Add shielded_instance_config support for compute instance template

2022-04-23 08:45:04 +02:00
parent f8b675b65d
commit 189ee7ae1a
2 changed files with 11 additions and 0 deletions
--- a/modules/compute-vm/main.tf
+++ b/modules/compute-vm/main.tf
@@ -348,6 +348,16 @@ resource "google_compute_instance_template" "default" {
    scopes = local.service_account_scopes
  }

+  dynamic "shielded_instance_config" {
+    for_each = var.shielded_config != null ? [var.shielded_config] : []
+    iterator = config
+    content {
+      enable_secure_boot          = config.value.enable_secure_boot
+      enable_vtpm                 = config.value.enable_vtpm
+      enable_integrity_monitoring = config.value.enable_integrity_monitoring
+    }
+  }
+
  lifecycle {
    create_before_destroy = true
  }