diff --git a/COMPATIBILITY.md b/COMPATIBILITY.md
index abd4d01..546a42b 100644
--- a/COMPATIBILITY.md
+++ b/COMPATIBILITY.md
@@ -1,6 +1,7 @@
### Compatibility
Module version | Terraform version | Controller version | Terraform provider version | [mc-transit module](https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-transit) version
:--- | :--- | :--- | :--- | :---
+v1.6.0 | >=1.3.0 | >= 7.2 | ~> 3.1.0 | ~> v2.6.0
v1.5.4 | >=1.1.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.2
v1.5.3 | >=1.1.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.0
v1.5.2 | >=1.1.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.0
diff --git a/README.md b/README.md
index 4d6f2f4..fca7066 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@ Aviatrix Terraform module for firenet deployment in multiple clouds, to be used
### Compatibility
Module version | Terraform version | Controller version | Terraform provider version | [mc-transit module](https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-transit) version
:--- | :--- | :--- | :--- | :---
-v1.5.4 | >=1.1.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.2
+v1.5.4 | >=1.3.0 | >= 7.1 | ~> 3.1.0 | ~> v2.5.2
Check [release notes](https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/master/RELEASE_NOTES.md) for more details.
Check [Compatibility list](https://github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-firenet/blob/master/COMPATIBILITY.md) for older versions.
@@ -15,7 +15,7 @@ Check [Compatibility list](https://github.com/terraform-aviatrix-modules/terrafo
```hcl
module "mc_transit" {
source = "terraform-aviatrix-modules/mc-transit/aviatrix"
- version = "v2.5.2"
+ version = "v2.6.0"
cloud = "AWS"
cidr = "10.1.0.0/23"
@@ -26,7 +26,7 @@ module "mc_transit" {
module "firenet_1" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.mc_transit
firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -70,7 +70,6 @@ fw_amount |  | <img src= "AWS")
| | IAM Role used to access bootstrap bucket. (Only used if 2 or more FW instances are deployed, e.g. when ha_gw is true. Applies to "even" fw instances (2,4,6 etc))
[inspection_enabled](https://registry.terraform.io/providers/AviatrixSystems/aviatrix/latest/docs/resources/aviatrix_firenet#inspection_enabled) | 
| true | Enable/disable east/west + north/south inspection via NGFW.
[instance_size](https://registry.terraform.io/providers/AviatrixSystems/aviatrix/latest/docs/resources/aviatrix_firewall_instance#firewall_size) |
| c5.xlarge
Standard_D3_v2
n1-standard-4
VM.Standard2.4 | Size of the NGFW instances
-[keep_alive_via_lan_interface_enabled](https://registry.terraform.io/providers/AviatrixSystems/aviatrix/latest/docs/resources/aviatrix_firenet#keep_alive_via_lan_interface_enabled) | | False | Enable Keep Alive via Firewall LAN Interface.
[key_name](https://registry.terraform.io/providers/AviatrixSystems/aviatrix/latest/docs/resources/aviatrix_firewall_instance#key_name) | | | Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
mgmt_cidr | | | CIDR For Management VPC for GCP Firenet. Only required when deploying in GCP and enable_transit_firenet is true and deploying Palo Alto NGFW.
mgmt_subnet_1 | | | Subnet for firenet management interface (odd instances). Only used when mc-transit was built with an existing VNET.
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index 46ee252..749fe11 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -1,5 +1,9 @@
# terraform-aviatrix-mc-firenet release notes
+## v1.6.0
+
+### Add support for Aviatrix controller version 7.2 and Terraform provider version 3.2.x.
+
## v1.5.4
- Add support for BYO VNET that was added in the mc-transit module. Requires mc-transit version 2.5.2 or higher.
- Add outputs for `egress_vpc` and `management_vpc`.
