diff --git a/blueprints/cloud-operations/apigee/main.tf b/blueprints/cloud-operations/apigee/main.tf
index 8ca6f6b295..d6c8e7d16f 100644
--- a/blueprints/cloud-operations/apigee/main.tf
+++ b/blueprints/cloud-operations/apigee/main.tf
@@ -25,7 +25,7 @@ module "project" {
: null
)
name = var.project_id
- project_create = var.project_create == null ? false : true
+ project_create = var.project_create != null
services = [
"apigee.googleapis.com",
"bigquery.googleapis.com",
diff --git a/modules/apigee/README.md b/modules/apigee/README.md
index eb2f9a34fe..1425c8f9af 100644
--- a/modules/apigee/README.md
+++ b/modules/apigee/README.md
@@ -50,8 +50,18 @@ module "apigee" {
psa_ip_cidr_range = "10.0.5.0/22"
}
}
+ endpoint_attachments = {
+ endpoint-backend-1 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
+ }
+ endpoint-backend-2 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2"
+ }
+ }
}
-# tftest modules=1 resources=12
+# tftest modules=1 resources=14
```
### All resources (HYBRID control plane)
@@ -135,17 +145,36 @@ module "apigee" {
}
# tftest modules=1 resources=2
```
+
+### New endpoint attachment
+
+Endpoint attachments allow to implement [Apigee southbound network patterns](https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints#create-the-psc-attachments).
+
+```hcl
+module "apigee" {
+ source = "./fabric/modules/apigee"
+ project_id = "my-project"
+ endpoint_attachments = {
+ endpoint-backend-1 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
+ }
+ }
+}
+# tftest modules=1 resources=1
+```
## Variables
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [project_id](variables.tf#L68) | Project ID. | string
| ✓ | |
-| [envgroups](variables.tf#L18) | Environment groups (NAME => [HOSTNAMES]). | map(list(string))
| | null
|
-| [environments](variables.tf#L24) | Environments. | map(object({…}))
| | null
|
-| [instances](variables.tf#L40) | Instance. | map(object({…}))
| | null
|
-| [organization](variables.tf#L54) | Apigee organization. If set to null the organization must already exist. | object({…})
| | null
|
+| [project_id](variables.tf#L76) | Project ID. | string
| ✓ | |
+| [endpoint_attachments](variables.tf#L17) | Endpoint attachments. | map(object({…}))
| | null
|
+| [envgroups](variables.tf#L26) | Environment groups (NAME => [HOSTNAMES]). | map(list(string))
| | null
|
+| [environments](variables.tf#L32) | Environments. | map(object({…}))
| | null
|
+| [instances](variables.tf#L48) | Instances. | map(object({…}))
| | null
|
+| [organization](variables.tf#L62) | Apigee organization. If set to null the organization must already exist. | object({…})
| | null
|
## Outputs
diff --git a/modules/apigee/main.tf b/modules/apigee/main.tf
index 8754b458fe..bc5dab48ea 100644
--- a/modules/apigee/main.tf
+++ b/modules/apigee/main.tf
@@ -15,10 +15,11 @@
*/
locals {
- org_id = try(google_apigee_organization.organization[0].id, "organizations/${var.project_id}")
- envgroups = coalesce(var.envgroups, {})
- environments = coalesce(var.environments, {})
- instances = coalesce(var.instances, {})
+ org_id = try(google_apigee_organization.organization[0].id, "organizations/${var.project_id}")
+ envgroups = coalesce(var.envgroups, {})
+ environments = coalesce(var.environments, {})
+ instances = coalesce(var.instances, {})
+ endpoint_attachments = coalesce(var.endpoint_attachments, {})
}
resource "google_apigee_organization" "organization" {
@@ -102,5 +103,12 @@ resource "google_apigee_instance_attachment" "instance_attachments" {
instance_id = google_apigee_instance.instances[each.value.instance].id
environment = try(google_apigee_environment.environments[each.value.environment].name,
"${local.org_id}/environments/${each.value.environment}")
+}
+resource "google_apigee_endpoint_attachment" "endpoint_attachments" {
+ for_each = local.endpoint_attachments
+ org_id = local.org_id
+ endpoint_attachment_id = each.key
+ location = each.value.region
+ service_attachment = each.value.service_attachment
}
diff --git a/modules/apigee/variables.tf b/modules/apigee/variables.tf
index c9cae91c42..8cddf9a495 100644
--- a/modules/apigee/variables.tf
+++ b/modules/apigee/variables.tf
@@ -14,6 +14,14 @@
* limitations under the License.
*/
+variable "endpoint_attachments" {
+ description = "Endpoint attachments."
+ type = map(object({
+ region = string
+ service_attachment = string
+ }))
+ default = null
+}
variable "envgroups" {
description = "Environment groups (NAME => [HOSTNAMES])."
@@ -38,7 +46,7 @@ variable "environments" {
}
variable "instances" {
- description = "Instance."
