Merge pull request #1893 from rthangaraju/e2e_module_netvpc
E2E and examples tests for net-vpc module
This commit is contained in:
commit
a69e828313
|
@ -29,7 +29,7 @@ This module allows creation and management of VPC networks including subnetworks
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
{
|
{
|
||||||
|
@ -48,7 +48,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=5 inventory=simple.yaml
|
# tftest modules=1 resources=5 inventory=simple.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### Subnet Options
|
### Subnet Options
|
||||||
|
@ -56,7 +56,7 @@ module "vpc" {
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
# simple subnet
|
# simple subnet
|
||||||
|
@ -95,7 +95,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=7 inventory=subnet-options.yaml
|
# tftest modules=1 resources=7 inventory=subnet-options.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### Subnet IAM
|
### Subnet IAM
|
||||||
|
@ -105,7 +105,7 @@ Subnet IAM variables follow our general interface, with extra keys/members for t
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
{
|
{
|
||||||
|
@ -114,12 +114,12 @@ module "vpc" {
|
||||||
ip_cidr_range = "10.0.1.0/24"
|
ip_cidr_range = "10.0.1.0/24"
|
||||||
iam = {
|
iam = {
|
||||||
"roles/compute.networkUser" = [
|
"roles/compute.networkUser" = [
|
||||||
"user:user1@example.com", "group:group1@example.com"
|
"group:${var.group_email}"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
iam_bindings = {
|
iam_bindings = {
|
||||||
subnet-1-iam = {
|
subnet-1-iam = {
|
||||||
members = ["group:group2@example.com"]
|
members = ["group:${var.group_email}"]
|
||||||
role = "roles/compute.networkUser"
|
role = "roles/compute.networkUser"
|
||||||
condition = {
|
condition = {
|
||||||
expression = "resource.matchTag('123456789012/env', 'prod')"
|
expression = "resource.matchTag('123456789012/env', 'prod')"
|
||||||
|
@ -131,10 +131,10 @@ module "vpc" {
|
||||||
{
|
{
|
||||||
name = "subnet-2"
|
name = "subnet-2"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
ip_cidr_range = "10.0.1.0/24"
|
ip_cidr_range = "10.0.2.0/24"
|
||||||
iam_bindings_additive = {
|
iam_bindings_additive = {
|
||||||
subnet-2-iam = {
|
subnet-2-iam = {
|
||||||
member = "user:am1@example.com"
|
member = "group:${var.group_email}"
|
||||||
role = "roles/compute.networkUser"
|
role = "roles/compute.networkUser"
|
||||||
subnet = "europe-west1/subnet-2"
|
subnet = "europe-west1/subnet-2"
|
||||||
}
|
}
|
||||||
|
@ -142,7 +142,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=8 inventory=subnet-iam.yaml
|
# tftest modules=1 resources=8 inventory=subnet-iam.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### Peering
|
### Peering
|
||||||
|
@ -154,7 +154,7 @@ If you only want to create the "local" side of the peering, use `peering_create_
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc-hub" {
|
module "vpc-hub" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "hub"
|
project_id = var.project_id
|
||||||
name = "vpc-hub"
|
name = "vpc-hub"
|
||||||
subnets = [{
|
subnets = [{
|
||||||
ip_cidr_range = "10.0.0.0/24"
|
ip_cidr_range = "10.0.0.0/24"
|
||||||
|
@ -165,7 +165,7 @@ module "vpc-hub" {
|
||||||
|
|
||||||
module "vpc-spoke-1" {
|
module "vpc-spoke-1" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "spoke1"
|
project_id = var.project_id
|
||||||
name = "vpc-spoke1"
|
name = "vpc-spoke1"
|
||||||
subnets = [{
|
subnets = [{
|
||||||
ip_cidr_range = "10.0.1.0/24"
|
ip_cidr_range = "10.0.1.0/24"
|
||||||
|
@ -185,20 +185,24 @@ module "vpc-spoke-1" {
|
||||||
[Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc) is a project-level functionality which enables a project to share its VPCs with other projects. The `shared_vpc_host` variable is here to help with rapid prototyping, we recommend leveraging the project module for production usage.
