diff --git a/modules/apigee/README.md b/modules/apigee/README.md
index 5a8eb52517..cafae4f3f5 100644
--- a/modules/apigee/README.md
+++ b/modules/apigee/README.md
@@ -4,7 +4,7 @@ This module simplifies the creation of a Apigee resources (organization, environ
## Example
-### All resources (CLOUD)
+### All resources (CLOUD - VPC Peering Provisioning Mode)
```hcl
module "apigee" {
@@ -18,6 +18,7 @@ module "apigee" {
billing_type = "PAYG"
database_encryption_key = "123456789"
analytics_region = "europe-west1"
+ disable_vpc_peering = false
}
envgroups = {
test = ["test.example.com"]
@@ -65,6 +66,62 @@ module "apigee" {
# tftest modules=1 resources=15
```
+### All resources (CLOUD - Non-VPC Peering Provisioning Mode)
+
+```hcl
+module "apigee" {
+ source = "./fabric/modules/apigee"
+ project_id = "my-project"
+ organization = {
+ display_name = "My Organization"
+ description = "My Organization"
+ runtime_type = "CLOUD"
+ billing_type = "PAYG"
+ database_encryption_key = "123456789"
+ analytics_region = "europe-west1"
+ disable_vpc_peering = true
+ }
+ envgroups = {
+ test = ["test.example.com"]
+ prod = ["prod.example.com"]
+ }
+ environments = {
+ apis-test = {
+ display_name = "APIs test"
+ description = "APIs Test"
+ envgroups = ["test"]
+ regions = ["europe-west1"]
+ }
+ apis-prod = {
+ display_name = "APIs prod"
+ description = "APIs prod"
+ envgroups = ["prod"]
+ regions = ["europe-west3"]
+ iam = {
+ "roles/viewer" = ["group:devops@myorg.com"]
+ }
+ }
+ }
+ instances = {
+ europe-west1 = {}
+ europe-west3 = {
+ enable_nat = true
+ }
+ }
+ endpoint_attachments = {
+ endpoint-backend-1 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
+ }
+ endpoint-backend-2 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2"
+ }
+ }
+}
+# tftest modules=1 resources=15
+```
+
### All resources (HYBRID control plane)
```hcl
@@ -129,7 +186,7 @@ module "apigee" {
# tftest modules=1 resources=1
```
-### New instance
+### New instance (VPC Peering Provisioning Mode)
```hcl
module "apigee" {
@@ -145,6 +202,28 @@ module "apigee" {
# tftest modules=1 resources=1
```
+### New instance (Non-VPC Peering Provisioning Mode)
+
+```hcl
+module "apigee" {
+ source = "./fabric/modules/apigee"
+ project_id = "my-project"
+ organization = {
+ display_name = "My Organization"
+ description = "My Organization"
+ runtime_type = "CLOUD"
+ billing_type = "Pay-as-you-go"
+ database_encryption_key = "123456789"
+ analytics_region = "europe-west1"
+ disable_vpc_peering = true
+ }
+ instances = {
+ europe-west1 = {}
+ }
+}
+# tftest modules=1 resources=2
+```
+
### New endpoint attachment
Endpoint attachments allow to implement [Apigee southbound network patterns](https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints#create-the-psc-attachments).
