» google_compute_external_vpn_gateway

Represents a VPN gateway managed outside of GCP.

To get more information about ExternalVpnGateway, see:

» Example Usage - External Vpn Gateway

resource "google_compute_ha_vpn_gateway" "ha_gateway" {
  provider = "google-beta"
  region   = "us-central1"
  name     = "ha-vpn"
  network  = "${google_compute_network.network.self_link}"
}

resource "google_compute_external_vpn_gateway" "external_gateway" {
  provider        = "google-beta"
  name            = "external-gateway"
  redundancy_type = "SINGLE_IP_INTERNALLY_REDUNDANT"
  description     = "An externally managed VPN gateway"
  interface {
    id = 0
    ip_address = "8.8.8.8"
  }
}

resource "google_compute_network" "network" {
  provider                = "google-beta"
  name                    = "network"
  routing_mode            = "GLOBAL"
  auto_create_subnetworks = false
}

resource "google_compute_subnetwork" "network_subnet1" {
  provider = "google-beta"
  name          = "ha-vpn-subnet-1"
  ip_cidr_range = "10.0.1.0/24"
  region        = "us-central1"
  network       = "${google_compute_network.network.self_link}"
}

resource "google_compute_subnetwork" "network_subnet2" {
  provider = "google-beta"
  name          = "ha-vpn-subnet-2"
  ip_cidr_range = "10.0.2.0/24"
  region        = "us-west1"
  network       = "${google_compute_network.network.self_link}"
}

resource "google_compute_router" "router1" {
  provider = "google-beta"
  name    = "ha-vpn-router1"
  network = "${google_compute_network.network.name}"
  bgp {
    asn = 64514
  }
}

resource "google_compute_vpn_tunnel" "tunnel1" {
  provider         = "google-beta"
  name             = "ha-vpn-tunnel1"
  region           = "us-central1"
  vpn_gateway      = "${google_compute_ha_vpn_gateway.ha_gateway.self_link}"
  peer_external_gateway = "${google_compute_external_vpn_gateway.external_gateway.self_link}"
  peer_external_gateway_interface = 0
  shared_secret    = "a secret message"
  router           = "${google_compute_router.router1.self_link}"
  vpn_gateway_interface = 0
}

resource "google_compute_vpn_tunnel" "tunnel2" {
  provider         = "google-beta"
  name             = "ha-vpn-tunnel2"
  region           = "us-central1"
  vpn_gateway      = "${google_compute_ha_vpn_gateway.ha_gateway.self_link}"
  peer_external_gateway = "${google_compute_external_vpn_gateway.external_gateway.self_link}"
  peer_external_gateway_interface = 0
  shared_secret    = "a secret message"
  router           = " ${google_compute_router.router1.self_link}"
  vpn_gateway_interface = 1
}

resource "google_compute_router_interface" "router1_interface1" {
  provider = "google-beta"
  name       = "router1-interface1"
  router     = "${google_compute_router.router1.name}"
  region     = "us-central1"
  ip_range   = "169.254.0.1/30"
  vpn_tunnel = "${google_compute_vpn_tunnel.tunnel1.name}"
}

resource "google_compute_router_peer" "router1_peer1" {
  provider = "google-beta"
  name                      = "router1-peer1"
  router                    = "${google_compute_router.router1.name}"
  region                    = "us-central1"
  peer_ip_address           = "169.254.0.2"
  peer_asn                  = 64515
  advertised_route_priority = 100
  interface                 = "${google_compute_router_interface.router1_interface1.name}"
}

resource "google_compute_router_interface" "router1_interface2" {
  provider = "google-beta"
  name       = "router1-interface2"
  router     = "${google_compute_router.router1.name}"
  region     = "us-central1"
  ip_range   = "169.254.1.1/30"
  vpn_tunnel = "${google_compute_vpn_tunnel.tunnel2.name}"
}

resource "google_compute_router_peer" "router1_peer2" {
  provider = "google-beta"
  name                      = "router1-peer2"
  router                    = "${google_compute_router.router1.name}"
  region                    = "us-central1"
  peer_ip_address           = "169.254.1.2"
  peer_asn                  = 64515
  advertised_route_priority = 100
  interface                 = "${google_compute_router_interface.router1_interface2.name}"
}

» Argument Reference

The following arguments are supported:

  • name - (Required) Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

  • description - (Optional) An optional description of this resource.

  • redundancy_type - (Optional) Indicates the redundancy type of this external VPN gateway

  • interface - (Optional) A list of interfaces on this external VPN gateway. Structure is documented below.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The interface block supports:

» Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 4 minutes.
  • delete - Default is 4 minutes.

» Import

ExternalVpnGateway can be imported using any of these accepted formats:

$ terraform import -provider=google-beta google_compute_external_vpn_gateway.default projects/{{project}}/global/externalVpnGateways/{{name}}
$ terraform import -provider=google-beta google_compute_external_vpn_gateway.default {{project}}/{{name}}
$ terraform import -provider=google-beta google_compute_external_vpn_gateway.default {{name}}

» User Project Overrides

This resource supports User Project Overrides.