|
[Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc) is a project-level functionality which enables a project to share its VPCs with other projects. The `shared_vpc_host` variable is here to help with rapid prototyping, we recommend leveraging the project module for production usage.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
locals {
|
|
||||||
service_project_1 = {
|
module "service-project" {
|
||||||
project_id = "project1"
|
source = "./fabric/modules/project"
|
||||||
gke_service_account = "serviceAccount:gke"
|
billing_account = var.billing_account_id
|
||||||
cloud_services_service_account = "serviceAccount:cloudsvc"
|
name = "prj1"
|
||||||
}
|
prefix = var.prefix
|
||||||
service_project_2 = {
|
parent = var.folder_id
|
||||||
project_id = "project2"
|
services = [
|
||||||
}
|
"cloudresourcemanager.googleapis.com",
|
||||||
|
"compute.googleapis.com",
|
||||||
|
"iam.googleapis.com",
|
||||||
|
"serviceusage.googleapis.com"
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vpc-host" {
|
module "vpc-host" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-host-network"
|
name = "my-host-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
{
|
{
|
||||||
|
@ -211,22 +215,20 @@ module "vpc-host" {
|
||||||
}
|
}
|
||||||
iam = {
|
iam = {
|
||||||
"roles/compute.networkUser" = [
|
"roles/compute.networkUser" = [
|
||||||
local.service_project_1.cloud_services_service_account,
|
"serviceAccount:${var.service_account.email}"
|
||||||
local.service_project_1.gke_service_account
|
|
||||||
]
|
]
|
||||||
"roles/compute.securityAdmin" = [
|
"roles/compute.securityAdmin" = [
|
||||||
local.service_project_1.gke_service_account
|
"serviceAccount:${var.service_account.email}"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
shared_vpc_host = true
|
shared_vpc_host = true
|
||||||
shared_vpc_service_projects = [
|
shared_vpc_service_projects = [
|
||||||
local.service_project_1.project_id,
|
module.service-project.project_id
|
||||||
local.service_project_2.project_id
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=9 inventory=shared-vpc.yaml
|
# tftest modules=2 resources=13 inventory=shared-vpc.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### Private Service Networking
|
### Private Service Networking
|
||||||
|
@ -234,7 +236,7 @@ module "vpc-host" {
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
{
|
{
|
||||||
|
@ -247,7 +249,7 @@ module "vpc" {
|
||||||
ranges = { myrange = "10.0.1.0/24" }
|
ranges = { myrange = "10.0.1.0/24" }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=7 inventory=psa.yaml
|
# tftest modules=1 resources=7 inventory=psa.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### Private Service Networking with peering routes and peered Cloud DNS domains
|
### Private Service Networking with peering routes and peered Cloud DNS domains
|
||||||
|
@ -257,7 +259,7 @@ Custom routes can be optionally exported/imported through the peering formed wit
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
{
|
{
|
||||||
|
@ -273,7 +275,7 @@ module "vpc" {
|
||||||
peered_domains = ["gcp.example.com."]
|
peered_domains = ["gcp.example.com."]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=8 inventory=psa-routes.yaml
|
# tftest modules=1 resources=8 inventory=psa-routes.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### Subnets for Private Service Connect, Proxy-only subnets
|
### Subnets for Private Service Connect, Proxy-only subnets
|
||||||
|
@ -286,7 +288,7 @@ Along with common private subnets module supports creation more service specific
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
|
|
||||||
subnets_proxy_only = [
|
subnets_proxy_only = [
|
||||||
|
@ -312,7 +314,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=6 inventory=proxy-only-subnets.yaml
|
# tftest modules=1 resources=6 inventory=proxy-only-subnets.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### DNS Policies
|
### DNS Policies
|
||||||
|
@ -320,7 +322,7 @@ module "vpc" {
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
dns_policy = {
|
dns_policy = {
|
||||||
inbound = true
|
inbound = true
|
||||||
|
@ -337,7 +339,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=5 inventory=dns-policies.yaml
|
# tftest modules=1 resources=5 inventory=dns-policies.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### Subnet Factory
|
### Subnet Factory
|
||||||
|
@ -347,7 +349,7 @@ The `net-vpc` module includes a subnet factory (see [Resource Factories](../../b
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
factories_config = {
|
factories_config = {
|
||||||
subnets_folder = "config/subnets"
|
subnets_folder = "config/subnets"
|
||||||
|
@ -430,7 +432,7 @@ locals {
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
for_each = local.route_types
|
for_each = local.route_types
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network-with-route-${replace(each.key, "_", "-")}"
