This module allows reserving Compute Engine external, global, and internal addresses. The module also supports managing VPC network attachments from service projects.
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
external_addresses = {
one = { region = "europe-west1" }
two = {
region = "europe-west2"
tier = "STANDARD"
}
}
global_addresses = {
app-1 = {}
app-2 = {}
}
}
# tftest modules=1 resources=4 inventory=external.yaml e2emodule "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
internal_addresses = {
ilb-1 = {
purpose = "SHARED_LOADBALANCER_VIP"
region = var.region
subnetwork = var.subnet.self_link
}
ilb-2 = {
address = "10.0.16.102"
region = var.region
subnetwork = var.subnet.self_link
}
}
}
# tftest modules=1 resources=2 inventory=internal.yaml e2eYou can reserve both external and internal IPv6 addresses.
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
external_addresses = {
nlb = {
region = var.region
subnetwork = module.vpc.subnets["${var.region}/ipv6-external"].self_link
ipv6 = {
endpoint_type = "NETLB"
}
}
}
internal_addresses = {
vm = {
ipv6 = {}
region = var.region
subnetwork = module.vpc.subnets["${var.region}/ipv6-internal"].self_link
}
}
}
# tftest modules=2 resources=7 fixtures=fixtures/net-vpc-ipv6.tf inventory=ipv6.yaml e2emodule "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psa_addresses = {
cloudsql-mysql = {
address = "10.10.10.0"
network = var.vpc.self_link
prefix_length = 24
}
}
}
# tftest modules=1 resources=1 inventory=psa.yaml e2emodule "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psc_addresses = {
one = {
address = "10.0.0.32"
network = var.vpc.self_link
}
}
}
# tftest modules=1 resources=1 inventory=psc.yaml e2eTo create PSC address targeting a service regional provider use the service_attachment property.
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psc_addresses = {
cloudsql-one = {
address = "10.0.16.32"
subnet_self_link = var.subnet.self_link
region = var.region
service_attachment = {
psc_service_attachment_link = module.cloudsql-instance.psc_service_attachment_link
}
}
}
}
# tftest modules=2 resources=3 fixtures=fixtures/cloudsql-instance.tf inventory=psc-service-attachment.yaml e2eSpecify vpc-sc or all-apis in psc_service_attachment_link to targe Google APIs.
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psc_addresses = {
googleapis = {
address = "10.0.32.32"
network = var.vpc.self_link
service_attachment = {
psc_service_attachment_link = "all-apis"
}
}
}
}
# tftest modules=1 resources=2 inventory=psc-service-attachment-all-apis.yaml e2eSet global_access to true to enable global access for regional addresses used by a service attachment.
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psc_addresses = {
cloudsql-one = {
address = "10.0.16.32"
subnet_self_link = var.subnet.self_link
region = var.region
service_attachment = {
psc_service_attachment_link = module.cloudsql-instance.psc_service_attachment_link
global_access = true
}
}
}
}
# tftest modules=2 resources=3 fixtures=fixtures/cloudsql-instance.tf inventory=psc-global.yaml e2emodule "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
ipsec_interconnect_addresses = {
vpn-gw-range-1 = {
address = "10.255.255.0"
region = var.region
network = var.vpc.self_link
prefix_length = 29
}
vpn-gw-range-2 = {
address = "10.255.255.8"
region = var.region
network = var.vpc.self_link
prefix_length = 29
}
}
}
# tftest modules=1 resources=2 inventory=ipsec-interconnect.yaml e2eThe project where the network attachment is created must be either the VPC project, or a Shared VPC service project of the host owning the VPC.
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
network_attachments = {
gce-0 = {
subnet_self_link = (
"projects/net-host/regions/europe-west8/subnetworks/gce"
)
producer_accept_lists = [var.project_id]
}
}
}
# tftest modules=1 resources=1 inventory=network-attachments.yaml| name | description | type | required | default |
|---|---|---|---|---|
| project_id | Project where the addresses will be created. | string |
✓ | |
| external_addresses | Map of external addresses, keyed by name. | map(object({…})) |
{} |
|
| global_addresses | List of global addresses to create. | map(object({…})) |
{} |
|
| internal_addresses | Map of internal addresses to create, keyed by name. | map(object({…})) |
{} |
|
| ipsec_interconnect_addresses | Map of internal addresses used for HPA VPN over Cloud Interconnect. | map(object({…})) |
{} |
|
| network_attachments | PSC network attachments, names as keys. | map(object({…})) |
{} |
|
| psa_addresses | Map of internal addresses used for Private Service Access. | map(object({…})) |
{} |
|
| psc_addresses | Map of internal addresses used for Private Service Connect. | map(object({…})) |
{} |
| name | description | sensitive |
|---|---|---|
| external_addresses | Allocated external addresses. | |
| global_addresses | Allocated global external addresses. | |
| internal_addresses | Allocated internal addresses. | |
| ipsec_interconnect_addresses | Allocated internal addresses for HA VPN over Cloud Interconnect. | |
| network_attachment_ids | IDs of network attachments. | |
| psa_addresses | Allocated internal addresses for PSA endpoints. | |
| psc_addresses | Allocated internal addresses for PSC endpoints. |