fix: Fix type for NAT subnetwork attributes (#85)

Author: peikk0

README.md

@@ -45,7 +45,7 @@ Functional examples are included in the [examples](./examples/) directory. By de
 | bgp | BGP information specific to this router. | <pre>object({<br>    asn               = string<br>    advertise_mode    = optional(string, "CUSTOM")<br>    advertised_groups = optional(list(string))<br>    advertised_ip_ranges = optional(list(object({<br>      range       = string<br>      description = optional(string)<br>    })), [])<br>    keepalive_interval = optional(number)<br>  })</pre> | `null` | no |
 | description | An optional description of this resource | `string` | `null` | no |
 | name | Name of the router | `string` | n/a | yes |
-| nats | NATs to deploy on this router. | <pre>list(object({<br>    name                                = string<br>    nat_ip_allocate_option              = optional(string)<br>    source_subnetwork_ip_ranges_to_nat  = optional(string)<br>    nat_ips                             = optional(list(string), [])<br>    min_ports_per_vm                    = optional(number)<br>    max_ports_per_vm                    = optional(number)<br>    udp_idle_timeout_sec                = optional(number)<br>    icmp_idle_timeout_sec               = optional(number)<br>    tcp_established_idle_timeout_sec    = optional(number)<br>    tcp_transitory_idle_timeout_sec     = optional(number)<br>    tcp_time_wait_timeout_sec           = optional(number)<br>    enable_endpoint_independent_mapping = optional(bool)<br>    enable_dynamic_port_allocation      = optional(bool)<br><br>    log_config = optional(object({<br>      enable = optional(bool, true)<br>      filter = optional(string, "ALL")<br>    }), {})<br><br>    subnetworks = optional(list(object({<br>      name                     = string<br>      source_ip_ranges_to_nat  = string<br>      secondary_ip_range_names = optional(string)<br>    })), [])<br><br>  }))</pre> | `[]` | no |
+| nats | NATs to deploy on this router. | <pre>list(object({<br>    name                                = string<br>    nat_ip_allocate_option              = optional(string)<br>    source_subnetwork_ip_ranges_to_nat  = optional(string)<br>    nat_ips                             = optional(list(string), [])<br>    min_ports_per_vm                    = optional(number)<br>    max_ports_per_vm                    = optional(number)<br>    udp_idle_timeout_sec                = optional(number)<br>    icmp_idle_timeout_sec               = optional(number)<br>    tcp_established_idle_timeout_sec    = optional(number)<br>    tcp_transitory_idle_timeout_sec     = optional(number)<br>    tcp_time_wait_timeout_sec           = optional(number)<br>    enable_endpoint_independent_mapping = optional(bool)<br>    enable_dynamic_port_allocation      = optional(bool)<br><br>    log_config = optional(object({<br>      enable = optional(bool, true)<br>      filter = optional(string, "ALL")<br>    }), {})<br><br>    subnetworks = optional(list(object({<br>      name                     = string<br>      source_ip_ranges_to_nat  = list(string)<br>      secondary_ip_range_names = optional(list(string))<br>    })), [])<br><br>  }))</pre> | `[]` | no |
 | network | A reference to the network to which this router belongs | `string` | n/a | yes |
 | project | The project ID to deploy to | `string` | n/a | yes |
 | region | Region where the router resides | `string` | n/a | yes |

examples/nat/main.tf

@@ -21,7 +21,21 @@ module "vpc" {
   project_id   = var.project_id
   network_name = "test-network"
   routing_mode = "GLOBAL"
-  subnets      = []
+  subnets = [
+    {
+      subnet_name   = "test-subnet-01"
+      subnet_ip     = "10.10.10.0/24"
+      subnet_region = "us-central1"
+    }
+  ]
+  secondary_ranges = {
+    test-subnet-01 = [
+      {
+        range_name    = "test-subnet-01-secondary-01"
+        ip_cidr_range = "192.168.64.0/24"
+      },
+    ]
+  }
 }
 
