From 03de486d531aace362806935669a20a131894634 Mon Sep 17 00:00:00 2001
From: Philip Ulrich <philip.ulrich@rackspace.com>
Date: Wed, 25 Mar 2020 12:55:08 -0500
Subject: [PATCH 1/4] adding option for split tunneling to client vpn I
 literally don't know what I'm doing. Please triple check my changes.

---
 modules/client/main.tf      | 1 +
 modules/client/variables.tf | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/modules/client/main.tf b/modules/client/main.tf
index 1059a52..0f28fca 100644
--- a/modules/client/main.tf
+++ b/modules/client/main.tf
@@ -61,6 +61,7 @@ resource "aws_ec2_client_vpn_endpoint" "client_vpn" {
   client_cidr_block      = var.client_vpn_cidr_block
   description            = "Client Vpn CIDR block must not overlap users network"
   server_certificate_arn = var.server_certificate_arn
+  split_tunnel           = var.split_tunnel
 
   authentication_options {
     root_certificate_chain_arn = var.root_certificate_chain_arn
diff --git a/modules/client/variables.tf b/modules/client/variables.tf
index 42a0897..97e067b 100644
--- a/modules/client/variables.tf
+++ b/modules/client/variables.tf
@@ -77,3 +77,8 @@ variable "vpc_id" {
   type        = string
 }
 
+variable "split_tunnel" {
+  description = "Enables/disables split tunnel on the Client VPN"
+  type        = string
+  default     = "false"
+}
\ No newline at end of file

From c7fb11839efdc61af669782f7b57607df7219413 Mon Sep 17 00:00:00 2001
From: Philip Ulrich <philip.ulrich@rackspace.com>
Date: Wed, 25 Mar 2020 13:02:16 -0500
Subject: [PATCH 2/4] adding readme info for split tunnel

---
 modules/client/README.md    |  2 ++
 modules/client/variables.tf | 12 ++++++------
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/modules/client/README.md b/modules/client/README.md
index 99894de..9633535 100644
--- a/modules/client/README.md
+++ b/modules/client/README.md
@@ -14,6 +14,7 @@ module "vpn1" {
   private_subnets            = [subnet_1, subnet_2]
   root_certificate_chain_arn = "arn:aws:acm:REGION:AWS_ACCOUNT:certificate/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
   server_certificate_arn     = "arn:aws:acm:REGION:AWS_ACCOUNT:certificate/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+  split_tunnel               = "false"
   vpc_id                     = "vpc_id"
 
 }
@@ -45,6 +46,7 @@ There should be no changes required to move from previous versions of this modul
 | public\_subnets | List of public subnets | `list(string)` | `[]` | no |
 | root\_certificate\_chain\_arn | The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM). | `string` | n/a | yes |
 | server\_certificate\_arn | The server certificate ARN. | `string` | n/a | yes |
+| split\_tunnel | Enables/disables split tunnel on the Client VPN. | `string` | `"false"` | yes |
 | tags | Custom tags to apply to all resources. | `map(string)` | `{}` | no |
 | vpc\_id | VPC ID | `string` | n/a | yes |
 
diff --git a/modules/client/variables.tf b/modules/client/variables.tf
index 97e067b..da6c81f 100644
--- a/modules/client/variables.tf
+++ b/modules/client/variables.tf
@@ -66,6 +66,12 @@ variable "server_certificate_arn" {
   type        = string
 }
 
+variable "split_tunnel" {
+  description = "Enables/disables split tunnel on the Client VPN."
+  type        = string
+  default     = "false"
+}
+
 variable "tags" {
   description = "Custom tags to apply to all resources."
   type        = map(string)
@@ -76,9 +82,3 @@ variable "vpc_id" {
   description = "VPC ID"
   type        = string
 }
-
-variable "split_tunnel" {
-  description = "Enables/disables split tunnel on the Client VPN"
-  type        = string
-  default     = "false"
-}
\ No newline at end of file

From c788dfc6c574af0d2e5474304bf79b1007677771 Mon Sep 17 00:00:00 2001
From: Philip Ulrich <philip@ulrich.life>
Date: Wed, 25 Mar 2020 14:21:40 -0400
Subject: [PATCH 3/4] change variables to bool

Co-Authored-By: John Titus <john.titus@rackspace.com>
---
 modules/client/variables.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/client/variables.tf b/modules/client/variables.tf
index da6c81f..e817cb8 100644
--- a/modules/client/variables.tf
+++ b/modules/client/variables.tf
@@ -68,8 +68,8 @@ variable "server_certificate_arn" {
 
 variable "split_tunnel" {
   description = "Enables/disables split tunnel on the Client VPN."
-  type        = string
-  default     = "false"
+  type        = bool
+  default     = false
 }
 
 variable "tags" {

From e838f921ff2662e658ba37574cbcb59dbc417500 Mon Sep 17 00:00:00 2001
From: Philip Ulrich <philip.ulrich@rackspace.com>
Date: Wed, 25 Mar 2020 13:23:37 -0500
Subject: [PATCH 4/4] bool updates and readme re-gen

---
 modules/client/README.md    | 4 ++--
 modules/client/main.tf      | 1 +
 modules/client/variables.tf | 4 ++--
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/modules/client/README.md b/modules/client/README.md
index 9633535..b5e44be 100644
--- a/modules/client/README.md
+++ b/modules/client/README.md
@@ -14,7 +14,7 @@ module "vpn1" {
   private_subnets            = [subnet_1, subnet_2]
   root_certificate_chain_arn = "arn:aws:acm:REGION:AWS_ACCOUNT:certificate/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
   server_certificate_arn     = "arn:aws:acm:REGION:AWS_ACCOUNT:certificate/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
-  split_tunnel               = "false"
+  split_tunnel               = false
   vpc_id                     = "vpc_id"
 
 }
@@ -46,7 +46,7 @@ There should be no changes required to move from previous versions of this modul
 | public\_subnets | List of public subnets | `list(string)` | `[]` | no |
 | root\_certificate\_chain\_arn | The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM). | `string` | n/a | yes |
 | server\_certificate\_arn | The server certificate ARN. | `string` | n/a | yes |
-| split\_tunnel | Enables/disables split tunnel on the Client VPN. | `string` | `"false"` | yes |
+| split\_tunnel | Enables/disables split tunnel on the Client VPN. | `bool` | `false` | no |
 | tags | Custom tags to apply to all resources. | `map(string)` | `{}` | no |
 | vpc\_id | VPC ID | `string` | n/a | yes |
 
diff --git a/modules/client/main.tf b/modules/client/main.tf
index 0f28fca..0f4fb21 100644
--- a/modules/client/main.tf
+++ b/modules/client/main.tf
@@ -15,6 +15,7 @@
  *   private_subnets            = [subnet_1, subnet_2]
  *   root_certificate_chain_arn = "arn:aws:acm:REGION:AWS_ACCOUNT:certificate/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  *   server_certificate_arn     = "arn:aws:acm:REGION:AWS_ACCOUNT:certificate/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+ *   split_tunnel               = false
  *   vpc_id                     = "vpc_id"
  * 
  * }
diff --git a/modules/client/variables.tf b/modules/client/variables.tf
index da6c81f..e817cb8 100644
--- a/modules/client/variables.tf
+++ b/modules/client/variables.tf
@@ -68,8 +68,8 @@ variable "server_certificate_arn" {
 
 variable "split_tunnel" {
   description = "Enables/disables split tunnel on the Client VPN."
-  type        = string
-  default     = "false"
+  type        = bool
+  default     = false
 }
 
 variable "tags" {