Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BGP Route Policy Support #174

Open
vijaytdh opened this issue Jan 13, 2025 · 0 comments
Open

BGP Route Policy Support #174

vijaytdh opened this issue Jan 13, 2025 · 0 comments
Labels
enhancement New feature or request

Comments

@vijaytdh
Copy link

TL;DR

Support configuring BGP policies for google_compute_router_peer

Terraform Resources

https://cloud.google.com/network-connectivity/docs/router/concepts/bgp-route-policies-overview

https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_router_peer#example-usage---router-peer-export-and-import-policies

Detailed design

We would like to associate BGP policies with the `google_compute_router_peer` resource - the `import_policies` and `export_policies` arguments are list of just the name of the policy. 

Note this is only available in the beta provided as far as I know and I am not sure if this repo allows the use of beta provider resources/features.

It would be good if the module were to make the `import_policies` and `export_policies` arguments configurable. Note, I am *not* asking for the policies to be created by this module.

e.g. I am looking for the `tunnels` variable to be updated to 


variable "tunnels" {
  description = "VPN tunnel configurations, bgp_peer_options is usually null."
  type = map(object({
    bgp_peer = object({
      address = string
      asn     = number
    })
    bgp_session_name = optional(string)
    bgp_peer_options = optional(object({
      ip_address          = optional(string)
      advertise_groups    = optional(list(string))
      advertise_ip_ranges = optional(map(string))
      advertise_mode      = optional(string)
      route_priority      = optional(number)
      import_policies     = optional(list(string))
      export_policies     = optional(list(string))
    }))
    bgp_session_range               = optional(string)
    ike_version                     = optional(number)
    vpn_gateway_interface           = optional(number)
    peer_external_gateway_self_link = optional(string, null)
    peer_external_gateway_interface = optional(number)
    shared_secret                   = optional(string, "")
  }))
  default = {}
}


So something like the following can be done in the `main.tf`

```hcl
  import_policies = each.value.bgp_peer_options.import_policies == null ? null : each.value.bgp_peer_options.import_policies
  export_policies = each.value.bgp_peer_options.export_policies == null ? null : each.value.bgp_peer_options.export_policies


### Additional information

_No response_
@vijaytdh vijaytdh added the enhancement New feature or request label Jan 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@vijaytdh