feat: support reserved_internal_range

Author: mclavel

README.md

@@ -73,6 +73,10 @@ module "vpc" {
                 range_name    = "subnet-01-secondary-01"
                 ip_cidr_range = "192.168.64.0/24"
             },
+            {
+                range_name              = "subnet-01-secondary-02"
+                reserved_internal_range = "networkconnectivity.googleapis.com/projects/my-project/locations/global/internalRanges/my-range"
+            },
         ]
 
         subnet-02 = []
@@ -128,7 +132,7 @@ Then perform the following commands on the root folder:
 | project\_id | The ID of the project where this VPC will be created | `string` | n/a | yes |
 | routes | List of routes being created in this VPC | `list(map(string))` | `[]` | no |
 | routing\_mode | The network routing mode (default 'GLOBAL') | `string` | `"GLOBAL"` | no |
-| secondary\_ranges | Secondary ranges that will be used in some of the subnets | `map(list(object({ range_name = string, ip_cidr_range = string })))` | `{}` | no |
+| secondary\_ranges | Secondary ranges that will be used in some of the subnets | `map(list(object({ range_name = string, ip_cidr_range = optional(string), reserved_internal_range = optional(string) })))` | `{}` | no |
 | shared\_vpc\_host | Makes this project a Shared VPC host if 'true' (default 'false') | `bool` | `false` | no |
 | subnets | The list of subnets being created | <pre>list(object({<br>    subnet_name                      = string<br>    subnet_ip                        = string<br>    subnet_region                    = string<br>    subnet_private_access            = optional(string)<br>    subnet_private_ipv6_access       = optional(string)<br>    subnet_flow_logs                 = optional(string)<br>    subnet_flow_logs_interval        = optional(string)<br>    subnet_flow_logs_sampling        = optional(string)<br>    subnet_flow_logs_metadata        = optional(string)<br>    subnet_flow_logs_filter          = optional(string)<br>    subnet_flow_logs_metadata_fields = optional(list(string))<br>    description                      = optional(string)<br>    purpose                          = optional(string)<br>    role                             = optional(string)<br>    stack_type                       = optional(string)<br>    ipv6_access_type                 = optional(string)<br>  }))</pre> | n/a | yes |
 

examples/secondary_ranges/README.md

@@ -17,6 +17,8 @@ ranges and the third being given a single secondary range.
 
 | Name | Description |
 |------|-------------|
+| internal\_range\_id | The ID of the created internal range |
+| internal\_range\_name | The name of the created internal range |
 | network\_name | The name of the VPC being created |
 | network\_self\_link | The URI of the VPC being created |
 | project\_id | VPC project id |

examples/secondary_ranges/main.tf

@@ -76,6 +76,10 @@ module "vpc-secondary-ranges" {
         range_name    = "${local.subnet_03}-01"
         ip_cidr_range = "192.168.66.0/24"
       },
+      {
+        range_name              = "${local.subnet_03}-02"
+        reserved_internal_range = "networkconnectivity.googleapis.com/${google_network_connectivity_internal_range.internal_range.id}"
+      },
     ]
   }
 
@@ -103,3 +107,13 @@ module "vpc-secondary-ranges" {
     },
   ]
 }
+
+resource "google_network_connectivity_internal_range" "internal_range" {
+  project       = var.project_id
+  name          = "${var.network_name}-internal-range"
+  description   = "Example internal range for secondary subnet ranges"
+  ip_cidr_range = "172.16.0.0/24"
+  network       = module.vpc-secondary-ranges.network_id
+  usage         = "FOR_VPC"
+  peering       = "FOR_SELF"
+}

examples/secondary_ranges/outputs.tf

@@ -63,3 +63,13 @@ output "route_names" {
   value       = module.vpc-secondary-ranges.route_names
   description = "The routes associated with this VPC"
 }
+
+output "internal_range_id" {
+  value       = google_network_connectivity_internal_range.internal_range.id
+  description = "The ID of the created internal range"
+}
+
+output "internal_range_name" {
+  value       = google_network_connectivity_internal_range.internal_range.name
+  description = "The name of the created internal range"
+}

examples/secondary_ranges/versions.tf

@@ -19,7 +19,8 @@ terraform {
 
   required_providers {
     google = {
-      source = "hashicorp/google"
+      source  = "hashicorp/google"
+      version = ">= 6.0"
     }
     null = {
       version = ">= 3.0"

metadata.yaml

@@ -158,7 +158,7 @@ spec:
         required: true
       - name: secondary_ranges
         description: Secondary ranges that will be used in some of the subnets
-        varType: map(list(object({ range_name = string, ip_cidr_range = string })))
+        varType: map(list(object({ range_name = string, ip_cidr_range = optional(string), reserved_internal_range = optional(string) })))
         defaultValue: {}
       - name: routes
         description: List of routes being created in this VPC
@@ -354,6 +354,6 @@ spec:
       - servicenetworking.googleapis.com
     providerVersions:
       - source: hashicorp/google
-        version: ">= 4.64, < 8"
+        version: ">= 6.0, < 8"
       - source: hashicorp/google-beta
-        version: ">= 4.64, < 8"
+        version: ">= 6.0, < 8"

modules/subnets-beta/README.md

@@ -52,6 +52,10 @@ module "vpc" {
                 range_name    = "subnet-01-secondary-01"
                 ip_cidr_range = "192.168.64.0/24"
             },
+            {
+                range_name              = "subnet-01-secondary-02"
+                reserved_internal_range = "networkconnectivity.googleapis.com/projects/my-project/locations/global/internalRanges/my-range"
+            },
         ]
 
         subnet-02 = []
@@ -67,7 +71,7 @@ module "vpc" {
 | module\_depends\_on | List of modules or resources this module depends on. | `list(any)` | `[]` | no |
 | network\_name | The name of the network where subnets will be created | `string` | n/a | yes |
 | project\_id | The ID of the project where subnets will be created | `string` | n/a | yes |
-| secondary\_ranges | Secondary ranges that will be used in some of the subnets | `map(list(object({ range_name = string, ip_cidr_range = string })))` | `{}` | no |
+| secondary\_ranges | Secondary ranges that will be used in some of the subnets | `map(list(object({ range_name = string, ip_cidr_range = optional(string), reserved_internal_range = optional(string) })))` | `{}` | no |
 | subnets | The list of subnets being created | <pre>list(object({<br>    subnet_name                      = string<br>    subnet_ip                        = string<br>    subnet_region                    = string<br>    subnet_private_access            = optional(string, "false")<br>    subnet_private_ipv6_access       = optional(string)<br>    subnet_flow_logs                 = optional(bool, false)<br>    subnet_flow_logs_interval        = optional(string, "INTERVAL_5_SEC")<br>    subnet_flow_logs_sampling        = optional(string, "0.5")<br>    subnet_flow_logs_metadata        = optional(string, "INCLUDE_ALL_METADATA")<br>    subnet_flow_logs_filter          = optional(string, "true")<br>    subnet_flow_logs_metadata_fields = optional(list(string), [])<br>    description                      = optional(string)<br>    purpose                          = optional(string)<br>    role                             = optional(string)<br>    stack_type                       = optional(string)<br>    ipv6_access_type                 = optional(string)<br>  }))</pre> | n/a | yes |
 
 ## Outputs

modules/subnets-beta/main.tf

@@ -56,8 +56,9 @@ resource "google_compute_subnetwork" "subnetwork" {
     for_each = contains(keys(var.secondary_ranges), each.value.subnet_name) == true ? var.secondary_ranges[each.value.subnet_name] : []
 
     content {
-      range_name    = secondary_ip_range.value.range_name
-      ip_cidr_range = secondary_ip_range.value.ip_cidr_range
+      range_name              = secondary_ip_range.value.range_name
+      ip_cidr_range           = secondary_ip_range.value.ip_cidr_range
+      reserved_internal_range = secondary_ip_range.value.reserved_internal_range
     }
   }
 

modules/subnets-beta/metadata.yaml

@@ -122,7 +122,7 @@ spec:
         required: true
       - name: secondary_ranges
         description: Secondary ranges that will be used in some of the subnets
-        varType: map(list(object({ range_name = string, ip_cidr_range = string })))
+        varType: map(list(object({ range_name = string, ip_cidr_range = optional(string), reserved_internal_range = optional(string) })))
         defaultValue: {}
       - name: module_depends_on
         description: List of modules or resources this module depends on.
@@ -161,4 +161,4 @@ spec:
       - servicenetworking.googleapis.com
     providerVersions:
       - source: hashicorp/google-beta
-        version: ">= 2.19, < 8"
+        version: ">= 6.0, < 8"

modules/subnets-beta/variables.tf

@@ -47,7 +47,7 @@ variable "subnets" {
 }
 
 variable "secondary_ranges" {
-  type        = map(list(object({ range_name = string, ip_cidr_range = string })))
+  type        = map(list(object({ range_name = string, ip_cidr_range = optional(string), reserved_internal_range = optional(string) })))
   description = "Secondary ranges that will be used in some of the subnets"
   default     = {}
 }