1. Packages
  2. Aviatrix
  3. API Docs
  4. AviatrixTransitGateway
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

aviatrix.AviatrixTransitGateway

Explore with Pulumi AI

aviatrix logo
Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

    Import

    transit_gateway can be imported using the gw_name, e.g.

     $ pulumi import aviatrix:index/aviatrixTransitGateway:AviatrixTransitGateway test gw_name
    

    Create AviatrixTransitGateway Resource

    new AviatrixTransitGateway(name: string, args: AviatrixTransitGatewayArgs, opts?: CustomResourceOptions);
    @overload
    def AviatrixTransitGateway(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               account_name: Optional[str] = None,
                               allocate_new_eip: Optional[bool] = None,
                               approved_learned_cidrs: Optional[Sequence[str]] = None,
                               availability_domain: Optional[str] = None,
                               azure_eip_name_resource_group: Optional[str] = None,
                               bgp_ecmp: Optional[bool] = None,
                               bgp_hold_time: Optional[int] = None,
                               bgp_lan_interfaces: Optional[Sequence[AviatrixTransitGatewayBgpLanInterfaceArgs]] = None,
                               bgp_lan_interfaces_count: Optional[int] = None,
                               bgp_manual_spoke_advertise_cidrs: Optional[str] = None,
                               bgp_polling_time: Optional[str] = None,
                               cloud_type: Optional[int] = None,
                               connected_transit: Optional[bool] = None,
                               customer_managed_keys: Optional[str] = None,
                               customized_spoke_vpc_routes: Optional[str] = None,
                               customized_transit_vpc_routes: Optional[Sequence[str]] = None,
                               eip: Optional[str] = None,
                               enable_active_standby: Optional[bool] = None,
                               enable_active_standby_preemptive: Optional[bool] = None,
                               enable_advertise_transit_cidr: Optional[bool] = None,
                               enable_bgp_over_lan: Optional[bool] = None,
                               enable_egress_transit_firenet: Optional[bool] = None,
                               enable_encrypt_volume: Optional[bool] = None,
                               enable_firenet: Optional[bool] = None,
                               enable_gateway_load_balancer: Optional[bool] = None,
                               enable_hybrid_connection: Optional[bool] = None,
                               enable_jumbo_frame: Optional[bool] = None,
                               enable_learned_cidrs_approval: Optional[bool] = None,
                               enable_monitor_gateway_subnets: Optional[bool] = None,
                               enable_multi_tier_transit: Optional[bool] = None,
                               enable_preserve_as_path: Optional[bool] = None,
                               enable_private_oob: Optional[bool] = None,
                               enable_s2c_rx_balancing: Optional[bool] = None,
                               enable_segmentation: Optional[bool] = None,
                               enable_spot_instance: Optional[bool] = None,
                               enable_transit_firenet: Optional[bool] = None,
                               enable_transit_summarize_cidr_to_tgw: Optional[bool] = None,
                               enable_vpc_dns_server: Optional[bool] = None,
                               excluded_advertised_spoke_routes: Optional[str] = None,
                               fault_domain: Optional[str] = None,
                               filtered_spoke_vpc_routes: Optional[str] = None,
                               gw_name: Optional[str] = None,
                               gw_size: Optional[str] = None,
                               ha_availability_domain: Optional[str] = None,
                               ha_azure_eip_name_resource_group: Optional[str] = None,
                               ha_bgp_lan_interfaces: Optional[Sequence[AviatrixTransitGatewayHaBgpLanInterfaceArgs]] = None,
                               ha_eip: Optional[str] = None,
                               ha_fault_domain: Optional[str] = None,
                               ha_gw_size: Optional[str] = None,
                               ha_image_version: Optional[str] = None,
                               ha_insane_mode_az: Optional[str] = None,
                               ha_oob_availability_zone: Optional[str] = None,
                               ha_oob_management_subnet: Optional[str] = None,
                               ha_private_mode_subnet_zone: Optional[str] = None,
                               ha_software_version: Optional[str] = None,
                               ha_subnet: Optional[str] = None,
                               ha_zone: Optional[str] = None,
                               image_version: Optional[str] = None,
                               insane_mode: Optional[bool] = None,
                               insane_mode_az: Optional[str] = None,
                               lan_private_subnet: Optional[str] = None,
                               lan_vpc_id: Optional[str] = None,
                               learned_cidrs_approval_mode: Optional[str] = None,
                               local_as_number: Optional[str] = None,
                               monitor_exclude_lists: Optional[Sequence[str]] = None,
                               oob_availability_zone: Optional[str] = None,
                               oob_management_subnet: Optional[str] = None,
                               prepend_as_paths: Optional[Sequence[str]] = None,
                               private_mode_lb_vpc_id: Optional[str] = None,
                               private_mode_subnet_zone: Optional[str] = None,
                               rx_queue_size: Optional[str] = None,
                               single_az_ha: Optional[bool] = None,
                               single_ip_snat: Optional[bool] = None,
                               software_version: Optional[str] = None,
                               spot_price: Optional[str] = None,
                               subnet: Optional[str] = None,
                               tag_lists: Optional[Sequence[str]] = None,
                               tags: Optional[Mapping[str, str]] = None,
                               tunnel_detection_time: Optional[int] = None,
                               vpc_id: Optional[str] = None,
                               vpc_reg: Optional[str] = None,
                               zone: Optional[str] = None)
    @overload
    def AviatrixTransitGateway(resource_name: str,
                               args: AviatrixTransitGatewayArgs,
                               opts: Optional[ResourceOptions] = None)
    func NewAviatrixTransitGateway(ctx *Context, name string, args AviatrixTransitGatewayArgs, opts ...ResourceOption) (*AviatrixTransitGateway, error)
    public AviatrixTransitGateway(string name, AviatrixTransitGatewayArgs args, CustomResourceOptions? opts = null)
    public AviatrixTransitGateway(String name, AviatrixTransitGatewayArgs args)
    public AviatrixTransitGateway(String name, AviatrixTransitGatewayArgs args, CustomResourceOptions options)
    
    type: aviatrix:AviatrixTransitGateway
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AviatrixTransitGatewayArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AviatrixTransitGatewayArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AviatrixTransitGatewayArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AviatrixTransitGatewayArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AviatrixTransitGatewayArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AviatrixTransitGateway Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AviatrixTransitGateway resource accepts the following input properties:

    AccountName string
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    CloudType int
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    GwName string
    Name of the gateway which is going to be created.
    GwSize string
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    Subnet string
    A VPC Network address range selected from one of the available network ranges.
    VpcId string
    VPC-ID/VNet-Name of cloud provider.
    VpcReg string
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    AllocateNewEip bool
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    ApprovedLearnedCidrs List<string>
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    AvailabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    AzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    BgpEcmp bool
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    BgpHoldTime int
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    BgpLanInterfaces List<AviatrixTransitGatewayBgpLanInterface>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    BgpLanInterfacesCount int
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    BgpManualSpokeAdvertiseCidrs string
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    BgpPollingTime string
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    ConnectedTransit bool
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    CustomerManagedKeys string
    Customer managed key ID.
    CustomizedSpokeVpcRoutes string
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    CustomizedTransitVpcRoutes List<string>
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    Eip string
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    EnableActiveStandby bool
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    EnableActiveStandbyPreemptive bool
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    EnableAdvertiseTransitCidr bool
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    EnableBgpOverLan bool
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    EnableEgressTransitFirenet bool
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    EnableEncryptVolume bool
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    EnableFirenet bool
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    EnableGatewayLoadBalancer bool
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    EnableHybridConnection bool
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    EnableJumboFrame bool
    Enable jumbo frames for this transit gateway. Default value is true.
    EnableLearnedCidrsApproval bool
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    EnableMonitorGatewaySubnets bool
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    EnableMultiTierTransit bool
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    EnablePreserveAsPath bool
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    EnablePrivateOob bool
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    EnableS2cRxBalancing bool
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    EnableSegmentation bool
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    EnableSpotInstance bool
    Enable spot instance. NOT supported for production deployment.
    EnableTransitFirenet bool
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    EnableTransitSummarizeCidrToTgw bool
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    EnableVpcDnsServer bool
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    ExcludedAdvertisedSpokeRoutes string
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    FaultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    FilteredSpokeVpcRoutes string
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    HaAvailabilityDomain string
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    HaAzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    HaBgpLanInterfaces List<AviatrixTransitGatewayHaBgpLanInterface>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    HaEip string
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    HaFaultDomain string
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    HaGwSize string
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    HaImageVersion string
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    HaInsaneModeAz string
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    HaOobAvailabilityZone string
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    HaOobManagementSubnet string
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    HaPrivateModeSubnetZone string
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    HaSoftwareVersion string
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    HaSubnet string
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    HaZone string
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    ImageVersion string
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    InsaneMode bool
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    InsaneModeAz string
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    LanPrivateSubnet string
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    LanVpcId string
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    LearnedCidrsApprovalMode string
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    LocalAsNumber string
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    MonitorExcludeLists List<string>
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    OobAvailabilityZone string
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    OobManagementSubnet string
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    PrependAsPaths List<string>
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    PrivateModeLbVpcId string
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    PrivateModeSubnetZone string
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    RxQueueSize string
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    SingleAzHa bool
    Set to true if this feature is desired. Valid values: true, false.
    SingleIpSnat bool
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    SoftwareVersion string
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    SpotPrice string
    Price for spot instance. NOT supported for production deployment.
    TagLists List<string>
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    Tags Dictionary<string, string>
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    TunnelDetectionTime int
    The IPSec tunnel down detection time for the transit gateway.
    Zone string
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    AccountName string
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    CloudType int
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    GwName string
    Name of the gateway which is going to be created.
    GwSize string
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    Subnet string
    A VPC Network address range selected from one of the available network ranges.
    VpcId string
    VPC-ID/VNet-Name of cloud provider.
    VpcReg string
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    AllocateNewEip bool
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    ApprovedLearnedCidrs []string
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    AvailabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    AzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    BgpEcmp bool
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    BgpHoldTime int
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    BgpLanInterfaces []AviatrixTransitGatewayBgpLanInterfaceArgs
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    BgpLanInterfacesCount int
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    BgpManualSpokeAdvertiseCidrs string
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    BgpPollingTime string
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    ConnectedTransit bool
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    CustomerManagedKeys string
    Customer managed key ID.
    CustomizedSpokeVpcRoutes string
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    CustomizedTransitVpcRoutes []string
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    Eip string
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    EnableActiveStandby bool
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    EnableActiveStandbyPreemptive bool
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    EnableAdvertiseTransitCidr bool
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    EnableBgpOverLan bool
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    EnableEgressTransitFirenet bool
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    EnableEncryptVolume bool
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    EnableFirenet bool
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    EnableGatewayLoadBalancer bool
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    EnableHybridConnection bool
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    EnableJumboFrame bool
    Enable jumbo frames for this transit gateway. Default value is true.
    EnableLearnedCidrsApproval bool
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    EnableMonitorGatewaySubnets bool
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    EnableMultiTierTransit bool
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    EnablePreserveAsPath bool
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    EnablePrivateOob bool
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    EnableS2cRxBalancing bool
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    EnableSegmentation bool
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    EnableSpotInstance bool
    Enable spot instance. NOT supported for production deployment.
    EnableTransitFirenet bool
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    EnableTransitSummarizeCidrToTgw bool
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    EnableVpcDnsServer bool
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    ExcludedAdvertisedSpokeRoutes string
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    FaultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    FilteredSpokeVpcRoutes string
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    HaAvailabilityDomain string
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    HaAzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    HaBgpLanInterfaces []AviatrixTransitGatewayHaBgpLanInterfaceArgs
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    HaEip string
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    HaFaultDomain string
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    HaGwSize string
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    HaImageVersion string
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    HaInsaneModeAz string
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    HaOobAvailabilityZone string
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    HaOobManagementSubnet string
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    HaPrivateModeSubnetZone string
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    HaSoftwareVersion string
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    HaSubnet string
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    HaZone string
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    ImageVersion string
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    InsaneMode bool
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    InsaneModeAz string
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    LanPrivateSubnet string
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    LanVpcId string
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    LearnedCidrsApprovalMode string
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    LocalAsNumber string
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    MonitorExcludeLists []string
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    OobAvailabilityZone string
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    OobManagementSubnet string
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    PrependAsPaths []string
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    PrivateModeLbVpcId string
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    PrivateModeSubnetZone string
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    RxQueueSize string
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    SingleAzHa bool
    Set to true if this feature is desired. Valid values: true, false.
    SingleIpSnat bool
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    SoftwareVersion string
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    SpotPrice string
    Price for spot instance. NOT supported for production deployment.
    TagLists []string
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    Tags map[string]string
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    TunnelDetectionTime int
    The IPSec tunnel down detection time for the transit gateway.
    Zone string
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    accountName String
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    cloudType Integer
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    gwName String
    Name of the gateway which is going to be created.
    gwSize String
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    subnet String
    A VPC Network address range selected from one of the available network ranges.
    vpcId String
    VPC-ID/VNet-Name of cloud provider.
    vpcReg String
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    allocateNewEip Boolean
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    approvedLearnedCidrs List<String>
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    availabilityDomain String
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    azureEipNameResourceGroup String
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    bgpEcmp Boolean
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    bgpHoldTime Integer
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    bgpLanInterfaces List<AviatrixTransitGatewayBgpLanInterface>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    bgpLanInterfacesCount Integer
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    bgpManualSpokeAdvertiseCidrs String
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    bgpPollingTime String
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    connectedTransit Boolean
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    customerManagedKeys String
    Customer managed key ID.
    customizedSpokeVpcRoutes String
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    customizedTransitVpcRoutes List<String>
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    eip String
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    enableActiveStandby Boolean
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    enableActiveStandbyPreemptive Boolean
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    enableAdvertiseTransitCidr Boolean
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    enableBgpOverLan Boolean
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableEgressTransitFirenet Boolean
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    enableEncryptVolume Boolean
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableFirenet Boolean
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    enableGatewayLoadBalancer Boolean
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableHybridConnection Boolean
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    enableJumboFrame Boolean
    Enable jumbo frames for this transit gateway. Default value is true.
    enableLearnedCidrsApproval Boolean
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    enableMonitorGatewaySubnets Boolean
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    enableMultiTierTransit Boolean
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    enablePreserveAsPath Boolean
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    enablePrivateOob Boolean
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableS2cRxBalancing Boolean
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    enableSegmentation Boolean
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    enableSpotInstance Boolean
    Enable spot instance. NOT supported for production deployment.
    enableTransitFirenet Boolean
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    enableTransitSummarizeCidrToTgw Boolean
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    enableVpcDnsServer Boolean
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    excludedAdvertisedSpokeRoutes String
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    faultDomain String
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    filteredSpokeVpcRoutes String
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    haAvailabilityDomain String
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haAzureEipNameResourceGroup String
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    haBgpLanInterfaces List<AviatrixTransitGatewayHaBgpLanInterface>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    haEip String
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    haFaultDomain String
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haGwSize String
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    haImageVersion String
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    haInsaneModeAz String
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    haOobAvailabilityZone String
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    haOobManagementSubnet String
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    haPrivateModeSubnetZone String
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    haSoftwareVersion String
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    haSubnet String
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    haZone String
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    imageVersion String
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    insaneMode Boolean
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    insaneModeAz String
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    lanPrivateSubnet String
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    lanVpcId String
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    learnedCidrsApprovalMode String
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    localAsNumber String
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    monitorExcludeLists List<String>
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    oobAvailabilityZone String
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    oobManagementSubnet String
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    prependAsPaths List<String>
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    privateModeLbVpcId String
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    privateModeSubnetZone String
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    rxQueueSize String
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    singleAzHa Boolean
    Set to true if this feature is desired. Valid values: true, false.
    singleIpSnat Boolean
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    softwareVersion String
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    spotPrice String
    Price for spot instance. NOT supported for production deployment.
    tagLists List<String>
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    tags Map<String,String>
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    tunnelDetectionTime Integer
    The IPSec tunnel down detection time for the transit gateway.
    zone String
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    accountName string
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    cloudType number
