optional description attribute in variables
This commit is contained in:
Natalia Strelkova
parent
a8c27b1b6e
commit
fde498800c
|
|
@ -173,16 +173,16 @@ module "secure-web-proxy" {
|
|||
| [certificates](variables.tf#L27) | List of certificates to be used for Secure Web Proxy. | <code>list(string)</code> | ✓ | |
|
||||
| [name](variables.tf#L50) | Name of the Secure Web Proxy resource. | <code>string</code> | ✓ | |
|
||||
| [network](variables.tf#L55) | Name of the network the Secure Web Proxy is deployed into. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L116) | Project id of the project that holds the network. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L121) | Region where resources will be created. | <code>string</code> | ✓ | |
|
||||
| [subnetwork](variables.tf#L132) | Name of the subnetwork the Secure Web Proxy is deployed into. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L119) | Project id of the project that holds the network. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L124) | Region where resources will be created. | <code>string</code> | ✓ | |
|
||||
| [subnetwork](variables.tf#L135) | Name of the subnetwork the Secure Web Proxy is deployed into. | <code>string</code> | ✓ | |
|
||||
| [delete_swg_autogen_router_on_destroy](variables.tf#L32) | Delete automatically provisioned Cloud Router on destroy. | <code>bool</code> | | <code>true</code> |
|
||||
| [description](variables.tf#L38) | Optional description to add to created resources. | <code>string</code> | | <code>"Managed by Terraform."</code> |
|
||||
| [description](variables.tf#L38) | Optional description for the SWG. | <code>string</code> | | <code>"Managed by Terraform."</code> |
|
||||
| [labels](variables.tf#L44) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [policy_rules](variables.tf#L60) | List of policy rule definitions, default to allow action. Available keys: secure_tags, url_lists, custom. URL lists that only have values set will be created. | <code title="object({ secure_tags = optional(map(object({ tag = string session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) })), {}) url_lists = optional(map(object({ url_list = string values = optional(list(string)) session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) })), {}) custom = optional(map(object({ session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) })), {}) })">object({…})</code> | | <code>{}</code> |
|
||||
| [ports](variables.tf#L110) | Ports to use for Secure Web Proxy. | <code>list(number)</code> | | <code>[443]</code> |
|
||||
| [scope](variables.tf#L126) | Scope determines how configuration across multiple Gateway instances are merged. | <code>string</code> | | <code>null</code> |
|
||||
| [tls_inspection_config](variables.tf#L137) | TLS inspection configuration. | <code title="object({ ca_pool = string exclude_public_ca_set = optional(bool, false) })">object({…})</code> | | <code>null</code> |
|
||||
| [policy_rules](variables.tf#L60) | List of policy rule definitions, default to allow action. Available keys: secure_tags, url_lists, custom. URL lists that only have values set will be created. | <code title="object({ secure_tags = optional(map(object({ tag = string session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) description = optional(string, "Managed by Terraform.") })), {}) url_lists = optional(map(object({ url_list = string values = optional(list(string)) session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) description = optional(string, "Managed by Terraform.") })), {}) custom = optional(map(object({ session_matcher = optional(string) application_matcher = optional(string) priority = number action = optional(string, "ALLOW") enabled = optional(bool, true) tls_inspection_enabled = optional(bool, false) description = optional(string, "Managed by Terraform.") })), {}) })">object({…})</code> | | <code>{}</code> |
|
||||
| [ports](variables.tf#L113) | Ports to use for Secure Web Proxy. | <code>list(number)</code> | | <code>[443]</code> |
|
||||
| [scope](variables.tf#L129) | Scope determines how configuration across multiple Gateway instances are merged. | <code>string</code> | | <code>null</code> |
|
||||
| [tls_inspection_config](variables.tf#L140) | TLS inspection configuration. | <code title="object({ ca_pool = string exclude_public_ca_set = optional(bool, false) gateway_description = optional(string, "Managed by Terraform.") tls_description = optional(string, "Managed by Terraform.") })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ resource "google_network_security_gateway_security_policy" "policy" {
