Add forward_proxy_uri support

GoogleCloudPlatform · Jun 20, 2024 · b6ba49d · b6ba49d
1 parent bf3f2b9
commit b6ba49d
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 31 deletions.
diff --git a/modules/apigee/README.md b/modules/apigee/README.md
@@ -5,21 +5,22 @@ This module simplifies the creation of a Apigee resources (organization, environ
 ## Examples
 
 <!-- BEGIN TOC -->
-- [Examples](#examples)
-  - [Minimal example (CLOUD)](#minimal-example-cloud)
-  - [Minimal example with existing organization (CLOUD)](#minimal-example-with-existing-organization-cloud)
-  - [Disable VPC Peering (CLOUD)](#disable-vpc-peering-cloud)
-  - [All resources (CLOUD)](#all-resources-cloud)
-  - [All resources (HYBRID control plane)](#all-resources-hybrid-control-plane)
-  - [New environment group](#new-environment-group)
-  - [New environment](#new-environment)
-  - [New instance (VPC Peering Provisioning Mode)](#new-instance-vpc-peering-provisioning-mode)
-  - [New instance (Non VPC Peering Provisioning Mode)](#new-instance-non-vpc-peering-provisioning-mode)
-  - [New endpoint attachment](#new-endpoint-attachment)
-  - [Apigee add-ons](#apigee-add-ons)
-  - [IAM](#iam)
-- [Variables](#variables)
-- [Outputs](#outputs)
+- [Apigee](#apigee)
+  - [Examples](#examples)
+    - [Minimal example (CLOUD)](#minimal-example-cloud)
+    - [Minimal example with existing organization (CLOUD)](#minimal-example-with-existing-organization-cloud)
+    - [Disable VPC Peering (CLOUD)](#disable-vpc-peering-cloud)
+    - [All resources (CLOUD)](#all-resources-cloud)
+    - [All resources (HYBRID control plane)](#all-resources-hybrid-control-plane)
+    - [New environment group](#new-environment-group)
+    - [New environment](#new-environment)
+    - [New instance (VPC Peering Provisioning Mode)](#new-instance-vpc-peering-provisioning-mode)
+    - [New instance (Non VPC Peering Provisioning Mode)](#new-instance-non-vpc-peering-provisioning-mode)
+    - [New endpoint attachment](#new-endpoint-attachment)
+    - [Apigee add-ons](#apigee-add-ons)
+    - [IAM](#iam)
+  - [Variables](#variables)
+  - [Outputs](#outputs)
 <!-- END TOC -->
 
 ### Minimal example (CLOUD)
@@ -359,13 +360,13 @@ module "apigee" {
 
 | name | description | type | required | default |
 |---|---|:---:|:---:|:---:|
-| [project_id](variables.tf#L130) | Project ID. | <code>string</code> | ✓ |  |
+| [project_id](variables.tf#L131) | Project ID. | <code>string</code> | ✓ |  |
 | [addons_config](variables.tf#L17) | Addons configuration. | <code title="object&#40;&#123;&#10;  advanced_api_ops    &#61; optional&#40;bool, false&#41;&#10;  api_security        &#61; optional&#40;bool, false&#41;&#10;  connectors_platform &#61; optional&#40;bool, false&#41;&#10;  integration         &#61; optional&#40;bool, false&#41;&#10;  monetization        &#61; optional&#40;bool, false&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> |  | <code>null</code> |
 | [endpoint_attachments](variables.tf#L29) | Endpoint attachments. | <code title="map&#40;object&#40;&#123;&#10;  region             &#61; string&#10;  service_attachment &#61; string&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
 | [envgroups](variables.tf#L39) | Environment groups (NAME => [HOSTNAMES]). | <code>map&#40;list&#40;string&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
-| [environments](variables.tf#L46) | Environments. | <code title="map&#40;object&#40;&#123;&#10;  api_proxy_type  &#61; optional&#40;string&#41;&#10;  description     &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10;  display_name    &#61; optional&#40;string&#41;&#10;  deployment_type &#61; optional&#40;string&#41;&#10;  envgroups       &#61; optional&#40;list&#40;string&#41;, &#91;&#93;&#41;&#10;  iam             &#61; optional&#40;map&#40;list&#40;string&#41;&#41;, &#123;&#125;&#41;&#10;  iam_bindings &#61; optional&#40;map&#40;object&#40;&#123;&#10;    role    &#61; string&#10;    members &#61; list&#40;string&#41;&#10;  &#125;&#41;&#41;, &#123;&#125;&#41;&#10;  iam_bindings_additive &#61; optional&#40;map&#40;object&#40;&#123;&#10;    role   &#61; string&#10;    member &#61; string&#10;  &#125;&#41;&#41;, &#123;&#125;&#41;&#10;  node_config &#61; optional&#40;object&#40;&#123;&#10;    min_node_count &#61; optional&#40;number&#41;&#10;    max_node_count &#61; optional&#40;number&#41;&#10;  &#125;&#41;&#41;&#10;  type &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
-| [instances](variables.tf#L73) | Instances ([REGION] => [INSTANCE]). | <code title="map&#40;object&#40;&#123;&#10;  consumer_accept_list          &#61; optional&#40;list&#40;string&#41;&#41;&#10;  description                   &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10;  disk_encryption_key           &#61; optional&#40;string&#41;&#10;  display_name                  &#61; optional&#40;string&#41;&#10;  enable_nat                    &#61; optional&#40;bool, false&#41;&#10;  environments                  &#61; optional&#40;list&#40;string&#41;, &#91;&#93;&#41;&#10;  name                          &#61; optional&#40;string&#41;&#10;  runtime_ip_cidr_range         &#61; optional&#40;string&#41;&#10;  troubleshooting_ip_cidr_range &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
-| [organization](variables.tf#L98) | Apigee organization. If set to null the organization must already exist. | <code title="object&#40;&#123;&#10;  analytics_region                 &#61; optional&#40;string&#41;&#10;  api_consumer_data_encryption_key &#61; optional&#40;string&#41;&#10;  api_consumer_data_location       &#61; optional&#40;string&#41;&#10;  authorized_network               &#61; optional&#40;string&#41;&#10;  billing_type                     &#61; optional&#40;string&#41;&#10;  control_plane_encryption_key     &#61; optional&#40;string&#41;&#10;  database_encryption_key          &#61; optional&#40;string&#41;&#10;  description                      &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10;  disable_vpc_peering              &#61; optional&#40;bool, false&#41;&#10;  display_name                     &#61; optional&#40;string&#41;&#10;  properties                       &#61; optional&#40;map&#40;string&#41;, &#123;&#125;&#41;&#10;  runtime_type                     &#61; optional&#40;string, &#34;CLOUD&#34;&#41;&#10;  retention                        &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> |  | <code>null</code> |
+| [environments](variables.tf#L46) | Environments. | <code title="map&#40;object&#40;&#123;&#10;  api_proxy_type    &#61; optional&#40;string&#41;&#10;  description       &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10;  display_name      &#61; optional&#40;string&#41;&#10;  deployment_type   &#61; optional&#40;string&#41;&#10;  envgroups         &#61; optional&#40;list&#40;string&#41;, &#91;&#93;&#41;&#10;  forward_proxy_uri &#61; optional&#40;string&#41;&#10;  iam               &#61; optional&#40;map&#40;list&#40;string&#41;&#41;, &#123;&#125;&#41;&#10;  iam_bindings &#61; optional&#40;map&#40;object&#40;&#123;&#10;    role    &#61; string&#10;    members &#61; list&#40;string&#41;&#10;  &#125;&#41;&#41;, &#123;&#125;&#41;&#10;  iam_bindings_additive &#61; optional&#40;map&#40;object&#40;&#123;&#10;    role   &#61; string&#10;    member &#61; string&#10;  &#125;&#41;&#41;, &#123;&#125;&#41;&#10;  node_config &#61; optional&#40;object&#40;&#123;&#10;    min_node_count &#61; optional&#40;number&#41;&#10;    max_node_count &#61; optional&#40;number&#41;&#10;  &#125;&#41;&#41;&#10;  type &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
+| [instances](variables.tf#L74) | Instances ([REGION] => [INSTANCE]). | <code title="map&#40;object&#40;&#123;&#10;  consumer_accept_list          &#61; optional&#40;list&#40;string&#41;&#41;&#10;  description                   &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10;  disk_encryption_key           &#61; optional&#40;string&#41;&#10;  display_name                  &#61; optional&#40;string&#41;&#10;  enable_nat                    &#61; optional&#40;bool, false&#41;&#10;  environments                  &#61; optional&#40;list&#40;string&#41;, &#91;&#93;&#41;&#10;  name                          &#61; optional&#40;string&#41;&#10;  runtime_ip_cidr_range         &#61; optional&#40;string&#41;&#10;  troubleshooting_ip_cidr_range &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
+| [organization](variables.tf#L99) | Apigee organization. If set to null the organization must already exist. | <code title="object&#40;&#123;&#10;  analytics_region                 &#61; optional&#40;string&#41;&#10;  api_consumer_data_encryption_key &#61; optional&#40;string&#41;&#10;  api_consumer_data_location       &#61; optional&#40;string&#41;&#10;  authorized_network               &#61; optional&#40;string&#41;&#10;  billing_type                     &#61; optional&#40;string&#41;&#10;  control_plane_encryption_key     &#61; optional&#40;string&#41;&#10;  database_encryption_key          &#61; optional&#40;string&#41;&#10;  description                      &#61; optional&#40;string, &#34;Terraform-managed&#34;&#41;&#10;  disable_vpc_peering              &#61; optional&#40;bool, false&#41;&#10;  display_name                     &#61; optional&#40;string&#41;&#10;  properties                       &#61; optional&#40;map&#40;string&#41;, &#123;&#125;&#41;&#10;  runtime_type                     &#61; optional&#40;string, &#34;CLOUD&#34;&#41;&#10;  retention                        &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> |  | <code>null</code> |
 
 ## Outputs
 

diff --git a/modules/apigee/main.tf b/modules/apigee/main.tf
@@ -54,12 +54,13 @@ resource "google_apigee_envgroup" "envgroups" {
 }
 
 resource "google_apigee_environment" "environments" {
-  for_each        = var.environments
-  api_proxy_type  = each.value.api_proxy_type
-  deployment_type = each.value.deployment_type
-  description     = each.value.description
-  display_name    = each.value.display_name
-  name            = each.key
+  for_each          = var.environments
+  api_proxy_type    = each.value.api_proxy_type
+  deployment_type   = each.value.deployment_type
+  description       = each.value.description
+  display_name      = each.value.display_name
+  forward_proxy_uri = each.value.forward_proxy_uri
+  name              = each.key
   dynamic "node_config" {
     for_each = try(each.value.node_config, null) != null ? [""] : []
     content {

diff --git a/modules/apigee/variables.tf b/modules/apigee/variables.tf
@@ -46,12 +46,13 @@ variable "envgroups" {
 variable "environments" {
   description = "Environments."
   type = map(object({
-    api_proxy_type  = optional(string)
-    description     = optional(string, "Terraform-managed")
-    display_name    = optional(string)
-    deployment_type = optional(string)
-    envgroups       = optional(list(string), [])
-    iam             = optional(map(list(string)), {})
+    api_proxy_type    = optional(string)
+    description       = optional(string, "Terraform-managed")
+    display_name      = optional(string)
+    deployment_type   = optional(string)
+    envgroups         = optional(list(string), [])
+    forward_proxy_uri = optional(string)
+    iam               = optional(map(list(string)), {})
     iam_bindings = optional(map(object({
       role    = string
       members = list(string)