diff --git a/blueprints/apigee/apigee-x-foundations/northbound.tf b/blueprints/apigee/apigee-x-foundations/northbound.tf
index 5724542fb..25e39e54d 100644
--- a/blueprints/apigee/apigee-x-foundations/northbound.tf
+++ b/blueprints/apigee/apigee-x-foundations/northbound.tf
@@ -57,12 +57,16 @@ resource "google_compute_region_network_endpoint_group" "psc_negs" {
}
module "ext_lb" {
- count = length(local.ext_instances) > 0 ? 1 : 0
- source = "../../../modules/net-lb-app-ext"
- name = "ext-lb"
- project_id = module.project.project_id
- protocol = "HTTPS"
- address = var.ext_lb_config.address
+ count = length(local.ext_instances) > 0 ? 1 : 0
+ source = "../../../modules/net-lb-app-ext"
+ name = "ext-lb"
+ project_id = module.project.project_id
+ protocol = "HTTPS"
+ forwarding_rules_config = {
+ "" = {
+ address = var.ext_lb_config.address
+ }
+ }
use_classic_version = false
backend_service_configs = {
default = {
diff --git a/blueprints/serverless/cloud-run-explore/main.tf b/blueprints/serverless/cloud-run-explore/main.tf
index 579f75b4c..c32923f86 100644
--- a/blueprints/serverless/cloud-run-explore/main.tf
+++ b/blueprints/serverless/cloud-run-explore/main.tf
@@ -71,7 +71,11 @@ module "glb" {
count = local.gclb_create ? 1 : 0
project_id = module.project.project_id
name = "glb"
- address = google_compute_global_address.default[0].address
+ forwarding_rules_config = {
+ "" = {
+ address = google_compute_global_address.default[0].address
+ }
+ }
backend_service_configs = {
default = {
backends = [
diff --git a/blueprints/serverless/cloud-run-explore/outputs.tf b/blueprints/serverless/cloud-run-explore/outputs.tf
index 2005b13d8..553cdc821 100644
--- a/blueprints/serverless/cloud-run-explore/outputs.tf
+++ b/blueprints/serverless/cloud-run-explore/outputs.tf
@@ -18,7 +18,7 @@
# SSL certificate but it is not exported as output
output "custom_domain" {
description = "Custom domain for the Load Balancer."
- value = local.gclb_create ? var.custom_domain : "none"
+ value = try(var.custom_domain, null)
}
output "default_URL" {
@@ -28,5 +28,5 @@ output "default_URL" {
output "load_balancer_ip" {
description = "LB IP that forwards to Cloud Run service."
- value = local.gclb_create ? module.glb[0].address : "none"
+ value = try(module.glb[0].address, null)
}
diff --git a/blueprints/third-party-solutions/phpipam/glb.tf b/blueprints/third-party-solutions/phpipam/glb.tf
index 36177c515..03daeeecb 100644
--- a/blueprints/third-party-solutions/phpipam/glb.tf
+++ b/blueprints/third-party-solutions/phpipam/glb.tf
@@ -30,11 +30,15 @@ module "addresses" {
}
module "glb-redirect" {
- source = "../../../modules/net-lb-app-ext"
- count = local.glb_create ? 1 : 0
- project_id = module.project.project_id
- name = "phpipam-glb-redirect"
- address = module.addresses[0].global_addresses["phpipam"].address
+ source = "../../../modules/net-lb-app-ext"
+ count = local.glb_create ? 1 : 0
+ project_id = module.project.project_id
+ name = "phpipam-glb-redirect"
+ forwarding_rules_config = {
+ "" = {
+ address = module.addresses[0].global_addresses["phpipam"].address
+ }
+ }
health_check_configs = {}
urlmap_config = {
description = "URL redirect for phpipam glb."