|
name = "my-network-with-route-${replace(each.key, "_", "-")}"
|
||||||
routes = {
|
routes = {
|
||||||
next-hop = {
|
next-hop = {
|
||||||
|
@ -460,7 +462,7 @@ By default the VPC module creates IPv4 routes for the [Private Google Access ran
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-vpc"
|
name = "my-vpc"
|
||||||
create_googleapis_routes = {
|
create_googleapis_routes = {
|
||||||
restricted = false
|
restricted = false
|
||||||
|
@ -469,7 +471,7 @@ module "vpc" {
|
||||||
private-6 = true
|
private-6 = true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=3 inventory=googleapis.yaml
|
# tftest modules=1 resources=3 inventory=googleapis.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### Allow Firewall Policy to be evaluated before Firewall Rules
|
### Allow Firewall Policy to be evaluated before Firewall Rules
|
||||||
|
@ -477,7 +479,7 @@ module "vpc" {
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
firewall_policy_enforcement_order = "BEFORE_CLASSIC_FIREWALL"
|
firewall_policy_enforcement_order = "BEFORE_CLASSIC_FIREWALL"
|
||||||
subnets = [
|
subnets = [
|
||||||
|
@ -497,7 +499,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=5 inventory=firewall_policy_enforcement_order.yaml
|
# tftest modules=1 resources=5 inventory=firewall_policy_enforcement_order.yaml e2e
|
||||||
```
|
```
|
||||||
|
|
||||||
### IPv6
|
### IPv6
|
||||||
|
@ -507,12 +509,12 @@ A non-overlapping private IPv6 address space can be configured for the VPC via t
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./fabric/modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = var.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
ipv6_config = {
|
ipv6_config = {
|
||||||
# internal_range is optional
|
# internal_range is optional
|
||||||
enable_ula_internal = true
|
enable_ula_internal = true
|
||||||
internal_range = "fd20:6b2:27e5:0:0:0:0:0/48"
|
# internal_range = "fd20:6b2:27e5::/48"
|
||||||
}
|
}
|
||||||
subnets = [
|
subnets = [
|
||||||
{
|
{
|
||||||
|
@ -531,7 +533,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
# tftest modules=1 resources=5 inventory=ipv6.yaml
|
# tftest modules=1 resources=5 inventory=ipv6.yaml e2e
|
||||||
```
|
```
|
||||||
<!-- BEGIN TFDOC -->
|
<!-- BEGIN TFDOC -->
|
||||||
## Variables
|
## Variables
|
||||||
|
|
|
@ -19,9 +19,9 @@
|
||||||
locals {
|
locals {
|
||||||
_googleapis_ranges = {
|
_googleapis_ranges = {
|
||||||
private = "199.36.153.8/30"
|
private = "199.36.153.8/30"
|
||||||
private-6 = "2600:2d00:0002:2000::/64"
|
private-6 = "2600:2d00:2:2000::/64"
|
||||||
restricted = "199.36.153.4/30"
|
restricted = "199.36.153.4/30"
|
||||||
restricted-6 = "2600:2d00:0002:1000::/64"
|
restricted-6 = "2600:2d00:2:1000::/64"
|
||||||
}
|
}
|
||||||
_googleapis_routes = {
|
_googleapis_routes = {
|
||||||
for k, v in local._googleapis_ranges : "${k}-googleapis" => {
|
for k, v in local._googleapis_ranges : "${k}-googleapis" => {
|
||||||
|
|
|
@ -26,10 +26,12 @@ locals {
|
||||||
"cloudkms.googleapis.com",
|
"cloudkms.googleapis.com",
|
||||||
"cloudresourcemanager.googleapis.com",
|
"cloudresourcemanager.googleapis.com",
|
||||||
"compute.googleapis.com",
|
"compute.googleapis.com",
|
||||||
|
"dns.googleapis.com",
|
||||||
"eventarc.googleapis.com",
|
"eventarc.googleapis.com",
|
||||||
"iam.googleapis.com",
|
"iam.googleapis.com",
|
||||||
"run.googleapis.com",
|
"run.googleapis.com",
|
||||||
"secretmanager.googleapis.com",
|
"secretmanager.googleapis.com",
|
||||||
|
"servicenetworking.googleapis.com",
|
||||||
"serviceusage.googleapis.com",
|
"serviceusage.googleapis.com",
|
||||||
"stackdriver.googleapis.com",
|
"stackdriver.googleapis.com",
|
||||||
"storage-component.googleapis.com",
|
"storage-component.googleapis.com",
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
values:
|
values:
|
||||||
module.vpc.google_compute_network.network[0]:
|
module.vpc.google_compute_network.network[0]:
|
||||||
name: my-network
|
name: my-network
|
||||||
project: my-project
|
project: project-id
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: {}
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]: {}
|
||||||
module.vpc.google_dns_policy.default[0]:
|
module.vpc.google_dns_policy.default[0]:
|
||||||
alternative_name_server_config:
|
alternative_name_server_config:
|
||||||
|
@ -30,7 +30,7 @@ values:
|
||||||
name: my-network
|
name: my-network
|
||||||
networks:
|
networks:
|
||||||
- {}
|
- {}
|
||||||
project: my-project
|
project: project-id
|
||||||
|
|
||||||
counts:
|
counts:
|
||||||
google_compute_network: 1
|
google_compute_network: 1
|
||||||
|
|
|
@ -20,7 +20,7 @@ values:
|
||||||
enable_ula_internal_ipv6: null
|
enable_ula_internal_ipv6: null
|
||||||
name: my-network
|
name: my-network
|
||||||
network_firewall_policy_enforcement_order: AFTER_CLASSIC_FIREWALL
|
network_firewall_policy_enforcement_order: AFTER_CLASSIC_FIREWALL
