Aviatrix v0.0.11, Jun 17 23

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

aviatrix.AviatrixTransitGateway

Explore with Pulumi AI

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

astipkovits/pulumi-aviatrix

Import

transit_gateway can be imported using the gw_name, e.g.

 $ pulumi import aviatrix:index/aviatrixTransitGateway:AviatrixTransitGateway test gw_name

Create AviatrixTransitGateway Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new AviatrixTransitGateway(name: string, args: AviatrixTransitGatewayArgs, opts?: CustomResourceOptions);

@overload
def AviatrixTransitGateway(resource_name: str,
                           args: AviatrixTransitGatewayArgs,
                           opts: Optional[ResourceOptions] = None)

@overload
def AviatrixTransitGateway(resource_name: str,
                           opts: Optional[ResourceOptions] = None,
                           cloud_type: Optional[int] = None,
                           vpc_reg: Optional[str] = None,
                           vpc_id: Optional[str] = None,
                           subnet: Optional[str] = None,
                           gw_size: Optional[str] = None,
                           gw_name: Optional[str] = None,
                           account_name: Optional[str] = None,
                           fault_domain: Optional[str] = None,
                           tunnel_detection_time: Optional[int] = None,
                           bgp_manual_spoke_advertise_cidrs: Optional[str] = None,
                           bgp_polling_time: Optional[str] = None,
                           bgp_lan_interfaces: Optional[Sequence[AviatrixTransitGatewayBgpLanInterfaceArgs]] = None,
                           connected_transit: Optional[bool] = None,
                           customer_managed_keys: Optional[str] = None,
                           customized_spoke_vpc_routes: Optional[str] = None,
                           customized_transit_vpc_routes: Optional[Sequence[str]] = None,
                           eip: Optional[str] = None,
                           enable_active_standby: Optional[bool] = None,
                           enable_active_standby_preemptive: Optional[bool] = None,
                           enable_advertise_transit_cidr: Optional[bool] = None,
                           enable_bgp_over_lan: Optional[bool] = None,
                           enable_egress_transit_firenet: Optional[bool] = None,
                           ha_availability_domain: Optional[str] = None,
                           enable_firenet: Optional[bool] = None,
                           enable_gateway_load_balancer: Optional[bool] = None,
                           enable_hybrid_connection: Optional[bool] = None,
                           enable_jumbo_frame: Optional[bool] = None,
                           enable_learned_cidrs_approval: Optional[bool] = None,
                           enable_monitor_gateway_subnets: Optional[bool] = None,
                           enable_multi_tier_transit: Optional[bool] = None,
                           enable_preserve_as_path: Optional[bool] = None,
                           enable_private_oob: Optional[bool] = None,
                           enable_s2c_rx_balancing: Optional[bool] = None,
                           enable_segmentation: Optional[bool] = None,
                           enable_spot_instance: Optional[bool] = None,
                           enable_transit_firenet: Optional[bool] = None,
                           enable_transit_summarize_cidr_to_tgw: Optional[bool] = None,
                           enable_vpc_dns_server: Optional[bool] = None,
                           excluded_advertised_spoke_routes: Optional[str] = None,
                           bgp_hold_time: Optional[int] = None,
                           filtered_spoke_vpc_routes: Optional[str] = None,
                           bgp_ecmp: Optional[bool] = None,
                           azure_eip_name_resource_group: Optional[str] = None,
                           enable_encrypt_volume: Optional[bool] = None,
                           bgp_lan_interfaces_count: Optional[int] = None,
                           ha_zone: Optional[str] = None,
                           ha_eip: Optional[str] = None,
                           ha_fault_domain: Optional[str] = None,
                           ha_gw_size: Optional[str] = None,
                           ha_image_version: Optional[str] = None,
                           ha_insane_mode_az: Optional[str] = None,
                           ha_oob_availability_zone: Optional[str] = None,
                           ha_oob_management_subnet: Optional[str] = None,
                           ha_private_mode_subnet_zone: Optional[str] = None,
                           ha_software_version: Optional[str] = None,
                           ha_subnet: Optional[str] = None,
                           ha_bgp_lan_interfaces: Optional[Sequence[AviatrixTransitGatewayHaBgpLanInterfaceArgs]] = None,
                           image_version: Optional[str] = None,
                           insane_mode: Optional[bool] = None,
                           insane_mode_az: Optional[str] = None,
                           lan_private_subnet: Optional[str] = None,
                           lan_vpc_id: Optional[str] = None,
                           learned_cidrs_approval_mode: Optional[str] = None,
                           local_as_number: Optional[str] = None,
                           monitor_exclude_lists: Optional[Sequence[str]] = None,
                           oob_availability_zone: Optional[str] = None,
                           oob_management_subnet: Optional[str] = None,
                           prepend_as_paths: Optional[Sequence[str]] = None,
                           private_mode_lb_vpc_id: Optional[str] = None,
                           private_mode_subnet_zone: Optional[str] = None,
                           rx_queue_size: Optional[str] = None,
                           single_az_ha: Optional[bool] = None,
                           single_ip_snat: Optional[bool] = None,
                           software_version: Optional[str] = None,
                           spot_price: Optional[str] = None,
                           availability_domain: Optional[str] = None,
                           tag_lists: Optional[Sequence[str]] = None,
                           tags: Optional[Mapping[str, str]] = None,
                           ha_azure_eip_name_resource_group: Optional[str] = None,
                           approved_learned_cidrs: Optional[Sequence[str]] = None,
                           allocate_new_eip: Optional[bool] = None,
                           zone: Optional[str] = None)

func NewAviatrixTransitGateway(ctx *Context, name string, args AviatrixTransitGatewayArgs, opts ...ResourceOption) (*AviatrixTransitGateway, error)

public AviatrixTransitGateway(string name, AviatrixTransitGatewayArgs args, CustomResourceOptions? opts = null)

public AviatrixTransitGateway(String name, AviatrixTransitGatewayArgs args)
public AviatrixTransitGateway(String name, AviatrixTransitGatewayArgs args, CustomResourceOptions options)

type: aviatrix:AviatrixTransitGateway
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AviatrixTransitGatewayArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AviatrixTransitGatewayArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AviatrixTransitGatewayArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AviatrixTransitGatewayArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AviatrixTransitGatewayArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var aviatrixTransitGatewayResource = new Aviatrix.AviatrixTransitGateway("aviatrixTransitGatewayResource", new()
{
    CloudType = 0,
    VpcReg = "string",
    VpcId = "string",
    Subnet = "string",
    GwSize = "string",
    GwName = "string",
    AccountName = "string",
    FaultDomain = "string",
    TunnelDetectionTime = 0,
    BgpManualSpokeAdvertiseCidrs = "string",
    BgpPollingTime = "string",
    BgpLanInterfaces = new[]
    {
        new Aviatrix.Inputs.AviatrixTransitGatewayBgpLanInterfaceArgs
        {
            Subnet = "string",
            VpcId = "string",
        },
    },
    ConnectedTransit = false,
    CustomerManagedKeys = "string",
    CustomizedSpokeVpcRoutes = "string",
    CustomizedTransitVpcRoutes = new[]
    {
        "string",
    },
    Eip = "string",
    EnableActiveStandby = false,
    EnableActiveStandbyPreemptive = false,
    EnableAdvertiseTransitCidr = false,
    EnableBgpOverLan = false,
    EnableEgressTransitFirenet = false,
    HaAvailabilityDomain = "string",
    EnableFirenet = false,
    EnableGatewayLoadBalancer = false,
    EnableHybridConnection = false,
    EnableJumboFrame = false,
    EnableLearnedCidrsApproval = false,
    EnableMonitorGatewaySubnets = false,
    EnableMultiTierTransit = false,
    EnablePreserveAsPath = false,
    EnablePrivateOob = false,
    EnableS2cRxBalancing = false,
    EnableSegmentation = false,
    EnableSpotInstance = false,
    EnableTransitFirenet = false,
    EnableTransitSummarizeCidrToTgw = false,
    EnableVpcDnsServer = false,
    ExcludedAdvertisedSpokeRoutes = "string",
    BgpHoldTime = 0,
    FilteredSpokeVpcRoutes = "string",
    BgpEcmp = false,
    AzureEipNameResourceGroup = "string",
    EnableEncryptVolume = false,
    BgpLanInterfacesCount = 0,
    HaZone = "string",
    HaEip = "string",
    HaFaultDomain = "string",
    HaGwSize = "string",
    HaImageVersion = "string",
    HaInsaneModeAz = "string",
    HaOobAvailabilityZone = "string",
    HaOobManagementSubnet = "string",
    HaPrivateModeSubnetZone = "string",
    HaSoftwareVersion = "string",
    HaSubnet = "string",
    HaBgpLanInterfaces = new[]
    {
        new Aviatrix.Inputs.AviatrixTransitGatewayHaBgpLanInterfaceArgs
        {
            Subnet = "string",
            VpcId = "string",
        },
    },
    ImageVersion = "string",
    InsaneMode = false,
    InsaneModeAz = "string",
    LanPrivateSubnet = "string",
    LanVpcId = "string",
    LearnedCidrsApprovalMode = "string",
    LocalAsNumber = "string",
    MonitorExcludeLists = new[]
    {
        "string",
    },
    OobAvailabilityZone = "string",
    OobManagementSubnet = "string",
    PrependAsPaths = new[]
    {
        "string",
    },
    PrivateModeLbVpcId = "string",
    PrivateModeSubnetZone = "string",
    RxQueueSize = "string",
    SingleAzHa = false,
    SingleIpSnat = false,
    SoftwareVersion = "string",
    SpotPrice = "string",
    AvailabilityDomain = "string",
    Tags = 
    {
        { "string", "string" },
    },
    HaAzureEipNameResourceGroup = "string",
    ApprovedLearnedCidrs = new[]
    {
        "string",
    },
    AllocateNewEip = false,
    Zone = "string",
});

