réseau bonus

2025-12-04 09:23:03 +00:00
parent 638b737b25
commit 30597fcc82
5 changed files with 137 additions and 5 deletions
--- a/terraform/environments/dev/main.tf
+++ b/terraform/environments/dev/main.tf
@@ -13,7 +13,7 @@ provider "google" {
 }

 module "network" {
-  source = "../../modules/network"
+  source            = "../../modules/network"
  project_name      = var.project_name
  region            = var.region
  frontend_cidr     = var.frontend_cidr
--- a/terraform/environments/dev/terraform.tfstate
+++ b/terraform/environments/dev/terraform.tfstate
@@ -1,7 +1,7 @@
 {
  "version": 4,
  "terraform_version": "1.14.1",
-  "serial": 51,
+  "serial": 54,
  "lineage": "39fa9bd0-98c8-1759-7f73-ed127b902d8b",
  "outputs": {
    "frontend_public_ip": {
@@ -916,6 +916,90 @@
        }
      ]
    },
+    {
+      "module": "module.network",
+      "mode": "managed",
+      "type": "google_compute_router",
+      "name": "nat_router",
+      "provider": "provider[\"registry.terraform.io/hashicorp/google\"]",
+      "instances": [
+        {
+          "schema_version": 0,
+          "attributes": {
+            "bgp": [],
+            "creation_timestamp": "2025-12-04T01:14:24.736-08:00",
+            "description": "",
+            "encrypted_interconnect_router": false,
+            "id": "projects/western-diorama-374821/regions/us-central1/routers/western-diorama-374821-nat-router",
+            "name": "western-diorama-374821-nat-router",
+            "network": "https://www.googleapis.com/compute/v1/projects/western-diorama-374821/global/networks/western-diorama-374821-vpc",
+            "project": "western-diorama-374821",
+            "region": "us-central1",
+            "self_link": "https://www.googleapis.com/compute/v1/projects/western-diorama-374821/regions/us-central1/routers/western-diorama-374821-nat-router",
+            "timeouts": null
+          },
+          "sensitive_attributes": [],
+          "identity_schema_version": 0,
+          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19",
+          "dependencies": [
+            "module.network.google_compute_network.vpc"
+          ]
+        }
+      ]
+    },
+    {
+      "module": "module.network",
+      "mode": "managed",
+      "type": "google_compute_router_nat",
+      "name": "nat_config",
+      "provider": "provider[\"registry.terraform.io/hashicorp/google\"]",
+      "instances": [
+        {
+          "schema_version": 0,
+          "attributes": {
+            "auto_network_tier": "PREMIUM",
+            "drain_nat_ips": [],
+            "enable_dynamic_port_allocation": false,
+            "enable_endpoint_independent_mapping": false,
+            "endpoint_types": [
+              "ENDPOINT_TYPE_VM"
+            ],
+            "icmp_idle_timeout_sec": 30,
+            "id": "western-diorama-374821/us-central1/western-diorama-374821-nat-router/western-diorama-374821-nat-config",
+            "initial_nat_ips": null,
+            "log_config": [
+              {
+                "enable": false,
+                "filter": "ALL"
+              }
+            ],
+            "max_ports_per_vm": 0,
+            "min_ports_per_vm": 0,
+            "name": "western-diorama-374821-nat-config",
+            "nat_ip_allocate_option": "AUTO_ONLY",
+            "nat_ips": [],
+            "project": "western-diorama-374821",
+            "region": "us-central1",
+            "router": "western-diorama-374821-nat-router",
+            "rules": [],
+            "source_subnetwork_ip_ranges_to_nat": "ALL_SUBNETWORKS_ALL_IP_RANGES",
+            "subnetwork": [],
+            "tcp_established_idle_timeout_sec": 1200,
+            "tcp_time_wait_timeout_sec": 120,
+            "tcp_transitory_idle_timeout_sec": 30,
+            "timeouts": null,
+            "udp_idle_timeout_sec": 30
+          },
+          "sensitive_attributes": [],
+          "identity_schema_version": 0,
+          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19",
+          "dependencies": [
+            "module.network.google_compute_network.vpc",
+            "module.network.google_compute_router.nat_router"
+          ]
+        }
+      ]
+    },
    {
      "module": "module.network",
      "mode": "managed",
--- a/terraform/environments/dev/terraform.tfstate.backup
+++ b/terraform/environments/dev/terraform.tfstate.backup
@@ -1,7 +1,7 @@
 {
  "version": 4,
  "terraform_version": "1.14.1",
-  "serial": 49,
+  "serial": 51,
  "lineage": "39fa9bd0-98c8-1759-7f73-ed127b902d8b",
  "outputs": {
    "frontend_public_ip": {
@@ -554,6 +554,33 @@
        }
      ]
    },
+    {
+      "module": "module.iam",
+      "mode": "managed",
+      "type": "google_os_login_ssh_public_key",
+      "name": "ssh_key",
+      "provider": "provider[\"registry.terraform.io/hashicorp/google\"]",
+      "instances": [
+        {
+          "schema_version": 0,
+          "attributes": {
+            "expiration_time_usec": "",
+            "fingerprint": "bae4ee52e570411c8a41d0d46f05dc7f23b515da1276de0abadb928dbc8fade9",
+            "id": "users/clemenceducreux459@gmail.com/sshPublicKeys/bae4ee52e570411c8a41d0d46f05dc7f23b515da1276de0abadb928dbc8fade9",
+            "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDqZZpZmHK1MZMQMHfJIbbHtX13eNmUBkjtuP2aoazze6OTRYIUcMPdWhSyuQvgBoell4OiG7qSklbi49rzuTXoB2LsN2e39YHh7/aGisaot5ef0XNePD6/q0Rkpwz4arCrmpuGEX+ukABmp889hYReSHN3jafad0/loHFCbnoL3X+2jkbVjsDvkL78hkvF/SbeEc/C+BCDwSip5ylwmmRG+7eFvG6gwpQOlvcI3zpCXStAe8Tqk8ssE7RhjiVOvS7Wwc3xZ3QcS9dQgPIzcX87JjBE4FJalL3NDUtwV/ikmnvG9aejbpYA2cqckK4sXyrpSWh1C6sF7Ozosf0lhdnaeVRkl3cWcDX1UFTtrVV4oxPykFIj88lNRJEiu2N1UrD2SlWTdo6NYaDKxto9l5nQ3CwaSua3miwx+Nt74ujp2TxWKh4AV+A9qx6jZPjTiZcRtQdsrN50RxTGWjmfZZOuS1+mqYaTpcT5OZhetYtBDtB2BRznNrjMBg9/y21fCI0= clemenceducreux459_gmail_com\n",
+            "project": "western-diorama-374821",
+            "timeouts": null,
+            "user": "clemenceducreux459@gmail.com"
+          },
+          "sensitive_attributes": [],
+          "identity_schema_version": 0,
+          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19",
+          "dependencies": [
+            "module.iam.data.google_client_openid_userinfo.me"
+          ]
+        }
+      ]
+    },
    {
      "module": "module.iam",
      "mode": "managed",
--- a/terraform/modules/network/main.tf
+++ b/terraform/modules/network/main.tf
@@ -1,4 +1,3 @@
-
 resource "google_compute_network" "vpc" {
  name                    = "${var.project_name}-vpc"
  project                 = var.project_name
@@ -94,3 +93,25 @@ resource "google_compute_firewall" "fw_backend_to_database_3306" {
    ports    = ["3306"]
  }
 }
+
+resource "google_compute_router" "nat_router" {
+  name    = "${var.project_name}-nat-router"
+  project = var.project_name
+  network = google_compute_network.vpc.self_link
+  region  = var.region
+}
+
+resource "google_compute_router_nat" "nat_config" {
+  name   = "${var.project_name}-nat-config"
+  router = google_compute_router.nat_router.name
+  region = var.region
+  project = var.project_name
+
+  nat_ip_allocate_option             = "AUTO_ONLY"
+  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
+
+  log_config {
+    enable = false
+    filter = "ALL"
+  }
+}