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_route.gateway["private-googleapis"]:
|
module.vpc.google_compute_route.gateway["private-googleapis"]:
|
||||||
|
@ -32,7 +32,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_route.gateway["restricted-googleapis"]:
|
module.vpc.google_compute_route.gateway["restricted-googleapis"]:
|
||||||
|
@ -44,7 +44,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_subnetwork.proxy_only["europe-west4/subnet-proxy"]:
|
module.vpc.google_compute_subnetwork.proxy_only["europe-west4/subnet-proxy"]:
|
||||||
|
@ -53,7 +53,7 @@ values:
|
||||||
ipv6_access_type: null
|
ipv6_access_type: null
|
||||||
log_config: []
|
log_config: []
|
||||||
name: subnet-proxy
|
name: subnet-proxy
|
||||||
project: my-project
|
project: project-id
|
||||||
purpose: REGIONAL_MANAGED_PROXY
|
purpose: REGIONAL_MANAGED_PROXY
|
||||||
region: europe-west4
|
region: europe-west4
|
||||||
role: ACTIVE
|
role: ACTIVE
|
||||||
|
@ -64,7 +64,7 @@ values:
|
||||||
ipv6_access_type: null
|
ipv6_access_type: null
|
||||||
log_config: []
|
log_config: []
|
||||||
name: subnet-proxy-global
|
name: subnet-proxy-global
|
||||||
project: my-project
|
project: project-id
|
||||||
purpose: GLOBAL_MANAGED_PROXY
|
purpose: GLOBAL_MANAGED_PROXY
|
||||||
region: australia-southeast2
|
region: australia-southeast2
|
||||||
role: ACTIVE
|
role: ACTIVE
|
||||||
|
@ -75,7 +75,7 @@ values:
|
||||||
ipv6_access_type: null
|
ipv6_access_type: null
|
||||||
log_config: []
|
log_config: []
|
||||||
name: subnet-psc
|
name: subnet-psc
|
||||||
project: my-project
|
project: project-id
|
||||||
purpose: PRIVATE_SERVICE_CONNECT
|
purpose: PRIVATE_SERVICE_CONNECT
|
||||||
region: europe-west4
|
region: europe-west4
|
||||||
role: null
|
role: null
|
||||||
|
@ -92,7 +92,7 @@ values:
|
||||||
metadata_fields: null
|
metadata_fields: null
|
||||||
name: subnet-detailed
|
name: subnet-detailed
|
||||||
private_ip_google_access: false
|
private_ip_google_access: false
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range:
|
secondary_ip_range:
|
||||||
|
@ -106,7 +106,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: simple
|
name: simple
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west4
|
region: europe-west4
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
|
@ -118,7 +118,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: simple
|
name: simple
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west8
|
region: europe-west8
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
|
@ -129,7 +129,7 @@ values:
|
||||||
- group:lorem@example.com
|
- group:lorem@example.com
|
||||||
- serviceAccount:fbz@prj.iam.gserviceaccount.com
|
- serviceAccount:fbz@prj.iam.gserviceaccount.com
|
||||||
- user:foobar@example.com
|
- user:foobar@example.com
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: roles/compute.networkUser
|
role: roles/compute.networkUser
|
||||||
subnetwork: subnet-detailed
|
subnetwork: subnet-detailed
|
||||||
|
|
|
@ -18,7 +18,7 @@ values:
|
||||||
delete_default_routes_on_create: false
|
delete_default_routes_on_create: false
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
name: my-network
|
name: my-network
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
network_firewall_policy_enforcement_order: BEFORE_CLASSIC_FIREWALL
|
network_firewall_policy_enforcement_order: BEFORE_CLASSIC_FIREWALL
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
||||||
|
@ -27,7 +27,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: production
|
name: production
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range:
|
secondary_ip_range:
|
||||||
|
@ -41,7 +41,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: production
|
name: production
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west2
|
region: europe-west2
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
|
|
|
@ -13,25 +13,28 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
values:
|
values:
|
||||||
|
module.vpc.google_compute_network.network[0]:
|
||||||
|
name: my-vpc
|
||||||
|
project: project-id
|
||||||
module.vpc.google_compute_route.gateway["private-6-googleapis"]:
|
module.vpc.google_compute_route.gateway["private-6-googleapis"]:
|
||||||
dest_range: 2600:2d00:0002:2000::/64
|
dest_range: 2600:2d00:2:2000::/64
|
||||||
name: my-vpc-private-6-googleapis
|
name: my-vpc-private-6-googleapis
|
||||||
next_hop_gateway: default-internet-gateway
|
next_hop_gateway: default-internet-gateway
|
||||||
next_hop_ilb: null
|
next_hop_ilb: null
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
module.vpc.google_compute_route.gateway["restricted-6-googleapis"]:
|
module.vpc.google_compute_route.gateway["restricted-6-googleapis"]:
|
||||||
dest_range: 2600:2d00:0002:1000::/64
|
dest_range: 2600:2d00:2:1000::/64
|
||||||
name: my-vpc-restricted-6-googleapis
|
name: my-vpc-restricted-6-googleapis
