Setting up a Transit Network using Aviatrix Terraform Provider
The Aviatrix Terraform Provider is used to interact with Aviatrix resources. To learn more about Terraform, please see the Terraform Registry.
Setting up a Terraform Provider
# Configure Aviatrix provider
provider "aviatrix" {
controller_ip = "1.2.3.4"
username = "username"
password = "password"
version = "2.2"
}
# Create a record
resource "aviatrix_account" "myacc" {
# ...
}
Resources
These are the available resources for creating a transit VPC solution.
aviatrix_transit_gateway
Manages an Aviatrix Transit Gateway.
Example Usage
provider "aviatrix" {
controller_ip = "1.2.3.4"
username = "username"
password = "password"
version = "2.2"
}
# Create a transit gateway.
# Omit ha_subnet to launch transit gateway without HA.
# HA subnet can later be added or deleted to enable/disable HA in transit gateway
resource "aviatrix_transit_gateway" "test_transit_gw" {
cloud_type = 1
account_name = "devops"
gw_name = "transit"
vpc_id = "vpc-abcd1234"
vpc_reg = "us-east-1"
gw_size = "t2.micro"
subnet = "10.1.0.0/24"
ha_subnet = "10.1.0.0/24"
tag_list = ["key:value", "key1:value1", "key2:value2"]
}
cloud_type |
Enter 1 for AWS cloud type. |
account_name |
Enter Aviatrix’s cloud account name. |
gw_name |
Enter Gateway name for transit VPC. |
vpc_id |
VPC ID of transit VPC. |
gw_size |
Gateway size. |
subnet |
VPC subnet where you want to deploy transit VPC GW. |
ha_subnet |
(Optional) VPC subnet for HA. |
tag_list |
(Optional) List of tags with key/value pairs in string format. |
aviatrix_vgw_conn
Manages VGW connection
Example Usage
provider "aviatrix" {
controller_ip = "1.2.3.4"
username = "username"
password = "password"
version = "2.2"
}
# Once this resource is created, VGW can be disconnected
# from transit GW by destroying this resource using command:
# terraform destroy --target aviatrix_vgw_conn.test_vgw_conn.
resource "aviatrix_vgw_conn" "test_vgw_conn" {
conn_name = "my_conn"
gw_name = "transit"
vpc_id = "vpc-abcd1234"
bgp_vgw_id = "vgw-abcd1234"
bgp_vgw_account = "devops"
bgp_vgw_region = "us-east-1"
bgp_local_as_num = "65001"
}
conn_name |
Name for transit VPC to VGW connection. |
gw_name |
Transit VPC GW name. |
vpc_id |
Enter VPC Id of transit VPC. |
bgp_vgw_id |
Enter AWS VGW Id used for connection. |
bgp_vgw_account |
AWS Account Number of the VGW used. |
bgp_vgw_region |
Region of the AWS’s VGW used. |
bgp_local_as_num |
Enter BGP Local ASN. |
aviatrix_spoke_gateway
Manages an Aviatrix Spoke Gateway
Example Usage
provider "aviatrix" {
controller_ip = "1.2.3.4"
username = "username"
password = "password"
version = "2.2"
}
# Launch a spoke gateway, and join with transit gateway.
# Omit ha_subnet to launch spoke gateway without HA.
# ha_subnet can be later added or deleted to enable/disable HA in spoke gateway
# Omit transit_gw to launch spoke gateway without attaching with transit GW.
# transit_gw can be later added or deleted to attach/detach from spoke gateway
resource "aviatrix_spoke_gateway" "test_spoke" {
cloud_type = 1
account_name = "devops"
gw_name = "myspoke"
vpc_id = "vpc-defg3456"
vpc_reg = "us-east-1"
gw_size = "t2.micro"
subnet = "10.20.0.0/24"
ha_subnet = "10.20.1.0/24"
transit_gw = "transit"
tag_list = ["key:value", "key:value1", "key:value2"]
}
cloud_type |
Enter 1 for AWS cloud type. |
account_name |
Enter aviatrix cloud account name. |
gw_name |
Enter Gateway name for spoke gateway. |
vpc_id |
VPC ID for Spoke gateway. |
vpc_reg |
Gateway region. |
gw_size |
Gateway size. |
subnet |
VPC subnet where you want to deploy transit GW. |
enable_nat |
(Optional) Enter “yes” to enable NAT. |
ha_subnet |
(Optional) VPC subnet for HA. |
transit_gw |
(Optional) Transit Gateway name to join spoke Gateway with. |
tag_list |
(Optional) List of tags with key/value pairs in string format. |
Sample configuration to create complete transit VPC solution
Note
In this example, you must specify the username and password, controller_ip, account_email and other parameters.
# Sample Aviatrix terraform configuration to create complete transit VPC solution
# This configuration creates a cloud account on Aviatrix controller, launches transit gateway, creates VGW connection
# with transit gateway
# Launches a spoke GW, and attach with transit gateway.
# Edit to enter your controller's IP, username and password to login with.
provider "aviatrix" {
controller_ip = "w.x.y.z"
username = "username"
password = "password"
version = "2.2"
}
resource "aviatrix_account" "test_acc" {
account_name = "devops"
account_password = "account_password"
account_email = "[email protected]"
cloud_type = 1
aws_account_number = "123456789012"
aws_iam = "true"
aws_role_app = "arn:aws:iam::123456789012:role/aviatrix-role-app"
aws_role_ec2 = "arn:aws:iam::123456789012:role/aviatrix-role-ec2"
}
# Create transit gateway
# Omit ha_subnet to launch transit gateway without HA.
# ha_subnet can be later added or deleted to enable/disable HA in transit gateway
resource "aviatrix_transit_gateway" "test_transit_gw" {
cloud_type = 1
account_name = aviatrix_account.test_acc.account_name
gw_name = "transit"
vpc_id = "vpc-abcd1234"
vpc_reg = "us-east-1"
gw_size = "t2.micro"
subnet = "10.20.0.0/24"
ha_subnet = "10.20.1.0/24"
}
# Create VGW connection with transit gateway.
# Once this resource is created, VGW can be disconnected
# from transit GW by destroying this resource using command:
# terraform destroy --target aviatrix_vgw_conn.test_vgw_conn.
resource "aviatrix_vgw_conn" "test_vgw_conn" {
conn_name = "my_conn"
gw_name = aviatrix_transit_gateway.test_transit_gw.gw_name
vpc_id = "vpc-abcd1234"
bgp_vgw_id = "vgw-abcd1234"
bgp_vgw_account = aviatrix_account.test_acc.account_name
bgp_vgw_region = "us-east-1"
bgp_local_as_num = "65001"
depends_on = ["aviatrix_transit_gateway.test_transit_gw"]
}
# Launch a spoke gateway, and join with transit gateway.
# Omit ha_subnet to launch spoke gateway without HA.
# ha_subnet can be later added or deleted to enable/disable HA in spoke gateway
# Omit transit_gw to launch spoke gateway without attaching with transit gateway.
# transit_gw can be later added or deleted to attach/detach from spoke gateway
resource "aviatrix_spoke_gateway" "test_spoke" {
cloud_type = 1
account_name = aviatrix_account.test_acc.account_name
gw_name = "myspoke"
vpc_id = "vpc-defg1234"
vpc_reg = "us-east-1"
gw_size = "t2.micro"
subnet = "10.21.0.0/24"
ha_subnet = "10.21.1.0/24"
transit_gw = aviatrix_transit_gateway.test_transit_gw.gw_name
depends_on = ["aviatrix_vgw_conn.test_vgw_conn"]
}