+ description = "Instances."
type = map(object({
display_name = optional(string)
description = optional(string, "Terraform-managed")
@@ -68,4 +76,4 @@ variable "organization" {
variable "project_id" {
description = "Project ID."
type = string
-}
+}
\ No newline at end of file
diff --git a/tests/modules/apigee/fixture/main.tf b/tests/modules/apigee/fixture/main.tf
index 25dd8ca6d4..7ab25f733a 100644
--- a/tests/modules/apigee/fixture/main.tf
+++ b/tests/modules/apigee/fixture/main.tf
@@ -15,10 +15,11 @@
*/
module "test" {
- source = "../../../../modules/apigee"
- project_id = var.project_id
- organization = var.organization
- envgroups = var.envgroups
- environments = var.environments
- instances = var.instances
+ source = "../../../../modules/apigee"
+ project_id = var.project_id
+ organization = var.organization
+ envgroups = var.envgroups
+ environments = var.environments
+ instances = var.instances
+ endpoint_attachments = var.endpoint_attachments
}
diff --git a/tests/modules/apigee/fixture/test.all.tfvars b/tests/modules/apigee/fixture/test.all.tfvars
index b0e25b92a9..d0c29921ca 100644
--- a/tests/modules/apigee/fixture/test.all.tfvars
+++ b/tests/modules/apigee/fixture/test.all.tfvars
@@ -39,3 +39,13 @@ instances = {
psa_ip_cidr_range = "10.0.5.0/22"
}
}
+endpoint_attachments = {
+ endpoint-backend-1 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
+ }
+ endpoint-backend-2 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2"
+ }
+}
diff --git a/tests/modules/apigee/fixture/test.endpoint_attachment_only.tfvars b/tests/modules/apigee/fixture/test.endpoint_attachment_only.tfvars
new file mode 100644
index 0000000000..bd6cbcc410
--- /dev/null
+++ b/tests/modules/apigee/fixture/test.endpoint_attachment_only.tfvars
@@ -0,0 +1,7 @@
+project_id = "my-project"
+endpoint_attachments = {
+ endpoint-backend-1 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
+ }
+}
diff --git a/tests/modules/apigee/fixture/variables.tf b/tests/modules/apigee/fixture/variables.tf
index 687e3b53b8..8cddf9a495 100644
--- a/tests/modules/apigee/fixture/variables.tf
+++ b/tests/modules/apigee/fixture/variables.tf
@@ -14,22 +14,12 @@
* limitations under the License.
*/
-variable "project_id" {
- description = "Project ID."
- type = string
-}
-
-variable "organization" {
- description = "Apigee organization"
- type = object({
- display_name = optional(string)
- description = optional(string, "Apigee Organization created by tf module")
- authorized_network = optional(string)
- runtime_type = optional(string, "CLOUD")
- billing_type = optional(string)
- database_encryption_key = optional(string)
- analytics_region = optional(string, "europe-west1")
- })
+variable "endpoint_attachments" {
+ description = "Endpoint attachments."
+ type = map(object({
+ region = string
+ service_attachment = string
+ }))
default = null
}
@@ -43,7 +33,7 @@ variable "environments" {
description = "Environments."
type = map(object({
display_name = optional(string)
- description = optional(string)
+ description = optional(string, "Terraform-managed")
node_config = optional(object({
min_node_count = optional(number)
max_node_count = optional(number)
@@ -56,10 +46,10 @@ variable "environments" {
}
variable "instances" {
- description = "Instance."
+ description = "Instances."
type = map(object({
display_name = optional(string)
- description = optional(string)
+ description = optional(string, "Terraform-managed")
region = string
environments = list(string)
psa_ip_cidr_range = string
@@ -68,3 +58,22 @@ variable "instances" {
}))
default = null
}
+
+variable "organization" {
+ description = "Apigee organization. If set to null the organization must already exist."
+ type = object({
+ display_name = optional(string)
+ description = optional(string, "Terraform-managed")
+ authorized_network = optional(string)
+ runtime_type = optional(string, "CLOUD")
+ billing_type = optional(string)
+ database_encryption_key = optional(string)
+ analytics_region = optional(string, "europe-west1")
+ })
+ default = null
+}
+
+variable "project_id" {
+ description = "Project ID."
+ type = string
+}
\ No newline at end of file
diff --git a/tests/modules/apigee/test_plan.py b/tests/modules/apigee/test_plan.py
index 9804939c24..e693ddbb29 100644
--- a/tests/modules/apigee/test_plan.py
+++ b/tests/modules/apigee/test_plan.py
@@ -25,6 +25,7 @@ def test_all(plan_runner):
'google_apigee_envgroup_attachment.envgroup_attachments': 2,
'google_apigee_instance.instances': 2,
'google_apigee_instance_attachment.instance_attachments': 2,
+ 'google_apigee_endpoint_attachment.endpoint_attachments': 2,
'google_apigee_environment_iam_binding.binding': 1
}
@@ -62,6 +63,14 @@ def test_instance_only(plan_runner):
'google_apigee_instance_attachment.instance_attachments': 1
}
+def test_endpoint_attachment_only(plan_runner):
+ "Test that creates only an instance."
+ _, resources = plan_runner(tf_var_file='test.endpoint_attachment_only.tfvars')
+ counts = collections.Counter(f'{r["type"]}.{r["name"]}' for r in resources)
+ assert counts == {
+ 'google_apigee_endpoint_attachment.endpoint_attachments': 1,
+ }
+
def test_no_instances(plan_runner):
"Test that creates everything but the instances."
_, resources = plan_runner(tf_var_file='test.no_instances.tfvars')