diff --git a/modules/pubsub/README.md b/modules/pubsub/README.md
index f561210d0..de43c0f60 100644
--- a/modules/pubsub/README.md
+++ b/modules/pubsub/README.md
@@ -228,8 +228,8 @@ module "pubsub" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [name](variables.tf#L49) | PubSub topic name. | string | ✓ | |
-| [project_id](variables.tf#L54) | Project used for resources. | string | ✓ | |
+| [name](variables.tf#L55) | PubSub topic name. | string | ✓ | |
+| [project_id](variables.tf#L60) | Project used for resources. | string | ✓ | |
| [context](variables.tf#L17) | Context-specific interpolations. | object({…}) | | {} |
| [iam](variables-iam.tf#L17) | IAM bindings for topic in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} |
| [iam_bindings](variables-iam.tf#L24) | Authoritative IAM bindings in {KEY => {role = ROLE, members = [], condition = {}}}. Keys are arbitrary. | map(object({…})) | | {} |
@@ -238,9 +238,10 @@ module "pubsub" {
| [kms_key](variables.tf#L30) | KMS customer managed encryption key. | string | | null |
| [labels](variables.tf#L36) | Labels. | map(string) | | {} |
| [message_retention_duration](variables.tf#L43) | Minimum duration to retain a message after it is published to the topic. | string | | null |
-| [regions](variables.tf#L59) | List of regions used to set persistence policy. | list(string) | | [] |
-| [schema](variables.tf#L66) | Topic schema. If set, all messages in this topic should follow this schema. | object({…}) | | null |
-| [subscriptions](variables.tf#L76) | Topic subscriptions. Also define push configs for push subscriptions. If options is set to null subscription defaults will be used. Labels default to topic labels if set to null. | map(object({…})) | | {} |
+| [message_storage_enforce_in_transit](variables.tf#L49) | If true, var.regions is also used to enforce in-transit guarantees for messages. | bool | | null |
+| [regions](variables.tf#L65) | List of regions used to set persistence policy. | list(string) | | [] |
+| [schema](variables.tf#L72) | Topic schema. If set, all messages in this topic should follow this schema. | object({…}) | | null |
+| [subscriptions](variables.tf#L82) | Topic subscriptions. Also define push configs for push subscriptions. If options is set to null subscription defaults will be used. Labels default to topic labels if set to null. | map(object({…})) | | {} |
## Outputs
diff --git a/modules/pubsub/main.tf b/modules/pubsub/main.tf
index 7dde62ab1..33cd45092 100644
--- a/modules/pubsub/main.tf
+++ b/modules/pubsub/main.tf
@@ -49,6 +49,7 @@ resource "google_pubsub_topic" "default" {
allowed_persistence_regions = [
for v in var.regions : lookup(local.ctx.locations, v, v)
]
+ enforce_in_transit = var.message_storage_enforce_in_transit
}
}
dynamic "schema_settings" {
diff --git a/modules/pubsub/variables.tf b/modules/pubsub/variables.tf
index d868afa23..21c50b975 100644
--- a/modules/pubsub/variables.tf
+++ b/modules/pubsub/variables.tf
@@ -46,6 +46,12 @@ variable "message_retention_duration" {
default = null
}
+variable "message_storage_enforce_in_transit" {
+ description = "If true, var.regions is also used to enforce in-transit guarantees for messages."
+ type = bool
+ default = null
+}
+
variable "name" {
description = "PubSub topic name."
type = string