example, err := aviatrix.NewAviatrixTransitGateway(ctx, "aviatrixTransitGatewayResource", &aviatrix.AviatrixTransitGatewayArgs{
	CloudType:                    pulumi.Int(0),
	VpcReg:                       pulumi.String("string"),
	VpcId:                        pulumi.String("string"),
	Subnet:                       pulumi.String("string"),
	GwSize:                       pulumi.String("string"),
	GwName:                       pulumi.String("string"),
	AccountName:                  pulumi.String("string"),
	FaultDomain:                  pulumi.String("string"),
	TunnelDetectionTime:          pulumi.Int(0),
	BgpManualSpokeAdvertiseCidrs: pulumi.String("string"),
	BgpPollingTime:               pulumi.String("string"),
	BgpLanInterfaces: aviatrix.AviatrixTransitGatewayBgpLanInterfaceArray{
		&aviatrix.AviatrixTransitGatewayBgpLanInterfaceArgs{
			Subnet: pulumi.String("string"),
			VpcId:  pulumi.String("string"),
		},
	},
	ConnectedTransit:         pulumi.Bool(false),
	CustomerManagedKeys:      pulumi.String("string"),
	CustomizedSpokeVpcRoutes: pulumi.String("string"),
	CustomizedTransitVpcRoutes: pulumi.StringArray{
		pulumi.String("string"),
	},
	Eip:                             pulumi.String("string"),
	EnableActiveStandby:             pulumi.Bool(false),
	EnableActiveStandbyPreemptive:   pulumi.Bool(false),
	EnableAdvertiseTransitCidr:      pulumi.Bool(false),
	EnableBgpOverLan:                pulumi.Bool(false),
	EnableEgressTransitFirenet:      pulumi.Bool(false),
	HaAvailabilityDomain:            pulumi.String("string"),
	EnableFirenet:                   pulumi.Bool(false),
	EnableGatewayLoadBalancer:       pulumi.Bool(false),
	EnableHybridConnection:          pulumi.Bool(false),
	EnableJumboFrame:                pulumi.Bool(false),
	EnableLearnedCidrsApproval:      pulumi.Bool(false),
	EnableMonitorGatewaySubnets:     pulumi.Bool(false),
	EnableMultiTierTransit:          pulumi.Bool(false),
	EnablePreserveAsPath:            pulumi.Bool(false),
	EnablePrivateOob:                pulumi.Bool(false),
	EnableS2cRxBalancing:            pulumi.Bool(false),
	EnableSegmentation:              pulumi.Bool(false),
	EnableSpotInstance:              pulumi.Bool(false),
	EnableTransitFirenet:            pulumi.Bool(false),
	EnableTransitSummarizeCidrToTgw: pulumi.Bool(false),
	EnableVpcDnsServer:              pulumi.Bool(false),
	ExcludedAdvertisedSpokeRoutes:   pulumi.String("string"),
	BgpHoldTime:                     pulumi.Int(0),
	FilteredSpokeVpcRoutes:          pulumi.String("string"),
	BgpEcmp:                         pulumi.Bool(false),
	AzureEipNameResourceGroup:       pulumi.String("string"),
	EnableEncryptVolume:             pulumi.Bool(false),
	BgpLanInterfacesCount:           pulumi.Int(0),
	HaZone:                          pulumi.String("string"),
	HaEip:                           pulumi.String("string"),
	HaFaultDomain:                   pulumi.String("string"),
	HaGwSize:                        pulumi.String("string"),
	HaImageVersion:                  pulumi.String("string"),
	HaInsaneModeAz:                  pulumi.String("string"),
	HaOobAvailabilityZone:           pulumi.String("string"),
	HaOobManagementSubnet:           pulumi.String("string"),
	HaPrivateModeSubnetZone:         pulumi.String("string"),
	HaSoftwareVersion:               pulumi.String("string"),
	HaSubnet:                        pulumi.String("string"),
	HaBgpLanInterfaces: aviatrix.AviatrixTransitGatewayHaBgpLanInterfaceArray{
		&aviatrix.AviatrixTransitGatewayHaBgpLanInterfaceArgs{
			Subnet: pulumi.String("string"),
			VpcId:  pulumi.String("string"),
		},
	},
	ImageVersion:             pulumi.String("string"),
	InsaneMode:               pulumi.Bool(false),
	InsaneModeAz:             pulumi.String("string"),
	LanPrivateSubnet:         pulumi.String("string"),
	LanVpcId:                 pulumi.String("string"),
	LearnedCidrsApprovalMode: pulumi.String("string"),
	LocalAsNumber:            pulumi.String("string"),
	MonitorExcludeLists: pulumi.StringArray{
		pulumi.String("string"),
	},
	OobAvailabilityZone: pulumi.String("string"),
	OobManagementSubnet: pulumi.String("string"),
	PrependAsPaths: pulumi.StringArray{
		pulumi.String("string"),
	},
	PrivateModeLbVpcId:    pulumi.String("string"),
	PrivateModeSubnetZone: pulumi.String("string"),
	RxQueueSize:           pulumi.String("string"),
	SingleAzHa:            pulumi.Bool(false),
	SingleIpSnat:          pulumi.Bool(false),
	SoftwareVersion:       pulumi.String("string"),
	SpotPrice:             pulumi.String("string"),
	AvailabilityDomain:    pulumi.String("string"),
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	HaAzureEipNameResourceGroup: pulumi.String("string"),
	ApprovedLearnedCidrs: pulumi.StringArray{
		pulumi.String("string"),
	},
	AllocateNewEip: pulumi.Bool(false),
	Zone:           pulumi.String("string"),
})

var aviatrixTransitGatewayResource = new AviatrixTransitGateway("aviatrixTransitGatewayResource", AviatrixTransitGatewayArgs.builder()
    .cloudType(0)
    .vpcReg("string")
    .vpcId("string")
    .subnet("string")
    .gwSize("string")
    .gwName("string")
    .accountName("string")
    .faultDomain("string")
    .tunnelDetectionTime(0)
    .bgpManualSpokeAdvertiseCidrs("string")
    .bgpPollingTime("string")
    .bgpLanInterfaces(AviatrixTransitGatewayBgpLanInterfaceArgs.builder()
        .subnet("string")
        .vpcId("string")
        .build())
    .connectedTransit(false)
    .customerManagedKeys("string")
    .customizedSpokeVpcRoutes("string")
    .customizedTransitVpcRoutes("string")
    .eip("string")
    .enableActiveStandby(false)
    .enableActiveStandbyPreemptive(false)
    .enableAdvertiseTransitCidr(false)
    .enableBgpOverLan(false)
    .enableEgressTransitFirenet(false)
    .haAvailabilityDomain("string")
    .enableFirenet(false)
    .enableGatewayLoadBalancer(false)
    .enableHybridConnection(false)
    .enableJumboFrame(false)
    .enableLearnedCidrsApproval(false)
    .enableMonitorGatewaySubnets(false)
    .enableMultiTierTransit(false)
    .enablePreserveAsPath(false)
    .enablePrivateOob(false)
    .enableS2cRxBalancing(false)
    .enableSegmentation(false)
    .enableSpotInstance(false)
    .enableTransitFirenet(false)
    .enableTransitSummarizeCidrToTgw(false)
    .enableVpcDnsServer(false)
    .excludedAdvertisedSpokeRoutes("string")
    .bgpHoldTime(0)
    .filteredSpokeVpcRoutes("string")
    .bgpEcmp(false)
    .azureEipNameResourceGroup("string")
    .enableEncryptVolume(false)
    .bgpLanInterfacesCount(0)
    .haZone("string")
    .haEip("string")
    .haFaultDomain("string")
    .haGwSize("string")
    .haImageVersion("string")
    .haInsaneModeAz("string")
    .haOobAvailabilityZone("string")
    .haOobManagementSubnet("string")
    .haPrivateModeSubnetZone("string")
    .haSoftwareVersion("string")
    .haSubnet("string")
    .haBgpLanInterfaces(AviatrixTransitGatewayHaBgpLanInterfaceArgs.builder()
        .subnet("string")
        .vpcId("string")
        .build())
    .imageVersion("string")
    .insaneMode(false)
    .insaneModeAz("string")
    .lanPrivateSubnet("string")
    .lanVpcId("string")
    .learnedCidrsApprovalMode("string")
    .localAsNumber("string")
    .monitorExcludeLists("string")
    .oobAvailabilityZone("string")
    .oobManagementSubnet("string")
    .prependAsPaths("string")
    .privateModeLbVpcId("string")
    .privateModeSubnetZone("string")
    .rxQueueSize("string")
    .singleAzHa(false)
    .singleIpSnat(false)
    .softwareVersion("string")
    .spotPrice("string")
    .availabilityDomain("string")
    .tags(Map.of("string", "string"))
    .haAzureEipNameResourceGroup("string")
    .approvedLearnedCidrs("string")
    .allocateNewEip(false)
    .zone("string")
    .build());

aviatrix_transit_gateway_resource = aviatrix.AviatrixTransitGateway("aviatrixTransitGatewayResource",
    cloud_type=0,
    vpc_reg="string",
    vpc_id="string",
    subnet="string",
    gw_size="string",
    gw_name="string",
    account_name="string",
    fault_domain="string",
    tunnel_detection_time=0,
    bgp_manual_spoke_advertise_cidrs="string",
    bgp_polling_time="string",
    bgp_lan_interfaces=[aviatrix.AviatrixTransitGatewayBgpLanInterfaceArgs(
        subnet="string",
        vpc_id="string",
    )],
    connected_transit=False,
    customer_managed_keys="string",
    customized_spoke_vpc_routes="string",
    customized_transit_vpc_routes=["string"],
    eip="string",
    enable_active_standby=False,
    enable_active_standby_preemptive=False,
    enable_advertise_transit_cidr=False,
    enable_bgp_over_lan=False,
    enable_egress_transit_firenet=False,
    ha_availability_domain="string",
    enable_firenet=False,
    enable_gateway_load_balancer=False,
    enable_hybrid_connection=False,
    enable_jumbo_frame=False,
    enable_learned_cidrs_approval=False,
    enable_monitor_gateway_subnets=False,
    enable_multi_tier_transit=False,
    enable_preserve_as_path=False,
    enable_private_oob=False,
    enable_s2c_rx_balancing=False,
    enable_segmentation=False,
    enable_spot_instance=False,
    enable_transit_firenet=False,
    enable_transit_summarize_cidr_to_tgw=False,
    enable_vpc_dns_server=False,
    excluded_advertised_spoke_routes="string",
    bgp_hold_time=0,
    filtered_spoke_vpc_routes="string",
    bgp_ecmp=False,
    azure_eip_name_resource_group="string",
    enable_encrypt_volume=False,
    bgp_lan_interfaces_count=0,
    ha_zone="string",
    ha_eip="string",
    ha_fault_domain="string",
    ha_gw_size="string",
    ha_image_version="string",
    ha_insane_mode_az="string",
    ha_oob_availability_zone="string",
    ha_oob_management_subnet="string",
    ha_private_mode_subnet_zone="string",
    ha_software_version="string",
    ha_subnet="string",
    ha_bgp_lan_interfaces=[aviatrix.AviatrixTransitGatewayHaBgpLanInterfaceArgs(
        subnet="string",
        vpc_id="string",
    )],
    image_version="string",
    insane_mode=False,
    insane_mode_az="string",
    lan_private_subnet="string",
    lan_vpc_id="string",
    learned_cidrs_approval_mode="string",
    local_as_number="string",
    monitor_exclude_lists=["string"],
    oob_availability_zone="string",
    oob_management_subnet="string",
    prepend_as_paths=["string"],
    private_mode_lb_vpc_id="string",
    private_mode_subnet_zone="string",
    rx_queue_size="string",
    single_az_ha=False,
    single_ip_snat=False,
    software_version="string",
    spot_price="string",
    availability_domain="string",
    tags={
        "string": "string",
    },
    ha_azure_eip_name_resource_group="string",
    approved_learned_cidrs=["string"],
    allocate_new_eip=False,
    zone="string")

const aviatrixTransitGatewayResource = new aviatrix.AviatrixTransitGateway("aviatrixTransitGatewayResource", {
    cloudType: 0,
    vpcReg: "string",
    vpcId: "string",
    subnet: "string",
    gwSize: "string",
    gwName: "string",
    accountName: "string",
    faultDomain: "string",
    tunnelDetectionTime: 0,
    bgpManualSpokeAdvertiseCidrs: "string",
    bgpPollingTime: "string",
    bgpLanInterfaces: [{
        subnet: "string",
        vpcId: "string",
    }],
    connectedTransit: false,
    customerManagedKeys: "string",
    customizedSpokeVpcRoutes: "string",
    customizedTransitVpcRoutes: ["string"],
    eip: "string",
    enableActiveStandby: false,
    enableActiveStandbyPreemptive: false,
    enableAdvertiseTransitCidr: false,
    enableBgpOverLan: false,
    enableEgressTransitFirenet: false,
    haAvailabilityDomain: "string",
    enableFirenet: false,
    enableGatewayLoadBalancer: false,
    enableHybridConnection: false,
    enableJumboFrame: false,
    enableLearnedCidrsApproval: false,
    enableMonitorGatewaySubnets: false,
    enableMultiTierTransit: false,
    enablePreserveAsPath: false,
    enablePrivateOob: false,
    enableS2cRxBalancing: false,
    enableSegmentation: false,
    enableSpotInstance: false,
    enableTransitFirenet: false,
    enableTransitSummarizeCidrToTgw: false,
    enableVpcDnsServer: false,
    excludedAdvertisedSpokeRoutes: "string",
    bgpHoldTime: 0,
    filteredSpokeVpcRoutes: "string",
    bgpEcmp: false,
    azureEipNameResourceGroup: "string",
    enableEncryptVolume: false,
    bgpLanInterfacesCount: 0,
    haZone: "string",
    haEip: "string",
    haFaultDomain: "string",
    haGwSize: "string",
    haImageVersion: "string",
    haInsaneModeAz: "string",
    haOobAvailabilityZone: "string",
    haOobManagementSubnet: "string",
    haPrivateModeSubnetZone: "string",
    haSoftwareVersion: "string",
    haSubnet: "string",
    haBgpLanInterfaces: [{
        subnet: "string",
        vpcId: "string",
    }],
    imageVersion: "string",
    insaneMode: false,
    insaneModeAz: "string",
    lanPrivateSubnet: "string",
    lanVpcId: "string",
    learnedCidrsApprovalMode: "string",
    localAsNumber: "string",
    monitorExcludeLists: ["string"],
    oobAvailabilityZone: "string",
    oobManagementSubnet: "string",
    prependAsPaths: ["string"],
    privateModeLbVpcId: "string",
    privateModeSubnetZone: "string",
    rxQueueSize: "string",
    singleAzHa: false,
    singleIpSnat: false,
    softwareVersion: "string",
    spotPrice: "string",
    availabilityDomain: "string",
    tags: {
        string: "string",
    },
    haAzureEipNameResourceGroup: "string",
    approvedLearnedCidrs: ["string"],
    allocateNewEip: false,
    zone: "string",
});

type: aviatrix:AviatrixTransitGateway
properties:
    accountName: string
    allocateNewEip: false
    approvedLearnedCidrs:
        - string
    availabilityDomain: string
    azureEipNameResourceGroup: string
    bgpEcmp: false
    bgpHoldTime: 0
    bgpLanInterfaces:
        - subnet: string
          vpcId: string
    bgpLanInterfacesCount: 0
    bgpManualSpokeAdvertiseCidrs: string
    bgpPollingTime: string
    cloudType: 0
    connectedTransit: false
    customerManagedKeys: string
    customizedSpokeVpcRoutes: string
    customizedTransitVpcRoutes:
        - string
    eip: string
    enableActiveStandby: false
    enableActiveStandbyPreemptive: false
    enableAdvertiseTransitCidr: false
    enableBgpOverLan: false
    enableEgressTransitFirenet: false
    enableEncryptVolume: false
    enableFirenet: false
    enableGatewayLoadBalancer: false
    enableHybridConnection: false
    enableJumboFrame: false
    enableLearnedCidrsApproval: false
    enableMonitorGatewaySubnets: false
    enableMultiTierTransit: false
    enablePreserveAsPath: false
    enablePrivateOob: false
    enableS2cRxBalancing: false
    enableSegmentation: false
    enableSpotInstance: false
    enableTransitFirenet: false
    enableTransitSummarizeCidrToTgw: false
    enableVpcDnsServer: false
    excludedAdvertisedSpokeRoutes: string
    faultDomain: string
    filteredSpokeVpcRoutes: string
    gwName: string
    gwSize: string
    haAvailabilityDomain: string
    haAzureEipNameResourceGroup: string
    haBgpLanInterfaces:
        - subnet: string
          vpcId: string
    haEip: string
    haFaultDomain: string
    haGwSize: string
    haImageVersion: string
    haInsaneModeAz: string
    haOobAvailabilityZone: string
    haOobManagementSubnet: string
    haPrivateModeSubnetZone: string
    haSoftwareVersion: string
    haSubnet: string
    haZone: string
    imageVersion: string
    insaneMode: false
    insaneModeAz: string
    lanPrivateSubnet: string
    lanVpcId: string
    learnedCidrsApprovalMode: string
    localAsNumber: string
    monitorExcludeLists:
        - string
    oobAvailabilityZone: string
    oobManagementSubnet: string
    prependAsPaths:
        - string
    privateModeLbVpcId: string
    privateModeSubnetZone: string
    rxQueueSize: string
    singleAzHa: false
    singleIpSnat: false
    softwareVersion: string
    spotPrice: string
    subnet: string
    tags:
        string: string
    tunnelDetectionTime: 0
    vpcId: string
    vpcReg: string
    zone: string

AviatrixTransitGateway Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AviatrixTransitGateway resource accepts the following input properties:

AccountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
CloudType int: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
GwName string: Name of the gateway which is going to be created.
GwSize string: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
Subnet string: A VPC Network address range selected from one of the available network ranges.
VpcId string: VPC-ID/VNet-Name of cloud provider.
VpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
AllocateNewEip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
ApprovedLearnedCidrs List<string>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
AzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
BgpEcmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
BgpHoldTime int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
BgpLanInterfaces List<AviatrixTransitGatewayBgpLanInterface>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
BgpLanInterfacesCount int: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
BgpManualSpokeAdvertiseCidrs string: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
BgpPollingTime string: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
ConnectedTransit bool: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
CustomerManagedKeys string: Customer managed key ID.
CustomizedSpokeVpcRoutes string: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
CustomizedTransitVpcRoutes List<string>: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
Eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
EnableActiveStandby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
EnableActiveStandbyPreemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
EnableAdvertiseTransitCidr bool: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
EnableBgpOverLan bool: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
EnableEgressTransitFirenet bool: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
EnableEncryptVolume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnableFirenet bool: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
EnableGatewayLoadBalancer bool: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
EnableHybridConnection bool: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
EnableJumboFrame bool: Enable jumbo frames for this transit gateway. Default value is true.
EnableLearnedCidrsApproval bool: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
EnableMonitorGatewaySubnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
EnableMultiTierTransit bool: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
EnablePreserveAsPath bool: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
EnablePrivateOob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnableS2cRxBalancing bool: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
EnableSegmentation bool: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
EnableSpotInstance bool: Enable spot instance. NOT supported for production deployment.
EnableTransitFirenet bool: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
EnableTransitSummarizeCidrToTgw bool: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
EnableVpcDnsServer bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
ExcludedAdvertisedSpokeRoutes string: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FilteredSpokeVpcRoutes string: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
HaAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
HaBgpLanInterfaces List<AviatrixTransitGatewayHaBgpLanInterface>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
HaEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
HaFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaGwSize string: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
HaImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
HaInsaneModeAz string: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
HaOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
HaOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
HaPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
HaSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
HaSubnet string: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
HaZone string: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
ImageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
InsaneMode bool: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
InsaneModeAz string: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
LanPrivateSubnet string: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
LanVpcId string: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
LearnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
LocalAsNumber string: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
MonitorExcludeLists List<string>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
OobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
OobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
PrependAsPaths List<string>: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
PrivateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
PrivateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
RxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
SingleAzHa bool: Set to true if this feature is desired. Valid values: true, false.
SingleIpSnat bool: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
SoftwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
SpotPrice string: Price for spot instance. NOT supported for production deployment.
TagLists List<string>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
Tags Dictionary<string, string>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
TunnelDetectionTime int: The IPSec tunnel down detection time for the transit gateway.
Zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

AccountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
CloudType int: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
GwName string: Name of the gateway which is going to be created.
GwSize string: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
Subnet string: A VPC Network address range selected from one of the available network ranges.
VpcId string: VPC-ID/VNet-Name of cloud provider.
VpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
AllocateNewEip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
ApprovedLearnedCidrs []string: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
AzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
BgpEcmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
BgpHoldTime int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
BgpLanInterfaces []AviatrixTransitGatewayBgpLanInterfaceArgs: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
BgpLanInterfacesCount int: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
BgpManualSpokeAdvertiseCidrs string: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
BgpPollingTime string: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
ConnectedTransit bool: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
CustomerManagedKeys string: Customer managed key ID.
CustomizedSpokeVpcRoutes string: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
CustomizedTransitVpcRoutes []string: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
Eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
EnableActiveStandby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
EnableActiveStandbyPreemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
EnableAdvertiseTransitCidr bool: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
EnableBgpOverLan bool: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
EnableEgressTransitFirenet bool: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
EnableEncryptVolume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnableFirenet bool: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
EnableGatewayLoadBalancer bool: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
EnableHybridConnection bool: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
EnableJumboFrame bool: Enable jumbo frames for this transit gateway. Default value is true.
EnableLearnedCidrsApproval bool: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
EnableMonitorGatewaySubnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
EnableMultiTierTransit bool: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
EnablePreserveAsPath bool: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
EnablePrivateOob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnableS2cRxBalancing bool: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
EnableSegmentation bool: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
EnableSpotInstance bool: Enable spot instance. NOT supported for production deployment.
EnableTransitFirenet bool: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
EnableTransitSummarizeCidrToTgw bool: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
EnableVpcDnsServer bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
ExcludedAdvertisedSpokeRoutes string: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FilteredSpokeVpcRoutes string: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
HaAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
HaBgpLanInterfaces []AviatrixTransitGatewayHaBgpLanInterfaceArgs: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
HaEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
HaFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaGwSize string: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
HaImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
HaInsaneModeAz string: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
HaOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
HaOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
HaPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
HaSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
HaSubnet string: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
HaZone string: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
ImageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
InsaneMode bool: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
InsaneModeAz string: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
LanPrivateSubnet string: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
LanVpcId string: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
LearnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
LocalAsNumber string: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
MonitorExcludeLists []string: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
OobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
OobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
PrependAsPaths []string: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
PrivateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
PrivateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
RxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
SingleAzHa bool: Set to true if this feature is desired. Valid values: true, false.
SingleIpSnat bool: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
SoftwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
SpotPrice string: Price for spot instance. NOT supported for production deployment.
TagLists []string: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
Tags map[string]string: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
TunnelDetectionTime int: The IPSec tunnel down detection time for the transit gateway.
Zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName String: This parameter represents the name of a Cloud-Account in Aviatrix controller.
cloudType Integer: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
gwName String: Name of the gateway which is going to be created.
gwSize String: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
subnet String: A VPC Network address range selected from one of the available network ranges.
vpcId String: VPC-ID/VNet-Name of cloud provider.
vpcReg String: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
allocateNewEip Boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs List<String>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp Boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime Integer: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpLanInterfaces List<AviatrixTransitGatewayBgpLanInterface>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
bgpLanInterfacesCount Integer: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
bgpManualSpokeAdvertiseCidrs String: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
bgpPollingTime String: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
connectedTransit Boolean: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
customerManagedKeys String: Customer managed key ID.
customizedSpokeVpcRoutes String: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
customizedTransitVpcRoutes List<String>: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
eip String: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby Boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
enableActiveStandbyPreemptive Boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAdvertiseTransitCidr Boolean: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
enableBgpOverLan Boolean: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableEgressTransitFirenet Boolean: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
enableEncryptVolume Boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableFirenet Boolean: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
enableGatewayLoadBalancer Boolean: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableHybridConnection Boolean: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
enableJumboFrame Boolean: Enable jumbo frames for this transit gateway. Default value is true.
enableLearnedCidrsApproval Boolean: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets Boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enableMultiTierTransit Boolean: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
enablePreserveAsPath Boolean: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
enablePrivateOob Boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableS2cRxBalancing Boolean: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
enableSegmentation Boolean: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
enableSpotInstance Boolean: Enable spot instance. NOT supported for production deployment.
enableTransitFirenet Boolean: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
enableTransitSummarizeCidrToTgw Boolean: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
enableVpcDnsServer Boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
excludedAdvertisedSpokeRoutes String: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes String: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
haAvailabilityDomain String: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haBgpLanInterfaces List<AviatrixTransitGatewayHaBgpLanInterface>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
haEip String: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain String: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwSize String: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
haImageVersion String: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz String: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haOobAvailabilityZone String: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet String: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateModeSubnetZone String: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haSoftwareVersion String: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet String: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
haZone String: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion String: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
insaneMode Boolean: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz String: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
lanPrivateSubnet String: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
lanVpcId String: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
learnedCidrsApprovalMode String: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
localAsNumber String: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
monitorExcludeLists List<String>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone String: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet String: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths List<String>: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
privateModeLbVpcId String: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
privateModeSubnetZone String: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
rxQueueSize String: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
singleAzHa Boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat Boolean: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
softwareVersion String: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spotPrice String: Price for spot instance. NOT supported for production deployment.
tagLists List<String>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
tags Map<String,String>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
tunnelDetectionTime Integer: The IPSec tunnel down detection time for the transit gateway.
zone String: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
cloudType number: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
gwName string: Name of the gateway which is going to be created.
gwSize string: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
subnet string: A VPC Network address range selected from one of the available network ranges.
vpcId string: VPC-ID/VNet-Name of cloud provider.
vpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
allocateNewEip boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs string[]: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime number: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpLanInterfaces AviatrixTransitGatewayBgpLanInterface[]: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
bgpLanInterfacesCount number: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
bgpManualSpokeAdvertiseCidrs string: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
bgpPollingTime string: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
connectedTransit boolean: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
customerManagedKeys string: Customer managed key ID.
customizedSpokeVpcRoutes string: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
customizedTransitVpcRoutes string[]: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
enableActiveStandbyPreemptive boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAdvertiseTransitCidr boolean: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
enableBgpOverLan boolean: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableEgressTransitFirenet boolean: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
enableEncryptVolume boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableFirenet boolean: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
enableGatewayLoadBalancer boolean: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableHybridConnection boolean: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
enableJumboFrame boolean: Enable jumbo frames for this transit gateway. Default value is true.
enableLearnedCidrsApproval boolean: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enableMultiTierTransit boolean: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
enablePreserveAsPath boolean: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
enablePrivateOob boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableS2cRxBalancing boolean: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
enableSegmentation boolean: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
enableSpotInstance boolean: Enable spot instance. NOT supported for production deployment.
enableTransitFirenet boolean: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
enableTransitSummarizeCidrToTgw boolean: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
enableVpcDnsServer boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
excludedAdvertisedSpokeRoutes string: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
faultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes string: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
haAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haBgpLanInterfaces AviatrixTransitGatewayHaBgpLanInterface[]: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
haEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwSize string: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
haImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz string: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet string: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
haZone string: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
insaneMode boolean: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz string: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
lanPrivateSubnet string: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
lanVpcId string: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
learnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
localAsNumber string: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
monitorExcludeLists string[]: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths string[]: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
privateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
privateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
rxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
singleAzHa boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat boolean: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
softwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spotPrice string: Price for spot instance. NOT supported for production deployment.
tagLists string[]: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
tags {[key: string]: string}: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
tunnelDetectionTime number: The IPSec tunnel down detection time for the transit gateway.
zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

account_name str: This parameter represents the name of a Cloud-Account in Aviatrix controller.
cloud_type int: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
gw_name str: Name of the gateway which is going to be created.
gw_size str: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
subnet str: A VPC Network address range selected from one of the available network ranges.
vpc_id str: VPC-ID/VNet-Name of cloud provider.
vpc_reg str: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
allocate_new_eip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approved_learned_cidrs Sequence[str]: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availability_domain str: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azure_eip_name_resource_group str: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgp_ecmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgp_hold_time int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgp_lan_interfaces Sequence[AviatrixTransitGatewayBgpLanInterfaceArgs]: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
bgp_lan_interfaces_count int: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
bgp_manual_spoke_advertise_cidrs str: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
bgp_polling_time str: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
connected_transit bool: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
customer_managed_keys str: Customer managed key ID.
customized_spoke_vpc_routes str: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
customized_transit_vpc_routes Sequence[str]: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
eip str: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enable_active_standby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
enable_active_standby_preemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enable_advertise_transit_cidr bool: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
enable_bgp_over_lan bool: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enable_egress_transit_firenet bool: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
enable_encrypt_volume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enable_firenet bool: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
enable_gateway_load_balancer bool: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enable_hybrid_connection bool: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
enable_jumbo_frame bool: Enable jumbo frames for this transit gateway. Default value is true.
enable_learned_cidrs_approval bool: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
enable_monitor_gateway_subnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enable_multi_tier_transit bool: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
enable_preserve_as_path bool: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
enable_private_oob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enable_s2c_rx_balancing bool: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
enable_segmentation bool: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
enable_spot_instance bool: Enable spot instance. NOT supported for production deployment.
enable_transit_firenet bool: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
enable_transit_summarize_cidr_to_tgw bool: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
enable_vpc_dns_server bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
excluded_advertised_spoke_routes str: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
fault_domain str: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filtered_spoke_vpc_routes str: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
ha_availability_domain str: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
ha_azure_eip_name_resource_group str: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
ha_bgp_lan_interfaces Sequence[AviatrixTransitGatewayHaBgpLanInterfaceArgs]: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
ha_eip str: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
ha_fault_domain str: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
ha_gw_size str: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
ha_image_version str: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
ha_insane_mode_az str: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
ha_oob_availability_zone str: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
ha_oob_management_subnet str: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
ha_private_mode_subnet_zone str: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
ha_software_version str: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
ha_subnet str: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
ha_zone str: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
image_version str: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
insane_mode bool: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insane_mode_az str: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
lan_private_subnet str: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
lan_vpc_id str: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
learned_cidrs_approval_mode str: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
local_as_number str: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
monitor_exclude_lists Sequence[str]: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oob_availability_zone str: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oob_management_subnet str: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prepend_as_paths Sequence[str]: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
private_mode_lb_vpc_id str: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
private_mode_subnet_zone str: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
rx_queue_size str: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
single_az_ha bool: Set to true if this feature is desired. Valid values: true, false.
single_ip_snat bool: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
software_version str: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spot_price str: Price for spot instance. NOT supported for production deployment.
tag_lists Sequence[str]: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
tags Mapping[str, str]: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
tunnel_detection_time int: The IPSec tunnel down detection time for the transit gateway.
zone str: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName String: This parameter represents the name of a Cloud-Account in Aviatrix controller.
cloudType Number: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
gwName String: Name of the gateway which is going to be created.
gwSize String: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
subnet String: A VPC Network address range selected from one of the available network ranges.
vpcId String: VPC-ID/VNet-Name of cloud provider.
vpcReg String: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
allocateNewEip Boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs List<String>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp Boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime Number: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpLanInterfaces List<Property Map>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
bgpLanInterfacesCount Number: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
bgpManualSpokeAdvertiseCidrs String: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
bgpPollingTime String: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
connectedTransit Boolean: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
customerManagedKeys String: Customer managed key ID.
customizedSpokeVpcRoutes String: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
customizedTransitVpcRoutes List<String>: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
eip String: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby Boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
enableActiveStandbyPreemptive Boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAdvertiseTransitCidr Boolean: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
enableBgpOverLan Boolean: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableEgressTransitFirenet Boolean: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
enableEncryptVolume Boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableFirenet Boolean: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
enableGatewayLoadBalancer Boolean: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableHybridConnection Boolean: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
enableJumboFrame Boolean: Enable jumbo frames for this transit gateway. Default value is true.
enableLearnedCidrsApproval Boolean: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets Boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enableMultiTierTransit Boolean: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
enablePreserveAsPath Boolean: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
enablePrivateOob Boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableS2cRxBalancing Boolean: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
enableSegmentation Boolean: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
enableSpotInstance Boolean: Enable spot instance. NOT supported for production deployment.
enableTransitFirenet Boolean: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
enableTransitSummarizeCidrToTgw Boolean: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
enableVpcDnsServer Boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
excludedAdvertisedSpokeRoutes String: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes String: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
haAvailabilityDomain String: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haBgpLanInterfaces List<Property Map>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
haEip String: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain String: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwSize String: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
haImageVersion String: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz String: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haOobAvailabilityZone String: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet String: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateModeSubnetZone String: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haSoftwareVersion String: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet String: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
haZone String: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion String: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
insaneMode Boolean: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz String: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
lanPrivateSubnet String: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
lanVpcId String: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
learnedCidrsApprovalMode String: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
localAsNumber String: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
monitorExcludeLists List<String>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone String: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet String: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths List<String>: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
privateModeLbVpcId String: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
privateModeSubnetZone String: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
rxQueueSize String: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
singleAzHa Boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat Boolean: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
softwareVersion String: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spotPrice String: Price for spot instance. NOT supported for production deployment.
tagLists List<String>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
tags Map<String>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
tunnelDetectionTime Number: The IPSec tunnel down detection time for the transit gateway.
zone String: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

Outputs

All input properties are implicitly available as output properties. Additionally, the AviatrixTransitGateway resource produces the following output properties:

BgpLanIpLists List<string>: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
CloudInstanceId string: Cloud instance ID of the transit gateway.
HaBgpLanIpLists List<string>: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
HaCloudInstanceId string: Cloud instance ID of the HA transit gateway.
HaGwName string: Aviatrix transit gateway unique name of HA transit gateway.
HaLanInterfaceCidr string: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
HaPrivateIp string: Private IP address of the HA transit gateway created.
HaPublicIp string: Public IP address of the HA Transit Gateway.
HaSecurityGroupId string: HA security group used for the transit gateway.
Id string: The provider-assigned unique ID for this managed resource.
LanInterfaceCidr string: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
PrivateIp string: Private IP address of the transit gateway created.
PublicIp string: Public IP address of the Transit Gateway created.
SecurityGroupId string: Security group used for the transit gateway.