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    gwName string
    Name of the gateway which is going to be created.
    gwSize string
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    subnet string
    A VPC Network address range selected from one of the available network ranges.
    vpcId string
    VPC-ID/VNet-Name of cloud provider.
    vpcReg string
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    allocateNewEip boolean
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    approvedLearnedCidrs string[]
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    availabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    azureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    bgpEcmp boolean
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    bgpHoldTime number
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    bgpLanInterfaces AviatrixTransitGatewayBgpLanInterface[]
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    bgpLanInterfacesCount number
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    bgpManualSpokeAdvertiseCidrs string
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    bgpPollingTime string
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    connectedTransit boolean
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    customerManagedKeys string
    Customer managed key ID.
    customizedSpokeVpcRoutes string
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    customizedTransitVpcRoutes string[]
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    eip string
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    enableActiveStandby boolean
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    enableActiveStandbyPreemptive boolean
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    enableAdvertiseTransitCidr boolean
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    enableBgpOverLan boolean
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableEgressTransitFirenet boolean
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    enableEncryptVolume boolean
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableFirenet boolean
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    enableGatewayLoadBalancer boolean
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableHybridConnection boolean
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    enableJumboFrame boolean
    Enable jumbo frames for this transit gateway. Default value is true.
    enableLearnedCidrsApproval boolean
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    enableMonitorGatewaySubnets boolean
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    enableMultiTierTransit boolean
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    enablePreserveAsPath boolean
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    enablePrivateOob boolean
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableS2cRxBalancing boolean
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    enableSegmentation boolean
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    enableSpotInstance boolean
    Enable spot instance. NOT supported for production deployment.
    enableTransitFirenet boolean
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    enableTransitSummarizeCidrToTgw boolean
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    enableVpcDnsServer boolean
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    excludedAdvertisedSpokeRoutes string
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    faultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    filteredSpokeVpcRoutes string
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    haAvailabilityDomain string
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haAzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    haBgpLanInterfaces AviatrixTransitGatewayHaBgpLanInterface[]
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    haEip string
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    haFaultDomain string
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haGwSize string
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    haImageVersion string
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    haInsaneModeAz string
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    haOobAvailabilityZone string
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    haOobManagementSubnet string
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    haPrivateModeSubnetZone string
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    haSoftwareVersion string
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    haSubnet string
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    haZone string
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    imageVersion string
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    insaneMode boolean
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    insaneModeAz string
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    lanPrivateSubnet string
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    lanVpcId string
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    learnedCidrsApprovalMode string
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    localAsNumber string
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    monitorExcludeLists string[]
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    oobAvailabilityZone string
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    oobManagementSubnet string
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    prependAsPaths string[]
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    privateModeLbVpcId string
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    privateModeSubnetZone string
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    rxQueueSize string
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    singleAzHa boolean
    Set to true if this feature is desired. Valid values: true, false.
    singleIpSnat boolean
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    softwareVersion string
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    spotPrice string
    Price for spot instance. NOT supported for production deployment.
    tagLists string[]
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    tags {[key: string]: string}
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    tunnelDetectionTime number
    The IPSec tunnel down detection time for the transit gateway.
    zone string
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    account_name str
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    cloud_type int
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    gw_name str
    Name of the gateway which is going to be created.
    gw_size str
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    subnet str
    A VPC Network address range selected from one of the available network ranges.
    vpc_id str
    VPC-ID/VNet-Name of cloud provider.
    vpc_reg str
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    allocate_new_eip bool
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    approved_learned_cidrs Sequence[str]
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    availability_domain str
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    azure_eip_name_resource_group str
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    bgp_ecmp bool
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    bgp_hold_time int
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    bgp_lan_interfaces Sequence[AviatrixTransitGatewayBgpLanInterfaceArgs]
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    bgp_lan_interfaces_count int
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    bgp_manual_spoke_advertise_cidrs str
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    bgp_polling_time str
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    connected_transit bool
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    customer_managed_keys str
    Customer managed key ID.
    customized_spoke_vpc_routes str
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    customized_transit_vpc_routes Sequence[str]
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    eip str
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    enable_active_standby bool
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    enable_active_standby_preemptive bool
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    enable_advertise_transit_cidr bool
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    enable_bgp_over_lan bool
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enable_egress_transit_firenet bool
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    enable_encrypt_volume bool
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enable_firenet bool
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    enable_gateway_load_balancer bool
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enable_hybrid_connection bool
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    enable_jumbo_frame bool
    Enable jumbo frames for this transit gateway. Default value is true.
    enable_learned_cidrs_approval bool
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    enable_monitor_gateway_subnets bool
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    enable_multi_tier_transit bool
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    enable_preserve_as_path bool
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    enable_private_oob bool
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enable_s2c_rx_balancing bool
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    enable_segmentation bool
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    enable_spot_instance bool
    Enable spot instance. NOT supported for production deployment.
    enable_transit_firenet bool
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    enable_transit_summarize_cidr_to_tgw bool
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    enable_vpc_dns_server bool
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    excluded_advertised_spoke_routes str
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    fault_domain str
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    filtered_spoke_vpc_routes str
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    ha_availability_domain str
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    ha_azure_eip_name_resource_group str
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    ha_bgp_lan_interfaces Sequence[AviatrixTransitGatewayHaBgpLanInterfaceArgs]
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    ha_eip str
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    ha_fault_domain str
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    ha_gw_size str
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    ha_image_version str
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    ha_insane_mode_az str
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    ha_oob_availability_zone str
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    ha_oob_management_subnet str
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    ha_private_mode_subnet_zone str
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    ha_software_version str
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    ha_subnet str
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    ha_zone str
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    image_version str
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    insane_mode bool
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    insane_mode_az str
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    lan_private_subnet str
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    lan_vpc_id str
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    learned_cidrs_approval_mode str
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    local_as_number str
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    monitor_exclude_lists Sequence[str]
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    oob_availability_zone str
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    oob_management_subnet str
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    prepend_as_paths Sequence[str]
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    private_mode_lb_vpc_id str
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    private_mode_subnet_zone str
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    rx_queue_size str
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    single_az_ha bool
    Set to true if this feature is desired. Valid values: true, false.
    single_ip_snat bool
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    software_version str
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    spot_price str
    Price for spot instance. NOT supported for production deployment.
    tag_lists Sequence[str]
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    tags Mapping[str, str]
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    tunnel_detection_time int
    The IPSec tunnel down detection time for the transit gateway.
    zone str
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    accountName String
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    cloudType Number
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    gwName String
    Name of the gateway which is going to be created.
    gwSize String
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    subnet String
    A VPC Network address range selected from one of the available network ranges.
    vpcId String
    VPC-ID/VNet-Name of cloud provider.
    vpcReg String
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    allocateNewEip Boolean
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    approvedLearnedCidrs List<String>
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    availabilityDomain String
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    azureEipNameResourceGroup String
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    bgpEcmp Boolean
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    bgpHoldTime Number
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    bgpLanInterfaces List<Property Map>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    bgpLanInterfacesCount Number
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    bgpManualSpokeAdvertiseCidrs String
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    bgpPollingTime String
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    connectedTransit Boolean
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    customerManagedKeys String
    Customer managed key ID.
    customizedSpokeVpcRoutes String
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    customizedTransitVpcRoutes List<String>
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    eip String
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    enableActiveStandby Boolean
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    enableActiveStandbyPreemptive Boolean
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    enableAdvertiseTransitCidr Boolean
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    enableBgpOverLan Boolean
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableEgressTransitFirenet Boolean
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    enableEncryptVolume Boolean
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableFirenet Boolean
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    enableGatewayLoadBalancer Boolean
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableHybridConnection Boolean
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    enableJumboFrame Boolean
    Enable jumbo frames for this transit gateway. Default value is true.
    enableLearnedCidrsApproval Boolean
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    enableMonitorGatewaySubnets Boolean
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    enableMultiTierTransit Boolean
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    enablePreserveAsPath Boolean
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    enablePrivateOob Boolean
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableS2cRxBalancing Boolean
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    enableSegmentation Boolean
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    enableSpotInstance Boolean
    Enable spot instance. NOT supported for production deployment.
    enableTransitFirenet Boolean
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    enableTransitSummarizeCidrToTgw Boolean
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    enableVpcDnsServer Boolean
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    excludedAdvertisedSpokeRoutes String
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    faultDomain String
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    filteredSpokeVpcRoutes String
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    haAvailabilityDomain String
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haAzureEipNameResourceGroup String
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    haBgpLanInterfaces List<Property Map>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    haEip String
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    haFaultDomain String
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haGwSize String
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    haImageVersion String
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    haInsaneModeAz String
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    haOobAvailabilityZone String
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    haOobManagementSubnet String
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    haPrivateModeSubnetZone String
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    haSoftwareVersion String
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    haSubnet String
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    haZone String
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    imageVersion String
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    insaneMode Boolean
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    insaneModeAz String
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    lanPrivateSubnet String
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    lanVpcId String
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    learnedCidrsApprovalMode String
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    localAsNumber String
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    monitorExcludeLists List<String>
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    oobAvailabilityZone String
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    oobManagementSubnet String
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    prependAsPaths List<String>
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    privateModeLbVpcId String
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    privateModeSubnetZone String
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    rxQueueSize String
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    singleAzHa Boolean
    Set to true if this feature is desired. Valid values: true, false.
    singleIpSnat Boolean
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    softwareVersion String
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    spotPrice String
    Price for spot instance. NOT supported for production deployment.
    tagLists List<String>
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    tags Map<String>
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    tunnelDetectionTime Number
    The IPSec tunnel down detection time for the transit gateway.
    zone String
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AviatrixTransitGateway resource produces the following output properties:

