Added VPN GW and Tunnel modules.

2025-03-31 15:56:06 +02:00
parent 5b0c5d33eb
commit c878380f33
7 changed files with 179 additions and 0 deletions
@@ -0,0 +1,43 @@
+# Cloud VPN
+resource "google_compute_vpn_gateway" "gw" {
+  name    = var.name
+  network = var.network_name
+  region  = var.region
+}
+
+resource "google_compute_address" "vpn_ip" {
+  count = var.vpn_external_ip != null ? 0 : 1
+
+  name         = "${var.name}-ip"
+  region       = var.region
+  address_type = "EXTERNAL"
+}
+
+data "google_compute_address" "vpn_ip" {
+  count = var.vpn_external_ip != null ? 1 : 0
+
+  name   = var.vpn_external_ip
+}
+
+resource "google_compute_forwarding_rule" "gw_fw_esp" {
+  name        = "fwd-esp"
+  ip_protocol = "ESP"
+  ip_address  = var.vpn_external_ip != null ? data.google_compute_address.vpn_ip[0].address : google_compute_address.vpn_ip[0].address
+  target      = google_compute_vpn_gateway.gw.id
+}
+
+resource "google_compute_forwarding_rule" "gw_fw_udp_500" {
+  name        = "fwd-udp-500"
+  ip_protocol = "UDP"
+  ip_address  = var.vpn_external_ip != null ? data.google_compute_address.vpn_ip[0].address : google_compute_address.vpn_ip[0].address
+  port_range  = "500"
+  target      = google_compute_vpn_gateway.gw.id
+}
+
+resource "google_compute_forwarding_rule" "gw_fw_udp_4500" {
+  name        = "fwd-udp-4500"
+  ip_protocol = "UDP"
+  ip_address  = var.vpn_external_ip != null ? data.google_compute_address.vpn_ip[0].address : google_compute_address.vpn_ip[0].address
+  port_range  = "4500"
+  target      = google_compute_vpn_gateway.gw.id
+}
@@ -0,0 +1,15 @@
+output "ip" {
+  value = var.vpn_external_ip != null ? data.google_compute_address.vpn_ip[0].address : google_compute_address.vpn_ip[0].address
+}
+
+output "network_name" {
+  value = var.network_name
+}
+
+output "id" {
+  value = google_compute_vpn_gateway.gw.id
+}
+
+output "name" {
+  value = google_compute_vpn_gateway.gw.name
+}
@@ -0,0 +1,21 @@
+variable "name" {
+  description = "The name of the VPN Gateway."
+  type        = string
+}
+
+variable "network_name" {
+  description = "The name of the network."
+  type        = string
+}
+
+variable "region" {
+  description = "The region of the VPN Gateway."
+  type        = string
+}
+
+variable "vpn_external_ip" {
+  description = "The name of the external IP address of the VPN Gateway."
+  type        = string
+  nullable    = true
+  default     = null
+}