|
||||||
next_hop_gateway: default-internet-gateway
|
next_hop_gateway: default-internet-gateway
|
||||||
next_hop_ilb: null
|
next_hop_ilb: null
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
|
|
||||||
counts:
|
counts:
|
||||||
|
|
|
@ -18,10 +18,10 @@ values:
|
||||||
delete_default_routes_on_create: false
|
delete_default_routes_on_create: false
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
enable_ula_internal_ipv6: true
|
enable_ula_internal_ipv6: true
|
||||||
internal_ipv6_range: fd20:6b2:27e5:0:0:0:0:0/48
|
# internal_ipv6_range: fd20:6b2:27e5:0:0:0:0:0/48
|
||||||
name: my-network
|
name: my-network
|
||||||
network_firewall_policy_enforcement_order: AFTER_CLASSIC_FIREWALL
|
network_firewall_policy_enforcement_order: AFTER_CLASSIC_FIREWALL
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_route.gateway["private-googleapis"]:
|
module.vpc.google_compute_route.gateway["private-googleapis"]:
|
||||||
|
@ -33,7 +33,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_route.gateway["restricted-googleapis"]:
|
module.vpc.google_compute_route.gateway["restricted-googleapis"]:
|
||||||
|
@ -45,7 +45,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/test"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/test"]:
|
||||||
|
@ -55,7 +55,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: test
|
name: test
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
|
@ -68,7 +68,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: test
|
name: test
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west3
|
region: europe-west3
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
|
|
|
@ -15,13 +15,13 @@
|
||||||
values:
|
values:
|
||||||
module.vpc.google_compute_network.network[0]:
|
module.vpc.google_compute_network.network[0]:
|
||||||
name: my-network
|
name: my-network
|
||||||
project: my-project
|
project: project-id
|
||||||
module.vpc.google_compute_subnetwork.proxy_only["europe-west1/regional-proxy"]:
|
module.vpc.google_compute_subnetwork.proxy_only["europe-west1/regional-proxy"]:
|
||||||
description: Terraform-managed proxy-only subnet for Regional HTTPS, Internal HTTPS or Cross-Regional HTTPS Internal LB.
|
description: Terraform-managed proxy-only subnet for Regional HTTPS, Internal HTTPS or Cross-Regional HTTPS Internal LB.
|
||||||
ip_cidr_range: 10.0.1.0/24
|
ip_cidr_range: 10.0.1.0/24
|
||||||
log_config: []
|
log_config: []
|
||||||
name: regional-proxy
|
name: regional-proxy
|
||||||
project: my-project
|
project: project-id
|
||||||
purpose: REGIONAL_MANAGED_PROXY
|
purpose: REGIONAL_MANAGED_PROXY
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: ACTIVE
|
role: ACTIVE
|
||||||
|
@ -30,7 +30,7 @@ values:
|
||||||
ip_cidr_range: 10.0.4.0/24
|
ip_cidr_range: 10.0.4.0/24
|
||||||
log_config: []
|
log_config: []
|
||||||
name: global-proxy
|
name: global-proxy
|
||||||
project: my-project
|
project: project-id
|
||||||
purpose: GLOBAL_MANAGED_PROXY
|
purpose: GLOBAL_MANAGED_PROXY
|
||||||
region: australia-southeast2
|
region: australia-southeast2
|
||||||
role: ACTIVE
|
role: ACTIVE
|
||||||
|
@ -39,7 +39,7 @@ values:
|
||||||
ip_cidr_range: 10.0.3.0/24
|
ip_cidr_range: 10.0.3.0/24
|
||||||
log_config: []
|
log_config: []
|
||||||
name: psc
|
name: psc
|
||||||
project: my-project
|
project: project-id
|
||||||
purpose: PRIVATE_SERVICE_CONNECT
|
purpose: PRIVATE_SERVICE_CONNECT
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: null
|
role: null
|
||||||
|
|
|
@ -18,21 +18,21 @@ values:
|
||||||
address_type: INTERNAL
|
address_type: INTERNAL
|
||||||
name: myrange
|
name: myrange
|
||||||
prefix_length: 24
|
prefix_length: 24
|
||||||
project: my-project
|
project: project-id
|
||||||
purpose: VPC_PEERING
|
purpose: VPC_PEERING
|
||||||
module.vpc.google_compute_network.network[0]:
|
module.vpc.google_compute_network.network[0]:
|
||||||
name: my-network
|
name: my-network
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc.google_compute_network_peering_routes_config.psa_routes[0]:
|
module.vpc.google_compute_network_peering_routes_config.psa_routes[0]:
|
||||||
export_custom_routes: true
|
export_custom_routes: true
|
||||||
import_custom_routes: true
|
import_custom_routes: true
|
||||||
project: my-project
|
project: project-id
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
||||||
ip_cidr_range: 10.0.0.0/24
|
ip_cidr_range: 10.0.0.0/24
|
||||||
name: production
|
name: production
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
module.vpc.google_service_networking_connection.psa_connection[0]:
|
module.vpc.google_service_networking_connection.psa_connection[0]:
|
||||||
|
@ -42,7 +42,7 @@ values:
|
||||||
module.vpc.google_service_networking_peered_dns_domain.name["gcp.example.com."]:
|
module.vpc.google_service_networking_peered_dns_domain.name["gcp.example.com."]:
|
||||||
dns_suffix: gcp.example.com.
|
dns_suffix: gcp.example.com.