    BgpLanIpLists List<string>
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    CloudInstanceId string
    Cloud instance ID of the transit gateway.
    HaBgpLanIpLists List<string>
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    HaCloudInstanceId string
    Cloud instance ID of the HA transit gateway.
    HaGwName string
    Aviatrix transit gateway unique name of HA transit gateway.
    HaLanInterfaceCidr string
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    HaPrivateIp string
    Private IP address of the HA transit gateway created.
    HaPublicIp string
    Public IP address of the HA Transit Gateway.
    HaSecurityGroupId string
    HA security group used for the transit gateway.
    Id string
    The provider-assigned unique ID for this managed resource.
    LanInterfaceCidr string
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    PrivateIp string
    Private IP address of the transit gateway created.
    PublicIp string
    Public IP address of the Transit Gateway created.
    SecurityGroupId string
    Security group used for the transit gateway.
    BgpLanIpLists []string
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    CloudInstanceId string
    Cloud instance ID of the transit gateway.
    HaBgpLanIpLists []string
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    HaCloudInstanceId string
    Cloud instance ID of the HA transit gateway.
    HaGwName string
    Aviatrix transit gateway unique name of HA transit gateway.
    HaLanInterfaceCidr string
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    HaPrivateIp string
    Private IP address of the HA transit gateway created.
    HaPublicIp string
    Public IP address of the HA Transit Gateway.
    HaSecurityGroupId string
    HA security group used for the transit gateway.
    Id string
    The provider-assigned unique ID for this managed resource.
    LanInterfaceCidr string
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    PrivateIp string
    Private IP address of the transit gateway created.
    PublicIp string
    Public IP address of the Transit Gateway created.
    SecurityGroupId string
    Security group used for the transit gateway.
    bgpLanIpLists List<String>
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    cloudInstanceId String
    Cloud instance ID of the transit gateway.
    haBgpLanIpLists List<String>
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    haCloudInstanceId String
    Cloud instance ID of the HA transit gateway.
    haGwName String
    Aviatrix transit gateway unique name of HA transit gateway.
    haLanInterfaceCidr String
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    haPrivateIp String
    Private IP address of the HA transit gateway created.
    haPublicIp String
    Public IP address of the HA Transit Gateway.
    haSecurityGroupId String
    HA security group used for the transit gateway.
    id String
    The provider-assigned unique ID for this managed resource.
    lanInterfaceCidr String
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    privateIp String
    Private IP address of the transit gateway created.
    publicIp String
    Public IP address of the Transit Gateway created.
    securityGroupId String
    Security group used for the transit gateway.
    bgpLanIpLists string[]
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    cloudInstanceId string
    Cloud instance ID of the transit gateway.
    haBgpLanIpLists string[]
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    haCloudInstanceId string
    Cloud instance ID of the HA transit gateway.
    haGwName string
    Aviatrix transit gateway unique name of HA transit gateway.
    haLanInterfaceCidr string
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    haPrivateIp string
    Private IP address of the HA transit gateway created.
    haPublicIp string
    Public IP address of the HA Transit Gateway.
    haSecurityGroupId string
    HA security group used for the transit gateway.
    id string
    The provider-assigned unique ID for this managed resource.
    lanInterfaceCidr string
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    privateIp string
    Private IP address of the transit gateway created.
    publicIp string
    Public IP address of the Transit Gateway created.
    securityGroupId string
    Security group used for the transit gateway.
    bgp_lan_ip_lists Sequence[str]
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    cloud_instance_id str
    Cloud instance ID of the transit gateway.
    ha_bgp_lan_ip_lists Sequence[str]
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    ha_cloud_instance_id str
    Cloud instance ID of the HA transit gateway.
    ha_gw_name str
    Aviatrix transit gateway unique name of HA transit gateway.
    ha_lan_interface_cidr str
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    ha_private_ip str
    Private IP address of the HA transit gateway created.
    ha_public_ip str
    Public IP address of the HA Transit Gateway.
    ha_security_group_id str
    HA security group used for the transit gateway.
    id str
    The provider-assigned unique ID for this managed resource.
    lan_interface_cidr str
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    private_ip str
    Private IP address of the transit gateway created.
    public_ip str
    Public IP address of the Transit Gateway created.
    security_group_id str
    Security group used for the transit gateway.
    bgpLanIpLists List<String>
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    cloudInstanceId String
    Cloud instance ID of the transit gateway.
    haBgpLanIpLists List<String>
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    haCloudInstanceId String
    Cloud instance ID of the HA transit gateway.
    haGwName String
    Aviatrix transit gateway unique name of HA transit gateway.
    haLanInterfaceCidr String
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    haPrivateIp String
    Private IP address of the HA transit gateway created.
    haPublicIp String
    Public IP address of the HA Transit Gateway.
    haSecurityGroupId String
    HA security group used for the transit gateway.
    id String
    The provider-assigned unique ID for this managed resource.
    lanInterfaceCidr String
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    privateIp String
    Private IP address of the transit gateway created.
    publicIp String
    Public IP address of the Transit Gateway created.
    securityGroupId String
    Security group used for the transit gateway.

