Add service project configuration options to project module (#142)
This commit is contained in:
Julio Castillo
GitHub
parent
f2c80e17f1
commit
5fd8720c7a
|
|
@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file.
|
|||
|
||||
- add support for logging and better type for the `retention_policies` variable in `gcs` module
|
||||
- **incompatible change** deprecate bucket_policy_only in favor of uniform_bucket_level_access in `gcs` module
|
||||
- **incompatible change** allow project module to configure itself as both shared VPC service and host project
|
||||
|
||||
## [3.3.0] - 2020-09-01
|
||||
|
||||
|
|
|
|||
|
|
@ -103,7 +103,8 @@ module "project" {
|
|||
| *project_create* | Create project. When set to false, uses a data source to reference existing project. | <code title="">bool</code> | | <code title="">true</code> |
|
||||
| *service_config* | Configure service API activation. | <code title="object({ disable_on_destroy = bool disable_dependent_services = bool })">object({...})</code> | | <code title="{ disable_on_destroy = true disable_dependent_services = true }">...</code> |
|
||||
| *services* | Service APIs to enable. | <code title="list(string)">list(string)</code> | | <code title="">[]</code> |
|
||||
| *shared_vpc_config* | Configure Shared VPC for project. | <code title="object({ enabled = bool service_projects = list(string) })">object({...})</code> | | <code title="{ enabled = false service_projects = [] }">...</code> |
|
||||
| *shared_vpc_host_config* | Configures this project as a Shared VPC host project (mutually exclusive with shared_vpc_service_project). | <code title="object({ enabled = bool service_projects = list(string) })">object({...})</code> | | <code title="{ enabled = false service_projects = [] }">...</code> |
|
||||
| *shared_vpc_service_config* | Configures this project as a Shared VPC service project (mutually exclusive with shared_vpc_host_config). | <code title="object({ attach = bool host_project = string })">object({...})</code> | | <code title="{ attach = false host_project = "" }">...</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
|||
|
|
@ -214,17 +214,23 @@ resource "google_project_organization_policy" "list" {
|
|||
}
|
||||
|
||||
resource "google_compute_shared_vpc_host_project" "shared_vpc_host" {
|
||||
count = try(var.shared_vpc_config.enabled, false) ? 1 : 0
|
||||
count = try(var.shared_vpc_host_config.enabled, false) ? 1 : 0
|
||||
project = local.project.project_id
|
||||
}
|
||||
|
||||
resource "google_compute_shared_vpc_service_project" "service_projects" {
|
||||
for_each = (
|
||||
try(var.shared_vpc_config.enabled, false)
|
||||
? toset(var.shared_vpc_config.service_projects)
|
||||
try(var.shared_vpc_host_config.enabled, false)
|
||||
? toset(coalesce(var.shared_vpc_host_config.service_projects, []))
|
||||
: toset([])
|
||||
)
|
||||
host_project = local.project.project_id
|
||||
service_project = each.value
|
||||
depends_on = [google_compute_shared_vpc_host_project.shared_vpc_host]
|
||||
}
|
||||
|
||||
resource "google_compute_shared_vpc_service_project" "shared_vpc_service" {
|
||||
count = try(var.shared_vpc_service_config.attach, false) ? 1 : 0
|
||||
host_project = var.shared_vpc_service_config.host_project
|
||||
service_project = local.project.project_id
|
||||
}
|
||||
|
|
|
|||
|
|
@ -139,8 +139,8 @@ variable "service_config" {
|
|||
}
|
||||
}
|
||||
|
||||
variable "shared_vpc_config" {
|
||||
description = "Configure Shared VPC for project."
|
||||
variable "shared_vpc_host_config" {
|
||||
description = "Configures this project as a Shared VPC host project (mutually exclusive with shared_vpc_service_project)."
|
||||
type = object({
|
||||
enabled = bool
|
||||
service_projects = list(string)
|
||||
|
|
@ -150,3 +150,15 @@ variable "shared_vpc_config" {
|
|||
service_projects = []
|
||||
}
|
||||
}
|
||||
|
||||
variable "shared_vpc_service_config" {
|
||||
description = "Configures this project as a Shared VPC service project (mutually exclusive with shared_vpc_host_config)."
|
||||
type = object({
|
||||
attach = bool
|
||||
host_project = string
|
||||
})
|
||||
default = {
|
||||
attach = false
|
||||
host_project = ""
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ module "project-host" {
|
|||
prefix = var.prefix
|
||||
name = "net"
|
||||
services = concat(var.project_services, ["dns.googleapis.com"])
|
||||
shared_vpc_config = {
|
||||
shared_vpc_host_config = {
|
||||
enabled = true
|
||||
service_projects = [
|
||||
module.project-svc-gce.project_id,
|
||||
|
|
|
|||
Loading…
Reference in New Issue