 
@@ -35,7 +49,15 @@ module "cloud_router" {
   region  = "us-central1"
 
   nats = [{
-    name = "my-nat-gateway"
+    name                               = "my-nat-gateway"
+    source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
+    subnetworks = [
+      {
+        name                     = module.vpc.subnets["us-central1/test-subnet-01"].id
+        source_ip_ranges_to_nat  = ["PRIMARY_IP_RANGE", "LIST_OF_SECONDARY_IP_RANGES"]
+        secondary_ip_range_names = module.vpc.subnets["us-central1/test-subnet-01"].secondary_ip_range[*].range_name
+      }
+    ]
   }]
 }
 # [END cloudnat_simple_create]

nat.tf

@@ -24,30 +24,30 @@ resource "google_compute_router_nat" "nats" {
   project                             = google_compute_router.router.project
   router                              = google_compute_router.router.name
   region                              = google_compute_router.router.region
-  nat_ip_allocate_option              = coalesce(each.value.nat_ip_allocate_option, length(lookup(each.value, "nat_ips", [])) > 0 ? "MANUAL_ONLY" : "AUTO_ONLY")
+  nat_ip_allocate_option              = coalesce(each.value.nat_ip_allocate_option, length(each.value.nat_ips) > 0 ? "MANUAL_ONLY" : "AUTO_ONLY")
   source_subnetwork_ip_ranges_to_nat  = coalesce(each.value.source_subnetwork_ip_ranges_to_nat, "ALL_SUBNETWORKS_ALL_IP_RANGES")
-  nat_ips                             = lookup(each.value, "nat_ips")
-  min_ports_per_vm                    = lookup(each.value, "min_ports_per_vm")
-  max_ports_per_vm                    = lookup(each.value, "max_ports_per_vm")
-  udp_idle_timeout_sec                = lookup(each.value, "udp_idle_timeout_sec")
-  icmp_idle_timeout_sec               = lookup(each.value, "icmp_idle_timeout_sec")
-  tcp_established_idle_timeout_sec    = lookup(each.value, "tcp_established_idle_timeout_sec")
-  tcp_transitory_idle_timeout_sec     = lookup(each.value, "tcp_transitory_idle_timeout_sec")
-  tcp_time_wait_timeout_sec           = lookup(each.value, "tcp_time_wait_timeout_sec")
-  enable_endpoint_independent_mapping = lookup(each.value, "enable_endpoint_independent_mapping")
-  enable_dynamic_port_allocation      = lookup(each.value, "enable_dynamic_port_allocation")
+  nat_ips                             = each.value.nat_ips
+  min_ports_per_vm                    = each.value.min_ports_per_vm
+  max_ports_per_vm                    = each.value.max_ports_per_vm
+  udp_idle_timeout_sec                = each.value.udp_idle_timeout_sec
+  icmp_idle_timeout_sec               = each.value.icmp_idle_timeout_sec
+  tcp_established_idle_timeout_sec    = each.value.tcp_established_idle_timeout_sec
+  tcp_transitory_idle_timeout_sec     = each.value.tcp_transitory_idle_timeout_sec
+  tcp_time_wait_timeout_sec           = each.value.tcp_time_wait_timeout_sec
+  enable_endpoint_independent_mapping = each.value.enable_endpoint_independent_mapping
+  enable_dynamic_port_allocation      = each.value.enable_dynamic_port_allocation
 
   log_config {
-    enable = lookup(lookup(each.value, "log_config", {}), "enable", true)
-    filter = lookup(lookup(each.value, "log_config", {}), "filter", "ALL")
+    enable = each.value.log_config.enable
+    filter = each.value.log_config.filter
   }
 
   dynamic "subnetwork" {
-    for_each = lookup(each.value, "subnetworks", [])
+    for_each = each.value.subnetworks
     content {
       name                     = subnetwork.value.name
       source_ip_ranges_to_nat  = subnetwork.value.source_ip_ranges_to_nat
-      secondary_ip_range_names = lookup(subnetwork.value, "secondary_ip_range_names", null)
+      secondary_ip_range_names = subnetwork.value.secondary_ip_range_names
     }
   }
 }

variables.tf

@@ -104,8 +104,8 @@ variable "nats" {
 
     subnetworks = optional(list(object({
       name                     = string
-      source_ip_ranges_to_nat  = string
-      secondary_ip_range_names = optional(string)
+      source_ip_ranges_to_nat  = list(string)
+      secondary_ip_range_names = optional(list(string))
     })), [])
 
   }))