    Look up Existing AviatrixTransitGateway Resource

    Get an existing AviatrixTransitGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AviatrixTransitGatewayState, opts?: CustomResourceOptions): AviatrixTransitGateway
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            account_name: Optional[str] = None,
            allocate_new_eip: Optional[bool] = None,
            approved_learned_cidrs: Optional[Sequence[str]] = None,
            availability_domain: Optional[str] = None,
            azure_eip_name_resource_group: Optional[str] = None,
            bgp_ecmp: Optional[bool] = None,
            bgp_hold_time: Optional[int] = None,
            bgp_lan_interfaces: Optional[Sequence[AviatrixTransitGatewayBgpLanInterfaceArgs]] = None,
            bgp_lan_interfaces_count: Optional[int] = None,
            bgp_lan_ip_lists: Optional[Sequence[str]] = None,
            bgp_manual_spoke_advertise_cidrs: Optional[str] = None,
            bgp_polling_time: Optional[str] = None,
            cloud_instance_id: Optional[str] = None,
            cloud_type: Optional[int] = None,
            connected_transit: Optional[bool] = None,
            customer_managed_keys: Optional[str] = None,
            customized_spoke_vpc_routes: Optional[str] = None,
            customized_transit_vpc_routes: Optional[Sequence[str]] = None,
            eip: Optional[str] = None,
            enable_active_standby: Optional[bool] = None,
            enable_active_standby_preemptive: Optional[bool] = None,
            enable_advertise_transit_cidr: Optional[bool] = None,
            enable_bgp_over_lan: Optional[bool] = None,
            enable_egress_transit_firenet: Optional[bool] = None,
            enable_encrypt_volume: Optional[bool] = None,
            enable_firenet: Optional[bool] = None,
            enable_gateway_load_balancer: Optional[bool] = None,
            enable_hybrid_connection: Optional[bool] = None,
            enable_jumbo_frame: Optional[bool] = None,
            enable_learned_cidrs_approval: Optional[bool] = None,
            enable_monitor_gateway_subnets: Optional[bool] = None,
            enable_multi_tier_transit: Optional[bool] = None,
            enable_preserve_as_path: Optional[bool] = None,
            enable_private_oob: Optional[bool] = None,
            enable_s2c_rx_balancing: Optional[bool] = None,
            enable_segmentation: Optional[bool] = None,
            enable_spot_instance: Optional[bool] = None,
            enable_transit_firenet: Optional[bool] = None,
            enable_transit_summarize_cidr_to_tgw: Optional[bool] = None,
            enable_vpc_dns_server: Optional[bool] = None,
            excluded_advertised_spoke_routes: Optional[str] = None,
            fault_domain: Optional[str] = None,
            filtered_spoke_vpc_routes: Optional[str] = None,
            gw_name: Optional[str] = None,
            gw_size: Optional[str] = None,
            ha_availability_domain: Optional[str] = None,
            ha_azure_eip_name_resource_group: Optional[str] = None,
            ha_bgp_lan_interfaces: Optional[Sequence[AviatrixTransitGatewayHaBgpLanInterfaceArgs]] = None,
            ha_bgp_lan_ip_lists: Optional[Sequence[str]] = None,
            ha_cloud_instance_id: Optional[str] = None,
            ha_eip: Optional[str] = None,
            ha_fault_domain: Optional[str] = None,
            ha_gw_name: Optional[str] = None,
            ha_gw_size: Optional[str] = None,
            ha_image_version: Optional[str] = None,
            ha_insane_mode_az: Optional[str] = None,
            ha_lan_interface_cidr: Optional[str] = None,
            ha_oob_availability_zone: Optional[str] = None,
            ha_oob_management_subnet: Optional[str] = None,
            ha_private_ip: Optional[str] = None,
            ha_private_mode_subnet_zone: Optional[str] = None,
            ha_public_ip: Optional[str] = None,
            ha_security_group_id: Optional[str] = None,
            ha_software_version: Optional[str] = None,
            ha_subnet: Optional[str] = None,
            ha_zone: Optional[str] = None,
            image_version: Optional[str] = None,
            insane_mode: Optional[bool] = None,
            insane_mode_az: Optional[str] = None,
            lan_interface_cidr: Optional[str] = None,
            lan_private_subnet: Optional[str] = None,
            lan_vpc_id: Optional[str] = None,
            learned_cidrs_approval_mode: Optional[str] = None,
            local_as_number: Optional[str] = None,
            monitor_exclude_lists: Optional[Sequence[str]] = None,
            oob_availability_zone: Optional[str] = None,
            oob_management_subnet: Optional[str] = None,
            prepend_as_paths: Optional[Sequence[str]] = None,
            private_ip: Optional[str] = None,
            private_mode_lb_vpc_id: Optional[str] = None,
            private_mode_subnet_zone: Optional[str] = None,
            public_ip: Optional[str] = None,
            rx_queue_size: Optional[str] = None,
            security_group_id: Optional[str] = None,
            single_az_ha: Optional[bool] = None,
            single_ip_snat: Optional[bool] = None,
            software_version: Optional[str] = None,
            spot_price: Optional[str] = None,
            subnet: Optional[str] = None,
            tag_lists: Optional[Sequence[str]] = None,
            tags: Optional[Mapping[str, str]] = None,
            tunnel_detection_time: Optional[int] = None,
            vpc_id: Optional[str] = None,
            vpc_reg: Optional[str] = None,
            zone: Optional[str] = None) -> AviatrixTransitGateway
    func GetAviatrixTransitGateway(ctx *Context, name string, id IDInput, state *AviatrixTransitGatewayState, opts ...ResourceOption) (*AviatrixTransitGateway, error)
    public static AviatrixTransitGateway Get(string name, Input<string> id, AviatrixTransitGatewayState? state, CustomResourceOptions? opts = null)
    public static AviatrixTransitGateway get(String name, Output<String> id, AviatrixTransitGatewayState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccountName string
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    AllocateNewEip bool
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    ApprovedLearnedCidrs List<string>
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    AvailabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    AzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    BgpEcmp bool
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    BgpHoldTime int
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    BgpLanInterfaces List<AviatrixTransitGatewayBgpLanInterface>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    BgpLanInterfacesCount int
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    BgpLanIpLists List<string>
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    BgpManualSpokeAdvertiseCidrs string
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    BgpPollingTime string
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    CloudInstanceId string
    Cloud instance ID of the transit gateway.
    CloudType int
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    ConnectedTransit bool
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    CustomerManagedKeys string
    Customer managed key ID.
    CustomizedSpokeVpcRoutes string
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    CustomizedTransitVpcRoutes List<string>
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    Eip string
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    EnableActiveStandby bool
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    EnableActiveStandbyPreemptive bool
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    EnableAdvertiseTransitCidr bool
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    EnableBgpOverLan bool
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    EnableEgressTransitFirenet bool
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    EnableEncryptVolume bool
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    EnableFirenet bool
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    EnableGatewayLoadBalancer bool
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    EnableHybridConnection bool
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    EnableJumboFrame bool
    Enable jumbo frames for this transit gateway. Default value is true.
    EnableLearnedCidrsApproval bool
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    EnableMonitorGatewaySubnets bool
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    EnableMultiTierTransit bool
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    EnablePreserveAsPath bool
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    EnablePrivateOob bool
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    EnableS2cRxBalancing bool
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    EnableSegmentation bool
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    EnableSpotInstance bool
    Enable spot instance. NOT supported for production deployment.
    EnableTransitFirenet bool
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    EnableTransitSummarizeCidrToTgw bool
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    EnableVpcDnsServer bool
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    ExcludedAdvertisedSpokeRoutes string
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    FaultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    FilteredSpokeVpcRoutes string
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    GwName string
    Name of the gateway which is going to be created.
    GwSize string
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    HaAvailabilityDomain string
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    HaAzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    HaBgpLanInterfaces List<AviatrixTransitGatewayHaBgpLanInterface>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    HaBgpLanIpLists List<string>
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    HaCloudInstanceId string
    Cloud instance ID of the HA transit gateway.
    HaEip string
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    HaFaultDomain string
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    HaGwName string
    Aviatrix transit gateway unique name of HA transit gateway.
    HaGwSize string
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    HaImageVersion string
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    HaInsaneModeAz string
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    HaLanInterfaceCidr string
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    HaOobAvailabilityZone string
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    HaOobManagementSubnet string
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    HaPrivateIp string
    Private IP address of the HA transit gateway created.
    HaPrivateModeSubnetZone string
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    HaPublicIp string
    Public IP address of the HA Transit Gateway.
    HaSecurityGroupId string
    HA security group used for the transit gateway.
    HaSoftwareVersion string
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    HaSubnet string
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    HaZone string
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    ImageVersion string
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    InsaneMode bool
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    InsaneModeAz string
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    LanInterfaceCidr string
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    LanPrivateSubnet string
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    LanVpcId string
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    LearnedCidrsApprovalMode string
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    LocalAsNumber string
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    MonitorExcludeLists List<string>
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    OobAvailabilityZone string
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    OobManagementSubnet string
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    PrependAsPaths List<string>
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    PrivateIp string
    Private IP address of the transit gateway created.
    PrivateModeLbVpcId string
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    PrivateModeSubnetZone string
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    PublicIp string
    Public IP address of the Transit Gateway created.
    RxQueueSize string
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    SecurityGroupId string
    Security group used for the transit gateway.
    SingleAzHa bool
    Set to true if this feature is desired. Valid values: true, false.
    SingleIpSnat bool
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    SoftwareVersion string
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    SpotPrice string
    Price for spot instance. NOT supported for production deployment.
    Subnet string
    A VPC Network address range selected from one of the available network ranges.
    TagLists List<string>
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    Tags Dictionary<string, string>
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    TunnelDetectionTime int
    The IPSec tunnel down detection time for the transit gateway.
    VpcId string
    VPC-ID/VNet-Name of cloud provider.
    VpcReg string
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    Zone string
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    AccountName string
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    AllocateNewEip bool
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    ApprovedLearnedCidrs []string
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    AvailabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    AzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    BgpEcmp bool
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    BgpHoldTime int
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    BgpLanInterfaces []AviatrixTransitGatewayBgpLanInterfaceArgs
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    BgpLanInterfacesCount int
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    BgpLanIpLists []string
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    BgpManualSpokeAdvertiseCidrs string
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    BgpPollingTime string
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    CloudInstanceId string
    Cloud instance ID of the transit gateway.
    CloudType int
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    ConnectedTransit bool
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    CustomerManagedKeys string
    Customer managed key ID.
    CustomizedSpokeVpcRoutes string
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    CustomizedTransitVpcRoutes []string
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    Eip string
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    EnableActiveStandby bool
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    EnableActiveStandbyPreemptive bool
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    EnableAdvertiseTransitCidr bool
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    EnableBgpOverLan bool
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    EnableEgressTransitFirenet bool
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    EnableEncryptVolume bool
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    EnableFirenet bool
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    EnableGatewayLoadBalancer bool
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    EnableHybridConnection bool
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    EnableJumboFrame bool
    Enable jumbo frames for this transit gateway. Default value is true.
    EnableLearnedCidrsApproval bool
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    EnableMonitorGatewaySubnets bool
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    EnableMultiTierTransit bool
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    EnablePreserveAsPath bool
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    EnablePrivateOob bool
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    EnableS2cRxBalancing bool
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    EnableSegmentation bool
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    EnableSpotInstance bool
    Enable spot instance. NOT supported for production deployment.
    EnableTransitFirenet bool
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    EnableTransitSummarizeCidrToTgw bool
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    EnableVpcDnsServer bool
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    ExcludedAdvertisedSpokeRoutes string
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    FaultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    FilteredSpokeVpcRoutes string
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    GwName string
    Name of the gateway which is going to be created.
    GwSize string
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    HaAvailabilityDomain string
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    HaAzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    HaBgpLanInterfaces []AviatrixTransitGatewayHaBgpLanInterfaceArgs
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    HaBgpLanIpLists []string
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    HaCloudInstanceId string
    Cloud instance ID of the HA transit gateway.
    HaEip string
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    HaFaultDomain string
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    HaGwName string
    Aviatrix transit gateway unique name of HA transit gateway.
    HaGwSize string
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    HaImageVersion string
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    HaInsaneModeAz string
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    HaLanInterfaceCidr string
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    HaOobAvailabilityZone string
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    HaOobManagementSubnet string
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    HaPrivateIp string
    Private IP address of the HA transit gateway created.
    HaPrivateModeSubnetZone string
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    HaPublicIp string
    Public IP address of the HA Transit Gateway.
    HaSecurityGroupId string
    HA security group used for the transit gateway.
    HaSoftwareVersion string
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    HaSubnet string
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    HaZone string
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    ImageVersion string
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    InsaneMode bool
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    InsaneModeAz string
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    LanInterfaceCidr string
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    LanPrivateSubnet string
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    LanVpcId string
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    LearnedCidrsApprovalMode string
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    LocalAsNumber string
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    MonitorExcludeLists []string
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    OobAvailabilityZone string
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    OobManagementSubnet string
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    PrependAsPaths []string
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    PrivateIp string
    Private IP address of the transit gateway created.
    PrivateModeLbVpcId string
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    PrivateModeSubnetZone string
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    PublicIp string
    Public IP address of the Transit Gateway created.
    RxQueueSize string
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    SecurityGroupId string
    Security group used for the transit gateway.
    SingleAzHa bool
    Set to true if this feature is desired. Valid values: true, false.
    SingleIpSnat bool
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    SoftwareVersion string
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    SpotPrice string
    Price for spot instance. NOT supported for production deployment.
    Subnet string
    A VPC Network address range selected from one of the available network ranges.
    TagLists []string
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    Tags map[string]string
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    TunnelDetectionTime int
    The IPSec tunnel down detection time for the transit gateway.
    VpcId string
    VPC-ID/VNet-Name of cloud provider.
    VpcReg string
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    Zone string
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    accountName String
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    allocateNewEip Boolean
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    approvedLearnedCidrs List<String>
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    availabilityDomain String
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    azureEipNameResourceGroup String
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    bgpEcmp Boolean
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    bgpHoldTime Integer
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    bgpLanInterfaces List<AviatrixTransitGatewayBgpLanInterface>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    bgpLanInterfacesCount Integer
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    bgpLanIpLists List<String>
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    bgpManualSpokeAdvertiseCidrs String
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    bgpPollingTime String
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    cloudInstanceId String
    Cloud instance ID of the transit gateway.
    cloudType Integer
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    connectedTransit Boolean
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    customerManagedKeys String
    Customer managed key ID.
    customizedSpokeVpcRoutes String
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    customizedTransitVpcRoutes List<String>
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    eip String
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    enableActiveStandby Boolean
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    enableActiveStandbyPreemptive Boolean
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    enableAdvertiseTransitCidr Boolean
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    enableBgpOverLan Boolean
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableEgressTransitFirenet Boolean
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    enableEncryptVolume Boolean
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableFirenet Boolean
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    enableGatewayLoadBalancer Boolean
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableHybridConnection Boolean
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    enableJumboFrame Boolean
    Enable jumbo frames for this transit gateway. Default value is true.
    enableLearnedCidrsApproval Boolean
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    enableMonitorGatewaySubnets Boolean
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    enableMultiTierTransit Boolean
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    enablePreserveAsPath Boolean
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    enablePrivateOob Boolean
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableS2cRxBalancing Boolean
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    enableSegmentation Boolean
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    enableSpotInstance Boolean
    Enable spot instance. NOT supported for production deployment.
    enableTransitFirenet Boolean
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    enableTransitSummarizeCidrToTgw Boolean
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    enableVpcDnsServer Boolean
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    excludedAdvertisedSpokeRoutes String
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    faultDomain String
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    filteredSpokeVpcRoutes String
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    gwName String
    Name of the gateway which is going to be created.
    gwSize String
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    haAvailabilityDomain String
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haAzureEipNameResourceGroup String
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    haBgpLanInterfaces List<AviatrixTransitGatewayHaBgpLanInterface>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    haBgpLanIpLists List<String>
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    haCloudInstanceId String
    Cloud instance ID of the HA transit gateway.
    haEip String
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    haFaultDomain String
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haGwName String
    Aviatrix transit gateway unique name of HA transit gateway.
    haGwSize String
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    haImageVersion String
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    haInsaneModeAz String
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    haLanInterfaceCidr String
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    haOobAvailabilityZone String
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    haOobManagementSubnet String
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    haPrivateIp String
    Private IP address of the HA transit gateway created.
    haPrivateModeSubnetZone String
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    haPublicIp String
    Public IP address of the HA Transit Gateway.
    haSecurityGroupId String
    HA security group used for the transit gateway.
    haSoftwareVersion String
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    haSubnet String
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    haZone String
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    imageVersion String
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    insaneMode Boolean
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    insaneModeAz String
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    lanInterfaceCidr String
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    lanPrivateSubnet String
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    lanVpcId String
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    learnedCidrsApprovalMode String
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    localAsNumber String
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    monitorExcludeLists List<String>
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    oobAvailabilityZone String
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    oobManagementSubnet String
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    prependAsPaths List<String>
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    privateIp String
    Private IP address of the transit gateway created.
    privateModeLbVpcId String
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    privateModeSubnetZone String
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    publicIp String
    Public IP address of the Transit Gateway created.
    rxQueueSize String
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    securityGroupId String
    Security group used for the transit gateway.
    singleAzHa Boolean
    Set to true if this feature is desired. Valid values: true, false.
    singleIpSnat Boolean
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    softwareVersion String
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    spotPrice String
    Price for spot instance. NOT supported for production deployment.
    subnet String
    A VPC Network address range selected from one of the available network ranges.
    tagLists List<String>
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    tags Map<String,String>
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    tunnelDetectionTime Integer
    The IPSec tunnel down detection time for the transit gateway.
    vpcId String
    VPC-ID/VNet-Name of cloud provider.
    vpcReg String
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    zone String
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    accountName string
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    allocateNewEip boolean
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    approvedLearnedCidrs string[]
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    availabilityDomain string
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    azureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    bgpEcmp boolean
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    bgpHoldTime number
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    bgpLanInterfaces AviatrixTransitGatewayBgpLanInterface[]
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    bgpLanInterfacesCount number
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    bgpLanIpLists string[]
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    bgpManualSpokeAdvertiseCidrs string
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    bgpPollingTime string
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    cloudInstanceId string
    Cloud instance ID of the transit gateway.
    cloudType number
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    connectedTransit boolean
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    customerManagedKeys string
    Customer managed key ID.
    customizedSpokeVpcRoutes string
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    customizedTransitVpcRoutes string[]
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    eip string
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    enableActiveStandby boolean
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    enableActiveStandbyPreemptive boolean
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    enableAdvertiseTransitCidr boolean
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    enableBgpOverLan boolean
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableEgressTransitFirenet boolean
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    enableEncryptVolume boolean
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableFirenet boolean
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    enableGatewayLoadBalancer boolean
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableHybridConnection boolean
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    enableJumboFrame boolean
    Enable jumbo frames for this transit gateway. Default value is true.
    enableLearnedCidrsApproval boolean
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    enableMonitorGatewaySubnets boolean
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    enableMultiTierTransit boolean
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    enablePreserveAsPath boolean
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    enablePrivateOob boolean
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableS2cRxBalancing boolean
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    enableSegmentation boolean
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    enableSpotInstance boolean
    Enable spot instance. NOT supported for production deployment.
    enableTransitFirenet boolean
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    enableTransitSummarizeCidrToTgw boolean
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    enableVpcDnsServer boolean
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    excludedAdvertisedSpokeRoutes string
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    faultDomain string
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    filteredSpokeVpcRoutes string
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    gwName string
    Name of the gateway which is going to be created.
    gwSize string
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    haAvailabilityDomain string
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haAzureEipNameResourceGroup string
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    haBgpLanInterfaces AviatrixTransitGatewayHaBgpLanInterface[]
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    haBgpLanIpLists string[]
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    haCloudInstanceId string
    Cloud instance ID of the HA transit gateway.
    haEip string
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    haFaultDomain string
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haGwName string
    Aviatrix transit gateway unique name of HA transit gateway.
    haGwSize string
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    haImageVersion string
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    haInsaneModeAz string
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    haLanInterfaceCidr string
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    haOobAvailabilityZone string
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    haOobManagementSubnet string
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    haPrivateIp string
    Private IP address of the HA transit gateway created.
    haPrivateModeSubnetZone string
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    haPublicIp string
    Public IP address of the HA Transit Gateway.
    haSecurityGroupId string
    HA security group used for the transit gateway.
    haSoftwareVersion string
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    haSubnet string
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    haZone string
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    imageVersion string
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    insaneMode boolean
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    insaneModeAz string
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    lanInterfaceCidr string
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    lanPrivateSubnet string
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    lanVpcId string
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    learnedCidrsApprovalMode string
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    localAsNumber string
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    monitorExcludeLists string[]
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    oobAvailabilityZone string
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    oobManagementSubnet string
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    prependAsPaths string[]
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    privateIp string
    Private IP address of the transit gateway created.
    privateModeLbVpcId string
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    privateModeSubnetZone string
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    publicIp string
    Public IP address of the Transit Gateway created.
    rxQueueSize string
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    securityGroupId string
    Security group used for the transit gateway.
    singleAzHa boolean
    Set to true if this feature is desired. Valid values: true, false.
    singleIpSnat boolean
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    softwareVersion string
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    spotPrice string
    Price for spot instance. NOT supported for production deployment.
    subnet string
    A VPC Network address range selected from one of the available network ranges.
    tagLists string[]
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    tags {[key: string]: string}
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    tunnelDetectionTime number
    The IPSec tunnel down detection time for the transit gateway.
    vpcId string
    VPC-ID/VNet-Name of cloud provider.
    vpcReg string
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    zone string
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    account_name str
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    allocate_new_eip bool
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    approved_learned_cidrs Sequence[str]
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    availability_domain str
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    azure_eip_name_resource_group str
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    bgp_ecmp bool
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    bgp_hold_time int
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    bgp_lan_interfaces Sequence[AviatrixTransitGatewayBgpLanInterfaceArgs]
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    bgp_lan_interfaces_count int
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    bgp_lan_ip_lists Sequence[str]
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    bgp_manual_spoke_advertise_cidrs str
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    bgp_polling_time str
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    cloud_instance_id str
    Cloud instance ID of the transit gateway.
    cloud_type int
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    connected_transit bool
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    customer_managed_keys str
    Customer managed key ID.
    customized_spoke_vpc_routes str
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    customized_transit_vpc_routes Sequence[str]
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    eip str
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    enable_active_standby bool
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    enable_active_standby_preemptive bool
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    enable_advertise_transit_cidr bool
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    enable_bgp_over_lan bool
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enable_egress_transit_firenet bool
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    enable_encrypt_volume bool
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enable_firenet bool
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    enable_gateway_load_balancer bool
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enable_hybrid_connection bool
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    enable_jumbo_frame bool
    Enable jumbo frames for this transit gateway. Default value is true.
    enable_learned_cidrs_approval bool
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    enable_monitor_gateway_subnets bool
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    enable_multi_tier_transit bool
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    enable_preserve_as_path bool
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    enable_private_oob bool
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enable_s2c_rx_balancing bool
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    enable_segmentation bool
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    enable_spot_instance bool
    Enable spot instance. NOT supported for production deployment.
    enable_transit_firenet bool
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    enable_transit_summarize_cidr_to_tgw bool
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    enable_vpc_dns_server bool
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    excluded_advertised_spoke_routes str
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    fault_domain str
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    filtered_spoke_vpc_routes str
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    gw_name str
    Name of the gateway which is going to be created.
    gw_size str
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    ha_availability_domain str
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    ha_azure_eip_name_resource_group str
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    ha_bgp_lan_interfaces Sequence[AviatrixTransitGatewayHaBgpLanInterfaceArgs]
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    ha_bgp_lan_ip_lists Sequence[str]
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    ha_cloud_instance_id str
    Cloud instance ID of the HA transit gateway.
    ha_eip str
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    ha_fault_domain str
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    ha_gw_name str
    Aviatrix transit gateway unique name of HA transit gateway.
    ha_gw_size str
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    ha_image_version str
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    ha_insane_mode_az str
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    ha_lan_interface_cidr str
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    ha_oob_availability_zone str
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    ha_oob_management_subnet str
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    ha_private_ip str
    Private IP address of the HA transit gateway created.
    ha_private_mode_subnet_zone str
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    ha_public_ip str
    Public IP address of the HA Transit Gateway.
    ha_security_group_id str
    HA security group used for the transit gateway.
    ha_software_version str
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    ha_subnet str
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    ha_zone str
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    image_version str
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    insane_mode bool
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    insane_mode_az str
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    lan_interface_cidr str
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    lan_private_subnet str
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    lan_vpc_id str
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    learned_cidrs_approval_mode str
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    local_as_number str
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    monitor_exclude_lists Sequence[str]
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    oob_availability_zone str
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    oob_management_subnet str
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    prepend_as_paths Sequence[str]
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    private_ip str
    Private IP address of the transit gateway created.
    private_mode_lb_vpc_id str
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    private_mode_subnet_zone str
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    public_ip str
    Public IP address of the Transit Gateway created.
    rx_queue_size str
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    security_group_id str
    Security group used for the transit gateway.
    single_az_ha bool
    Set to true if this feature is desired. Valid values: true, false.
    single_ip_snat bool
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    software_version str
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    spot_price str
    Price for spot instance. NOT supported for production deployment.
    subnet str
    A VPC Network address range selected from one of the available network ranges.
    tag_lists Sequence[str]
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    tags Mapping[str, str]
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    tunnel_detection_time int
    The IPSec tunnel down detection time for the transit gateway.
    vpc_id str
    VPC-ID/VNet-Name of cloud provider.
    vpc_reg str
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    zone str
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.
    accountName String
    This parameter represents the name of a Cloud-Account in Aviatrix controller.
    allocateNewEip Boolean
    When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
    approvedLearnedCidrs List<String>
    A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
    availabilityDomain String
    Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    azureEipNameResourceGroup String
    Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    bgpEcmp Boolean
    Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
    bgpHoldTime Number
    BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
    bgpLanInterfaces List<Property Map>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
    bgpLanInterfacesCount Number
    Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
    bgpLanIpLists List<String>
    List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    bgpManualSpokeAdvertiseCidrs String
    Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    bgpPollingTime String
    BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
    cloudInstanceId String
    Cloud instance ID of the transit gateway.
    cloudType Number
    Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
    connectedTransit Boolean
    Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
    customerManagedKeys String
    Customer managed key ID.
    customizedSpokeVpcRoutes String
    A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
    customizedTransitVpcRoutes List<String>
    A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
    eip String
    Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    enableActiveStandby Boolean
    Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
    enableActiveStandbyPreemptive Boolean
    Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
    enableAdvertiseTransitCidr Boolean
    Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
    enableBgpOverLan Boolean
    Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableEgressTransitFirenet Boolean
    Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
    enableEncryptVolume Boolean
    Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableFirenet Boolean
    Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
    enableGatewayLoadBalancer Boolean
    Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
    enableHybridConnection Boolean
    Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
    enableJumboFrame Boolean
    Enable jumbo frames for this transit gateway. Default value is true.
    enableLearnedCidrsApproval Boolean
    Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
    enableMonitorGatewaySubnets Boolean
    If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
    enableMultiTierTransit Boolean
    Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
    enablePreserveAsPath Boolean
    Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
    enablePrivateOob Boolean
    Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    enableS2cRxBalancing Boolean
    Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
    enableSegmentation Boolean
    Enable transit gateway for segmentation. Valid values: true, false. Default: false.
    enableSpotInstance Boolean
    Enable spot instance. NOT supported for production deployment.
    enableTransitFirenet Boolean
    Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
    enableTransitSummarizeCidrToTgw Boolean
    Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
    enableVpcDnsServer Boolean
    Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
    excludedAdvertisedSpokeRoutes String
    A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
    faultDomain String
    Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    filteredSpokeVpcRoutes String
    A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
    gwName String
    Name of the gateway which is going to be created.
    gwSize String
    Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
    haAvailabilityDomain String
    HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haAzureEipNameResourceGroup String
    Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
    haBgpLanInterfaces List<Property Map>
    Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
    haBgpLanIpLists List<String>
    List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
    haCloudInstanceId String
    Cloud instance ID of the HA transit gateway.
    haEip String
    Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
    haFaultDomain String
    HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
    haGwName String
    Aviatrix transit gateway unique name of HA transit gateway.
    haGwSize String
    HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
    haImageVersion String
    The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    haInsaneModeAz String
    AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
    haLanInterfaceCidr String
    LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
    haOobAvailabilityZone String
    HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
    haOobManagementSubnet String
    HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
    haPrivateIp String
    Private IP address of the HA transit gateway created.
    haPrivateModeSubnetZone String
    Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
    haPublicIp String
    Public IP address of the HA Transit Gateway.
    haSecurityGroupId String
    HA security group used for the transit gateway.
    haSoftwareVersion String
    The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    haSubnet String
    HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
    haZone String
    HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
    imageVersion String
    The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
    insaneMode Boolean
    Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
    insaneModeAz String
    AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
    lanInterfaceCidr String
    LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
    lanPrivateSubnet String
    LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    lanVpcId String
    LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
    learnedCidrsApprovalMode String
    Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
    localAsNumber String
    Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
    monitorExcludeLists List<String>
    Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
    oobAvailabilityZone String
    OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
    oobManagementSubnet String
    OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
    prependAsPaths List<String>
    List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
    privateIp String
    Private IP address of the transit gateway created.
    privateModeLbVpcId String
    VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
    privateModeSubnetZone String
    Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
    publicIp String
    Public IP address of the Transit Gateway created.
    rxQueueSize String
    Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
    securityGroupId String
    Security group used for the transit gateway.
    singleAzHa Boolean
    Set to true if this feature is desired. Valid values: true, false.
    singleIpSnat Boolean
    Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
    softwareVersion String
    The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
    spotPrice String
    Price for spot instance. NOT supported for production deployment.
    subnet String
    A VPC Network address range selected from one of the available network ranges.
    tagLists List<String>
    (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].

    Deprecated:Use tags instead.

    tags Map<String>
    Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
    tunnelDetectionTime Number
    The IPSec tunnel down detection time for the transit gateway.
    vpcId String
    VPC-ID/VNet-Name of cloud provider.
    vpcReg String
    Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
    zone String
    Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

    Supporting Types

    AviatrixTransitGatewayBgpLanInterface, AviatrixTransitGatewayBgpLanInterfaceArgs

    Subnet string
    A VPC Network address range selected from one of the available network ranges.
    VpcId string
    VPC-ID/VNet-Name of cloud provider.
    Subnet string
    A VPC Network address range selected from one of the available network ranges.
    VpcId string
    VPC-ID/VNet-Name of cloud provider.
    subnet String
    A VPC Network address range selected from one of the available network ranges.
    vpcId String
    VPC-ID/VNet-Name of cloud provider.
    subnet string
    A VPC Network address range selected from one of the available network ranges.
    vpcId string
    VPC-ID/VNet-Name of cloud provider.
    subnet str
    A VPC Network address range selected from one of the available network ranges.
    vpc_id str
    VPC-ID/VNet-Name of cloud provider.
    subnet String
    A VPC Network address range selected from one of the available network ranges.
    vpcId String
    VPC-ID/VNet-Name of cloud provider.

    AviatrixTransitGatewayHaBgpLanInterface, AviatrixTransitGatewayHaBgpLanInterfaceArgs

    Subnet string
    A VPC Network address range selected from one of the available network ranges.
    VpcId string
    VPC-ID/VNet-Name of cloud provider.
    Subnet string
    A VPC Network address range selected from one of the available network ranges.
    VpcId string
    VPC-ID/VNet-Name of cloud provider.
    subnet String
    A VPC Network address range selected from one of the available network ranges.
    vpcId String
    VPC-ID/VNet-Name of cloud provider.
    subnet string
    A VPC Network address range selected from one of the available network ranges.
    vpcId string
    VPC-ID/VNet-Name of cloud provider.
    subnet str
    A VPC Network address range selected from one of the available network ranges.
    vpc_id str
    VPC-ID/VNet-Name of cloud provider.
    subnet String
    A VPC Network address range selected from one of the available network ranges.
    vpcId String
    VPC-ID/VNet-Name of cloud provider.

    Package Details

    Repository
    aviatrix astipkovits/pulumi-aviatrix
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aviatrix Terraform Provider.
    aviatrix logo
    Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix