Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Output the pre-shared tunnel keys even when they are auto-generated #89

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.77.0
rev: v1.80.0
hooks:
- id: terraform_fmt
- id: terraform_validate
Expand Down
14 changes: 7 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ If you want to use the Transit Gateway support you are responsible for creating
```hcl
module "vpn_gateway" {
source = "terraform-aws-modules/vpn-gateway/aws"
version = "~> 2.0"
version = "~> 3.0"

vpc_id = module.vpc.vpc_id
vpn_gateway_id = module.vpc.vgw_id
Expand All @@ -46,7 +46,7 @@ module "vpn_gateway" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 5.0"

enable_vpn_gateway = true
amazon_side_asn = 64620
Expand All @@ -71,7 +71,7 @@ module "vpc" {
```hcl
module "vpn_gateway" {
source = "terraform-aws-modules/vpn-gateway/aws"
version = "~> 2.0"
version = "~> 3.0"

vpn_gateway_id = aws_vpn_gateway.vpn_gateway.id
customer_gateway_id = aws_customer_gateway.main.id
Expand Down Expand Up @@ -113,7 +113,7 @@ resource "aws_vpn_gateway" "vpn_gateway" {
```hcl
module "vpn_gateway" {
source = "terraform-aws-modules/vpn-gateway/aws"
version = "~> 2.0"
version = "~> 3.0"

create_vpn_gateway_attachment = false
connect_to_transit_gateway = true
Expand All @@ -131,7 +131,7 @@ module "vpn_gateway" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 5.0"

enable_vpn_gateway = false
amazon_side_asn = 64620
Expand Down Expand Up @@ -166,7 +166,7 @@ resource "aws_ec2_transit_gateway_vpc_attachment" "this" {
```hcl
module "vpn_gateway" {
source = "terraform-aws-modules/vpn-gateway/aws"
version = "~> 2.0"
version = "~> 3.0"

create_vpn_gateway_attachment = false
connect_to_transit_gateway = true
Expand All @@ -184,7 +184,7 @@ module "vpn_gateway" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 5.0"

enable_vpn_gateway = false
amazon_side_asn = 64620
Expand Down
4 changes: 3 additions & 1 deletion examples/complete-dual-vpn-gateway/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ Run `terraform destroy` when you don't need these resources.

| Name | Source | Version |
|------|--------|---------|
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 3.0 |
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 5.0 |
| <a name="module_vpn_gateway"></a> [vpn\_gateway](#module\_vpn\_gateway) | ../../ | n/a |
| <a name="module_vpn_gateway2"></a> [vpn\_gateway2](#module\_vpn\_gateway2) | ../../ | n/a |

Expand All @@ -58,6 +58,8 @@ No inputs.

| Name | Description |
|------|-------------|
| <a name="output_vpn_connection_tunnel1_preshared_key"></a> [vpn\_connection\_tunnel1\_preshared\_key](#output\_vpn\_connection\_tunnel1\_preshared\_key) | Tunnel1 preshared key |
| <a name="output_vpn_connection_tunnel2_preshared_key"></a> [vpn\_connection\_tunnel2\_preshared\_key](#output\_vpn\_connection\_tunnel2\_preshared\_key) | Tunnel2 preshared key |
| <a name="output_vpn_gateway2_vpn_connection_id"></a> [vpn\_gateway2\_vpn\_connection\_id](#output\_vpn\_gateway2\_vpn\_connection\_id) | VPN id |
| <a name="output_vpn_gateway2_vpn_connection_tunnel1_address"></a> [vpn\_gateway2\_vpn\_connection\_tunnel1\_address](#output\_vpn\_gateway2\_vpn\_connection\_tunnel1\_address) | Tunnel1 address |
| <a name="output_vpn_gateway2_vpn_connection_tunnel1_cgw_inside_address"></a> [vpn\_gateway2\_vpn\_connection\_tunnel1\_cgw\_inside\_address](#output\_vpn\_gateway2\_vpn\_connection\_tunnel1\_cgw\_inside\_address) | Tunnel1 CGW address |
Expand Down
2 changes: 1 addition & 1 deletion examples/complete-dual-vpn-gateway/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ resource "aws_customer_gateway" "secondary" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 5.0"

name = "complete-dual-vpn-gateway"

Expand Down
12 changes: 12 additions & 0 deletions examples/complete-dual-vpn-gateway/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,18 @@ output "vpn_gateway_vpn_connection_tunnel2_vgw_inside_address" {
value = module.vpn_gateway.vpn_connection_tunnel2_vgw_inside_address
}

output "vpn_connection_tunnel1_preshared_key" {
description = "Tunnel1 preshared key"
value = module.vpn_gateway.tunnel1_preshared_key
sensitive = true
}

output "vpn_connection_tunnel2_preshared_key" {
description = "Tunnel2 preshared key"
value = module.vpn_gateway.tunnel2_preshared_key
sensitive = true
}

