Skip to content

Latest commit

 

History

History

2-networks

readme.md

2-networks

The purpose of this step is to setup shared VPCs with default DNS, NAT, and baseline firewall rules.

Prerequirements

  1. 0-bootstrap (seed project) executed successfully
  2. 1-org executed successfully

Usage

  1. Change into 2-networks directory
  2. Copy tfvars by running cp terraform.tfvars.example terraform.tfvars and update terraform.tfvars with values from your environment.
  3. Push the changes back into the repo using git add . next git commit -m "updated tfvars", then git push origin [branch_name]
    1. If your .gitignore is blocking *.tfvars then you'll need to force the update using git add . -f
  4. This push will kickoff the CloudBuild trigger for 2-networks and start deploying

Expected Outcome

The expected outcome from this default build is a Shared VPC in a host project that deploys a couple of default firewall rules for Identity And Access Management. A Cloud NAT that is attached to the location for internet access. Cloud DNS is deployed using a hybrid architecture

Providers

Name Version
google ~> 3.1

Inputs

Name Description Type Default Required
billing_account Billing account to attach to projects. any n/a yes
default_region Default subnet region standard_shared_vpc currently only configures one region string "us-central1" no
domain Domain any n/a yes
network_name Name of the VPC string "shared-vpc-prod" no
org_id Organization ID any n/a yes
subnets_1 Subnetwork information list 
[
  {
    "description": "Prod subnet.",
    "subnet_flow_logs": "true",
    "subnet_flow_logs_interval": "INTERVAL_15_MIN",
    "subnet_flow_logs_metadata": "INCLUDE_ALL_METADATA",
    "subnet_flow_logs_sampling": 0.3,
    "subnet_ip": "172.30.0.0/20",
    "subnet_name": "us-central1-prod-1",
    "subnet_private_access": "true",
    "subnet_region": "us-central1"
  }
]
 no

Outputs

Name Description
prod_host_project_id The host project ID for prod
prod_network_name The name of the VPC being created
prod_network_self_link The URI of the VPC being created
prod_subnets_ips The IPs and CIDRs of the subnets being created
prod_subnets_names The names of the subnets being created
prod_subnets_secondary_ranges The secondary ranges associated with these subnets
prod_subnets_self_links The self-links of subnets being created