optional description for the gateway security policy - separately
This commit is contained in:
parent
fde498800c
commit
915f09461e
|
@ -171,18 +171,19 @@ module "secure-web-proxy" {
|
|||
|---|---|:---:|:---:|:---:|
|
||||
| [addresses](variables.tf#L19) | One or more IP addresses to be used for Secure Web Proxy. | <code></code> | ✓ | |
|
||||
| [certificates](variables.tf#L27) | List of certificates to be used for Secure Web Proxy. | <code>list(string)</code> | ✓ | |
|
||||
| [name](variables.tf#L50) | Name of the Secure Web Proxy resource. | <code>string</code> | ✓ | |
|
||||
| [network](variables.tf#L55) | Name of the network the Secure Web Proxy is deployed into. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L119) | Project id of the project that holds the network. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L124) | Region where resources will be created. | <code>string</code> | ✓ | |
|
||||
| [subnetwork](variables.tf#L135) | Name of the subnetwork the Secure Web Proxy is deployed into. | <code>string</code> | ✓ | |
|
||||
| [name](variables.tf#L56) | Name of the Secure Web Proxy resource. | <code>string</code> | ✓ | |
|
||||
| [network](variables.tf#L61) | Name of the network the Secure Web Proxy is deployed into. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L125) | Project id of the project that holds the network. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L130) | Region where resources will be created. | <code>string</code> | ✓ | |
|
||||
| [subnetwork](variables.tf#L141) | Name of the subnetwork the Secure Web Proxy is deployed into. | <code>string</code> | ✓ | |
|
||||
| [delete_swg_autogen_router_on_destroy](variables.tf#L32) | Delete automatically provisioned Cloud Router on destroy. | <code>bool</code> | | <code>true</code> |
|
||||
| [description](variables.tf#L38) | Optional description for the SWG. | <code>string</code> | | <code>"Managed by Terraform."</code> |
|
||||
| [labels](variables.tf#L44) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [policy_rules](variables.tf#L60) | List of policy rule definitions, default to allow action. Available keys: secure_tags, url_lists, custom. URL lists that only have values set will be created. | <code title="object({ secure_tags = optional(map(object({ tag = string session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) description = optional(string, "Managed by Terraform.") })), {}) url_lists = optional(map(object({ url_list = string values = optional(list(string)) session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) description = optional(string, "Managed by Terraform.") })), {}) custom = optional(map(object({ session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) description = optional(string, "Managed by Terraform.") })), {}) })">object({…})</code> | | <code>{}</code> |
|
||||
| [ports](variables.tf#L113) | Ports to use for Secure Web Proxy. | <code>list(number)</code> | | <code>[443]</code> |
|
||||
| [scope](variables.tf#L129) | Scope determines how configuration across multiple Gateway instances are merged. | <code>string</code> | | <code>null</code> |
|
||||
| [tls_inspection_config](variables.tf#L140) | TLS inspection configuration. | <code title="object({ ca_pool = string exclude_public_ca_set = optional(bool, false) gateway_description = optional(string, "Managed by Terraform.") tls_description = optional(string, "Managed by Terraform.") })">object({…})</code> | | <code>null</code> |
|
||||
| [gateway_security_policy_description](variables.tf#L44) | Optional description for the gateway security policy. | <code>string</code> | | <code>"Managed by Terraform."</code> |
|
||||
| [labels](variables.tf#L50) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [policy_rules](variables.tf#L66) | List of policy rule definitions, default to allow action. Available keys: secure_tags, url_lists, custom. URL lists that only have values set will be created. | <code title="object({ secure_tags = optional(map(object({ tag = string session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) description = optional(string, "Managed by Terraform.") })), {}) url_lists = optional(map(object({ url_list = string values = optional(list(string)) session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) description = optional(string, "Managed by Terraform.") })), {}) custom = optional(map(object({ session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) description = optional(string, "Managed by Terraform.") })), {}) })">object({…})</code> | | <code>{}</code> |
|
||||
| [ports](variables.tf#L119) | Ports to use for Secure Web Proxy. | <code>list(number)</code> | | <code>[443]</code> |
|
||||
| [scope](variables.tf#L135) | Scope determines how configuration across multiple Gateway instances are merged. | <code>string</code> | | <code>null</code> |
|
||||
| [tls_inspection_config](variables.tf#L146) | TLS inspection configuration. | <code title="object({ ca_pool = optional(string, null) exclude_public_ca_set = optional(bool, false) description = optional(string, "Managed by Terraform.") })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
@ -23,7 +23,7 @@ resource "google_network_security_gateway_security_policy" "policy" {
|
|||
project = var.project_id
|
||||
name = var.name
|
||||
location = var.region
|
||||
description = var.tls_inspection_config != null ? var.tls_inspection_config.gateway_description : null
|
||||
description = var.gateway_security_policy_description
|
||||
tls_inspection_policy = var.tls_inspection_config != null ? google_network_security_tls_inspection_policy.tls-policy.0.id : null
|
||||
}
|
||||
|
||||
|
@ -33,7 +33,7 @@ resource "google_network_security_tls_inspection_policy" "tls-policy" {
|
|||
project = var.project_id
|
||||
name = var.name
|
||||
location = var.region
|
||||
description = var.tls_inspection_config.tls_description
|
||||
description = var.tls_inspection_config.description
|
||||
ca_pool = var.tls_inspection_config.ca_pool
|
||||
exclude_public_ca_set = var.tls_inspection_config.exclude_public_ca_set
|
||||
}
|
||||
|
|
|
@ -41,6 +41,12 @@ variable "description" {
|
|||
default = "Managed by Terraform."
|
||||
}
|
||||
|
||||
variable "gateway_security_policy_description" {
|
||||
description = "Optional description for the gateway security policy."
|
||||
type = string
|
||||
default = "Managed by Terraform."
|
||||
}
|
||||
|
||||
variable "labels" {
|
||||
description = "Resource labels."
|
||||
type = map(string)
|
||||
|
@ -140,10 +146,9 @@ variable "subnetwork" {
|
|||
variable "tls_inspection_config" {
|
||||
description = "TLS inspection configuration."
|
||||
type = object({
|
||||
ca_pool = string
|
||||
ca_pool = optional(string, null)
|
||||
exclude_public_ca_set = optional(bool, false)
|
||||
gateway_description = optional(string, "Managed by Terraform.")
|
||||
tls_description = optional(string, "Managed by Terraform.")
|
||||
description = optional(string, "Managed by Terraform.")
|
||||
})
|
||||
default = null
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue