Skip to content

Commit

Permalink
Add default googleapi route creation to net-vpc
Browse files Browse the repository at this point in the history
  • Loading branch information
juliocc committed May 26, 2023
1 parent 868507e commit 127fcd1
Show file tree
Hide file tree
Showing 17 changed files with 133 additions and 196 deletions.
16 changes: 4 additions & 12 deletions fast/stages/2-networking-a-peering/landing.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -51,17 +51,9 @@ module "landing-vpc" {
inbound = true
}
# set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
data_folder = "${var.factories_config.data_dir}/subnets/landing"
}
Expand Down
16 changes: 4 additions & 12 deletions fast/stages/2-networking-a-peering/spoke-dev.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -53,17 +53,9 @@ module "dev-spoke-vpc" {
data_folder = "${var.factories_config.data_dir}/subnets/dev"
psa_config = try(var.psa_ranges.dev, null)
# set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
}

Expand Down
16 changes: 4 additions & 12 deletions fast/stages/2-networking-a-peering/spoke-prod.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -52,17 +52,9 @@ module "prod-spoke-vpc" {
data_folder = "${var.factories_config.data_dir}/subnets/prod"
psa_config = try(var.psa_ranges.prod, null)
# set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
}

Expand Down
16 changes: 4 additions & 12 deletions fast/stages/2-networking-b-vpn/landing.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -51,17 +51,9 @@ module "landing-vpc" {
inbound = true
}
# set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
data_folder = "${var.factories_config.data_dir}/subnets/landing"
}
Expand Down
16 changes: 4 additions & 12 deletions fast/stages/2-networking-b-vpn/spoke-dev.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -53,17 +53,9 @@ module "dev-spoke-vpc" {
data_folder = "${var.factories_config.data_dir}/subnets/dev"
psa_config = try(var.psa_ranges.dev, null)
# set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
}

Expand Down
16 changes: 4 additions & 12 deletions fast/stages/2-networking-b-vpn/spoke-prod.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -52,17 +52,9 @@ module "prod-spoke-vpc" {
data_folder = "${var.factories_config.data_dir}/subnets/prod"
psa_config = try(var.psa_ranges.prod, null)
# set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
}

Expand Down
16 changes: 4 additions & 12 deletions fast/stages/2-networking-c-nva/landing.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -116,17 +116,9 @@ module "landing-trusted-vpc" {
inbound = true
}
# Set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
}

Expand Down
18 changes: 5 additions & 13 deletions fast/stages/2-networking-c-nva/spoke-dev.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -53,19 +53,11 @@ module "dev-spoke-vpc" {
delete_default_routes_on_create = true
psa_config = try(var.psa_ranges.dev, null)
# Set explicit routes for googleapis; send everything else to NVAs
create_default_routes = {
private = true
restricted = true
}
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
priority = 999
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
priority = 999
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
nva-primary-to-primary = {
dest_range = "0.0.0.0/0"
priority = 1000
Expand Down
18 changes: 5 additions & 13 deletions fast/stages/2-networking-c-nva/spoke-prod.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -52,19 +52,11 @@ module "prod-spoke-vpc" {
delete_default_routes_on_create = true
psa_config = try(var.psa_ranges.prod, null)
# Set explicit routes for googleapis; send everything else to NVAs
create_default_routes = {
private = true
restricted = true
}
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
priority = 999
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
priority = 999
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
nva-primary-to-primary = {
dest_range = "0.0.0.0/0"
priority = 1000
Expand Down
16 changes: 4 additions & 12 deletions fast/stages/2-networking-d-separate-envs/spoke-dev.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -53,17 +53,9 @@ module "dev-spoke-vpc" {
data_folder = "${var.factories_config.data_dir}/subnets/dev"
psa_config = try(var.psa_ranges.dev, null)
# set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
}

Expand Down
16 changes: 4 additions & 12 deletions fast/stages/2-networking-d-separate-envs/spoke-prod.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -52,17 +52,9 @@ module "prod-spoke-vpc" {
data_folder = "${var.factories_config.data_dir}/subnets/prod"
psa_config = try(var.psa_ranges.prod, null)
# set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
}

Expand Down
16 changes: 4 additions & 12 deletions fast/stages/2-networking-e-nva-bgp/landing.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -117,17 +117,9 @@ module "landing-trusted-vpc" {
inbound = true
}
# Set explicit routes for googleapis in case the default route is deleted
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
}

Expand Down
18 changes: 4 additions & 14 deletions fast/stages/2-networking-e-nva-bgp/spoke-dev.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2022 Google LLC
* Copyright 2023 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -53,19 +53,9 @@ module "dev-spoke-vpc" {
delete_default_routes_on_create = true
psa_config = try(var.psa_ranges.dev, null)
# Set explicit routes for googleapis; send everything else to NVAs
routes = {
private-googleapis = {
dest_range = "199.36.153.8/30"
priority = 999
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
restricted-googleapis = {
dest_range = "199.36.153.4/30"
priority = 999
next_hop_type = "gateway"
next_hop = "default-internet-gateway"
}
create_default_routes = {
private = true
restricted = true
}
}

Expand Down
Loading

0 comments on commit 127fcd1

Please sign in to comment.