README.yaml

---
#
# This is the canonical configuration for the `README.md`
# Run `make readme` to rebuild the `README.md`
#

# Name of this project
name: Terraform AZURE VPN

# License of this project
license: "APACHE"

# Canonical GitHub repo
github_repo: clouddrove/terraform-azure-vpn

# Badges to display
badges:
  - name: "Terraform"
    image: "https://img.shields.io/badge/Terraform-v1.1.7-green"
    url: "https://www.terraform.io"
  - name: "tfsec"
    image: "https://github.com/clouddrove/terraform-azure-vpn/actions/workflows/tfsec.yml/badge.svg"
    url: "https://github.com/clouddrove/terraform-azure-vpn/actions/workflows/tfsec.yml"
  - name: "Licence"
    image: "https://img.shields.io/badge/License-APACHE-blue.svg"
    url: "LICENSE.md"
  - name: "Changelog"
    image: "https://img.shields.io/badge/Changelog-blue"
    url: "CHANGELOG.md"

# Prerequesties to display
prerequesties:
  - name: Terraform
    url: https://learn.hashicorp.com/terraform/getting-started/install.html
    version: ">= 1.0.0"

providers:
  - name: azure
    url: https://azure.microsoft.com/
    version: ">= 3.0.0"

module_dependencies:
  - name: Labels Module
    url: https://github.com/clouddrove/terraform-azure-labels
    description: Provides resource tagging.

#  description of this project
description: |-
  Terraform module to create vpn resource on AZURE.

# How to use this project
usage: |-
  Here are some examples of how you can use this module in your inventory structure:
  ### Default vnet-peering
  ```hcl
    #  vpn with azure ad
    module "vpn" {
    source                      = "clouddrove/vpn/azure"
    version                     = "1.0.0"
    depends_on                  = [module.vnet]
    name                        = "app"
    environment                 = "test"
    label_order                 = ["name", "environment"]
    vpn_ad                      = true
    resource_group_name         = module.resource_group.resource_group_name
    virtual_network_name        = module.vnet.vnet_name[0]
    vpn_client_configuration    = {
      address_space        = "172.16.200.0/24"
      vpn_client_protocols = ["OpenVPN"]
      vpn_auth_types       = ["AAD"]
      aad_tenant           = "https://login.microsoftonline.com/bcffb719XXXXXXXXXXXX7ebfb2f7bdd"
      aad_audience         = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
      aad_issuer           = "https://sts.windows.net/bcffb719XXXXXXXXXXXX7ebfb2f7bdd/"
    }
    #### enable diagnostic setting
    diagnostic_setting_enable  = false
    log_analytics_workspace_id = ""
    }
    ```
  ```hcl
  #  vpn with certificate
    module "vpn" {
    source                      = "clouddrove/vpn/azure"
    version                     = "1.0.0"
    depends_on                  = [module.vnet]
    name                        = "app"
    environment                 = "test"
    label_order                 = ["name", "environment"]
    vpn_with_certificate        = true
    resource_group_name         = module.resource_group.resource_group_name
    virtual_network_name        = module.vnet.vnet_name[0]
    #### enable diagnostic setting
    diagnostic_setting_enable  = false
    log_analytics_workspace_id = ""
    vpn_client_configuration_c  = {
      address_space        = "172.16.201.0/24"
      vpn_client_protocols = ["OpenVPN", "IkeV2"]
      certificate          = <<EOF
    MIIC5jCCAc6gAwIBAgIIUeUhLYf6UNwwDQYJKoZIhvcNAQELBQAwETEPMA0GA1UE
    AxMGVlBOIENBMB4XDTIyMTExMTE0MzA1NFoXDTI1MTExMDE0MzA1NFowETEPMA0G
    A1UEAxMGVlBOIENBMIIBIjaNBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bxr
    s1kwbRztA7mH79EoIlyZsmAhdIXV8ehbzNIakk1ByOqtBpQK1Xvde1z6rjL1hzCn
    XD6xjW+xfF+yQ/zMyc6udrK2OvtuFmAsBYL5Bbb+Nf7U6Rp9IWZA6f/HO+XLft6q
    sC0UD1wEK6LSn/1u+fCfT3UCMCjpskAtE3ossZCuhUjJ8jGNUb07Z84dQEQf0s3n
    13V0kqNfpaxAhlWUVWrvKWlEGigoTqk4NcTNAzUEGR1b4Rt8qNzIwk8DhODfiOwT
    ILsB3XWyA/IOv2eL3Eqx/lkykIBSEJALPE7j6igyTMoSPHtQA7NWrgYeWgiWh1AQ
    VJpuY1vAIm3gfMAEoQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
    /wQEAwIBBjAdBgNVHQ4EFgQUiEbr34wufRJ6+1Fh5am89bxRCuswDQYJKoZIhvcN
    AQELBQADggEBABHs7e6X2uLpUPkfv0r8TH3MnskPEGObcqGDS8WWH0FO7hsbSMeZ
    bTxJue6WTUvwrxYrmfqRZU/K+TtDregsa+GAYsl0wbl82nu2gBivpARLXYenfmwc
    Zgul+ZwQPw7FB9rLugW7qKMhGUxYYnywTyfZI1EjP6ZAjYn7xB9G7zOGpkVCErPn
    LIO1Knhk7J2XIXs6wCw1OcLJfXhjEEbnYZaHYA3LCTot9LM+3ecloILUo7rQgooB
    4/YOgmo7Q3Qv0ahFvsEI/ZqSop6NpLlzIQ/T3hC/6m4aG/1u+yaac4E9ygZNg184
    Mb0BNzEPxRFt+L8A72gd/nTcxGrxEcQlqEc=
    EOF
    }
    }
    ```
  ```hcl
  #  site-to-site vpn
    module "vpn" {
    source                      = "clouddrove/vpn/azure"
    version                     = "1.0.0"
    name                        = "site-to-site"
    environment                 = "test"
    label_order                 = ["name", "environment"]
    sts_vpn                     = true
    resource_group_name         = module.resource_group.resource_group_name
    virtual_network_name        = module.vnet.vnet_name[0]
    gateway_type                = "Vpn"

    #### enable diagnostic setting
    diagnostic_setting_enable  = false
    log_analytics_workspace_id = ""
    local_networks = [
      {
        local_gw_name         = "app-test-onpremise"
        local_gateway_address = "20.232.135.45"
        local_address_space   = ["30.1.0.0/16"]
        shared_key            = "xpCGkHTBQmDvZK9HnLr7DAvH"
      },
    ]
   }
   ```