diff --git a/modules/connectivity/locals.tf b/modules/connectivity/locals.tf index 5745088b9..e11e75f72 100644 --- a/modules/connectivity/locals.tf +++ b/modules/connectivity/locals.tf @@ -538,11 +538,13 @@ locals { resource_id = local.er_gateway_resource_id[location] managed_by_module = local.deploy_virtual_network_gateway_express_route[location] # Resource definition attributes - name = local.er_gateway_name[location] - resource_group_name = local.resource_group_names_by_scope_and_location["connectivity"][location] - location = location - type = "ExpressRoute" - sku = hub_network.config.virtual_network_gateway.config.gateway_sku_expressroute + name = local.er_gateway_name[location] + resource_group_name = local.resource_group_names_by_scope_and_location["connectivity"][location] + location = location + type = "ExpressRoute" + sku = hub_network.config.virtual_network_gateway.config.gateway_sku_expressroute + remote_vnet_traffic_enabled = hub_network.config.virtual_network_gateway.config.remote_vnet_traffic_enabled + virtual_wan_traffic_enabled = hub_network.config.virtual_network_gateway.config.virtual_wan_traffic_enabled ip_configuration = try( # To support `active_active = true` must currently specify a custom ip_configuration local.custom_settings.azurerm_virtual_network_gateway["connectivity_expressroute"][location].ip_configuration, diff --git a/modules/connectivity/variables.tf b/modules/connectivity/variables.tf index efdb9e6e6..817f1bacc 100644 --- a/modules/connectivity/variables.tf +++ b/modules/connectivity/variables.tf @@ -63,9 +63,11 @@ variable "settings" { virtual_network_gateway = optional(object({ enabled = optional(bool, false) config = optional(object({ - address_prefix = optional(string, "") - gateway_sku_expressroute = optional(string, "") - gateway_sku_vpn = optional(string, "") + address_prefix = optional(string, "") + gateway_sku_expressroute = optional(string, "") + gateway_sku_vpn = optional(string, "") + remote_vnet_traffic_enabled = optional(bool, false) + virtual_wan_traffic_enabled = optional(bool, false) advanced_vpn_settings = optional(object({ enable_bgp = optional(bool, null) active_active = optional(bool, null) diff --git a/resources.connectivity.tf b/resources.connectivity.tf index 2cf789937..bd086cb37 100644 --- a/resources.connectivity.tf +++ b/resources.connectivity.tf @@ -152,6 +152,8 @@ resource "azurerm_virtual_network_gateway" "connectivity" { active_active = each.value.template.active_active private_ip_address_enabled = each.value.template.private_ip_address_enabled default_local_network_gateway_id = each.value.template.default_local_network_gateway_id + remote_vnet_traffic_enabled = each.value.template.remote_vnet_traffic_enabled + virtual_wan_traffic_enabled = each.value.template.virtual_wan_traffic_enabled sku = each.value.template.sku generation = each.value.template.generation tags = each.value.template.tags diff --git a/terraform.tf b/terraform.tf index d25ffd630..8f2163d69 100644 --- a/terraform.tf +++ b/terraform.tf @@ -3,7 +3,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = ">= 3.74.0" + version = ">= 3.84.0" configuration_aliases = [ azurerm.connectivity, azurerm.management, diff --git a/variables.tf b/variables.tf index 5b8fe85fb..3007b4acd 100644 --- a/variables.tf +++ b/variables.tf @@ -176,9 +176,11 @@ variable "configure_connectivity_resources" { virtual_network_gateway = optional(object({ enabled = optional(bool, false) config = optional(object({ - address_prefix = optional(string, "") - gateway_sku_expressroute = optional(string, "") - gateway_sku_vpn = optional(string, "") + address_prefix = optional(string, "") + gateway_sku_expressroute = optional(string, "") + gateway_sku_vpn = optional(string, "") + remote_vnet_traffic_enabled = optional(bool, false) + virtual_wan_traffic_enabled = optional(bool, false) advanced_vpn_settings = optional(object({ enable_bgp = optional(bool, null) active_active = optional(bool, null)