feat: add drain IPs option to NAT resource (#135)

terraform-google-modules · Nov 5, 2024 · d8ec351 · d8ec351
1 parent 414db05
commit d8ec351
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -45,7 +45,7 @@ Functional examples are included in the [examples](./examples/) directory. By de
 | bgp | BGP information specific to this router. | <pre>object({<br>    asn               = string<br>    advertise_mode    = optional(string, "CUSTOM")<br>    advertised_groups = optional(list(string))<br>    advertised_ip_ranges = optional(list(object({<br>      range       = string<br>      description = optional(string)<br>    })), [])<br>    keepalive_interval = optional(number)<br>  })</pre> | `null` | no |
 | description | An optional description of this resource | `string` | `null` | no |
 | name | Name of the router | `string` | n/a | yes |
-| nats | NATs to deploy on this router. | <pre>list(object({<br>    name                                = string<br>    nat_ip_allocate_option              = optional(string)<br>    source_subnetwork_ip_ranges_to_nat  = optional(string)<br>    nat_ips                             = optional(list(string), [])<br>    min_ports_per_vm                    = optional(number)<br>    max_ports_per_vm                    = optional(number)<br>    udp_idle_timeout_sec                = optional(number)<br>    icmp_idle_timeout_sec               = optional(number)<br>    tcp_established_idle_timeout_sec    = optional(number)<br>    tcp_transitory_idle_timeout_sec     = optional(number)<br>    tcp_time_wait_timeout_sec           = optional(number)<br>    enable_endpoint_independent_mapping = optional(bool)<br>    enable_dynamic_port_allocation      = optional(bool)<br><br>    log_config = optional(object({<br>      enable = optional(bool, true)<br>      filter = optional(string, "ALL")<br>    }), {})<br><br>    subnetworks = optional(list(object({<br>      name                     = string<br>      source_ip_ranges_to_nat  = list(string)<br>      secondary_ip_range_names = optional(list(string))<br>    })), [])<br><br>  }))</pre> | `[]` | no |
+| nats | NATs to deploy on this router. | <pre>list(object({<br>    name                                = string<br>    nat_ip_allocate_option              = optional(string)<br>    source_subnetwork_ip_ranges_to_nat  = optional(string)<br>    nat_ips                             = optional(list(string), [])<br>    drain_nat_ips                       = optional(list(string), [])<br>    min_ports_per_vm                    = optional(number)<br>    max_ports_per_vm                    = optional(number)<br>    udp_idle_timeout_sec                = optional(number)<br>    icmp_idle_timeout_sec               = optional(number)<br>    tcp_established_idle_timeout_sec    = optional(number)<br>    tcp_transitory_idle_timeout_sec     = optional(number)<br>    tcp_time_wait_timeout_sec           = optional(number)<br>    enable_endpoint_independent_mapping = optional(bool)<br>    enable_dynamic_port_allocation      = optional(bool)<br><br>    log_config = optional(object({<br>      enable = optional(bool, true)<br>      filter = optional(string, "ALL")<br>    }), {})<br><br>    subnetworks = optional(list(object({<br>      name                     = string<br>      source_ip_ranges_to_nat  = list(string)<br>      secondary_ip_range_names = optional(list(string))<br>    })), [])<br><br>  }))</pre> | `[]` | no |
 | network | A reference to the network to which this router belongs | `string` | n/a | yes |
 | project | The project ID to deploy to | `string` | n/a | yes |
 | region | Region where the router resides | `string` | n/a | yes |

diff --git a/nat.tf b/nat.tf
@@ -27,6 +27,7 @@ resource "google_compute_router_nat" "nats" {
   nat_ip_allocate_option              = coalesce(each.value.nat_ip_allocate_option, length(each.value.nat_ips) > 0 ? "MANUAL_ONLY" : "AUTO_ONLY")
   source_subnetwork_ip_ranges_to_nat  = coalesce(each.value.source_subnetwork_ip_ranges_to_nat, "ALL_SUBNETWORKS_ALL_IP_RANGES")
   nat_ips                             = each.value.nat_ips
+  drain_nat_ips                       = each.value.drain_nat_ips
   min_ports_per_vm                    = each.value.min_ports_per_vm
   max_ports_per_vm                    = each.value.max_ports_per_vm
   udp_idle_timeout_sec                = each.value.udp_idle_timeout_sec

diff --git a/variables.tf b/variables.tf
@@ -67,6 +67,7 @@ variable "bgp" {
 # - nat_ip_allocate_option (string, optional): How external IPs should be allocated for this NAT. Defaults to MANUAL_ONLY if nat_ips are set, else AUTO_ONLY.
 # - source_subnetwork_ip_ranges_to_nat (string, optional): How NAT should be configured per Subnetwork. Defaults to ALL_SUBNETWORKS_ALL_IP_RANGES.
 # - nat_ips (list(number), optional): Self-links of NAT IPs.
+# - drain_nat_ips (list(number), optional): Self-links of NAT IPs to be drained.
 # - min_ports_per_vm (number, optional): Minimum number of ports allocated to a VM from this NAT.
 # - max_ports_per_vm (number, optional): Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.
 # - udp_idle_timeout_sec (number, optional): Timeout (in seconds) for UDP connections. Defaults to 30s if not set.
@@ -87,6 +88,7 @@ variable "nats" {
     nat_ip_allocate_option              = optional(string)
     source_subnetwork_ip_ranges_to_nat  = optional(string)
     nat_ips                             = optional(list(string), [])
+    drain_nat_ips                       = optional(list(string), [])
     min_ports_per_vm                    = optional(number)
     max_ports_per_vm                    = optional(number)
     udp_idle_timeout_sec                = optional(number)