@@ -180,13 +259,13 @@ module "apigee" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [project_id](variables.tf#L95) | Project ID. | string | ✓ | |
+| [project_id](variables.tf#L96) | Project ID. | string | ✓ | |
| [addons_config](variables.tf#L17) | Addons configuration. | object({…}) | | null |
| [endpoint_attachments](variables.tf#L29) | Endpoint attachments. | map(object({…})) | | {} |
| [envgroups](variables.tf#L39) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | | {} |
| [environments](variables.tf#L46) | Environments. | map(object({…})) | | {} |
-| [instances](variables.tf#L65) | Instances ([REGION] => [INSTANCE]). | map(object({…})) | | {} |
-| [organization](variables.tf#L80) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null |
+| [instances](variables.tf#L65) | Instances ([REGION] => [INSTANCE]). | map(object({…})) | | {} |
+| [organization](variables.tf#L80) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null |
## Outputs
@@ -202,3 +281,4 @@ module "apigee" {
| [organization](outputs.tf#L55) | Organization. | |
| [service_attachments](outputs.tf#L60) | Service attachments. | |
+
diff --git a/modules/apigee/main.tf b/modules/apigee/main.tf
index 4a2e3d25e2..a0c93dfb42 100644
--- a/modules/apigee/main.tf
+++ b/modules/apigee/main.tf
@@ -15,8 +15,9 @@
*/
locals {
- org_id = try(google_apigee_organization.organization[0].id, "organizations/${var.project_id}")
- org_name = try(google_apigee_organization.organization[0].name, var.project_id)
+ org_id = try(google_apigee_organization.organization[0].id, "organizations/${var.project_id}")
+ org_name = try(google_apigee_organization.organization[0].name, var.project_id)
+ disable_vpc_peering = try(var.organization.disable_vpc_peering, false)
}
resource "google_apigee_organization" "organization" {
@@ -28,6 +29,14 @@ resource "google_apigee_organization" "organization" {
runtime_type = var.organization.runtime_type
runtime_database_encryption_key_name = var.organization.database_encryption_key
retention = var.organization.retention
+ disable_vpc_peering = var.organization.disable_vpc_peering
+
+ lifecycle {
+ precondition {
+ condition = (var.organization.disable_vpc_peering == false && var.organization.authorized_network != null && var.organization.runtime_type == "CLOUD") || (var.organization.disable_vpc_peering == true && var.organization.authorized_network == null && var.organization.runtime_type == "CLOUD") || (var.organization.disable_vpc_peering == false && var.organization.authorized_network == null && var.organization.runtime_type == "HYBRID")
+ error_message = "For `var.organization.runtime_type = \"CLOUD\"`, if `var.organization.disable_vpc_peering` is set to `true`, `var.organization.authorized_network` should be `null`. If `var.organization.authorized_network` is set to name of some VPC Network, `var.organization.disable_vpc_peering` should be set to `false`. `var.organization.authorized_network` is used for Apigee X VPC Peering Provisioning Mode and `var.organization.disable_vpc_peering` is used for Apigee X Non-VPC Peering Provisioning Mode. For `var.organization.runtime_type = \"HYBRID\"`, `var.organization.disable_vpc_peering` cannot be set to `true` and `var.organization.authorized_network` cannot be `null`."
+ }
+ }
}
resource "google_apigee_envgroup" "envgroups" {
@@ -91,9 +100,16 @@ resource "google_apigee_instance" "instances" {
description = each.value.description
location = each.key
org_id = local.org_id
- ip_range = "${each.value.runtime_ip_cidr_range},${each.value.troubleshooting_ip_cidr_range}"
+ ip_range = local.disable_vpc_peering ? null : "${each.value.runtime_ip_cidr_range},${each.value.troubleshooting_ip_cidr_range}"
disk_encryption_key_name = each.value.disk_encryption_key
consumer_accept_list = each.value.consumer_accept_list
+
+ lifecycle {
+ precondition {
+ condition = (local.disable_vpc_peering == true && each.value.runtime_ip_cidr_range == null && each.value.troubleshooting_ip_cidr_range == null) || (local.disable_vpc_peering == false && each.value.runtime_ip_cidr_range != null && each.value.troubleshooting_ip_cidr_range != null)
+ error_message = "When using Apigee X Non-VPC Peering Provisioning Mode i.e. when `var.organization.disable_vpc_peering = true`, Runtime IP CIDR Ranges are not required. However, when using Apigee X VPC Peering Provisioning Mode, Runtime IP CIDR Ranges are required and `var.organization.disable_vpc_peering = false` should be set."
+ }
+ }
}
resource "google_apigee_nat_address" "apigee_nat" {
@@ -115,8 +131,7 @@ resource "google_apigee_instance_attachment" "instance_attachments" {
}
}])...)
instance_id = google_apigee_instance.instances[each.value.region].id
- environment = try(google_apigee_environment.environments[each.value.environment].name,
- "${local.org_id}/environments/${each.value.environment}")
+ environment = google_apigee_environment.environments[each.value.environment].name
}
resource "google_apigee_endpoint_attachment" "endpoint_attachments" {
diff --git a/modules/apigee/variables.tf b/modules/apigee/variables.tf
index c5832e33f7..5578229657 100644
--- a/modules/apigee/variables.tf
+++ b/modules/apigee/variables.tf
@@ -67,8 +67,8 @@ variable "instances" {
type = map(object({
display_name = optional(string)
description = optional(string, "Terraform-managed")
- runtime_ip_cidr_range = string
- troubleshooting_ip_cidr_range = string
+ runtime_ip_cidr_range = optional(string)
+ troubleshooting_ip_cidr_range = optional(string)
disk_encryption_key = optional(string)
consumer_accept_list = optional(list(string))
enable_nat = optional(bool, false)
@@ -88,6 +88,7 @@ variable "organization" {
database_encryption_key = optional(string)
analytics_region = optional(string, "europe-west1")
retention = optional(string)
+ disable_vpc_peering = optional(bool, false)
})
default = null
}
diff --git a/tests/modules/apigee/all_psc_mode.tfvars b/tests/modules/apigee/all_psc_mode.tfvars
new file mode 100644
index 0000000000..231eb602d3
--- /dev/null
+++ b/tests/modules/apigee/all_psc_mode.tfvars
@@ -0,0 +1,45 @@
+project_id = "my-project"
+organization = {
+ display_name = "My Organization"
+ description = "My Organization"
+ runtime_type = "CLOUD"
+ billing_type = "Pay-as-you-go"
+ database_encryption_key = "123456789"
+ analytics_region = "europe-west1"
+ disable_vpc_peering = true
+}
+envgroups = {
+ test = ["test.example.com"]
+ prod = ["prod.example.com"]
+}
+environments = {
+ apis-test = {
+ display_name = "APIs test"
+ description = "APIs Test"
+ envgroups = ["test"]
+ regions = ["europe-west1"]
+ }
+ apis-prod = {
+ display_name = "APIs prod"
+ description = "APIs prod"
+ envgroups = ["prod"]
+ regions = ["europe-west3"]
+ iam = {
+ "roles/viewer" = ["group:devops@myorg.com"]
+ }
+ }
+}
+instances = {
+ europe-west1 = {}
+ europe-west3 = {}
+}
+endpoint_attachments = {
+ endpoint-backend-1 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-1/serviceAttachments/gkebackend1"
+ }
+ endpoint-backend-2 = {
+ region = "europe-west1"
+ service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2"
+ }
+}
diff --git a/tests/modules/apigee/all_psc_mode.yaml b/tests/modules/apigee/all_psc_mode.yaml
new file mode 100644
index 0000000000..5d46dc7852
--- /dev/null
+++ b/tests/modules/apigee/all_psc_mode.yaml
@@ -0,0 +1,84 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+ google_apigee_endpoint_attachment.endpoint_attachments["endpoint-backend-1"]:
+ endpoint_attachment_id: endpoint-backend-1
+ location: europe-west1
+ service_attachment: projects/my-project-1/serviceAttachments/gkebackend1
+ google_apigee_endpoint_attachment.endpoint_attachments["endpoint-backend-2"]:
+ endpoint_attachment_id: endpoint-backend-2
+ location: europe-west1
+ service_attachment: projects/my-project-2/serviceAttachments/gkebackend2
+ google_apigee_envgroup.envgroups["prod"]:
+ hostnames:
+ - prod.example.com
+ name: prod
+ google_apigee_envgroup.envgroups["test"]:
+ hostnames:
