feat: partner interconnect (#147)

rhariady · imrannayer · web-flow · commit 0cff1905735f · 2025-04-28T12:26:01.000-05:00
Signed-off-by: Ricky Hariady &lt;ricky.hariady@gmail.com&gt;
Co-authored-by: Imran Nayer &lt;imrannayer@google.com&gt;
diff --git a/modules/interconnect_attachment/README.md b/modules/interconnect_attachment/README.md
@@ -8,14 +8,16 @@
 | admin\_enabled | Whether the VLAN attachment is enabled or disabled | `bool` | `true` | no |
 | bandwidth | Provisioned bandwidth capacity for the interconnect attachment | `string` | `"BPS_10G"` | no |
 | candidate\_subnets | Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). | `list(string)` | `null` | no |
+| create\_interface | Whether to create router interface (and peer) for this attachment. Set this to false for PARTNER type. | `bool` | `true` | no |
 | description | An optional description of this resource | `string` | `null` | no |
+| edge\_availability\_domain | Desired availability domain for the attachment. Only available for type PARTNER, at creation time. | `string` | `null` | no |
 | encryption | Indicates the user-supplied encryption option of this interconnect attachment. | `string` | `"NONE"` | no |
-| interconnect | URL of the underlying Interconnect object that this attachment's traffic will traverse through. | `string` | n/a | yes |
-| interface | Interface to deploy for this attachment. | <pre>object({<br>    name = string<br>  })</pre> | n/a | yes |
+| interconnect | URL of the underlying Interconnect object that this attachment's traffic will traverse through. | `string` | `""` | no |
+| interface | Interface to deploy for this attachment. | <pre>object({<br>    name = string<br>  })</pre> | `null` | no |
 | ipsec\_internal\_addresses | URL of addresses that have been reserved for the interconnect attachment, Used only for interconnect attachment that has the encryption option as IPSEC. | `list(string)` | `[]` | no |
 | mtu | Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. | `string` | `null` | no |
 | name | The name of the interconnect attachment | `string` | n/a | yes |
-| peer | BGP Peer for this attachment. | <pre>object({<br>    name                      = string<br>    peer_asn                  = string<br>    advertised_route_priority = optional(number)<br>    bfd = optional(object({<br>      session_initialization_mode = string<br>      min_transmit_interval       = optional(number)<br>      min_receive_interval        = optional(number)<br>      multiplier                  = optional(number)<br>    }))<br>    md5_authentication_key = optional(object({<br>      name = string<br>      key  = string<br>    }))<br>  })</pre> | n/a | yes |
+| peer | BGP Peer for this attachment. | <pre>object({<br>    name                      = string<br>    peer_asn                  = string<br>    advertised_route_priority = optional(number)<br>    bfd = optional(object({<br>      session_initialization_mode = string<br>      min_transmit_interval       = optional(number)<br>      min_receive_interval        = optional(number)<br>      multiplier                  = optional(number)<br>    }))<br>    md5_authentication_key = optional(object({<br>      name = string<br>      key  = string<br>    }))<br>  })</pre> | `null` | no |
 | project | The project ID to deploy to | `string` | n/a | yes |
 | region | Region where the attachment resides | `string` | n/a | yes |
 | router | Name of the router the attachment resides | `string` | n/a | yes |
diff --git a/modules/interconnect_attachment/main.tf b/modules/interconnect_attachment/main.tf
@@ -22,8 +22,9 @@ resource "google_compute_interconnect_attachment" "attachment" {
   interconnect             = var.interconnect
   admin_enabled            = var.admin_enabled
   type                     = var.type
+  edge_availability_domain = var.edge_availability_domain
   description              = var.description
-  bandwidth                = var.bandwidth
+  bandwidth                = var.type == "DEDICATED" ? var.bandwidth : null
   mtu                      = var.mtu
   candidate_subnets        = var.candidate_subnets
   vlan_tag8021q            = var.vlan_tag8021q
@@ -32,21 +33,28 @@ resource "google_compute_interconnect_attachment" "attachment" {
 }
 
 module "interface" {
+  count = var.create_interface ? 1 : 0
+
   source                  = "../interface"
-  name                    = var.interface.name
+  name                    = try(var.interface.name, null)
   project                 = var.project
   router                  = var.router
   region                  = var.region
   ip_range                = google_compute_interconnect_attachment.attachment.cloud_router_ip_address
   interconnect_attachment = google_compute_interconnect_attachment.attachment.self_link
   peers = [{
-    name = var.peer.name
+    name = try(var.peer.name, null)
 
     # Peer IP Address must not contain the subnet mask, else will throw an invalid IP address error.
     peer_ip_address           = element(split("/", google_compute_interconnect_attachment.attachment.customer_router_ip_address), 0)
-    peer_asn                  = var.peer.peer_asn
+    peer_asn                  = try(var.peer.peer_asn, null)
     advertised_route_priority = try(var.peer.advertised_route_priority, null)
     bfd                       = try(var.peer.bfd, null)
     md5_authentication_key    = try(var.peer.md5_authentication_key, null)
   }]
 }
+
+moved {
+  from = module.interface
+  to   = module.interface[0]
+}
diff --git a/modules/interconnect_attachment/variables.tf b/modules/interconnect_attachment/variables.tf
@@ -37,6 +37,7 @@ variable "region" {
 variable "interconnect" {
   type        = string
   description = "URL of the underlying Interconnect object that this attachment's traffic will traverse through."
+  default     = ""
 }
 
 variable "admin_enabled" {
@@ -63,6 +64,12 @@ variable "mtu" {
   default     = null
 }
 
+variable "edge_availability_domain" {
+  type        = string
+  description = "Desired availability domain for the attachment. Only available for type PARTNER, at creation time."
+  default     = null
+}
+
 variable "description" {
   type        = string
   description = "An optional description of this resource"
@@ -93,11 +100,18 @@ variable "ipsec_internal_addresses" {
   default     = []
 }
 
+variable "create_interface" {
+  type        = bool
+  description = "Whether to create router interface (and peer) for this attachment. Set this to false for PARTNER type."
+  default     = true
+}
+
 variable "interface" {
   description = "Interface to deploy for this attachment."
   type = object({
     name = string
   })
+  default = null
 }
 
 variable "peer" {
@@ -117,4 +131,5 @@ variable "peer" {
       key  = string
     }))
   })
+  default = null
 }
