Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rhythmictech/terraform-aws-fortigate-vpn

Creates a site-to-site VPN connection intended to terminate to a FortiGate firewall. Creates a template configuration file that can be used to easily configure the connection.
https://github.com/rhythmictech/terraform-aws-fortigate-vpn

aws fortigate terraform terraform-module vpn

Last synced: 4 days ago
JSON representation

Creates a site-to-site VPN connection intended to terminate to a FortiGate firewall. Creates a template configuration file that can be used to easily configure the connection.

Host: GitHub
URL: https://github.com/rhythmictech/terraform-aws-fortigate-vpn
Owner: rhythmictech
License: mit
Created: 2020-04-01T18:29:47.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2023-01-03T21:02:24.000Z (almost 2 years ago)
Last Synced: 2023-03-02T22:06:08.280Z (over 1 year ago)
Topics: aws, fortigate, terraform, terraform-module, vpn
Language: HCL
Homepage: https://registry.terraform.io/modules/rhythmictech/fortigate-vpn/aws
Size: 15.6 KB
Stars: 1
Watchers: 1
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

        # terraform-aws-fortigate-vpn

[![tflint](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/workflows/tflint/badge.svg?branch=master&event=push)](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/actions?query=workflow%3Atflint+event%3Apush+branch%3Amaster)

[![tfsec](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/workflows/tfsec/badge.svg?branch=master&event=push)](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/actions?query=workflow%3Atfsec+event%3Apush+branch%3Amaster)

[![yamllint](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/workflows/yamllint/badge.svg?branch=master&event=push)](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/actions?query=workflow%3Ayamllint+event%3Apush+branch%3Amaster)

[![misspell](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/workflows/misspell/badge.svg?branch=master&event=push)](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/actions?query=workflow%3Amisspell+event%3Apush+branch%3Amaster)

[![pre-commit-check](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/workflows/pre-commit-check/badge.svg?branch=master&event=push)](https://github.com/rhythmictech/terraform-aws-fortigate-vpn/actions?query=workflow%3Apre-commit-check+event%3Apush+branch%3Amaster)



Creates a site-to-site VPN connection intended to terminate to a FortiGate firewall. Creates a template configuration file that can be used to easily configure the connection.

## Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 0.12 |

|  [aws](#requirement\_aws) | >= 2 |

|  [local](#requirement\_local) | >= 1 |

## Providers

| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | >= 2 |

|  [local](#provider\_local) | >= 1 |

## Modules

| Name | Source | Version |

|------|--------|---------|

|  [psk1](#module\_psk1) | git::https://github.com/rhythmictech/terraform-aws-secretsmanager-random-secret | v1.1.1 |

|  [psk2](#module\_psk2) | git::https://github.com/rhythmictech/terraform-aws-secretsmanager-random-secret | v1.1.1 |

## Resources

| Name | Type |

|------|------|

| [aws_customer_gateway.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/customer_gateway) | resource |

| [aws_vpn_connection.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpn_connection) | resource |

| [local_file.this](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |

| [aws_ec2_transit_gateway.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ec2_transit_gateway) | data source |

| [aws_vpn_gateway.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpn_gateway) | data source |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [account\_name](#input\_account\_name) | Name for AWS account side of tunnel | `string` | n/a | yes |

|  [customer\_bgp\_asn](#input\_customer\_bgp\_asn) | BGP for customer side of tunnel | `number` | n/a | yes |

|  [customer\_gateway\_type](#input\_customer\_gateway\_type) | Type for customer gateway | `string` | `"ipsec.1"` | no |

|  [customer\_ip\_address](#input\_customer\_ip\_address) | IP address for customer side | `string` | n/a | yes |

|  [customer\_name](#input\_customer\_name) | Name for customer side of tunnel | `string` | n/a | yes |

|  [generate\_fortigate\_config](#input\_generate\_fortigate\_config) | Generate a FortiGate config template (does not include PSKs) | `bool` | `true` | no |

|  [tags](#input\_tags) | Tags to add to supported resources | `map(string)` | `{}` | no |

|  [transit\_gateway\_id](#input\_transit\_gateway\_id) | Transit gateway to attach VPN to (required if `vpn_gateway_id` not set) | `string` | `null` | no |

|  [tunnel1\_inside\_cidr](#input\_tunnel1\_inside\_cidr) | Specify a Tunnel 1 inside CIDR (optional) | `string` | `""` | no |

|  [tunnel1\_psk](#input\_tunnel1\_psk) | Specify a Tunnel 1 PSK explicitly (optional) | `string` | `""` | no |

|  [tunnel1\_psk\_version](#input\_tunnel1\_psk\_version) | Version to use for PSK (increment to generate a new PSK) | `number` | `1` | no |

|  [tunnel2\_inside\_cidr](#input\_tunnel2\_inside\_cidr) | Specify a Tunnel 2 inside CIDR (optional) | `string` | `""` | no |

|  [tunnel2\_psk](#input\_tunnel2\_psk) | Specify a Tunnel 2 PSK explicitly (optional) | `string` | `""` | no |

|  [tunnel2\_psk\_version](#input\_tunnel2\_psk\_version) | Version to use for PSK (increment to generate a new PSK) | `number` | `1` | no |

|  [use\_secrets\_manager](#input\_use\_secrets\_manager) | Use Secrets Manager to store/manage PSKs | `bool` | `true` | no |

|  [vgw\_id](#input\_vgw\_id) | Virtual Private Gateway to attach VPN to (required if `transit_gateway_id` not set) | `string` | `null` | no |

|  [wan\_interface](#input\_wan\_interface) | WAN interface to use in fortigate config template | `string` | `"wan1"` | no |

## Outputs

| Name | Description |

|------|-------------|

|  [customer\_gateway\_bgp\_asn](#output\_customer\_gateway\_bgp\_asn) | Customer Gateway BGP ASN |

|  [customer\_gateway\_id](#output\_customer\_gateway\_id) | Customer Gateway ID |

|  [customer\_gateway\_ip\_address](#output\_customer\_gateway\_ip\_address) | Customer Gateway IP Address |

|  [vpn\_connection\_tunnel1\_address](#output\_vpn\_connection\_tunnel1\_address) | Tunnel 1 Public IP Address |

|  [vpn\_connection\_tunnel1\_bgp\_asn](#output\_vpn\_connection\_tunnel1\_bgp\_asn) | Tunnel 1 BGP ASN |

|  [vpn\_connection\_tunnel1\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_cgw\_inside\_address) | Tunnel 1 Customer Inside IP Address |

|  [vpn\_connection\_tunnel1\_preshared\_key](#output\_vpn\_connection\_tunnel1\_preshared\_key) | Tunnel 1 Preshared Key |

|  [vpn\_connection\_tunnel1\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_vgw\_inside\_address) | Tunnel 1 AWS Inside IP Address |

|  [vpn\_connection\_tunnel2\_address](#output\_vpn\_connection\_tunnel2\_address) | Tunnel 2 Public IP Address |

|  [vpn\_connection\_tunnel2\_bgp\_asn](#output\_vpn\_connection\_tunnel2\_bgp\_asn) | Tunnel 2 BGP ASN |

|  [vpn\_connection\_tunnel2\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_cgw\_inside\_address) | Tunnel 2 Customer Inside IP Address |

|  [vpn\_connection\_tunnel2\_preshared\_key](#output\_vpn\_connection\_tunnel2\_preshared\_key) | Tunnel 2 Preshared Key |

|  [vpn\_connection\_tunnel2\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_vgw\_inside\_address) | Tunnel 2 AWS Inside IP Address |

|  [vpn\_connection\_vpn\_gw\_id](#output\_vpn\_connection\_vpn\_gw\_id) | VPN Gateway ID |