+ - test.example.com
+ name: test
+ google_apigee_envgroup_attachment.envgroup_attachments["apis-prod-prod"]:
+ environment: apis-prod
+ google_apigee_envgroup_attachment.envgroup_attachments["apis-test-test"]:
+ environment: apis-test
+ google_apigee_environment.environments["apis-prod"]:
+ description: APIs prod
+ display_name: APIs prod
+ name: apis-prod
+ google_apigee_environment.environments["apis-test"]:
+ description: APIs Test
+ display_name: APIs test
+ name: apis-test
+ google_apigee_environment_iam_binding.binding["apis-prod-roles/viewer"]:
+ condition: []
+ env_id: apis-prod
+ members:
+ - group:devops@myorg.com
+ role: roles/viewer
+ google_apigee_instance.instances["europe-west3"]:
+ description: Terraform-managed
+ disk_encryption_key_name: null
+ display_name: null
+ ip_range: null
+ location: europe-west3
+ name: instance-europe-west3
+ google_apigee_instance.instances["europe-west1"]:
+ description: Terraform-managed
+ disk_encryption_key_name: null
+ display_name: null
+ ip_range: null
+ location: europe-west1
+ name: instance-europe-west1
+ google_apigee_organization.organization[0]:
+ analytics_region: europe-west1
+ authorized_network: null
+ billing_type: Pay-as-you-go
+ description: null
+ display_name: null
+ project_id: my-project
+ retention: DELETION_RETENTION_UNSPECIFIED
+ runtime_database_encryption_key_name: '123456789'
+ runtime_type: CLOUD
+ disable_vpc_peering: true
+
+counts:
+ google_apigee_endpoint_attachment: 2
+ google_apigee_envgroup: 2
+ google_apigee_envgroup_attachment: 2
+ google_apigee_environment: 2
+ google_apigee_environment_iam_binding: 1
+ google_apigee_instance: 2
+ google_apigee_instance_attachment: 2
+ google_apigee_organization: 1
diff --git a/tests/modules/apigee/all.tfvars b/tests/modules/apigee/all_vpc_mode.tfvars
similarity index 97%
rename from tests/modules/apigee/all.tfvars
rename to tests/modules/apigee/all_vpc_mode.tfvars
index 69ffb0840f..e0e648bd58 100644
--- a/tests/modules/apigee/all.tfvars
+++ b/tests/modules/apigee/all_vpc_mode.tfvars
@@ -7,6 +7,7 @@ organization = {
billing_type = "Pay-as-you-go"
database_encryption_key = "123456789"
analytics_region = "europe-west1"
+ disable_vpc_peering = false
}
envgroups = {
test = ["test.example.com"]
diff --git a/tests/modules/apigee/all.yaml b/tests/modules/apigee/all_vpc_mode.yaml
similarity index 98%
rename from tests/modules/apigee/all.yaml
rename to tests/modules/apigee/all_vpc_mode.yaml
index c23eab27ee..50cef735e1 100644
--- a/tests/modules/apigee/all.yaml
+++ b/tests/modules/apigee/all_vpc_mode.yaml
@@ -71,6 +71,7 @@ values:
retention: DELETION_RETENTION_UNSPECIFIED
runtime_database_encryption_key_name: '123456789'
runtime_type: CLOUD
+ disable_vpc_peering: false
counts:
google_apigee_endpoint_attachment: 2
diff --git a/tests/modules/apigee/instance_only_psc_mode.tfvars b/tests/modules/apigee/instance_only_psc_mode.tfvars
new file mode 100644
index 0000000000..7f784b48a7
--- /dev/null
+++ b/tests/modules/apigee/instance_only_psc_mode.tfvars
@@ -0,0 +1,13 @@
+project_id = "my-project"
+organization = {
+ display_name = "My Organization"
+ description = "My Organization"
+ runtime_type = "CLOUD"
+ billing_type = "Pay-as-you-go"
+ database_encryption_key = "123456789"
+ analytics_region = "europe-west1"
+ disable_vpc_peering = true
+}
+instances = {
+ europe-west1 = {}
+}
diff --git a/tests/modules/apigee/instance_only_psc_mode.yaml b/tests/modules/apigee/instance_only_psc_mode.yaml
new file mode 100644
index 0000000000..95ddaa0cbf
--- /dev/null
+++ b/tests/modules/apigee/instance_only_psc_mode.yaml
@@ -0,0 +1,35 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+ google_apigee_instance.instances["europe-west1"]:
+ description: Terraform-managed
+ disk_encryption_key_name: null
+ display_name: null
+ location: europe-west1
+ name: instance-europe-west1
+ google_apigee_organization.organization[0]:
+ analytics_region: europe-west1
+ billing_type: Pay-as-you-go
+ description: null
+ display_name: null
+ project_id: my-project
+ retention: DELETION_RETENTION_UNSPECIFIED
+ runtime_database_encryption_key_name: '123456789'
+ runtime_type: CLOUD
+ disable_vpc_peering: true
+
+counts:
+ google_apigee_instance: 1
+ google_apigee_organization: 1
diff --git a/tests/modules/apigee/instance_only.tfvars b/tests/modules/apigee/instance_only_vpc_mode.tfvars
similarity index 67%
rename from tests/modules/apigee/instance_only.tfvars
rename to tests/modules/apigee/instance_only_vpc_mode.tfvars
index 5807494662..2367a88479 100644
--- a/tests/modules/apigee/instance_only.tfvars
+++ b/tests/modules/apigee/instance_only_vpc_mode.tfvars
@@ -2,6 +2,6 @@ project_id = "my-project"
instances = {
europe-west1 = {
runtime_ip_cidr_range = "10.0.4.0/22"
- troubleshooting_ip_cidr_range = "10.1.1.0.0/28"
+ troubleshooting_ip_cidr_range = "10.1.1.0/28"
}
-}
+}
\ No newline at end of file
diff --git a/tests/modules/apigee/instance_only.yaml b/tests/modules/apigee/instance_only_vpc_mode.yaml
similarity index 77%
rename from tests/modules/apigee/instance_only.yaml
rename to tests/modules/apigee/instance_only_vpc_mode.yaml
index bc42a37039..a735505f9c 100644
--- a/tests/modules/apigee/instance_only.yaml
+++ b/tests/modules/apigee/instance_only_vpc_mode.yaml
@@ -14,10 +14,12 @@
values:
google_apigee_instance.instances["europe-west1"]:
- ip_range: 10.0.4.0/22,10.1.1.0.0/28
+ description: Terraform-managed
+ disk_encryption_key_name: null
+ display_name: null
+ ip_range: 10.0.4.0/22,10.1.1.0/28
location: europe-west1
- name: "instance-europe-west1"
- org_id: organizations/my-project
+ name: instance-europe-west1
counts:
- google_apigee_instance: 1
\ No newline at end of file
+ google_apigee_instance: 1
diff --git a/tests/modules/apigee/no_instances.tfvars b/tests/modules/apigee/no_instances.tfvars
index f88722ceed..1e95cfb184 100644
--- a/tests/modules/apigee/no_instances.tfvars
+++ b/tests/modules/apigee/no_instances.tfvars
@@ -7,6 +7,7 @@ organization = {
billing_type = "PAYG"
database_encryption_key = "123456789"
analytics_region = "europe-west1"
+ disable_vpc_peering = false
}
envgroups = {
test = ["test.example.com"]
diff --git a/tests/modules/apigee/no_instances.yaml b/tests/modules/apigee/no_instances.yaml
index ce509047b4..912baf33a7 100644
--- a/tests/modules/apigee/no_instances.yaml
+++ b/tests/modules/apigee/no_instances.yaml
@@ -43,6 +43,7 @@ values:
retention: DELETION_RETENTION_UNSPECIFIED
runtime_database_encryption_key_name: '123456789'
runtime_type: CLOUD
+ disable_vpc_peering: false
counts:
google_apigee_envgroup: 2
diff --git a/tests/modules/apigee/organization_only_psc_mode.tfvars b/tests/modules/apigee/organization_only_psc_mode.tfvars
new file mode 100644
index 0000000000..9e480e33ee
--- /dev/null
+++ b/tests/modules/apigee/organization_only_psc_mode.tfvars
@@ -0,0 +1,10 @@
+project_id = "my-project"
+organization = {
+ display_name = "My Organization"
+ description = "My Organization"
+ runtime_type = "CLOUD"
+ billing_type = "PAYG"