diff --git a/examples/aws_ha_fortigate/README.md b/examples/aws_ha_fortigate/README.md
index ba460c4..2e0959b 100644
--- a/examples/aws_ha_fortigate/README.md
+++ b/examples/aws_ha_fortigate/README.md
@@ -16,7 +16,7 @@ module "transit_ha_aws" {
module "mc_firenet_ha_aws" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.transit_ha_aws
firewall_image = "Fortinet FortiGate Next-Generation Firewall"
diff --git a/examples/aws_ha_fortigate/main.tf b/examples/aws_ha_fortigate/main.tf
index f3057d4..e1e81d6 100644
--- a/examples/aws_ha_fortigate/main.tf
+++ b/examples/aws_ha_fortigate/main.tf
@@ -12,7 +12,7 @@ module "transit_ha_aws" {
module "mc_firenet_ha_aws" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.transit_ha_aws
firewall_image = "Fortinet FortiGate Next-Generation Firewall"
diff --git a/examples/aws_ha_fqdn_egress/README.md b/examples/aws_ha_fqdn_egress/README.md
index 0e6de8a..a4020b0 100644
--- a/examples/aws_ha_fqdn_egress/README.md
+++ b/examples/aws_ha_fqdn_egress/README.md
@@ -16,7 +16,7 @@ module "mc_transit_ha_aws_fqdn" {
module "mc_firenet_ha_aws_fqdn" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "1.5.4"
+ version = "1.6.0"
transit_module = module.mc_transit_ha_aws_fqdn
firewall_image = "aviatrix"
diff --git a/examples/aws_ha_fqdn_egress/main.tf b/examples/aws_ha_fqdn_egress/main.tf
index c49f4bd..be09d74 100644
--- a/examples/aws_ha_fqdn_egress/main.tf
+++ b/examples/aws_ha_fqdn_egress/main.tf
@@ -12,7 +12,7 @@ module "mc_transit_ha_aws_fqdn" {
module "mc_firenet_ha_aws_fqdn" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "1.5.4"
+ version = "1.6.0"
transit_module = module.mc_transit_ha_aws_fqdn
firewall_image = "aviatrix"
diff --git a/examples/aws_ha_paloalto_dual_firenet/README.md b/examples/aws_ha_paloalto_dual_firenet/README.md
index 3fdf9bc..2a6c561 100644
--- a/examples/aws_ha_paloalto_dual_firenet/README.md
+++ b/examples/aws_ha_paloalto_dual_firenet/README.md
@@ -17,7 +17,7 @@ module "transit_ha_dual_firenet_aws_east_west" {
module "mc_firenet_ha_dual_firenet_aws_east_west" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.transit_ha_dual_firenet_aws_east_west
firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -38,7 +38,7 @@ module "transit_ha_dual_firenet_aws_egress" {
module "mc_firenet_ha_dual_firenet_aws_egress" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.transit_ha_dual_firenet_aws_egress
firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -47,7 +47,7 @@ module "mc_firenet_ha_dual_firenet_aws_egress" {
#Spoke VPC
module "spoke_aws_1" {
source = "terraform-aviatrix-modules/mc-spoke/aviatrix"
- version = "1.5.4"
+ version = "1.6.0"
cloud = "AWS"
name = "App1"
diff --git a/examples/aws_ha_paloalto_dual_firenet/main.tf b/examples/aws_ha_paloalto_dual_firenet/main.tf
index 3865f50..096e330 100644
--- a/examples/aws_ha_paloalto_dual_firenet/main.tf
+++ b/examples/aws_ha_paloalto_dual_firenet/main.tf
@@ -13,7 +13,7 @@ module "transit_ha_dual_firenet_aws_east_west" {
module "mc_firenet_ha_dual_firenet_aws_east_west" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.transit_ha_dual_firenet_aws_east_west
firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -34,7 +34,7 @@ module "transit_ha_dual_firenet_aws_egress" {
module "mc_firenet_ha_dual_firenet_aws_egress" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.transit_ha_dual_firenet_aws_egress
firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall Bundle 1"
@@ -43,7 +43,7 @@ module "mc_firenet_ha_dual_firenet_aws_egress" {
#Spoke VPC
module "spoke_aws_1" {
source = "terraform-aviatrix-modules/mc-spoke/aviatrix"
- version = "1.5.4"
+ version = "1.6.0"
cloud = "AWS"
name = "App1"
diff --git a/examples/azure_ha_byo_vnet_checkpoint/README.md b/examples/azure_ha_byo_vnet_checkpoint/README.md
index 38eea75..f569fce 100644
--- a/examples/azure_ha_byo_vnet_checkpoint/README.md
+++ b/examples/azure_ha_byo_vnet_checkpoint/README.md
@@ -80,7 +80,7 @@ module "azure_transit" {
module "firenet" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.azure_transit
firewall_image = "Check Point CloudGuard IaaS Single Gateway R80.40 - Bring Your Own License"
diff --git a/examples/azure_ha_byo_vnet_checkpoint/main.tf b/examples/azure_ha_byo_vnet_checkpoint/main.tf
index eca6713..51e4e9e 100644
--- a/examples/azure_ha_byo_vnet_checkpoint/main.tf
+++ b/examples/azure_ha_byo_vnet_checkpoint/main.tf
@@ -76,7 +76,7 @@ module "azure_transit" {
module "firenet" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.azure_transit
firewall_image = "Check Point CloudGuard IaaS Single Gateway R80.40 - Bring Your Own License"
diff --git a/examples/azure_non_ha_checkpoint/README.md b/examples/azure_non_ha_checkpoint/README.md
index ec07d25..2aa3762 100644
--- a/examples/azure_non_ha_checkpoint/README.md
+++ b/examples/azure_non_ha_checkpoint/README.md
@@ -17,7 +17,7 @@ module "transit_non_ha_azure" {
module "mc_firenet_non_ha_azure" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.transit_non_ha_azure
firewall_image = "Check Point CloudGuard IaaS Single Gateway R80.40 - Pay As You Go (NGTP)"
diff --git a/examples/azure_non_ha_checkpoint/main.tf b/examples/azure_non_ha_checkpoint/main.tf
index 41654bc..a5dd4cc 100644
--- a/examples/azure_non_ha_checkpoint/main.tf
+++ b/examples/azure_non_ha_checkpoint/main.tf
@@ -13,7 +13,7 @@ module "transit_non_ha_azure" {
module "mc_firenet_non_ha_azure" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "v1.5.4"
+ version = "v1.6.0"
transit_module = module.transit_non_ha_azure
firewall_image = "Check Point CloudGuard IaaS Single Gateway R80.40 - Pay As You Go (NGTP)"
diff --git a/examples/gcp_ha_palo_alto/README.md b/examples/gcp_ha_palo_alto/README.md
index 3b4ae76..13c2b3c 100644
--- a/examples/gcp_ha_palo_alto/README.md
+++ b/examples/gcp_ha_palo_alto/README.md
@@ -17,7 +17,7 @@ module "transit_ha_gcp" {
module "mc_firenet_ha_gcp" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "1.5.4"
+ version = "1.6.0"
transit_module = module.transit_ha_gcp
firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall BUNDLE1"
diff --git a/examples/gcp_ha_palo_alto/main.tf b/examples/gcp_ha_palo_alto/main.tf
index e6059fe..12bfdfd 100644
--- a/examples/gcp_ha_palo_alto/main.tf
+++ b/examples/gcp_ha_palo_alto/main.tf
@@ -13,7 +13,7 @@ module "transit_ha_gcp" {
module "mc_firenet_ha_gcp" {
source = "terraform-aviatrix-modules/mc-firenet/aviatrix"
- version = "1.5.4"
+ version = "1.6.0"
transit_module = module.transit_ha_gcp
firewall_image = "Palo Alto Networks VM-Series Next-Generation Firewall BUNDLE1"
diff --git a/main.tf b/main.tf
index b556268..04d8348 100644
--- a/main.tf
+++ b/main.tf
@@ -159,13 +159,12 @@ resource "aviatrix_gateway" "egress_instance_2" {
#Firenet
resource "aviatrix_firenet" "firenet" {
- vpc_id = local.vpc_id
- inspection_enabled = local.is_aviatrix || local.enable_egress_transit_firenet ? false : var.inspection_enabled #Always switch to false if Aviatrix FQDN egress or egress transit firenet.
- egress_enabled = local.is_aviatrix || local.enable_egress_transit_firenet ? true : var.egress_enabled #Always switch to true if Aviatrix FQDN egress or egress transit firenet.
- keep_alive_via_lan_interface_enabled = var.keep_alive_via_lan_interface_enabled
- egress_static_cidrs = var.egress_static_cidrs
- east_west_inspection_excluded_cidrs = var.east_west_inspection_excluded_cidrs
- hashing_algorithm = var.hashing_algorithm
+ vpc_id = local.vpc_id
+ inspection_enabled = local.is_aviatrix || local.enable_egress_transit_firenet ? false : var.inspection_enabled #Always switch to false if Aviatrix FQDN egress or egress transit firenet.
+ egress_enabled = local.is_aviatrix || local.enable_egress_transit_firenet ? true : var.egress_enabled #Always switch to true if Aviatrix FQDN egress or egress transit firenet.
+ egress_static_cidrs = var.egress_static_cidrs
+ east_west_inspection_excluded_cidrs = var.east_west_inspection_excluded_cidrs
+ hashing_algorithm = var.hashing_algorithm
depends_on = [
aviatrix_firewall_instance_association.firenet_instance1,
diff --git a/output.tf b/output.tf
index b653b21..c252cc9 100644
--- a/output.tf
+++ b/output.tf
@@ -23,6 +23,6 @@ output "egress_vpc" {
output "module_metadata" {
value = {
- version = "1.5.4"
+ version = "1.6.0"
}
}
diff --git a/variables.tf b/variables.tf
index 8edb913..4c08359 100644
--- a/variables.tf
+++ b/variables.tf
@@ -107,13 +107,6 @@ variable "egress_static_cidrs" {
nullable = false
}
-variable "keep_alive_via_lan_interface_enabled" {
- description = "Enable Keep Alive via Firewall LAN Interface"
- type = bool
- default = false
- nullable = false
-}
-
variable "firewall_image_id" {
description = "Firewall image ID."
type = string
diff --git a/versions.tf b/versions.tf
index 55540dd..51ecb48 100644
--- a/versions.tf
+++ b/versions.tf
@@ -2,8 +2,8 @@ terraform {
required_providers {
aviatrix = {
source = "aviatrixsystems/aviatrix"
- version = "~> 3.1.0"
+ version = "~> 3.2.0"
}
}
- required_version = ">= 1.1.0"
+ required_version = ">= 1.3.0"
}