From 07f89e0aa0aeb41dbae1267f560a11f3e8f270e8 Mon Sep 17 00:00:00 2001 From: Natalia Strelkova Date: Fri, 7 Oct 2022 06:37:07 +0000 Subject: [PATCH] connector creation in a variable --- .../wordpress/cloudrun/README.md | 19 ++++++++++--------- .../wordpress/cloudrun/cloudsql.tf | 1 + .../wordpress/cloudrun/main.tf | 4 ++-- .../wordpress/cloudrun/variables.tf | 8 +++++++- 4 files changed, 20 insertions(+), 12 deletions(-) diff --git a/blueprints/third-party-solutions/wordpress/cloudrun/README.md b/blueprints/third-party-solutions/wordpress/cloudrun/README.md index 529df214..4d43995b 100644 --- a/blueprints/third-party-solutions/wordpress/cloudrun/README.md +++ b/blueprints/third-party-solutions/wordpress/cloudrun/README.md @@ -110,17 +110,18 @@ The above command will delete the associated resources so there will be no billa | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [project_id](variables.tf#L66) | Project id, references existing project if `project_create` is null. | string | ✓ | | -| [wordpress_image](variables.tf#L77) | Image to run with Cloud Run, starts with \"gcr.io\" | string | ✓ | | +| [project_id](variables.tf#L72) | Project id, references existing project if `project_create` is null. | string | ✓ | | +| [wordpress_image](variables.tf#L83) | Image to run with Cloud Run, starts with \"gcr.io\" | string | ✓ | | | [cloud_run_invoker](variables.tf#L18) | IAM member authorized to access the end-point (for example, 'user:YOUR_IAM_USER' for only you or 'allUsers' for everyone) | string | | "allUsers" | | [cloudsql_password](variables.tf#L24) | CloudSQL password (will be randomly generated by default) | string | | null | -| [ip_ranges](variables.tf#L31) | CIDR blocks: VPC serverless connector, Private Service Access(PSA) for CloudSQL, CloudSQL VPC | object({…}) | | {…} | -| [prefix](variables.tf#L45) | Unique prefix used for resource names. Not used for project if 'project_create' is null. | string | | "" | -| [principals](variables.tf#L51) | List of users to give rights to (CloudSQL admin, client and instanceUser, Logging admin, Service Account User and TokenCreator), eg 'user@domain.com'. | list(string) | | [] | -| [project_create](variables.tf#L57) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | object({…}) | | null | -| [region](variables.tf#L71) | Region for the created resources | string | | "europe-west4" | -| [wordpress_password](variables.tf#L88) | Password for the Wordpress user (will be randomly generated by default) | string | | null | -| [wordpress_port](variables.tf#L82) | Port for the Wordpress image (8080 by default) | number | | 8080 | +| [create_connector](variables.tf#L30) | Should a VPC serverless connector be created or not | bool | | true | +| [ip_ranges](variables.tf#L37) | CIDR blocks: VPC serverless connector, Private Service Access(PSA) for CloudSQL, CloudSQL VPC | object({…}) | | {…} | +| [prefix](variables.tf#L51) | Unique prefix used for resource names. Not used for project if 'project_create' is null. | string | | "" | +| [principals](variables.tf#L57) | List of users to give rights to (CloudSQL admin, client and instanceUser, Logging admin, Service Account User and TokenCreator), eg 'user@domain.com'. | list(string) | | [] | +| [project_create](variables.tf#L63) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | object({…}) | | null | +| [region](variables.tf#L77) | Region for the created resources | string | | "europe-west4" | +| [wordpress_password](variables.tf#L94) | Password for the Wordpress user (will be randomly generated by default) | string | | null | +| [wordpress_port](variables.tf#L88) | Port for the Wordpress image | number | | 8080 | ## Outputs diff --git a/blueprints/third-party-solutions/wordpress/cloudrun/cloudsql.tf b/blueprints/third-party-solutions/wordpress/cloudrun/cloudsql.tf index d726d761..31a04315 100644 --- a/blueprints/third-party-solutions/wordpress/cloudrun/cloudsql.tf +++ b/blueprints/third-party-solutions/wordpress/cloudrun/cloudsql.tf @@ -54,6 +54,7 @@ module "firewall" { # create a VPC connector for the ClouSQL VPC resource "google_vpc_access_connector" "connector" { + count = var.create_connector ? 1 : 0 project = module.project.project_id name = "${local.prefix}wp-connector" region = var.region diff --git a/blueprints/third-party-solutions/wordpress/cloudrun/main.tf b/blueprints/third-party-solutions/wordpress/cloudrun/main.tf index 296f1715..f49b685b 100644 --- a/blueprints/third-party-solutions/wordpress/cloudrun/main.tf +++ b/blueprints/third-party-solutions/wordpress/cloudrun/main.tf @@ -113,8 +113,8 @@ module "cloud_run" { cloudsql_instances = [module.cloudsql.connection_name] vpcaccess_connector = null # allow all traffic - vpcaccess_egress = "all-traffic" - vpcaccess_connector = google_vpc_access_connector.connector.self_link + vpcaccess_egress = "all-traffic" + vpcaccess_connector = google_vpc_access_connector.connector.0.self_link } ingress_settings = "all" } \ No newline at end of file diff --git a/blueprints/third-party-solutions/wordpress/cloudrun/variables.tf b/blueprints/third-party-solutions/wordpress/cloudrun/variables.tf index c0ea7f4b..e56aaf8c 100644 --- a/blueprints/third-party-solutions/wordpress/cloudrun/variables.tf +++ b/blueprints/third-party-solutions/wordpress/cloudrun/variables.tf @@ -27,6 +27,12 @@ variable "cloudsql_password" { default = null } +variable "create_connector" { + type = bool + description = "Should a VPC serverless connector be created or not" + default = true +} + # PSA: documentation: https://cloud.google.com/vpc/docs/configure-private-services-access#allocating-range variable "ip_ranges" { description = "CIDR blocks: VPC serverless connector, Private Service Access(PSA) for CloudSQL, CloudSQL VPC" @@ -81,7 +87,7 @@ variable "wordpress_image" { variable "wordpress_port" { type = number - description = "Port for the Wordpress image (8080 by default)" + description = "Port for the Wordpress image" default = 8080 }