From 67d03fd07c13045ddfa9f84b0594db1fd5cb4607 Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Thu, 9 Jul 2020 15:15:14 +0200 Subject: [PATCH] support Shared VPC in project module (#112) --- CHANGELOG.md | 2 ++ modules/project/README.md | 1 + modules/project/main.tf | 16 ++++++++++++++++ modules/project/outputs.tf | 9 ++++++--- modules/project/variables.tf | 12 ++++++++++++ 5 files changed, 37 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1b3826440..13601331d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,8 @@ All notable changes to this project will be documented in this file. ## [Unreleased] +- add support for Shared VPC to the `project` module + ## [2.4.2] - 2020-07-09 - add support for Shielded VM to `compute-vm` diff --git a/modules/project/README.md b/modules/project/README.md index db182e04e..81000515d 100644 --- a/modules/project/README.md +++ b/modules/project/README.md @@ -103,6 +103,7 @@ module "project" { | *project_create* | Create project. When set to false, uses a data source to reference existing project. | bool | | true | | *service_config* | Configure service API activation. | object({...}) | | ... | | *services* | Service APIs to enable. | list(string) | | [] | +| *shared_vpc_config* | Configure Shared VPC for project. | object({...}) | | ... | ## Outputs diff --git a/modules/project/main.tf b/modules/project/main.tf index a92399703..61513db7b 100644 --- a/modules/project/main.tf +++ b/modules/project/main.tf @@ -212,3 +212,19 @@ resource "google_project_organization_policy" "list" { } } } + +resource "google_compute_shared_vpc_host_project" "shared_vpc_host" { + count = try(var.shared_vpc_config.enabled, false) ? 1 : 0 + project = local.project.project_id +} + +resource "google_compute_shared_vpc_service_project" "service_projects" { + for_each = ( + try(var.shared_vpc_config.enabled, false) + ? toset(var.shared_vpc_config.service_projects) + : toset([]) + ) + host_project = local.project.project_id + service_project = each.value + depends_on = [google_compute_shared_vpc_host_project.shared_vpc_host] +} diff --git a/modules/project/outputs.tf b/modules/project/outputs.tf index 2edeecafb..0c1bad942 100644 --- a/modules/project/outputs.tf +++ b/modules/project/outputs.tf @@ -20,7 +20,8 @@ output "project_id" { depends_on = [ google_project_organization_policy.boolean, google_project_organization_policy.list, - google_project_service.project_services + google_project_service.project_services, + google_compute_shared_vpc_service_project ] } @@ -30,7 +31,8 @@ output "name" { depends_on = [ google_project_organization_policy.boolean, google_project_organization_policy.list, - google_project_service.project_services + google_project_service.project_services, + google_compute_shared_vpc_service_project ] } @@ -40,7 +42,8 @@ output "number" { depends_on = [ google_project_organization_policy.boolean, google_project_organization_policy.list, - google_project_service.project_services + google_project_service.project_services, + google_compute_shared_vpc_service_project ] } diff --git a/modules/project/variables.tf b/modules/project/variables.tf index 446776209..af470cef4 100644 --- a/modules/project/variables.tf +++ b/modules/project/variables.tf @@ -138,3 +138,15 @@ variable "service_config" { disable_dependent_services = true } } + +variable "shared_vpc_config" { + description = "Configure Shared VPC for project." + type = object({ + enabled = bool + service_projects = list(string) + }) + default = { + enabled = false + service_projects = [] + } +}