###VPN Connection Second VPN

output "vpn_gateway2_vpn_connection_id" {
Expand Down
4 changes: 3 additions & 1 deletion examples/complete-vpn-connection-transit-gateway/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ Run `terraform destroy` when you don't need these resources.

| Name | Source | Version |
|------|--------|---------|
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 3.0 |
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 5.0 |
| <a name="module_vpn_gateway_1"></a> [vpn\_gateway\_1](#module\_vpn\_gateway\_1) | ../../ | n/a |
| <a name="module_vpn_gateway_2"></a> [vpn\_gateway\_2](#module\_vpn\_gateway\_2) | ../../ | n/a |

Expand All @@ -58,8 +58,10 @@ Run `terraform destroy` when you don't need these resources.
| <a name="output_vpn_connection_transit_gateway_attachment_id"></a> [vpn\_connection\_transit\_gateway\_attachment\_id](#output\_vpn\_connection\_transit\_gateway\_attachment\_id) | VPN TGW attachment id |
| <a name="output_vpn_connection_tunnel1_address"></a> [vpn\_connection\_tunnel1\_address](#output\_vpn\_connection\_tunnel1\_address) | Tunnel1 address |
| <a name="output_vpn_connection_tunnel1_cgw_inside_address"></a> [vpn\_connection\_tunnel1\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_cgw\_inside\_address) | Tunnel1 CGW address |
| <a name="output_vpn_connection_tunnel1_preshared_key"></a> [vpn\_connection\_tunnel1\_preshared\_key](#output\_vpn\_connection\_tunnel1\_preshared\_key) | Tunnel1 preshared key |
| <a name="output_vpn_connection_tunnel1_vgw_inside_address"></a> [vpn\_connection\_tunnel1\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_vgw\_inside\_address) | Tunnel1 VGW address |
| <a name="output_vpn_connection_tunnel2_address"></a> [vpn\_connection\_tunnel2\_address](#output\_vpn\_connection\_tunnel2\_address) | Tunnel2 address |
| <a name="output_vpn_connection_tunnel2_cgw_inside_address"></a> [vpn\_connection\_tunnel2\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_cgw\_inside\_address) | Tunnel2 CGW address |
| <a name="output_vpn_connection_tunnel2_preshared_key"></a> [vpn\_connection\_tunnel2\_preshared\_key](#output\_vpn\_connection\_tunnel2\_preshared\_key) | Tunnel2 preshared key |
| <a name="output_vpn_connection_tunnel2_vgw_inside_address"></a> [vpn\_connection\_tunnel2\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_vgw\_inside\_address) | Tunnel2 VGW address |
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
2 changes: 1 addition & 1 deletion examples/complete-vpn-connection-transit-gateway/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ module "vpn_gateway_2" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 5.0"

name = "complete-vpn-gateway-transit-gateway"

Expand Down
12 changes: 12 additions & 0 deletions examples/complete-vpn-connection-transit-gateway/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -37,3 +37,15 @@ output "vpn_connection_transit_gateway_attachment_id" {
description = "VPN TGW attachment id"
value = module.vpn_gateway_1.vpn_connection_transit_gateway_attachment_id
}

output "vpn_connection_tunnel1_preshared_key" {
description = "Tunnel1 preshared key"
value = module.vpn_gateway_1.tunnel1_preshared_key
sensitive = true
}

output "vpn_connection_tunnel2_preshared_key" {
description = "Tunnel2 preshared key"
value = module.vpn_gateway_1.tunnel2_preshared_key
sensitive = true
}
4 changes: 3 additions & 1 deletion examples/complete-vpn-gateway-with-static-routes/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ Run `terraform destroy` when you don't need these resources.

| Name | Source | Version |
|------|--------|---------|
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 2.0 |
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 5.0 |
| <a name="module_vpn_gateway"></a> [vpn\_gateway](#module\_vpn\_gateway) | ../../ | n/a |

## Resources
Expand All @@ -57,8 +57,10 @@ Run `terraform destroy` when you don't need these resources.
| <a name="output_vpn_connection_id"></a> [vpn\_connection\_id](#output\_vpn\_connection\_id) | VPN id |
| <a name="output_vpn_connection_tunnel1_address"></a> [vpn\_connection\_tunnel1\_address](#output\_vpn\_connection\_tunnel1\_address) | Tunnel1 address |
| <a name="output_vpn_connection_tunnel1_cgw_inside_address"></a> [vpn\_connection\_tunnel1\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_cgw\_inside\_address) | Tunnel1 CGW address |
| <a name="output_vpn_connection_tunnel1_preshared_key"></a> [vpn\_connection\_tunnel1\_preshared\_key](#output\_vpn\_connection\_tunnel1\_preshared\_key) | Tunnel1 preshared key |
| <a name="output_vpn_connection_tunnel1_vgw_inside_address"></a> [vpn\_connection\_tunnel1\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_vgw\_inside\_address) | Tunnel1 VGW address |
| <a name="output_vpn_connection_tunnel2_address"></a> [vpn\_connection\_tunnel2\_address](#output\_vpn\_connection\_tunnel2\_address) | Tunnel2 address |
| <a name="output_vpn_connection_tunnel2_cgw_inside_address"></a> [vpn\_connection\_tunnel2\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_cgw\_inside\_address) | Tunnel2 CGW address |
| <a name="output_vpn_connection_tunnel2_preshared_key"></a> [vpn\_connection\_tunnel2\_preshared\_key](#output\_vpn\_connection\_tunnel2\_preshared\_key) | Tunnel2 preshared key |
| <a name="output_vpn_connection_tunnel2_vgw_inside_address"></a> [vpn\_connection\_tunnel2\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_vgw\_inside\_address) | Tunnel2 VGW address |
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
2 changes: 1 addition & 1 deletion examples/complete-vpn-gateway-with-static-routes/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ resource "aws_customer_gateway" "main" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 2.0"
version = "~> 5.0"

name = "complete-vpn-gateway-with-static-routes"

Expand Down
12 changes: 12 additions & 0 deletions examples/complete-vpn-gateway-with-static-routes/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -32,3 +32,15 @@ output "vpn_connection_tunnel2_vgw_inside_address" {
description = "Tunnel2 VGW address"
value = module.vpn_gateway.vpn_connection_tunnel2_vgw_inside_address
}

output "vpn_connection_tunnel1_preshared_key" {
description = "Tunnel1 preshared key"
value = module.vpn_gateway.tunnel1_preshared_key
sensitive = true
}

output "vpn_connection_tunnel2_preshared_key" {
description = "Tunnel2 preshared key"
value = module.vpn_gateway.tunnel2_preshared_key
sensitive = true
}
4 changes: 3 additions & 1 deletion examples/complete-vpn-gateway/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ Run `terraform destroy` when you don't need these resources.

| Name | Source | Version |
|------|--------|---------|
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 3.0 |
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 5.0 |
| <a name="module_vpn_gateway"></a> [vpn\_gateway](#module\_vpn\_gateway) | ../../ | n/a |

## Resources
Expand All @@ -58,8 +58,10 @@ Run `terraform destroy` when you don't need these resources.
| <a name="output_vpn_connection_id"></a> [vpn\_connection\_id](#output\_vpn\_connection\_id) | VPN id |
| <a name="output_vpn_connection_tunnel1_address"></a> [vpn\_connection\_tunnel1\_address](#output\_vpn\_connection\_tunnel1\_address) | Tunnel1 address |
| <a name="output_vpn_connection_tunnel1_cgw_inside_address"></a> [vpn\_connection\_tunnel1\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_cgw\_inside\_address) | Tunnel1 CGW address |
| <a name="output_vpn_connection_tunnel1_preshared_key"></a> [vpn\_connection\_tunnel1\_preshared\_key](#output\_vpn\_connection\_tunnel1\_preshared\_key) | Tunnel1 preshared key |
| <a name="output_vpn_connection_tunnel1_vgw_inside_address"></a> [vpn\_connection\_tunnel1\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_vgw\_inside\_address) | Tunnel1 VGW address |
| <a name="output_vpn_connection_tunnel2_address"></a> [vpn\_connection\_tunnel2\_address](#output\_vpn\_connection\_tunnel2\_address) | Tunnel2 address |
| <a name="output_vpn_connection_tunnel2_cgw_inside_address"></a> [vpn\_connection\_tunnel2\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_cgw\_inside\_address) | Tunnel2 CGW address |
| <a name="output_vpn_connection_tunnel2_preshared_key"></a> [vpn\_connection\_tunnel2\_preshared\_key](#output\_vpn\_connection\_tunnel2\_preshared\_key) | Tunnel2 preshared key |
| <a name="output_vpn_connection_tunnel2_vgw_inside_address"></a> [vpn\_connection\_tunnel2\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_vgw\_inside\_address) | Tunnel2 VGW address |
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
2 changes: 1 addition & 1 deletion examples/complete-vpn-gateway/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ resource "aws_customer_gateway" "main" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 5.0"

name = "complete-vpn-gateway"

