From fc81632ab214cfcfeef3369eb47539fb4cef7463 Mon Sep 17 00:00:00 2001 From: James Martinez Date: Wed, 14 Aug 2024 15:49:01 +0000 Subject: [PATCH 1/8] add enable_acceleration support --- main.tf | 6 +++++- variables.tf | 6 ++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index e8f809a..58061fb 100644 --- a/main.tf +++ b/main.tf @@ -24,7 +24,8 @@ resource "aws_vpn_connection" "default" { customer_gateway_id = var.customer_gateway_id type = "ipsec.1" - static_routes_only = var.vpn_connection_static_routes_only + static_routes_only = var.vpn_connection_static_routes_only + enable_acceleration = var.vpn_connection_enable_acceleration tunnel1_phase1_dh_group_numbers = var.tunnel1_phase1_dh_group_numbers tunnel2_phase1_dh_group_numbers = var.tunnel2_phase1_dh_group_numbers @@ -133,6 +134,7 @@ resource "aws_vpn_connection" "tunnel" { type = "ipsec.1" static_routes_only = var.vpn_connection_static_routes_only + enable_acceleration = var.vpn_connection_enable_acceleration tunnel1_inside_cidr = var.tunnel1_inside_cidr tunnel2_inside_cidr = var.tunnel2_inside_cidr @@ -244,6 +246,7 @@ resource "aws_vpn_connection" "preshared" { type = "ipsec.1" static_routes_only = var.vpn_connection_static_routes_only + enable_acceleration = var.vpn_connection_enable_acceleration tunnel1_preshared_key = var.tunnel1_preshared_key tunnel2_preshared_key = var.tunnel2_preshared_key @@ -352,6 +355,7 @@ resource "aws_vpn_connection" "tunnel_preshared" { type = "ipsec.1" static_routes_only = var.vpn_connection_static_routes_only + enable_acceleration = var.vpn_connection_enable_acceleration tunnel1_inside_cidr = var.tunnel1_inside_cidr tunnel2_inside_cidr = var.tunnel2_inside_cidr diff --git a/variables.tf b/variables.tf index 01f7cbc..54fa486 100644 --- a/variables.tf +++ b/variables.tf @@ -53,6 +53,12 @@ variable "vpn_connection_static_routes_only" { default = false } +variable "vpn_connection_enable_acceleration { + description = "Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway." + type = bool + default = false +} + variable "vpn_connection_static_routes_destinations" { description = "List of CIDRs to be used as destination for static routes (used with `vpn_connection_static_routes_only = true`). Routes to destinations set here will be propagated to the routing tables of the subnets defined in `vpc_subnet_route_table_ids`." type = list(string) From ad818820b8428031e3b562fea8916c00ae29dadc Mon Sep 17 00:00:00 2001 From: James Martinez Date: Wed, 14 Aug 2024 16:06:05 +0000 Subject: [PATCH 2/8] revert space --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 58061fb..c40a813 100644 --- a/main.tf +++ b/main.tf @@ -24,7 +24,7 @@ resource "aws_vpn_connection" "default" { customer_gateway_id = var.customer_gateway_id type = "ipsec.1" - static_routes_only = var.vpn_connection_static_routes_only + static_routes_only = var.vpn_connection_static_routes_only enable_acceleration = var.vpn_connection_enable_acceleration tunnel1_phase1_dh_group_numbers = var.tunnel1_phase1_dh_group_numbers From c9b9b6c3ef554f674fecaeea402d0e6b70c09591 Mon Sep 17 00:00:00 2001 From: James Martinez Date: Wed, 14 Aug 2024 16:18:51 +0000 Subject: [PATCH 3/8] fmt --- main.tf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/main.tf b/main.tf index c40a813..f2e2f60 100644 --- a/main.tf +++ b/main.tf @@ -24,7 +24,7 @@ resource "aws_vpn_connection" "default" { customer_gateway_id = var.customer_gateway_id type = "ipsec.1" - static_routes_only = var.vpn_connection_static_routes_only + static_routes_only = var.vpn_connection_static_routes_only enable_acceleration = var.vpn_connection_enable_acceleration tunnel1_phase1_dh_group_numbers = var.tunnel1_phase1_dh_group_numbers @@ -133,7 +133,7 @@ resource "aws_vpn_connection" "tunnel" { customer_gateway_id = var.customer_gateway_id type = "ipsec.1" - static_routes_only = var.vpn_connection_static_routes_only + static_routes_only = var.vpn_connection_static_routes_only enable_acceleration = var.vpn_connection_enable_acceleration tunnel1_inside_cidr = var.tunnel1_inside_cidr @@ -245,7 +245,7 @@ resource "aws_vpn_connection" "preshared" { customer_gateway_id = var.customer_gateway_id type = "ipsec.1" - static_routes_only = var.vpn_connection_static_routes_only + static_routes_only = var.vpn_connection_static_routes_only enable_acceleration = var.vpn_connection_enable_acceleration tunnel1_preshared_key = var.tunnel1_preshared_key @@ -354,7 +354,7 @@ resource "aws_vpn_connection" "tunnel_preshared" { customer_gateway_id = var.customer_gateway_id type = "ipsec.1" - static_routes_only = var.vpn_connection_static_routes_only + static_routes_only = var.vpn_connection_static_routes_only enable_acceleration = var.vpn_connection_enable_acceleration tunnel1_inside_cidr = var.tunnel1_inside_cidr From a476c5a6be28ef3e52808a8ad6af1c0a533d274d Mon Sep 17 00:00:00 2001 From: James Martinez Date: Thu, 15 Aug 2024 07:05:28 -0500 Subject: [PATCH 4/8] fix missing double quote --- variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/variables.tf b/variables.tf index 54fa486..3710248 100644 --- a/variables.tf +++ b/variables.tf @@ -53,7 +53,7 @@ variable "vpn_connection_static_routes_only" { default = false } -variable "vpn_connection_enable_acceleration { +variable "vpn_connection_enable_acceleration" { description = "Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway." type = bool default = false From 04da9d5d1215db4efa15eef016d32467bfc4c2f0 Mon Sep 17 00:00:00 2001 From: James Martinez Date: Thu, 15 Aug 2024 12:15:01 +0000 Subject: [PATCH 5/8] use Terraform docs --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index f2a8468..4e7f287 100644 --- a/README.md +++ b/README.md @@ -325,6 +325,7 @@ No modules. | [vpc\_id](#input\_vpc\_id) | The id of the VPC where the VPN Gateway lives. | `string` | `null` | no | | [vpc\_subnet\_route\_table\_count](#input\_vpc\_subnet\_route\_table\_count) | The number of subnet route table ids being passed in via `vpc_subnet_route_table_ids`. | `number` | `0` | no | | [vpc\_subnet\_route\_table\_ids](#input\_vpc\_subnet\_route\_table\_ids) | The ids of the VPC subnets for which routes from the VPN Gateway will be propagated. | `list(string)` | `[]` | no | +| [vpn\_connection\_enable\_acceleration](#input\_vpn\_connection\_enable\_acceleration) | Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway. | `bool` | `false` | no | | [vpn\_connection\_static\_routes\_destinations](#input\_vpn\_connection\_static\_routes\_destinations) | List of CIDRs to be used as destination for static routes (used with `vpn_connection_static_routes_only = true`). Routes to destinations set here will be propagated to the routing tables of the subnets defined in `vpc_subnet_route_table_ids`. | `list(string)` | `[]` | no | | [vpn\_connection\_static\_routes\_only](#input\_vpn\_connection\_static\_routes\_only) | Set to true for the created VPN connection to use static routes exclusively (only if `create_vpn_connection = true`). Static routes must be used for devices that don't support BGP. | `bool` | `false` | no | | [vpn\_gateway\_id](#input\_vpn\_gateway\_id) | The id of the VPN Gateway. | `string` | `null` | no | From 42ce18e61d785c252022cd77c7db7189a524e529 Mon Sep 17 00:00:00 2001 From: James Martinez Date: Thu, 15 Aug 2024 12:43:46 +0000 Subject: [PATCH 6/8] add to example --- .../complete-vpn-connection-transit-gateway/main.tf | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/examples/complete-vpn-connection-transit-gateway/main.tf b/examples/complete-vpn-connection-transit-gateway/main.tf index 03c0904..7221d0c 100644 --- a/examples/complete-vpn-connection-transit-gateway/main.tf +++ b/examples/complete-vpn-connection-transit-gateway/main.tf @@ -17,8 +17,9 @@ module "vpn_gateway_1" { tunnel1_preshared_key = "1234567890abcdefghijklmn" tunnel2_preshared_key = "abcdefghijklmn1234567890" - create_vpn_gateway_attachment = false - connect_to_transit_gateway = true + create_vpn_gateway_attachment = false + connect_to_transit_gateway = true + vpn_connection_enable_acceleration = true tags = { key1 = "example value 1" @@ -41,8 +42,9 @@ module "vpn_gateway_2" { tunnel1_preshared_key = "1234567890abcdefghijklmn" tunnel2_preshared_key = "abcdefghijklmn1234567890" - create_vpn_gateway_attachment = false - connect_to_transit_gateway = true + create_vpn_gateway_attachment = false + connect_to_transit_gateway = true + vpn_connection_enable_acceleration = true tags = { vpn2a = "example value 1" From 5666b95dacbd6be584a77efd3c2b1a27adab070c Mon Sep 17 00:00:00 2001 From: James Martinez Date: Fri, 11 Oct 2024 15:50:57 -0500 Subject: [PATCH 7/8] Use terraform defaults Co-authored-by: Bryant Biggs --- variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/variables.tf b/variables.tf index 3710248..693f132 100644 --- a/variables.tf +++ b/variables.tf @@ -56,7 +56,7 @@ variable "vpn_connection_static_routes_only" { variable "vpn_connection_enable_acceleration" { description = "Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway." type = bool - default = false + default = null } variable "vpn_connection_static_routes_destinations" { From 6f9daaca0158d6cf7b35bba639ac79fcac26c525 Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Fri, 20 Dec 2024 11:25:10 -0600 Subject: [PATCH 8/8] feat: Bump min supported provider and Terraform versions --- .pre-commit-config.yaml | 2 +- README.md | 8 ++++---- examples/complete-dual-vpn-gateway/README.md | 6 +++--- examples/complete-dual-vpn-gateway/versions.tf | 4 ++-- .../complete-vpn-connection-transit-gateway/README.md | 6 +++--- .../complete-vpn-connection-transit-gateway/versions.tf | 4 ++-- .../complete-vpn-gateway-with-static-routes/README.md | 6 +++--- .../complete-vpn-gateway-with-static-routes/versions.tf | 4 ++-- examples/complete-vpn-gateway/README.md | 6 +++--- examples/complete-vpn-gateway/versions.tf | 4 ++-- examples/minimal-vpn-gateway/README.md | 6 +++--- examples/minimal-vpn-gateway/versions.tf | 4 ++-- versions.tf | 4 ++-- 13 files changed, 32 insertions(+), 32 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a6cd369..b348aea 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.96.1 + rev: v1.96.2 hooks: - id: terraform_fmt - id: terraform_docs diff --git a/README.md b/README.md index e2ca30d..68a9d83 100644 --- a/README.md +++ b/README.md @@ -243,14 +243,14 @@ module "tgw" { | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.66 | +| [terraform](#requirement\_terraform) | >= 1.3 | +| [aws](#requirement\_aws) | >= 5.42 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.66 | +| [aws](#provider\_aws) | >= 5.42 | ## Modules @@ -325,7 +325,7 @@ No modules. | [vpc\_id](#input\_vpc\_id) | The id of the VPC where the VPN Gateway lives. | `string` | `null` | no | | [vpc\_subnet\_route\_table\_count](#input\_vpc\_subnet\_route\_table\_count) | The number of subnet route table ids being passed in via `vpc_subnet_route_table_ids`. | `number` | `0` | no | | [vpc\_subnet\_route\_table\_ids](#input\_vpc\_subnet\_route\_table\_ids) | The ids of the VPC subnets for which routes from the VPN Gateway will be propagated. | `list(string)` | `[]` | no | -| [vpn\_connection\_enable\_acceleration](#input\_vpn\_connection\_enable\_acceleration) | Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway. | `bool` | `false` | no | +| [vpn\_connection\_enable\_acceleration](#input\_vpn\_connection\_enable\_acceleration) | Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway. | `bool` | `null` | no | | [vpn\_connection\_static\_routes\_destinations](#input\_vpn\_connection\_static\_routes\_destinations) | List of CIDRs to be used as destination for static routes (used with `vpn_connection_static_routes_only = true`). Routes to destinations set here will be propagated to the routing tables of the subnets defined in `vpc_subnet_route_table_ids`. | `list(string)` | `[]` | no | | [vpn\_connection\_static\_routes\_only](#input\_vpn\_connection\_static\_routes\_only) | Set to true for the created VPN connection to use static routes exclusively (only if `create_vpn_connection = true`). Static routes must be used for devices that don't support BGP. | `bool` | `false` | no | | [vpn\_gateway\_id](#input\_vpn\_gateway\_id) | The id of the VPN Gateway. | `string` | `null` | no | diff --git a/examples/complete-dual-vpn-gateway/README.md b/examples/complete-dual-vpn-gateway/README.md index a1292d5..b013458 100644 --- a/examples/complete-dual-vpn-gateway/README.md +++ b/examples/complete-dual-vpn-gateway/README.md @@ -26,14 +26,14 @@ Run `terraform destroy` when you don't need these resources. | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.66 | +| [terraform](#requirement\_terraform) | >= 1.3 | +| [aws](#requirement\_aws) | >= 5.42 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.66 | +| [aws](#provider\_aws) | >= 5.42 | ## Modules diff --git a/examples/complete-dual-vpn-gateway/versions.tf b/examples/complete-dual-vpn-gateway/versions.tf index fd4d116..14b6dc8 100644 --- a/examples/complete-dual-vpn-gateway/versions.tf +++ b/examples/complete-dual-vpn-gateway/versions.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 1.0" + required_version = ">= 1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.66" + version = ">= 5.42" } } } diff --git a/examples/complete-vpn-connection-transit-gateway/README.md b/examples/complete-vpn-connection-transit-gateway/README.md index 92a00de..41f3b96 100644 --- a/examples/complete-vpn-connection-transit-gateway/README.md +++ b/examples/complete-vpn-connection-transit-gateway/README.md @@ -19,14 +19,14 @@ Run `terraform destroy` when you don't need these resources. | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.66 | +| [terraform](#requirement\_terraform) | >= 1.3 | +| [aws](#requirement\_aws) | >= 5.42 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.66 | +| [aws](#provider\_aws) | >= 5.42 | ## Modules diff --git a/examples/complete-vpn-connection-transit-gateway/versions.tf b/examples/complete-vpn-connection-transit-gateway/versions.tf index fd4d116..14b6dc8 100644 --- a/examples/complete-vpn-connection-transit-gateway/versions.tf +++ b/examples/complete-vpn-connection-transit-gateway/versions.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 1.0" + required_version = ">= 1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.66" + version = ">= 5.42" } } } diff --git a/examples/complete-vpn-gateway-with-static-routes/README.md b/examples/complete-vpn-gateway-with-static-routes/README.md index 085444f..e79b196 100644 --- a/examples/complete-vpn-gateway-with-static-routes/README.md +++ b/examples/complete-vpn-gateway-with-static-routes/README.md @@ -21,14 +21,14 @@ Run `terraform destroy` when you don't need these resources. | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.66 | +| [terraform](#requirement\_terraform) | >= 1.3 | +| [aws](#requirement\_aws) | >= 5.42 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.66 | +| [aws](#provider\_aws) | >= 5.42 | ## Modules diff --git a/examples/complete-vpn-gateway-with-static-routes/versions.tf b/examples/complete-vpn-gateway-with-static-routes/versions.tf index fd4d116..14b6dc8 100644 --- a/examples/complete-vpn-gateway-with-static-routes/versions.tf +++ b/examples/complete-vpn-gateway-with-static-routes/versions.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 1.0" + required_version = ">= 1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.66" + version = ">= 5.42" } } } diff --git a/examples/complete-vpn-gateway/README.md b/examples/complete-vpn-gateway/README.md index 37cff11..b0b0c9e 100644 --- a/examples/complete-vpn-gateway/README.md +++ b/examples/complete-vpn-gateway/README.md @@ -21,14 +21,14 @@ Run `terraform destroy` when you don't need these resources. | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.66 | +| [terraform](#requirement\_terraform) | >= 1.3 | +| [aws](#requirement\_aws) | >= 5.42 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.66 | +| [aws](#provider\_aws) | >= 5.42 | ## Modules diff --git a/examples/complete-vpn-gateway/versions.tf b/examples/complete-vpn-gateway/versions.tf index fd4d116..14b6dc8 100644 --- a/examples/complete-vpn-gateway/versions.tf +++ b/examples/complete-vpn-gateway/versions.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 1.0" + required_version = ">= 1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.66" + version = ">= 5.42" } } } diff --git a/examples/minimal-vpn-gateway/README.md b/examples/minimal-vpn-gateway/README.md index 397d90d..7520b54 100644 --- a/examples/minimal-vpn-gateway/README.md +++ b/examples/minimal-vpn-gateway/README.md @@ -21,14 +21,14 @@ Run `terraform destroy` when you don't need these resources. | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.66 | +| [terraform](#requirement\_terraform) | >= 1.3 | +| [aws](#requirement\_aws) | >= 5.42 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.66 | +| [aws](#provider\_aws) | >= 5.42 | ## Modules diff --git a/examples/minimal-vpn-gateway/versions.tf b/examples/minimal-vpn-gateway/versions.tf index fd4d116..14b6dc8 100644 --- a/examples/minimal-vpn-gateway/versions.tf +++ b/examples/minimal-vpn-gateway/versions.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 1.0" + required_version = ">= 1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.66" + version = ">= 5.42" } } } diff --git a/versions.tf b/versions.tf index fd4d116..14b6dc8 100644 --- a/versions.tf +++ b/versions.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 1.0" + required_version = ">= 1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.66" + version = ">= 5.42" } } }