BgpLanIpLists []string: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
CloudInstanceId string: Cloud instance ID of the transit gateway.
HaBgpLanIpLists []string: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
HaCloudInstanceId string: Cloud instance ID of the HA transit gateway.
HaGwName string: Aviatrix transit gateway unique name of HA transit gateway.
HaLanInterfaceCidr string: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
HaPrivateIp string: Private IP address of the HA transit gateway created.
HaPublicIp string: Public IP address of the HA Transit Gateway.
HaSecurityGroupId string: HA security group used for the transit gateway.
Id string: The provider-assigned unique ID for this managed resource.
LanInterfaceCidr string: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
PrivateIp string: Private IP address of the transit gateway created.
PublicIp string: Public IP address of the Transit Gateway created.
SecurityGroupId string: Security group used for the transit gateway.

bgpLanIpLists List<String>: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
cloudInstanceId String: Cloud instance ID of the transit gateway.
haBgpLanIpLists List<String>: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
haCloudInstanceId String: Cloud instance ID of the HA transit gateway.
haGwName String: Aviatrix transit gateway unique name of HA transit gateway.
haLanInterfaceCidr String: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
haPrivateIp String: Private IP address of the HA transit gateway created.
haPublicIp String: Public IP address of the HA Transit Gateway.
haSecurityGroupId String: HA security group used for the transit gateway.
id String: The provider-assigned unique ID for this managed resource.
lanInterfaceCidr String: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
privateIp String: Private IP address of the transit gateway created.
publicIp String: Public IP address of the Transit Gateway created.
securityGroupId String: Security group used for the transit gateway.

bgpLanIpLists string[]: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
cloudInstanceId string: Cloud instance ID of the transit gateway.
haBgpLanIpLists string[]: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
haCloudInstanceId string: Cloud instance ID of the HA transit gateway.
haGwName string: Aviatrix transit gateway unique name of HA transit gateway.
haLanInterfaceCidr string: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
haPrivateIp string: Private IP address of the HA transit gateway created.
haPublicIp string: Public IP address of the HA Transit Gateway.
haSecurityGroupId string: HA security group used for the transit gateway.
id string: The provider-assigned unique ID for this managed resource.
lanInterfaceCidr string: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
privateIp string: Private IP address of the transit gateway created.
publicIp string: Public IP address of the Transit Gateway created.
securityGroupId string: Security group used for the transit gateway.

bgp_lan_ip_lists Sequence[str]: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
cloud_instance_id str: Cloud instance ID of the transit gateway.
ha_bgp_lan_ip_lists Sequence[str]: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
ha_cloud_instance_id str: Cloud instance ID of the HA transit gateway.
ha_gw_name str: Aviatrix transit gateway unique name of HA transit gateway.
ha_lan_interface_cidr str: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
ha_private_ip str: Private IP address of the HA transit gateway created.
ha_public_ip str: Public IP address of the HA Transit Gateway.
ha_security_group_id str: HA security group used for the transit gateway.
id str: The provider-assigned unique ID for this managed resource.
lan_interface_cidr str: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
private_ip str: Private IP address of the transit gateway created.
public_ip str: Public IP address of the Transit Gateway created.
security_group_id str: Security group used for the transit gateway.

bgpLanIpLists List<String>: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
cloudInstanceId String: Cloud instance ID of the transit gateway.
haBgpLanIpLists List<String>: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
haCloudInstanceId String: Cloud instance ID of the HA transit gateway.
haGwName String: Aviatrix transit gateway unique name of HA transit gateway.
haLanInterfaceCidr String: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
haPrivateIp String: Private IP address of the HA transit gateway created.
haPublicIp String: Public IP address of the HA Transit Gateway.
haSecurityGroupId String: HA security group used for the transit gateway.
id String: The provider-assigned unique ID for this managed resource.
lanInterfaceCidr String: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
privateIp String: Private IP address of the transit gateway created.
publicIp String: Public IP address of the Transit Gateway created.
securityGroupId String: Security group used for the transit gateway.

Look up Existing AviatrixTransitGateway Resource

Get an existing AviatrixTransitGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AviatrixTransitGatewayState, opts?: CustomResourceOptions): AviatrixTransitGateway

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_name: Optional[str] = None,
        allocate_new_eip: Optional[bool] = None,
        approved_learned_cidrs: Optional[Sequence[str]] = None,
        availability_domain: Optional[str] = None,
        azure_eip_name_resource_group: Optional[str] = None,
        bgp_ecmp: Optional[bool] = None,
        bgp_hold_time: Optional[int] = None,
        bgp_lan_interfaces: Optional[Sequence[AviatrixTransitGatewayBgpLanInterfaceArgs]] = None,
        bgp_lan_interfaces_count: Optional[int] = None,
        bgp_lan_ip_lists: Optional[Sequence[str]] = None,
        bgp_manual_spoke_advertise_cidrs: Optional[str] = None,
        bgp_polling_time: Optional[str] = None,
        cloud_instance_id: Optional[str] = None,
        cloud_type: Optional[int] = None,
        connected_transit: Optional[bool] = None,
        customer_managed_keys: Optional[str] = None,
        customized_spoke_vpc_routes: Optional[str] = None,
        customized_transit_vpc_routes: Optional[Sequence[str]] = None,
        eip: Optional[str] = None,
        enable_active_standby: Optional[bool] = None,
        enable_active_standby_preemptive: Optional[bool] = None,
        enable_advertise_transit_cidr: Optional[bool] = None,
        enable_bgp_over_lan: Optional[bool] = None,
        enable_egress_transit_firenet: Optional[bool] = None,
        enable_encrypt_volume: Optional[bool] = None,
        enable_firenet: Optional[bool] = None,
        enable_gateway_load_balancer: Optional[bool] = None,
        enable_hybrid_connection: Optional[bool] = None,
        enable_jumbo_frame: Optional[bool] = None,
        enable_learned_cidrs_approval: Optional[bool] = None,
        enable_monitor_gateway_subnets: Optional[bool] = None,
        enable_multi_tier_transit: Optional[bool] = None,
        enable_preserve_as_path: Optional[bool] = None,
        enable_private_oob: Optional[bool] = None,
        enable_s2c_rx_balancing: Optional[bool] = None,
        enable_segmentation: Optional[bool] = None,
        enable_spot_instance: Optional[bool] = None,
        enable_transit_firenet: Optional[bool] = None,
        enable_transit_summarize_cidr_to_tgw: Optional[bool] = None,
        enable_vpc_dns_server: Optional[bool] = None,
        excluded_advertised_spoke_routes: Optional[str] = None,
        fault_domain: Optional[str] = None,
        filtered_spoke_vpc_routes: Optional[str] = None,
        gw_name: Optional[str] = None,
        gw_size: Optional[str] = None,
        ha_availability_domain: Optional[str] = None,
        ha_azure_eip_name_resource_group: Optional[str] = None,
        ha_bgp_lan_interfaces: Optional[Sequence[AviatrixTransitGatewayHaBgpLanInterfaceArgs]] = None,
        ha_bgp_lan_ip_lists: Optional[Sequence[str]] = None,
        ha_cloud_instance_id: Optional[str] = None,
        ha_eip: Optional[str] = None,
        ha_fault_domain: Optional[str] = None,
        ha_gw_name: Optional[str] = None,
        ha_gw_size: Optional[str] = None,
        ha_image_version: Optional[str] = None,
        ha_insane_mode_az: Optional[str] = None,
        ha_lan_interface_cidr: Optional[str] = None,
        ha_oob_availability_zone: Optional[str] = None,
        ha_oob_management_subnet: Optional[str] = None,
        ha_private_ip: Optional[str] = None,
        ha_private_mode_subnet_zone: Optional[str] = None,
        ha_public_ip: Optional[str] = None,
        ha_security_group_id: Optional[str] = None,
        ha_software_version: Optional[str] = None,
        ha_subnet: Optional[str] = None,
        ha_zone: Optional[str] = None,
        image_version: Optional[str] = None,
        insane_mode: Optional[bool] = None,
        insane_mode_az: Optional[str] = None,
        lan_interface_cidr: Optional[str] = None,
        lan_private_subnet: Optional[str] = None,
        lan_vpc_id: Optional[str] = None,
        learned_cidrs_approval_mode: Optional[str] = None,
        local_as_number: Optional[str] = None,
        monitor_exclude_lists: Optional[Sequence[str]] = None,
        oob_availability_zone: Optional[str] = None,
        oob_management_subnet: Optional[str] = None,
        prepend_as_paths: Optional[Sequence[str]] = None,
        private_ip: Optional[str] = None,
        private_mode_lb_vpc_id: Optional[str] = None,
        private_mode_subnet_zone: Optional[str] = None,
        public_ip: Optional[str] = None,
        rx_queue_size: Optional[str] = None,
        security_group_id: Optional[str] = None,
        single_az_ha: Optional[bool] = None,
        single_ip_snat: Optional[bool] = None,
        software_version: Optional[str] = None,
        spot_price: Optional[str] = None,
        subnet: Optional[str] = None,
        tag_lists: Optional[Sequence[str]] = None,
        tags: Optional[Mapping[str, str]] = None,
        tunnel_detection_time: Optional[int] = None,
        vpc_id: Optional[str] = None,
        vpc_reg: Optional[str] = None,
        zone: Optional[str] = None) -> AviatrixTransitGateway

func GetAviatrixTransitGateway(ctx *Context, name string, id IDInput, state *AviatrixTransitGatewayState, opts ...ResourceOption) (*AviatrixTransitGateway, error)

public static AviatrixTransitGateway Get(string name, Input<string> id, AviatrixTransitGatewayState? state, CustomResourceOptions? opts = null)

public static AviatrixTransitGateway get(String name, Output<String> id, AviatrixTransitGatewayState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
AllocateNewEip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
ApprovedLearnedCidrs List<string>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
AzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
BgpEcmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
BgpHoldTime int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
BgpLanInterfaces List<AviatrixTransitGatewayBgpLanInterface>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
BgpLanInterfacesCount int: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
BgpLanIpLists List<string>: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
BgpManualSpokeAdvertiseCidrs string: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
BgpPollingTime string: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
CloudInstanceId string: Cloud instance ID of the transit gateway.
CloudType int: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
ConnectedTransit bool: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
CustomerManagedKeys string: Customer managed key ID.
CustomizedSpokeVpcRoutes string: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
CustomizedTransitVpcRoutes List<string>: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
Eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
EnableActiveStandby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
EnableActiveStandbyPreemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
EnableAdvertiseTransitCidr bool: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
EnableBgpOverLan bool: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
EnableEgressTransitFirenet bool: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
EnableEncryptVolume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnableFirenet bool: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
EnableGatewayLoadBalancer bool: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
EnableHybridConnection bool: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
EnableJumboFrame bool: Enable jumbo frames for this transit gateway. Default value is true.
EnableLearnedCidrsApproval bool: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
EnableMonitorGatewaySubnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
EnableMultiTierTransit bool: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
EnablePreserveAsPath bool: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
EnablePrivateOob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnableS2cRxBalancing bool: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
EnableSegmentation bool: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
EnableSpotInstance bool: Enable spot instance. NOT supported for production deployment.
EnableTransitFirenet bool: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
EnableTransitSummarizeCidrToTgw bool: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
EnableVpcDnsServer bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
ExcludedAdvertisedSpokeRoutes string: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FilteredSpokeVpcRoutes string: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
GwName string: Name of the gateway which is going to be created.
GwSize string: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
HaAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
HaBgpLanInterfaces List<AviatrixTransitGatewayHaBgpLanInterface>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
HaBgpLanIpLists List<string>: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
HaCloudInstanceId string: Cloud instance ID of the HA transit gateway.
HaEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
HaFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaGwName string: Aviatrix transit gateway unique name of HA transit gateway.
HaGwSize string: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
HaImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
HaInsaneModeAz string: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
HaLanInterfaceCidr string: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
HaOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
HaOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
HaPrivateIp string: Private IP address of the HA transit gateway created.
HaPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
HaPublicIp string: Public IP address of the HA Transit Gateway.
HaSecurityGroupId string: HA security group used for the transit gateway.
HaSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
HaSubnet string: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
HaZone string: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
ImageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
InsaneMode bool: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
InsaneModeAz string: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
LanInterfaceCidr string: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
LanPrivateSubnet string: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
LanVpcId string: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
LearnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
LocalAsNumber string: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
MonitorExcludeLists List<string>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
OobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
OobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
PrependAsPaths List<string>: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
PrivateIp string: Private IP address of the transit gateway created.
PrivateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
PrivateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
PublicIp string: Public IP address of the Transit Gateway created.
RxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
SecurityGroupId string: Security group used for the transit gateway.
SingleAzHa bool: Set to true if this feature is desired. Valid values: true, false.
SingleIpSnat bool: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
SoftwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
SpotPrice string: Price for spot instance. NOT supported for production deployment.
Subnet string: A VPC Network address range selected from one of the available network ranges.
TagLists List<string>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
Tags Dictionary<string, string>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
TunnelDetectionTime int: The IPSec tunnel down detection time for the transit gateway.
VpcId string: VPC-ID/VNet-Name of cloud provider.
VpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
Zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

AccountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
AllocateNewEip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
ApprovedLearnedCidrs []string: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
AzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
BgpEcmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
BgpHoldTime int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
BgpLanInterfaces []AviatrixTransitGatewayBgpLanInterfaceArgs: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
BgpLanInterfacesCount int: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
BgpLanIpLists []string: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
BgpManualSpokeAdvertiseCidrs string: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
BgpPollingTime string: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
CloudInstanceId string: Cloud instance ID of the transit gateway.
CloudType int: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
ConnectedTransit bool: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
CustomerManagedKeys string: Customer managed key ID.
CustomizedSpokeVpcRoutes string: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
CustomizedTransitVpcRoutes []string: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
Eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
EnableActiveStandby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
EnableActiveStandbyPreemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
EnableAdvertiseTransitCidr bool: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
EnableBgpOverLan bool: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
EnableEgressTransitFirenet bool: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
EnableEncryptVolume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnableFirenet bool: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
EnableGatewayLoadBalancer bool: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
EnableHybridConnection bool: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
EnableJumboFrame bool: Enable jumbo frames for this transit gateway. Default value is true.
EnableLearnedCidrsApproval bool: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
EnableMonitorGatewaySubnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
EnableMultiTierTransit bool: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
EnablePreserveAsPath bool: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
EnablePrivateOob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
EnableS2cRxBalancing bool: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
EnableSegmentation bool: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
EnableSpotInstance bool: Enable spot instance. NOT supported for production deployment.
EnableTransitFirenet bool: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
EnableTransitSummarizeCidrToTgw bool: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
EnableVpcDnsServer bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
ExcludedAdvertisedSpokeRoutes string: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FilteredSpokeVpcRoutes string: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
GwName string: Name of the gateway which is going to be created.
GwSize string: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
HaAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
HaBgpLanInterfaces []AviatrixTransitGatewayHaBgpLanInterfaceArgs: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
HaBgpLanIpLists []string: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
HaCloudInstanceId string: Cloud instance ID of the HA transit gateway.
HaEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
HaFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
HaGwName string: Aviatrix transit gateway unique name of HA transit gateway.
HaGwSize string: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
HaImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
HaInsaneModeAz string: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
HaLanInterfaceCidr string: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
HaOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
HaOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
HaPrivateIp string: Private IP address of the HA transit gateway created.
HaPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
HaPublicIp string: Public IP address of the HA Transit Gateway.
HaSecurityGroupId string: HA security group used for the transit gateway.
HaSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
HaSubnet string: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
HaZone string: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
ImageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
InsaneMode bool: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
InsaneModeAz string: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
LanInterfaceCidr string: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
LanPrivateSubnet string: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
LanVpcId string: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
LearnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
LocalAsNumber string: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
MonitorExcludeLists []string: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
OobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
OobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
PrependAsPaths []string: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
PrivateIp string: Private IP address of the transit gateway created.
PrivateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
PrivateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
PublicIp string: Public IP address of the Transit Gateway created.
RxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
SecurityGroupId string: Security group used for the transit gateway.
SingleAzHa bool: Set to true if this feature is desired. Valid values: true, false.
SingleIpSnat bool: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
SoftwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
SpotPrice string: Price for spot instance. NOT supported for production deployment.
Subnet string: A VPC Network address range selected from one of the available network ranges.
TagLists []string: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
Tags map[string]string: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
TunnelDetectionTime int: The IPSec tunnel down detection time for the transit gateway.
VpcId string: VPC-ID/VNet-Name of cloud provider.
VpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
Zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName String: This parameter represents the name of a Cloud-Account in Aviatrix controller.
allocateNewEip Boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs List<String>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp Boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime Integer: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpLanInterfaces List<AviatrixTransitGatewayBgpLanInterface>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
bgpLanInterfacesCount Integer: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
bgpLanIpLists List<String>: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
bgpManualSpokeAdvertiseCidrs String: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
bgpPollingTime String: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
cloudInstanceId String: Cloud instance ID of the transit gateway.
cloudType Integer: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
connectedTransit Boolean: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
customerManagedKeys String: Customer managed key ID.
customizedSpokeVpcRoutes String: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
customizedTransitVpcRoutes List<String>: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
eip String: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby Boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
enableActiveStandbyPreemptive Boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAdvertiseTransitCidr Boolean: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
enableBgpOverLan Boolean: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableEgressTransitFirenet Boolean: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
enableEncryptVolume Boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableFirenet Boolean: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
enableGatewayLoadBalancer Boolean: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableHybridConnection Boolean: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
enableJumboFrame Boolean: Enable jumbo frames for this transit gateway. Default value is true.
enableLearnedCidrsApproval Boolean: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets Boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enableMultiTierTransit Boolean: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
enablePreserveAsPath Boolean: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
enablePrivateOob Boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableS2cRxBalancing Boolean: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
enableSegmentation Boolean: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
enableSpotInstance Boolean: Enable spot instance. NOT supported for production deployment.
enableTransitFirenet Boolean: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
enableTransitSummarizeCidrToTgw Boolean: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
enableVpcDnsServer Boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
excludedAdvertisedSpokeRoutes String: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes String: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
gwName String: Name of the gateway which is going to be created.
gwSize String: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
haAvailabilityDomain String: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haBgpLanInterfaces List<AviatrixTransitGatewayHaBgpLanInterface>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
haBgpLanIpLists List<String>: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
haCloudInstanceId String: Cloud instance ID of the HA transit gateway.
haEip String: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain String: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwName String: Aviatrix transit gateway unique name of HA transit gateway.
haGwSize String: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
haImageVersion String: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz String: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haLanInterfaceCidr String: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
haOobAvailabilityZone String: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet String: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateIp String: Private IP address of the HA transit gateway created.
haPrivateModeSubnetZone String: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haPublicIp String: Public IP address of the HA Transit Gateway.
haSecurityGroupId String: HA security group used for the transit gateway.
haSoftwareVersion String: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet String: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
haZone String: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion String: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
insaneMode Boolean: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz String: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
lanInterfaceCidr String: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
lanPrivateSubnet String: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
lanVpcId String: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
learnedCidrsApprovalMode String: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
localAsNumber String: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
monitorExcludeLists List<String>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone String: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet String: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths List<String>: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
privateIp String: Private IP address of the transit gateway created.
privateModeLbVpcId String: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
privateModeSubnetZone String: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
publicIp String: Public IP address of the Transit Gateway created.
rxQueueSize String: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
securityGroupId String: Security group used for the transit gateway.
singleAzHa Boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat Boolean: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
softwareVersion String: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spotPrice String: Price for spot instance. NOT supported for production deployment.
subnet String: A VPC Network address range selected from one of the available network ranges.
tagLists List<String>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
tags Map<String,String>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
tunnelDetectionTime Integer: The IPSec tunnel down detection time for the transit gateway.
vpcId String: VPC-ID/VNet-Name of cloud provider.
vpcReg String: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
zone String: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName string: This parameter represents the name of a Cloud-Account in Aviatrix controller.
allocateNewEip boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs string[]: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime number: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpLanInterfaces AviatrixTransitGatewayBgpLanInterface[]: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
bgpLanInterfacesCount number: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
bgpLanIpLists string[]: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
bgpManualSpokeAdvertiseCidrs string: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
bgpPollingTime string: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
cloudInstanceId string: Cloud instance ID of the transit gateway.
cloudType number: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
connectedTransit boolean: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
customerManagedKeys string: Customer managed key ID.
customizedSpokeVpcRoutes string: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
customizedTransitVpcRoutes string[]: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
eip string: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
enableActiveStandbyPreemptive boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAdvertiseTransitCidr boolean: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
enableBgpOverLan boolean: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableEgressTransitFirenet boolean: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
enableEncryptVolume boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableFirenet boolean: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
enableGatewayLoadBalancer boolean: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableHybridConnection boolean: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
enableJumboFrame boolean: Enable jumbo frames for this transit gateway. Default value is true.
enableLearnedCidrsApproval boolean: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enableMultiTierTransit boolean: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
enablePreserveAsPath boolean: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
enablePrivateOob boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableS2cRxBalancing boolean: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
enableSegmentation boolean: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
enableSpotInstance boolean: Enable spot instance. NOT supported for production deployment.
enableTransitFirenet boolean: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
enableTransitSummarizeCidrToTgw boolean: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
enableVpcDnsServer boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
excludedAdvertisedSpokeRoutes string: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
faultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes string: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
gwName string: Name of the gateway which is going to be created.
gwSize string: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
haAvailabilityDomain string: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup string: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haBgpLanInterfaces AviatrixTransitGatewayHaBgpLanInterface[]: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
haBgpLanIpLists string[]: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
haCloudInstanceId string: Cloud instance ID of the HA transit gateway.
haEip string: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain string: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwName string: Aviatrix transit gateway unique name of HA transit gateway.
haGwSize string: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
haImageVersion string: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz string: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haLanInterfaceCidr string: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
haOobAvailabilityZone string: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet string: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateIp string: Private IP address of the HA transit gateway created.
haPrivateModeSubnetZone string: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haPublicIp string: Public IP address of the HA Transit Gateway.
haSecurityGroupId string: HA security group used for the transit gateway.
haSoftwareVersion string: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet string: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
haZone string: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion string: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
insaneMode boolean: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz string: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
lanInterfaceCidr string: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
lanPrivateSubnet string: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
lanVpcId string: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
learnedCidrsApprovalMode string: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
localAsNumber string: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
monitorExcludeLists string[]: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone string: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet string: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths string[]: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
privateIp string: Private IP address of the transit gateway created.
privateModeLbVpcId string: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
privateModeSubnetZone string: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
publicIp string: Public IP address of the Transit Gateway created.
rxQueueSize string: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
securityGroupId string: Security group used for the transit gateway.
singleAzHa boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat boolean: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
softwareVersion string: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spotPrice string: Price for spot instance. NOT supported for production deployment.
subnet string: A VPC Network address range selected from one of the available network ranges.
tagLists string[]: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
tags {[key: string]: string}: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
tunnelDetectionTime number: The IPSec tunnel down detection time for the transit gateway.
vpcId string: VPC-ID/VNet-Name of cloud provider.
vpcReg string: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
zone string: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

account_name str: This parameter represents the name of a Cloud-Account in Aviatrix controller.
allocate_new_eip bool: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approved_learned_cidrs Sequence[str]: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availability_domain str: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azure_eip_name_resource_group str: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgp_ecmp bool: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgp_hold_time int: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgp_lan_interfaces Sequence[AviatrixTransitGatewayBgpLanInterfaceArgs]: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
bgp_lan_interfaces_count int: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
bgp_lan_ip_lists Sequence[str]: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
bgp_manual_spoke_advertise_cidrs str: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
bgp_polling_time str: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
cloud_instance_id str: Cloud instance ID of the transit gateway.
cloud_type int: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
connected_transit bool: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
customer_managed_keys str: Customer managed key ID.
customized_spoke_vpc_routes str: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
customized_transit_vpc_routes Sequence[str]: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
eip str: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enable_active_standby bool: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
enable_active_standby_preemptive bool: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enable_advertise_transit_cidr bool: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
enable_bgp_over_lan bool: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enable_egress_transit_firenet bool: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
enable_encrypt_volume bool: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enable_firenet bool: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
enable_gateway_load_balancer bool: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enable_hybrid_connection bool: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
enable_jumbo_frame bool: Enable jumbo frames for this transit gateway. Default value is true.
enable_learned_cidrs_approval bool: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
enable_monitor_gateway_subnets bool: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enable_multi_tier_transit bool: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
enable_preserve_as_path bool: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
enable_private_oob bool: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enable_s2c_rx_balancing bool: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
enable_segmentation bool: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
enable_spot_instance bool: Enable spot instance. NOT supported for production deployment.
enable_transit_firenet bool: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
enable_transit_summarize_cidr_to_tgw bool: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
enable_vpc_dns_server bool: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
excluded_advertised_spoke_routes str: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
fault_domain str: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filtered_spoke_vpc_routes str: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
gw_name str: Name of the gateway which is going to be created.
gw_size str: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
ha_availability_domain str: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
ha_azure_eip_name_resource_group str: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
ha_bgp_lan_interfaces Sequence[AviatrixTransitGatewayHaBgpLanInterfaceArgs]: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
ha_bgp_lan_ip_lists Sequence[str]: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
ha_cloud_instance_id str: Cloud instance ID of the HA transit gateway.
ha_eip str: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
ha_fault_domain str: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
ha_gw_name str: Aviatrix transit gateway unique name of HA transit gateway.
ha_gw_size str: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
ha_image_version str: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
ha_insane_mode_az str: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
ha_lan_interface_cidr str: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
ha_oob_availability_zone str: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
ha_oob_management_subnet str: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
ha_private_ip str: Private IP address of the HA transit gateway created.
ha_private_mode_subnet_zone str: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
ha_public_ip str: Public IP address of the HA Transit Gateway.
ha_security_group_id str: HA security group used for the transit gateway.
ha_software_version str: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
ha_subnet str: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
ha_zone str: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
image_version str: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
insane_mode bool: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insane_mode_az str: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
lan_interface_cidr str: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
lan_private_subnet str: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
lan_vpc_id str: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
learned_cidrs_approval_mode str: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
local_as_number str: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
monitor_exclude_lists Sequence[str]: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oob_availability_zone str: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oob_management_subnet str: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prepend_as_paths Sequence[str]: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
private_ip str: Private IP address of the transit gateway created.
private_mode_lb_vpc_id str: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
private_mode_subnet_zone str: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
public_ip str: Public IP address of the Transit Gateway created.
rx_queue_size str: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
security_group_id str: Security group used for the transit gateway.
single_az_ha bool: Set to true if this feature is desired. Valid values: true, false.
single_ip_snat bool: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
software_version str: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spot_price str: Price for spot instance. NOT supported for production deployment.
subnet str: A VPC Network address range selected from one of the available network ranges.
tag_lists Sequence[str]: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
tags Mapping[str, str]: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
tunnel_detection_time int: The IPSec tunnel down detection time for the transit gateway.
vpc_id str: VPC-ID/VNet-Name of cloud provider.
vpc_reg str: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
zone str: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