Expand Down
12 changes: 12 additions & 0 deletions examples/complete-vpn-gateway/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -32,3 +32,15 @@ output "vpn_connection_tunnel2_vgw_inside_address" {
description = "Tunnel2 VGW address"
value = module.vpn_gateway.vpn_connection_tunnel2_vgw_inside_address
}

output "vpn_connection_tunnel1_preshared_key" {
description = "Tunnel1 preshared key"
value = module.vpn_gateway.tunnel1_preshared_key
sensitive = true
}

output "vpn_connection_tunnel2_preshared_key" {
description = "Tunnel2 preshared key"
value = module.vpn_gateway.tunnel2_preshared_key
sensitive = true
}
4 changes: 3 additions & 1 deletion examples/minimal-vpn-gateway/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ Run `terraform destroy` when you don't need these resources.

| Name | Source | Version |
|------|--------|---------|
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 3.0 |
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 5.0 |
| <a name="module_vpn_gateway"></a> [vpn\_gateway](#module\_vpn\_gateway) | ../../ | n/a |

## Resources
Expand All @@ -56,8 +56,10 @@ Run `terraform destroy` when you don't need these resources.
| <a name="output_vpn_connection_id"></a> [vpn\_connection\_id](#output\_vpn\_connection\_id) | VPN id |
| <a name="output_vpn_connection_tunnel1_address"></a> [vpn\_connection\_tunnel1\_address](#output\_vpn\_connection\_tunnel1\_address) | Tunnel1 address |
| <a name="output_vpn_connection_tunnel1_cgw_inside_address"></a> [vpn\_connection\_tunnel1\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_cgw\_inside\_address) | Tunnel1 CGW address |
| <a name="output_vpn_connection_tunnel1_preshared_key"></a> [vpn\_connection\_tunnel1\_preshared\_key](#output\_vpn\_connection\_tunnel1\_preshared\_key) | Tunnel1 preshared key |
| <a name="output_vpn_connection_tunnel1_vgw_inside_address"></a> [vpn\_connection\_tunnel1\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel1\_vgw\_inside\_address) | Tunnel1 VGW address |
| <a name="output_vpn_connection_tunnel2_address"></a> [vpn\_connection\_tunnel2\_address](#output\_vpn\_connection\_tunnel2\_address) | Tunnel2 address |
| <a name="output_vpn_connection_tunnel2_cgw_inside_address"></a> [vpn\_connection\_tunnel2\_cgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_cgw\_inside\_address) | Tunnel2 CGW address |
| <a name="output_vpn_connection_tunnel2_preshared_key"></a> [vpn\_connection\_tunnel2\_preshared\_key](#output\_vpn\_connection\_tunnel2\_preshared\_key) | Tunnel2 preshared key |
| <a name="output_vpn_connection_tunnel2_vgw_inside_address"></a> [vpn\_connection\_tunnel2\_vgw\_inside\_address](#output\_vpn\_connection\_tunnel2\_vgw\_inside\_address) | Tunnel2 VGW address |
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
2 changes: 1 addition & 1 deletion examples/minimal-vpn-gateway/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ resource "aws_customer_gateway" "main" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 3.0"
version = "~> 5.0"

name = "minimal-vpn-gateway"

Expand Down
12 changes: 12 additions & 0 deletions examples/minimal-vpn-gateway/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -32,3 +32,15 @@ output "vpn_connection_tunnel2_vgw_inside_address" {
description = "Tunnel2 VGW address"
value = module.vpn_gateway.vpn_connection_tunnel2_vgw_inside_address
}

output "vpn_connection_tunnel1_preshared_key" {
description = "Tunnel1 preshared key"
value = module.vpn_gateway.tunnel1_preshared_key
sensitive = true
}

output "vpn_connection_tunnel2_preshared_key" {
description = "Tunnel2 preshared key"
value = module.vpn_gateway.tunnel2_preshared_key
sensitive = true
}
18 changes: 14 additions & 4 deletions outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -91,12 +91,22 @@ output "vpn_connection_customer_gateway_configuration" {

output "tunnel1_preshared_key" {
description = "The preshared key of the first VPN tunnel."
value = var.tunnel1_preshared_key
sensitive = true
value = try(
aws_vpn_connection.default[0].tunnel1_preshared_key,
aws_vpn_connection.preshared[0].tunnel1_preshared_key,
aws_vpn_connection.tunnel[0].tunnel1_preshared_key,
aws_vpn_connection.tunnel_preshared[0].tunnel1_preshared_key,
"")
sensitive = true
}

output "tunnel2_preshared_key" {
description = "The preshared key of the second VPN tunnel."
value = var.tunnel2_preshared_key
sensitive = true
value = try(
aws_vpn_connection.default[0].tunnel2_preshared_key,
aws_vpn_connection.preshared[0].tunnel2_preshared_key,
aws_vpn_connection.tunnel[0].tunnel2_preshared_key,
aws_vpn_connection.tunnel_preshared[0].tunnel2_preshared_key,
"")
sensitive = true
}