diff --git a/README.md b/README.md
index cf75c1bc..db997996 100644
--- a/README.md
+++ b/README.md
@@ -70,7 +70,7 @@ If the user does not share the same domain as the org the bastion is in, you wil
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| access\_config | Access configs for network, nat\_ip and DNS | list(object({
network_tier = string
nat_ip = string
public_ptr_domain_name = string
})) | [
{
"nat_ip": "",
"network_tier": "PREMIUM",
"public_ptr_domain_name": ""
}
]
| no |
-| additional\_networks | Additional network interface details for the instance template, if any. | list(object({
network = string
subnetwork = string
subnetwork_project = string
network_ip = string
access_config = list(object({
nat_ip = string
network_tier = string
}))
})) | `[]` | no |
+| additional\_networks | Additional network interface details for the instance template, if any. | list(object({
network = string
subnetwork = string
subnetwork_project = string
network_ip = string
nic_type = string
stack_type = string
queue_count = number
access_config = list(object({
nat_ip = string
network_tier = string
}))
ipv6_access_config = list(object({
network_tier = string
}))
alias_ip_range = list(object({
ip_cidr_range = string
subnetwork_range_name = string
}))
})) | `[]` | no |
| additional\_ports | A list of additional ports/ranges to open access to on the instances from IAP. | `list(string)` | `[]` | no |
| create\_firewall\_rule | If we need to create the firewall rule or not. | `bool` | `true` | no |
| create\_instance\_from\_template | Whether to create and instance from the template or not. If false, no instance is created, but the instance template is created and usable by a MIG | `bool` | `true` | no |
diff --git a/examples/iap_tunneling/main.tf b/examples/iap_tunneling/main.tf
index 4d65de1c..ff8e29ed 100644
--- a/examples/iap_tunneling/main.tf
+++ b/examples/iap_tunneling/main.tf
@@ -38,7 +38,7 @@ resource "google_service_account" "vm_sa" {
# A testing VM to allow OS Login + IAP tunneling.
module "instance_template" {
source = "terraform-google-modules/vm/google//modules/instance_template"
- version = "~> 7.3"
+ version = "~> 10.0"
project_id = var.project_id
machine_type = "n1-standard-1"
diff --git a/main.tf b/main.tf
index 3a197904..caaf9ae6 100644
--- a/main.tf
+++ b/main.tf
@@ -44,7 +44,7 @@ resource "google_service_account" "bastion_host" {
module "instance_template" {
source = "terraform-google-modules/vm/google//modules/instance_template"
- version = "~> 7.3"
+ version = "~> 10.0"
name_prefix = var.name_prefix
project_id = var.project
diff --git a/modules/bastion-group/README.md b/modules/bastion-group/README.md
index 4097cd56..791ef9ee 100644
--- a/modules/bastion-group/README.md
+++ b/modules/bastion-group/README.md
@@ -73,10 +73,10 @@ provision a project with the necessary APIs enabled.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| additional\_networks | Additional network interface details for the instance template, if any. | list(object({
network = string
subnetwork = string
subnetwork_project = string
network_ip = string
access_config = list(object({
nat_ip = string
network_tier = string
}))
})) | `[]` | no |
+| additional\_networks | Additional network interface details for the instance template, if any. | list(object({
network = string
subnetwork = string
subnetwork_project = string
network_ip = string
nic_type = string
stack_type = string
queue_count = number
access_config = list(object({
nat_ip = string
network_tier = string
}))
ipv6_access_config = list(object({
network_tier = string
}))
alias_ip_range = list(object({
ip_cidr_range = string
subnetwork_range_name = string
}))
})) | `[]` | no |
| fw\_name\_allow\_ssh\_from\_health\_check\_cidrs | Firewall rule name for allowing Health Checks | `string` | `"allow-ssh-from-health-check-cidrs"` | no |
| fw\_name\_allow\_ssh\_from\_iap | Firewall rule name for allowing SSH from IAP | `string` | `"allow-ssh-from-iap-to-bastion-group"` | no |
-| health\_check | Health check config for the mig. | object({
type = string
initial_delay_sec = number
check_interval_sec = number
healthy_threshold = number
timeout_sec = number
unhealthy_threshold = number
response = string
proxy_header = string
port = number
request = string
# Unused fields.
request_path = string
host = string
}) | {
"check_interval_sec": 30,
"healthy_threshold": 1,
"host": "",
"initial_delay_sec": 30,
"port": 22,
"proxy_header": "NONE",
"request": "",
"request_path": "",
"response": "",
"timeout_sec": 10,
"type": "tcp",
"unhealthy_threshold": 5
} | no |
+| health\_check | Health check config for the mig. | object({
type = string
initial_delay_sec = number
check_interval_sec = number
healthy_threshold = number
timeout_sec = number
unhealthy_threshold = number
response = string
proxy_header = string
port = number
request = string
enable_logging = bool
# Unused fields.
request_path = string
host = string
}) | {
"check_interval_sec": 30,
"enable_logging": false,
"healthy_threshold": 1,
"host": "",
"initial_delay_sec": 30,
"port": 22,
"proxy_header": "NONE",
"request": "",
"request_path": "",
"response": "",
"timeout_sec": 10,
"type": "tcp",
"unhealthy_threshold": 5
} | no |
| host\_project | The network host project ID | `string` | `""` | no |
| image\_family | Source image family for the Bastion. | `string` | `"debian-11"` | no |
| image\_project | Project where the source image for the Bastion comes from | `string` | `"debian-cloud"` | no |
diff --git a/modules/bastion-group/main.tf b/modules/bastion-group/main.tf
index 48d5f447..95a2fe0b 100644
--- a/modules/bastion-group/main.tf
+++ b/modules/bastion-group/main.tf
@@ -44,7 +44,7 @@ module "iap_bastion" {
module "mig" {
source = "terraform-google-modules/vm/google//modules/mig"
- version = "~> 7.3"
+ version = "~> 10.0"
project_id = var.project
region = var.region
diff --git a/modules/bastion-group/variables.tf b/modules/bastion-group/variables.tf
index f2a6042c..90435ab9 100644
--- a/modules/bastion-group/variables.tf
+++ b/modules/bastion-group/variables.tf
@@ -84,6 +84,7 @@ variable "health_check" {
proxy_header = string
port = number
request = string
+ enable_logging = bool
# Unused fields.
request_path = string
@@ -100,6 +101,7 @@ variable "health_check" {
proxy_header = "NONE"
port = 22
request = ""
+ enable_logging = false
# Unused fields.
request_path = ""
@@ -203,10 +205,20 @@ variable "additional_networks" {
subnetwork = string
subnetwork_project = string
network_ip = string
+ nic_type = string
+ stack_type = string
+ queue_count = number
access_config = list(object({
nat_ip = string
network_tier = string
}))
+ ipv6_access_config = list(object({
+ network_tier = string
+ }))
+ alias_ip_range = list(object({
+ ip_cidr_range = string
+ subnetwork_range_name = string
+ }))
}))
}
diff --git a/variables.tf b/variables.tf
index 36366a1e..5d9ff564 100644
--- a/variables.tf
+++ b/variables.tf
@@ -259,10 +259,20 @@ variable "additional_networks" {
subnetwork = string
subnetwork_project = string
network_ip = string
+ nic_type = string
+ stack_type = string
+ queue_count = number
access_config = list(object({
nat_ip = string
network_tier = string
}))
+ ipv6_access_config = list(object({
+ network_tier = string
+ }))
+ alias_ip_range = list(object({
+ ip_cidr_range = string
+ subnetwork_range_name = string
+ }))
}))
}