Aviatrix v0.0.11, Jun 17 23

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

aviatrix.AviatrixSpokeGateway

Explore with Pulumi AI

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

Import

spoke_gateway can be imported using the gw_name, e.g. ****

 $ pulumi import aviatrix:index/aviatrixSpokeGateway:AviatrixSpokeGateway test gw_name

Create AviatrixSpokeGateway Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new AviatrixSpokeGateway(name: string, args: AviatrixSpokeGatewayArgs, opts?: CustomResourceOptions);

@overload
def AviatrixSpokeGateway(resource_name: str,
                         args: AviatrixSpokeGatewayArgs,
                         opts: Optional[ResourceOptions] = None)

@overload
def AviatrixSpokeGateway(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         account_name: Optional[str] = None,
                         cloud_type: Optional[int] = None,
                         gw_name: Optional[str] = None,
                         gw_size: Optional[str] = None,
                         subnet: Optional[str] = None,
                         vpc_id: Optional[str] = None,
                         vpc_reg: Optional[str] = None,
                         ha_azure_eip_name_resource_group: Optional[str] = None,
                         ha_oob_availability_zone: Optional[str] = None,
                         azure_eip_name_resource_group: Optional[str] = None,
                         bgp_ecmp: Optional[bool] = None,
                         bgp_hold_time: Optional[int] = None,
                         bgp_polling_time: Optional[int] = None,
                         customer_managed_keys: Optional[str] = None,
                         customized_spoke_vpc_routes: Optional[str] = None,
                         disable_route_propagation: Optional[bool] = None,
                         eip: Optional[str] = None,
                         enable_active_standby: Optional[bool] = None,
                         enable_active_standby_preemptive: Optional[bool] = None,
                         enable_auto_advertise_s2c_cidrs: Optional[bool] = None,
                         enable_bgp: Optional[bool] = None,
                         enable_encrypt_volume: Optional[bool] = None,
                         enable_jumbo_frame: Optional[bool] = None,
                         enable_learned_cidrs_approval: Optional[bool] = None,
                         enable_monitor_gateway_subnets: Optional[bool] = None,
                         enable_preserve_as_path: Optional[bool] = None,
                         enable_private_oob: Optional[bool] = None,
                         enable_private_vpc_default_route: Optional[bool] = None,
                         enable_skip_public_route_table_update: Optional[bool] = None,
                         enable_spot_instance: Optional[bool] = None,
                         enable_vpc_dns_server: Optional[bool] = None,
                         fault_domain: Optional[str] = None,
                         filtered_spoke_vpc_routes: Optional[str] = None,
                         ha_availability_domain: Optional[str] = None,
                         approved_learned_cidrs: Optional[Sequence[str]] = None,
                         ha_eip: Optional[str] = None,
                         ha_fault_domain: Optional[str] = None,
                         availability_domain: Optional[str] = None,
                         ha_gw_size: Optional[str] = None,
                         included_advertised_spoke_routes: Optional[str] = None,
                         ha_image_version: Optional[str] = None,
                         ha_oob_management_subnet: Optional[str] = None,
                         ha_private_mode_subnet_zone: Optional[str] = None,
                         ha_software_version: Optional[str] = None,
                         ha_subnet: Optional[str] = None,
                         ha_zone: Optional[str] = None,
                         image_version: Optional[str] = None,
                         ha_insane_mode_az: Optional[str] = None,
                         insane_mode: Optional[bool] = None,
                         insane_mode_az: Optional[str] = None,
                         learned_cidrs_approval_mode: Optional[str] = None,
                         local_as_number: Optional[str] = None,
                         manage_transit_gateway_attachment: Optional[bool] = None,
                         monitor_exclude_lists: Optional[Sequence[str]] = None,
                         oob_availability_zone: Optional[str] = None,
                         oob_management_subnet: Optional[str] = None,
                         prepend_as_paths: Optional[Sequence[str]] = None,
                         private_mode_lb_vpc_id: Optional[str] = None,
                         private_mode_subnet_zone: Optional[str] = None,
                         rx_queue_size: Optional[str] = None,
                         single_az_ha: Optional[bool] = None,
                         single_ip_snat: Optional[bool] = None,
                         software_version: Optional[str] = None,
                         spoke_bgp_manual_advertise_cidrs: Optional[Sequence[str]] = None,
                         spot_price: Optional[str] = None,
                         tag_lists: Optional[Sequence[str]] = None,
                         tags: Optional[Mapping[str, str]] = None,
                         transit_gw: Optional[str] = None,
                         allocate_new_eip: Optional[bool] = None,
                         tunnel_detection_time: Optional[int] = None,
                         zone: Optional[str] = None)

func NewAviatrixSpokeGateway(ctx *Context, name string, args AviatrixSpokeGatewayArgs, opts ...ResourceOption) (*AviatrixSpokeGateway, error)

public AviatrixSpokeGateway(string name, AviatrixSpokeGatewayArgs args, CustomResourceOptions? opts = null)

public AviatrixSpokeGateway(String name, AviatrixSpokeGatewayArgs args)
public AviatrixSpokeGateway(String name, AviatrixSpokeGatewayArgs args, CustomResourceOptions options)

type: aviatrix:AviatrixSpokeGateway
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AviatrixSpokeGatewayArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AviatrixSpokeGatewayArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AviatrixSpokeGatewayArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AviatrixSpokeGatewayArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AviatrixSpokeGatewayArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var aviatrixSpokeGatewayResource = new Aviatrix.AviatrixSpokeGateway("aviatrixSpokeGatewayResource", new()
{
    AccountName = "string",
    CloudType = 0,
    GwName = "string",
    GwSize = "string",
    Subnet = "string",
    VpcId = "string",
    VpcReg = "string",
    HaAzureEipNameResourceGroup = "string",
    HaOobAvailabilityZone = "string",
    AzureEipNameResourceGroup = "string",
    BgpEcmp = false,
    BgpHoldTime = 0,
    BgpPollingTime = 0,
    CustomerManagedKeys = "string",
    CustomizedSpokeVpcRoutes = "string",
    DisableRoutePropagation = false,
    Eip = "string",
    EnableActiveStandby = false,
    EnableActiveStandbyPreemptive = false,
    EnableAutoAdvertiseS2cCidrs = false,
    EnableBgp = false,
    EnableEncryptVolume = false,
    EnableJumboFrame = false,
    EnableLearnedCidrsApproval = false,
    EnableMonitorGatewaySubnets = false,
    EnablePreserveAsPath = false,
    EnablePrivateOob = false,
    EnablePrivateVpcDefaultRoute = false,
    EnableSkipPublicRouteTableUpdate = false,
    EnableSpotInstance = false,
    EnableVpcDnsServer = false,
    FaultDomain = "string",
    FilteredSpokeVpcRoutes = "string",
    HaAvailabilityDomain = "string",
    ApprovedLearnedCidrs = new[]
    {
        "string",
    },
    HaEip = "string",
    HaFaultDomain = "string",
    AvailabilityDomain = "string",
    HaGwSize = "string",
    IncludedAdvertisedSpokeRoutes = "string",
    HaImageVersion = "string",
    HaOobManagementSubnet = "string",
    HaPrivateModeSubnetZone = "string",
    HaSoftwareVersion = "string",
    HaSubnet = "string",
    HaZone = "string",
    ImageVersion = "string",
    HaInsaneModeAz = "string",
    InsaneMode = false,
    InsaneModeAz = "string",
    LearnedCidrsApprovalMode = "string",
    LocalAsNumber = "string",
    ManageTransitGatewayAttachment = false,
    MonitorExcludeLists = new[]
    {
        "string",
    },
    OobAvailabilityZone = "string",
    OobManagementSubnet = "string",
    PrependAsPaths = new[]
    {
        "string",
    },
    PrivateModeLbVpcId = "string",
    PrivateModeSubnetZone = "string",
    RxQueueSize = "string",
    SingleAzHa = false,
    SingleIpSnat = false,
    SoftwareVersion = "string",
    SpokeBgpManualAdvertiseCidrs = new[]
    {
        "string",
    },
    SpotPrice = "string",
    Tags = 
    {
        { "string", "string" },
    },
    AllocateNewEip = false,
    TunnelDetectionTime = 0,
    Zone = "string",
});

