diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1b3826440..13601331d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,8 @@ All notable changes to this project will be documented in this file.
## [Unreleased]
+- add support for Shared VPC to the `project` module
+
## [2.4.2] - 2020-07-09
- add support for Shielded VM to `compute-vm`
diff --git a/modules/project/README.md b/modules/project/README.md
index db182e04e..81000515d 100644
--- a/modules/project/README.md
+++ b/modules/project/README.md
@@ -103,6 +103,7 @@ module "project" {
| *project_create* | Create project. When set to false, uses a data source to reference existing project. | bool | | true |
| *service_config* | Configure service API activation. | object({...}) | | ... |
| *services* | Service APIs to enable. | list(string) | | [] |
+| *shared_vpc_config* | Configure Shared VPC for project. | object({...}) | | ... |
## Outputs
diff --git a/modules/project/main.tf b/modules/project/main.tf
index a92399703..61513db7b 100644
--- a/modules/project/main.tf
+++ b/modules/project/main.tf
@@ -212,3 +212,19 @@ resource "google_project_organization_policy" "list" {
}
}
}
+
+resource "google_compute_shared_vpc_host_project" "shared_vpc_host" {
+ count = try(var.shared_vpc_config.enabled, false) ? 1 : 0
+ project = local.project.project_id
+}
+
+resource "google_compute_shared_vpc_service_project" "service_projects" {
+ for_each = (
+ try(var.shared_vpc_config.enabled, false)
+ ? toset(var.shared_vpc_config.service_projects)
+ : toset([])
+ )
+ host_project = local.project.project_id
+ service_project = each.value
+ depends_on = [google_compute_shared_vpc_host_project.shared_vpc_host]
+}
diff --git a/modules/project/outputs.tf b/modules/project/outputs.tf
index 2edeecafb..0c1bad942 100644
--- a/modules/project/outputs.tf
+++ b/modules/project/outputs.tf
@@ -20,7 +20,8 @@ output "project_id" {
depends_on = [
google_project_organization_policy.boolean,
google_project_organization_policy.list,
- google_project_service.project_services
+ google_project_service.project_services,
+ google_compute_shared_vpc_service_project
]
}
@@ -30,7 +31,8 @@ output "name" {
depends_on = [
google_project_organization_policy.boolean,
google_project_organization_policy.list,
- google_project_service.project_services
+ google_project_service.project_services,
+ google_compute_shared_vpc_service_project
]
}
@@ -40,7 +42,8 @@ output "number" {
depends_on = [
google_project_organization_policy.boolean,
google_project_organization_policy.list,
- google_project_service.project_services
+ google_project_service.project_services,
+ google_compute_shared_vpc_service_project
]
}
diff --git a/modules/project/variables.tf b/modules/project/variables.tf
index 446776209..af470cef4 100644
--- a/modules/project/variables.tf
+++ b/modules/project/variables.tf
@@ -138,3 +138,15 @@ variable "service_config" {
disable_dependent_services = true
}
}
+
+variable "shared_vpc_config" {
+ description = "Configure Shared VPC for project."
+ type = object({
+ enabled = bool
+ service_projects = list(string)
+ })
+ default = {
+ enabled = false
+ service_projects = []
+ }
+}