Reuse existing logic to create default routes
This commit is contained in:
parent
7a91a7e41c
commit
1e8c58c88e
|
@ -460,7 +460,7 @@ module "vpc" {
|
||||||
| [name](variables.tf#L84) | The name of the network being created. | <code>string</code> | ✓ | |
|
| [name](variables.tf#L84) | The name of the network being created. | <code>string</code> | ✓ | |
|
||||||
| [project_id](variables.tf#L100) | The ID of the project where this VPC will be created. | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L100) | The ID of the project where this VPC will be created. | <code>string</code> | ✓ | |
|
||||||
| [auto_create_subnetworks](variables.tf#L17) | Set to true to create an auto mode subnet, defaults to custom mode. | <code>bool</code> | | <code>false</code> |
|
| [auto_create_subnetworks](variables.tf#L17) | Set to true to create an auto mode subnet, defaults to custom mode. | <code>bool</code> | | <code>false</code> |
|
||||||
| [create_default_routes](variables.tf#L23) | Toggle creation of googleapis private/restricted routes. | <code title="object({ private = optional(bool, true) private6 = optional(bool, false) restricted = optional(bool, true) restricted6 = optional(bool, false) })">object({…})</code> | | <code>{}</code> |
|
| [create_default_routes](variables.tf#L23) | Toggle creation of googleapis private/restricted routes. | <code title="object({ private = optional(bool, true) private-6 = optional(bool, false) restricted = optional(bool, true) restricted-6 = optional(bool, false) })">object({…})</code> | | <code>{}</code> |
|
||||||
| [data_folder](variables.tf#L35) | An optional folder containing the subnet configurations in YaML format. | <code>string</code> | | <code>null</code> |
|
| [data_folder](variables.tf#L35) | An optional folder containing the subnet configurations in YaML format. | <code>string</code> | | <code>null</code> |
|
||||||
| [delete_default_routes_on_create](variables.tf#L41) | Set to true to delete the default routes at creation time. | <code>bool</code> | | <code>false</code> |
|
| [delete_default_routes_on_create](variables.tf#L41) | Set to true to delete the default routes at creation time. | <code>bool</code> | | <code>false</code> |
|
||||||
| [description](variables.tf#L47) | An optional description of this resource (triggers recreation on change). | <code>string</code> | | <code>"Terraform-managed."</code> |
|
| [description](variables.tf#L47) | An optional description of this resource (triggers recreation on change). | <code>string</code> | | <code>"Terraform-managed."</code> |
|
||||||
|
|
|
@ -17,7 +17,23 @@
|
||||||
# tfdoc:file:description Route resources.
|
# tfdoc:file:description Route resources.
|
||||||
|
|
||||||
locals {
|
locals {
|
||||||
_routes = var.routes == null ? {} : var.routes
|
_googleapis_ranges = {
|
||||||
|
private = "199.36.153.8/30"
|
||||||
|
private-6 = "2600:2d00:0002:2000::/64"
|
||||||
|
restricted = "199.36.153.4/30"
|
||||||
|
restricted-6 = "2600:2d00:0002:1000::/64"
|
||||||
|
}
|
||||||
|
_googleapis_routes = {
|
||||||
|
for k, v in local._googleapis_ranges : "${k}-googleapis" => {
|
||||||
|
dest_range = v
|
||||||
|
next_hop = "default-internet-gateway"
|
||||||
|
next_hop_type = "gateway"
|
||||||
|
priority = 1000
|
||||||
|
tags = null
|
||||||
|
}
|
||||||
|
if var.create_default_routes[k]
|
||||||
|
}
|
||||||
|
_routes = merge(local._googleapis_routes, coalesce(var.routes, {}))
|
||||||
routes = {
|
routes = {
|
||||||
gateway = { for k, v in local._routes : k => v if v.next_hop_type == "gateway" }
|
gateway = { for k, v in local._routes : k => v if v.next_hop_type == "gateway" }
|
||||||
ilb = { for k, v in local._routes : k => v if v.next_hop_type == "ilb" }
|
ilb = { for k, v in local._routes : k => v if v.next_hop_type == "ilb" }
|
||||||
|
@ -88,43 +104,3 @@ resource "google_compute_route" "vpn_tunnel" {
|
||||||
tags = each.value.tags
|
tags = each.value.tags
|
||||||
next_hop_vpn_tunnel = each.value.next_hop
|
next_hop_vpn_tunnel = each.value.next_hop
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_route" "private" {
|
|
||||||
count = var.create_default_routes.private ? 1 : 0
|
|
||||||
project = var.project_id
|
|
||||||
network = local.network.name
|
|
||||||
name = "private-googleapis-default"
|
|
||||||
description = "Terraform-managed."
|
|
||||||
dest_range = "199.36.153.8/30"
|
|
||||||
next_hop_gateway = "default-internet-gateway"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "google_compute_route" "private6" {
|
|
||||||
count = var.create_default_routes.private6 ? 1 : 0
|
|
||||||
project = var.project_id
|
|
||||||
network = local.network.name
|
|
||||||
name = "private6-googleapis-default"
|
|
||||||
description = "Terraform-managed."
|
|
||||||
dest_range = "2600:2d00:0002:2000::/64"
|
|
||||||
next_hop_gateway = "default-internet-gateway"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "google_compute_route" "restricted" {
|
|
||||||
count = var.create_default_routes.restricted ? 1 : 0
|
|
||||||
project = var.project_id
|
|
||||||
network = local.network.name
|
|
||||||
name = "restricted-googleapis-default"
|
|
||||||
description = "Terraform-managed."
|
|
||||||
dest_range = "199.36.153.4/30"
|
|
||||||
next_hop_gateway = "default-internet-gateway"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "google_compute_route" "restricted6" {
|
|
||||||
count = var.create_default_routes.restricted6 ? 1 : 0
|
|
||||||
project = var.project_id
|
|
||||||
network = local.network.name
|
|
||||||
name = "restricted6-googleapis-default"
|
|
||||||
description = "Terraform-managed."
|
|
||||||
dest_range = "2600:2d00:0002:1000::/64"
|
|
||||||
next_hop_gateway = "default-internet-gateway"
|
|
||||||
}
|
|
||||||
|
|
|
@ -23,10 +23,10 @@ variable "auto_create_subnetworks" {
|
||||||
variable "create_default_routes" {
|
variable "create_default_routes" {
|
||||||
description = "Toggle creation of googleapis private/restricted routes."
|
description = "Toggle creation of googleapis private/restricted routes."
|
||||||
type = object({
|
type = object({
|
||||||
private = optional(bool, true)
|
private = optional(bool, true)
|
||||||
private6 = optional(bool, false)
|
private-6 = optional(bool, false)
|
||||||
restricted = optional(bool, true)
|
restricted = optional(bool, true)
|
||||||
restricted6 = optional(bool, false)
|
restricted-6 = optional(bool, false)
|
||||||
})
|
})
|
||||||
default = {}
|
default = {}
|
||||||
nullable = false
|
nullable = false
|
||||||
|
|
Loading…
Reference in New Issue