Adding support for NAT in Apigee
This commit is contained in:
parent
d36c53bbae
commit
6c33d34c28
|
@ -42,10 +42,12 @@ module "apigee" {
|
|||
}
|
||||
instances = {
|
||||
europe-west1 = {
|
||||
nat_required = true
|
||||
runtime_ip_cidr_range = "10.0.4.0/22"
|
||||
troubleshooting_ip_cidr_range = "10.1.1.0.0/28"
|
||||
}
|
||||
europe-west3 = {
|
||||
nat_required = false
|
||||
runtime_ip_cidr_range = "10.0.8.0/22"
|
||||
troubleshooting_ip_cidr_range = "10.1.16.0/28"
|
||||
}
|
||||
|
@ -179,13 +181,13 @@ module "apigee" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [project_id](variables.tf#L90) | Project ID. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L91) | Project ID. | <code>string</code> | ✓ | |
|
||||
| [addons_config](variables.tf#L17) | Addons configuration. | <code title="object({ advanced_api_ops = optional(bool, false) api_security = optional(bool, false) connectors_platform = optional(bool, false) integration = optional(bool, false) monetization = optional(bool, false) })">object({…})</code> | | <code>null</code> |
|
||||
| [endpoint_attachments](variables.tf#L29) | Endpoint attachments. | <code title="map(object({ region = string service_attachment = string }))">map(object({…}))</code> | | <code>null</code> |
|
||||
| [envgroups](variables.tf#L38) | Environment groups (NAME => [HOSTNAMES]). | <code>map(list(string))</code> | | <code>null</code> |
|
||||
| [environments](variables.tf#L44) | Environments. | <code title="map(object({ display_name = optional(string) description = optional(string, "Terraform-managed") deployment_type = optional(string) api_proxy_type = optional(string) node_config = optional(object({ min_node_count = optional(number) max_node_count = optional(number) })) iam = optional(map(list(string))) envgroups = optional(list(string)) regions = optional(list(string)) }))">map(object({…}))</code> | | <code>null</code> |
|
||||
| [instances](variables.tf#L62) | Instances ([REGION] => [INSTANCE]). | <code title="map(object({ display_name = optional(string) description = optional(string, "Terraform-managed") runtime_ip_cidr_range = string troubleshooting_ip_cidr_range = string disk_encryption_key = optional(string) consumer_accept_list = optional(list(string)) }))">map(object({…}))</code> | | <code>null</code> |
|
||||
| [organization](variables.tf#L75) | Apigee organization. If set to null the organization must already exist. | <code title="object({ display_name = optional(string) description = optional(string, "Terraform-managed") authorized_network = optional(string) runtime_type = optional(string, "CLOUD") billing_type = optional(string) database_encryption_key = optional(string) analytics_region = optional(string, "europe-west1") retention = optional(string) })">object({…})</code> | | <code>null</code> |
|
||||
| [instances](variables.tf#L62) | Instances ([REGION] => [INSTANCE]). | <code title="map(object({ display_name = optional(string) description = optional(string, "Terraform-managed") runtime_ip_cidr_range = string troubleshooting_ip_cidr_range = string disk_encryption_key = optional(string) consumer_accept_list = optional(list(string)) nat_required = optional(bool, false) }))">map(object({…}))</code> | | <code>null</code> |
|
||||
| [organization](variables.tf#L76) | Apigee organization. If set to null the organization must already exist. | <code title="object({ display_name = optional(string) description = optional(string, "Terraform-managed") authorized_network = optional(string) runtime_type = optional(string, "CLOUD") billing_type = optional(string) database_encryption_key = optional(string) analytics_region = optional(string, "europe-west1") retention = optional(string) })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
@ -194,9 +196,10 @@ module "apigee" {
|
|||
| [endpoint_attachment_hosts](outputs.tf#L17) | Endpoint hosts. | |
|
||||
| [envgroups](outputs.tf#L22) | Environment groups. | |
|
||||
| [environments](outputs.tf#L27) | Environment. | |
|
||||
| [instances](outputs.tf#L32) | Instances. | |
|
||||
| [org_id](outputs.tf#L37) | Organization ID. | |
|
||||
| [org_name](outputs.tf#L42) | Organization name. | |
|
||||
| [organization](outputs.tf#L47) | Organization. | |
|
||||
| [service_attachments](outputs.tf#L52) | Service attachments. | |
|
||||
| [instance_nat_ips](outputs.tf#L32) | NAT IP addresses used in instances. | |
|
||||
| [instances](outputs.tf#L37) | Instances. | |
|
||||
| [org_id](outputs.tf#L42) | Organization ID. | |
|
||||
| [org_name](outputs.tf#L47) | Organization name. | |
|
||||
| [organization](outputs.tf#L52) | Organization. | |
|
||||
| [service_attachments](outputs.tf#L57) | Service attachments. | |
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
@ -100,6 +100,16 @@ resource "google_apigee_instance" "instances" {
|
|||
consumer_accept_list = each.value.consumer_accept_list
|
||||
}
|
||||
|
||||
resource "google_apigee_nat_address" "apigee_nat" {
|
||||
for_each = {
|
||||
for instance_name, instance_config in local.instances :
|
||||
instance_name => instance_config.nat_required ? instance_config : null
|
||||
}
|
||||
|
||||
name = "nat-${each.key}"
|
||||
instance_id = google_apigee_instance.instances[each.key].id
|
||||
}
|
||||
|
||||
resource "google_apigee_instance_attachment" "instance_attachments" {
|
||||
for_each = merge(concat([for k1, v1 in local.environments : {
|
||||
for v2 in coalesce(v1.regions, []) :
|
||||
|
|
|
@ -29,6 +29,11 @@ output "environments" {
|
|||
value = try(google_apigee_environment.environments, null)
|
||||
}
|
||||
|
||||
output "instance_nat_ips" {
|
||||
description = "NAT IP addresses used in instances."
|
||||
value = try(google_apigee_nat_address.apigee_nat, null)
|
||||
}
|
||||
|
||||
output "instances" {
|
||||
description = "Instances."
|
||||
value = try(google_apigee_instance.instances, null)
|
||||
|
@ -52,4 +57,4 @@ output "organization" {
|
|||
output "service_attachments" {
|
||||
description = "Service attachments."
|
||||
value = { for k, v in google_apigee_instance.instances : k => v.service_attachment }
|
||||
}
|
||||
}
|
|
@ -68,6 +68,7 @@ variable "instances" {
|
|||
troubleshooting_ip_cidr_range = string
|
||||
disk_encryption_key = optional(string)
|
||||
consumer_accept_list = optional(list(string))
|
||||
nat_required = optional(bool, false)
|
||||
}))
|
||||
default = null
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue