Skip to content

Commit 9c69e40

Browse files
pawan1210pawan1210
committed
feat: added support for multiple forwarding rule creation based on subnets
1 parent 4b1f9f9 commit 9c69e40

File tree

1 file changed

+62
-6
lines changed

1 file changed

+62
-6
lines changed

modules/frontend/main.tf

Lines changed: 62 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -23,8 +23,8 @@ locals {
2323
create_http_forward = var.http_forward || var.https_redirect
2424

2525

26-
is_internal = var.load_balancing_scheme == "INTERNAL_SELF_MANAGED"
27-
internal_network = local.is_internal ? var.network : null
26+
is_internal = var.load_balancing_scheme == "INTERNAL_SELF_MANAGED" || var.load_balancing_scheme == "INTERNAL_MANAGED"
27+
internal_network = local.is_internal ? var.network : null
2828

2929
# Create a map with hosts as keys and empty lists as initial values
3030
hosts = toset([for service in var.url_map_input : service.host])
@@ -46,7 +46,7 @@ locals {
4646
resource "google_compute_global_forwarding_rule" "http" {
4747
provider = google-beta
4848
project = var.project_id
49-
count = local.create_http_forward ? 1 : 0
49+
count = local.create_http_forward && !local.is_internal ? 1 : 0
5050
name = var.name
5151
target = google_compute_target_http_proxy.default[0].self_link
5252
ip_address = local.address
@@ -56,10 +56,24 @@ resource "google_compute_global_forwarding_rule" "http" {
5656
network = local.internal_network
5757
}
5858

59+
resource "google_compute_global_forwarding_rule" "http_internal" {
60+
count = local.create_http_forward && local.is_internal ? length(var.internal_forwarding_rule_subnetworks) : 0
61+
62+
provider = google-beta
63+
project = var.project_id
64+
name = "${var.name}-http-internal-${count.index}"
65+
target = google_compute_target_http_proxy.default[0].self_link
66+
port_range = var.http_port
67+
labels = var.labels
68+
load_balancing_scheme = var.load_balancing_scheme
69+
network = local.internal_network
70+
subnetwork = var.internal_forwarding_rule_subnetworks[count.index]
71+
}
72+
5973
resource "google_compute_global_forwarding_rule" "https" {
6074
provider = google-beta
6175
project = var.project_id
62-
count = var.ssl ? 1 : 0
76+
count = var.ssl && !local.is_internal ? 1 : 0
6377
name = "${var.name}-https"
6478
target = google_compute_target_https_proxy.default[0].self_link
6579
ip_address = local.address
@@ -69,6 +83,20 @@ resource "google_compute_global_forwarding_rule" "https" {
6983
network = local.internal_network
7084
}
7185

86+
resource "google_compute_global_forwarding_rule" "https_internal" {
87+
count = var.ssl && local.is_internal ? length(var.internal_forwarding_rule_subnetworks) : 0
88+
89+
provider = google-beta
90+
project = var.project_id
91+
name = "${var.name}-https-internal-${count.index}"
92+
target = google_compute_target_https_proxy.default[0].self_link
93+
port_range = var.https_port
94+
labels = var.labels
95+
load_balancing_scheme = var.load_balancing_scheme
96+
network = local.internal_network
97+
subnetwork = var.internal_forwarding_rule_subnetworks[count.index]
98+
}
99+
72100
resource "google_compute_global_address" "default" {
73101
provider = google-beta
74102
count = local.is_internal ? 0 : var.create_address ? 1 : 0
@@ -83,7 +111,7 @@ resource "google_compute_global_address" "default" {
83111
resource "google_compute_global_forwarding_rule" "http_ipv6" {
84112
provider = google-beta
85113
project = var.project_id
86-
count = (var.enable_ipv6 && local.create_http_forward) ? 1 : 0
114+
count = (var.enable_ipv6 && local.create_http_forward && !local.is_internal) ? 1 : 0
87115
name = "${var.name}-ipv6-http"
88116
target = google_compute_target_http_proxy.default[0].self_link
89117
ip_address = local.ipv6_address
@@ -93,10 +121,24 @@ resource "google_compute_global_forwarding_rule" "http_ipv6" {
93121
network = local.internal_network
94122
}
95123

124+
resource "google_compute_global_forwarding_rule" "http_ipv6_internal" {
125+
count = var.enable_ipv6 && local.create_http_forward && local.is_internal ? length(var.internal_forwarding_rule_subnetworks) : 0
126+
127+
provider = google-beta
128+
project = var.project_id
129+
name = "${var.name}-ipv6-http-internal"
130+
target = google_compute_target_http_proxy.default[0].self_link
131+
port_range = "80"
132+
labels = var.labels
133+
load_balancing_scheme = var.load_balancing_scheme
134+
network = local.internal_network
135+
subnetwork = var.internal_forwarding_rule_subnetworks[count.index]
136+
}
137+
96138
resource "google_compute_global_forwarding_rule" "https_ipv6" {
97139
provider = google-beta
98140
project = var.project_id
99-
count = var.enable_ipv6 && var.ssl ? 1 : 0
141+
count = var.enable_ipv6 && var.ssl && !local.is_internal ? 1 : 0
100142
name = "${var.name}-ipv6-https"
101143
target = google_compute_target_https_proxy.default[0].self_link
102144
ip_address = local.ipv6_address
@@ -106,6 +148,20 @@ resource "google_compute_global_forwarding_rule" "https_ipv6" {
106148
network = local.internal_network
107149
}
108150

151+
resource "google_compute_global_forwarding_rule" "https_ipv6_internal" {
152+
count = var.enable_ipv6 && var.ssl && local.is_internal ? length(var.internal_forwarding_rule_subnetworks) : 0
153+
154+
provider = google-beta
155+
project = var.project_id
156+
name = "${var.name}-ipv6-https-internal-${count.index}"
157+
target = google_compute_target_https_proxy.default[0].self_link
158+
port_range = "443"
159+
labels = var.labels
160+
load_balancing_scheme = var.load_balancing_scheme
161+
network = local.internal_network
162+
subnetwork = var.internal_forwarding_rule_subnetworks[count.index]
163+
}
164+
109165
resource "google_compute_global_address" "default_ipv6" {
110166
provider = google-beta
111167
count = local.is_internal ? 0 : (var.enable_ipv6 && var.create_ipv6_address) ? 1 : 0

0 commit comments

Comments
 (0)