Looker PSC support (#3724)
* added PSC support * added PSC support * added PSC support * Update README * Add inventory --------- Co-authored-by: Julio Castillo <jccb@google.com>
This commit is contained in:
Antonio Lopez
@@ -19,6 +19,7 @@ is no terraform support for these resources.
|
||||
- [Examples](#examples)
|
||||
- [Simple example](#simple-example)
|
||||
- [Looker Core private instance with PSA](#looker-core-private-instance-with-psa)
|
||||
- [Looker Core with PSC](#looker-core-with-psc)
|
||||
- [Looker Core full example](#looker-core-full-example)
|
||||
- [Variables](#variables)
|
||||
- [Outputs](#outputs)
|
||||
@@ -90,6 +91,29 @@ module "looker" {
|
||||
# tftest modules=3 resources=17 inventory=psa.yaml
|
||||
```
|
||||
|
||||
|
||||
### Looker Core with PSC
|
||||
|
||||
```hcl
|
||||
module "looker" {
|
||||
source = "./fabric/modules/looker-core"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "looker-psc"
|
||||
network_config = {
|
||||
psc_config = {
|
||||
allowed_vpcs = ["projects/test-project/global/networks/test"]
|
||||
}
|
||||
}
|
||||
oauth_config = {
|
||||
client_id = "xxxxxxxxx"
|
||||
client_secret = "xxxxxxxx"
|
||||
}
|
||||
platform_edition = "LOOKER_CORE_ENTERPRISE_ANNUAL"
|
||||
}
|
||||
# tftest inventory=psc.yaml
|
||||
```
|
||||
|
||||
### Looker Core full example
|
||||
|
||||
```hcl
|
||||
@@ -160,23 +184,22 @@ module "looker" {
|
||||
}
|
||||
# tftest modules=4 resources=23 inventory=full.yaml
|
||||
```
|
||||
|
||||
<!-- BEGIN TFDOC -->
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [name](variables.tf#L91) | Name of the looker core instance. | <code>string</code> | ✓ | |
|
||||
| [network_config](variables.tf#L96) | Network configuration for cluster and instance. Only one between psa_config and psc_config can be used. | <code title="object({ psa_config = optional(object({ network = string allocated_ip_range = optional(string) enable_public_ip = optional(bool, false) enable_private_ip = optional(bool, true) })) public = optional(bool, false) })">object({…})</code> | ✓ | |
|
||||
| [oauth_config](variables.tf#L114) | Looker Core Oauth config. Either client ID and secret (existing oauth client) or support email (temporary internal oauth client setup) must be specified. | <code title="object({ client_id = optional(string, null) client_secret = optional(string, null) support_email = optional(string, null) })">object({…})</code> | ✓ | |
|
||||
| [project_id](variables.tf#L147) | The ID of the project where this instances will be created. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L152) | Region for the Looker core instance. | <code>string</code> | ✓ | |
|
||||
| [network_config](variables.tf#L96) | Network configuration for cluster and instance. Only one between psa_config, psc_config and public can be used. | <code title="object({ psa_config = optional(object({ network = string allocated_ip_range = optional(string) enable_public_ip = optional(bool, false) enable_private_ip = optional(bool, true) })) psc_config = optional(object({ allowed_vpcs = optional(list(string), []) })) public = optional(bool, false) })">object({…})</code> | ✓ | |
|
||||
| [oauth_config](variables.tf#L121) | Looker Core Oauth config. Either client ID and secret (existing oauth client) or support email (temporary internal oauth client setup) must be specified. | <code title="object({ client_id = optional(string, null) client_secret = optional(string, null) support_email = optional(string, null) })">object({…})</code> | ✓ | |
|
||||
| [project_id](variables.tf#L154) | The ID of the project where this instances will be created. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L159) | Region for the Looker core instance. | <code>string</code> | ✓ | |
|
||||
| [admin_settings](variables.tf#L17) | Looker Core admins settings. | <code title="object({ allowed_email_domains = list(string) })">object({…})</code> | | <code>null</code> |
|
||||
| [custom_domain](variables.tf#L26) | Looker core instance custom domain. | <code>string</code> | | <code>null</code> |
|
||||
| [encryption_config](variables.tf#L32) | Set encryption configuration. KMS name format: 'projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]'. | <code title="object({ kms_key_name = string })">object({…})</code> | | <code>null</code> |
|
||||
| [maintenance_config](variables.tf#L41) | Set maintenance window configuration and maintenance deny period (up to 90 days). Date format: 'yyyy-mm-dd'. | <code title="object({ maintenance_window = optional(object({ day = optional(string, "SUNDAY") start_time = optional(object({ hours = optional(number, 23) minutes = optional(number, 0) seconds = optional(number, 0) nanos = optional(number, 0) }), {}) }), null) deny_maintenance_period = optional(object({ start_date = object({ year = number month = number day = number }) end_date = object({ year = number month = number day = number }) start_time = optional(object({ hours = optional(number, 23) minutes = optional(number, 0) seconds = optional(number, 0) nanos = optional(number, 0) }), {}) }), null) })">object({…})</code> | | <code>{}</code> |
|
||||
| [platform_edition](variables.tf#L127) | Platform editions for a Looker instance. Each edition maps to a set of instance features, like its size. | <code>string</code> | | <code>"LOOKER_CORE_TRIAL"</code> |
|
||||
| [prefix](variables.tf#L137) | Optional prefix used to generate instance names. | <code>string</code> | | <code>null</code> |
|
||||
| [platform_edition](variables.tf#L134) | Platform editions for a Looker instance. Each edition maps to a set of instance features, like its size. | <code>string</code> | | <code>"LOOKER_CORE_TRIAL"</code> |
|
||||
| [prefix](variables.tf#L144) | Optional prefix used to generate instance names. | <code>string</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
||||
@@ -29,6 +29,7 @@ resource "google_looker_instance" "looker" {
|
||||
platform_edition = var.platform_edition
|
||||
private_ip_enabled = try(var.network_config.psa_config.enable_private_ip, null)
|
||||
public_ip_enabled = coalesce(var.network_config.public, false) || try(var.network_config.psa_config.enable_public_ip, false)
|
||||
psc_enabled = var.network_config.psc_config != null
|
||||
region = var.region
|
||||
reserved_range = try(var.network_config.psa_config.allocated_ip_range, null)
|
||||
|
||||
@@ -37,6 +38,13 @@ resource "google_looker_instance" "looker" {
|
||||
client_secret = local.oauth_client_secret
|
||||
}
|
||||
|
||||
dynamic "psc_config" {
|
||||
for_each = var.network_config.psc_config != null ? [""] : []
|
||||
content {
|
||||
allowed_vpcs = var.network_config.psc_config.allowed_vpcs
|
||||
}
|
||||
}
|
||||
|
||||
dynamic "admin_settings" {
|
||||
for_each = var.admin_settings != null ? [""] : []
|
||||
content {
|
||||
|
||||
@@ -94,7 +94,7 @@ variable "name" {
|
||||
}
|
||||
|
||||
variable "network_config" {
|
||||
description = "Network configuration for cluster and instance. Only one between psa_config and psc_config can be used."
|
||||
description = "Network configuration for cluster and instance. Only one between psa_config, psc_config and public can be used."
|
||||
type = object({
|
||||
psa_config = optional(object({
|
||||
network = string
|
||||
@@ -102,12 +102,19 @@ variable "network_config" {
|
||||
enable_public_ip = optional(bool, false)
|
||||
enable_private_ip = optional(bool, true)
|
||||
}))
|
||||
psc_config = optional(object({
|
||||
allowed_vpcs = optional(list(string), [])
|
||||
}))
|
||||
public = optional(bool, false)
|
||||
})
|
||||
nullable = false
|
||||
validation {
|
||||
condition = (coalesce(var.network_config.public, false)) == (var.network_config.psa_config == null)
|
||||
error_message = "Please specify either psa_config or public to true."
|
||||
condition = (
|
||||
(coalesce(var.network_config.public, false) ? 1 : 0) +
|
||||
(var.network_config.psa_config != null ? 1 : 0) +
|
||||
(var.network_config.psc_config != null ? 1 : 0)
|
||||
) == 1
|
||||
error_message = "Please specify exactly one of psa_config, psc_config or public."
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user