Azure ExpressRoute

This module creates an Azure ExpressRoute Circuit. When your Azure ExpressRoute Circuit is provisionned, you can create an Azure ExpressRoute Circuit Peering. If you configure a Private Peering Circuit, you can deploy an Azure Virtual Network Gateway.

Global versioning rule for Claranet Azure modules

Module version	Terraform version	OpenTofu version	AzureRM version
>= 8.x.x	Unverified	1.8.x	>= 4.0
>= 7.x.x	1.3.x		>= 3.0
>= 6.x.x	1.x		>= 3.0
>= 5.x.x	0.15.x		>= 2.0
>= 4.x.x	0.13.x / 0.14.x		>= 2.0
>= 3.x.x	0.12.x		>= 2.0
>= 2.x.x	0.12.x		< 2.0
< 2.x.x	0.11.x		< 2.0

Contributing

If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.

More details are available in the CONTRIBUTING.md file.

Usage

This module is optimized to work with the Claranet terraform-wrapper tool which set some terraform variables in the environment needed by this module. More details about variables set by the terraform-wrapper available in the documentation.

⚠️ Since modules version v8.0.0, we do not maintain/check anymore the compatibility with Hashicorp Terraform. Instead, we recommend to use OpenTofu.

module "express_route" {
  source  = "claranet/expressroute/azurerm"
  version = "x.x.x"

  environment    = var.environment
  location       = module.azure_region.location
  location_short = module.azure_region.location_short
  client_name    = var.client_name
  stack          = var.stack

  resource_group_name = module.rg.name

  logs_destinations_ids = [
    module.logs.id
  ]

  service_provider_name = "Equinix"
  peering_location      = "London"
  bandwidth_in_mbps     = 50

  virtual_network_name = module.azure_virtual_network.name
  subnet_cidrs         = ["10.10.0.0/27"]

  # Enable when the ExpressRoute Circuit status is provisioned
  circuit_peering_enabled = false
  circuit_peerings = [
    {
      peering_type                  = "AzurePrivatePeering"
      primary_peer_address_prefix   = "169.254.0.0/30"
      secondary_peer_address_prefix = "169.254.0.4/30"
      peer_asn                      = 25419
      vlan_id                       = 100
    }
  ]
}

Providers

Name	Version
azurecaf	~> 1.2, ~> 1.2.28
azurerm	~> 4.11

Modules

Name	Source	Version
diagnostic_settings	claranet/diagnostic-settings/azurerm	~> 8.0.0
subnet	claranet/subnet/azurerm	~> 8.0.1

Resources

Name	Type
azurerm_express_route_circuit.main	resource
azurerm_express_route_circuit_peering.main	resource
azurerm_public_ip.main	resource
azurerm_virtual_network_gateway.main	resource
azurerm_virtual_network_gateway_connection.main	resource
azurecaf_name.erc	data source
azurecaf_name.ergw	data source
azurecaf_name.ergw_connection	data source
azurecaf_name.ergw_ipconfig	data source
azurecaf_name.pub_ip	data source

