Skip to main content

VPC Networks Module for GCP

The module that creates networks and subnetworks on GCP.

It is primarily intended for Terraform 0.12.x users, because it offers possibility to conditionally handle either new or pre-existing networks/subnetworks without changing the source code. It is useful for 0.12 which doesn't allow conditional module instantiation.

This module is not strictly required for constructing inputs to be passed to other modules (including to vmseries or to autoscale modules). Any existing networks/subnetworks can work equally well, independent on how they were created.

For Terraform 0.13+, a viable alternative is to use Goggle-authored Terraform modules and employ for_each or count parameters when needed.

GitHub Logo Terraform Logo

Reference

Requirements

NameVersion
terraform>= 1.2, < 2.0
google~> 4.54

Providers

NameVersion
google~> 4.54

Modules

No modules.

Resources

NameType
google_compute_firewall.thisresource
google_compute_network.thisresource
google_compute_subnetwork.thisresource
google_compute_network.thisdata source
google_compute_subnetwork.thisdata source

Inputs

NameDescriptionTypeDefaultRequired
allowed_portsA list of ports to pass for the networks entries that do not have their own allowed_ports attribute. For example ["22", "443"]. Can also include ranges, for example ["80", "8080-8999"]. Empty list means to allow all.list(string)[]no
allowed_protocolA protocol (TCP or UDP) to pass for the networks entries that do not have their own allowed_protocol attribute.string"all"no
networksMap of networks, a minimal example:
{
  "my-vpc" = {
    name            = "my-vpc"
    subnetwork_name = "my-subnet"
    ip_cidr_range   = "192.168.1.0/24"
  }
}
An advanced example:
{
  "my-vpc" = {
    name            = "my-vpc"
    subnetwork_name = "my-subnet"
    ip_cidr_range   = "192.168.1.0/24"
    allowed_sources = ["209.85.152.0/22"]
    log_metadata    = "INCLUDE_ALL_METADATA"
    mtu             = 1500
    routing_mode    = "REGIONAL"
  }
}
Full example:
{
  "my-vpc" = {
    name             = "my-vpc"
    subnetwork_name  = "my-subnet"
    ip_cidr_range    = "192.168.1.0/24"
    allowed_sources  = ["10.0.0.0/8", "98.98.98.0/28"]
    allowed_protocol = "UDP"
    allowed_ports    = ["53", "123-125"]
    log_metadata     = "EXCLUDE_ALL_METADATA"
    routing_mode     = "GLOBAL"

    delete_default_routes_on_create = true
  }
  "imported-from-hostproject" = {
    name              = "existing-core-vpc"
    subnetwork_name   = "existing-subnet"
    create_network    = false
    create_subnetwork = false
    host_project_id   = "my-core-project-id"
  }
}
Terraform 0.12.x and 0.13.x limitation: the existing networks/subnetworks names should be static strings and not come from other resource objects.
It is allowed from Terraform 0.14 onwards.		anyn/ayes
project_idProject in which to create or look for VPCs and subnetsstringnullno
regionGCP region for all the created subnetworks and for all the imported subnetworks. Set to null to use a default provider's region.

To add subnetworks with another region use a separate instance of this module (and specify create_network=false to avoid creating a duplicate network).		stringnullno

Outputs

NameDescription
networksn/a
networks_by_keyMap with network objects corresponding to input keys (or index if list was provided) of networks variable.
subnetworksn/a
subnetworks_by_keyMap with subnetwork objects corresponding to input key (or index if list was provided) of networks variable.