Change psa type in net-vpc, fix psa in fast net stages (#545)

* change psn type in net-vpc, fix psa in fast net stages * fix doc examples * psn ---> psa
2022-02-15 08:24:27 +00:00
parent 34f8d05f8d
commit c91802f501
14 changed files with 42 additions and 81 deletions
--- a/modules/net-vpc/README.md
+++ b/modules/net-vpc/README.md
@@ -138,7 +138,7 @@ module "vpc" {
      secondary_ip_range = null
    }
  ]
-  psn_ranges = ["10.10.0.0/16"]
+  psa_ranges = {range-a = "10.10.0.0/16"}
 }
 # tftest modules=1 resources=4
 ```
@@ -171,8 +171,8 @@ module "vpc" {
 ```

 ### Subnet Factory
-The `net-vpc` module includes a subnet factory (see [Resource Factories](../../examples/factories/)) for the massive creation of subnets leveraging one configuration file per subnet.

+The `net-vpc` module includes a subnet factory (see [Resource Factories](../../examples/factories/)) for the massive creation of subnets leveraging one configuration file per subnet.

 ```hcl
 module "vpc" {
@@ -220,7 +220,7 @@ flow_logs:                        # enable, set to empty map to use defaults
 | [mtu](variables.tf#L80) | Maximum Transmission Unit in bytes. The minimum value for this field is 1460 and the maximum value is 1500 bytes. | <code></code> |  | <code>null</code> |
 | [peering_config](variables.tf#L90) | VPC peering configuration. | <code title="object&#40;&#123;&#10;  peer_vpc_self_link &#61; string&#10;  export_routes      &#61; bool&#10;  import_routes      &#61; bool&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> |  | <code>null</code> |
 | [peering_create_remote_end](variables.tf#L100) | Skip creation of peering on the remote end when using peering_config. | <code>bool</code> |  | <code>true</code> |
-| [psn_ranges](variables.tf#L111) | CIDR ranges used for Google services that support Private Service Networking. | <code>list&#40;string&#41;</code> |  | <code>null</code> |
+| [psa_ranges](variables.tf#L111) | CIDR ranges used for Google services that support Private Service Networking. | <code>map&#40;string&#41;</code> |  | <code>null</code> |
 | [routes](variables.tf#L124) | Network routes, keyed by name. | <code title="map&#40;object&#40;&#123;&#10;  dest_range    &#61; string&#10;  priority      &#61; number&#10;  tags          &#61; list&#40;string&#41;&#10;  next_hop_type &#61; string &#35; gateway, instance, ip, vpn_tunnel, ilb&#10;  next_hop      &#61; string&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
 | [routing_mode](variables.tf#L136) | The network routing mode (default 'GLOBAL'). | <code>string</code> |  | <code>&#34;GLOBAL&#34;</code> |
 | [shared_vpc_host](variables.tf#L146) | Enable shared VPC for this project. | <code>bool</code> |  | <code>false</code> |
--- a/modules/net-vpc/main.tf
+++ b/modules/net-vpc/main.tf
@@ -78,11 +78,11 @@ locals {
    ? null
    : element(reverse(split("/", var.peering_config.peer_vpc_self_link)), 0)
  )
-  psn_ranges = {
-    for r in(var.psn_ranges == null ? [] : var.psn_ranges) : r => {
-      address       = split("/", r)[0]
-      name          = replace(split("/", r)[0], ".", "-")
-      prefix_length = split("/", r)[1]
+  psa_ranges = {
+    for k, v in coalesce(var.psa_ranges, {}) : k => {
+      address       = split("/", v)[0]
+      name          = k
+      prefix_length = split("/", v)[1]
    }
  }
  routes = {
@@ -328,10 +328,10 @@ resource "google_dns_policy" "default" {
  }
 }

-resource "google_compute_global_address" "psn_ranges" {
-  for_each      = local.psn_ranges
+resource "google_compute_global_address" "psa_ranges" {
+  for_each      = local.psa_ranges
  project       = var.project_id
-  name          = "${var.name}-psn-${each.value.name}"
+  name          = "${var.name}-psa-${each.key}"
  purpose       = "VPC_PEERING"
  address_type  = "INTERNAL"
  address       = each.value.address
@@ -339,11 +339,11 @@ resource "google_compute_global_address" "psn_ranges" {
  network       = local.network.id
 }

-resource "google_service_networking_connection" "psn_connection" {
-  for_each = toset(local.psn_ranges == {} ? [] : [""])
+resource "google_service_networking_connection" "psa_connection" {
+  for_each = toset(local.psa_ranges == {} ? [] : [""])
  network  = local.network.id
  service  = "servicenetworking.googleapis.com"
  reserved_peering_ranges = [
-    for k, v in google_compute_global_address.psn_ranges : v.name
+    for k, v in google_compute_global_address.psa_ranges : v.name
  ]
 }
--- a/modules/net-vpc/outputs.tf
+++ b/modules/net-vpc/outputs.tf
@@ -27,7 +27,7 @@ output "name" {
    google_compute_network_peering.remote,
    google_compute_shared_vpc_host_project.shared_vpc_host,
    google_compute_shared_vpc_service_project.service_projects,
-    google_service_networking_connection.psn_connection
+    google_service_networking_connection.psa_connection
  ]
 }

@@ -39,7 +39,7 @@ output "network" {
    google_compute_network_peering.remote,
    google_compute_shared_vpc_host_project.shared_vpc_host,
    google_compute_shared_vpc_service_project.service_projects,
-    google_service_networking_connection.psn_connection
+    google_service_networking_connection.psa_connection
  ]
 }

@@ -52,7 +52,7 @@ output "project_id" {
    google_compute_network_peering.remote,
    google_compute_shared_vpc_host_project.shared_vpc_host,
    google_compute_shared_vpc_service_project.service_projects,
-    google_service_networking_connection.psn_connection
+    google_service_networking_connection.psa_connection
  ]
 }

@@ -64,7 +64,7 @@ output "self_link" {
    google_compute_network_peering.remote,
    google_compute_shared_vpc_host_project.shared_vpc_host,
    google_compute_shared_vpc_service_project.service_projects,
-    google_service_networking_connection.psn_connection
+    google_service_networking_connection.psa_connection
  ]
 }

--- a/modules/net-vpc/variables.tf
+++ b/modules/net-vpc/variables.tf
@@ -108,16 +108,16 @@ variable "project_id" {
  type        = string
 }

-variable "psn_ranges" {
+variable "psa_ranges" {
  description = "CIDR ranges used for Google services that support Private Service Networking."
-  type        = list(string)
+  type        = map(string)
  default     = null
  validation {
    condition = alltrue([
-      for r in(var.psn_ranges == null ? [] : var.psn_ranges) :
-      can(cidrnetmask(r))
+      for k, v in(var.psa_ranges == null ? {} : var.psa_ranges) :
+      can(cidrnetmask(v))
    ])
-    error_message = "Specify a valid RFC1918 CIDR range for Private Service Networking."
+    error_message = "Specify valid RFC1918 CIDR ranges for Private Service Networking."
  }
 }