forked from pierront/but3-iac
WIP: fix compute and network terraform plan
This commit is contained in:
@@ -13,12 +13,17 @@ provider "google" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
module "network" {
|
module "network" {
|
||||||
source = "../../modules/network"
|
source = "../../modules/network"
|
||||||
|
|
||||||
project_name = var.project_name
|
project_name = var.project_name
|
||||||
region = var.region
|
project_id = var.project_id
|
||||||
frontend_cidr = var.frontend_cidr
|
region = var.region
|
||||||
backend_cidr = var.backend_cidr
|
frontend_cidr = var.frontend_cidr
|
||||||
database_cidr = var.database_cidr
|
backend_cidr = var.backend_cidr
|
||||||
ssh_source_ranges = var.ssh_source_ranges
|
database_cidr = var.database_cidr
|
||||||
|
ssh_source_ranges = var.ssh_source_ranges
|
||||||
|
|
||||||
|
providers = {
|
||||||
|
google = google
|
||||||
|
}
|
||||||
}
|
}
|
||||||
@@ -1,6 +1,7 @@
|
|||||||
resource "google_compute_network" "vpc" {
|
resource "google_compute_network" "vpc" {
|
||||||
name = "vpc"
|
name = "vpc"
|
||||||
auto_create_subnetworks = false
|
auto_create_subnetworks = false
|
||||||
|
project = var.project_id
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_subnetwork" "frontend" {
|
resource "google_compute_subnetwork" "frontend" {
|
||||||
@@ -8,6 +9,7 @@ resource "google_compute_subnetwork" "frontend" {
|
|||||||
ip_cidr_range = var.frontend_cidr
|
ip_cidr_range = var.frontend_cidr
|
||||||
region = var.region
|
region = var.region
|
||||||
network = google_compute_network.vpc.id
|
network = google_compute_network.vpc.id
|
||||||
|
project = var.project_id
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_subnetwork" "backend" {
|
resource "google_compute_subnetwork" "backend" {
|
||||||
@@ -15,6 +17,7 @@ resource "google_compute_subnetwork" "backend" {
|
|||||||
ip_cidr_range = var.backend_cidr
|
ip_cidr_range = var.backend_cidr
|
||||||
region = var.region
|
region = var.region
|
||||||
network = google_compute_network.vpc.id
|
network = google_compute_network.vpc.id
|
||||||
|
project = var.project_id
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_subnetwork" "database" {
|
resource "google_compute_subnetwork" "database" {
|
||||||
@@ -22,12 +25,13 @@ resource "google_compute_subnetwork" "database" {
|
|||||||
ip_cidr_range = var.database_cidr
|
ip_cidr_range = var.database_cidr
|
||||||
region = var.region
|
region = var.region
|
||||||
network = google_compute_network.vpc.id
|
network = google_compute_network.vpc.id
|
||||||
|
project = var.project_id
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
resource "google_compute_firewall" "allow_http_https" {
|
resource "google_compute_firewall" "allow_http_https" {
|
||||||
name = "allow-http-https"
|
name = "allow-http-https"
|
||||||
network = google_compute_network.vpc.id
|
network = google_compute_network.vpc.id
|
||||||
|
project = var.project_id
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
@@ -41,19 +45,21 @@ resource "google_compute_firewall" "allow_http_https" {
|
|||||||
resource "google_compute_firewall" "allow_ssh" {
|
resource "google_compute_firewall" "allow_ssh" {
|
||||||
name = "allow-ssh"
|
name = "allow-ssh"
|
||||||
network = google_compute_network.vpc.id
|
network = google_compute_network.vpc.id
|
||||||
|
project = var.project_id
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
ports = ["22"]
|
ports = ["22"]
|
||||||
}
|
}
|
||||||
|
|
||||||
source_ranges = ["0.0.0.0/0"]
|
source_ranges = [var.ssh_source_ranges]
|
||||||
target_tags = ["all-instances"]
|
target_tags = ["all-instances"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_firewall" "frontend_to_backend" {
|
resource "google_compute_firewall" "frontend_to_backend" {
|
||||||
name = "frontend-to-backend-8000"
|
name = "frontend-to-backend-8000"
|
||||||
network = google_compute_network.vpc.id
|
network = google_compute_network.vpc.id
|
||||||
|
project = var.project_id
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
@@ -67,6 +73,7 @@ resource "google_compute_firewall" "frontend_to_backend" {
|
|||||||
resource "google_compute_firewall" "backend_to_database" {
|
resource "google_compute_firewall" "backend_to_database" {
|
||||||
name = "backend-to-database-3306"
|
name = "backend-to-database-3306"
|
||||||
network = google_compute_network.vpc.id
|
network = google_compute_network.vpc.id
|
||||||
|
project = var.project_id
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
|
|||||||
@@ -3,6 +3,10 @@ variable "project_name" {
|
|||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "project_id" {
|
||||||
|
type = string
|
||||||
|
}
|
||||||
|
|
||||||
variable "region" {
|
variable "region" {
|
||||||
description = "Région GCP où seront créés les sous-réseaux"
|
description = "Région GCP où seront créés les sous-réseaux"
|
||||||
type = string
|
type = string
|
||||||
|
|||||||
Reference in New Issue
Block a user