accountName String: This parameter represents the name of a Cloud-Account in Aviatrix controller.
allocateNewEip Boolean: When value is false, reuse an idle address in Elastic IP pool for this gateway. Otherwise, allocate a new Elastic IP and use it for this gateway. Available in Controller 4.7+. Valid values: true, false. Default: true.
approvedLearnedCidrs List<String>: A set of approved learned CIDRs. Only valid when enable_learned_cidrs_approval is set to true. Example: ["10.250.0.0/16", "10.251.0.0/16"]. Available as of provider version R2.21+.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
azureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if allocate_new_eip is false and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
bgpEcmp Boolean: Enable Equal Cost Multi Path (ECMP) routing for the next hop. Default value: false.
bgpHoldTime Number: BGP hold time. Unit is in seconds. Valid values are between 12 and 360. Default value: 180.
bgpLanInterfaces List<Property Map>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit. Each interface has the following attributes:
bgpLanInterfacesCount Number: Number of interfaces that will be created for BGP over LAN enabled Azure transit. Valid value: 1~5 for FireNet case, 1~7 for Non-FireNet case. Default value: 1. Available as of provider version R2.22+.
bgpLanIpLists List<String>: List of available BGP LAN interface IPs for transit external device connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
bgpManualSpokeAdvertiseCidrs String: Intended CIDR list to be advertised to external BGP router. Example: "10.2.0.0/16,10.4.0.0/16". Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
bgpPollingTime String: BGP route polling time. Unit is in seconds. Valid values are between 10 and 50. Default value: "50".
cloudInstanceId String: Cloud instance ID of the transit gateway.
cloudType Number: Type of cloud service provider, requires an integer value. Currently only AWS(1), GCP(4), Azure(8), OCI(16), AzureGov(32), AWSGov(256), AWSChina(1024), AzureChina(2048), Alibaba Cloud(8192), AWS Top Secret(16384) and AWS Secret (32768) are supported.
connectedTransit Boolean: Specify Connected Transit status. If enabled, it allows spokes to run traffics to other spokes via transit gateway. Valid values: true, false. Default value: false.
customerManagedKeys String: Customer managed key ID.
customizedSpokeVpcRoutes String: A list of comma-separated CIDRs to be customized for the spoke VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. It applies to all spoke gateways attached to this transit gateway. Example: "10.0.0.0/16,10.2.0.0/16".
customizedTransitVpcRoutes List<String>: A list of CIDRs to be customized for the transit VPC routes. When configured, it will replace all learned routes in VPC routing tables, including RFC1918 and non-RFC1918 CIDRs. To be effective, enable_advertise_transit_cidr or firewall management access for a Transit FireNet gateway must be enabled. Example: ["10.0.0.0/16", "10.2.0.0/16"].
eip String: Required when allocate_new_eip is false. It uses the specified EIP for this gateway. Available in Controller version 4.7+. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
enableActiveStandby Boolean: Enables Active-Standby Mode. Available only with HA enabled. Valid values: true, false. Default value: false. Available in provider version R2.17.1+.
enableActiveStandbyPreemptive Boolean: Enables Preemptive Mode for Active-Standby. Available only with BGP enabled, HA enabled and Active-Standby enabled. Valid values: true, false. Default value: false.
enableAdvertiseTransitCidr Boolean: Switch to enable/disable advertise transit VPC network CIDR for a VGW connection. Available as of R2.6. NOTE: If previously enabled through vgw_conn resource prior to provider version R2.6, please see notes here.
enableBgpOverLan Boolean: Pre-allocate a network interface(eth4) for "BGP over LAN" functionality. Must be enabled to create a BGP over LAN aviatrix.AviatrixTransitExternalDeviceConn resource with this Transit Gateway. Only valid for GCP (4), Azure (8), AzureGov (32) or AzureChina (2048). Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableEgressTransitFirenet Boolean: Enable Egress Transit FireNet. Valid values: true, false. Default value: false. Available in provider version R2.16.3+.
enableEncryptVolume Boolean: Enable EBS volume encryption for Gateway. Only supports AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableFirenet Boolean: Set to true to use gateway for legacy AWS TGW-based FireNet connection. Valid values: true, false. Default value: false. NOTE: If previously using an older provider version R2.5 where attribute name was enable_firenet_interfaces, please see notes here.
enableGatewayLoadBalancer Boolean: Enable FireNet interfaces with AWS Gateway Load Balancer. Only valid when enable_firenet or enable_transit_firenet are set to true and cloud_type = 1 (AWS). Currently, AWS Gateway Load Balancer is only supported in AWS regions: us-west-2, us-east-1, eu-west-1, ap-southeast-2 and sa-east-1. Valid values: true or false. Default value: false. Available as of provider version R2.18+.
enableHybridConnection Boolean: Sign of readiness for AWS TGW connection. Only supported for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Example: false.
enableJumboFrame Boolean: Enable jumbo frames for this transit gateway. Default value is true.
enableLearnedCidrsApproval Boolean: Switch to enable/disable encrypted transit approval for transit gateway. Valid values: true, false. Default value: false.
enableMonitorGatewaySubnets Boolean: If set to true, the Monitor Gateway Subnets feature is enabled. Default value is false. Available in provider version R2.18+.
enableMultiTierTransit Boolean: Enable Multi-tier Transit mode on transit gateway. When enabled, transit gateway will propagate routes it receives from its transit peering peer to other transit peering peers. local_as_number is required. Default value: false. Available as of provider version R2.19+.
enablePreserveAsPath Boolean: Enable preserve as_path when advertising manual summary cidrs on transit gateway. Valid values: true, false. Default value: false. Available as of provider version R.2.22.1+ },
enablePrivateOob Boolean: Enable Private OOB feature. Only available for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
enableS2cRxBalancing Boolean: Enable S2C receive packet CPU re-balancing on transit gateway. Valid values: true, false. Default value: false. Available in provider version R2.21.2+.
enableSegmentation Boolean: Enable transit gateway for segmentation. Valid values: true, false. Default: false.
enableSpotInstance Boolean: Enable spot instance. NOT supported for production deployment.
enableTransitFirenet Boolean: Set to true to use gateway for Transit FireNet connection. Valid values: true, false. Default value: false. Available in provider version R2.12+.
enableTransitSummarizeCidrToTgw Boolean: Enable summarize CIDR to TGW. Valid values: true, false. Default value: false.
enableVpcDnsServer Boolean: Enable VPC DNS Server for Gateway. Currently only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, Alibaba Cloud, AWS Top Secret and AWS Secret gateways. Valid values: true, false. Default value: false.
excludedAdvertisedSpokeRoutes String: A list of comma-separated CIDRs to be advertised to on-prem as 'Excluded CIDR List'. When configured, it inspects all the advertised CIDRs from its spoke gateways and remove those included in the 'Excluded CIDR List'. Example: "10.4.0.0/16,10.5.0.0/16".
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
filteredSpokeVpcRoutes String: A list of comma-separated CIDRs to be filtered from the spoke VPC route table. When configured, filtering CIDR(s) or it’s subnet will be deleted from VPC routing tables as well as from spoke gateway’s routing table. It applies to all spoke gateways attached to this transit gateway. Example: "10.2.0.0/16,10.3.0.0/16".
gwName String: Name of the gateway which is going to be created.
gwSize String: Size of the gateway instance. Example: AWS: "t2.large", Azure/AzureGov: "Standard_B1s", OCI: "VM.Standard2.2", GCP: "n1-standard-1", AWSGov: "t2.large", AWSChina: "t2.large", AzureChina: "Standard_A0".
haAvailabilityDomain String: HA gateway availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haAzureEipNameResourceGroup String: Name of public IP Address resource and its resource group in Azure to be assigned to the HA Transit Gateway instance. Example: "IP_Name:Resource_Group_Name". Required if ha_eip is set and cloud_type is Azure, AzureGov or AzureChina. Available as of provider version 2.20+.
haBgpLanInterfaces List<Property Map>: Interfaces to run BGP protocol on top of the ethernet interface, to connect to the onprem/remote peer. Only available for GCP Transit HA. Each interface has the following attributes:
haBgpLanIpLists List<String>: List of available BGP LAN interface IPs for transit external device HA connection creation. Only supports GCP and Azure. Available as of provider version R2.21.0+.
haCloudInstanceId String: Cloud instance ID of the HA transit gateway.
haEip String: Public IP address that you want to assign to the HA peering instance. If no value is given, a new EIP will automatically be allocated. Only available for AWS, GCP, Azure, OCI, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret.
haFaultDomain String: HA gateway fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
haGwName String: Aviatrix transit gateway unique name of HA transit gateway.
haGwSize String: HA Gateway Size. Mandatory if enabling HA. Example: "t2.micro".
haImageVersion String: The image version of the HA gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired ha_software_version. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
haInsaneModeAz String: AZ of subnet being created for Insane Mode Transit HA Gateway. Required for AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret if insane_mode is enabled and ha_subnet is set. Example: AWS: "us-west-1a".
haLanInterfaceCidr String: LAN interface CIDR of the HA transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.18+.
haOobAvailabilityZone String: HA OOB availability zone. Required if enabling Private OOB and HA. Example: "us-west-1b".
haOobManagementSubnet String: HA OOB management subnet. Required if enabling Private OOB and HA. Example: "11.0.0.48/28".
haPrivateIp String: Private IP address of the HA transit gateway created.
haPrivateModeSubnetZone String: Availability Zone of the HA subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov with HA. Available in Provider version R2.23+.
haPublicIp String: Public IP address of the HA Transit Gateway.
haSecurityGroupId String: HA security group used for the transit gateway.
haSoftwareVersion String: The software version of the HA gateway. If set, we will attempt to update the HA gateway to the specified version if current version is different. If left blank, the HA gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
haSubnet String: HA Subnet CIDR. Required only if enabling HA for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, OCI, Alibaba Cloud, AWS Top Secret or AWS Secret gateways. Optional for GCP. Setting to empty/unsetting will disable HA. Setting to a valid subnet CIDR will create an HA gateway on the subnet. Example: "10.12.0.0/24".
haZone String: HA Zone. Required if enabling HA for GCP gateway. Optional if enabling HA for Azure gateway. For GCP, setting to empty/unsetting will disable HA and setting to a valid zone will create an HA gateway in the zone. Example: "us-west1-c". For Azure, this is an optional parameter to place the HA gateway in a specific availability zone. Valid values for Azure gateways are in the form "az-n". Example: "az-2". Available for Azure as of provider version R2.17+.
imageVersion String: The image version of the gateway. Use aviatrix.getAviatrixGatewayImage data source to programmatically retrieve this value for the desired software_version. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrades can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "hvm-cloudx-aws-022021". Available as of provider version R2.20.0.
insaneMode Boolean: Specify true for Insane Mode high performance gateway. Insane Mode gateway size must be at least c5 size (AWS, AWSGov, AWS China, AWS Top Secret and AWS Secret) or Standard_D3_v2 (Azure and AzureGov); for GCP only four size are supported: "n1-highcpu-4", "n1-highcpu-8", "n1-highcpu-16" and "n1-highcpu-32". If enabled, you must specify a valid /26 CIDR segment of the VPC to create a new subnet for AWS, Azure, AzureGov, AWSGov, AWS Top Secret and AWS Secret. Only available for AWS, GCP/OCI, Azure, AzureGov, AzureChina, AWSGov, AWS Top Secret and AWS Secret. Valid values: true, false. Default value: false.
insaneModeAz String: AZ of subnet being created for Insane Mode Transit Gateway. Required for AWS, AWSGov, AWS China, AWS Top Secret or AWS Secret if insane_mode is enabled. Example: AWS: "us-west-1a".
lanInterfaceCidr String: LAN interface CIDR of the transit gateway created (will be used when enabling FQDN Firenet in Azure). Available in provider version R2.17.1+.
lanPrivateSubnet String: LAN Private Subnet. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
lanVpcId String: LAN VPC ID. Only valid when enabling Transit FireNet on GCP. Available as of provider version R2.18.1+.
learnedCidrsApprovalMode String: Learned CIDRs approval mode. Either "gateway" (approval on a per gateway basis) or "connection" (approval on a per connection basis). Default value: "gateway". Available as of provider version R2.18+.
localAsNumber String: Changes the Aviatrix Transit Gateway ASN number before you setup Aviatrix Transit Gateway connection configurations.
monitorExcludeLists List<String>: Set of monitored instance ids. Only valid when 'enable_monitor_gateway_subnets' = true. Available in provider version R2.18+.
oobAvailabilityZone String: OOB availability zone. Required if enabling Private OOB. Example: "us-west-1a".
oobManagementSubnet String: OOB management subnet. Required if enabling Private OOB. Example: "11.0.2.0/24".
prependAsPaths List<String>: List of AS numbers to populate BGP AP_PATH field when it advertises to VGW or peer devices.
privateIp String: Private IP address of the transit gateway created.
privateModeLbVpcId String: VPC ID of Private Mode load balancer. Required when Private Mode is enabled on the Controller. Available in Provider version R2.23+.
privateModeSubnetZone String: Availability Zone of the subnet. Required when Private Mode is enabled on the Controller and cloud_type is AWS or AWSGov. Available in Provider version R2.23+.
publicIp String: Public IP address of the Transit Gateway created.
rxQueueSize String: Gateway ethernet interface RX queue size. Once set, can't be deleted or disabled. Available for AWS as of provider version R2.22+.
securityGroupId String: Security group used for the transit gateway.
singleAzHa Boolean: Set to true if this feature is desired. Valid values: true, false.
singleIpSnat Boolean: Enable "single_ip" mode Source NAT for this container. Valid values: true, false. NOTE: Please see notes here in regards to changes to this argument in R2.10.
softwareVersion String: The software version of the gateway. If set, we will attempt to update the gateway to the specified version if current version is different. If left blank, the gateway upgrade can be managed with the aviatrix.AviatrixControllerConfig resource. Type: String. Example: "6.5.821". Available as of provider version R2.20.0.
spotPrice String: Price for spot instance. NOT supported for production deployment.
subnet String: A VPC Network address range selected from one of the available network ranges.
tagLists List<String>: (Optional) Instance tag of cloud provider. Only supported for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina. Example: ["key1:value1","key2:value2"].
Deprecated: Use tags instead.
tags Map<String>: Map of tags to assign to the gateway. Only available for AWS, Azure, AzureGov, AWSGov, AWSChina, AzureChina, AWS Top Secret and AWS Secret gateways. Allowed characters vary by cloud type but always include: letters, spaces, and numbers. AWS, AWSGov, AWSChina, AWS Top Secret and AWS Secret allow the use of any character. Azure, AzureGov and AzureChina allows the following special characters: + - = . _ : @. Example: {"key1" = "value1", "key2" = "value2"}.
tunnelDetectionTime Number: The IPSec tunnel down detection time for the transit gateway.
vpcId String: VPC-ID/VNet-Name of cloud provider.
vpcReg String: Region of cloud provider. Example: AWS: "us-east-1", GCP: "us-west2-a", Azure: "East US 2", OCI: "us-ashburn-1", AzureGov: "USGov Arizona", AWSGov: "us-gov-west-1", AWSChina: "cn-north-1", AzureChina: "China North", AWS Top Secret: "us-iso-east-1", AWS Secret: "us-isob-east-1".
zone String: Availability Zone. Only available for cloud_type = 8 (Azure). Must be in the form 'az-n', for example, 'az-2'. Available in provider version R2.17+.

Supporting Types

AviatrixTransitGatewayBgpLanInterface, AviatrixTransitGatewayBgpLanInterfaceArgs

Subnet string: A VPC Network address range selected from one of the available network ranges.
VpcId string: VPC-ID/VNet-Name of cloud provider.

Subnet string: A VPC Network address range selected from one of the available network ranges.
VpcId string: VPC-ID/VNet-Name of cloud provider.

subnet String: A VPC Network address range selected from one of the available network ranges.
vpcId String: VPC-ID/VNet-Name of cloud provider.

subnet string: A VPC Network address range selected from one of the available network ranges.
vpcId string: VPC-ID/VNet-Name of cloud provider.

subnet str: A VPC Network address range selected from one of the available network ranges.
vpc_id str: VPC-ID/VNet-Name of cloud provider.

subnet String: A VPC Network address range selected from one of the available network ranges.
vpcId String: VPC-ID/VNet-Name of cloud provider.

AviatrixTransitGatewayHaBgpLanInterface, AviatrixTransitGatewayHaBgpLanInterfaceArgs

Subnet string: A VPC Network address range selected from one of the available network ranges.
VpcId string: VPC-ID/VNet-Name of cloud provider.

Subnet string: A VPC Network address range selected from one of the available network ranges.
VpcId string: VPC-ID/VNet-Name of cloud provider.

subnet String: A VPC Network address range selected from one of the available network ranges.
vpcId String: VPC-ID/VNet-Name of cloud provider.

subnet string: A VPC Network address range selected from one of the available network ranges.
vpcId string: VPC-ID/VNet-Name of cloud provider.

subnet str: A VPC Network address range selected from one of the available network ranges.
vpc_id str: VPC-ID/VNet-Name of cloud provider.

subnet String: A VPC Network address range selected from one of the available network ranges.
vpcId String: VPC-ID/VNet-Name of cloud provider.

Package Details

Repository: aviatrix astipkovits/pulumi-aviatrix
License: Apache-2.0
Notes: This Pulumi package is based on the aviatrix Terraform Provider.

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

astipkovits/pulumi-aviatrix

aviatrix.AviatrixTransitGateway

On this page

On this page

Import

Create AviatrixTransitGateway Resource

Constructor syntax

Parameters

Constructor example

AviatrixTransitGateway Resource Properties

Inputs

Outputs

Look up Existing AviatrixTransitGateway Resource

Supporting Types

AviatrixTransitGatewayBgpLanInterface, AviatrixTransitGatewayBgpLanInterfaceArgs

AviatrixTransitGatewayHaBgpLanInterface, AviatrixTransitGatewayHaBgpLanInterfaceArgs

Package Details

On this page

On this page