Reuse existing logic to create default routes

modules/net-vpc/README.md

@@ -460,7 +460,7 @@ module "vpc" {
 | [name](variables.tf#L84) | The name of the network being created. | <code>string</code> | ✓ |  |
 | [project_id](variables.tf#L100) | The ID of the project where this VPC will be created. | <code>string</code> | ✓ |  |
 | [auto_create_subnetworks](variables.tf#L17) | Set to true to create an auto mode subnet, defaults to custom mode. | <code>bool</code> |  | <code>false</code> |
-| [create_default_routes](variables.tf#L23) | Toggle creation of googleapis private/restricted routes. | <code title="object&#40;&#123;&#10;  private     &#61; optional&#40;bool, true&#41;&#10;  private6    &#61; optional&#40;bool, false&#41;&#10;  restricted  &#61; optional&#40;bool, true&#41;&#10;  restricted6 &#61; optional&#40;bool, false&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> |  | <code>&#123;&#125;</code> |
+| [create_default_routes](variables.tf#L23) | Toggle creation of googleapis private/restricted routes. | <code title="object&#40;&#123;&#10;  private      &#61; optional&#40;bool, true&#41;&#10;  private-6    &#61; optional&#40;bool, false&#41;&#10;  restricted   &#61; optional&#40;bool, true&#41;&#10;  restricted-6 &#61; optional&#40;bool, false&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> |  | <code>&#123;&#125;</code> |
 | [data_folder](variables.tf#L35) | An optional folder containing the subnet configurations in YaML format. | <code>string</code> |  | <code>null</code> |
 | [delete_default_routes_on_create](variables.tf#L41) | Set to true to delete the default routes at creation time. | <code>bool</code> |  | <code>false</code> |
 | [description](variables.tf#L47) | An optional description of this resource (triggers recreation on change). | <code>string</code> |  | <code>&#34;Terraform-managed.&#34;</code> |

modules/net-vpc/routes.tf

@@ -17,7 +17,23 @@
 # tfdoc:file:description Route resources.
 
 locals {
-  _routes = var.routes == null ? {} : var.routes
+  _googleapis_ranges = {
+    private      = "199.36.153.8/30"
+    private-6    = "2600:2d00:0002:2000::/64"
+    restricted   = "199.36.153.4/30"
+    restricted-6 = "2600:2d00:0002:1000::/64"
+  }
+  _googleapis_routes = {
+    for k, v in local._googleapis_ranges : "${k}-googleapis" => {
+      dest_range    = v
+      next_hop      = "default-internet-gateway"
+      next_hop_type = "gateway"
+      priority      = 1000
+      tags          = null
+    }
+    if var.create_default_routes[k]
+  }
+  _routes = merge(local._googleapis_routes, coalesce(var.routes, {}))
   routes = {
     gateway    = { for k, v in local._routes : k => v if v.next_hop_type == "gateway" }
     ilb        = { for k, v in local._routes : k => v if v.next_hop_type == "ilb" }
@@ -88,43 +104,3 @@ resource "google_compute_route" "vpn_tunnel" {
   tags                = each.value.tags
   next_hop_vpn_tunnel = each.value.next_hop
 }
-
-resource "google_compute_route" "private" {
-  count            = var.create_default_routes.private ? 1 : 0
-  project          = var.project_id
-  network          = local.network.name
-  name             = "private-googleapis-default"
-  description      = "Terraform-managed."
-  dest_range       = "199.36.153.8/30"
-  next_hop_gateway = "default-internet-gateway"
-}
-
-resource "google_compute_route" "private6" {
-  count            = var.create_default_routes.private6 ? 1 : 0
-  project          = var.project_id
-  network          = local.network.name
-  name             = "private6-googleapis-default"
-  description      = "Terraform-managed."
-  dest_range       = "2600:2d00:0002:2000::/64"
-  next_hop_gateway = "default-internet-gateway"
-}
-
-resource "google_compute_route" "restricted" {
-  count            = var.create_default_routes.restricted ? 1 : 0
-  project          = var.project_id
-  network          = local.network.name
-  name             = "restricted-googleapis-default"
-  description      = "Terraform-managed."
-  dest_range       = "199.36.153.4/30"
-  next_hop_gateway = "default-internet-gateway"
-}
-
-resource "google_compute_route" "restricted6" {
-  count            = var.create_default_routes.restricted6 ? 1 : 0
-  project          = var.project_id
-  network          = local.network.name
-  name             = "restricted6-googleapis-default"
-  description      = "Terraform-managed."
-  dest_range       = "2600:2d00:0002:1000::/64"
-  next_hop_gateway = "default-internet-gateway"
-}

modules/net-vpc/variables.tf

@@ -23,10 +23,10 @@ variable "auto_create_subnetworks" {
 variable "create_default_routes" {
   description = "Toggle creation of googleapis private/restricted routes."
   type = object({
-    private     = optional(bool, true)
-    private6    = optional(bool, false)
-    restricted  = optional(bool, true)
-    restricted6 = optional(bool, false)
+    private      = optional(bool, true)
+    private-6    = optional(bool, false)
+    restricted   = optional(bool, true)
+    restricted-6 = optional(bool, false)
   })
   default  = {}
   nullable = false