SquareOps Technologies Your DevOps Partner for Accelerating cloud journey.
Terraform module to create Networking resources for workload deployment on Google Cloud.
module "network" {
source = "squareops/network/google"
name = "identifier"
project_name = "project_name"
environment = "dev"
region = "asia-south1"
ip_cidr_range = "10.0.0.0/16"
secondary_ip_range = [
{
range_name = "tf-test-secondary-range1"
ip_cidr_range = "192.168.10.0/24"
},
{
range_name = "tf-test-secondary-range2"
ip_cidr_range = "192.168.11.0/24"
}
]
private_ip_google_access = true
private_ipv6_google_access = false
enable_nat_gateway = true
db_private_access = true
create_vpn = true
vpc_flow_logs = true
}Refer examples for more details.
To prevent destruction interruptions, any resources that have been created outside of Terraform and attached to the resources provisioned by Terraform must be deleted before the module is destroyed. This module makes it easy to set up a new VPC Network in GCP by defining your network and subnet ranges in a concise syntax.
This module supports creating:
- A Google Virtual Private Network (VPC)
- A Subnet within the VPC
- Private service connection in VPC
- A Google Cloud NAT with Router
- A VPN Server with External IP
In order to execute this module you must have a Service Account with the roles mentioned in IAM.md.
| Name | Version |
|---|---|
| terraform | >= 0.13.0 |
| >= 4.51, < 5.0 | |
| google-beta | >= 4.51, < 5.0 |
| Name | Version |
|---|---|
| >= 4.51, < 5.0 |
| Name | Source | Version |
|---|---|---|
| cloud-nat | terraform-google-modules/cloud-nat/google | 4.0.0 |
| firewall_rules | terraform-google-modules/network/google//modules/firewall-rules | ~> 7.0 |
| subnets | ./modules/subnets | n/a |
| vpn_server | ./modules/vpn | n/a |
| Name | Type |
|---|---|
| google_compute_global_address.private_ip_block | resource |
| google_compute_network.network | resource |
| google_compute_router.router | resource |
| google_service_networking_connection.private_vpc_connection | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| auto_create_subnetworks | When set to true, the network is created in 'auto subnet mode' and it will create a subnet for each region automatically across the 10.128.0.0/9 address range. When set to false, the network is created in 'custom subnet mode' so the user can explicitly connect subnetwork resources. | bool |
false |
no |
| create_vpn | Specifies whether to create a VPN server. | bool |
false |
no |
| db_private_access | Specifies whether to create a private VPC connection for the database. | bool |
false |
no |
| delete_default_internet_gateway_routes | If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted | bool |
false |
no |
| enable_nat_gateway | Specifies whether to create a NAT gateway. | bool |
false |
no |
| environment | The environment name used for tagging and prefixing resource names being created. | string |
"dev" |
no |
| ip_cidr_range | The IP CIDR range for the subnet. | string |
n/a | yes |
| log_config | The logging options for the subnetwork flow logs. Setting this value to null will disable them. See https://www.terraform.io/docs/providers/google/r/compute_subnetwork.html for more information and examples. |
object({ |
{ |
no |
| log_config_filter_nat | Specifies the desired filtering of logs on this NAT. Valid values are: "ERRORS_ONLY", "TRANSLATIONS_ONLY", "ALL". | string |
"ALL" |
no |
| machine_type | The machine type for the VPN server. | string |
"e2-medium" |
no |
| mtu | The network MTU (If set to 0, meaning MTU is unset - defaults to '1460'). Recommended values: 1460 (default for historic reasons), 1500 (Internet default), or 8896 (for Jumbo packets). Allowed are all values in the range 1300 to 8896, inclusively. | number |
0 |
no |
| name | The suffix name for the resources being created. | string |
n/a | yes |
| private_ip_google_access | Whether instances in the subnet can access Google services using private IP addresses. | bool |
true |
no |
| private_ipv6_google_access | Whether instances in the subnet can access Google services using IPv6 addresses. | bool |
false |
no |
| project_name | The project ID where the resources will be deployed. | string |
"fresh-sanctuary-389006" |
no |
| region | The region where the resources will be deployed. | string |
"asia-south1" |
no |
| routing_mode | The network routing mode (default 'GLOBAL') | string |
"GLOBAL" |
no |
| secondary_ip_range | List of secondary IP ranges for the subnetwork. Each element in the list must have 'range_name' and 'ip_cidr_range' attributes. | list(object({ |
[] |
no |
| source_subnetwork_ip_ranges_to_nat | (Optional) Specifies how NAT should be configured per Subnetwork. Valid values include: ALL_SUBNETWORKS_ALL_IP_RANGES, ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, LIST_OF_SUBNETWORKS. Changing this forces a new NAT to be created. Defaults to ALL_SUBNETWORKS_ALL_IP_RANGES. | string |
"ALL_SUBNETWORKS_ALL_IP_RANGES" |
no |
| vpc_flow_logs | Enable or disable flow logging for subnets. | bool |
false |
no |
| Name | Description |
|---|---|
| network | The VPC resource being created |
| network_id | The ID of the VPC being created |
| network_name | The name of the VPC being created |
| network_self_link | The URI of the VPC being created |
| region | The region where the VPC is located. |
| secondary_ip_range | The details of secondary ip range of subnet |
| subnet_name | List of Subnets created |
| vpn_name | The name of the Pritunl VPN instance. Null if VPN creation is disabled. |
| vpn_zone | The zone of the Pritunl VPN instance. Null if VPN creation is disabled. |
To report an issue with a project:
- Check the repository's issue tracker on GitHub
- Search to check if the issue has already been reported
- If you can't find an answer to your question in the documentation or issue tracker, you can ask a question by creating a new issue. Make sure to provide enough context and details.
Apache License, Version 2.0, January 2004 (https://www.apache.org/licenses/LICENSE-2.0)
To support our GitHub project by liking it, you can follow these steps:
-
Visit the repository: Navigate to the GitHub repository
-
Click the "Star" button: On the repository page, you'll see a "Star" button in the upper right corner. Clicking on it will star the repository, indicating your support for the project.
-
Optionally, you can also leave a comment on the repository or open an issue to give feedback or suggest changes.
Staring a repository on GitHub is a simple way to show your support and appreciation for the project. It also helps to increase the visibility of the project and make it more discoverable to others.
We believe that the key to success in the digital age is the ability to deliver value quickly and reliably. That’s why we offer a comprehensive range of DevOps & Cloud services designed to help your organization optimize its systems & Processes for speed and agility.
- We are an AWS Advanced consulting partner which reflects our deep expertise in AWS Cloud and helping 100+ clients over the last 5 years.
- Expertise in Kubernetes and overall container solution helps companies expedite their journey by 10X.
- Infrastructure Automation is a key component to the success of our Clients and our Expertise helps deliver the same in the shortest time.
- DevSecOps as a service to implement security within the overall DevOps process and helping companies deploy securely and at speed.
- Platform engineering which supports scalable,Cost efficient infrastructure that supports rapid development, testing, and deployment.
- 24*7 SRE service to help you Monitor the state of your infrastructure and eradicate any issue within the SLA.
We provide support on all of our projects, no matter how small or large they may be.
To find more information about our company, visit squareops.com, follow us on Linkedin, or fill out a job application. If you have any questions or would like assistance with your cloud strategy and implementation, please don't hesitate to contact us.