Merge pull request #1559 from apichick/net-address-ipsec-interconnect
Added IPSEC_INTERCONNECT addresses to net-address module
This commit is contained in:
apichick
@@ -77,18 +77,42 @@ module "addresses" {
|
||||
}
|
||||
# tftest modules=1 resources=2 inventory=psc.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
# IPSec Interconnect addresses
|
||||
|
||||
```hcl
|
||||
module "addresses" {
|
||||
source = "./fabric/modules/net-address"
|
||||
project_id = var.project_id
|
||||
ipsec_interconnect_addresses = {
|
||||
vpn-gw-range-1 = {
|
||||
address = "10.255.255.0"
|
||||
region = var.region
|
||||
network = var.vpc.self_link
|
||||
prefix_length = 29
|
||||
}
|
||||
vpn-gw-range-2 = {
|
||||
address = "10.255.255.8"
|
||||
region = var.region
|
||||
network = var.vpc.self_link
|
||||
prefix_length = 29
|
||||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2 inventory=ipsec-interconnect.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [project_id](variables.tf#L55) | Project where the addresses will be created. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L67) | Project where the addresses will be created. | <code>string</code> | ✓ | |
|
||||
| [external_addresses](variables.tf#L17) | Map of external address regions, keyed by name. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [global_addresses](variables.tf#L29) | List of global addresses to create. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [internal_addresses](variables.tf#L35) | Map of internal addresses to create, keyed by name. | <code title="map(object({ region = string subnetwork = string address = optional(string) description = optional(string, "Terraform managed.") labels = optional(map(string)) purpose = optional(string) tier = optional(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [psa_addresses](variables.tf#L60) | Map of internal addresses used for Private Service Access. | <code title="map(object({ address = string network = string description = optional(string, "Terraform managed.") prefix_length = number }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [psc_addresses](variables.tf#L71) | Map of internal addresses used for Private Service Connect. | <code title="map(object({ address = string network = string description = optional(string, "Terraform managed.") }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [ipsec_interconnect_addresses](variables.tf#L49) | Map of internal addresses used for HPA VPN over Cloud Interconnect. | <code title="map(object({ region = string address = string network = string description = optional(string, "Terraform managed.") prefix_length = number }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [psa_addresses](variables.tf#L72) | Map of internal addresses used for Private Service Access. | <code title="map(object({ address = string network = string description = optional(string, "Terraform managed.") prefix_length = number }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [psc_addresses](variables.tf#L83) | Map of internal addresses used for Private Service Connect. | <code title="map(object({ address = string network = string description = optional(string, "Terraform managed.") }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
@@ -97,7 +121,7 @@ module "addresses" {
|
||||
| [external_addresses](outputs.tf#L17) | Allocated external addresses. | |
|
||||
| [global_addresses](outputs.tf#L25) | Allocated global external addresses. | |
|
||||
| [internal_addresses](outputs.tf#L33) | Allocated internal addresses. | |
|
||||
| [psa_addresses](outputs.tf#L41) | Allocated internal addresses for PSA endpoints. | |
|
||||
| [psc_addresses](outputs.tf#L49) | Allocated internal addresses for PSC endpoints. | |
|
||||
|
||||
| [ipsec_interconnect_addresses](outputs.tf#L41) | Allocated internal addresses for HA VPN over Cloud Interconnect. | |
|
||||
| [psa_addresses](outputs.tf#L49) | Allocated internal addresses for PSA endpoints. | |
|
||||
| [psc_addresses](outputs.tf#L57) | Allocated internal addresses for PSC endpoints. | |
|
||||
<!-- END TFDOC -->
|
||||
|
||||
@@ -69,3 +69,16 @@ resource "google_compute_global_address" "psa" {
|
||||
purpose = "VPC_PEERING"
|
||||
# labels = lookup(var.internal_address_labels, each.key, {})
|
||||
}
|
||||
|
||||
resource "google_compute_address" "ipsec_interconnect" {
|
||||
for_each = var.ipsec_interconnect_addresses
|
||||
project = var.project_id
|
||||
name = each.key
|
||||
description = each.value.description
|
||||
address = each.value.address
|
||||
address_type = "INTERNAL"
|
||||
region = each.value.region
|
||||
network = each.value.network
|
||||
prefix_length = each.value.prefix_length
|
||||
purpose = "IPSEC_INTERCONNECT"
|
||||
}
|
||||
|
||||
@@ -38,6 +38,14 @@ output "internal_addresses" {
|
||||
}
|
||||
}
|
||||
|
||||
output "ipsec_interconnect_addresses" {
|
||||
description = "Allocated internal addresses for HA VPN over Cloud Interconnect."
|
||||
value = {
|
||||
for address in google_compute_address.ipsec_interconnect :
|
||||
address.name => address
|
||||
}
|
||||
}
|
||||
|
||||
output "psa_addresses" {
|
||||
description = "Allocated internal addresses for PSA endpoints."
|
||||
value = {
|
||||
@@ -52,4 +60,4 @@ output "psc_addresses" {
|
||||
for address in google_compute_global_address.psc :
|
||||
address.name => address
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -46,6 +46,18 @@ variable "internal_addresses" {
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "ipsec_interconnect_addresses" {
|
||||
description = "Map of internal addresses used for HPA VPN over Cloud Interconnect."
|
||||
type = map(object({
|
||||
region = string
|
||||
address = string
|
||||
network = string
|
||||
description = optional(string, "Terraform managed.")
|
||||
prefix_length = number
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
# variable "internal_address_labels" {
|
||||
# description = "Optional labels for internal addresses, keyed by address name."
|
||||
# type = map(map(string))
|
||||
@@ -76,4 +88,4 @@ variable "psc_addresses" {
|
||||
description = optional(string, "Terraform managed.")
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
}
|
||||
36
tests/modules/net_address/examples/ipsec-interconnect.yaml
Normal file
36
tests/modules/net_address/examples/ipsec-interconnect.yaml
Normal file
@@ -0,0 +1,36 @@
|
||||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.addresses.google_compute_address.ipsec_interconnect["vpn-gw-range-1"]:
|
||||
address: 10.255.255.0
|
||||
address_type: INTERNAL
|
||||
name: vpn-gw-range-1
|
||||
network: projects/xxx/global/networks/aaa
|
||||
prefix_length: 29
|
||||
project: project-id
|
||||
purpose: IPSEC_INTERCONNECT
|
||||
region: region
|
||||
module.addresses.google_compute_address.ipsec_interconnect["vpn-gw-range-2"]:
|
||||
address: 10.255.255.8
|
||||
address_type: INTERNAL
|
||||
name: vpn-gw-range-2
|
||||
network: projects/xxx/global/networks/aaa
|
||||
prefix_length: 29
|
||||
project: project-id
|
||||
purpose: IPSEC_INTERCONNECT
|
||||
region: region
|
||||
|
||||
counts:
|
||||
google_compute_address: 2
|
||||
Reference in New Issue
Block a user