Inputs

Name	Description	Type	Default	Required
active_active_enabled	Enable or disable an active-active Virtual Network Gateway. (Require a HighPerformance or an UltraPerformance SKU.)	bool	false	no
bandwidth_in_mbps	The Circuit bandwidth in Mbps.	number	n/a	yes
circuit_authorization_key	The authorization key to use for the ExpressRoute Circuit.	string	null	no
circuit_connected	Whether the ExpressRoute Circuit is connected or not.	bool	true	no
circuit_custom_name	Custom ExpressRoute Circuit resource name.	string	null	no
circuit_enabled	Whether to create the ExpressRoute Circuit or not.	bool	true	no
circuit_extra_tags	Extra tags to add for ExpressRoute Circuit resource.	map(string)	{}	no
circuit_id	ExpressRoute Circuit ID if not managed by this module.	string	null	no
circuit_peering_enabled	Enable or disable Express Route Circuit Peering configuration. (Should be disabled during circuit provisioning. When the ExpressRoute circuit status is 'Provisioned', enable it.)	bool	n/a	yes
circuit_peerings	Configuration block of Private, Public and Microsoft ExpressRoute Circuit Peerings.	list(object({ peering_type = string primary_peer_address_prefix = string secondary_peer_address_prefix = string peer_asn = number vlan_id = number shared_key = optional(string) route_filter_id = optional(string) microsoft_peering_config = optional(object({ advertised_public_prefixes = list(string) customer_asn = optional(number) routing_registry_name = optional(string) })) }))	n/a	yes
client_name	Name of client.	string	n/a	yes
connection_custom_name	Custom ExpressRoute Gateway Connection resource name.	string	null	no
connection_extra_tags	Extra tags to add for ExpressRoute Gateway Connection resource.	map(string)	{}	no
connection_route_weight	The routing weight of the ExpressRoute Gateway connection.	number	10	no
custom_diagnostic_settings_name	Custom name of the diagnostics settings, name will be 'default' if not set.	string	"default"	no
default_tags_enabled	Option to enable or disable default tags.	bool	true	no
environment	Name of application's environment.	string	n/a	yes
express_route_sku	ExpressRoute SKU. Possible values are here.	object({ tier = string, family = string })	{ "family": "MeteredData", "tier": "Standard" }	no
extra_tags	Extra tags to add.	map(string)	{}	no
gateway_custom_name	Custom ExpressRoute Gateway resource name.	string	null	no
gateway_enabled	Enable or disable creation of the Virtual Network Gateway.	bool	true	no
gateway_extra_tags	Extra tags to add for Virtual Network Gateway resource.	map(string)	{}	no
gateway_ipconfig_custom_name	Custom ExpressRoute Gateway IP config name.	string	null	no
gateway_sku	SKU of the Virtual Network Gateway resource. Possible values are here.	string	"Standard"	no
location	Azure location.	string	n/a	yes
location_short	Short string for Azure location.	string	n/a	yes
logs_categories	Log categories to send to destinations.	list(string)	null	no
logs_destinations_ids	List of destination resources IDs for logs diagnostic destination. Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set. If you want to use Azure EventHub as a destination, you must provide a formatted string containing both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the | character.	list(string)	n/a	yes
logs_metrics_categories	Metrics categories to send to destinations.	list(string)	null	no
name_prefix	Optional prefix for the generated name.	string	""	no
name_suffix	Optional suffix for the generated name.	string	""	no
peering_location	The name of the peering location.	string	n/a	yes
public_ip_allocation_method	Defines the allocation method for this IP address. Possible values are Static or Dynamic.	string	"Static"	no
public_ip_custom_name	Custom public IP resource name.	string	null	no
public_ip_extra_tags	Extra tags to add for public IP resource.	map(string)	{}	no
public_ip_zones	List of availability zone for the public IP resource.	list(number)	[ 1, 2, 3 ]	no
remote_vnet_traffic_enabled	Whether to allow remote VNet traffic flow through the ExpressRoute Gateway.	bool	false	no
resource_group_name	Name of the application's resource group.	string	n/a	yes
service_provider_name	The name of the ExpressRoute Service Provider.	string	n/a	yes
stack	Name of application's stack.	string	n/a	yes
subnet_cidrs	The address prefix list to use for the subnet.	list(string)	null	no
subnet_default_outbound_access_enabled	Whether to allow default outbound traffic from the subnet.	bool	false	no
subnet_id	ID of an existing subnet gateway.	string	null	no
virtual_network_name	Virtual network name.	string	n/a	yes
virtual_wan_traffic_enabled	Whether to allow Virtual WAN traffic flow through the ExpressRoute Gateway.	bool	false	no

Outputs

Name	Description
circuit_id	The ID of the ExpressRoute Circuit.
circuit_name	Name of the ExpressRoute Circuit.
circuit_service_key	The string needed by the service provider to provision the ExpressRoute Circuit.
circuit_service_provider_provisioning_state	The ExpressRoute Circuit provisioning state from your chosen service provider.
gateway_id	ID of the ExpressRoute Gateway.
module_diagnostic_settings	Diagnostic settings module output.
module_subnet	Subnet module output.
peering_azure_asn	ASN (Autonomous System Number) used by Azure for BGP Peering.
resource	ExpressRoute Gateway resource object.
resource_circuit	ExpressRoute Circuit resource object.
resource_circuit_peering	ExpressRoute Circuit Peering resource object.
resource_gateway_connection	ExpressRoute Gateway Connection resource object.
resource_public_ip	Public IP resource object.
subnet_id	ID of the Gateway Subnet.

Related documentation

Microsoft Azure documentation : docs.microsoft.com/fr-fr/azure/expressroute/