prep 1.6.0 release

COMPATIBILITY.md

@@ -1,6 +1,7 @@
 ### Compatibility
 Module version | Terraform version | Controller version | Terraform provider version | [mc-transit module](https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-transit) version
 :--- | :--- | :--- | :--- | :---
+v1.6.0 | >=1.3.0 | >= 7.2 | ~> 3.1.0 | ~> v2.6.0
 v1.5.4 | >=1.1.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.2
 v1.5.3 | >=1.1.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.0
 v1.5.2 | >=1.1.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.0

README.md

@@ -6,7 +6,7 @@ Aviatrix Terraform module for firenet deployment in multiple clouds, to be used
 ### Compatibility
 Module version | Terraform version | Controller version | Terraform provider version | [mc-transit module](https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-transit) version
 :--- | :--- | :--- | :--- | :---
-v1.5.4 | >=1.1.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.2
+v1.5.4 | >=1.3.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.2
 
 Check [release notes](https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/master/RELEASE_NOTES.md) for more details.
 Check [Compatibility list](https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/master/COMPATIBILITY.md) for older versions.
@@ -15,7 +15,7 @@ Check [Compatibility list](https://github.com/terraform-aviatrix-modules/terrafo
 ```hcl
 module "mc_transit" {
   source  = "terraform-aviatrix-modules/mc-transit/aviatrix"
-  version = "v2.5.2"
+  version = "v2.6.0"
 
   cloud                  = "AWS"
   cidr                   = "10.1.0.0/23"
@@ -26,7 +26,7 @@ module "mc_transit" {
 
 module "firenet_1" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.mc_transit
   firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -70,7 +70,6 @@ fw_amount | <img src="https://github.com/terraform-aviatrix-modules/terraform-av
 [iam_role_2](https://registry.terraform.io/providers/AviatrixSystems/aviatrix/latest/docs/resources/aviatrix_firewall_instance#iam_role) | <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/aws.png?raw=true" title="AWS"> | | IAM Role used to access bootstrap bucket. (Only used if 2 or more FW instances are deployed, e.g. when ha_gw is true. Applies to "even" fw instances (2,4,6 etc))
 [inspection_enabled](https://registry.terraform.io/providers/AviatrixSystems/aviatrix/latest/docs/resources/aviatrix_firenet#inspection_enabled) | <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/aws.png?raw=true" title="AWS"> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/azure.png?raw=true" title="Azure"> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/gcp.png?raw=true" title="GCP"> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/oci.png?raw=true" title="OCI"> | true | Enable/disable east/west + north/south inspection via NGFW.
 [instance_size](https://registry.terraform.io/providers/AviatrixSystems/aviatrix/latest/docs/resources/aviatrix_firewall_instance#firewall_size) | <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/aws.png?raw=true" title="AWS"> <br> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/azure.png?raw=true" title="Azure"> <br> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/gcp.png?raw=true" title="GCP"> <br> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/oci.png?raw=true" title="OCI"> | c5.xlarge <br> Standard_D3_v2 <br> n1-standard-4 <br> VM.Standard2.4 | Size of the NGFW instances
-[keep_alive_via_lan_interface_enabled](https://registry.terraform.io/providers/AviatrixSystems/aviatrix/latest/docs/resources/aviatrix_firenet#keep_alive_via_lan_interface_enabled) | <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/aws.png?raw=true" title="AWS"> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/azure.png?raw=true" title="Azure"> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/gcp.png?raw=true" title="GCP"> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/oci.png?raw=true" title="OCI"> | False | Enable Keep Alive via Firewall LAN Interface.
 [key_name](https://registry.terraform.io/providers/AviatrixSystems/aviatrix/latest/docs/resources/aviatrix_firewall_instance#key_name) | <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/aws.png?raw=true" title="AWS"> | | Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
 mgmt_cidr | <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/gcp.png?raw=true" title="GCP"> | | CIDR For Management VPC for GCP Firenet. Only required when deploying in GCP and enable_transit_firenet is true and deploying Palo Alto NGFW.
 mgmt_subnet_1 | <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/aws.png?raw=true" title="AWS"> <img src="https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/main/img/azure.png?raw=true" title="Azure"> | | Subnet for firenet management interface (odd instances). Only used when mc-transit was built with an existing VNET.

RELEASE_NOTES.md

@@ -1,5 +1,9 @@
 # terraform-aviatrix-mc-firenet release notes
 
+## v1.6.0
+
+### Add support for Aviatrix controller version 7.2 and Terraform provider version 3.2.x.
+
 ## v1.5.4
 - Add support for BYO VNET that was added in the mc-transit module. Requires mc-transit version 2.5.2 or higher.
 - Add outputs for `egress_vpc` and `management_vpc`.

examples/aws_ha_fortigate/README.md

@@ -16,7 +16,7 @@ module "transit_ha_aws" {
 
 module "mc_firenet_ha_aws" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.transit_ha_aws
   firewall_image = "Fortinet FortiGate Next-Generation Firewall"

examples/aws_ha_fortigate/main.tf

@@ -12,7 +12,7 @@ module "transit_ha_aws" {
 
 module "mc_firenet_ha_aws" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.transit_ha_aws
   firewall_image = "Fortinet FortiGate Next-Generation Firewall"

examples/aws_ha_fqdn_egress/README.md

@@ -16,7 +16,7 @@ module "mc_transit_ha_aws_fqdn" {
 
 module "mc_firenet_ha_aws_fqdn" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "1.5.4"
+  version = "1.6.0"
 
   transit_module  = module.mc_transit_ha_aws_fqdn
   firewall_image  = "aviatrix"

examples/aws_ha_fqdn_egress/main.tf

@@ -12,7 +12,7 @@ module "mc_transit_ha_aws_fqdn" {
 
 module "mc_firenet_ha_aws_fqdn" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "1.5.4"
+  version = "1.6.0"
 
   transit_module = module.mc_transit_ha_aws_fqdn
   firewall_image = "aviatrix"

examples/aws_ha_paloalto_dual_firenet/README.md

@@ -17,7 +17,7 @@ module "transit_ha_dual_firenet_aws_east_west" {
 
 module "mc_firenet_ha_dual_firenet_aws_east_west" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.transit_ha_dual_firenet_aws_east_west
   firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -38,7 +38,7 @@ module "transit_ha_dual_firenet_aws_egress" {
 
 module "mc_firenet_ha_dual_firenet_aws_egress" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.transit_ha_dual_firenet_aws_egress
   firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -47,7 +47,7 @@ module "mc_firenet_ha_dual_firenet_aws_egress" {
 #Spoke VPC
 module "spoke_aws_1" {
   source  = "terraform-aviatrix-modules/mc-spoke/aviatrix"
-  version = "1.5.4"
+  version = "1.6.0"
 
   cloud             = "AWS"
   name              = "App1"

examples/aws_ha_paloalto_dual_firenet/main.tf

@@ -13,7 +13,7 @@ module "transit_ha_dual_firenet_aws_east_west" {
 
 module "mc_firenet_ha_dual_firenet_aws_east_west" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.transit_ha_dual_firenet_aws_east_west
   firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -34,7 +34,7 @@ module "transit_ha_dual_firenet_aws_egress" {
 
 module "mc_firenet_ha_dual_firenet_aws_egress" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.transit_ha_dual_firenet_aws_egress
   firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -43,7 +43,7 @@ module "mc_firenet_ha_dual_firenet_aws_egress" {
 #Spoke VPC
 module "spoke_aws_1" {
   source  = "terraform-aviatrix-modules/mc-spoke/aviatrix"
-  version = "1.5.4"
+  version = "1.6.0"
 
   cloud             = "AWS"
   name              = "App1"

examples/azure_ha_byo_vnet_checkpoint/README.md

@@ -80,7 +80,7 @@ module "azure_transit" {
 
 module "firenet" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.azure_transit
   firewall_image = "Check Point CloudGuard IaaS Single Gateway R80.40 - Bring Your Own License"

examples/azure_ha_byo_vnet_checkpoint/main.tf

@@ -76,7 +76,7 @@ module "azure_transit" {
 
 module "firenet" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.azure_transit
   firewall_image = "Check Point CloudGuard IaaS Single Gateway R80.40 - Bring Your Own License"

examples/azure_non_ha_checkpoint/README.md

@@ -17,7 +17,7 @@ module "transit_non_ha_azure" {
 
 module "mc_firenet_non_ha_azure" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.transit_non_ha_azure
   firewall_image = "Check Point CloudGuard IaaS Single Gateway R80.40 - Pay As You Go (NGTP)"

examples/azure_non_ha_checkpoint/main.tf

@@ -13,7 +13,7 @@ module "transit_non_ha_azure" {
 
 module "mc_firenet_non_ha_azure" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "v1.5.4"
+  version = "v1.6.0"
 
   transit_module = module.transit_non_ha_azure
   firewall_image = "Check Point CloudGuard IaaS Single Gateway R80.40 - Pay As You Go (NGTP)"

examples/gcp_ha_palo_alto/README.md

@@ -17,7 +17,7 @@ module "transit_ha_gcp" {
 
 module "mc_firenet_ha_gcp" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "1.5.4"
+  version = "1.6.0"
 
   transit_module = module.transit_ha_gcp
   firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall BUNDLE1"

examples/gcp_ha_palo_alto/main.tf

@@ -13,7 +13,7 @@ module "transit_ha_gcp" {
 
 module "mc_firenet_ha_gcp" {
   source  = "terraform-aviatrix-modules/mc-firenet/aviatrix"
-  version = "1.5.4"
+  version = "1.6.0"
 
   transit_module = module.transit_ha_gcp
   firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall BUNDLE1"

main.tf

@@ -159,13 +159,12 @@ resource "aviatrix_gateway" "egress_instance_2" {
 
 #Firenet
 resource "aviatrix_firenet" "firenet" {
-  vpc_id                               = local.vpc_id
-  inspection_enabled                   = local.is_aviatrix || local.enable_egress_transit_firenet ? false : var.inspection_enabled #Always switch to false if Aviatrix FQDN egress or egress transit firenet.
-  egress_enabled                       = local.is_aviatrix || local.enable_egress_transit_firenet ? true : var.egress_enabled      #Always switch to true if Aviatrix FQDN egress or egress transit firenet.
-  keep_alive_via_lan_interface_enabled = var.keep_alive_via_lan_interface_enabled
-  egress_static_cidrs                  = var.egress_static_cidrs
-  east_west_inspection_excluded_cidrs  = var.east_west_inspection_excluded_cidrs
-  hashing_algorithm                    = var.hashing_algorithm
+  vpc_id                              = local.vpc_id
+  inspection_enabled                  = local.is_aviatrix || local.enable_egress_transit_firenet ? false : var.inspection_enabled #Always switch to false if Aviatrix FQDN egress or egress transit firenet.
+  egress_enabled                      = local.is_aviatrix || local.enable_egress_transit_firenet ? true : var.egress_enabled      #Always switch to true if Aviatrix FQDN egress or egress transit firenet.
+  egress_static_cidrs                 = var.egress_static_cidrs
+  east_west_inspection_excluded_cidrs = var.east_west_inspection_excluded_cidrs
+  hashing_algorithm                   = var.hashing_algorithm
 
   depends_on = [
     aviatrix_firewall_instance_association.firenet_instance1,

output.tf

@@ -23,6 +23,6 @@ output "egress_vpc" {
 
 output "module_metadata" {
   value = {
-    version = "1.5.4"
+    version = "1.6.0"
   }
 }

variables.tf

@@ -107,13 +107,6 @@ variable "egress_static_cidrs" {
   nullable    = false
 }
 
-variable "keep_alive_via_lan_interface_enabled" {
-  description = "Enable Keep Alive via Firewall LAN Interface"
-  type        = bool
-  default     = false
-  nullable    = false
-}
-
 variable "firewall_image_id" {
   description = "Firewall image ID."
   type        = string

versions.tf

@@ -2,8 +2,8 @@ terraform {
   required_providers {
     aviatrix = {
       source  = "aviatrixsystems/aviatrix"
-      version = "~> 3.1.0"
+      version = "~> 3.2.0"
     }
   }
-  required_version = ">= 1.1.0"
+  required_version = ">= 1.3.0"
 }