feat: add network tags support for v2 (#48)

terraform-google-modules · Jun 23, 2022 · a4644c0 · a4644c0
1 parent a61f6a7
commit a4644c0
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 0 deletions.
diff --git a/modules/create_environment_v2/README.md b/modules/create_environment_v2/README.md
@@ -42,6 +42,7 @@ module "composer" {
 | service\_ip\_allocation\_range\_name | The name of the services' secondary range used to allocate IP addresses to the cluster. | `string` | `null` | no |
 | subnetwork | The subnetwork to host the composer cluster. | `string` | n/a | yes |
 | subnetwork\_region | The subnetwork region of the shared VPC's host (for shared vpc support) | `string` | `""` | no |
+| tags | Tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls. | `set(string)` | `[]` | no |
 | use\_private\_environment | Enable private environment. | `bool` | `false` | no |
 | web\_server | Configuration for resources used by Airflow web server. | <pre>object({<br>    cpu        = string<br>    memory_gb  = number<br>    storage_gb = number<br>  })</pre> | <pre>{<br>  "cpu": 2,<br>  "memory_gb": 7.5,<br>  "storage_gb": 5<br>}</pre> | no |
 | web\_server\_allowed\_ip\_ranges | The network-level access control policy for the Airflow web server. If unspecified, no network-level access restrictions will be applied. | <pre>list(object({<br>    value       = string,<br>    description = string<br>  }))</pre> | `null` | no |

diff --git a/modules/create_environment_v2/main.tf b/modules/create_environment_v2/main.tf
@@ -40,6 +40,7 @@ resource "google_composer_environment" "composer_env" {
       network         = "projects/${local.network_project_id}/global/networks/${var.network}"
       subnetwork      = "projects/${local.network_project_id}/regions/${local.subnetwork_region}/subnetworks/${var.subnetwork}"
       service_account = var.composer_service_account
+      tags            = var.tags
 
       dynamic "ip_allocation_policy" {
         for_each = (var.pod_ip_allocation_range_name != null || var.service_ip_allocation_range_name != null) ? [1] : []

diff --git a/modules/create_environment_v2/variables.tf b/modules/create_environment_v2/variables.tf
@@ -36,6 +36,12 @@ variable "labels" {
   default     = {}
 }
 
+variable "tags" {
+  description = "Tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls."
+  type        = set(string)
+  default     = []
+}
+
 variable "network" {
   type        = string
   description = "The VPC network to host the composer cluster."