" {
name = "tunnel1"
peer_ip = "15.0.0.120"
shared_secret = "a secret message"
target_vpn_gateway = google_compute_vpn_gateway.target_gateway.id
depends_on = [
google_compute_forwarding_rule.fr_esp,
google_compute_forwarding_rule.fr_udp500,
google_compute_forwarding_rule.fr_udp4500,
]
}
resource "google_compute_route" "route1" {
name = "route1"
network = google_compute_network.network1.name
dest_range = "15.0.0.0/24"
priority = 1000
next_hop_vpn_tunnel = google_compute_vpn_tunnel.tunnel1.id
}
The following arguments are supported:
name
-
(Required)
Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and
match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?
which means
the first character must be a lowercase letter, and all following
characters must be a dash, lowercase letter, or digit, except the last
character, which cannot be a dash.
network
-
(Required)
The network this VPN gateway is accepting traffic for.
description
-
(Optional)
An optional description of this resource.
region
-
(Optional)
The region this gateway should sit in.
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/regions/{{region}}/targetVpnGateways/{{name}}
creation_timestamp
-
Creation timestamp in RFC3339 text format.
gateway_id
-
The unique identifier for the resource.
self_link
- The URI of the created resource.This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.delete
- Default is 20 minutes.VpnGateway can be imported using any of these accepted formats:
projects/{{project}}/regions/{{region}}/targetVpnGateways/{{name}}
{{project}}/{{region}}/{{name}}
{{region}}/{{name}}
{{name}}
In Terraform v1.5.0 and later, use an import
block to import VpnGateway using one of the formats above. For example:
import {
id = "projects/{{project}}/regions/{{region}}/targetVpnGateways/{{name}}"
to = google_compute_vpn_gateway.default
}
When using the terraform import
command, VpnGateway can be imported using one of the formats above. For example:
$ terraform import google_compute_vpn_gateway.default projects/{{project}}/regions/{{region}}/targetVpnGateways/{{name}}
$ terraform import google_compute_vpn_gateway.default {{project}}/{{region}}/{{name}}
$ terraform import google_compute_vpn_gateway.default {{region}}/{{name}}
$ terraform import google_compute_vpn_gateway.default {{name}}
This resource supports User Project Overrides.