From c6bc1d5c892f03e93ea69cbf421442a305760660 Mon Sep 17 00:00:00 2001 From: Aleksandr Averbukh Date: Thu, 31 Oct 2019 16:54:43 +0100 Subject: [PATCH 1/2] Update network module version, add types to the variables --- infrastructure/hub-and-spoke-vpns/main.tf | 10 ++++---- .../hub-and-spoke-vpns/variables.tf | 23 ++++++++++++++++--- infrastructure/shared-vpc/main.tf | 6 ++--- 3 files changed, 28 insertions(+), 11 deletions(-) diff --git a/infrastructure/hub-and-spoke-vpns/main.tf b/infrastructure/hub-and-spoke-vpns/main.tf index 9761c8375..a4dcbaea3 100644 --- a/infrastructure/hub-and-spoke-vpns/main.tf +++ b/infrastructure/hub-and-spoke-vpns/main.tf @@ -30,7 +30,7 @@ locals { module "vpc-hub" { source = "terraform-google-modules/network/google" - version = "~> 1.2" + version = "~> 1.4.3" project_id = var.hub_project_id network_name = "hub-network" @@ -40,7 +40,7 @@ module "vpc-hub" { module "vpc-spoke-1" { source = "terraform-google-modules/network/google" - version = "~> 1.2" + version = "~> 1.4.3" project_id = var.spoke_1_project_id network_name = "spoke-1-network" @@ -50,7 +50,7 @@ module "vpc-spoke-1" { module "vpc-spoke-2" { source = "terraform-google-modules/network/google" - version = "~> 1.2" + version = "~> 1.4.3" project_id = var.spoke_2_project_id network_name = "spoke-2-network" @@ -334,8 +334,8 @@ module "spoke-2-peering-zone-to-hub-forwarding-zone" { resource "google_dns_policy" "google_dns_policy" { provider = "google-beta" - project = var.hub_project_id - name = "inbound-dns-forwarding-policy" + project = var.hub_project_id + name = "inbound-dns-forwarding-policy" enable_inbound_forwarding = true networks { diff --git a/infrastructure/hub-and-spoke-vpns/variables.tf b/infrastructure/hub-and-spoke-vpns/variables.tf index 5ba0ae5b3..a7e69e577 100644 --- a/infrastructure/hub-and-spoke-vpns/variables.tf +++ b/infrastructure/hub-and-spoke-vpns/variables.tf @@ -13,39 +13,51 @@ # limitations under the License. variable "hub_project_id" { - description = "Hub Project id." + description = "Hub Project id. Same project can be used for hub and spokes." + type = string } variable "spoke_1_project_id" { - description = "Spoke 1 Project id." + description = "Spoke 1 Project id. Same project can be used for hub and spokes." + type = string } variable "spoke_2_project_id" { - description = "Spoke 2 Project id." + description = "Spoke 2 Project id. Same project can be used for hub and spokes." + type = string } variable "spoke_to_spoke_route_advertisement" { description = "Use custom route advertisement in hub routers to advertise all spoke subnets." + type = bool default = true } variable "hub_bgp_asn" { description = "Hub BGP ASN." + type = number default = 64515 } variable "spoke_1_bgp_asn" { description = "Spoke 1 BGP ASN." + type = number default = 64516 } variable "spoke_2_bgp_asn" { description = "Spoke 2 BGP ASN." + type = number default = 64517 } variable "hub_subnets" { description = "Hub VPC subnets configuration." + type = list(object({ + subnet_name = string + subnet_ip = string + subnet_region = string + })) default = [{ subnet_name = "subnet-a" subnet_ip = "10.10.10.0/24" @@ -91,25 +103,30 @@ variable "spoke_2_subnets" { variable "private_dns_zone_name" { description = "Private DNS Zone Name." + type = string default = "gcp-local" } variable "private_dns_zone_domain" { description = "Private DNS Zone Domain." + type = string default = "gcp.local." } variable "forwarding_dns_zone_name" { description = "Forwarding DNS Zone Name." + type = string default = "on-prem-local" } variable "forwarding_dns_zone_domain" { description = "Forwarding DNS Zone Domain." + type = string default = "on-prem.local." } variable "forwarding_zone_server_addresses" { description = "Forwarding DNS Zone Server Addresses" + type = list(string) default = ["8.8.8.8", "8.8.4.4"] } diff --git a/infrastructure/shared-vpc/main.tf b/infrastructure/shared-vpc/main.tf index 19c5dcb02..4a00efb22 100644 --- a/infrastructure/shared-vpc/main.tf +++ b/infrastructure/shared-vpc/main.tf @@ -64,7 +64,7 @@ module "project-service-gke" { module "net-vpc-host" { source = "terraform-google-modules/network/google" - version = "1.4.0" + version = "1.4.3" project_id = module.project-svpc-host.project_id network_name = "vpc-shared" shared_vpc_host = true @@ -77,7 +77,7 @@ module "net-vpc-host" { module "net-vpc-firewall" { source = "terraform-google-modules/network/google//modules/fabric-net-firewall" - version = "1.4.0" + version = "1.4.3" project_id = module.project-svpc-host.project_id network = module.net-vpc-host.network_name admin_ranges_enabled = true @@ -101,7 +101,7 @@ module "net-vpc-firewall" { module "net-svpc-access" { source = "terraform-google-modules/network/google//modules/fabric-net-svpc-access" - version = "1.4.0" + version = "1.4.3" host_project_id = module.project-svpc-host.project_id service_project_num = 2 service_project_ids = [ From b73af69c02d63976b2c03bfdb9506f8d5d450b24 Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Thu, 31 Oct 2019 22:05:30 +0100 Subject: [PATCH 2/2] Add missing bolierplate --- infrastructure/hub-and-spoke-vpns/provider.tf | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/infrastructure/hub-and-spoke-vpns/provider.tf b/infrastructure/hub-and-spoke-vpns/provider.tf index d2148c614..428edbf72 100644 --- a/infrastructure/hub-and-spoke-vpns/provider.tf +++ b/infrastructure/hub-and-spoke-vpns/provider.tf @@ -1,3 +1,17 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + provider "google" { } provider "google-beta" {