ip_ranges var
This commit is contained in:
parent
b11ae47738
commit
0411dbbd51
|
@ -107,24 +107,25 @@ The above command will delete the associated resources so there will be no billa
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [project_id](variables.tf#L51) | Project id, references existing project if `project_create` is null. | <code>string</code> | ✓ | |
|
||||
| [wordpress_image](variables.tf#L75) | Image to run with Cloud Run, starts with \"gcr.io\" | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L66) | Project id, references existing project if `project_create` is null. | <code>string</code> | ✓ | |
|
||||
| [wordpress_image](variables.tf#L77) | Image to run with Cloud Run, starts with \"gcr.io\" | <code>string</code> | ✓ | |
|
||||
| [cloud_run_invoker](variables.tf#L18) | IAM member authorized to access the end-point (for example, 'user:YOUR_IAM_USER' for only you or 'allUsers' for everyone) | <code>string</code> | | <code>"allUsers"</code> |
|
||||
| [connector_cidr](variables.tf#L24) | CIDR block for the VPC serverless connector (10.8.0.0/28 by default) | <code>string</code> | | <code>"10.8.0.0/28"</code> |
|
||||
| [prefix](variables.tf#L30) | Unique prefix used for resource names. Not used for project if 'project_create' is null. | <code>string</code> | | <code>""</code> |
|
||||
| [principals](variables.tf#L36) | List of emails of people/service accounts to give rights to, eg 'user@domain.com'. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [project_create](variables.tf#L42) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
| [psa_cidr](variables.tf#L57) | CIDR block for Private Service Access for CloudSQL (10.60.0.0/24 by default) | <code>string</code> | | <code>"10.60.0.0/24"</code> |
|
||||
| [region](variables.tf#L63) | Region for the created resources | <code>string</code> | | <code>"europe-west4"</code> |
|
||||
| [sql_vpc_cidr](variables.tf#L69) | CIDR block for the VPC for the CloudSQL (10.0.0.0/20 by default) | <code>string</code> | | <code>"10.0.0.0/20"</code> |
|
||||
| [wordpress_port](variables.tf#L80) | Port for the Wordpress image (8080 by default) | <code>number</code> | | <code>8080</code> |
|
||||
| [cloudsql_password](variables.tf#L24) | CloudSQL password (will be randomly generated by default) | <code>string</code> | | <code>null</code> |
|
||||
| [ip_ranges](variables.tf#L31) | CIDR blocks: VPC serverless connector, Private Service Access(PSA) for CloudSQL, CloudSQL VPC | <code title="object({ connector = string psa = string sql_vpc = string })">object({…})</code> | | <code title="{ connector = "10.8.0.0/28" psa = "10.60.0.0/24" sql_vpc = "10.0.0.0/20" }">{…}</code> |
|
||||
| [prefix](variables.tf#L45) | Unique prefix used for resource names. Not used for project if 'project_create' is null. | <code>string</code> | | <code>""</code> |
|
||||
| [principals](variables.tf#L51) | List of emails of people/service accounts to give rights to, eg 'user@domain.com'. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [project_create](variables.tf#L57) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
| [region](variables.tf#L71) | Region for the created resources | <code>string</code> | | <code>"europe-west4"</code> |
|
||||
| [wordpress_password](variables.tf#L88) | Password for the Wordpress user (will be randomly generated by default) | <code>string</code> | | <code>null</code> |
|
||||
| [wordpress_port](variables.tf#L82) | Port for the Wordpress image (8080 by default) | <code>number</code> | | <code>8080</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [cloud_run_service](outputs.tf#L17) | CloudRun service URL | ✓ |
|
||||
| [wp_password](outputs.tf#L28) | Wordpress user password | ✓ |
|
||||
| [wp_user](outputs.tf#L23) | Wordpress username | |
|
||||
| [cloudsql_password](outputs.tf#L23) | CloudSQL password | ✓ |
|
||||
| [wp_password](outputs.tf#L34) | Wordpress user password | ✓ |
|
||||
| [wp_user](outputs.tf#L29) | Wordpress username | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
@ -120,7 +120,7 @@ module "cloud_run" {
|
|||
|
||||
# create a VPC connector for the ClouSQL VPC
|
||||
vpc_connector_create = {
|
||||
ip_cidr_range = var.connector_cidr
|
||||
ip_cidr_range = var.ip_ranges.connector
|
||||
name = "${local.prefix}wp-connector"
|
||||
vpc_self_link = module.vpc.self_link
|
||||
}
|
||||
|
@ -134,7 +134,7 @@ module "vpc" {
|
|||
name = "${local.prefix}sql-vpc"
|
||||
subnets = [
|
||||
{
|
||||
ip_cidr_range = var.sql_vpc_cidr
|
||||
ip_cidr_range = var.ip_ranges.sql_vpc
|
||||
name = "subnet"
|
||||
region = var.region
|
||||
secondary_ip_range = {}
|
||||
|
@ -144,7 +144,7 @@ module "vpc" {
|
|||
# Private Service Access
|
||||
psa_config = {
|
||||
ranges = {
|
||||
cloud-sql = var.psa_cidr
|
||||
cloud-sql = var.ip_ranges.psa
|
||||
}
|
||||
routes = null
|
||||
}
|
||||
|
@ -156,7 +156,7 @@ module "firewall" {
|
|||
source = "../../../../modules/net-vpc-firewall"
|
||||
project_id = module.project.project_id
|
||||
network = module.vpc.name
|
||||
admin_ranges = [var.sql_vpc_cidr]
|
||||
admin_ranges = [var.ip_ranges.sql_vpc]
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -27,10 +27,19 @@ variable "cloudsql_password" {
|
|||
default = null
|
||||
}
|
||||
|
||||
variable "connector_cidr" {
|
||||
type = string
|
||||
description = "CIDR block for the VPC serverless connector (10.8.0.0/28 by default)"
|
||||
default = "10.8.0.0/28"
|
||||
# PSA: documentation: https://cloud.google.com/vpc/docs/configure-private-services-access#allocating-range
|
||||
variable "ip_ranges" {
|
||||
description = "CIDR blocks: VPC serverless connector, Private Service Access(PSA) for CloudSQL, CloudSQL VPC"
|
||||
type = object({
|
||||
connector = string
|
||||
psa = string
|
||||
sql_vpc = string
|
||||
})
|
||||
default = {
|
||||
connector = "10.8.0.0/28"
|
||||
psa = "10.60.0.0/24"
|
||||
sql_vpc = "10.0.0.0/20"
|
||||
}
|
||||
}
|
||||
|
||||
variable "prefix" {
|
||||
|
@ -59,25 +68,12 @@ variable "project_id" {
|
|||
type = string
|
||||
}
|
||||
|
||||
# Documentation: https://cloud.google.com/vpc/docs/configure-private-services-access#allocating-range
|
||||
variable "psa_cidr" {
|
||||
type = string
|
||||
description = "CIDR block for Private Service Access for CloudSQL (10.60.0.0/24 by default)"
|
||||
default = "10.60.0.0/24"
|
||||
}
|
||||
|
||||
variable "region" {
|
||||
type = string
|
||||
description = "Region for the created resources"
|
||||
default = "europe-west4"
|
||||
}
|
||||
|
||||
variable "sql_vpc_cidr" {
|
||||
type = string
|
||||
description = "CIDR block for the VPC for the CloudSQL (10.0.0.0/20 by default)"
|
||||
default = "10.0.0.0/20"
|
||||
}
|
||||
|
||||
variable "wordpress_image" {
|
||||
type = string
|
||||
description = "Image to run with Cloud Run, starts with \"gcr.io\""
|
||||
|
|
Loading…
Reference in New Issue