I am attempting to call a module and pass a single variable from main.tf in root (customer folder).
With the code below I keep being prompted for
var.auth_method
Enter a value:
I have tried all recommendations on this and probably my lack of experience in TF is showing.
I have gone through the documentation, read the forum posts, tried all types of formats to pass the variable as an input to the module and still cannot get this to work.
Terraform v1.1.7
on linux_amd64
- provider Terraform Registry v1.14.0
├── customer
│ ├── main.tf
│ ├── terraform.tfvars
│ └── variables.tf
└── modules
------└── ftp_vpn
----------------------└── phase1
----------------------├── main.tf
----------------------├── variables.tf
----------------------└── terraform.tfvars
customer/main.tf
terraform {
required_providers {
fortios = {
source = "fortinetdev/fortios"
}
}
}
provider “fortios” {
hostname = “1.1.1.1”
token = “SomeToken”
insecure = “true”
vdom = “Public-SAAS”
}
locals {
auth_method = "psk"
}
module “customer_phase1” {
source = "../modules/ftg_vpn/phase1"
authmethod = "${var.auth_method}"
}
customer/variables.tf
variable “name” {
type = string
}
variable “vdom” {
type = string
}
variable “remote_gw” {
type = string
}
variable “local_gw” {
type = string
}
variable “mode_cfg” {
type = string
}
variable “nattraversal” {
type = string
}
variable “dpd” {
type = string
}
variable “dpd_retryinterval” {
type = number
}
variable “auth_method”{
type = string
}
variable “psksecret” {
type = string
}
variable “ike_version” {
type = number
}
variable “tunnel_phase1_proposal” {
type = string
}
variable “dhgrp” {
type = string
}
variable “keylife” {
type = string
}
variable “fortigate_interface” {
type = string
}
variable “peertype” {
type = string
}
customer/terraform.tfvars
auth_method = “qsk”
dhgrp = “5 14 21”
vdom = “FairW-SAAS”
FairWarning FW mgmt IP
#fortigate_ip_or_fqdn = “192.168.30.54”
API Token used for authentication
not sure how this is used yet
name=“CustomerName”
################# Phase1 ###########################
Customer Peer IP
remote_gw = “44.44.44.44”
Interface associated with WAN Traffic
fortigate_interface = “port5”
Local IP - peer ip the customer will connec to
local_gw = “2.2.2.2”
Tunnel mode - not sure what is is used for
mode_cfg = “disable”
IF remote gw ip is NAT’d
nattraversal = “disable”
Dead Peer Detection
dpd = “on-idle”
dpd_retryinterval = “5”
Pre-shared Key
psksecret = “1234567890”
Set Ike version to 2
ike_version = “2”
peertype =“any”
Phase1 Proposal
tunnel_phase1_proposal = “aes256-sha256”
Keylife - not sure what this is used for
keylife = “28800”
##############################################
modules/ftg_vpn/phase1/main.tf
terraform {
required_providers {
fortios = {
source = "fortinetdev/fortios"
}
}
}
provider “fortios” {
hostname = “1.1.1.1”
token = “sometoken”
insecure = “true”
vdom = “FairW-SAAS”
}
#Build Phase 1 of customer VPN
resource “fortios_vpnipsec_phase1interface” “vpn_phase1_interface” {
**authmethod = "${var.auth_method}"**
interface = "port5"
name = "CustomerName"
remote_gw = "44.44.44.44"
local_gw = "3.3.3.3"
mode_cfg = "disable"
nattraversal = "disable"
dpd = "on-idle"
dpd_retryinterval = "5"
psksecret = "1234567890"
ike_version = "2"
proposal = "aes256-sha256"
dhgrp = "5 14 21"
keylife = "28800"
peertype = "any"
}
##############################################
modules/ftg_vpn/phase1/variables.tf
variable “authmethod”{
type = string
}
variable “auth_method” {
type = string
}
##############################################
modules/ftg_vpn/phase1/terraform.tfvars
authmethod = “”