terraform/gcp: Do not create unused subnetworks and Upgrade to latest google provider (#8497)

* terraform/gcp: Do not create unused subnetworks

By default terraform creates a subnetwork in each 39 regions

* terraform/gcp: Upgrade to latest google provider

... where "one of source_tags, source_ranges, or source_service_accounts must be defined"
pull/8484/head
Mathieu Parent 2022-02-01 18:14:11 +01:00 committed by GitHub
parent eacd55fbca
commit 958bca8800
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 1 deletions

View File

@ -2,7 +2,7 @@ terraform {
required_providers { required_providers {
google = { google = {
source = "hashicorp/google" source = "hashicorp/google"
version = "~> 3.48" version = "~> 4.0"
} }
} }
} }

View File

@ -5,6 +5,8 @@
resource "google_compute_network" "main" { resource "google_compute_network" "main" {
name = "${var.prefix}-network" name = "${var.prefix}-network"
auto_create_subnetworks = false
} }
resource "google_compute_subnetwork" "main" { resource "google_compute_subnetwork" "main" {
@ -20,6 +22,8 @@ resource "google_compute_firewall" "deny_all" {
priority = 1000 priority = 1000
source_ranges = ["0.0.0.0/0"]
deny { deny {
protocol = "all" protocol = "all"
} }
@ -86,6 +90,8 @@ resource "google_compute_firewall" "ingress_http" {
priority = 100 priority = 100
source_ranges = ["0.0.0.0/0"]
allow { allow {
protocol = "tcp" protocol = "tcp"
ports = ["80"] ports = ["80"]
@ -98,6 +104,8 @@ resource "google_compute_firewall" "ingress_https" {
priority = 100 priority = 100
source_ranges = ["0.0.0.0/0"]
allow { allow {
protocol = "tcp" protocol = "tcp"
ports = ["443"] ports = ["443"]