example, err := aviatrix.NewAviatrixSpokeGateway(ctx, "aviatrixSpokeGatewayResource", &aviatrix.AviatrixSpokeGatewayArgs{
	AccountName:                      pulumi.String("string"),
	CloudType:                        pulumi.Int(0),
	GwName:                           pulumi.String("string"),
	GwSize:                           pulumi.String("string"),
	Subnet:                           pulumi.String("string"),
	VpcId:                            pulumi.String("string"),
	VpcReg:                           pulumi.String("string"),
	HaAzureEipNameResourceGroup:      pulumi.String("string"),
	HaOobAvailabilityZone:            pulumi.String("string"),
	AzureEipNameResourceGroup:        pulumi.String("string"),
	BgpEcmp:                          pulumi.Bool(false),
	BgpHoldTime:                      pulumi.Int(0),
	BgpPollingTime:                   pulumi.Int(0),
	CustomerManagedKeys:              pulumi.String("string"),
	CustomizedSpokeVpcRoutes:         pulumi.String("string"),
	DisableRoutePropagation:          pulumi.Bool(false),
	Eip:                              pulumi.String("string"),
	EnableActiveStandby:              pulumi.Bool(false),
	EnableActiveStandbyPreemptive:    pulumi.Bool(false),
	EnableAutoAdvertiseS2cCidrs:      pulumi.Bool(false),
	EnableBgp:                        pulumi.Bool(false),
	EnableEncryptVolume:              pulumi.Bool(false),
	EnableJumboFrame:                 pulumi.Bool(false),
	EnableLearnedCidrsApproval:       pulumi.Bool(false),
	EnableMonitorGatewaySubnets:      pulumi.Bool(false),
	EnablePreserveAsPath:             pulumi.Bool(false),
	EnablePrivateOob:                 pulumi.Bool(false),
	EnablePrivateVpcDefaultRoute:     pulumi.Bool(false),
	EnableSkipPublicRouteTableUpdate: pulumi.Bool(false),
	EnableSpotInstance:               pulumi.Bool(false),
	EnableVpcDnsServer:               pulumi.Bool(false),
	FaultDomain:                      pulumi.String("string"),
	FilteredSpokeVpcRoutes:           pulumi.String("string"),
	HaAvailabilityDomain:             pulumi.String("string"),
	ApprovedLearnedCidrs: pulumi.StringArray{
		pulumi.String("string"),
	},
	HaEip:                          pulumi.String("string"),
	HaFaultDomain:                  pulumi.String("string"),
	AvailabilityDomain:             pulumi.String("string"),
	HaGwSize:                       pulumi.String("string"),
	IncludedAdvertisedSpokeRoutes:  pulumi.String("string"),
	HaImageVersion:                 pulumi.String("string"),
	HaOobManagementSubnet:          pulumi.String("string"),
	HaPrivateModeSubnetZone:        pulumi.String("string"),
	HaSoftwareVersion:              pulumi.String("string"),
	HaSubnet:                       pulumi.String("string"),
	HaZone:                         pulumi.String("string"),
	ImageVersion:                   pulumi.String("string"),
	HaInsaneModeAz:                 pulumi.String("string"),
	InsaneMode:                     pulumi.Bool(false),
	InsaneModeAz:                   pulumi.String("string"),
	LearnedCidrsApprovalMode:       pulumi.String("string"),
	LocalAsNumber:                  pulumi.String("string"),
	ManageTransitGatewayAttachment: pulumi.Bool(false),
	MonitorExcludeLists: pulumi.StringArray{
		pulumi.String("string"),
	},
	OobAvailabilityZone: pulumi.String("string"),
	OobManagementSubnet: pulumi.String("string"),
	PrependAsPaths: pulumi.StringArray{
		pulumi.String("string"),
	},
	PrivateModeLbVpcId:    pulumi.String("string"),
	PrivateModeSubnetZone: pulumi.String("string"),
	RxQueueSize:           pulumi.String("string"),
	SingleAzHa:            pulumi.Bool(false),
	SingleIpSnat:          pulumi.Bool(false),
	SoftwareVersion:       pulumi.String("string"),
	SpokeBgpManualAdvertiseCidrs: pulumi.StringArray{
		pulumi.String("string"),
	},
	SpotPrice: pulumi.String("string"),
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	AllocateNewEip:      pulumi.Bool(false),
	TunnelDetectionTime: pulumi.Int(0),
	Zone:                pulumi.String("string"),
})

var aviatrixSpokeGatewayResource = new AviatrixSpokeGateway("aviatrixSpokeGatewayResource", AviatrixSpokeGatewayArgs.builder()
    .accountName("string")
    .cloudType(0)
    .gwName("string")
    .gwSize("string")
    .subnet("string")
    .vpcId("string")
    .vpcReg("string")
    .haAzureEipNameResourceGroup("string")
    .haOobAvailabilityZone("string")
    .azureEipNameResourceGroup("string")
    .bgpEcmp(false)
    .bgpHoldTime(0)
    .bgpPollingTime(0)
    .customerManagedKeys("string")
    .customizedSpokeVpcRoutes("string")
    .disableRoutePropagation(false)
    .eip("string")
    .enableActiveStandby(false)
    .enableActiveStandbyPreemptive(false)
    .enableAutoAdvertiseS2cCidrs(false)
    .enableBgp(false)
    .enableEncryptVolume(false)
    .enableJumboFrame(false)
    .enableLearnedCidrsApproval(false)
    .enableMonitorGatewaySubnets(false)
    .enablePreserveAsPath(false)
    .enablePrivateOob(false)
    .enablePrivateVpcDefaultRoute(false)
    .enableSkipPublicRouteTableUpdate(false)
    .enableSpotInstance(false)
    .enableVpcDnsServer(false)
    .faultDomain("string")
    .filteredSpokeVpcRoutes("string")
    .haAvailabilityDomain("string")
    .approvedLearnedCidrs("string")
    .haEip("string")
    .haFaultDomain("string")
    .availabilityDomain("string")
    .haGwSize("string")
    .includedAdvertisedSpokeRoutes("string")
    .haImageVersion("string")
    .haOobManagementSubnet("string")
    .haPrivateModeSubnetZone("string")
    .haSoftwareVersion("string")
    .haSubnet("string")
    .haZone("string")
    .imageVersion("string")
    .haInsaneModeAz("string")
    .insaneMode(false)
    .insaneModeAz("string")
    .learnedCidrsApprovalMode("string")
    .localAsNumber("string")
    .manageTransitGatewayAttachment(false)
    .monitorExcludeLists("string")
    .oobAvailabilityZone("string")
    .oobManagementSubnet("string")
    .prependAsPaths("string")
    .privateModeLbVpcId("string")
    .privateModeSubnetZone("string")
    .rxQueueSize("string")
    .singleAzHa(false)
    .singleIpSnat(false)
    .softwareVersion("string")
    .spokeBgpManualAdvertiseCidrs("string")
    .spotPrice("string")
    .tags(Map.of("string", "string"))
    .allocateNewEip(false)
    .tunnelDetectionTime(0)
    .zone("string")
    .build());

aviatrix_spoke_gateway_resource = aviatrix.AviatrixSpokeGateway("aviatrixSpokeGatewayResource",
    account_name="string",
    cloud_type=0,
    gw_name="string",
    gw_size="string",
    subnet="string",
    vpc_id="string",
    vpc_reg="string",
    ha_azure_eip_name_resource_group="string",
    ha_oob_availability_zone="string",
    azure_eip_name_resource_group="string",
    bgp_ecmp=False,
    bgp_hold_time=0,
    bgp_polling_time=0,
    customer_managed_keys="string",
    customized_spoke_vpc_routes="string",
    disable_route_propagation=False,
    eip="string",
    enable_active_standby=False,
    enable_active_standby_preemptive=False,
    enable_auto_advertise_s2c_cidrs=False,
    enable_bgp=False,
    enable_encrypt_volume=False,
    enable_jumbo_frame=False,
    enable_learned_cidrs_approval=False,
    enable_monitor_gateway_subnets=False,
    enable_preserve_as_path=False,
    enable_private_oob=False,
    enable_private_vpc_default_route=False,
    enable_skip_public_route_table_update=False,
    enable_spot_instance=False,
    enable_vpc_dns_server=False,
    fault_domain="string",
    filtered_spoke_vpc_routes="string",
    ha_availability_domain="string",
    approved_learned_cidrs=["string"],
    ha_eip="string",
    ha_fault_domain="string",
    availability_domain="string",
    ha_gw_size="string",
    included_advertised_spoke_routes="string",
    ha_image_version="string",
    ha_oob_management_subnet="string",
    ha_private_mode_subnet_zone="string",
    ha_software_version="string",
    ha_subnet="string",
    ha_zone="string",
    image_version="string",
    ha_insane_mode_az="string",
    insane_mode=False,
    insane_mode_az="string",
    learned_cidrs_approval_mode="string",
    local_as_number="string",
    manage_transit_gateway_attachment=False,
    monitor_exclude_lists=["string"],
    oob_availability_zone="string",
    oob_management_subnet="string",
    prepend_as_paths=["string"],
    private_mode_lb_vpc_id="string",
    private_mode_subnet_zone="string",
    rx_queue_size="string",
    single_az_ha=False,
    single_ip_snat=False,
    software_version="string",
    spoke_bgp_manual_advertise_cidrs=["string"],
    spot_price="string",
    tags={
        "string": "string",
    },
    allocate_new_eip=False,
    tunnel_detection_time=0,
    zone="string")

const aviatrixSpokeGatewayResource = new aviatrix.AviatrixSpokeGateway("aviatrixSpokeGatewayResource", {
    accountName: "string",
    cloudType: 0,
    gwName: "string",
    gwSize: "string",
    subnet: "string",
    vpcId: "string",
    vpcReg: "string",
    haAzureEipNameResourceGroup: "string",
    haOobAvailabilityZone: "string",
    azureEipNameResourceGroup: "string",
    bgpEcmp: false,
    bgpHoldTime: 0,
    bgpPollingTime: 0,
    customerManagedKeys: "string",
    customizedSpokeVpcRoutes: "string",
    disableRoutePropagation: false,
    eip: "string",
    enableActiveStandby: false,
    enableActiveStandbyPreemptive: false,
    enableAutoAdvertiseS2cCidrs: false,
    enableBgp: false,
    enableEncryptVolume: false,
    enableJumboFrame: false,
    enableLearnedCidrsApproval: false,
    enableMonitorGatewaySubnets: false,
    enablePreserveAsPath: false,
    enablePrivateOob: false,
    enablePrivateVpcDefaultRoute: false,
    enableSkipPublicRouteTableUpdate: false,
    enableSpotInstance: false,
    enableVpcDnsServer: false,
    faultDomain: "string",
    filteredSpokeVpcRoutes: "string",
    haAvailabilityDomain: "string",
    approvedLearnedCidrs: ["string"],
    haEip: "string",
    haFaultDomain: "string",
    availabilityDomain: "string",
    haGwSize: "string",
    includedAdvertisedSpokeRoutes: "string",
    haImageVersion: "string",
    haOobManagementSubnet: "string",
    haPrivateModeSubnetZone: "string",
    haSoftwareVersion: "string",
    haSubnet: "string",
    haZone: "string",
    imageVersion: "string",
    haInsaneModeAz: "string",
    insaneMode: false,
    insaneModeAz: "string",
    learnedCidrsApprovalMode: "string",
    localAsNumber: "string",
    manageTransitGatewayAttachment: false,
    monitorExcludeLists: ["string"],
    oobAvailabilityZone: "string",
    oobManagementSubnet: "string",
    prependAsPaths: ["string"],
    privateModeLbVpcId: "string",
    privateModeSubnetZone: "string",
    rxQueueSize: "string",
    singleAzHa: false,
    singleIpSnat: false,
    softwareVersion: "string",
    spokeBgpManualAdvertiseCidrs: ["string"],
    spotPrice: "string",
    tags: {
        string: "string",
    },
    allocateNewEip: false,
    tunnelDetectionTime: 0,
    zone: "string",
});

type: aviatrix:AviatrixSpokeGateway
properties:
    accountName: string
    allocateNewEip: false
    approvedLearnedCidrs:
        - string
    availabilityDomain: string
    azureEipNameResourceGroup: string
    bgpEcmp: false
    bgpHoldTime: 0
    bgpPollingTime: 0
    cloudType: 0
    customerManagedKeys: string
    customizedSpokeVpcRoutes: string
    disableRoutePropagation: false
    eip: string
    enableActiveStandby: false
    enableActiveStandbyPreemptive: false
    enableAutoAdvertiseS2cCidrs: false
    enableBgp: false
    enableEncryptVolume: false
    enableJumboFrame: false
    enableLearnedCidrsApproval: false
    enableMonitorGatewaySubnets: false
    enablePreserveAsPath: false
    enablePrivateOob: false
    enablePrivateVpcDefaultRoute: false
    enableSkipPublicRouteTableUpdate: false
    enableSpotInstance: false
    enableVpcDnsServer: false
    faultDomain: string
    filteredSpokeVpcRoutes: string
    gwName: string
    gwSize: string
    haAvailabilityDomain: string
    haAzureEipNameResourceGroup: string
    haEip: string
    haFaultDomain: string
    haGwSize: string
    haImageVersion: string
    haInsaneModeAz: string
    haOobAvailabilityZone: string
    haOobManagementSubnet: string
    haPrivateModeSubnetZone: string
    haSoftwareVersion: string
    haSubnet: string
    haZone: string
    imageVersion: string
    includedAdvertisedSpokeRoutes: string
    insaneMode: false
    insaneModeAz: string
    learnedCidrsApprovalMode: string
    localAsNumber: string
    manageTransitGatewayAttachment: false
    monitorExcludeLists:
        - string
    oobAvailabilityZone: string
    oobManagementSubnet: string
    prependAsPaths:
        - string
    privateModeLbVpcId: string
    privateModeSubnetZone: string
    rxQueueSize: string
    singleAzHa: false
    singleIpSnat: false
    softwareVersion: string
    spokeBgpManualAdvertiseCidrs:
        - string
    spotPrice: string
    subnet: string
    tags:
        string: string
    tunnelDetectionTime: 0
    vpcId: string
    vpcReg: string
    zone: string

AviatrixSpokeGateway Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The AviatrixSpokeGateway resource accepts the following input properties:

AccountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
CloudType int: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
GwName string: Name of the gateway which is going to be created.
GwSize string: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
Subnet string: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
VpcId string: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
VpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
AllocateNewEip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
ApprovedLearnedCidrs List<string>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
AzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
BgpEcmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
BgpHoldTime int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
BgpPollingTime int: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
CustomerManagedKeys string: Customer managed key ID.
CustomizedSpokeVpcRoutes string: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
DisableRoutePropagation bool: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
Eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
EnableActiveStandby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
EnableActiveStandbyPreemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
EnableAutoAdvertiseS2cCidrs bool: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableBgp bool: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
EnableEncryptVolume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
EnableJumboFrame bool: Enable jumbo frames for this spoke gateway. Default value is true.
EnableLearnedCidrsApproval bool: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
EnableMonitorGatewaySubnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
EnablePreserveAsPath bool: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
EnablePrivateOob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnablePrivateVpcDefaultRoute bool: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableSkipPublicRouteTableUpdate bool: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableSpotInstance bool: Enable spot instance. NOT supported for production deployment.
EnableVpcDnsServer bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FilteredSpokeVpcRoutes string: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
HaAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
HaEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
HaFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaGwSize string: HA Gateway Size. Mandatory if enabling HA.
HaImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
HaInsaneModeAz string: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
HaOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
HaOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
HaPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
HaSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
HaSubnet string: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
HaZone string: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
ImageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
IncludedAdvertisedSpokeRoutes string: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
InsaneMode bool: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
InsaneModeAz string: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
LearnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
LocalAsNumber string: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
ManageTransitGatewayAttachment bool: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
MonitorExcludeLists List<string>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
OobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
OobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
PrependAsPaths List<string>: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
PrivateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
PrivateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
RxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
SingleAzHa bool: Set to true if this feature is desired. Valid values: true, false.
SingleIpSnat bool: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
SoftwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
SpokeBgpManualAdvertiseCidrs List<string>: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
SpotPrice string: Price for spot instance. NOT supported for production deployment.
TagLists List<string>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
Tags Dictionary<string, string>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
TransitGw string: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
TunnelDetectionTime int: The IPSec tunnel down detection time for the Spoke Gateway.
Zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

AccountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
CloudType int: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
GwName string: Name of the gateway which is going to be created.
GwSize string: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
Subnet string: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
VpcId string: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
VpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
AllocateNewEip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
ApprovedLearnedCidrs []string: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
AzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
BgpEcmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
BgpHoldTime int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
BgpPollingTime int: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
CustomerManagedKeys string: Customer managed key ID.
CustomizedSpokeVpcRoutes string: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
DisableRoutePropagation bool: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
Eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
EnableActiveStandby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
EnableActiveStandbyPreemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
EnableAutoAdvertiseS2cCidrs bool: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableBgp bool: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
EnableEncryptVolume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
EnableJumboFrame bool: Enable jumbo frames for this spoke gateway. Default value is true.
EnableLearnedCidrsApproval bool: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
EnableMonitorGatewaySubnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
EnablePreserveAsPath bool: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
EnablePrivateOob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnablePrivateVpcDefaultRoute bool: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableSkipPublicRouteTableUpdate bool: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableSpotInstance bool: Enable spot instance. NOT supported for production deployment.
EnableVpcDnsServer bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FilteredSpokeVpcRoutes string: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
HaAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
HaEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
HaFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaGwSize string: HA Gateway Size. Mandatory if enabling HA.
HaImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
HaInsaneModeAz string: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
HaOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
HaOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
HaPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
HaSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
HaSubnet string: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
HaZone string: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
ImageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
IncludedAdvertisedSpokeRoutes string: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
InsaneMode bool: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
InsaneModeAz string: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
LearnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
LocalAsNumber string: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
ManageTransitGatewayAttachment bool: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
MonitorExcludeLists []string: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
OobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
OobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
PrependAsPaths []string: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
PrivateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
PrivateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
RxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
SingleAzHa bool: Set to true if this feature is desired. Valid values: true, false.
SingleIpSnat bool: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
SoftwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
SpokeBgpManualAdvertiseCidrs []string: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
SpotPrice string: Price for spot instance. NOT supported for production deployment.
TagLists []string: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
Tags map[string]string: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
TransitGw string: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
TunnelDetectionTime int: The IPSec tunnel down detection time for the Spoke Gateway.
Zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName String: This parameter represents the name of a Cloud-Account in Aviatrix controller.
cloudType Integer: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
gwName String: Name of the gateway which is going to be created.
gwSize String: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
subnet String: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
vpcId String: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
vpcReg String: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
allocateNewEip Boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs List<String>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp Boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime Integer: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpPollingTime Integer: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
customerManagedKeys String: Customer managed key ID.
customizedSpokeVpcRoutes String: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
disableRoutePropagation Boolean: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
eip String: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby Boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
enableActiveStandbyPreemptive Boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAutoAdvertiseS2cCidrs Boolean: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableBgp Boolean: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
enableEncryptVolume Boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
enableJumboFrame Boolean: Enable jumbo frames for this spoke gateway. Default value is true.
enableLearnedCidrsApproval Boolean: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets Boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enablePreserveAsPath Boolean: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
enablePrivateOob Boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enablePrivateVpcDefaultRoute Boolean: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSkipPublicRouteTableUpdate Boolean: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSpotInstance Boolean: Enable spot instance. NOT supported for production deployment.
enableVpcDnsServer Boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes String: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
haAvailabilityDomain String: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haEip String: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain String: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwSize String: HA Gateway Size. Mandatory if enabling HA.
haImageVersion String: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz String: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haOobAvailabilityZone String: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet String: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateModeSubnetZone String: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haSoftwareVersion String: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet String: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
haZone String: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion String: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
includedAdvertisedSpokeRoutes String: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
insaneMode Boolean: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz String: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
learnedCidrsApprovalMode String: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
localAsNumber String: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
manageTransitGatewayAttachment Boolean: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
monitorExcludeLists List<String>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone String: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet String: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths List<String>: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
privateModeLbVpcId String: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
privateModeSubnetZone String: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
rxQueueSize String: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
singleAzHa Boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat Boolean: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
softwareVersion String: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spokeBgpManualAdvertiseCidrs List<String>: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
spotPrice String: Price for spot instance. NOT supported for production deployment.
tagLists List<String>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
tags Map<String,String>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
transitGw String: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
tunnelDetectionTime Integer: The IPSec tunnel down detection time for the Spoke Gateway.
zone String: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
cloudType number: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
gwName string: Name of the gateway which is going to be created.
gwSize string: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
subnet string: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
vpcId string: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
vpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
allocateNewEip boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs string[]: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime number: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpPollingTime number: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
customerManagedKeys string: Customer managed key ID.
customizedSpokeVpcRoutes string: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
disableRoutePropagation boolean: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
enableActiveStandbyPreemptive boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAutoAdvertiseS2cCidrs boolean: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableBgp boolean: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
enableEncryptVolume boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
enableJumboFrame boolean: Enable jumbo frames for this spoke gateway. Default value is true.
enableLearnedCidrsApproval boolean: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enablePreserveAsPath boolean: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
enablePrivateOob boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enablePrivateVpcDefaultRoute boolean: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSkipPublicRouteTableUpdate boolean: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSpotInstance boolean: Enable spot instance. NOT supported for production deployment.
enableVpcDnsServer boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
faultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes string: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
haAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwSize string: HA Gateway Size. Mandatory if enabling HA.
haImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz string: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet string: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
haZone string: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
includedAdvertisedSpokeRoutes string: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
insaneMode boolean: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz string: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
learnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
localAsNumber string: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
manageTransitGatewayAttachment boolean: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
monitorExcludeLists string[]: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths string[]: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
privateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
privateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
rxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
singleAzHa boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat boolean: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
softwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spokeBgpManualAdvertiseCidrs string[]: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
spotPrice string: Price for spot instance. NOT supported for production deployment.
tagLists string[]: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
tags {[key: string]: string}: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
transitGw string: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
tunnelDetectionTime number: The IPSec tunnel down detection time for the Spoke Gateway.
zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

account_name str: This parameter represents the name of a Cloud-Account in Aviatrix controller.
cloud_type int: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
gw_name str: Name of the gateway which is going to be created.
gw_size str: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
subnet str: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
vpc_id str: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
vpc_reg str: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
allocate_new_eip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approved_learned_cidrs Sequence[str]: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availability_domain str: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azure_eip_name_resource_group str: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgp_ecmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgp_hold_time int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgp_polling_time int: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
customer_managed_keys str: Customer managed key ID.
customized_spoke_vpc_routes str: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
disable_route_propagation bool: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
eip str: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enable_active_standby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
enable_active_standby_preemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enable_auto_advertise_s2c_cidrs bool: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enable_bgp bool: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
enable_encrypt_volume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
enable_jumbo_frame bool: Enable jumbo frames for this spoke gateway. Default value is true.
enable_learned_cidrs_approval bool: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
enable_monitor_gateway_subnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enable_preserve_as_path bool: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
enable_private_oob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enable_private_vpc_default_route bool: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enable_skip_public_route_table_update bool: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enable_spot_instance bool: Enable spot instance. NOT supported for production deployment.
enable_vpc_dns_server bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
fault_domain str: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filtered_spoke_vpc_routes str: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
ha_availability_domain str: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
ha_azure_eip_name_resource_group str: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
ha_eip str: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
ha_fault_domain str: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
ha_gw_size str: HA Gateway Size. Mandatory if enabling HA.
ha_image_version str: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
ha_insane_mode_az str: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
ha_oob_availability_zone str: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
ha_oob_management_subnet str: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
ha_private_mode_subnet_zone str: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
ha_software_version str: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
ha_subnet str: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
ha_zone str: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
image_version str: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
included_advertised_spoke_routes str: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
insane_mode bool: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insane_mode_az str: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
learned_cidrs_approval_mode str: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
local_as_number str: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
manage_transit_gateway_attachment bool: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
monitor_exclude_lists Sequence[str]: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oob_availability_zone str: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oob_management_subnet str: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prepend_as_paths Sequence[str]: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
private_mode_lb_vpc_id str: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
private_mode_subnet_zone str: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
rx_queue_size str: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
single_az_ha bool: Set to true if this feature is desired. Valid values: true, false.
single_ip_snat bool: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
software_version str: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spoke_bgp_manual_advertise_cidrs Sequence[str]: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
spot_price str: Price for spot instance. NOT supported for production deployment.
tag_lists Sequence[str]: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
tags Mapping[str, str]: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
transit_gw str: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
tunnel_detection_time int: The IPSec tunnel down detection time for the Spoke Gateway.
zone str: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName String: This parameter represents the name of a Cloud-Account in Aviatrix controller.
cloudType Number: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
gwName String: Name of the gateway which is going to be created.
gwSize String: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
subnet String: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
vpcId String: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
vpcReg String: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
allocateNewEip Boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs List<String>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp Boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime Number: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpPollingTime Number: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
customerManagedKeys String: Customer managed key ID.
customizedSpokeVpcRoutes String: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
disableRoutePropagation Boolean: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
eip String: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby Boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
enableActiveStandbyPreemptive Boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAutoAdvertiseS2cCidrs Boolean: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableBgp Boolean: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
enableEncryptVolume Boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
enableJumboFrame Boolean: Enable jumbo frames for this spoke gateway. Default value is true.
enableLearnedCidrsApproval Boolean: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets Boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enablePreserveAsPath Boolean: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
enablePrivateOob Boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enablePrivateVpcDefaultRoute Boolean: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSkipPublicRouteTableUpdate Boolean: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSpotInstance Boolean: Enable spot instance. NOT supported for production deployment.
enableVpcDnsServer Boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes String: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
haAvailabilityDomain String: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haEip String: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain String: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwSize String: HA Gateway Size. Mandatory if enabling HA.
haImageVersion String: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz String: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haOobAvailabilityZone String: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet String: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateModeSubnetZone String: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haSoftwareVersion String: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet String: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
haZone String: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion String: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
includedAdvertisedSpokeRoutes String: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
insaneMode Boolean: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz String: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
learnedCidrsApprovalMode String: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
localAsNumber String: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
manageTransitGatewayAttachment Boolean: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
monitorExcludeLists List<String>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone String: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet String: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths List<String>: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
privateModeLbVpcId String: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
privateModeSubnetZone String: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
rxQueueSize String: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
singleAzHa Boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat Boolean: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
softwareVersion String: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spokeBgpManualAdvertiseCidrs List<String>: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
spotPrice String: Price for spot instance. NOT supported for production deployment.
tagLists List<String>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
tags Map<String>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
transitGw String: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
tunnelDetectionTime Number: The IPSec tunnel down detection time for the Spoke Gateway.
zone String: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

Outputs

All input properties are implicitly available as output properties. Additionally, the AviatrixSpokeGateway resource produces the following output properties:

CloudInstanceId string: Cloud instance ID of the spoke gateway.
HaCloudInstanceId string: Cloud instance ID of the HA spoke gateway.
HaGwName string: Aviatrix spoke gateway unique name of HA spoke gateway.
HaPrivateIp string: Private IP address of HA spoke gateway.
HaPublicIp string: Public IP address of the HA Spoke Gateway.
HaSecurityGroupId string: HA security group used for the spoke gateway.
Id string: The provider-assigned unique ID for this managed resource.
PrivateIp string: Private IP address of the spoke gateway created.
PublicIp string: Public IP address of the Spoke Gateway created.
SecurityGroupId string: Security group used for the spoke gateway.

CloudInstanceId string: Cloud instance ID of the spoke gateway.
HaCloudInstanceId string: Cloud instance ID of the HA spoke gateway.
HaGwName string: Aviatrix spoke gateway unique name of HA spoke gateway.
HaPrivateIp string: Private IP address of HA spoke gateway.
HaPublicIp string: Public IP address of the HA Spoke Gateway.
HaSecurityGroupId string: HA security group used for the spoke gateway.
Id string: The provider-assigned unique ID for this managed resource.
PrivateIp string: Private IP address of the spoke gateway created.
PublicIp string: Public IP address of the Spoke Gateway created.
SecurityGroupId string: Security group used for the spoke gateway.

cloudInstanceId String: Cloud instance ID of the spoke gateway.
haCloudInstanceId String: Cloud instance ID of the HA spoke gateway.
haGwName String: Aviatrix spoke gateway unique name of HA spoke gateway.
haPrivateIp String: Private IP address of HA spoke gateway.
haPublicIp String: Public IP address of the HA Spoke Gateway.
haSecurityGroupId String: HA security group used for the spoke gateway.
id String: The provider-assigned unique ID for this managed resource.
privateIp String: Private IP address of the spoke gateway created.
publicIp String: Public IP address of the Spoke Gateway created.
securityGroupId String: Security group used for the spoke gateway.

cloudInstanceId string: Cloud instance ID of the spoke gateway.
haCloudInstanceId string: Cloud instance ID of the HA spoke gateway.
haGwName string: Aviatrix spoke gateway unique name of HA spoke gateway.
haPrivateIp string: Private IP address of HA spoke gateway.
haPublicIp string: Public IP address of the HA Spoke Gateway.
haSecurityGroupId string: HA security group used for the spoke gateway.
id string: The provider-assigned unique ID for this managed resource.
privateIp string: Private IP address of the spoke gateway created.
publicIp string: Public IP address of the Spoke Gateway created.
securityGroupId string: Security group used for the spoke gateway.

cloud_instance_id str: Cloud instance ID of the spoke gateway.
ha_cloud_instance_id str: Cloud instance ID of the HA spoke gateway.
ha_gw_name str: Aviatrix spoke gateway unique name of HA spoke gateway.
ha_private_ip str: Private IP address of HA spoke gateway.
ha_public_ip str: Public IP address of the HA Spoke Gateway.
ha_security_group_id str: HA security group used for the spoke gateway.
id str: The provider-assigned unique ID for this managed resource.
private_ip str: Private IP address of the spoke gateway created.
public_ip str: Public IP address of the Spoke Gateway created.
security_group_id str: Security group used for the spoke gateway.

cloudInstanceId String: Cloud instance ID of the spoke gateway.
haCloudInstanceId String: Cloud instance ID of the HA spoke gateway.
haGwName String: Aviatrix spoke gateway unique name of HA spoke gateway.
haPrivateIp String: Private IP address of HA spoke gateway.
haPublicIp String: Public IP address of the HA Spoke Gateway.
haSecurityGroupId String: HA security group used for the spoke gateway.
id String: The provider-assigned unique ID for this managed resource.
privateIp String: Private IP address of the spoke gateway created.
publicIp String: Public IP address of the Spoke Gateway created.
securityGroupId String: Security group used for the spoke gateway.

Look up Existing AviatrixSpokeGateway Resource

Get an existing AviatrixSpokeGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: AviatrixSpokeGatewayState, opts?: CustomResourceOptions): AviatrixSpokeGateway

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_name: Optional[str] = None,
        allocate_new_eip: Optional[bool] = None,
        approved_learned_cidrs: Optional[Sequence[str]] = None,
        availability_domain: Optional[str] = None,
        azure_eip_name_resource_group: Optional[str] = None,
        bgp_ecmp: Optional[bool] = None,
        bgp_hold_time: Optional[int] = None,
        bgp_polling_time: Optional[int] = None,
        cloud_instance_id: Optional[str] = None,
        cloud_type: Optional[int] = None,
        customer_managed_keys: Optional[str] = None,
        customized_spoke_vpc_routes: Optional[str] = None,
        disable_route_propagation: Optional[bool] = None,
        eip: Optional[str] = None,
        enable_active_standby: Optional[bool] = None,
        enable_active_standby_preemptive: Optional[bool] = None,
        enable_auto_advertise_s2c_cidrs: Optional[bool] = None,
        enable_bgp: Optional[bool] = None,
        enable_encrypt_volume: Optional[bool] = None,
        enable_jumbo_frame: Optional[bool] = None,
        enable_learned_cidrs_approval: Optional[bool] = None,
        enable_monitor_gateway_subnets: Optional[bool] = None,
        enable_preserve_as_path: Optional[bool] = None,
        enable_private_oob: Optional[bool] = None,
        enable_private_vpc_default_route: Optional[bool] = None,
        enable_skip_public_route_table_update: Optional[bool] = None,
        enable_spot_instance: Optional[bool] = None,
        enable_vpc_dns_server: Optional[bool] = None,
        fault_domain: Optional[str] = None,
        filtered_spoke_vpc_routes: Optional[str] = None,
        gw_name: Optional[str] = None,
        gw_size: Optional[str] = None,
        ha_availability_domain: Optional[str] = None,
        ha_azure_eip_name_resource_group: Optional[str] = None,
        ha_cloud_instance_id: Optional[str] = None,
        ha_eip: Optional[str] = None,
        ha_fault_domain: Optional[str] = None,
        ha_gw_name: Optional[str] = None,
        ha_gw_size: Optional[str] = None,
        ha_image_version: Optional[str] = None,
        ha_insane_mode_az: Optional[str] = None,
        ha_oob_availability_zone: Optional[str] = None,
        ha_oob_management_subnet: Optional[str] = None,
        ha_private_ip: Optional[str] = None,
        ha_private_mode_subnet_zone: Optional[str] = None,
        ha_public_ip: Optional[str] = None,
        ha_security_group_id: Optional[str] = None,
        ha_software_version: Optional[str] = None,
        ha_subnet: Optional[str] = None,
        ha_zone: Optional[str] = None,
        image_version: Optional[str] = None,
        included_advertised_spoke_routes: Optional[str] = None,
        insane_mode: Optional[bool] = None,
        insane_mode_az: Optional[str] = None,
        learned_cidrs_approval_mode: Optional[str] = None,
        local_as_number: Optional[str] = None,
        manage_transit_gateway_attachment: Optional[bool] = None,
        monitor_exclude_lists: Optional[Sequence[str]] = None,
        oob_availability_zone: Optional[str] = None,
        oob_management_subnet: Optional[str] = None,
        prepend_as_paths: Optional[Sequence[str]] = None,
        private_ip: Optional[str] = None,
        private_mode_lb_vpc_id: Optional[str] = None,
        private_mode_subnet_zone: Optional[str] = None,
        public_ip: Optional[str] = None,
        rx_queue_size: Optional[str] = None,
        security_group_id: Optional[str] = None,
        single_az_ha: Optional[bool] = None,
        single_ip_snat: Optional[bool] = None,
        software_version: Optional[str] = None,
        spoke_bgp_manual_advertise_cidrs: Optional[Sequence[str]] = None,
        spot_price: Optional[str] = None,
        subnet: Optional[str] = None,
        tag_lists: Optional[Sequence[str]] = None,
        tags: Optional[Mapping[str, str]] = None,
        transit_gw: Optional[str] = None,
        tunnel_detection_time: Optional[int] = None,
        vpc_id: Optional[str] = None,
        vpc_reg: Optional[str] = None,
        zone: Optional[str] = None) -> AviatrixSpokeGateway

func GetAviatrixSpokeGateway(ctx *Context, name string, id IDInput, state *AviatrixSpokeGatewayState, opts ...ResourceOption) (*AviatrixSpokeGateway, error)

public static AviatrixSpokeGateway Get(string name, Input<string> id, AviatrixSpokeGatewayState? state, CustomResourceOptions? opts = null)

public static AviatrixSpokeGateway get(String name, Output<String> id, AviatrixSpokeGatewayState state, CustomResourceOptions options)

resources:  _:    type: aviatrix:AviatrixSpokeGateway    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
AllocateNewEip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
ApprovedLearnedCidrs List<string>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
AzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
BgpEcmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
BgpHoldTime int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
BgpPollingTime int: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
CloudInstanceId string: Cloud instance ID of the spoke gateway.
CloudType int: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
CustomerManagedKeys string: Customer managed key ID.
CustomizedSpokeVpcRoutes string: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
DisableRoutePropagation bool: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
Eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
EnableActiveStandby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
EnableActiveStandbyPreemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
EnableAutoAdvertiseS2cCidrs bool: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableBgp bool: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
EnableEncryptVolume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
EnableJumboFrame bool: Enable jumbo frames for this spoke gateway. Default value is true.
EnableLearnedCidrsApproval bool: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
EnableMonitorGatewaySubnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
EnablePreserveAsPath bool: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
EnablePrivateOob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnablePrivateVpcDefaultRoute bool: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableSkipPublicRouteTableUpdate bool: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableSpotInstance bool: Enable spot instance. NOT supported for production deployment.
EnableVpcDnsServer bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FilteredSpokeVpcRoutes string: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
GwName string: Name of the gateway which is going to be created.
GwSize string: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
HaAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
HaCloudInstanceId string: Cloud instance ID of the HA spoke gateway.
HaEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
HaFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaGwName string: Aviatrix spoke gateway unique name of HA spoke gateway.
HaGwSize string: HA Gateway Size. Mandatory if enabling HA.
HaImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
HaInsaneModeAz string: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
HaOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
HaOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
HaPrivateIp string: Private IP address of HA spoke gateway.
HaPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
HaPublicIp string: Public IP address of the HA Spoke Gateway.
HaSecurityGroupId string: HA security group used for the spoke gateway.
HaSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
HaSubnet string: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
HaZone string: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
ImageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
IncludedAdvertisedSpokeRoutes string: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
InsaneMode bool: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
InsaneModeAz string: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
LearnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
LocalAsNumber string: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
ManageTransitGatewayAttachment bool: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
MonitorExcludeLists List<string>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
OobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
OobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
PrependAsPaths List<string>: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
PrivateIp string: Private IP address of the spoke gateway created.
PrivateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
PrivateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
PublicIp string: Public IP address of the Spoke Gateway created.
RxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
SecurityGroupId string: Security group used for the spoke gateway.
SingleAzHa bool: Set to true if this feature is desired. Valid values: true, false.
SingleIpSnat bool: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
SoftwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
SpokeBgpManualAdvertiseCidrs List<string>: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
SpotPrice string: Price for spot instance. NOT supported for production deployment.
Subnet string: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
TagLists List<string>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
Tags Dictionary<string, string>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
TransitGw string: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
TunnelDetectionTime int: The IPSec tunnel down detection time for the Spoke Gateway.
VpcId string: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
VpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
Zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

AccountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
AllocateNewEip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
ApprovedLearnedCidrs []string: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
AzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
BgpEcmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
BgpHoldTime int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
BgpPollingTime int: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
CloudInstanceId string: Cloud instance ID of the spoke gateway.
CloudType int: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
CustomerManagedKeys string: Customer managed key ID.
CustomizedSpokeVpcRoutes string: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
DisableRoutePropagation bool: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
Eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
EnableActiveStandby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
EnableActiveStandbyPreemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
EnableAutoAdvertiseS2cCidrs bool: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableBgp bool: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
EnableEncryptVolume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
EnableJumboFrame bool: Enable jumbo frames for this spoke gateway. Default value is true.
EnableLearnedCidrsApproval bool: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
EnableMonitorGatewaySubnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
EnablePreserveAsPath bool: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
EnablePrivateOob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnablePrivateVpcDefaultRoute bool: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableSkipPublicRouteTableUpdate bool: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
EnableSpotInstance bool: Enable spot instance. NOT supported for production deployment.
EnableVpcDnsServer bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FilteredSpokeVpcRoutes string: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
GwName string: Name of the gateway which is going to be created.
GwSize string: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
HaAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
HaCloudInstanceId string: Cloud instance ID of the HA spoke gateway.
HaEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
HaFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaGwName string: Aviatrix spoke gateway unique name of HA spoke gateway.
HaGwSize string: HA Gateway Size. Mandatory if enabling HA.
HaImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
HaInsaneModeAz string: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
HaOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
HaOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
HaPrivateIp string: Private IP address of HA spoke gateway.
HaPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
HaPublicIp string: Public IP address of the HA Spoke Gateway.
HaSecurityGroupId string: HA security group used for the spoke gateway.
HaSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
HaSubnet string: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
HaZone string: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
ImageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
IncludedAdvertisedSpokeRoutes string: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
InsaneMode bool: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
InsaneModeAz string: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
LearnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
LocalAsNumber string: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
ManageTransitGatewayAttachment bool: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
MonitorExcludeLists []string: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
OobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
OobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
PrependAsPaths []string: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
PrivateIp string: Private IP address of the spoke gateway created.
PrivateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
PrivateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
PublicIp string: Public IP address of the Spoke Gateway created.
RxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
SecurityGroupId string: Security group used for the spoke gateway.
SingleAzHa bool: Set to true if this feature is desired. Valid values: true, false.
SingleIpSnat bool: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
SoftwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
SpokeBgpManualAdvertiseCidrs []string: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
SpotPrice string: Price for spot instance. NOT supported for production deployment.
Subnet string: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
TagLists []string: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
Tags map[string]string: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
TransitGw string: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
TunnelDetectionTime int: The IPSec tunnel down detection time for the Spoke Gateway.
VpcId string: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
VpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
Zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName String: This parameter represents the name of a Cloud-Account in Aviatrix controller.
allocateNewEip Boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs List<String>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp Boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime Integer: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpPollingTime Integer: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
cloudInstanceId String: Cloud instance ID of the spoke gateway.
cloudType Integer: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
customerManagedKeys String: Customer managed key ID.
customizedSpokeVpcRoutes String: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
disableRoutePropagation Boolean: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
eip String: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby Boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
enableActiveStandbyPreemptive Boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAutoAdvertiseS2cCidrs Boolean: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableBgp Boolean: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
enableEncryptVolume Boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
enableJumboFrame Boolean: Enable jumbo frames for this spoke gateway. Default value is true.
enableLearnedCidrsApproval Boolean: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets Boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enablePreserveAsPath Boolean: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
enablePrivateOob Boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enablePrivateVpcDefaultRoute Boolean: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSkipPublicRouteTableUpdate Boolean: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSpotInstance Boolean: Enable spot instance. NOT supported for production deployment.
enableVpcDnsServer Boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes String: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
gwName String: Name of the gateway which is going to be created.
gwSize String: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
haAvailabilityDomain String: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haCloudInstanceId String: Cloud instance ID of the HA spoke gateway.
haEip String: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain String: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwName String: Aviatrix spoke gateway unique name of HA spoke gateway.
haGwSize String: HA Gateway Size. Mandatory if enabling HA.
haImageVersion String: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz String: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haOobAvailabilityZone String: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet String: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateIp String: Private IP address of HA spoke gateway.
haPrivateModeSubnetZone String: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haPublicIp String: Public IP address of the HA Spoke Gateway.
haSecurityGroupId String: HA security group used for the spoke gateway.
haSoftwareVersion String: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet String: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
haZone String: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion String: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
includedAdvertisedSpokeRoutes String: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
insaneMode Boolean: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz String: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
learnedCidrsApprovalMode String: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
localAsNumber String: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
manageTransitGatewayAttachment Boolean: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
monitorExcludeLists List<String>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone String: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet String: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths List<String>: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
privateIp String: Private IP address of the spoke gateway created.
privateModeLbVpcId String: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
privateModeSubnetZone String: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
publicIp String: Public IP address of the Spoke Gateway created.
rxQueueSize String: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
securityGroupId String: Security group used for the spoke gateway.
singleAzHa Boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat Boolean: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
softwareVersion String: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spokeBgpManualAdvertiseCidrs List<String>: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
spotPrice String: Price for spot instance. NOT supported for production deployment.
subnet String: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
tagLists List<String>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
tags Map<String,String>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
transitGw String: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
tunnelDetectionTime Integer: The IPSec tunnel down detection time for the Spoke Gateway.
vpcId String: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
vpcReg String: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
zone String: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
allocateNewEip boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs string[]: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime number: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpPollingTime number: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
cloudInstanceId string: Cloud instance ID of the spoke gateway.
cloudType number: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
customerManagedKeys string: Customer managed key ID.
customizedSpokeVpcRoutes string: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
disableRoutePropagation boolean: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
enableActiveStandbyPreemptive boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAutoAdvertiseS2cCidrs boolean: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableBgp boolean: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
enableEncryptVolume boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
enableJumboFrame boolean: Enable jumbo frames for this spoke gateway. Default value is true.
enableLearnedCidrsApproval boolean: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enablePreserveAsPath boolean: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
enablePrivateOob boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enablePrivateVpcDefaultRoute boolean: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSkipPublicRouteTableUpdate boolean: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSpotInstance boolean: Enable spot instance. NOT supported for production deployment.
enableVpcDnsServer boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
faultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes string: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
gwName string: Name of the gateway which is going to be created.
gwSize string: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
haAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haCloudInstanceId string: Cloud instance ID of the HA spoke gateway.
haEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwName string: Aviatrix spoke gateway unique name of HA spoke gateway.
haGwSize string: HA Gateway Size. Mandatory if enabling HA.
haImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz string: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateIp string: Private IP address of HA spoke gateway.
haPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haPublicIp string: Public IP address of the HA Spoke Gateway.
haSecurityGroupId string: HA security group used for the spoke gateway.
haSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet string: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
haZone string: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
includedAdvertisedSpokeRoutes string: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
insaneMode boolean: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz string: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
learnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
localAsNumber string: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
manageTransitGatewayAttachment boolean: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
monitorExcludeLists string[]: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths string[]: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
privateIp string: Private IP address of the spoke gateway created.
privateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
privateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
publicIp string: Public IP address of the Spoke Gateway created.
rxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
securityGroupId string: Security group used for the spoke gateway.
singleAzHa boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat boolean: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
softwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spokeBgpManualAdvertiseCidrs string[]: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
spotPrice string: Price for spot instance. NOT supported for production deployment.
subnet string: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
tagLists string[]: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
tags {[key: string]: string}: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
transitGw string: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
tunnelDetectionTime number: The IPSec tunnel down detection time for the Spoke Gateway.
vpcId string: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
vpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

account_name str: This parameter represents the name of a Cloud-Account in Aviatrix controller.
allocate_new_eip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approved_learned_cidrs Sequence[str]: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availability_domain str: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azure_eip_name_resource_group str: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgp_ecmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgp_hold_time int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgp_polling_time int: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
cloud_instance_id str: Cloud instance ID of the spoke gateway.
cloud_type int: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
customer_managed_keys str: Customer managed key ID.
customized_spoke_vpc_routes str: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
disable_route_propagation bool: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
eip str: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enable_active_standby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
enable_active_standby_preemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enable_auto_advertise_s2c_cidrs bool: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enable_bgp bool: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
enable_encrypt_volume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
enable_jumbo_frame bool: Enable jumbo frames for this spoke gateway. Default value is true.
enable_learned_cidrs_approval bool: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
enable_monitor_gateway_subnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enable_preserve_as_path bool: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
enable_private_oob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enable_private_vpc_default_route bool: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enable_skip_public_route_table_update bool: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enable_spot_instance bool: Enable spot instance. NOT supported for production deployment.
enable_vpc_dns_server bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
fault_domain str: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filtered_spoke_vpc_routes str: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
gw_name str: Name of the gateway which is going to be created.
gw_size str: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
ha_availability_domain str: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
ha_azure_eip_name_resource_group str: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
ha_cloud_instance_id str: Cloud instance ID of the HA spoke gateway.
ha_eip str: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
ha_fault_domain str: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
ha_gw_name str: Aviatrix spoke gateway unique name of HA spoke gateway.
ha_gw_size str: HA Gateway Size. Mandatory if enabling HA.
ha_image_version str: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
ha_insane_mode_az str: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
ha_oob_availability_zone str: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
ha_oob_management_subnet str: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
ha_private_ip str: Private IP address of HA spoke gateway.
ha_private_mode_subnet_zone str: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
ha_public_ip str: Public IP address of the HA Spoke Gateway.
ha_security_group_id str: HA security group used for the spoke gateway.
ha_software_version str: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
ha_subnet str: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
ha_zone str: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
image_version str: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
included_advertised_spoke_routes str: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
insane_mode bool: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insane_mode_az str: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
learned_cidrs_approval_mode str: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
local_as_number str: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
manage_transit_gateway_attachment bool: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
monitor_exclude_lists Sequence[str]: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oob_availability_zone str: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oob_management_subnet str: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prepend_as_paths Sequence[str]: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
private_ip str: Private IP address of the spoke gateway created.
private_mode_lb_vpc_id str: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
private_mode_subnet_zone str: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
public_ip str: Public IP address of the Spoke Gateway created.
rx_queue_size str: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
security_group_id str: Security group used for the spoke gateway.
single_az_ha bool: Set to true if this feature is desired. Valid values: true, false.
single_ip_snat bool: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
software_version str: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spoke_bgp_manual_advertise_cidrs Sequence[str]: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
spot_price str: Price for spot instance. NOT supported for production deployment.
subnet str: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
tag_lists Sequence[str]: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
tags Mapping[str, str]: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
transit_gw str: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
tunnel_detection_time int: The IPSec tunnel down detection time for the Spoke Gateway.
vpc_id str: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
vpc_reg str: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
zone str: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName String: This parameter represents the name of a Cloud-Account in Aviatrix controller.
allocateNewEip Boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs List<String>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp Boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime Number: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpPollingTime Number: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
cloudInstanceId String: Cloud instance ID of the spoke gateway.
cloudType Number: Type of cloud service provider, requires an integer value. Currently, only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
customerManagedKeys String: Customer managed key ID.
customizedSpokeVpcRoutes String: A list of comma separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to this spoke gateway only. Example: "10.0.0.0/116,10.2.0.0/16".
disableRoutePropagation Boolean: Disables route propagation on BGP Spoke to attached Transit Gateway. Default value: false.
eip String: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby Boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false.
enableActiveStandbyPreemptive Boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAutoAdvertiseS2cCidrs Boolean: Auto Advertise Spoke Site2Cloud CIDRs. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableBgp Boolean: Enable BGP for this spoke gateway. Only available for AWS and Azure. Valid values: true, false. Default value: false. Available in provider R2.21.0+.
enableEncryptVolume Boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret providers. Valid values: true, false. Default value: false.
enableJumboFrame Boolean: Enable jumbo frames for this spoke gateway. Default value is true.
enableLearnedCidrsApproval Boolean: Switch to enable/disable learned CIDR approval for BGP Spoke Gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets Boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enablePreserveAsPath Boolean: Enable preserve as_path when advertising manual summary cidrs on BGP spoke gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+
enablePrivateOob Boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enablePrivateVpcDefaultRoute Boolean: Program default route in VPC private route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSkipPublicRouteTableUpdate Boolean: Skip programming VPC public route table. Default: false. Valid values: true or false. Available as of provider version R2.19+.
enableSpotInstance Boolean: Enable spot instance. NOT supported for production deployment.
enableVpcDnsServer Boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes String: A list of comma separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to this spoke gateway only. Example: "10.2.0.0/116,10.3.0.0/16".
gwName String: Name of the gateway which is going to be created.
gwSize String: Size of the gateway instance. Example: AWS/AWSGov/AWSChina: "t2.large", Azure/AzureGov/AzureChina: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1".
haAvailabilityDomain String: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Spoke Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haCloudInstanceId String: Cloud instance ID of the HA spoke gateway.
haEip String: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain String: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwName String: Aviatrix spoke gateway unique name of HA spoke gateway.
haGwSize String: HA Gateway Size. Mandatory if enabling HA.
haImageVersion String: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz String: AZ of subnet being created for Insane Mode Spoke HA Gateway. Required for AWS, AzureGov, AWSGov, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haOobAvailabilityZone String: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet String: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateIp String: Private IP address of HA spoke gateway.
haPrivateModeSubnetZone String: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haPublicIp String: Public IP address of the HA Spoke Gateway.
haSecurityGroupId String: HA security group used for the spoke gateway.
haSoftwareVersion String: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet String: HA Subnet. Required if enabling HA for AWS, AWSGov, AWSChina, Azure, AzureGov, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24"
haZone String: HA Zone. Required if enabling HA for GCP gateway. Optional for Azure. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion String: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
includedAdvertisedSpokeRoutes String: A list of comma separated CIDRs to be advertised to on-prem as 'Included CIDR List'. When configured, it will replace all advertised routes from this VPC. Example: "10.4.0.0/116,10.5.0.0/16".
insaneMode Boolean: Enable Insane Mode for Spoke Gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz String: AZ of subnet being created for Insane Mode Spoke Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
learnedCidrsApprovalMode String: Learned CIDRs approval mode. Either "gateway" (approval on a per-gateway basis) or "connection" (approval on a per-connection basis). Only "gateway" is supported for BGP SPOKE Gateway. Default value: "gateway". Available as of provider version R2.21+.
localAsNumber String: Changes the Aviatrix Spoke Gateway ASN number before you setup Aviatrix Spoke Gateway connection configurations.
manageTransitGatewayAttachment Boolean: Enable to manage spoke-to-Aviatrix transit gateway attachments using the aviatrix_spoke_gateway resource with the below transit_gw attribute. If this is set to false, attaching this spoke to transit gateways must be done using the aviatrix_spoke_transit_attachment resource. Valid values: true, false. Default value: true. Available in provider R2.17+.
monitorExcludeLists List<String>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone String: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet String: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths List<String>: List of AS numbers to populate BGP AS_PATH field when it advertises to VGW or peer devices.
privateIp String: Private IP address of the spoke gateway created.
privateModeLbVpcId String: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in provider version R2.23+.
privateModeSubnetZone String: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
publicIp String: Public IP address of the Spoke Gateway created.
rxQueueSize String: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
securityGroupId String: Security group used for the spoke gateway.
singleAzHa Boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat Boolean: Specify whether to enable Source NAT feature in "single_ip" mode on the gateway or not. Please disable AWS NAT instance before enabling this feature. Currently only supports AWS(1) and Azure(8). Valid values: true, false.
softwareVersion String: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spokeBgpManualAdvertiseCidrs List<String>: Intended CIDR list to be advertised to external BGP router. Empty list is not valid. Example: ["10.2.0.0/16", "10.4.0.0/16"].
spotPrice String: Price for spot instance. NOT supported for production deployment.
subnet String: A VPC Network address range selected from one of the available network ranges. Example: "172.31.0.0/20". NOTE: If using insane_mode, please see notes here.
tagLists List<String>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina and AzureChina. Example: ["key1:value1", "key2:value2"].
Deprecated: Use tags instead.
tags Map<String>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
transitGw String: Specify the Aviatrix transit gateways to attach this spoke gateway to. Format is a comma separated list of transit gateway names. For example: "transit-gw1,transit-gw2".
Deprecated: Please set manage_transit_gateway_attachment to false, and use the standalone aviatrix_spoke_transit_attachment resource instead.
tunnelDetectionTime Number: The IPSec tunnel down detection time for the Spoke Gateway.
vpcId String: VPC-ID/VNet-Name of cloud provider. Example: AWS/AWSGov/AWSChina: "vpc-abcd1234", GCP: "vpc-gcp-test~-~project-id", Azure/AzureGov/AzureChina: "vnet_name:rg_name:resource_guid", OCI: "ocid1.vcn.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq".
vpcReg String: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1, AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
zone String: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

Package Details

Repository: aviatrix astipkovits/pulumi-aviatrix
License: Apache-2.0
Notes: This Pulumi package is based on the aviatrix Terraform Provider.

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

astipkovits/pulumi-aviatrix

aviatrix.AviatrixSpokeGateway

On this page

On this page

Import

Create AviatrixSpokeGateway Resource

Constructor syntax

Parameters

Constructor example

AviatrixSpokeGateway Resource Properties

Inputs

Outputs

Look up Existing AviatrixSpokeGateway Resource

Package Details

On this page

On this page