|
||||||
name: gcp-example-com
|
name: gcp-example-com
|
||||||
project: my-project
|
project: project-id
|
||||||
service: servicenetworking.googleapis.com
|
service: servicenetworking.googleapis.com
|
||||||
|
|
||||||
counts:
|
counts:
|
||||||
|
|
|
@ -18,19 +18,19 @@ values:
|
||||||
address_type: INTERNAL
|
address_type: INTERNAL
|
||||||
name: myrange
|
name: myrange
|
||||||
prefix_length: 24
|
prefix_length: 24
|
||||||
project: my-project
|
project: project-id
|
||||||
purpose: VPC_PEERING
|
purpose: VPC_PEERING
|
||||||
module.vpc.google_compute_network.network[0]:
|
module.vpc.google_compute_network.network[0]:
|
||||||
name: my-network
|
name: my-network
|
||||||
project: my-project
|
project: project-id
|
||||||
module.vpc.google_compute_network_peering_routes_config.psa_routes[0]:
|
module.vpc.google_compute_network_peering_routes_config.psa_routes[0]:
|
||||||
export_custom_routes: false
|
export_custom_routes: false
|
||||||
import_custom_routes: false
|
import_custom_routes: false
|
||||||
project: my-project
|
project: project-id
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
||||||
ip_cidr_range: 10.0.0.0/24
|
ip_cidr_range: 10.0.0.0/24
|
||||||
name: production
|
name: production
|
||||||
project: my-project
|
project: project-id
|
||||||
module.vpc.google_service_networking_connection.psa_connection[0]:
|
module.vpc.google_service_networking_connection.psa_connection[0]:
|
||||||
reserved_peering_ranges:
|
reserved_peering_ranges:
|
||||||
- myrange
|
- myrange
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
values:
|
values:
|
||||||
module.vpc["gateway"].google_compute_network.network[0]:
|
module.vpc["gateway"].google_compute_network.network[0]:
|
||||||
name: my-network-with-route-gateway
|
name: my-network-with-route-gateway
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["gateway"].google_compute_route.gateway["gateway"]:
|
module.vpc["gateway"].google_compute_route.gateway["gateway"]:
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
|
@ -26,7 +26,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 100
|
priority: 100
|
||||||
project: my-project
|
project: project-id
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["gateway"].google_compute_route.gateway["next-hop"]:
|
module.vpc["gateway"].google_compute_route.gateway["next-hop"]:
|
||||||
|
@ -38,11 +38,11 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
module.vpc["ilb"].google_compute_network.network[0]:
|
module.vpc["ilb"].google_compute_network.network[0]:
|
||||||
name: my-network-with-route-ilb
|
name: my-network-with-route-ilb
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["ilb"].google_compute_route.gateway["gateway"]:
|
module.vpc["ilb"].google_compute_route.gateway["gateway"]:
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
|
@ -53,7 +53,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 100
|
priority: 100
|
||||||
project: my-project
|
project: project-id
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["ilb"].google_compute_route.ilb["next-hop"]:
|
module.vpc["ilb"].google_compute_route.ilb["next-hop"]:
|
||||||
|
@ -65,11 +65,11 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
module.vpc["instance"].google_compute_network.network[0]:
|
module.vpc["instance"].google_compute_network.network[0]:
|
||||||
name: my-network-with-route-instance
|
name: my-network-with-route-instance
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["instance"].google_compute_route.gateway["gateway"]:
|
module.vpc["instance"].google_compute_route.gateway["gateway"]:
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
|
@ -80,7 +80,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 100
|
priority: 100
|
||||||
project: my-project
|
project: project-id
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["instance"].google_compute_route.instance["next-hop"]:
|
module.vpc["instance"].google_compute_route.instance["next-hop"]:
|
||||||
|
@ -93,11 +93,11 @@ values:
|
||||||
next_hop_instance_zone: europe-west1-b
|
next_hop_instance_zone: europe-west1-b
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
module.vpc["ip"].google_compute_network.network[0]:
|
module.vpc["ip"].google_compute_network.network[0]:
|
||||||
name: my-network-with-route-ip
|
name: my-network-with-route-ip
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["ip"].google_compute_route.gateway["gateway"]:
|
module.vpc["ip"].google_compute_route.gateway["gateway"]:
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
|
@ -108,7 +108,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 100
|
priority: 100
|
||||||
project: my-project
|
project: project-id
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["ip"].google_compute_route.ip["next-hop"]:
|
module.vpc["ip"].google_compute_route.ip["next-hop"]:
|
||||||
|
@ -121,11 +121,11 @@ values:
|
||||||
next_hop_ip: 192.168.0.128
|
next_hop_ip: 192.168.0.128
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
module.vpc["vpn_tunnel"].google_compute_network.network[0]:
|
module.vpc["vpn_tunnel"].google_compute_network.network[0]:
|
||||||
name: my-network-with-route-vpn-tunnel
|
name: my-network-with-route-vpn-tunnel
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["vpn_tunnel"].google_compute_route.gateway["gateway"]:
|
module.vpc["vpn_tunnel"].google_compute_route.gateway["gateway"]:
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
|
@ -136,7 +136,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 100
|
priority: 100
|
||||||
project: my-project
|
project: project-id
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["vpn_tunnel"].google_compute_route.vpn_tunnel["next-hop"]:
|
module.vpc["vpn_tunnel"].google_compute_route.vpn_tunnel["next-hop"]:
|
||||||
|
@ -148,7 +148,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: regions/europe-west1/vpnTunnels/foo
|
next_hop_vpn_tunnel: regions/europe-west1/vpnTunnels/foo
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
|
|
||||||
counts:
|
counts:
|
||||||
|
|
|
@ -15,15 +15,14 @@
|
||||||
values:
|
values:
|
||||||
module.vpc-host.google_compute_network.network[0]:
|
module.vpc-host.google_compute_network.network[0]:
|
||||||
name: my-host-network
|
name: my-host-network
|
||||||
project: my-project
|
project: project-id
|
||||||
module.vpc-host.google_compute_shared_vpc_host_project.shared_vpc_host[0]:
|
module.vpc-host.google_compute_shared_vpc_host_project.shared_vpc_host[0]:
|
||||||
project: my-project
|
project: project-id
|
||||||
module.vpc-host.google_compute_shared_vpc_service_project.service_projects["project1"]:
|
module.service-project.google_project.project[0]:
|
||||||
host_project: my-project
|
project_id: test-prj1
|
||||||
service_project: project1
|
module.vpc-host.google_compute_shared_vpc_service_project.service_projects["test-prj1"]:
|
||||||
module.vpc-host.google_compute_shared_vpc_service_project.service_projects["project2"]:
|
host_project: project-id
|
||||||
host_project: my-project
|
service_project: test-prj1
|
||||||
service_project: project2
|
|
||||||
module.vpc-host.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]:
|
module.vpc-host.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]:
|
||||||
secondary_ip_range:
|
secondary_ip_range:
|
||||||
- ip_cidr_range: 172.16.0.0/20
|
- ip_cidr_range: 172.16.0.0/20
|
||||||
|
@ -33,24 +32,26 @@ values:
|
||||||
module.vpc-host.google_compute_subnetwork_iam_binding.authoritative["europe-west1/subnet-1.roles/compute.networkUser"]:
|
module.vpc-host.google_compute_subnetwork_iam_binding.authoritative["europe-west1/subnet-1.roles/compute.networkUser"]:
|
||||||
condition: []
|
condition: []
|
||||||
members:
|
members:
|
||||||
- serviceAccount:cloudsvc
|
- serviceAccount:service_account_email
|
||||||
- serviceAccount:gke
|
project: project-id
|
||||||
project: my-project
|
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: roles/compute.networkUser
|
role: roles/compute.networkUser
|
||||||
subnetwork: subnet-1
|
subnetwork: subnet-1
|
||||||
module.vpc-host.google_compute_subnetwork_iam_binding.authoritative["europe-west1/subnet-1.roles/compute.securityAdmin"]:
|
module.vpc-host.google_compute_subnetwork_iam_binding.authoritative["europe-west1/subnet-1.roles/compute.securityAdmin"]:
|
||||||
condition: []
|
condition: []
|
||||||
members:
|
members:
|
||||||
- serviceAccount:gke
|
- serviceAccount:service_account_email
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: roles/compute.securityAdmin
|
role: roles/compute.securityAdmin
|
||||||
subnetwork: subnet-1
|
subnetwork: subnet-1
|
||||||
|
|
||||||
|
|
||||||
counts:
|
counts:
|
||||||
google_compute_network: 1
|
google_compute_network: 1
|
||||||
|
google_compute_route: 2
|
||||||
google_compute_shared_vpc_host_project: 1
|
google_compute_shared_vpc_host_project: 1
|
||||||
google_compute_shared_vpc_service_project: 2
|
google_compute_shared_vpc_service_project: 1
|
||||||
google_compute_subnetwork: 1
|
google_compute_subnetwork: 1
|
||||||
google_compute_subnetwork_iam_binding: 2
|
google_compute_subnetwork_iam_binding: 2
|
||||||
|
modules: 2
|
|
@ -18,7 +18,7 @@ values:
|
||||||
delete_default_routes_on_create: false
|
delete_default_routes_on_create: false
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
name: my-network
|
name: my-network
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/production"]:
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
|
@ -26,7 +26,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: production
|
name: production
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range:
|
secondary_ip_range:
|
||||||
|
@ -40,7 +40,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: production
|
name: production
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west2
|
region: europe-west2
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
|
@ -52,7 +52,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_route.gateway["restricted-googleapis"]:
|
module.vpc.google_compute_route.gateway["restricted-googleapis"]:
|
||||||
|
@ -64,7 +64,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
timeouts: null
|
timeouts: null
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@ values:
|
||||||
enable_ula_internal_ipv6: null
|
enable_ula_internal_ipv6: null
|
||||||
name: my-network
|
name: my-network
|
||||||
network_firewall_policy_enforcement_order: AFTER_CLASSIC_FIREWALL
|
network_firewall_policy_enforcement_order: AFTER_CLASSIC_FIREWALL
|
||||||
project: my-project
|
project: project-id
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_route.gateway["private-googleapis"]:
|
module.vpc.google_compute_route.gateway["private-googleapis"]:
|
||||||
|
@ -32,7 +32,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_route.gateway["restricted-googleapis"]:
|
module.vpc.google_compute_route.gateway["restricted-googleapis"]:
|
||||||
|
@ -44,7 +44,7 @@ values:
|
||||||
next_hop_instance: null
|
next_hop_instance: null
|
||||||
next_hop_vpn_tunnel: null
|
next_hop_vpn_tunnel: null
|
||||||
priority: 1000
|
priority: 1000
|
||||||
project: my-project
|
project: project-id
|
||||||
tags: null
|
tags: null
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-1"]:
|
||||||
|
@ -54,19 +54,19 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: subnet-1
|
name: subnet-1
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
timeouts: null
|
timeouts: null
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-2"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/subnet-2"]:
|
||||||
description: Terraform-managed.
|
description: Terraform-managed.
|
||||||
ip_cidr_range: 10.0.1.0/24
|
ip_cidr_range: 10.0.2.0/24
|
||||||
ipv6_access_type: null
|
ipv6_access_type: null
|
||||||
log_config: []
|
log_config: []
|
||||||
name: subnet-2
|
name: subnet-2
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
|
@ -74,9 +74,8 @@ values:
|
||||||
module.vpc.google_compute_subnetwork_iam_binding.authoritative["europe-west1/subnet-1.roles/compute.networkUser"]:
|
module.vpc.google_compute_subnetwork_iam_binding.authoritative["europe-west1/subnet-1.roles/compute.networkUser"]:
|
||||||
condition: []
|
condition: []
|
||||||
members:
|
members:
|
||||||
- group:group1@example.com
|
- group:organization-admins@example.org
|
||||||
- user:user1@example.com
|
project: project-id
|
||||||
project: my-project
|
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: roles/compute.networkUser
|
role: roles/compute.networkUser
|
||||||
subnetwork: subnet-1
|
subnetwork: subnet-1
|
||||||
|
@ -86,15 +85,15 @@ values:
|
||||||
expression: resource.matchTag('123456789012/env', 'prod')
|
expression: resource.matchTag('123456789012/env', 'prod')
|
||||||
title: test_condition
|
title: test_condition
|
||||||
members:
|
members:
|
||||||
- group:group2@example.com
|
- group:organization-admins@example.org
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: roles/compute.networkUser
|
role: roles/compute.networkUser
|
||||||
subnetwork: subnet-1
|
subnetwork: subnet-1
|
||||||
module.vpc.google_compute_subnetwork_iam_member.bindings["subnet-2-iam"]:
|
module.vpc.google_compute_subnetwork_iam_member.bindings["subnet-2-iam"]:
|
||||||
condition: []
|
condition: []
|
||||||
member: user:am1@example.com
|
member: group:organization-admins@example.org
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: roles/compute.networkUser
|
role: roles/compute.networkUser
|
||||||
subnetwork: subnet-2
|
subnetwork: subnet-2
|
||||||
|
|
|
@ -15,14 +15,14 @@
|
||||||
values:
|
values:
|
||||||
module.vpc.google_compute_network.network[0]:
|
module.vpc.google_compute_network.network[0]:
|
||||||
name: my-network
|
name: my-network
|
||||||
project: my-project
|
project: project-id
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/no-pga"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/no-pga"]:
|
||||||
description: Subnet b
|
description: Subnet b
|
||||||
ip_cidr_range: 10.0.1.0/24
|
ip_cidr_range: 10.0.1.0/24
|
||||||
log_config: []
|
log_config: []
|
||||||
name: no-pga
|
name: no-pga
|
||||||
private_ip_google_access: false
|
private_ip_google_access: false
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/simple"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/simple"]:
|
||||||
|
@ -31,7 +31,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: simple
|
name: simple
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/with-flow-logs"]:
|
module.vpc.google_compute_subnetwork.subnetwork["europe-west1/with-flow-logs"]:
|
||||||
|
@ -46,7 +46,7 @@ values:
|
||||||
metadata_fields: null
|
metadata_fields: null
|
||||||
name: with-flow-logs
|
name: with-flow-logs
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range: []
|
secondary_ip_range: []
|
||||||
|
@ -56,7 +56,7 @@ values:
|
||||||
log_config: []
|
log_config: []
|
||||||
name: with-secondary-ranges
|
name: with-secondary-ranges
|
||||||
private_ip_google_access: true
|
private_ip_google_access: true
|
||||||
project: my-project
|
project: project-id
|
||||||
region: europe-west1
|
region: europe-west1
|
||||||
role: null
|
role: null
|
||||||
secondary_ip_range:
|
secondary_ip_range:
|
||||||
|
|
Loading…
Reference in New Issue