fixes

mariammartins · Dec 5, 2024 · 6d48a0d · 6d48a0d
1 parent 0a62c24
commit 6d48a0d
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 14 deletions.
diff --git a/0-bootstrap/README-GitHub.md b/0-bootstrap/README-GitHub.md
@@ -588,7 +588,7 @@ or go to [Deploying step 3-networks-hub-and-spoke](#deploying-step-3-networks-hu
 
 1. Update `common.auto.tfvars` file with values from your GCP environment.
 See any of the envs folder [README.md](../3-networks-svpc/envs/production/README.md#inputs) files for additional information on the values in the `common.auto.tfvars` file.
-1. You must add your user email in the variable `perimeter_additional_members` to be able to see the resources created in the restricted project.
+1. You must add your user email in the variable `perimeter_additional_members` to be able to see the resources created in the shared vpc project.
 1. Update the `remote_state_bucket` variable with the backend bucket from step Bootstrap in the `common.auto.tfvars` file.
 
    ```bash
@@ -744,7 +744,7 @@ An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set with th
 
 1. Update `common.auto.tfvars` file with values from your GCP environment.
 See any of the envs folder [README.md](../3-networks-hub-and-spoke/envs/production/README.md#inputs) files for additional information on the values in the `common.auto.tfvars` file.
-1. You must add your user email in the variable `perimeter_additional_members` to be able to see the resources created in the restricted project.
+1. You must add your user email in the variable `perimeter_additional_members` to be able to see the resources created in the shared vpc project.
 1. Update the `remote_state_bucket` variable with the backend bucket from step Bootstrap in the `common.auto.tfvars` file.
 
    ```bash

diff --git a/0-bootstrap/README.md b/0-bootstrap/README.md
@@ -26,14 +26,14 @@ Google Cloud organization that you've created.</td>
 </tr>
 <tr>
 <td><a href="../3-networks-svpc">3-networks-svpc</a></td>
-<td>Sets up restricted shared VPCs with default DNS, NAT (optional),
+<td>Sets up shared VPCs with default DNS, NAT (optional),
 Private Service networking, VPC service controls, on-premises Dedicated
 Interconnect, and baseline firewall rules for each environment. It also sets
 up the global DNS hub.</td>
 </tr>
 <tr>
 <td><a href="../3-networks-hub-and-spoke">3-networks-hub-and-spoke</a></td>
-<td>Sets up restricted shared VPCs with all the default configuration
+<td>Sets up shared VPCs with all the default configuration
 found on step 3-networks-svpc, but here the architecture will be based on the
 Hub and Spoke network model. It also sets up the global DNS hub.</td>
 </tr>

diff --git a/3-networks-svpc/modules/shared_vpc/firewall.tf b/3-networks-svpc/modules/shared_vpc/firewall.tf
@@ -52,7 +52,7 @@ module "firewall_rules" {
         description    = "Lower priority rule to allow restricted google apis on TCP port 443."
         enable_logging = var.firewall_enable_logging
         match = {
-          dest_ip_ranges = [local.restricted_googleapis_cidr]
+          dest_ip_ranges = [local.googleapis_cidr]
           layer4_configs = [
             {
               ip_protocol = "tcp"

diff --git a/3-networks-svpc/modules/shared_vpc/main.tf b/3-networks-svpc/modules/shared_vpc/main.tf
@@ -15,9 +15,9 @@
  */
 
 locals {
-  vpc_name                   = "${var.environment_code}-svpc"
-  network_name               = "vpc-${local.vpc_name}"
-  restricted_googleapis_cidr = module.private_service_connect.private_service_connect_ip
+  vpc_name        = "${var.environment_code}-svpc"
+  network_name    = "vpc-${local.vpc_name}"
+  googleapis_cidr = module.private_service_connect.private_service_connect_ip
 }
 
 /******************************************
@@ -105,7 +105,7 @@ module "region1_router1" {
   bgp = {
     asn                  = var.bgp_asn_subnet
     advertised_groups    = ["ALL_SUBNETS"]
-    advertised_ip_ranges = [{ range = local.restricted_googleapis_cidr }]
+    advertised_ip_ranges = [{ range = local.googleapis_cidr }]
   }
 }
 
@@ -120,7 +120,7 @@ module "region1_router2" {
   bgp = {
     asn                  = var.bgp_asn_subnet
     advertised_groups    = ["ALL_SUBNETS"]
-    advertised_ip_ranges = [{ range = local.restricted_googleapis_cidr }]
+    advertised_ip_ranges = [{ range = local.googleapis_cidr }]
   }
 }
 
@@ -135,7 +135,7 @@ module "region2_router1" {
   bgp = {
     asn                  = var.bgp_asn_subnet
     advertised_groups    = ["ALL_SUBNETS"]
-    advertised_ip_ranges = [{ range = local.restricted_googleapis_cidr }]
+    advertised_ip_ranges = [{ range = local.googleapis_cidr }]
   }
 }
 
@@ -150,6 +150,6 @@ module "region2_router2" {
   bgp = {
     asn                  = var.bgp_asn_subnet
     advertised_groups    = ["ALL_SUBNETS"]
-    advertised_ip_ranges = [{ range = local.restricted_googleapis_cidr }]
+    advertised_ip_ranges = [{ range = local.googleapis_cidr }]
   }
 }
diff --git a/test/integration/networks/networks_test.go b/test/integration/networks/networks_test.go
@@ -362,8 +362,7 @@ func TestNetworks(t *testing.T) {
 					}
 
 					for _, networkType := range []string{
-						"base",
-						"restricted",
+						"restricted", //restricted or shared?
 					} {
 						projectID := networks.GetStringOutput(fmt.Sprintf("%s_host_project_id", networkType))