Palo Alto Networks VNet Peering Module for Azure
A terraform module for deploying a Virtual Network Peering and its components required for the VM-Series firewalls in Azure.
Usage
For usage refer to any example module.
Reference
Requirements
| Name | Version |
|---|---|
| terraform | >= 1.2, < 2.0 |
| azurerm | ~> 3.25 |
Providers
| Name | Version |
|---|---|
| azurerm | ~> 3.25 |
Modules
No modules.
Resources
| Name | Type |
|---|---|
| azurerm_virtual_network_peering.local | resource |
| azurerm_virtual_network_peering.remote | resource |
| azurerm_virtual_network.local_peer | data source |
| azurerm_virtual_network.remote_peer | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name_prefix | Prefix name appended to the peering names. | string | "" | no |
| local_peer_config | A map that contains the local peer configuration. Mandatory Values: - vnet_name - (string, required) the local peer VNET name.- resource_group_name - (string, required) : the resource group name of the local peer<br />- allow_virtual_network_access - (bool, optional, defaults to true) : allows communication between the two peering VNETs- allow_forwarded_traffic - (bool, optional, defaults to true) : allows traffic forwarded from the remote VNET but not originated from within it- allow_gateway_transit - (bool, optional, defaults to false) : controls the learning of routes from local VNET (gateway or route server) into the remote VNET. Must be true if use_remote_gateways is true for remote peer- use_remote_gateways - (bool, optional, defaults to false) : controls the learning of routes from the remote VNET (gateway or route server) into the local VNET- name - (string, optional, defaults to <var.name_prefix><var.local_peer_config.vnet_name>-to-<var.remote_peer_config.vnet_name>) : the name of the local VNET peering | map(any) | n/a | yes |
| remote_peer_config | A map that contains the remote peer configuration. Mandatory Values : - vnet_name - (string, required) : the remote peer VNET name.- resource_group_name - (string, required) : the resource group name of the remote peer<br />- allow_virtual_network_access - (bool, optional, defaults to true) : allows communication between the two peering VNETs- allow_forwarded_traffic - (bool, optional, defaults to true) : allows traffic forwarded from the local VNET but not originated from within it- allow_gateway_transit - (bool, optional, defaults to false) : controls the learning of routes from remote VNET (gateway or route server) into the local VNET. Must be true if use_remote_gateways is true for local peer- use_remote_gateways - (bool, optional, defaults to false) : controls the learning of routes from the local VNET (gateway or route server) into the remote VNET- name - (string, optional, defaults to <var.name_prefix><var.remote_peer_config.vnet_name>-to-<var.local_peer_config.vnet_name>) : the name of the local VNET peering | map(any) | n/a | yes |
Outputs
| Name | Description |
|---|---|
| local_peering_name | The name of the local VNET peering. |
| remote_peering_name | The name of the remote VNET peering. |
| local_peering_id | The ID of the local VNET peering. |
| remote_peering_id | The ID of the remote VNET peering. |