parent
24bd6179a7
commit
bbe778e095
|
@ -410,6 +410,7 @@ module "vpc" {
|
||||||
name = "my-network-with-route-${replace(each.key, "_", "-")}"
|
name = "my-network-with-route-${replace(each.key, "_", "-")}"
|
||||||
routes = {
|
routes = {
|
||||||
next-hop = {
|
next-hop = {
|
||||||
|
description = "Route to internal range."
|
||||||
dest_range = "192.168.128.0/24"
|
dest_range = "192.168.128.0/24"
|
||||||
tags = null
|
tags = null
|
||||||
next_hop_type = each.key
|
next_hop_type = each.key
|
||||||
|
@ -475,7 +476,6 @@ module "vpc" {
|
||||||
# tftest modules=1 resources=5 inventory=firewall_policy_enforcement_order.yaml
|
# tftest modules=1 resources=5 inventory=firewall_policy_enforcement_order.yaml
|
||||||
```
|
```
|
||||||
<!-- BEGIN TFDOC -->
|
<!-- BEGIN TFDOC -->
|
||||||
|
|
||||||
## Variables
|
## Variables
|
||||||
|
|
||||||
| name | description | type | required | default |
|
| name | description | type | required | default |
|
||||||
|
@ -492,16 +492,16 @@ module "vpc" {
|
||||||
| [mtu](variables.tf#L77) | Maximum Transmission Unit in bytes. The minimum value for this field is 1460 (the default) and the maximum value is 1500 bytes. | <code>number</code> | | <code>null</code> |
|
| [mtu](variables.tf#L77) | Maximum Transmission Unit in bytes. The minimum value for this field is 1460 (the default) and the maximum value is 1500 bytes. | <code>number</code> | | <code>null</code> |
|
||||||
| [peering_config](variables.tf#L88) | VPC peering configuration. | <code title="object({ peer_vpc_self_link = string create_remote_peer = optional(bool, true) export_routes = optional(bool) import_routes = optional(bool) })">object({…})</code> | | <code>null</code> |
|
| [peering_config](variables.tf#L88) | VPC peering configuration. | <code title="object({ peer_vpc_self_link = string create_remote_peer = optional(bool, true) export_routes = optional(bool) import_routes = optional(bool) })">object({…})</code> | | <code>null</code> |
|
||||||
| [psa_config](variables.tf#L104) | The Private Service Access configuration for Service Networking. | <code title="object({ ranges = map(string) export_routes = optional(bool, false) import_routes = optional(bool, false) })">object({…})</code> | | <code>null</code> |
|
| [psa_config](variables.tf#L104) | The Private Service Access configuration for Service Networking. | <code title="object({ ranges = map(string) export_routes = optional(bool, false) import_routes = optional(bool, false) })">object({…})</code> | | <code>null</code> |
|
||||||
| [routes](variables.tf#L114) | Network routes, keyed by name. | <code title="map(object({ dest_range = string next_hop_type = string # gateway, instance, ip, vpn_tunnel, ilb next_hop = string priority = optional(number) tags = optional(list(string)) }))">map(object({…}))</code> | | <code>{}</code> |
|
| [routes](variables.tf#L114) | Network routes, keyed by name. | <code title="map(object({ description = optional(string, "Terraform-managed.") dest_range = string next_hop_type = string # gateway, instance, ip, vpn_tunnel, ilb next_hop = string priority = optional(number) tags = optional(list(string)) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||||
| [routing_mode](variables.tf#L134) | The network routing mode (default 'GLOBAL'). | <code>string</code> | | <code>"GLOBAL"</code> |
|
| [routing_mode](variables.tf#L135) | The network routing mode (default 'GLOBAL'). | <code>string</code> | | <code>"GLOBAL"</code> |
|
||||||
| [shared_vpc_host](variables.tf#L144) | Enable shared VPC for this project. | <code>bool</code> | | <code>false</code> |
|
| [shared_vpc_host](variables.tf#L145) | Enable shared VPC for this project. | <code>bool</code> | | <code>false</code> |
|
||||||
| [shared_vpc_service_projects](variables.tf#L150) | Shared VPC service projects to register with this host. | <code>list(string)</code> | | <code>[]</code> |
|
| [shared_vpc_service_projects](variables.tf#L151) | Shared VPC service projects to register with this host. | <code>list(string)</code> | | <code>[]</code> |
|
||||||
| [subnet_iam](variables.tf#L156) | Subnet IAM bindings in {REGION/NAME => {ROLE => [MEMBERS]} format. | <code>map(map(list(string)))</code> | | <code>{}</code> |
|
| [subnet_iam](variables.tf#L157) | Subnet IAM bindings in {REGION/NAME => {ROLE => [MEMBERS]} format. | <code>map(map(list(string)))</code> | | <code>{}</code> |
|
||||||
| [subnet_iam_additive](variables.tf#L162) | Subnet IAM additive bindings in {REGION/NAME => {ROLE => [MEMBERS]}} format. | <code>map(map(list(string)))</code> | | <code>{}</code> |
|
| [subnet_iam_additive](variables.tf#L163) | Subnet IAM additive bindings in {REGION/NAME => {ROLE => [MEMBERS]}} format. | <code>map(map(list(string)))</code> | | <code>{}</code> |
|
||||||
| [subnets](variables.tf#L169) | Subnet configuration. | <code title="list(object({ name = string ip_cidr_range = string region = string description = optional(string) enable_private_access = optional(bool, true) flow_logs_config = optional(object({ aggregation_interval = optional(string) filter_expression = optional(string) flow_sampling = optional(number) metadata = optional(string) metadata_fields = optional(list(string)) })) ipv6 = optional(object({ access_type = optional(string) enable_private_access = optional(bool, true) })) secondary_ip_ranges = optional(map(string)) }))">list(object({…}))</code> | | <code>[]</code> |
|
| [subnets](variables.tf#L170) | Subnet configuration. | <code title="list(object({ name = string ip_cidr_range = string region = string description = optional(string) enable_private_access = optional(bool, true) flow_logs_config = optional(object({ aggregation_interval = optional(string) filter_expression = optional(string) flow_sampling = optional(number) metadata = optional(string) metadata_fields = optional(list(string)) })) ipv6 = optional(object({ access_type = optional(string) enable_private_access = optional(bool, true) })) secondary_ip_ranges = optional(map(string)) }))">list(object({…}))</code> | | <code>[]</code> |
|
||||||
| [subnets_proxy_only](variables.tf#L194) | List of proxy-only subnets for Regional HTTPS or Internal HTTPS load balancers. Note: Only one proxy-only subnet for each VPC network in each region can be active. | <code title="list(object({ name = string ip_cidr_range = string region = string description = optional(string) active = bool }))">list(object({…}))</code> | | <code>[]</code> |
|
| [subnets_proxy_only](variables.tf#L195) | List of proxy-only subnets for Regional HTTPS or Internal HTTPS load balancers. Note: Only one proxy-only subnet for each VPC network in each region can be active. | <code title="list(object({ name = string ip_cidr_range = string region = string description = optional(string) active = bool }))">list(object({…}))</code> | | <code>[]</code> |
|
||||||
| [subnets_psc](variables.tf#L206) | List of subnets for Private Service Connect service producers. | <code title="list(object({ name = string ip_cidr_range = string region = string description = optional(string) }))">list(object({…}))</code> | | <code>[]</code> |
|
| [subnets_psc](variables.tf#L207) | List of subnets for Private Service Connect service producers. | <code title="list(object({ name = string ip_cidr_range = string region = string description = optional(string) }))">list(object({…}))</code> | | <code>[]</code> |
|
||||||
| [vpc_create](variables.tf#L217) | Create VPC. When set to false, uses a data source to reference existing VPC. | <code>bool</code> | | <code>true</code> |
|
| [vpc_create](variables.tf#L218) | Create VPC. When set to false, uses a data source to reference existing VPC. | <code>bool</code> | | <code>true</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
|
@ -521,5 +521,4 @@ module "vpc" {
|
||||||
| [subnets](outputs.tf#L118) | Subnet resources. | |
|
| [subnets](outputs.tf#L118) | Subnet resources. | |
|
||||||
| [subnets_proxy_only](outputs.tf#L123) | L7 ILB or L7 Regional LB subnet resources. | |
|
| [subnets_proxy_only](outputs.tf#L123) | L7 ILB or L7 Regional LB subnet resources. | |
|
||||||
| [subnets_psc](outputs.tf#L128) | Private Service Connect subnet resources. | |
|
| [subnets_psc](outputs.tf#L128) | Private Service Connect subnet resources. | |
|
||||||
|
|
||||||
<!-- END TFDOC -->
|
<!-- END TFDOC -->
|
||||||
|
|
|
@ -51,7 +51,7 @@ resource "google_compute_route" "gateway" {
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
network = local.network.name
|
network = local.network.name
|
||||||
name = "${var.name}-${each.key}"
|
name = "${var.name}-${each.key}"
|
||||||
description = "Terraform-managed."
|
description = each.value.description
|
||||||
dest_range = each.value.dest_range
|
dest_range = each.value.dest_range
|
||||||
priority = each.value.priority
|
priority = each.value.priority
|
||||||
tags = each.value.tags
|
tags = each.value.tags
|
||||||
|
@ -63,7 +63,7 @@ resource "google_compute_route" "ilb" {
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
network = local.network.name
|
network = local.network.name
|
||||||
name = "${var.name}-${each.key}"
|
name = "${var.name}-${each.key}"
|
||||||
description = "Terraform-managed."
|
description = each.value.description
|
||||||
dest_range = each.value.dest_range
|
dest_range = each.value.dest_range
|
||||||
priority = each.value.priority
|
priority = each.value.priority
|
||||||
tags = each.value.tags
|
tags = each.value.tags
|
||||||
|
@ -75,7 +75,7 @@ resource "google_compute_route" "instance" {
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
network = local.network.name
|
network = local.network.name
|
||||||
name = "${var.name}-${each.key}"
|
name = "${var.name}-${each.key}"
|
||||||
description = "Terraform-managed."
|
description = each.value.description
|
||||||
dest_range = each.value.dest_range
|
dest_range = each.value.dest_range
|
||||||
priority = each.value.priority
|
priority = each.value.priority
|
||||||
tags = each.value.tags
|
tags = each.value.tags
|
||||||
|
@ -89,7 +89,7 @@ resource "google_compute_route" "ip" {
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
network = local.network.name
|
network = local.network.name
|
||||||
name = "${var.name}-${each.key}"
|
name = "${var.name}-${each.key}"
|
||||||
description = "Terraform-managed."
|
description = each.value.description
|
||||||
dest_range = each.value.dest_range
|
dest_range = each.value.dest_range
|
||||||
priority = each.value.priority
|
priority = each.value.priority
|
||||||
tags = each.value.tags
|
tags = each.value.tags
|
||||||
|
@ -101,7 +101,7 @@ resource "google_compute_route" "vpn_tunnel" {
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
network = local.network.name
|
network = local.network.name
|
||||||
name = "${var.name}-${each.key}"
|
name = "${var.name}-${each.key}"
|
||||||
description = "Terraform-managed."
|
description = each.value.description
|
||||||
dest_range = each.value.dest_range
|
dest_range = each.value.dest_range
|
||||||
priority = each.value.priority
|
priority = each.value.priority
|
||||||
tags = each.value.tags
|
tags = each.value.tags
|
||||||
|
|
|
@ -114,6 +114,7 @@ variable "psa_config" {
|
||||||
variable "routes" {
|
variable "routes" {
|
||||||
description = "Network routes, keyed by name."
|
description = "Network routes, keyed by name."
|
||||||
type = map(object({
|
type = map(object({
|
||||||
|
description = optional(string, "Terraform-managed.")
|
||||||
dest_range = string
|
dest_range = string
|
||||||
next_hop_type = string # gateway, instance, ip, vpn_tunnel, ilb
|
next_hop_type = string # gateway, instance, ip, vpn_tunnel, ilb
|
||||||
next_hop = string
|
next_hop = string
|
||||||
|
|
|
@ -18,6 +18,7 @@ values:
|
||||||
project: my-project
|
project: my-project
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["gateway"].google_compute_route.gateway["gateway"]:
|
module.vpc["gateway"].google_compute_route.gateway["gateway"]:
|
||||||
|
description: Terraform-managed.
|
||||||
dest_range: 0.0.0.0/0
|
dest_range: 0.0.0.0/0
|
||||||
name: my-network-with-route-gateway-gateway
|
name: my-network-with-route-gateway-gateway
|
||||||
next_hop_gateway: global/gateways/default-internet-gateway
|
next_hop_gateway: global/gateways/default-internet-gateway
|
||||||
|
@ -29,6 +30,7 @@ values:
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["gateway"].google_compute_route.gateway["next-hop"]:
|
module.vpc["gateway"].google_compute_route.gateway["next-hop"]:
|
||||||
|
description: Route to internal range.
|
||||||
dest_range: 192.168.128.0/24
|
dest_range: 192.168.128.0/24
|
||||||
name: my-network-with-route-gateway-next-hop
|
name: my-network-with-route-gateway-next-hop
|
||||||
next_hop_gateway: global/gateways/default-internet-gateway
|
next_hop_gateway: global/gateways/default-internet-gateway
|
||||||
|
@ -43,6 +45,7 @@ values:
|
||||||
project: my-project
|
project: my-project
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["ilb"].google_compute_route.gateway["gateway"]:
|
module.vpc["ilb"].google_compute_route.gateway["gateway"]:
|
||||||
|
description: Terraform-managed.
|
||||||
dest_range: 0.0.0.0/0
|
dest_range: 0.0.0.0/0
|
||||||
name: my-network-with-route-ilb-gateway
|
name: my-network-with-route-ilb-gateway
|
||||||
next_hop_gateway: global/gateways/default-internet-gateway
|
next_hop_gateway: global/gateways/default-internet-gateway
|
||||||
|
@ -54,6 +57,7 @@ values:
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["ilb"].google_compute_route.ilb["next-hop"]:
|
module.vpc["ilb"].google_compute_route.ilb["next-hop"]:
|
||||||
|
description: Route to internal range.
|
||||||
dest_range: 192.168.128.0/24
|
dest_range: 192.168.128.0/24
|
||||||
name: my-network-with-route-ilb-next-hop
|
name: my-network-with-route-ilb-next-hop
|
||||||
next_hop_gateway: null
|
next_hop_gateway: null
|
||||||
|
@ -68,6 +72,7 @@ values:
|
||||||
project: my-project
|
project: my-project
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["instance"].google_compute_route.gateway["gateway"]:
|
module.vpc["instance"].google_compute_route.gateway["gateway"]:
|
||||||
|
description: Terraform-managed.
|
||||||
dest_range: 0.0.0.0/0
|
dest_range: 0.0.0.0/0
|
||||||
name: my-network-with-route-instance-gateway
|
name: my-network-with-route-instance-gateway
|
||||||
next_hop_gateway: global/gateways/default-internet-gateway
|
next_hop_gateway: global/gateways/default-internet-gateway
|
||||||
|
@ -79,6 +84,7 @@ values:
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["instance"].google_compute_route.instance["next-hop"]:
|
module.vpc["instance"].google_compute_route.instance["next-hop"]:
|
||||||
|
description: Route to internal range.
|
||||||
dest_range: 192.168.128.0/24
|
dest_range: 192.168.128.0/24
|
||||||
name: my-network-with-route-instance-next-hop
|
name: my-network-with-route-instance-next-hop
|
||||||
next_hop_gateway: null
|
next_hop_gateway: null
|
||||||
|
@ -94,6 +100,7 @@ values:
|
||||||
project: my-project
|
project: my-project
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["ip"].google_compute_route.gateway["gateway"]:
|
module.vpc["ip"].google_compute_route.gateway["gateway"]:
|
||||||
|
description: Terraform-managed.
|
||||||
dest_range: 0.0.0.0/0
|
dest_range: 0.0.0.0/0
|
||||||
name: my-network-with-route-ip-gateway
|
name: my-network-with-route-ip-gateway
|
||||||
next_hop_gateway: global/gateways/default-internet-gateway
|
next_hop_gateway: global/gateways/default-internet-gateway
|
||||||
|
@ -105,6 +112,7 @@ values:
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["ip"].google_compute_route.ip["next-hop"]:
|
module.vpc["ip"].google_compute_route.ip["next-hop"]:
|
||||||
|
description: Route to internal range.
|
||||||
dest_range: 192.168.128.0/24
|
dest_range: 192.168.128.0/24
|
||||||
name: my-network-with-route-ip-next-hop
|
name: my-network-with-route-ip-next-hop
|
||||||
next_hop_gateway: null
|
next_hop_gateway: null
|
||||||
|
@ -120,6 +128,7 @@ values:
|
||||||
project: my-project
|
project: my-project
|
||||||
routing_mode: GLOBAL
|
routing_mode: GLOBAL
|
||||||
module.vpc["vpn_tunnel"].google_compute_route.gateway["gateway"]:
|
module.vpc["vpn_tunnel"].google_compute_route.gateway["gateway"]:
|
||||||
|
description: Terraform-managed.
|
||||||
dest_range: 0.0.0.0/0
|
dest_range: 0.0.0.0/0
|
||||||
name: my-network-with-route-vpn-tunnel-gateway
|
name: my-network-with-route-vpn-tunnel-gateway
|
||||||
next_hop_gateway: global/gateways/default-internet-gateway
|
next_hop_gateway: global/gateways/default-internet-gateway
|
||||||
|
@ -131,6 +140,7 @@ values:
|
||||||
tags:
|
tags:
|
||||||
- tag-a
|
- tag-a
|
||||||
module.vpc["vpn_tunnel"].google_compute_route.vpn_tunnel["next-hop"]:
|
module.vpc["vpn_tunnel"].google_compute_route.vpn_tunnel["next-hop"]:
|
||||||
|
description: Route to internal range.
|
||||||
dest_range: 192.168.128.0/24
|
dest_range: 192.168.128.0/24
|
||||||
name: my-network-with-route-vpn-tunnel-next-hop
|
name: my-network-with-route-vpn-tunnel-next-hop
|
||||||
next_hop_gateway: null
|
next_hop_gateway: null
|
||||||
|
|
Loading…
Reference in New Issue