@@ -51,8 +55,12 @@ module "glb" {
count = local.glb_create ? 1 : 0
project_id = module.project.project_id
name = "phpipam-glb"
- address = module.addresses[0].global_addresses["phpipam"].address
- protocol = "HTTPS"
+ forwarding_rules_config = {
+ "" = {
+ address = module.addresses[0].global_addresses["phpipam"].address
+ }
+ }
+ protocol = "HTTPS"
backend_service_configs = {
default = {
diff --git a/modules/net-lb-app-ext-regional/README.md b/modules/net-lb-app-ext-regional/README.md
index c3be9aecb..22413657c 100644
--- a/modules/net-lb-app-ext-regional/README.md
+++ b/modules/net-lb-app-ext-regional/README.md
@@ -752,9 +752,9 @@ For deploying changes to load balancer configuration please refer to [net-lb-app
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [name](variables.tf#L59) | Load balancer name. | string | ✓ | |
-| [project_id](variables.tf#L151) | Project id. | string | ✓ | |
-| [region](variables.tf#L169) | Region where the load balancer is created. | string | ✓ | |
-| [vpc](variables.tf#L188) | VPC-level configuration. | string | ✓ | |
+| [project_id](variables.tf#L158) | Project id. | string | ✓ | |
+| [region](variables.tf#L176) | Region where the load balancer is created. | string | ✓ | |
+| [vpc](variables.tf#L195) | VPC-level configuration. | string | ✓ | |
| [address](variables.tf#L17) | Optional IP address used for the forwarding rule. | string | | null |
| [backend_service_configs](variables-backend-service.tf#L19) | Backend service level configuration. | map(object({…})) | | {} |
| [description](variables.tf#L23) | Optional description used for resources. | string | | "Terraform managed." |
@@ -763,9 +763,10 @@ For deploying changes to load balancer configuration please refer to [net-lb-app
| [https_proxy_config](variables.tf#L41) | HTTPS proxy connfiguration. | object({…}) | | {} |
| [labels](variables.tf#L53) | Labels set on resources. | map(string) | | {} |
| [neg_configs](variables.tf#L64) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
-| [ports](variables.tf#L145) | Optional ports for HTTP load balancer, valid ports are 80 and 8080. | list(string) | | null |
-| [protocol](variables.tf#L156) | Protocol supported by this load balancer. | string | | "HTTP" |
-| [ssl_certificates](variables.tf#L174) | SSL target proxy certificates (only if protocol is HTTPS) for existing, custom, and managed certificates. | object({…}) | | {} |
+| [network_tier_standard](variables.tf#L145) | Use standard network tier. | bool | | true |
+| [ports](variables.tf#L152) | Optional ports for HTTP load balancer, valid ports are 80 and 8080. | list(string) | | null |
+| [protocol](variables.tf#L163) | Protocol supported by this load balancer. | string | | "HTTP" |
+| [ssl_certificates](variables.tf#L181) | SSL target proxy certificates (only if protocol is HTTPS) for existing, custom, and managed certificates. | object({…}) | | {} |
| [urlmap_config](variables-urlmap.tf#L19) | The URL map configuration. | object({…}) | | {…} |
## Outputs
diff --git a/modules/net-lb-app-ext-regional/backend-service.tf b/modules/net-lb-app-ext-regional/backend-service.tf
index 3ebc15064..d1a78bba6 100644
--- a/modules/net-lb-app-ext-regional/backend-service.tf
+++ b/modules/net-lb-app-ext-regional/backend-service.tf
@@ -36,9 +36,6 @@ locals {
}
}
-# TODO(jccb): add security_policy block
-# TODO(jccb): add connection_tracking_policy block
-
resource "google_compute_region_backend_service" "default" {
provider = google-beta
for_each = var.backend_service_configs
@@ -56,10 +53,8 @@ resource "google_compute_region_backend_service" "default" {
health_checks = length(each.value.health_checks) == 0 ? null : [
for k in each.value.health_checks : lookup(local.hc_ids, k, k)
]
- # external regional load balancer is always EXTERNAL_MANAGER.
- # TODO(jccb): double check if this is true
+ # external regional load balancer is always EXTERNAL_MANAGED.
load_balancing_scheme = "EXTERNAL_MANAGED"
- #TODO(jccb): add locality_lb_policy with MAGLEV and WEIGHTED_MAGLEV when scheme EXTERNAL
port_name = (
each.value.port_name == null
? lower(each.value.protocol == null ? var.protocol : each.value.protocol)
@@ -68,6 +63,7 @@ resource "google_compute_region_backend_service" "default" {
protocol = (
each.value.protocol == null ? var.protocol : each.value.protocol
)
+ security_policy = each.value.security_policy
session_affinity = each.value.session_affinity
timeout_sec = each.value.timeout_sec
diff --git a/modules/net-lb-app-ext-regional/main.tf b/modules/net-lb-app-ext-regional/main.tf
index 7868a8076..c009c4c2c 100644
--- a/modules/net-lb-app-ext-regional/main.tf
+++ b/modules/net-lb-app-ext-regional/main.tf
@@ -30,26 +30,21 @@ locals {
}
resource "google_compute_forwarding_rule" "default" {
- provider = google-beta
- project = var.project_id
- name = var.name
- region = var.region
- description = var.description
- ip_address = var.address
- ip_protocol = "TCP"
- # external regional load balancer is always EXTERNAL_MANAGER.
- # TODO(jccb): double check if this is true
+ provider = google-beta
+ project = var.project_id
+ name = var.name
+ region = var.region
+ description = var.description
+ ip_address = var.address
+ ip_protocol = "TCP"
load_balancing_scheme = "EXTERNAL_MANAGED"
port_range = join(",", local.fwd_rule_ports)
labels = var.labels
target = local.fwd_rule_target
network = var.vpc
- # external regional app lb only supports standard tier
- network_tier = "STANDARD"
+ network_tier = var.network_tier_standard ? "STANDARD" : "PREMIUM"
}
-# certificates
-
resource "google_compute_region_ssl_certificate" "default" {
for_each = var.ssl_certificates.create_configs
project = var.project_id
@@ -62,8 +57,6 @@ resource "google_compute_region_ssl_certificate" "default" {
}
}
-# proxies
-
resource "google_compute_region_target_http_proxy" "default" {
count = var.protocol == "HTTPS" ? 0 : 1
project = var.project_id
diff --git a/modules/net-lb-app-ext-regional/variables.tf b/modules/net-lb-app-ext-regional/variables.tf
index fc9527468..c3215801d 100644
--- a/modules/net-lb-app-ext-regional/variables.tf
+++ b/modules/net-lb-app-ext-regional/variables.tf
@@ -142,6 +142,13 @@ variable "neg_configs" {
}
}
+variable "network_tier_standard" {
+ description = "Use standard network tier."
+ type = bool
+ nullable = false
+ default = true
+}
+
variable "ports" {
description = "Optional ports for HTTP load balancer, valid ports are 80 and 8080."
type = list(string)
diff --git a/modules/net-lb-app-ext/README.md b/modules/net-lb-app-ext/README.md
index 83872dc34..c4158bfde 100644
--- a/modules/net-lb-app-ext/README.md
+++ b/modules/net-lb-app-ext/README.md
@@ -145,9 +145,13 @@ module "glb-test-0-redirect" {
source = "./fabric/modules/net-lb-app-ext"
project_id = var.project_id
name = "glb-test-0-redirect"
- address = (
- module.addresses.global_addresses["glb-test-0"].address
- )
+ forwarding_rules_config = {
+ "" = {
+ address = (
+ module.addresses.global_addresses["glb-test-0"].address
+ )
+ }
+ }
health_check_configs = {}
urlmap_config = {
description = "URL redirect for glb-test-0."
@@ -163,9 +167,13 @@ module "glb-test-0" {
project_id = var.project_id
name = "glb-test-0"
use_classic_version = false
- address = (
- module.addresses.global_addresses["glb-test-0"].address
- )
+ forwarding_rules_config = {
+ "" = {
+ address = (
+ module.addresses.global_addresses["glb-test-0"].address
+ )
+ }
+ }
backend_service_configs = {
default = {
backends = [
@@ -625,6 +633,7 @@ module "glb-0" {
}
# tftest modules=1 resources=6 inventory=https-sneg.yaml e2e
```
+
#### Cross Project Backend
The module supports Cross Project Backends. This is an example of a referencing to a Backend in another project:
@@ -885,6 +894,7 @@ module "glb-0" {
```
## Deploying changes to load balancer configurations
+
Load balancers consists of many resources depending on each other. The [Global external Application Load Balancer architecture for serverless apps diagram](https://cloud.google.com/load-balancing/docs/application-load-balancer#global-external) shows the structure of a Global external Application Load Balancer, but others are similar.
@@ -893,11 +903,11 @@ To prevent disruption to the traffic, any change to the configuration of the loa
The following changes result in resource replacements:
-* changing name, project, network, subnetwork, region, zone
-* (Backend service) changing of the load balancing scheme
-* (Forwarding rule) almost any change
-* (SSL certificate) changing of the key/certificate for un-managed and list of domains for managed SSL certificates
-* (Network Endpoint Groups) almost any change
+- changing name, project, network, subnetwork, region, zone
+- (Backend service) changing of the load balancing scheme
+- (Forwarding rule) almost any change
+- (SSL certificate) changing of the key/certificate for un-managed and list of domains for managed SSL certificates
+- (Network Endpoint Groups) almost any change
### Changing the Network Endpoint Group
@@ -1046,38 +1056,37 @@ After provisioning this change, and verifying that the new certificate is provis
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [name](variables.tf#L93) | Load balancer name. | string | ✓ | |
-| [project_id](variables.tf#L195) | Project id. | string | ✓ | |
-| [address](variables.tf#L17) | Optional IP address used for the forwarding rule. | string | | null |
-| [backend_buckets_config](variables.tf#L23) | Backend buckets configuration. | map(object({…})) | | {} |
+| [name](variables.tf#L112) | Load balancer name. | string | ✓ | |
+| [project_id](variables.tf#L208) | Project id. | string | ✓ | |
+| [backend_buckets_config](variables.tf#L17) | Backend buckets configuration. | map(object({…})) | | {} |
| [backend_service_configs](variables-backend-service.tf#L19) | Backend service level configuration. | map(object({…})) })) | | {} |
-| [description](variables.tf#L56) | Optional description used for resources. | string | | "Terraform managed." |
-| [group_configs](variables.tf#L62) | Optional unmanaged groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
+| [description](variables.tf#L50) | Optional description used for resources. | string | | "Terraform managed." |
+| [forwarding_rules_config](variables.tf#L56) | The optional forwarding rules configuration. | map(object({…})) | | {…} |
+| [group_configs](variables.tf#L81) | Optional unmanaged groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
| [health_check_configs](variables-health-check.tf#L19) | Optional auto-created health check configurations, use the output self-link to set it in the auto healing policy. Refer to examples for usage. | map(object({…})) | | {…} |
-| [https_proxy_config](variables.tf#L74) | HTTPS proxy connfiguration. | object({…}) | | {} |
-| [labels](variables.tf#L87) | Labels set on resources. | map(string) | | {} |
-| [neg_configs](variables.tf#L98) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
-| [ports](variables.tf#L189) | Optional ports for HTTP load balancer, valid ports are 80 and 8080. | list(string) | | null |
-| [protocol](variables.tf#L200) | Protocol supported by this load balancer. | string | | "HTTP" |
-| [ssl_certificates](variables.tf#L213) | SSL target proxy certificates (only if protocol is HTTPS) for existing, custom, and managed certificates. | object({…}) | | {} |
+| [https_proxy_config](variables.tf#L93) | HTTPS proxy connfiguration. | object({…}) | | {} |
+| [labels](variables.tf#L106) | Labels set on resources. | map(string) | | {} |
+| [neg_configs](variables.tf#L117) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
+| [protocol](variables.tf#L213) | Protocol supported by this load balancer. | string | | "HTTP" |
+| [ssl_certificates](variables.tf#L226) | SSL target proxy certificates (only if protocol is HTTPS) for existing, custom, and managed certificates. | object({…}) | | {} |
| [urlmap_config](variables-urlmap.tf#L19) | The URL map configuration. | object({…}) | | {…} |
-| [use_classic_version](variables.tf#L230) | Use classic Global Load Balancer. | bool | | true |
+| [use_classic_version](variables.tf#L243) | Use classic Global Load Balancer. | bool | | true |
## Outputs
| name | description | sensitive |
|---|---|:---:|
-| [address](outputs.tf#L17) | Forwarding rule address. | |
-| [backend_service_ids](outputs.tf#L22) | Backend service resources. | |
-| [backend_service_names](outputs.tf#L29) | Backend service resource names. | |
-| [forwarding_rule](outputs.tf#L36) | Forwarding rule resource. | |
-| [global_neg_ids](outputs.tf#L41) | Autogenerated global network endpoint group ids. | |
-| [group_ids](outputs.tf#L48) | Autogenerated instance group ids. | |
-| [health_check_ids](outputs.tf#L55) | Autogenerated health check ids. | |
-| [id](outputs.tf#L62) | Fully qualified forwarding rule id. | |
-| [neg_ids](outputs.tf#L67) | Autogenerated network endpoint group ids. | |
-| [psc_neg_ids](outputs.tf#L74) | Autogenerated PSC network endpoint group ids. | |
-| [serverless_neg_ids](outputs.tf#L81) | Autogenerated serverless network endpoint group ids. | |
+| [address](outputs.tf#L17) | Forwarding rule addresses. | |
+| [backend_service_ids](outputs.tf#L25) | Backend service resources. | |
+| [backend_service_names](outputs.tf#L32) | Backend service resource names. | |
+| [forwarding_rules](outputs.tf#L39) | Forwarding rule resource. | |
+| [global_neg_ids](outputs.tf#L44) | Autogenerated global network endpoint group ids. | |
+| [group_ids](outputs.tf#L51) | Autogenerated instance group ids. | |
+| [health_check_ids](outputs.tf#L58) | Autogenerated health check ids. | |
+| [ids](outputs.tf#L65) | Fully qualified forwarding rule ids. | |
+| [neg_ids](outputs.tf#L72) | Autogenerated network endpoint group ids. | |
+| [psc_neg_ids](outputs.tf#L79) | Autogenerated PSC network endpoint group ids. | |
+| [serverless_neg_ids](outputs.tf#L86) | Autogenerated serverless network endpoint group ids. | |
## Fixtures
diff --git a/modules/net-lb-app-ext/main.tf b/modules/net-lb-app-ext/main.tf
index f385dc840..183a63df5 100644
--- a/modules/net-lb-app-ext/main.tf
+++ b/modules/net-lb-app-ext/main.tf
@@ -15,9 +15,10 @@
*/
locals {
- fwd_rule_ports = (
- var.protocol == "HTTPS" ? [443] : coalesce(var.ports, [80])
- )
+ fwd_rule_names = {
+ for k, v in var.forwarding_rules_config :
+ k => k == "" ? var.name : "${var.name}-${k}"
+ }
fwd_rule_target = (
var.protocol == "HTTPS"
? google_compute_target_https_proxy.default[0].id
@@ -30,19 +31,33 @@ locals {
)
}
+moved {
+ from = google_compute_global_forwarding_rule.default
+ to = google_compute_global_forwarding_rule.default[""]
+}
+
+moved {
+ from = google_compute_global_forwarding_rule.default
+ to = google_compute_global_forwarding_rule.default[""]
+}
+
resource "google_compute_global_forwarding_rule" "default" {
provider = google-beta
+ for_each = var.forwarding_rules_config
project = var.project_id
- name = var.name
- description = var.description
- ip_address = var.address
+ name = coalesce(each.value.name, local.fwd_rule_names[each.key])
+ description = coalesce(each.value.description, var.description)
+ ip_address = each.value.address
ip_protocol = "TCP"
+ ip_version = each.value.ipv6 == true ? "IPV6" : "IPV4"
load_balancing_scheme = (
var.use_classic_version ? "EXTERNAL" : "EXTERNAL_MANAGED"
)
- port_range = join(",", local.fwd_rule_ports)
- labels = var.labels
- target = local.fwd_rule_target
+ port_range = join(",", (
+ var.protocol == "HTTPS" ? [443] : coalesce(each.value.ports, [80])
+ ))
+ labels = var.labels
+ target = local.fwd_rule_target
}
# certificates
diff --git a/modules/net-lb-app-ext/outputs.tf b/modules/net-lb-app-ext/outputs.tf
index 92aa1354b..9739a08ed 100644
--- a/modules/net-lb-app-ext/outputs.tf
+++ b/modules/net-lb-app-ext/outputs.tf
@@ -15,8 +15,11 @@
*/
output "address" {
- description = "Forwarding rule address."
- value = google_compute_global_forwarding_rule.default.ip_address
+ description = "Forwarding rule addresses."
+ value = {
+ for k, v in google_compute_global_forwarding_rule.default :
+ k => v.ip_address
+ }
}
output "backend_service_ids" {
@@ -33,7 +36,7 @@ output "backend_service_names" {
}
}
-output "forwarding_rule" {
+output "forwarding_rules" {
description = "Forwarding rule resource."
value = google_compute_global_forwarding_rule.default
}
@@ -59,9 +62,11 @@ output "health_check_ids" {
}
}
-output "id" {
- description = "Fully qualified forwarding rule id."
- value = google_compute_global_forwarding_rule.default.id
+output "ids" {
+ description = "Fully qualified forwarding rule ids."
+ value = {
+ for k, v in google_compute_global_forwarding_rule.default : k => v.id
+ }
}
output "neg_ids" {
diff --git a/modules/net-lb-app-ext/variables.tf b/modules/net-lb-app-ext/variables.tf
index a7528881d..f4717fd00 100644
--- a/modules/net-lb-app-ext/variables.tf
+++ b/modules/net-lb-app-ext/variables.tf
@@ -14,12 +14,6 @@
* limitations under the License.
*/
-variable "address" {
- description = "Optional IP address used for the forwarding rule."
- type = string
- default = null
-}
-
variable "backend_buckets_config" {
description = "Backend buckets configuration."
type = map(object({
@@ -59,6 +53,31 @@ variable "description" {
default = "Terraform managed."
}
+variable "forwarding_rules_config" {
+ description = "The optional forwarding rules configuration."
+ type = map(object({
+ address = optional(string)
+ description = optional(string)
+ ipv6 = optional(bool, false)
+ name = optional(string)
+ ports = optional(list(number), null)
+ }))
+ default = {
+ "" = {}
+ }
+ validation {
+ condition = alltrue([
+ for k, v in var.forwarding_rules_config :
+ v.ports == null || (
+ var.protocol == "HTTPS" && alltrue([
+ for p in coalesce(v.ports, []) : contains([80, 8080], p)
+ ])
+ )
+ ])
+ error_message = "Ports can only be configured when using HTTP. Valid HTTP ports are 80 and 8080."
+ }
+}
+
variable "group_configs" {
description = "Optional unmanaged groups to create. Can be referenced in backends via key or outputs."
type = map(object({
@@ -186,12 +205,6 @@ variable "neg_configs" {
}
}
-variable "ports" {
- description = "Optional ports for HTTP load balancer, valid ports are 80 and 8080."
- type = list(string)
- default = null
-}
-
variable "project_id" {
description = "Project id."
type = string
diff --git a/tests/modules/net_lb_app_ext/examples/classic-vs-non-classic.yaml b/tests/modules/net_lb_app_ext/examples/classic-vs-non-classic.yaml
index 738f59057..6029352c0 100644
--- a/tests/modules/net_lb_app_ext/examples/classic-vs-non-classic.yaml
+++ b/tests/modules/net_lb_app_ext/examples/classic-vs-non-classic.yaml
@@ -35,11 +35,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL_MANAGED
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/complex-example.yaml b/tests/modules/net_lb_app_ext/examples/complex-example.yaml
index 9c32ede3e..e19e9e8b4 100644
--- a/tests/modules/net_lb_app_ext/examples/complex-example.yaml
+++ b/tests/modules/net_lb_app_ext/examples/complex-example.yaml
@@ -106,11 +106,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/health-check-1.yaml b/tests/modules/net_lb_app_ext/examples/health-check-1.yaml
index 5bf1b0637..e8d0bb4d7 100644
--- a/tests/modules/net_lb_app_ext/examples/health-check-1.yaml
+++ b/tests/modules/net_lb_app_ext/examples/health-check-1.yaml
@@ -35,11 +35,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/health-check-2.yaml b/tests/modules/net_lb_app_ext/examples/health-check-2.yaml
index 9c36b3122..8133ec902 100644
--- a/tests/modules/net_lb_app_ext/examples/health-check-2.yaml
+++ b/tests/modules/net_lb_app_ext/examples/health-check-2.yaml
@@ -37,11 +37,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/http-backends.yaml b/tests/modules/net_lb_app_ext/examples/http-backends.yaml
index 404bb0790..e55d654e7 100644
--- a/tests/modules/net_lb_app_ext/examples/http-backends.yaml
+++ b/tests/modules/net_lb_app_ext/examples/http-backends.yaml
@@ -35,11 +35,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/http-https-redirect.yaml b/tests/modules/net_lb_app_ext/examples/http-https-redirect.yaml
index 11b09c02f..958c7b379 100644
--- a/tests/modules/net_lb_app_ext/examples/http-https-redirect.yaml
+++ b/tests/modules/net_lb_app_ext/examples/http-https-redirect.yaml
@@ -22,11 +22,11 @@ values:
project: project-id
purpose: null
timeouts: null
- module.glb-test-0-redirect.google_compute_global_forwarding_rule.default:
+ module.glb-test-0-redirect.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
@@ -82,11 +82,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-test-0.google_compute_global_forwarding_rule.default:
+ module.glb-test-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL_MANAGED
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/https-backends.yaml b/tests/modules/net_lb_app_ext/examples/https-backends.yaml
index 47fad001f..d6198ea5c 100644
--- a/tests/modules/net_lb_app_ext/examples/https-backends.yaml
+++ b/tests/modules/net_lb_app_ext/examples/https-backends.yaml
@@ -35,11 +35,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/https-sneg.yaml b/tests/modules/net_lb_app_ext/examples/https-sneg.yaml
index fa0823cbf..b4d296e1c 100644
--- a/tests/modules/net_lb_app_ext/examples/https-sneg.yaml
+++ b/tests/modules/net_lb_app_ext/examples/https-sneg.yaml
@@ -16,7 +16,7 @@ values:
module.glb-0.google_compute_backend_service.default["default"]:
port_name: http
protocol: HTTPS
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
load_balancing_scheme: EXTERNAL
port_range: '443'
module.glb-0.google_compute_region_network_endpoint_group.serverless["neg-0"]:
diff --git a/tests/modules/net_lb_app_ext/examples/hybrid-neg.yaml b/tests/modules/net_lb_app_ext/examples/hybrid-neg.yaml
index 4a57006b7..876a9b1c6 100644
--- a/tests/modules/net_lb_app_ext/examples/hybrid-neg.yaml
+++ b/tests/modules/net_lb_app_ext/examples/hybrid-neg.yaml
@@ -40,11 +40,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/instance-groups.yaml b/tests/modules/net_lb_app_ext/examples/instance-groups.yaml
index b3c82a3a4..eb31c4f25 100644
--- a/tests/modules/net_lb_app_ext/examples/instance-groups.yaml
+++ b/tests/modules/net_lb_app_ext/examples/instance-groups.yaml
@@ -39,11 +39,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/internet-neg.yaml b/tests/modules/net_lb_app_ext/examples/internet-neg.yaml
index c865d7e6b..d480d145d 100644
--- a/tests/modules/net_lb_app_ext/examples/internet-neg.yaml
+++ b/tests/modules/net_lb_app_ext/examples/internet-neg.yaml
@@ -40,11 +40,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/managed-instance-groups.yaml b/tests/modules/net_lb_app_ext/examples/managed-instance-groups.yaml
index a9e40e8c2..029aade7e 100644
--- a/tests/modules/net_lb_app_ext/examples/managed-instance-groups.yaml
+++ b/tests/modules/net_lb_app_ext/examples/managed-instance-groups.yaml
@@ -35,11 +35,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/minimal-http.yaml b/tests/modules/net_lb_app_ext/examples/minimal-http.yaml
index 79fa46235..91fd7ab6b 100644
--- a/tests/modules/net_lb_app_ext/examples/minimal-http.yaml
+++ b/tests/modules/net_lb_app_ext/examples/minimal-http.yaml
@@ -35,11 +35,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/network-endpoint-groups.yaml b/tests/modules/net_lb_app_ext/examples/network-endpoint-groups.yaml
index 0cecea421..0a04106f4 100644
--- a/tests/modules/net_lb_app_ext/examples/network-endpoint-groups.yaml
+++ b/tests/modules/net_lb_app_ext/examples/network-endpoint-groups.yaml
@@ -40,11 +40,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/serverless-neg.yaml b/tests/modules/net_lb_app_ext/examples/serverless-neg.yaml
index b0cbab166..8f568519f 100644
--- a/tests/modules/net_lb_app_ext/examples/serverless-neg.yaml
+++ b/tests/modules/net_lb_app_ext/examples/serverless-neg.yaml
@@ -40,11 +40,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/ssl-certificates.yaml b/tests/modules/net_lb_app_ext/examples/ssl-certificates.yaml
index 302a16e8b..bf5c59213 100644
--- a/tests/modules/net_lb_app_ext/examples/ssl-certificates.yaml
+++ b/tests/modules/net_lb_app_ext/examples/ssl-certificates.yaml
@@ -35,11 +35,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/storage.yaml b/tests/modules/net_lb_app_ext/examples/storage.yaml
index 6307478b4..c660b8d8e 100644
--- a/tests/modules/net_lb_app_ext/examples/storage.yaml
+++ b/tests/modules/net_lb_app_ext/examples/storage.yaml
@@ -23,11 +23,11 @@ values:
name: glb-test-0-default
project: project-id
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/url-map.yaml b/tests/modules/net_lb_app_ext/examples/url-map.yaml
index 8d83c671f..1623de0ee 100644
--- a/tests/modules/net_lb_app_ext/examples/url-map.yaml
+++ b/tests/modules/net_lb_app_ext/examples/url-map.yaml
@@ -57,11 +57,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/examples/zonal-neg-creation.yaml b/tests/modules/net_lb_app_ext/examples/zonal-neg-creation.yaml
index d4542f702..3f757718f 100644
--- a/tests/modules/net_lb_app_ext/examples/zonal-neg-creation.yaml
+++ b/tests/modules/net_lb_app_ext/examples/zonal-neg-creation.yaml
@@ -40,11 +40,11 @@ values:
security_policy: null
security_settings: []
timeouts: null
- module.glb-0.google_compute_global_forwarding_rule.default:
+ module.glb-0.google_compute_global_forwarding_rule.default[""]:
allow_psc_global_access: null
description: Terraform managed.
ip_protocol: TCP
- ip_version: null
+ ip_version: IPV4
labels: null
load_balancing_scheme: EXTERNAL
metadata_filters: []
diff --git a/tests/modules/net_lb_app_ext/test-plan.yaml b/tests/modules/net_lb_app_ext/test-plan.yaml
index 8ca6fcd09..232209d39 100644
--- a/tests/modules/net_lb_app_ext/test-plan.yaml
+++ b/tests/modules/net_lb_app_ext/test-plan.yaml
@@ -28,7 +28,7 @@ counts:
outputs:
address: __missing__
backend_service_ids: __missing__
- forwarding_rule: __missing__
+ forwarding_rules: __missing__
group_ids: __missing__
health_check_ids: __missing__
neg_ids: __missing__