google_compute_vpn_tunnel resource
Syntax
A google_compute_vpn_tunnel
is used to test a Google VpnTunnel resource
Beta Resource
This resource has beta fields available. To retrieve these fields, include beta: true
in the constructor for the resource
Examples
describe google_compute_vpn_tunnel(project: 'chef-gcp-inspec', region: 'europe-west2', name: 'inspec-vpn-tunnel') do
it { should exist }
its('peer_ip') { should eq '15.0.0.120' }
end
describe google_compute_vpn_tunnel(project: 'chef-gcp-inspec', region: 'europe-west2', name: 'nonexistent') do
it { should_not exist }
end
Test that a GCP compute vpn_tunnel exists
describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn-tunnel') do
it { should exist }
end
Test when a GCP compute vpn_tunnel was created
describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn-tunnel') do
its('creation_timestamp_date') { should be > Time.now - 365*60*60*24*10 }
end
Test for an expected vpn_tunnel identifier
describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn-tunnel') do
its('id') { should eq 12345567789 }
end
Test that a vpn_tunnel peer address is as expected
describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn-tunnel') do
its('peer_ip') { should eq "123.123.123.123" }
end
Test that a vpn_tunnel status is as expected
describe google_compute_vpn_tunnel(project: 'chef-inspec-gcp', region: 'europe-west2', name: 'gcp-inspec-vpn_tunnel') do
its('status') { should eq "ESTABLISHED" }
end
Properties
Properties that can be accessed from the google_compute_vpn_tunnel
resource:
id
- The unique identifier for the resource. This identifier is defined by the server.
creation_timestamp
- Creation timestamp in RFC3339 text format.
name
- Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
[a-z]([-a-z0-9]*[a-z0-9])?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. description
- An optional description of this resource.
target_vpn_gateway
- URL of the Target VPN gateway with which this VPN tunnel is associated.
vpn_gateway
- (Beta only) URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created.
vpn_gateway_interface
- (Beta only) The interface ID of the VPN gateway with which this VPN tunnel is associated.
peer_external_gateway
- (Beta only) URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peer_external_gateway_interface
- (Beta only) The interface ID of the external VPN gateway to which this VPN tunnel is connected.
peer_gcp_gateway
- (Beta only) URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway.
router
- URL of router resource to be used for dynamic routing.
peer_ip
- IP address of the peer VPN gateway. Only IPv4 is supported.
shared_secret
- Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
shared_secret_hash
- Hash of the shared secret.
ike_version
- IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
local_traffic_selector
- Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example
192.168.0.0/16
. The ranges should be disjoint. Only IPv4 is supported. remote_traffic_selector
- Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example
192.168.0.0/16
. The ranges should be disjoint. Only IPv4 is supported. labels
- (Beta only) Labels to apply to this VpnTunnel.
label_fingerprint
- (Beta only) The fingerprint used for optimistic locking of this resource. Used internally during updates.
region
- The region where the tunnel is located.
GCP Permissions
Ensure the Compute Engine API is enabled for the current project.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/inspec/resources/google_compute_vpn_tunnel/