# Net Address Reservation Module
This module allows reserving Compute Engine external, global, and internal addresses. The module also supports managing VPC network attachments from service projects.
- [Examples](#examples)
- [External and global addresses](#external-and-global-addresses)
- [Internal addresses](#internal-addresses)
- [IPv6 addresses](#ipv6-addresses)
- [PSA addresses](#psa-addresses)
- [PSC addresses](#psc-addresses)
- [IPSec Interconnect addresses](#ipsec-interconnect-addresses)
- [PSC Network Attachments](#psc-network-attachments)
- [Variables](#variables)
- [Outputs](#outputs)
- [Fixtures](#fixtures)
## Examples
### External and global addresses
```hcl
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
external_addresses = {
one = { region = "europe-west1" }
two = {
region = "europe-west2"
tier = "STANDARD"
}
}
global_addresses = {
app-1 = {}
app-2 = {}
}
}
# tftest modules=1 resources=4 inventory=external.yaml e2e
```
### Internal addresses
```hcl
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
internal_addresses = {
ilb-1 = {
purpose = "SHARED_LOADBALANCER_VIP"
region = var.region
subnetwork = var.subnet.self_link
}
ilb-2 = {
address = "10.0.16.102"
region = var.region
subnetwork = var.subnet.self_link
}
}
}
# tftest modules=1 resources=2 inventory=internal.yaml e2e
```
### IPv6 addresses
You can reserve both external and internal IPv6 addresses.
```hcl
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
external_addresses = {
nlb = {
region = var.region
subnetwork = module.vpc.subnets["${var.region}/ipv6-external"].self_link
ipv6 = {
endpoint_type = "NETLB"
}
}
}
internal_addresses = {
vm = {
ipv6 = {}
region = var.region
subnetwork = module.vpc.subnets["${var.region}/ipv6-internal"].self_link
}
}
}
# tftest modules=2 resources=7 fixtures=fixtures/net-vpc-ipv6.tf inventory=ipv6.yaml e2e
```
### PSA addresses
```hcl
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psa_addresses = {
cloudsql-mysql = {
address = "10.10.10.0"
network = var.vpc.self_link
prefix_length = 24
}
}
}
# tftest modules=1 resources=1 inventory=psa.yaml e2e
```
### PSC addresses
```hcl
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psc_addresses = {
one = {
address = "10.0.0.32"
network = var.vpc.self_link
}
}
}
# tftest modules=1 resources=1 inventory=psc.yaml e2e
```
### IPSec Interconnect addresses
```hcl
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
ipsec_interconnect_addresses = {
vpn-gw-range-1 = {
address = "10.255.255.0"
region = var.region
network = var.vpc.self_link
prefix_length = 29
}
vpn-gw-range-2 = {
address = "10.255.255.8"
region = var.region
network = var.vpc.self_link
prefix_length = 29
}
}
}
# tftest modules=1 resources=2 inventory=ipsec-interconnect.yaml e2e
```
### PSC Network Attachments
The project where the network attachment is created must be either the VPC project, or a Shared VPC service project of the host owning the VPC.
```hcl
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
network_attachments = {
gce-0 = {
subnet_self_link = (
"projects/net-host/regions/europe-west8/subnetworks/gce"
)
producer_accept_lists = [var.project_id]
}
}
}
# tftest modules=1 resources=1 inventory=network-attachments.yaml
```
## Variables
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [project_id](variables.tf#L97) | Project where the addresses will be created. | string | ✓ | |
| [external_addresses](variables.tf#L17) | Map of external addresses, keyed by name. | map(object({…})) | | {} |
| [global_addresses](variables.tf#L40) | List of global addresses to create. | map(object({…})) | | {} |
| [internal_addresses](variables.tf#L50) | Map of internal addresses to create, keyed by name. | map(object({…})) | | {} |
| [ipsec_interconnect_addresses](variables.tf#L65) | Map of internal addresses used for HPA VPN over Cloud Interconnect. | map(object({…})) | | {} |
| [network_attachments](variables.tf#L84) | PSC network attachments, names as keys. | map(object({…})) | | {} |
| [psa_addresses](variables.tf#L102) | Map of internal addresses used for Private Service Access. | map(object({…})) | | {} |
| [psc_addresses](variables.tf#L115) | Map of internal addresses used for Private Service Connect. | map(object({…})) | | {} |
## Outputs
| name | description | sensitive |
|---|---|:---:|
| [external_addresses](outputs.tf#L17) | Allocated external addresses. | |
| [global_addresses](outputs.tf#L25) | Allocated global external addresses. | |
| [internal_addresses](outputs.tf#L33) | Allocated internal addresses. | |
| [ipsec_interconnect_addresses](outputs.tf#L41) | Allocated internal addresses for HA VPN over Cloud Interconnect. | |
| [network_attachment_ids](outputs.tf#L49) | IDs of network attachments. | |
| [psa_addresses](outputs.tf#L57) | Allocated internal addresses for PSA endpoints. | |
| [psc_addresses](outputs.tf#L65) | Allocated internal addresses for PSC endpoints. | |
## Fixtures
- [net-vpc-ipv6.tf](../../tests/fixtures/net-vpc-ipv6.tf)