diff --git a/README.md b/README.md
index 75cb580..f504e77 100644
--- a/README.md
+++ b/README.md
@@ -142,7 +142,7 @@ Available targets:
| [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no |
| [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"descriptor_formats": {},
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"labels_as_tags": [
"unset"
],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {},
"tenant": null
} | no |
| [customer\_gateway\_bgp\_asn](#input\_customer\_gateway\_bgp\_asn) | The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN) | `number` | `65000` | no |
-| [customer\_gateway\_ip\_address](#input\_customer\_gateway\_ip\_address) | The IP address of the gateway's Internet-routable external interface | `string` | n/a | yes |
+| [customer\_gateway\_ip\_address](#input\_customer\_gateway\_ip\_address) | The IP address of the gateway's Internet-routable external interface. Set to null to not create the customer gateway. | `string` | `null` | no |
| [delimiter](#input\_delimiter) | Delimiter to be used between ID elements.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
| [descriptor\_formats](#input\_descriptor\_formats) | Describe additional descriptors to be output in the `descriptors` output map.
Map of maps. Keys are names of descriptors. Values are maps of the form
`{
format = string
labels = list(string)
}`
(Type is `any` so the map values can later be enhanced to provide additional options.)
`format` is a Terraform format string to be passed to the `format()` function.
`labels` is a list of labels, in order, to pass to `format()` function.
Label values will be normalized before being passed to `format()` so they will be
identical to how they appear in `id`.
Default is `{}` (`descriptors` output will be empty). | `any` | `{}` | no |
| [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
diff --git a/docs/terraform.md b/docs/terraform.md
index ad6a8ec..ab6a38f 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -41,7 +41,7 @@
| [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no |
| [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"descriptor_formats": {},
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"labels_as_tags": [
"unset"
],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {},
"tenant": null
} | no |
| [customer\_gateway\_bgp\_asn](#input\_customer\_gateway\_bgp\_asn) | The gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN) | `number` | `65000` | no |
-| [customer\_gateway\_ip\_address](#input\_customer\_gateway\_ip\_address) | The IP address of the gateway's Internet-routable external interface | `string` | n/a | yes |
+| [customer\_gateway\_ip\_address](#input\_customer\_gateway\_ip\_address) | The IP address of the gateway's Internet-routable external interface. Set to null to not create the customer gateway. | `string` | `null` | no |
| [delimiter](#input\_delimiter) | Delimiter to be used between ID elements.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
| [descriptor\_formats](#input\_descriptor\_formats) | Describe additional descriptors to be output in the `descriptors` output map.
Map of maps. Keys are names of descriptors. Values are maps of the form
`{
format = string
labels = list(string)
}`
(Type is `any` so the map values can later be enhanced to provide additional options.)
`format` is a Terraform format string to be passed to the `format()` function.
`labels` is a list of labels, in order, to pass to `format()` function.
Label values will be normalized before being passed to `format()` so they will be
identical to how they appear in `id`.
Default is `{}` (`descriptors` output will be empty). | `any` | `{}` | no |
| [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `null` | no |
diff --git a/main.tf b/main.tf
index 06b9abe..550c601 100644
--- a/main.tf
+++ b/main.tf
@@ -12,7 +12,7 @@ locals {
# https://www.terraform.io/docs/providers/aws/r/vpn_gateway.html
resource "aws_vpn_gateway" "default" {
- count = local.enabled && var.transit_gateway_enabled == false ? 1 : 0
+ count = local.enabled && !var.transit_gateway_enabled ? 1 : 0
vpc_id = var.vpc_id
amazon_side_asn = var.vpn_gateway_amazon_side_asn
tags = module.this.tags
@@ -20,7 +20,7 @@ resource "aws_vpn_gateway" "default" {
# https://www.terraform.io/docs/providers/aws/r/customer_gateway.html
resource "aws_customer_gateway" "default" {
- count = local.enabled ? 1 : 0
+ count = local.enabled && var.customer_gateway_ip_address != null ? 1 : 0
bgp_asn = var.customer_gateway_bgp_asn
ip_address = var.customer_gateway_ip_address
type = "ipsec.1"
@@ -40,7 +40,7 @@ module "logs" {
# https://www.terraform.io/docs/providers/aws/r/vpn_connection.html
resource "aws_vpn_connection" "default" {
- count = local.enabled ? 1 : 0
+ count = local.enabled && var.customer_gateway_ip_address != null ? 1 : 0
vpn_gateway_id = local.transit_gateway_enabled == false ? local.vpn_gateway_id : null
customer_gateway_id = local.customer_gateway_id
transit_gateway_id = local.transit_gateway_enabled ? var.existing_transit_gateway_id : null
diff --git a/variables.tf b/variables.tf
index 2060e31..1418ef4 100644
--- a/variables.tf
+++ b/variables.tf
@@ -17,7 +17,8 @@ variable "customer_gateway_bgp_asn" {
variable "customer_gateway_ip_address" {
type = string
- description = "The IP address of the gateway's Internet-routable external interface"
+ description = "The IP address of the gateway's Internet-routable external interface. Set to null to not create the customer gateway."
+ default = null
}
variable "route_table_ids" {