client-vpn

DNXLabs/client-vpn/aws

Terraform Module HCL AWS

This terraform module installs a client VPN.

Install

module "client-vpn" {

source = "DNXLabs/client-vpn/aws"

version = "0.12.1"

}

plain text: /constructs/tfmod-dnxlabs-client-vpn-aws/install.txt

⭐ Source on GitHub 📦 Registry page

README

terraform-aws-client-vpn ![Lint Status](https://github.com/DNXLabs/terraform-aws-client-vpn/actions) ![LICENSE](https://github.com/DNXLabs/terraform-aws-client-vpn/blob/master/LICENSE) This terraform module installs a client vpn. The following resources will be created: - VPN Endpoint - Provides an AWS Client VPN endpoint for OpenVPN clients. - Provides network associations for AWS Client VPN endpoints - Generate AWS Certificate Manager(ACM) certificates Requirements | Name | Version | |------|---------| | terraform | >= 0.12.0 | Providers | Name | Version | |------|---------| | aws | n/a | | tls | n/a | Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | active\_directory\_id | The ID of the Active Directory to be used for authent

Inputs (19)

Name	Type	Description	Default
name	string	Name prefix for the resources of this stack	required
subnet_ids	list(string)	Subnet ID to associate clients (each subnet passed will create an VPN associatio	required
cidr	string	Network CIDR to use for clients	required
vpc_id	string	VPC Id to create resources	required
logs_retention	number	Retention in days for CloudWatch Log Group	`365`
enable_self_service_portal	bool	Specify whether to enable the self-service portal for the Client VPN endpoint	`false`
allowed_access_groups	list(string)	List of Access group IDs to allow access. Leave empty to allow all groups	`[]`
organization_name	string	Name of organization to use in private certificate	`"ACME, Inc"`
client_connect_options	bool	Indicates whether client connect options are enabled	`false`
connection_authorization_lambda_function_arn	string	The Amazon Resource Name (ARN) of the Lambda function used for connection author	`null`
self_service_saml_provider_arn	string	(Optional) The ARN of the IAM SAML identity provider for portal if self portal i	`null`
security_group_id	string	Optional security group id to use instead of the default created	`""`
allowed_cidr_ranges	list(string)	List of CIDR ranges from which access is allowed	`[]`
dns_servers	list(string)	List of DNS Servers	`[]`
tags	map(string)	Extra tags to attach to resources	`{}`
authentication_type	string	The type of client authentication to be used. Specify certificate-authentication	`"certificate-authentication"`
authentication_saml_provider_arn	string	(Optional) The ARN of the IAM SAML identity provider if type is federated-authen	`null`
active_directory_id	string	The ID of the Active Directory to be used for authentication. If not provided, t	`null`
split_tunnel	bool	With split_tunnel false, all client traffic will go through the VPN.	`true`

Outputs (8)

vpn_client_key

vpn_server_cert

vpn_server_key

vpn_ca_cert

vpn_ca_key

security_group_id

vpn_endpoint_id

vpn_client_cert

Resources (13)

aws_acm_certificateaws_cloudwatch_log_groupaws_cloudwatch_log_streamaws_ec2_client_vpn_authorization_ruleaws_ec2_client_vpn_endpointaws_ec2_client_vpn_network_associationaws_ec2_client_vpn_routeaws_security_groupaws_security_group_ruletls_cert_requesttls_locally_signed_certtls_private_keytls_self_signed_cert

Details

FrameworkTerraform Module

LanguageHCL

Version0.12.1

Cloud AWS

★ Stars50

Forks56

Total downloads33.6k

Inputs19

Outputs8

Resources13

LicenseApache-2.0

NamespaceDNXLabs

Updated

Tools

⚖ Compare with another construct → 📋 View data schema