+ database_encryption_key = "123456789"
+ analytics_region = "europe-west1"
+ disable_vpc_peering = true
+}
diff --git a/tests/modules/apigee/organization_only_psc_mode.yaml b/tests/modules/apigee/organization_only_psc_mode.yaml
new file mode 100644
index 0000000000..2bc93b4f59
--- /dev/null
+++ b/tests/modules/apigee/organization_only_psc_mode.yaml
@@ -0,0 +1,29 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+ google_apigee_organization.organization[0]:
+ analytics_region: europe-west1
+ authorized_network: null
+ billing_type: PAYG
+ description: null
+ display_name: null
+ project_id: my-project
+ retention: DELETION_RETENTION_UNSPECIFIED
+ runtime_database_encryption_key_name: '123456789'
+ runtime_type: CLOUD
+ disable_vpc_peering: true
+
+counts:
+ google_apigee_organization: 1
diff --git a/tests/modules/apigee/organization_only.tfvars b/tests/modules/apigee/organization_only_vpc_mode.tfvars
similarity index 90%
rename from tests/modules/apigee/organization_only.tfvars
rename to tests/modules/apigee/organization_only_vpc_mode.tfvars
index db2b709790..f1d2be6153 100644
--- a/tests/modules/apigee/organization_only.tfvars
+++ b/tests/modules/apigee/organization_only_vpc_mode.tfvars
@@ -7,4 +7,5 @@ organization = {
billing_type = "PAYG"
database_encryption_key = "123456789"
analytics_region = "europe-west1"
-}
\ No newline at end of file
+ disable_vpc_peering = false
+}
diff --git a/tests/modules/apigee/organization_only.yaml b/tests/modules/apigee/organization_only_vpc_mode.yaml
similarity index 96%
rename from tests/modules/apigee/organization_only.yaml
rename to tests/modules/apigee/organization_only_vpc_mode.yaml
index 8eee04fcc0..90978d2f90 100644
--- a/tests/modules/apigee/organization_only.yaml
+++ b/tests/modules/apigee/organization_only_vpc_mode.yaml
@@ -23,6 +23,7 @@ values:
retention: DELETION_RETENTION_UNSPECIFIED
runtime_database_encryption_key_name: '123456789'
runtime_type: CLOUD
+ disable_vpc_peering: false
counts:
google_apigee_organization: 1
diff --git a/tests/modules/apigee/organization_retention.tfvars b/tests/modules/apigee/organization_retention.tfvars
index d28af03a95..0fbb109124 100644
--- a/tests/modules/apigee/organization_retention.tfvars
+++ b/tests/modules/apigee/organization_retention.tfvars
@@ -8,4 +8,5 @@ organization = {
database_encryption_key = "123456789"
analytics_region = "europe-west1"
retention = "MINIMUM"
-}
\ No newline at end of file
+ disable_vpc_peering = false
+}
diff --git a/tests/modules/apigee/organization_retention.yaml b/tests/modules/apigee/organization_retention.yaml
index 4af350b863..d501ce50fb 100644
--- a/tests/modules/apigee/organization_retention.yaml
+++ b/tests/modules/apigee/organization_retention.yaml
@@ -23,6 +23,7 @@ values:
retention: MINIMUM
runtime_database_encryption_key_name: '123456789'
runtime_type: CLOUD
+ disable_vpc_peering: false
counts:
google_apigee_organization: 1
diff --git a/tests/modules/apigee/tftest.yaml b/tests/modules/apigee/tftest.yaml
index f4a9944ea7..6449de7572 100644
--- a/tests/modules/apigee/tftest.yaml
+++ b/tests/modules/apigee/tftest.yaml
@@ -15,13 +15,16 @@
module: modules/apigee
tests:
- all:
+ all_psc_mode:
+ all_vpc_mode:
endpoint_attachment_only:
env_only:
env_only_with_api_proxy_type:
env_only_with_deployment_type:
envgroup_only:
- instance_only:
+ instance_only_psc_mode:
+ instance_only_vpc_mode:
no_instances:
- organization_only:
+ organization_only_psc_mode:
+ organization_only_vpc_mode:
organization_retention: