diff --git a/modules/gcve-private-cloud/README.md b/modules/gcve-private-cloud/README.md
index 93e9271e..a0feefdd 100644
--- a/modules/gcve-private-cloud/README.md
+++ b/modules/gcve-private-cloud/README.md
@@ -23,19 +23,19 @@ At the moment this module doesn't support the following use cases:
```hcl
module "gcve-pc" {
- source = "./fabric/modules/gcve-private-cloud"
- name = "gcve-pc"
- project_id = "gcve-test-project"
- zone = "europe-west8-a"
- cidr = "192.168.0.0/24"
+ source = "./fabric/modules/gcve-private-cloud"
+ name = "gcve-pc"
+ project_id = "gcve-test-project"
+ zone = "europe-west8-a"
+ cidr = "192.168.0.0/24"
private_connections = {
transit-conn1 = {
- name = "transit-conn1",
- network_self_link = "projects/test-prj-gcve-01/global/networks/default",
- peering_name = "servicenetworking-googleapis-com"
- type = "PRIVATE_SERVICE_ACCESS",
- routing_mode = "REGIONAL"
+ name = "transit-conn1"
+ network_self_link = "projects/test-prj-gcve-01/global/networks/default"
+ tenant_host_project = "g39a814990532d10ap-tp"
+ type = "PRIVATE_SERVICE_ACCESS"
+ routing_mode = "REGIONAL"
}
}
}
@@ -45,11 +45,11 @@ module "gcve-pc" {
```hcl
module "gcve-pc" {
- source = "./fabric/modules/gcve-private-cloud"
- name = "gcve-pc"
- project_id = "gcve-test-project"
- zone = "europe-west8-a"
- cidr = "192.168.0.0/24"
+ source = "./fabric/modules/gcve-private-cloud"
+ name = "gcve-pc"
+ project_id = "gcve-test-project"
+ zone = "europe-west8-a"
+ cidr = "192.168.0.0/24"
management_cluster_config = {
node_type_id = "standard-72"
@@ -59,11 +59,11 @@ module "gcve-pc" {
private_connections = {
transit-conn1 = {
- name = "transit-conn1",
- network_self_link = "projects/test-prj-gcve-01/global/networks/default",
- peering_name = "servicenetworking-googleapis-com"
- type = "PRIVATE_SERVICE_ACCESS",
- routing_mode = "REGIONAL"
+ name = "transit-conn1"
+ network_self_link = "projects/test-prj-gcve-01/global/networks/default"
+ tenant_host_project = "g39a814990532d10ap-tp"
+ type = "PRIVATE_SERVICE_ACCESS"
+ routing_mode = "REGIONAL"
}
}
}
@@ -76,13 +76,13 @@ module "gcve-pc" {
|---|---|:---:|:---:|:---:|
| [cidr](variables.tf#L23) | vSphere/vSAN subnets CIDR range. To undersatnd the limits, please refer to [GCVE network requirements](https://cloud.google.com/vmware-engine/docs/quickstart-networking-requirements). | string | ✓ | |
| [name](variables.tf#L43) | Private cloud name. | string | ✓ | |
-| [project_id](variables.tf#L76) | Project id. | string | ✓ | |
-| [zone](variables.tf#L93) | Private cloud zone. | string | ✓ | |
+| [project_id](variables.tf#L85) | Project id. | string | ✓ | |
+| [zone](variables.tf#L102) | Private cloud zone. | string | ✓ | |
| [description](variables.tf#L17) | Private cloud description. | string | | "Terraform-managed." |
| [management_cluster_config](variables.tf#L28) | Management cluster configuration. | object({…}) | | {…} |
-| [private_connections](variables.tf#L48) | VMWare private connections configuration. It is used to create the gcloud command printed as output. | map(object({…})) | | {} |
-| [vmw_network_create](variables.tf#L81) | Create the VMware Engine network. When set to false, it uses a data source to reference an existing VMware Engine network. | bool | | true |
-| [vmw_network_description](variables.tf#L87) | VMware Engine network description. | string | | "Terraform-managed." |
+| [private_connections](variables.tf#L48) | VMWare private connections configuration. It is used to create the gcloud command printed as output. | map(object({…})) | | {} |
+| [vmw_network_create](variables.tf#L90) | Create the VMware Engine network. When set to false, it uses a data source to reference an existing VMware Engine network. | bool | | true |
+| [vmw_network_description](variables.tf#L96) | VMware Engine network description. | string | | "Terraform-managed." |
## Outputs
@@ -96,5 +96,6 @@ module "gcve-pc" {
| [private-cloud](outputs.tf#L42) | The private cloud resource | |
| [private_connections_setup](outputs.tf#L47) | Cloud SDK commands for the private connections manual setup. | |
| [state](outputs.tf#L63) | Details about the state of the private cloud | |
+| [test](outputs.tf#L73) | | |
| [vcenter](outputs.tf#L68) | Details about a vCenter Server management appliance. | |
diff --git a/modules/gcve-private-cloud/main.tf b/modules/gcve-private-cloud/main.tf
index 875798d2..3235fb29 100644
--- a/modules/gcve-private-cloud/main.tf
+++ b/modules/gcve-private-cloud/main.tf
@@ -21,9 +21,10 @@ locals {
? try(google_vmwareengine_network.private-cloud-network.0, null)
: try(data.google_vmwareengine_network.private-cloud-network.0, null)
)
- psa_peering = {
- for k, v in data.google_compute_network_peering.psa_peering :
- k => regex("(.*)/projects/([a-z0-9-]*)/(.*)", "${v.peer_network}")[1]
+ tenant_host_project = {
+ for k, v in var.private_connections : k => v.tenant_host_project == null
+ ? regex("(.*)/projects/([a-z0-9-]*)/(.*)", "${data.google_compute_network_peering.psa_peering[k].peer_network}")[1]
+ : v.tenant_host_project
}
}
@@ -35,10 +36,8 @@ data "google_vmwareengine_network" "private-cloud-network" {
location = local.region
}
-#TO REMOVE?
-
data "google_compute_network_peering" "psa_peering" {
- for_each = var.private_connections
+ for_each = { for k, v in var.private_connections : k => v if v.tenant_host_project == null }
name = each.value.peering_name
network = each.value.network_self_link
}
diff --git a/modules/gcve-private-cloud/outputs.tf b/modules/gcve-private-cloud/outputs.tf
index ff60b349..76267f21 100644
--- a/modules/gcve-private-cloud/outputs.tf
+++ b/modules/gcve-private-cloud/outputs.tf
@@ -54,7 +54,7 @@ output "private_connections_setup" {
--vmware-engine-network=${local.region}-default \
--description="${v.description}" \
--routing-mode=${v.routing_mode} \
- --service-project=${local.psa_peering[k]} \
+ --service-project=${local.tenant_host_project[k]} \
--type=${v.type}
EOT
}
diff --git a/modules/gcve-private-cloud/variables.tf b/modules/gcve-private-cloud/variables.tf
index 1449476b..d81eb0b4 100644
--- a/modules/gcve-private-cloud/variables.tf
+++ b/modules/gcve-private-cloud/variables.tf
@@ -48,15 +48,24 @@ variable "name" {
variable "private_connections" {
description = "VMWare private connections configuration. It is used to create the gcloud command printed as output."
type = map(object({
- name = string
- network_self_link = string
- peering_name = string
- description = optional(string, "Terraform-managed.")
- type = optional(string, "PRIVATE_SERVICE_ACCESS")
- routing_mode = optional(string, "REGIONAL")
+ name = string
+ network_self_link = string
+ peering_name = optional(string)
+ tenant_host_project = optional(string)
+ description = optional(string, "Terraform-managed.")
+ type = optional(string, "PRIVATE_SERVICE_ACCESS")
+ routing_mode = optional(string, "REGIONAL")
}))
default = {}
nullable = false
+ validation {
+ condition = alltrue([
+ for k, v in var.private_connections :
+ (v.peering_name != null) != (v.tenant_host_project != null)
+ ]
+ )
+ error_message = "Both peering_name and tenant_host_project variables have been set. Only one variable is allowed."
+ }
validation {
condition = alltrue([
for r in var.private_connections :