zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #130 from terraform-google-modules/jccb-net-vpc-optional-create 

Make VPC creation optional in `net-vpc` module
This commit is contained in:
Julio Castillo 2020-08-31 15:03:33 +02:00 committed by GitHub
parent 0ca0f8e81b 21aee6f0aa
commit 1292b4c192
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 34 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -4,6 +4,7 @@ All notable changes to this project will be documented in this file.
## [Unreleased] ## [Unreleased]
- Fix GCS2BQ (issue: 128) - Fix GCS2BQ (issue: 128)
- make VPC creation optional in `net-vpc` module to allow managing a pre-existing VPC
## [3.2.0] - 2020-08-29 ## [3.2.0] - 2020-08-29

1
modules/net-vpc/README.md
View File

@ -127,6 +127,7 @@ module "vpc-host" {
| *subnet_flow_logs* | Optional map of boolean to control flow logs (default is disabled), keyed by subnet 'region/name'. | <code title="map&#40;bool&#41;">map(bool)</code> | | <code title="">{}</code> | | *subnet_flow_logs* | Optional map of boolean to control flow logs (default is disabled), keyed by subnet 'region/name'. | <code title="map&#40;bool&#41;">map(bool)</code> | | <code title="">{}</code> |
| *subnet_private_access* | Optional map of boolean to control private Google access (default is enabled), keyed by subnet 'region/name'. | <code title="map&#40;bool&#41;">map(bool)</code> | | <code title="">{}</code> | | *subnet_private_access* | Optional map of boolean to control private Google access (default is enabled), keyed by subnet 'region/name'. | <code title="map&#40;bool&#41;">map(bool)</code> | | <code title="">{}</code> |
| *subnets* | The list of subnets being created | <code title="list&#40;object&#40;&#123;&#10;name &#61; string&#10;ip_cidr_range &#61; string&#10;name &#61; string&#10;region &#61; string&#10;secondary_ip_range &#61; map&#40;string&#41;&#10;&#125;&#41;&#41;">list(object({...}))</code> | | <code title="">[]</code> | | *subnets* | The list of subnets being created | <code title="list&#40;object&#40;&#123;&#10;name &#61; string&#10;ip_cidr_range &#61; string&#10;name &#61; string&#10;region &#61; string&#10;secondary_ip_range &#61; map&#40;string&#41;&#10;&#125;&#41;&#41;">list(object({...}))</code> | | <code title="">[]</code> |
| *vpc_create* | Create VPC. When set to false, uses a data source to reference existing VPC. | <code title="">bool</code> | | <code title="">true</code> |
## Outputs ## Outputs

34
modules/net-vpc/main.tf
View File

@ -66,9 +66,21 @@ locals {
for subnet in var.subnets : for subnet in var.subnets :
"${subnet.region}/${subnet.name}" => subnet "${subnet.region}/${subnet.name}" => subnet
} }
network = (
var.vpc_create
? try(google_compute_network.network.0, null)
: try(data.google_compute_network.network.0, null)
)
}
data "google_compute_network" "network" {
count = var.vpc_create ? 0 : 1
project = var.project_id
name = var.name
} }
resource "google_compute_network" "network" { resource "google_compute_network" "network" {
count = var.vpc_create ? 1 : 0
project = var.project_id project = var.project_id
name = var.name name = var.name
description = var.description description = var.description
@ -80,8 +92,8 @@ resource "google_compute_network" "network" {
resource "google_compute_network_peering" "local" { resource "google_compute_network_peering" "local" {
provider = google-beta provider = google-beta
count = var.peering_config == null ? 0 : 1 count = var.peering_config == null ? 0 : 1
name = "${google_compute_network.network.name}-${local.peer_network}" name = "${var.name}-${local.peer_network}"
network = google_compute_network.network.self_link network = local.network.self_link
peer_network = var.peering_config.peer_vpc_self_link peer_network = var.peering_config.peer_vpc_self_link
export_custom_routes = var.peering_config.export_routes export_custom_routes = var.peering_config.export_routes
import_custom_routes = var.peering_config.import_routes import_custom_routes = var.peering_config.import_routes
@ -90,9 +102,9 @@ resource "google_compute_network_peering" "local" {
resource "google_compute_network_peering" "remote" { resource "google_compute_network_peering" "remote" {
provider = google-beta provider = google-beta
count = var.peering_config == null ? 0 : 1 count = var.peering_config == null ? 0 : 1
name = "${local.peer_network}-${google_compute_network.network.name}" name = "${local.peer_network}-${var.name}"
network = var.peering_config.peer_vpc_self_link network = var.peering_config.peer_vpc_self_link
peer_network = google_compute_network.network.self_link peer_network = local.network.self_link
export_custom_routes = var.peering_config.import_routes export_custom_routes = var.peering_config.import_routes
import_custom_routes = var.peering_config.export_routes import_custom_routes = var.peering_config.export_routes
depends_on = [google_compute_network_peering.local] depends_on = [google_compute_network_peering.local]
@ -101,7 +113,7 @@ resource "google_compute_network_peering" "remote" {
resource "google_compute_shared_vpc_host_project" "shared_vpc_host" { resource "google_compute_shared_vpc_host_project" "shared_vpc_host" {
count = var.shared_vpc_host ? 1 : 0 count = var.shared_vpc_host ? 1 : 0
project = var.project_id project = var.project_id
depends_on = [google_compute_network.network] depends_on = [local.network]
} }
resource "google_compute_shared_vpc_service_project" "service_projects" { resource "google_compute_shared_vpc_service_project" "service_projects" {
@ -118,7 +130,7 @@ resource "google_compute_shared_vpc_service_project" "service_projects" {
resource "google_compute_subnetwork" "subnetwork" { resource "google_compute_subnetwork" "subnetwork" {
for_each = local.subnets for_each = local.subnets
project = var.project_id project = var.project_id
network = google_compute_network.network.name network = local.network.name
region = each.value.region region = each.value.region
name = each.value.name name = each.value.name
ip_cidr_range = each.value.ip_cidr_range ip_cidr_range = each.value.ip_cidr_range
@ -153,7 +165,7 @@ resource "google_compute_subnetwork_iam_binding" "binding" {
resource "google_compute_route" "gateway" { resource "google_compute_route" "gateway" {
for_each = local.routes_gateway for_each = local.routes_gateway
project = var.project_id project = var.project_id
network = google_compute_network.network.name network = local.network.name
name = "${var.name}-${each.key}" name = "${var.name}-${each.key}"
description = "Terraform-managed." description = "Terraform-managed."
dest_range = each.value.dest_range dest_range = each.value.dest_range
@ -165,7 +177,7 @@ resource "google_compute_route" "gateway" {
resource "google_compute_route" "ilb" { resource "google_compute_route" "ilb" {
for_each = local.routes_ilb for_each = local.routes_ilb
project = var.project_id project = var.project_id
network = google_compute_network.network.name network = local.network.name
name = "${var.name}-${each.key}" name = "${var.name}-${each.key}"
description = "Terraform-managed." description = "Terraform-managed."
dest_range = each.value.dest_range dest_range = each.value.dest_range
@ -177,7 +189,7 @@ resource "google_compute_route" "ilb" {
resource "google_compute_route" "instance" { resource "google_compute_route" "instance" {
for_each = local.routes_instance for_each = local.routes_instance
project = var.project_id project = var.project_id
network = google_compute_network.network.name network = local.network.name
name = "${var.name}-${each.key}" name = "${var.name}-${each.key}"
description = "Terraform-managed." description = "Terraform-managed."
dest_range = each.value.dest_range dest_range = each.value.dest_range
@ -191,7 +203,7 @@ resource "google_compute_route" "instance" {
resource "google_compute_route" "ip" { resource "google_compute_route" "ip" {
for_each = local.routes_ip for_each = local.routes_ip
project = var.project_id project = var.project_id
network = google_compute_network.network.name network = local.network.name
name = "${var.name}-${each.key}" name = "${var.name}-${each.key}"
description = "Terraform-managed." description = "Terraform-managed."
dest_range = each.value.dest_range dest_range = each.value.dest_range
@ -203,7 +215,7 @@ resource "google_compute_route" "ip" {
resource "google_compute_route" "vpn_tunnel" { resource "google_compute_route" "vpn_tunnel" {
for_each = local.routes_vpn_tunnel for_each = local.routes_vpn_tunnel
project = var.project_id project = var.project_id
network = google_compute_network.network.name network = local.network.name
name = "${var.name}-${each.key}" name = "${var.name}-${each.key}"
description = "Terraform-managed." description = "Terraform-managed."
dest_range = each.value.dest_range dest_range = each.value.dest_range

6
modules/net-vpc/outputs.tf
View File

@ -16,17 +16,17 @@
output "network" { output "network" {
description = "Network resource." description = "Network resource."
value = google_compute_network.network value = local.network
} }
output "name" { output "name" {
description = "The name of the VPC being created." description = "The name of the VPC being created."
value = google_compute_network.network.name value = local.network.name
} }
output "self_link" { output "self_link" {
description = "The URI of the VPC being created." description = "The URI of the VPC being created."
value = google_compute_network.network.self_link value = local.network.self_link
} }
output "project_id" { output "project_id" {

6
modules/net-vpc/variables.tf
View File

@ -143,3 +143,9 @@ variable "subnet_private_access" {
type = map(bool) type = map(bool)
default = {} default = {}
} }
variable "vpc_create" {
description = "Create VPC. When set to false, uses a data source to reference existing VPC."
type = bool
default = true
}