Removed unused attribute in peer_gateway_config variable
This commit is contained in:
parent
b99fd17887
commit
22b661fe93
|
@ -31,7 +31,6 @@ resource "google_compute_external_vpn_gateway" "default" {
|
||||||
name = "peer-vpn-gateway"
|
name = "peer-vpn-gateway"
|
||||||
project = "myproject"
|
project = "myproject"
|
||||||
description = "Peer IPSec over Interconnect VPN gateway"
|
description = "Peer IPSec over Interconnect VPN gateway"
|
||||||
redundancy_type = "TWO_IPS_REDUNDANCY"
|
|
||||||
interface {
|
interface {
|
||||||
id = 0
|
id = 0
|
||||||
ip_address = "10.0.0.1"
|
ip_address = "10.0.0.1"
|
||||||
|
@ -58,7 +57,7 @@ module "vpngw-a" {
|
||||||
}
|
}
|
||||||
router_config = {
|
router_config = {
|
||||||
create = false
|
create = false
|
||||||
name = google_compute_router.encrypted-interconnect-overlay-router.id
|
name = google_compute_router.encrypted-interconnect-overlay-router.name
|
||||||
}
|
}
|
||||||
tunnels = {
|
tunnels = {
|
||||||
remote-0 = {
|
remote-0 = {
|
||||||
|
@ -102,7 +101,6 @@ module "vpngw-a" {
|
||||||
# tftest modules=1 resources=16
|
# tftest modules=1 resources=16
|
||||||
```
|
```
|
||||||
<!-- BEGIN TFDOC -->
|
<!-- BEGIN TFDOC -->
|
||||||
|
|
||||||
## Variables
|
## Variables
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|
@ -110,11 +108,11 @@ module "vpngw-a" {
|
||||||
| [interconnect_attachments](variables.tf#L17) | VLAN attachments used by the VPN Gateway. | <code title="object({ a = string b = string })">object({…})</code> | ✓ | |
|
| [interconnect_attachments](variables.tf#L17) | VLAN attachments used by the VPN Gateway. | <code title="object({ a = string b = string })">object({…})</code> | ✓ | |
|
||||||
| [name](variables.tf#L25) | Common name to identify the VPN Gateway. | <code>string</code> | ✓ | |
|
| [name](variables.tf#L25) | Common name to identify the VPN Gateway. | <code>string</code> | ✓ | |
|
||||||
| [network](variables.tf#L30) | The VPC name to which resources are associated to. | <code>string</code> | ✓ | |
|
| [network](variables.tf#L30) | The VPC name to which resources are associated to. | <code>string</code> | ✓ | |
|
||||||
| [peer_gateway_config](variables.tf#L35) | IP addresses for the external peer gateway. | <code title="object({ create = optional(bool, false) description = optional(string, "Terraform managed IPSec over Interconnect VPN gateway") name = optional(string, null) id = optional(string, null) redundancy_type = optional(string) interfaces = optional(list(string)) })">object({…})</code> | ✓ | |
|
| [peer_gateway_config](variables.tf#L35) | IP addresses for the external peer gateway. | <code title="object({ create = optional(bool, false) description = optional(string, "Terraform managed IPSec over Interconnect VPN gateway") name = optional(string, null) id = optional(string, null) interfaces = optional(list(string), []) })">object({…})</code> | ✓ | |
|
||||||
| [project_id](variables.tf#L55) | The project id. | <code>string</code> | ✓ | |
|
| [project_id](variables.tf#L54) | The project id. | <code>string</code> | ✓ | |
|
||||||
| [region](variables.tf#L60) | GCP Region. | <code>string</code> | ✓ | |
|
| [region](variables.tf#L59) | GCP Region. | <code>string</code> | ✓ | |
|
||||||
| [router_config](variables.tf#L65) | Cloud Router configuration for the VPN. If you want to reuse an existing router, set create to false and use name to specify the desired router. | <code title="object({ create = optional(bool, true) asn = optional(number) name = optional(string) keepalive = optional(number) custom_advertise = optional(object({ all_subnets = bool ip_ranges = map(string) })) })">object({…})</code> | ✓ | |
|
| [router_config](variables.tf#L64) | Cloud Router configuration for the VPN. If you want to reuse an existing router, set create to false and use name to specify the desired router. | <code title="object({ create = optional(bool, true) asn = optional(number) name = optional(string) keepalive = optional(number) custom_advertise = optional(object({ all_subnets = bool ip_ranges = map(string) })) })">object({…})</code> | ✓ | |
|
||||||
| [tunnels](variables.tf#L80) | VPN tunnel configurations. | <code title="map(object({ bgp_peer = object({ address = string asn = number route_priority = optional(number, 1000) custom_advertise = optional(object({ all_subnets = bool all_vpc_subnets = bool all_peer_vpc_subnets = bool ip_ranges = map(string) })) }) bgp_session_range = string ike_version = optional(number, 2) peer_external_gateway_interface = optional(number) peer_gateway_id = optional(string, "default") router = optional(string) shared_secret = optional(string) vpn_gateway_interface = number }))">map(object({…}))</code> | | <code>{}</code> |
|
