Merge pull request #638 from GoogleCloudPlatform/shield-for-templates
Add shielded_instance_config support for compute instance template
This commit is contained in:
commit
770f739dad
|
@ -12,6 +12,7 @@ All notable changes to this project will be documented in this file.
|
||||||
- add support for [Private Service Connect](https://cloud.google.com/vpc/docs/private-service-connect#psc-subnets) and [Proxy-only](https://cloud.google.com/load-balancing/docs/proxy-only-subnets) subnets to `net-vpc` module
|
- add support for [Private Service Connect](https://cloud.google.com/vpc/docs/private-service-connect#psc-subnets) and [Proxy-only](https://cloud.google.com/load-balancing/docs/proxy-only-subnets) subnets to `net-vpc` module
|
||||||
- bump Google provider versions to `>= 4.17.0`
|
- bump Google provider versions to `>= 4.17.0`
|
||||||
- bump Terraform version to `>= 1.1.0`
|
- bump Terraform version to `>= 1.1.0`
|
||||||
|
- add `shielded_instance_config` support for instance template on `compute-vm` module
|
||||||
|
|
||||||
**FAST**
|
**FAST**
|
||||||
|
|
||||||
|
|
|
@ -348,6 +348,16 @@ resource "google_compute_instance_template" "default" {
|
||||||
scopes = local.service_account_scopes
|
scopes = local.service_account_scopes
|
||||||
}
|
}
|
||||||
|
|
||||||
|
dynamic "shielded_instance_config" {
|
||||||
|
for_each = var.shielded_config != null ? [var.shielded_config] : []
|
||||||
|
iterator = config
|
||||||
|
content {
|
||||||
|
enable_secure_boot = config.value.enable_secure_boot
|
||||||
|
enable_vtpm = config.value.enable_vtpm
|
||||||
|
enable_integrity_monitoring = config.value.enable_integrity_monitoring
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
lifecycle {
|
lifecycle {
|
||||||
create_before_destroy = true
|
create_before_destroy = true
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue