Setup Transit Network using Aviatrix Terraform Provider

Aviatrix terraform provider is used to interact with Aviatrix resources.

You can read Aviatrix Terraform Tutorial to learn the steps on setting the environment.

Click here to find more supported resources.

Setup terraform provider

# Configure Aviatrix provider
provider "aviatrix" {
  controller_ip = "1.2.3.4"
  username = "admin"
  password = "password"
}

# Create a record
resource "aviatrix_account" "myacc" {
  # ...
}

Resources

These are the available resources for creating a transit VPC solution.

aviatrix_transit_vpc

Manages an Aviatrix Transit VPC.

Example Usage

provider "aviatrix" {
  controller_ip = "1.2.3.4"
  username = "admin"
  password = "password"
}

# Create a transit VPC.
# Omit ha_subnet to launch transit VPC without HA.
# HA subnet can later be added or deleted to enable/disable HA in transit VPC
resource "aviatrix_transit_vpc" "test_transit_gw" {
  cloud_type = 1
  account_name = "devops"
  gw_name = "transit"
  vpc_id = "vpc-abcd1234"
  vpc_reg = "us-east-1"
  vpc_size = "t2.micro"
  subnet = "10.1.0.0/24"
  ha_subnet = "10.1.0.0/24"
  tag_list = ["name:value", "name1:value1", "name2:value2"]
}
cloud_type Enter 1 for AWS cloud type. Transit VPC is supported only in AWS.
account_name Enter aviatrix cloud account name.
gw_name Enter Gateway name for transit VPC.
vpc_id VPC ID of transit VPC.
vpc_size Gateway size.
subnet VPC subnet where you want to deploy transit VPC GW.
ha_subnet (Optional) VPC subnet for HA.
dns_server (Optional) IP address for reachable DNS server.
tag_list (Optional) List of tags with key/value pairs in string format.

aviatrix_vgw_conn

Manages VGW connection

Example Usage

provider "aviatrix" {
  controller_ip = "1.2.3.4"
  username = "admin"
  password = "password"
}

# Once this resource is created, VGW can be disconnected
# from transit GW by destroying this resource using command:
# terraform destroy --target aviatrix_vgw_conn.test_vgw_conn.

resource "aviatrix_vgw_conn" "test_vgw_conn" {
  conn_name = "my_conn"
  gw_name = "transit"
  vpc_id = "vpc-abcd1234"
  bgp_vgw_id = "vgw-abcd1234"
  bgp_local_as_num = "100"
}
conn_name Name for transit VPC to VGW connection.
gw_name Transit VPC GW name.
vpc_id Enter VPC Id of transit VPC.
bgp_vgw_id Enter AWS VGW Id used for connection.
bgp_local_as_num Enter BGP Local ASN.

aviatrix_spoke_vpc

Manages an Aviatrix Spoke VPC

Example Usage

provider "aviatrix" {
  controller_ip = "1.2.3.4"
  username = "admin"
  password = "password"
}

# Launch a spoke VPC, and join with transit VPC.
# Omit ha_subnet to launch spoke VPC without HA.
# ha_subnet can be later added or deleted to enable/disable HA in spoke VPC
# Omit transit_gw to launch spoke VPC without attaching with transit GW.
# transit_gw can be later added or deleted to attach/detach from spoke VPC
resource "aviatrix_spoke_vpc" "test_spoke" {
  cloud_type = 1
  account_name = "devops"
  gw_name = "myspoke"
  vpc_id = "vpc-defg3456"
  vpc_reg = "us-east-1"
  vpc_size = "t2.micro"
  subnet = "10.20.0.0/24"
  ha_subnet = "10.20.1.0/24"
  transit_gw = "transit"
  tag_list = ["name:value", "name1:value1", "name2:value2"]
}
cloud_type Enter 1 for AWS cloud type. Transit VPC is supported only in AWS.
account_name Enter aviatrix cloud account name.
gw_name Enter Gateway name for spoke gateway.
vpc_id VPC ID for Spoke gateway.
vpc_reg Gateway region.
vpc_size Gateway size.
subnet VPC subnet where you want to deploy transit VPC GW.
enable_nat (Optional) Enter “yes” to enable NAT.
ha_subnet (Optional) VPC subnet for HA.
dns_server (Optional) IP address for reachable DNS server.
transit_gw (Optional) Transit Gateway name to join spoke Gateway with.
tag_list (Optional) List of tags with key/value pairs in string format.

Sample configuration to create complete transit VPC solution

# Sample Aviatrix terraform configuration to create complete transit VPC solution
# This configuration creates a cloud account on Aviatrix controller, launches transit VPC, creates VGW connection
# with transit VPC
# Launches a spoke GW, and attach with transit VPC.


# Edit to enter your controller's IP, username and password to login with.
provider "aviatrix" {
  controller_ip = "w.x.y.z"
  username = "admin"
  password = "Aviatrix123%23"
}

resource "aviatrix_account" "test_acc" {
  account_name = "devops"
  account_password = "Aviatrix123"
  account_email = "abc@xyz.com"
  cloud_type = 1
  aws_account_number = "123456789012"
  aws_iam = "true"
  aws_role_app = "arn:aws:iam::123456789012:role/aviatrix-role-app"
  aws_role_ec2 = "arn:aws:iam::123456789012:role/aviatrix-role-ec2"
}

# Create transit VPC
# Omit ha_subnet to launch transit VPC without HA.
# ha_subnet can be later added or deleted to enable/disable HA in transit VPC

resource "aviatrix_transit_vpc" "test_transit_gw" {
  cloud_type = 1
  account_name = "${aviatrix_account.test_acc.id}"
  gw_name = "transit"
  vpc_id = "vpc-abcd1234"
  vpc_reg = "us-east-1"
  vpc_size = "t2.micro"
  subnet = "10.20.0.0/24"
  ha_subnet = "10.20.1.0/24"
}

# Create VGW connection with transit VPC.
# Once this resource is created, VGW can be disconnected
# from transit GW by destroying this resource using command:
# terraform destroy --target aviatrix_vgw_conn.test_vgw_conn.

resource "aviatrix_vgw_conn" "test_vgw_conn" {
  conn_name = "my_conn"
  gw_name = "${aviatrix_transit_vpc.test_transit_gw.id}"
  vpc_id = "vpc-abcd1234"
  bgp_vgw_id = "vgw-abcd1234"
  bgp_local_as_num = "100"
}

# Launch a spoke VPC, and join with transit VPC.
# Omit ha_subnet to launch spoke VPC without HA.
# ha_subnet can be later added or deleted to enable/disable HA in spoke VPC
# Omit transit_gw to launch spoke VPC without attaching with transit GW.
# transit_gw can be later added or deleted to attach/detach from spoke VPC

resource "aviatrix_spoke_vpc" "test_spoke" {
  cloud_type = 1
  account_name = "${aviatrix_account.test_acc.id}"
  gw_name = "myspoke"
  vpc_id = "vpc-defg1234"
  vpc_reg = "us-east-1"
  vpc_size = "t2.micro"
  subnet = "10.21.0.0/24"
  ha_subnet = "10.21.1.0/24"
  transit_gw = "${aviatrix_transit_vpc.test_transit_gw.id}"
  depends_on = ["aviatrix_vgw_conn.test_vgw_conn"]
}