» aviatrix_firenet

The aviatrix_firenet resource allows the creation and management of Aviatrix Firewall Networks.

» Example Usage

# Create an Aviatrix FireNet associated to a Firewall Instance
resource "aviatrix_firenet" "test_firenet" {
  vpc_id             = "vpc-032005cc371"
  inspection_enabled = true
  egress_enabled     = false

  firewall_instance_association {
    firenet_gw_name      = "avx-firenet-gw"
    instance_id          = "i-09dc118db6a1eb901"
    firewall_name        = "avx-firewall-instance"
    attached             = true
    lan_interface        = "eni-0a34b1827bf222353"
    management_interface = "eni-030e53176c7f7d34a"
    egress_interface     = "eni-03b8dd53a1a731481"
  }
}
# Create an Aviatrix FireNet associated to an FQDN Gateway
resource "aviatrix_firenet" "test_firenet" {
  vpc_id             = "vpc-032005cc371"
  inspection_enabled = true
  egress_enabled     = false

  firewall_instance_association {
    firenet_gw_name = "avx-firenet-gw"
    instance_id     = "avx-fqdn-gateway"
    vendor_type     = "fqdn_gateway"
    attached        = true
  }
}

» Argument Reference

The following arguments are supported:

» Required

  • vpc_id - (Required) VPC ID of the Security VPC.
  • inspection_enabled - (Optional) Enable/disable traffic inspection. Valid values: true, false. Default value: true.
  • egress_enabled - (Optional) Enable/disable egress through firewall. Valid values: true, false. Default value: false.

» Firewall Association

  • vendor_type - (Optional) Type of firewall. Valid values: "Generic", "fqdn_gateway". Default value: "Generic". Value "fqdn_gateway" is required for FQDN gateway.
  • firewall_name - (Optional) Firewall instance name. Required if it is a firewall instance.
  • lan_interface- (Optional) Lan interface ID. Required if it is a firewall instance.
  • management_interface - (Optional) Management interface ID. Required if it is a firewall instance.
  • egress_interface- (Optional) Egress interface ID. Required if it is a firewall instance.
  • attached- (Optional) Switch to attach/detach firewall instance to/from FireNet. Valid values: true, false. Default value: false.

» Import

firenet can be imported using the vpc_id, e.g.

$ terraform import aviatrix_firenet.test vpc_id