Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ER: upgrade terraform 1.3.0 to later 1.6 to allow for PBR policy based routing - workaround is to gcloud the api #373

Closed
obriensystems opened this issue Apr 10, 2024 · 3 comments
Closed

ER: upgrade terraform 1.3.0 to later 1.6 to allow for PBR policy based routing - workaround is to gcloud the api #373

obriensystems opened this issue Apr 10, 2024 · 3 comments
Labels
Stale tef

Comments

@obriensystems
Copy link
Collaborator

obriensystems commented Apr 10, 2024
edited by fmichaelobrien
Loading

Check 1.7.x before a later 1.7 (Oct 2023 build)

shadow terraform-google-modules/terraform-example-foundation#1141
terraform-google-modules/terraform-example-foundation#1183

Start with gcloud version in https://cloud.google.com/vpc/docs/use-policy-based-routes#gcloud
and https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/network_connectivity_policy_based_route

TL;DR

check at least 1.5.4
see

The version of terraform run internally has issues with lack of support for later APIs
https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/0-bootstrap/Dockerfile#L18

ARG TERRAFORM_VERSION=1.3.0

We need support for PBR - Policy Based Routing

check 1.6.x for inclusion of GoogleCloudPlatform/magic-modules#9320 late october 2023
https://releases.hashicorp.com/terraform/

https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/network_connectivity_policy_based_route

https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest/v1/projects.locations.global.policyBasedRoutes
https://cloud.google.com/vpc/docs/use-policy-based-routes#api
hashicorp/terraform-provider-google#15414
GoogleCloudPlatform/magic-modules#9320
terraform-google-modules/docs-examples#579
https://cloud.google.com/vpc/docs/use-policy-based-routes#create-within-vpc

without PBR we dont have PBMM microsegmentation
https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/0-bootstrap/Dockerfile#L18
GoogleCloudPlatform/pubsec-declarative-toolkit#854
https://cloud.google.com/vpc/docs/policy-based-routes
https://medium.com/google-cloud/why-policy-based-routing-is-a-game-changer-f4c6a7badccb
https://codelabs.developers.google.com/codelabs/cloudnet-pbr#0
https://cloud.google.com/vpc/docs/use-policy-based-routes#create-within-vpc
During the upgrade check for instances of OPTIONAL

References
hashicorp/terraform-provider-google#16217 (comment)
@fmichaelobrien
Copy link
Contributor

see

@fmichaelobrien
Copy link
Contributor

b/321386368

@github-actions GitHub Actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Aug 16, 2024
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Aug 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Stale tef
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@obriensystems @fmichaelobrien