Merge pull request #29 from MicrosoftCloudEssentials-LearningHub/vpn-gateway

vpn-gatway sample

Author: brown9804

3_networking/vpn-gateway/README.md

@@ -0,0 +1,61 @@
+# Terraform Template - Azure VPN Gateway
+
+Costa Rica
+
+[![GitHub](https://img.shields.io/badge/--181717?logo=github&logoColor=ffffff)](https://github.com/)
+[brown9804](https://github.com/brown9804)
+
+Last updated: 2025-06-13
+
+----------
+
+> This template contains Terraform configurations to create and manage an Azure VPN Gateway, including a virtual network, GatewaySubnet, and public IP.
+
+> [!NOTE]
+> The subnet used for Azure VPN Gateway **must** be named `GatewaySubnet` and sized at least /27.
+
+<p align="center">
+    <img width="700" alt="image" src="https://github.com/user-attachments/assets/c87943f7-5550-4e59-8059-3c236ec00f53">
+</p>
+
+## File Descriptions
+
+- **main.tf**: Contains the main configuration for creating the Azure VPN Gateway and its supporting resources.
+- **variables.tf**: Defines the input variables used in the Terraform configuration.
+- **terraform.tfvars**: Provides default values for the variables defined in `variables.tf`.
+- **outputs.tf**: Defines the outputs such as VPN Gateway ID and public IP address.
+
+## Variables
+
+| Variable Name         | Description                                      | Type   | Example Value                |
+|---------------------- |--------------------------------------------------|--------|-----------------------------|
+| `subscription_id`     | The Azure subscription ID                        | string | `"00000000-0000-0000-0000-000000000000"` |
+| `resource_group_name` | The name of the resource group                   | string | `"my-vpngw-rg"`             |
+| `location`            | The Azure region to deploy resources             | string | `"eastus"`                  |
+| `public_ip_name`      | The name of the public IP address for the VPN Gateway | string | `"my-vpngw-pip"`        |
+| `vpn_gateway_name`    | The name of the VPN Gateway                      | string | `"my-vpngw"`                |
+| `vpn_gateway_sku`     | The SKU for the VPN Gateway                      | string | `"VpnGw1"`                  |
+
+## Usage
+
+1. Clone the repository and navigate to the vpn-gateway directory.
+2. Update the `terraform.tfvars` file with your values.
+3. Initialize and apply the Terraform configuration:
+
+```bash
+terraform init
+terraform plan
+terraform apply
+```
+
+## Outputs
+
+| Output Name           | Description                                 |
+|-----------------------|---------------------------------------------|
+| `vpn_gateway_id`      | The ID of the VPN Gateway                   |
+| `vpn_gateway_public_ip` | The public IP address of the VPN Gateway  |
+
+<div align="center">
+  <h3 style="color: #4CAF50;">Total Visitors</h3>
+  <img src="https://profile-counter.glitch.me/brown9804/count.svg" alt="Visitor Count" style="border: 2px solid #4CAF50; border-radius: 5px; padding: 5px;"/>
+</div>

3_networking/vpn-gateway/main.tf

@@ -0,0 +1,52 @@
+# main.tf
+# This file contains the main configuration for creating an Azure VPN Gateway and its supporting resources.
+
+# Resource Group
+resource "azurerm_resource_group" "vpngw" {
+  name     = var.resource_group_name
+  location = var.location
+}
+
+# Virtual Network for VPN Gateway
+resource "azurerm_virtual_network" "vpngw" {
+  name                = "vpngw-vnet"
+  address_space       = ["10.10.0.0/16"]
+  location            = azurerm_resource_group.vpngw.location
+  resource_group_name = azurerm_resource_group.vpngw.name
+}
+
+# GatewaySubnet (required name and at least /27)
+resource "azurerm_subnet" "gateway" {
+  name                 = "GatewaySubnet"
+  resource_group_name  = azurerm_resource_group.vpngw.name
+  virtual_network_name = azurerm_virtual_network.vpngw.name
+  address_prefixes     = ["10.10.1.0/27"]
+}
+
+# Public IP for VPN Gateway
+resource "azurerm_public_ip" "vpngw" {
+  name                = var.public_ip_name
+  location            = azurerm_resource_group.vpngw.location
+  resource_group_name = azurerm_resource_group.vpngw.name
+  allocation_method   = "Static" # <-- Must be Static for Standard SKU
+  sku                 = "Standard"
+}
+
+# VPN Gateway
+resource "azurerm_virtual_network_gateway" "vpngw" {
+  name                = var.vpn_gateway_name
+  location            = azurerm_resource_group.vpngw.location
+  resource_group_name = azurerm_resource_group.vpngw.name
+  type                = "Vpn"
+  vpn_type            = "RouteBased"
+  active_active       = false
+  enable_bgp          = false
+  sku                 = var.vpn_gateway_sku
+
+  ip_configuration {
+    name                          = "vnetGatewayConfig"
+    public_ip_address_id          = azurerm_public_ip.vpngw.id
+    subnet_id                     = azurerm_subnet.gateway.id
+    private_ip_address_allocation = "Dynamic"
+  }
+}

3_networking/vpn-gateway/outputs.tf

@@ -0,0 +1,12 @@
+# outputs.tf
+# This file defines the outputs for the VPN Gateway configuration.
+
+output "vpn_gateway_id" {
+  description = "The ID of the VPN Gateway"
+  value       = azurerm_virtual_network_gateway.vpngw.id
+}
+
+output "vpn_gateway_public_ip" {
+  description = "The public IP address of the VPN Gateway"
+  value       = azurerm_public_ip.vpngw.ip_address
+}

3_networking/vpn-gateway/provider.tf

@@ -0,0 +1,19 @@
+# provider.tf
+# This file configures the Azure provider to interact with Azure resources.
+# It specifies the required provider and its version, along with provider-specific configurations.
+
+terraform {
+  required_version = ">= 1.8, < 2.0"
+  # Specify the required provider and its version
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"  # Source of the AzureRM provider
+      version = "~> 4.16.0"          # Version of the AzureRM provider
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}                        # Enable all features for the AzureRM provider
+  subscription_id = var.subscription_id  # Use the subscription ID variable
+}

3_networking/vpn-gateway/terraform.tfvars

@@ -0,0 +1,15 @@
+# terraform.tfvars
+# This file provides default values for the variables defined in variables.tf.
+# These values can be overridden by specifying different values during Terraform execution.
+
+# Azure Subscription
+subscription_id = "" # "your-subscription-id"
+
+# Resource Group
+resource_group_name = "RG-vpn-gateway-test"
+location            = "eastus"
+
+# VPN Gateway Configuration
+public_ip_name     = "my-vpngw-pip"
+vpn_gateway_name   = "my-vpngw"
+vpn_gateway_sku    = "VpnGw1"

3_networking/vpn-gateway/variables.tf

@@ -0,0 +1,33 @@
+# variables.tf
+# This file defines the input variables used in the Terraform configuration.
+
+variable "subscription_id" {
+  description = "The Azure subscription ID"
+  type        = string
+}
+
+variable "resource_group_name" {
+  description = "The name of the resource group"
+  type        = string
+}
+
+variable "location" {
+  description = "The Azure region to deploy resources"
+  type        = string
+}
+
+variable "public_ip_name" {
+  description = "The name of the public IP address for the VPN Gateway"
+  type        = string
+}
+
+variable "vpn_gateway_name" {
+  description = "The name of the VPN Gateway"
+  type        = string
+}
+
+variable "vpn_gateway_sku" {
+  description = "The SKU for the VPN Gateway (e.g., VpnGw1, VpnGw2)"
+  type        = string
+  default     = "VpnGw1"
+}

README.md

@@ -1,11 +1,11 @@
-# Azure Terraform Sample Templates: Version 0.0.0
+# Azure Terraform Deployment <br/> Sample Templates: Version 0.0.0
 
 Costa Rica
 
 [![GitHub](https://img.shields.io/badge/--181717?logo=github&logoColor=ffffff)](https://github.com/)
 [brown9804](https://github.com/brown9804)
 
-Last updated: 2025-06-01
+Last updated: 2025-06-13
 
 ----------
 
@@ -64,6 +64,20 @@ Last updated: 2025-06-01
 
 </details>
 
+<details>
+<summary><b> Networking </b> (Click to expand) </summary>
+
+- [Networking](./3_networking)
+    - [Azure Application Gateway](./3_networking/application-gateway)
+    - [Azure ExpressRoute](./3_networking/expressroute)
+    - [Azure Firewall](./3_networking/firewall)
+    - [Azure Front Door](./3_networking/front-door)
+    - [Azure Load Balancer](./3_networking/load-balancer)
+    - [Azure Traffic Manager](./3_networking/traffic-manager)
+    - [Azure VPN Gateway](./3_networking/vpn-gateway)
+
+</details>
+
 
 ## Prerequisites