|
|||
project = var.project_id
|
||||
name = var.name
|
||||
location = var.region
|
||||
description = var.description
|
||||
description = var.tls_inspection_config != null ? var.tls_inspection_config.gateway_description : null
|
||||
tls_inspection_policy = var.tls_inspection_config != null ? google_network_security_tls_inspection_policy.tls-policy.0.id : null
|
||||
}
|
||||
|
||||
|
|
@ -33,7 +33,7 @@ resource "google_network_security_tls_inspection_policy" "tls-policy" {
|
|||
project = var.project_id
|
||||
name = var.name
|
||||
location = var.region
|
||||
description = var.description
|
||||
description = var.tls_inspection_config.tls_description
|
||||
ca_pool = var.tls_inspection_config.ca_pool
|
||||
exclude_public_ca_set = var.tls_inspection_config.exclude_public_ca_set
|
||||
}
|
||||
|
|
@ -44,7 +44,7 @@ resource "google_network_security_gateway_security_policy_rule" "secure_tag_rule
|
|||
project = var.project_id
|
||||
name = each.key
|
||||
location = var.region
|
||||
description = var.description
|
||||
description = each.value.description
|
||||
gateway_security_policy = google_network_security_gateway_security_policy.policy.name
|
||||
enabled = each.value.enabled
|
||||
priority = each.value.priority
|
||||
|
|
@ -63,7 +63,7 @@ resource "google_network_security_url_lists" "url_lists" {
|
|||
project = var.project_id
|
||||
name = each.key
|
||||
location = var.region
|
||||
description = var.description
|
||||
description = each.value.description
|
||||
values = each.value.values
|
||||
}
|
||||
|
||||
|
|
@ -73,7 +73,7 @@ resource "google_network_security_gateway_security_policy_rule" "url_list_rules"
|
|||
project = var.project_id
|
||||
name = each.key
|
||||
location = var.region
|
||||
description = var.description
|
||||
description = each.value.description
|
||||
gateway_security_policy = google_network_security_gateway_security_policy.policy.name
|
||||
enabled = each.value.enabled
|
||||
priority = each.value.priority
|
||||
|
|
@ -96,7 +96,7 @@ resource "google_network_security_gateway_security_policy_rule" "custom_rules" {
|
|||
provider = google-beta
|
||||
name = each.key
|
||||
location = var.region
|
||||
description = var.description
|
||||
description = each.value.description
|
||||
gateway_security_policy = google_network_security_gateway_security_policy.policy.name
|
||||
enabled = each.value.enabled
|
||||
priority = each.value.priority
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ variable "delete_swg_autogen_router_on_destroy" {
|
|||
}
|
||||
|
||||
variable "description" {
|
||||
description = "Optional description to add to created resources."
|
||||
description = "Optional description for the SWG."
|
||||
type = string
|
||||
default = "Managed by Terraform."
|
||||
}
|
||||
|
|
@ -68,6 +68,7 @@ variable "policy_rules" {
|
|||
action = optional(string, "ALLOW")
|
||||
enabled = optional(bool, true)
|
||||
tls_inspection_enabled = optional(bool, false)
|
||||
description = optional(string, "Managed by Terraform.")
|
||||
})), {})
|
||||
|
||||
url_lists = optional(map(object({
|
||||
|
|
@ -79,6 +80,7 @@ variable "policy_rules" {
|
|||
action = optional(string, "ALLOW")
|
||||
enabled = optional(bool, true)
|
||||
tls_inspection_enabled = optional(bool, false)
|
||||
description = optional(string, "Managed by Terraform.")
|
||||
})), {})
|
||||
|
||||
custom = optional(map(object({
|
||||
|
|
@ -88,6 +90,7 @@ variable "policy_rules" {
|
|||
action = optional(string, "ALLOW")
|
||||
enabled = optional(bool, true)
|
||||
tls_inspection_enabled = optional(bool, false)
|
||||
description = optional(string, "Managed by Terraform.")
|
||||
})), {})
|
||||
})
|
||||
validation {
|
||||
|
|
@ -139,6 +142,8 @@ variable "tls_inspection_config" {
|
|||
type = object({
|
||||
ca_pool = string
|
||||
exclude_public_ca_set = optional(bool, false)
|
||||
gateway_description = optional(string, "Managed by Terraform.")
|
||||
tls_description = optional(string, "Managed by Terraform.")
|
||||
})
|
||||
default = null
|
||||
}
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@ values:
|
|||
delete_swg_autogen_router_on_destroy: true
|
||||
labels:
|
||||
example: "value"
|
||||
description: "Managed by Terraform."
|
||||
|
||||
counts:
|
||||
google_network_security_gateway_security_policy: 1
|
||||
|
|
|
|||
|
|
@ -30,6 +30,7 @@ values:
|
|||
network: "projects/my-project/global/networks/my-network"
|
||||
subnetwork: "projects/my-project/regions/europe-west4/subnetworks/my-subnetwork"
|
||||
delete_swg_autogen_router_on_destroy: true
|
||||
description: "Managed by Terraform."
|
||||
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.secure_tag_rules["secure-tag-1"]:
|
||||
project: "my-project"
|
||||
name: "secure-tag-1"
|
||||
|
|
@ -40,6 +41,7 @@ values:
|
|||
application_matcher: null
|
||||
tls_inspection_enabled: false
|
||||
basic_profile: "ALLOW"
|
||||
description: "Managed by Terraform."
|
||||
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.secure_tag_rules["secure-tag-2"]:
|
||||
project: "my-project"
|
||||
name: "secure-tag-2"
|
||||
|
|
@ -50,6 +52,7 @@ values:
|
|||
application_matcher: null
|
||||
tls_inspection_enabled: false
|
||||
basic_profile: "ALLOW"
|
||||
description: "Managed by Terraform."
|
||||
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.url_list_rules["url-list-1"]:
|
||||
project: "my-project"
|
||||
name: "url-list-1"
|
||||
|
|
@ -59,6 +62,7 @@ values:
|
|||
application_matcher: null
|
||||
tls_inspection_enabled: false
|
||||
basic_profile: "ALLOW"
|
||||
description: "Managed by Terraform."
|
||||
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.url_list_rules["url-list-2"]:
|
||||
project: "my-project"
|
||||
name: "url-list-2"
|
||||
|
|
@ -69,6 +73,7 @@ values:
|
|||
application_matcher: null
|
||||
tls_inspection_enabled: false
|
||||
basic_profile: "ALLOW"
|
||||
description: "Managed by Terraform."
|
||||
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.custom_rules["custom-rule-1"]:
|
||||
project: "my-project"
|
||||
name: "custom-rule-1"
|
||||
|
|
@ -79,6 +84,7 @@ values:
|
|||
application_matcher: null
|
||||
tls_inspection_enabled: false
|
||||
basic_profile: "DENY"
|
||||
description: "Managed by Terraform."
|
||||
module.secure-web-proxy.google_network_security_url_lists.url_lists["my-url-list"]:
|
||||
project: "my-project"
|
||||
name: "my-url-list"
|
||||
|
|
@ -86,6 +92,7 @@ values:
|
|||
values:
|
||||
- "www.google.com"
|
||||
- "google.com"
|
||||
description: "Managed by Terraform."
|
||||
|
||||
counts:
|
||||
google_network_security_gateway_security_policy: 1
|
||||
|
|
|
|||
|
|
@ -18,11 +18,13 @@ values:
|
|||
name: "secure-web-proxy"
|
||||
project: "my-project"
|
||||
location: "europe-west4"
|
||||
description: "Managed by Terraform."
|
||||
module.secure-web-proxy.google_network_security_tls_inspection_policy.tls-policy[0]:
|
||||
project: "my-project"
|
||||
name: "secure-web-proxy"
|
||||
location: "europe-west4"
|
||||
exclude_public_ca_set: false
|
||||
description: "Managed by Terraform."
|
||||
module.secure-web-proxy.google_network_services_gateway.gateway:
|
||||
project: "my-project"
|
||||
name: "secure-web-proxy"
|
||||
|
|
@ -35,6 +37,7 @@ values:
|
|||
network: "projects/my-project/global/networks/my-network"
|
||||
subnetwork: "projects/my-project/regions/europe-west4/subnetworks/my-subnetwork"
|
||||
delete_swg_autogen_router_on_destroy: true
|
||||
description: "Managed by Terraform."
|
||||
module.secure-web-proxy.google_network_security_gateway_security_policy_rule.custom_rules["custom-rule-1"]:
|
||||
project: "my-project"
|
||||
name: "custom-rule-1"
|
||||
|
|
@ -45,6 +48,7 @@ values:
|
|||
application_matcher: "request.path.contains('generate_204')"
|
||||
tls_inspection_enabled: true
|
||||
basic_profile: "ALLOW"
|
||||
description: "Managed by Terraform."
|
||||
google_privateca_ca_pool.pool:
|
||||
name: "secure-web-proxy-capool"
|
||||
location: "europe-west4"
|
||||
|
|
|
|||
Loading…
Reference in New Issue