| [tunnels](variables.tf#L79) | VPN tunnel configurations. | <code title="map(object({ bgp_peer = object({ address = string asn = number route_priority = optional(number, 1000) custom_advertise = optional(object({ all_subnets = bool all_vpc_subnets = bool all_peer_vpc_subnets = bool ip_ranges = map(string) })) }) bgp_session_range = string ike_version = optional(number, 2) peer_external_gateway_interface = optional(number) peer_gateway_id = optional(string, "default") router = optional(string) shared_secret = optional(string) vpn_gateway_interface = number }))">map(object({…}))</code> | | <code>{}</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
|
@ -128,5 +126,4 @@ module "vpngw-a" {
|
||||||
| [router_name](outputs.tf#L45) | Router name. | |
|
| [router_name](outputs.tf#L45) | Router name. | |
|
||||||
| [self_link](outputs.tf#L50) | HA VPN gateway self link. | |
|
| [self_link](outputs.tf#L50) | HA VPN gateway self link. | |
|
||||||
| [tunnels](outputs.tf#L55) | VPN tunnel resources. | |
|
| [tunnels](outputs.tf#L55) | VPN tunnel resources. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
@ -35,7 +35,7 @@ locals {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_ha_vpn_gateway" "default" {
|
resource "google_compute_ha_vpn_gateway" "default" {
|
||||||
name = var.name
|
name = "vpn-gw-${var.name}"
|
||||||
network = var.network
|
network = var.network
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
region = var.region
|
region = var.region
|
||||||
|
@ -51,10 +51,10 @@ resource "google_compute_ha_vpn_gateway" "default" {
|
||||||
|
|
||||||
resource "google_compute_external_vpn_gateway" "default" {
|
resource "google_compute_external_vpn_gateway" "default" {
|
||||||
count = var.peer_gateway_config.create ? 1 : 0
|
count = var.peer_gateway_config.create ? 1 : 0
|
||||||
name = var.name
|
name = coalesce(var.peer_gateway_config.name, "peer-vpn-gw-${var.name}")
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
description = var.peer_gateway_config.description
|
description = var.peer_gateway_config.description
|
||||||
redundancy_type = var.peer_gateway_config.redundancy_type
|
redundancy_type = length(var.peer_gateway_config.interfaces) == 2 ? "TWO_IPS_REDUNDANCY" : "SINGLE_IP_INTERNALLY_REDUNDANT"
|
||||||
dynamic "interface" {
|
dynamic "interface" {
|
||||||
for_each = var.peer_gateway_config.interfaces
|
for_each = var.peer_gateway_config.interfaces
|
||||||
content {
|
content {
|
||||||
|
@ -66,7 +66,7 @@ resource "google_compute_external_vpn_gateway" "default" {
|
||||||
|
|
||||||
resource "google_compute_router" "default" {
|
resource "google_compute_router" "default" {
|
||||||
count = var.router_config.create ? 1 : 0
|
count = var.router_config.create ? 1 : 0
|
||||||
name = coalesce(var.router_config.name, "vpn-${var.name}")
|
name = coalesce(var.router_config.name, "router-${var.name}")
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
region = var.region
|
region = var.region
|
||||||
network = var.network
|
network = var.network
|
||||||
|
|
|
@ -39,16 +39,15 @@ variable "peer_gateway_config" {
|
||||||
description = optional(string, "Terraform managed IPSec over Interconnect VPN gateway")
|
description = optional(string, "Terraform managed IPSec over Interconnect VPN gateway")
|
||||||
name = optional(string, null)
|
name = optional(string, null)
|
||||||
id = optional(string, null)
|
id = optional(string, null)
|
||||||
redundancy_type = optional(string)
|
interfaces = optional(list(string), [])
|
||||||
interfaces = optional(list(string))
|
|
||||||
})
|
})
|
||||||
|
nullable = false
|
||||||
validation {
|
validation {
|
||||||
condition = anytrue([
|
condition = anytrue([
|
||||||
var.peer_gateway_config.create == false && var.peer_gateway_config.id != null,
|
var.peer_gateway_config.create == false && var.peer_gateway_config.id != null,
|
||||||
var.peer_gateway_config.create == true && try(var.peer_gateway_config.redundancy_type, "") == "SINGLE_IP_INTERNALLY_REDUNDANT" && try(length(var.peer_gateway_config.interfaces) == 1, false),
|
var.peer_gateway_config.create == true && (try(length(var.peer_gateway_config.interfaces) == 1, false) || try(length(var.peer_gateway_config.interfaces) == 2, false))
|
||||||
var.peer_gateway_config.create == true && try(var.peer_gateway_config.redundancy_type, "") == "TWO_IPS_REDUNDANCY" && try(length(var.peer_gateway_config.interfaces) == 2, false),
|
|
||||||
])
|
])
|
||||||
error_message = "When using an existing gateway, an ID must be provided. SINGLE_IP_INTERNALLY_REDUNDANT requires exactly 1 interface, TWO_IPS_REDUNDANCY requires exactly 2."
|
error_message = "When using an existing gateway, an ID must be provided. When not, the gateway can have one or two interfaces."
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue