From b49984e1b9525ddfe54eb4c9c5c385fc32af90c5 Mon Sep 17 00:00:00 2001 From: Dave Gulli Date: Mon, 11 Sep 2023 16:56:09 +1000 Subject: [PATCH] added support for global proxy only subnets --- modules/net-vpc/README.md | 10 ++++++++++ modules/net-vpc/subnets.tf | 4 ++++ 2 files changed, 14 insertions(+) diff --git a/modules/net-vpc/README.md b/modules/net-vpc/README.md index 81b9ad37..99db8b34 100644 --- a/modules/net-vpc/README.md +++ b/modules/net-vpc/README.md @@ -287,6 +287,8 @@ Along with common private subnets module supports creation more service specific - [Proxy-only subnets](https://cloud.google.com/load-balancing/docs/proxy-only-subnets) for Regional HTTPS Internal HTTPS Load Balancers - [Private Service Connect](https://cloud.google.com/vpc/docs/private-service-connect#psc-subnets) subnets +- [Global Proxy-only subnet] (https://cloud.google.com/load-balancing/docs/proxy-only-subnets#envoy-lb) with purpose for Cross-region internal Application Load Balancers + ```hcl module "vpc" { source = "./fabric/modules/net-vpc" @@ -308,6 +310,14 @@ module "vpc" { region = "europe-west1" } ] + subnets_global_proxy_only = [ + { + ip_cidr_range = "10.0.4.0/24" + name = "global-proxy" + region = "australia-southeast2" + active = true + } + ] } # tftest modules=1 resources=5 inventory=proxy-only-subnets.yaml ``` diff --git a/modules/net-vpc/subnets.tf b/modules/net-vpc/subnets.tf index 0e656fd8..c8c927a3 100644 --- a/modules/net-vpc/subnets.tf +++ b/modules/net-vpc/subnets.tf @@ -79,6 +79,10 @@ locals { { for s in var.subnets_psc : "${s.region}/${s.name}" => s }, { for k, v in local._factory_subnets : k => v if v.purpose == "PRIVATE_SERVICE_CONNECT" } ) + subnets_global_proxy_only = merge( + { for s in var.subnets_psc : "${s.region}/${s.name}" => s }, + { for k, v in local._factory_subnets : k => v if v.purpose == "GLOBAL_MANAGED_PROXY" } + ) } resource "google_compute_subnetwork" "subnetwork" {