terraform/gcp: Do not create unused subnetworks and Upgrade to latest google provider (#8497)
* terraform/gcp: Do not create unused subnetworks By default terraform creates a subnetwork in each 39 regions * terraform/gcp: Upgrade to latest google provider ... where "one of source_tags, source_ranges, or source_service_accounts must be defined"pull/8484/head
parent
eacd55fbca
commit
958bca8800
|
@ -2,7 +2,7 @@ terraform {
|
||||||
required_providers {
|
required_providers {
|
||||||
google = {
|
google = {
|
||||||
source = "hashicorp/google"
|
source = "hashicorp/google"
|
||||||
version = "~> 3.48"
|
version = "~> 4.0"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,6 +5,8 @@
|
||||||
|
|
||||||
resource "google_compute_network" "main" {
|
resource "google_compute_network" "main" {
|
||||||
name = "${var.prefix}-network"
|
name = "${var.prefix}-network"
|
||||||
|
|
||||||
|
auto_create_subnetworks = false
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_subnetwork" "main" {
|
resource "google_compute_subnetwork" "main" {
|
||||||
|
@ -20,6 +22,8 @@ resource "google_compute_firewall" "deny_all" {
|
||||||
|
|
||||||
priority = 1000
|
priority = 1000
|
||||||
|
|
||||||
|
source_ranges = ["0.0.0.0/0"]
|
||||||
|
|
||||||
deny {
|
deny {
|
||||||
protocol = "all"
|
protocol = "all"
|
||||||
}
|
}
|
||||||
|
@ -86,6 +90,8 @@ resource "google_compute_firewall" "ingress_http" {
|
||||||
|
|
||||||
priority = 100
|
priority = 100
|
||||||
|
|
||||||
|
source_ranges = ["0.0.0.0/0"]
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
ports = ["80"]
|
ports = ["80"]
|
||||||
|
@ -98,6 +104,8 @@ resource "google_compute_firewall" "ingress_https" {
|
||||||
|
|
||||||
priority = 100
|
priority = 100
|
||||||
|
|
||||||
|
source_ranges = ["0.0.0.0/0"]
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
ports = ["443"]
|
ports = ["443"]
|
||||||
|
|
Loading…
Reference in New Issue