parent
11d7edac64
commit
4ed738688a
|
@ -13,7 +13,7 @@ This example shows how to create a policy with a single rule, that directs a spe
|
|||
```hcl
|
||||
module "dns-policy" {
|
||||
source = "./fabric/modules/dns-response-policy"
|
||||
project_id = "myproject"
|
||||
project_id = var.project_id
|
||||
name = "googleapis"
|
||||
networks = {
|
||||
landing = var.vpc.self_link
|
||||
|
@ -29,7 +29,7 @@ module "dns-policy" {
|
|||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2 inventory=simple.yaml
|
||||
# tftest modules=1 resources=2 inventory=simple.yaml e2e
|
||||
```
|
||||
|
||||
### Use existing policy and override resolution via wildcard with exceptions
|
||||
|
@ -39,8 +39,8 @@ This example shows how to create a policy with a single rule, that directs all G
|
|||
```hcl
|
||||
module "dns-policy" {
|
||||
source = "./fabric/modules/dns-response-policy"
|
||||
project_id = "myproject"
|
||||
name = "googleapis"
|
||||
project_id = var.project_id
|
||||
name = module.dns-response-policy.name
|
||||
policy_create = false
|
||||
networks = {
|
||||
landing = var.vpc.self_link
|
||||
|
@ -80,7 +80,7 @@ module "dns-policy" {
|
|||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=4 inventory=complex.yaml
|
||||
# tftest modules=2 resources=5 fixtures=fixtures/dns-response-policy.tf inventory=complex.yaml e2e
|
||||
```
|
||||
|
||||
### Define policy rules via a factory file
|
||||
|
@ -90,15 +90,15 @@ This example shows how to define rules in a factory file, that mirrors the rules
|
|||
```hcl
|
||||
module "dns-policy" {
|
||||
source = "./fabric/modules/dns-response-policy"
|
||||
project_id = "myproject"
|
||||
name = "googleapis"
|
||||
project_id = var.project_id
|
||||
name = module.dns-response-policy.name
|
||||
policy_create = false
|
||||
networks = {
|
||||
landing = var.vpc.self_link
|
||||
}
|
||||
rules_file = "config/rules.yaml"
|
||||
}
|
||||
# tftest modules=1 resources=4 files=rules-file inventory=complex.yaml
|
||||
# tftest modules=2 resources=5 files=rules-file fixtures=fixtures/dns-response-policy.tf inventory=complex.yaml e2e
|
||||
```
|
||||
|
||||
```yaml
|
||||
|
@ -129,7 +129,6 @@ restricted:
|
|||
# tftest-file id=rules-file path=config/rules.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|
@ -151,4 +150,7 @@ restricted:
|
|||
| [name](outputs.tf#L22) | Policy name. | |
|
||||
| [policy](outputs.tf#L27) | Policy resource. | |
|
||||
|
||||
## Fixtures
|
||||
|
||||
- [dns-response-policy.tf](../../tests/fixtures/dns-response-policy.tf)
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
# Copyright 2024 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
module "dns-response-policy" {
|
||||
source = "./fabric/modules/dns-response-policy"
|
||||
project_id = var.project_id
|
||||
name = "googleapis"
|
||||
networks = {
|
||||
landing = var.vpc.self_link
|
||||
}
|
||||
}
|
|
@ -17,27 +17,27 @@ values:
|
|||
behavior: null
|
||||
dns_name: gcr.io.
|
||||
local_data:
|
||||
- local_datas:
|
||||
- name: gcr.io.
|
||||
rrdatas:
|
||||
- restricted.googleapis.com.
|
||||
ttl: null
|
||||
type: CNAME
|
||||
project: myproject
|
||||
- local_datas:
|
||||
- name: gcr.io.
|
||||
rrdatas:
|
||||
- restricted.googleapis.com.
|
||||
ttl: null
|
||||
type: CNAME
|
||||
project: project-id
|
||||
response_policy: googleapis
|
||||
rule_name: gcr
|
||||
timeouts: null
|
||||
module.dns-policy.google_dns_response_policy_rule.default["googleapis-all"]:
|
||||
behavior: null
|
||||
dns_name: "*.googleapis.com."
|
||||
dns_name: '*.googleapis.com.'
|
||||
local_data:
|
||||
- local_datas:
|
||||
- name: "*.googleapis.com."
|
||||
rrdatas:
|
||||
- restricted.googleapis.com.
|
||||
ttl: null
|
||||
type: CNAME
|
||||
project: myproject
|
||||
- local_datas:
|
||||
- name: '*.googleapis.com.'
|
||||
rrdatas:
|
||||
- restricted.googleapis.com.
|
||||
ttl: null
|
||||
type: CNAME
|
||||
project: project-id
|
||||
response_policy: googleapis
|
||||
rule_name: googleapis-all
|
||||
timeouts: null
|
||||
|
@ -45,7 +45,7 @@ values:
|
|||
behavior: bypassResponsePolicy
|
||||
dns_name: pubsub.googleapis.com.
|
||||
local_data: []
|
||||
project: myproject
|
||||
project: project-id
|
||||
response_policy: googleapis
|
||||
rule_name: pubsub
|
||||
timeouts: null
|
||||
|
@ -53,23 +53,22 @@ values:
|
|||
behavior: null
|
||||
dns_name: restricted.googleapis.com.
|
||||
local_data:
|
||||
- local_datas:
|
||||
- name: restricted.googleapis.com.
|
||||
rrdatas:
|
||||
- 199.36.153.4
|
||||
- 199.36.153.5
|
||||
- 199.36.153.6
|
||||
- 199.36.153.7
|
||||
ttl: null
|
||||
type: A
|
||||
project: myproject
|
||||
- local_datas:
|
||||
- name: restricted.googleapis.com.
|
||||
rrdatas:
|
||||
- 199.36.153.4
|
||||
- 199.36.153.5
|
||||
- 199.36.153.6
|
||||
- 199.36.153.7
|
||||
ttl: null
|
||||
type: A
|
||||
project: project-id
|
||||
response_policy: googleapis
|
||||
rule_name: restricted
|
||||
timeouts: null
|
||||
|
||||
counts:
|
||||
google_dns_response_policy: 1
|
||||
google_dns_response_policy_rule: 4
|
||||
modules: 1
|
||||
resources: 4
|
||||
|
||||
outputs: {}
|
||||
modules: 2
|
||||
resources: 5
|
|
@ -17,7 +17,7 @@ values:
|
|||
gke_clusters: []
|
||||
networks:
|
||||
- network_url: projects/xxx/global/networks/aaa
|
||||
project: myproject
|
||||
project: project-id
|
||||
response_policy_name: googleapis
|
||||
module.dns-policy.google_dns_response_policy_rule.default["pubsub"]:
|
||||
behavior: null
|
||||
|
@ -30,7 +30,7 @@ values:
|
|||
- 199.36.153.5
|
||||
ttl: null
|
||||
type: A
|
||||
project: myproject
|
||||
project: project-id
|
||||
response_policy: googleapis
|
||||
rule_name: pubsub
|
||||
|
||||
|
|
Loading…
Reference in New Issue