Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add network_firewall_policy_enforcement_order network argument #22

Merged
merged 1 commit into from
Mar 1, 2024
Merged

feat: add network_firewall_policy_enforcement_order network argument #22

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
A [Terraform](https://www.terraform.io) module to create a [Google Network Vpc](https://cloud.google.com/compute/docs/reference/rest/v1/networks) on [Google Cloud Services (GCP)](https://cloud.google.com/).

**_This module supports Terraform version 1
and is compatible with the Terraform Google Provider version 4._** and 5._**
and is compatible with the Terraform Google Provider version 5._**

This module is part of our Infrastructure as Code (IaC) framework
that enables our users and customers to easily deploy and manage reusable,
Expand Down Expand Up @@ -96,6 +96,12 @@ See [variables.tf] and [examples/] for details and use-cases.

Default is `"1460"`.

- [**`network_firewall_policy_enforcement_order`**](#var-network_firewall_policy_enforcement_order): *(Optional `string`)*<a name="var-network_firewall_policy_enforcement_order"></a>

Set the order that Firewall Rules and Firewall Policies are evaluated. Default value is AFTER_CLASSIC_FIREWALL. Possible values are: BEFORE_CLASSIC_FIREWALL, AFTER_CLASSIC_FIREWALL.

Default is `null`.

- [**`enable_ula_internal_ipv6`**](#var-enable_ula_internal_ipv6): *(Optional `bool`)*<a name="var-enable_ula_internal_ipv6"></a>

Enable ULA internal ipv6 on this network. Enabling this feature will assign a `/48` from Google defined ULA prefix `fd20::/20`.
Expand Down
10 changes: 9 additions & 1 deletion README.tfdoc.hcl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ section {
A [Terraform](https://www.terraform.io) module to create a [Google Network Vpc](https://cloud.google.com/compute/docs/reference/rest/v1/networks) on [Google Cloud Services (GCP)](https://cloud.google.com/).

**_This module supports Terraform version 1
and is compatible with the Terraform Google Provider version 4._** and 5._**
and is compatible with the Terraform Google Provider version 5._**

This module is part of our Infrastructure as Code (IaC) framework
that enables our users and customers to easily deploy and manage reusable,
Expand Down Expand Up @@ -134,6 +134,14 @@ section {
END
}

variable "network_firewall_policy_enforcement_order" {
type = string
default = null
description = <<-END
Set the order that Firewall Rules and Firewall Policies are evaluated. Default value is AFTER_CLASSIC_FIREWALL. Possible values are: BEFORE_CLASSIC_FIREWALL, AFTER_CLASSIC_FIREWALL.
END
}

variable "enable_ula_internal_ipv6" {
type = bool
default = false
Expand Down
13 changes: 7 additions & 6 deletions main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,13 @@ resource "google_compute_network" "vpc" {
description = var.description
project = var.project

auto_create_subnetworks = var.auto_create_subnetworks
routing_mode = var.routing_mode
mtu = var.mtu
delete_default_routes_on_create = var.delete_default_routes_on_create
enable_ula_internal_ipv6 = var.enable_ula_internal_ipv6
internal_ipv6_range = var.internal_ipv6_range
auto_create_subnetworks = var.auto_create_subnetworks
routing_mode = var.routing_mode
mtu = var.mtu
delete_default_routes_on_create = var.delete_default_routes_on_create
enable_ula_internal_ipv6 = var.enable_ula_internal_ipv6
internal_ipv6_range = var.internal_ipv6_range
network_firewall_policy_enforcement_order = var.network_firewall_policy_enforcement_order

depends_on = [var.module_depends_on]
}
4 changes: 2 additions & 2 deletions test/unit-complete/_generated_google.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 4.25, <6"
version = ">= 5, <6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 4.25, <6"
version = ">= 5, <6"
}
random = {
source = "hashicorp/random"
Expand Down
19 changes: 10 additions & 9 deletions test/unit-complete/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
module "test" {
source = "../.."

project = local.project_id
name = "vpc-unit-complete"
description = "This is a unit test"
routing_mode = "GLOBAL"
delete_default_routes_on_create = true
auto_create_subnetworks = true
mtu = 1500
enable_ula_internal_ipv6 = true
internal_ipv6_range = "fd20:fff:ffff:ffff:ffff:ffff:ffff:ffff"
project = local.project_id
name = "vpc-unit-complete"
description = "This is a unit test"
routing_mode = "GLOBAL"
delete_default_routes_on_create = true
auto_create_subnetworks = true
mtu = 1500
enable_ula_internal_ipv6 = true
internal_ipv6_range = "fd20:fff:ffff:ffff:ffff:ffff:ffff:ffff"
network_firewall_policy_enforcement_order = "BEFORE_CLASSIC_FIREWALL"
}
4 changes: 2 additions & 2 deletions test/unit-disabled/_generated_google.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 4.25, <6"
version = ">= 5, <6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 4.25, <6"
version = ">= 5, <6"
}
random = {
source = "hashicorp/random"
Expand Down
4 changes: 2 additions & 2 deletions test/unit-minimal/_generated_google.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "4.25"
version = "5"
}
google-beta = {
source = "hashicorp/google-beta"
version = "4.25"
version = "5"
}
random = {
source = "hashicorp/random"
Expand Down
6 changes: 6 additions & 0 deletions variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,12 @@ variable "auto_create_subnetworks" {
default = false
}

variable "network_firewall_policy_enforcement_order" {
description = "(Optional) Set the order that Firewall Rules and Firewall Policies are evaluated. Default value is AFTER_CLASSIC_FIREWALL. Possible values are: BEFORE_CLASSIC_FIREWALL, AFTER_CLASSIC_FIREWALL."
type = string
default = null
}

variable "mtu" {
description = "(Optional) Maximum Transmission Unit in bytes. The minimum value for this field is 1460 and the maximum value is 1500 bytes. Default is '1460'."
type = string
Expand Down
2 changes: 1 addition & 1 deletion versions.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 4.25, <6"
version = ">= 5, <6"
}
}
}
2 changes: 1 addition & 1 deletion versions.tm.hcl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ globals {
minimum_terraform_version = "1.0"

provider = "google"
minimum_provider_version = "4.25"
minimum_provider_version = "5"

provider_version_constraint = ">= ${global.minimum_provider_version}, <6"
terraform_version_constraint = "~> ${global.minimum_terraform_version}, != 1.1.0, != 1.1.1"
Expand Down
Loading