diff --git a/README.md b/README.md index 96923913..f7515af9 100644 --- a/README.md +++ b/README.md @@ -95,7 +95,7 @@ Then perform the following commands on the root folder: | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| | auto\_create\_subnetworks | When set to true, the network is created in 'auto subnet mode' and it will create a subnet for each region automatically across the 10.128.0.0/9 address range. When set to false, the network is created in 'custom subnet mode' so the user can explicitly connect subnetwork resources. | bool | `"false"` | no | -| delete\_default\_internet\_gateway\_routes | If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted | string | `"false"` | no | +| delete\_default\_internet\_gateway\_routes | If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted | bool | `"false"` | no | | description | An optional description of this resource. The resource must be recreated to modify this field. | string | `""` | no | | network\_name | The name of the network being created | string | n/a | yes | | project\_id | The ID of the project where this VPC will be created | string | n/a | yes | diff --git a/examples/delete_default_gateway_routes/main.tf b/examples/delete_default_gateway_routes/main.tf index c24c08c7..6d976682 100644 --- a/examples/delete_default_gateway_routes/main.tf +++ b/examples/delete_default_gateway_routes/main.tf @@ -30,7 +30,7 @@ module "test-vpc-module" { source = "../../" project_id = var.project_id network_name = var.network_name - delete_default_internet_gateway_routes = "true" + delete_default_internet_gateway_routes = true subnets = [ { diff --git a/main.tf b/main.tf index 93794145..8209332c 100644 --- a/main.tf +++ b/main.tf @@ -18,13 +18,14 @@ VPC configuration *****************************************/ module "vpc" { - source = "./modules/vpc" - network_name = var.network_name - auto_create_subnetworks = var.auto_create_subnetworks - routing_mode = var.routing_mode - project_id = var.project_id - description = var.description - shared_vpc_host = var.shared_vpc_host + source = "./modules/vpc" + network_name = var.network_name + auto_create_subnetworks = var.auto_create_subnetworks + routing_mode = var.routing_mode + project_id = var.project_id + description = var.description + shared_vpc_host = var.shared_vpc_host + delete_default_internet_gateway_routes = var.delete_default_internet_gateway_routes } /****************************************** @@ -42,10 +43,9 @@ module "subnets" { Routes *****************************************/ module "routes" { - source = "./modules/routes" - project_id = var.project_id - network_name = module.vpc.network_name - routes = var.routes - delete_default_internet_gateway_routes = var.delete_default_internet_gateway_routes - module_depends_on = [module.subnets.subnets] + source = "./modules/routes" + project_id = var.project_id + network_name = module.vpc.network_name + routes = var.routes + module_depends_on = [module.subnets.subnets] } diff --git a/modules/routes-beta/README.md b/modules/routes-beta/README.md index 058e3e46..b056e5e8 100644 --- a/modules/routes-beta/README.md +++ b/modules/routes-beta/README.md @@ -57,7 +57,6 @@ module "vpc" { | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| -| delete\_default\_internet\_gateway\_routes | If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted | string | `"false"` | no | | module\_depends\_on | List of modules or resources this module depends on. | list | `` | no | | network\_name | The name of the network where routes will be created | string | n/a | yes | | project\_id | The ID of the project where the routes will be created | string | n/a | yes | diff --git a/modules/routes-beta/main.tf b/modules/routes-beta/main.tf index 686bdf37..7d5ebcbb 100644 --- a/modules/routes-beta/main.tf +++ b/modules/routes-beta/main.tf @@ -38,19 +38,3 @@ resource "google_compute_route" "route" { depends_on = [var.module_depends_on] } - -resource "null_resource" "delete_default_internet_gateway_routes" { - count = var.delete_default_internet_gateway_routes ? 1 : 0 - - provisioner "local-exec" { - command = "${path.module}/scripts/delete-default-gateway-routes.sh ${var.project_id} ${var.network_name}" - } - - triggers = { - number_of_routes = length(var.routes) - } - - depends_on = [ - google_compute_route.route, - ] -} diff --git a/modules/routes-beta/scripts/delete-default-gateway-routes.sh b/modules/routes-beta/scripts/delete-default-gateway-routes.sh deleted file mode 100644 index 8366d506..00000000 --- a/modules/routes-beta/scripts/delete-default-gateway-routes.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -set -e - -if [ -n "${GOOGLE_APPLICATION_CREDENTIALS}" ]; then - export CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${GOOGLE_APPLICATION_CREDENTIALS} -fi - -PROJECT_ID=$1 -NETWORK_ID=$2 -FILTERED_ROUTES=$(gcloud compute routes list \ - --project="${PROJECT_ID}" \ - --format="value(name)" \ - --filter=" \ - nextHopGateway:(https://www.googleapis.com/compute/v1/projects/${PROJECT_ID}/global/gateways/default-internet-gateway) \ - AND network:(https://www.googleapis.com/compute/v1/projects/${PROJECT_ID}/global/networks/${NETWORK_ID}) \ - AND name~^default-route \ - " -) - -function delete_internet_gateway_routes { - local routes="${1}" - echo "${routes}" | while read -r line; do - echo "Deleting route ${line}..." - gcloud compute routes delete "${line}" --quiet --project="${PROJECT_ID}" - done -} - -if [ -n "${FILTERED_ROUTES}" ]; then - delete_internet_gateway_routes "${FILTERED_ROUTES}" -else - echo "Default internet gateway route(s) not found; exiting..." -fi - diff --git a/modules/routes-beta/variables.tf b/modules/routes-beta/variables.tf index 989db81a..12341e14 100644 --- a/modules/routes-beta/variables.tf +++ b/modules/routes-beta/variables.tf @@ -34,11 +34,6 @@ variable "routes_count" { default = 0 } -variable "delete_default_internet_gateway_routes" { - description = "If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted" - default = "false" -} - variable "module_depends_on" { description = "List of modules or resources this module depends on." type = list diff --git a/modules/routes/README.md b/modules/routes/README.md index 8051ac5d..108969ad 100644 --- a/modules/routes/README.md +++ b/modules/routes/README.md @@ -46,7 +46,6 @@ module "vpc" { | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| -| delete\_default\_internet\_gateway\_routes | If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted | string | `"false"` | no | | module\_depends\_on | List of modules or resources this module depends on. | list | `` | no | | network\_name | The name of the network where routes will be created | string | n/a | yes | | project\_id | The ID of the project where the routes will be created | string | n/a | yes | diff --git a/modules/routes/main.tf b/modules/routes/main.tf index 839e307a..3c271b4e 100644 --- a/modules/routes/main.tf +++ b/modules/routes/main.tf @@ -43,19 +43,3 @@ resource "google_compute_route" "route" { depends_on = [var.module_depends_on] } - -resource "null_resource" "delete_default_internet_gateway_routes" { - count = var.delete_default_internet_gateway_routes ? 1 : 0 - - provisioner "local-exec" { - command = "${path.module}/scripts/delete-default-gateway-routes.sh ${var.project_id} ${var.network_name}" - } - - triggers = { - number_of_routes = length(var.routes) - } - - depends_on = [ - google_compute_route.route, - ] -} diff --git a/modules/routes/scripts/delete-default-gateway-routes.sh b/modules/routes/scripts/delete-default-gateway-routes.sh deleted file mode 100755 index 8366d506..00000000 --- a/modules/routes/scripts/delete-default-gateway-routes.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -set -e - -if [ -n "${GOOGLE_APPLICATION_CREDENTIALS}" ]; then - export CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${GOOGLE_APPLICATION_CREDENTIALS} -fi - -PROJECT_ID=$1 -NETWORK_ID=$2 -FILTERED_ROUTES=$(gcloud compute routes list \ - --project="${PROJECT_ID}" \ - --format="value(name)" \ - --filter=" \ - nextHopGateway:(https://www.googleapis.com/compute/v1/projects/${PROJECT_ID}/global/gateways/default-internet-gateway) \ - AND network:(https://www.googleapis.com/compute/v1/projects/${PROJECT_ID}/global/networks/${NETWORK_ID}) \ - AND name~^default-route \ - " -) - -function delete_internet_gateway_routes { - local routes="${1}" - echo "${routes}" | while read -r line; do - echo "Deleting route ${line}..." - gcloud compute routes delete "${line}" --quiet --project="${PROJECT_ID}" - done -} - -if [ -n "${FILTERED_ROUTES}" ]; then - delete_internet_gateway_routes "${FILTERED_ROUTES}" -else - echo "Default internet gateway route(s) not found; exiting..." -fi - diff --git a/modules/routes/variables.tf b/modules/routes/variables.tf index 8eed495f..d5e6da2a 100644 --- a/modules/routes/variables.tf +++ b/modules/routes/variables.tf @@ -28,11 +28,6 @@ variable "routes" { default = [] } -variable "delete_default_internet_gateway_routes" { - description = "If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted" - default = "false" -} - variable "module_depends_on" { description = "List of modules or resources this module depends on." type = list diff --git a/modules/vpc/README.md b/modules/vpc/README.md index cae59d02..dffeb249 100644 --- a/modules/vpc/README.md +++ b/modules/vpc/README.md @@ -28,6 +28,7 @@ module "vpc" { | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| | auto\_create\_subnetworks | When set to true, the network is created in 'auto subnet mode' and it will create a subnet for each region automatically across the 10.128.0.0/9 address range. When set to false, the network is created in 'custom subnet mode' so the user can explicitly connect subnetwork resources. | bool | `"false"` | no | +| delete\_default\_internet\_gateway\_routes | If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted | bool | `"false"` | no | | description | An optional description of this resource. The resource must be recreated to modify this field. | string | `""` | no | | network\_name | The name of the network being created | string | n/a | yes | | project\_id | The ID of the project where this VPC will be created | string | n/a | yes | diff --git a/modules/vpc/main.tf b/modules/vpc/main.tf index 55703793..9fa509e7 100644 --- a/modules/vpc/main.tf +++ b/modules/vpc/main.tf @@ -18,11 +18,12 @@ VPC configuration *****************************************/ resource "google_compute_network" "network" { - name = var.network_name - auto_create_subnetworks = var.auto_create_subnetworks - routing_mode = var.routing_mode - project = var.project_id - description = var.description + name = var.network_name + auto_create_subnetworks = var.auto_create_subnetworks + routing_mode = var.routing_mode + project = var.project_id + description = var.description + delete_default_routes_on_create = var.delete_default_internet_gateway_routes } /****************************************** diff --git a/modules/vpc/variables.tf b/modules/vpc/variables.tf index a96751c4..eb6655be 100644 --- a/modules/vpc/variables.tf +++ b/modules/vpc/variables.tf @@ -45,3 +45,9 @@ variable "auto_create_subnetworks" { description = "When set to true, the network is created in 'auto subnet mode' and it will create a subnet for each region automatically across the 10.128.0.0/9 address range. When set to false, the network is created in 'custom subnet mode' so the user can explicitly connect subnetwork resources." default = false } + +variable "delete_default_internet_gateway_routes" { + type = bool + description = "If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted" + default = false +} diff --git a/variables.tf b/variables.tf index 1770d50f..ec645cda 100644 --- a/variables.tf +++ b/variables.tf @@ -52,8 +52,9 @@ variable "routes" { } variable "delete_default_internet_gateway_routes" { + type = bool description = "If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted" - default = "false" + default = false }