fix: added validation in internal_forwarding_rules_cnfig variable

Author: pawan1210

examples/internal-lb-cloud-run/main.tf

@@ -120,12 +120,10 @@ module "internal-lb-http-frontend" {
     {
       "region" : "us-east1",
       "subnetwork" : module.internal-lb-subnet.subnets["us-east1/int-lb-subnet-a"].id,
-      "create_proxy_only_subnet" : false,
     },
     {
       "region" : "us-south1",
       "subnetwork" : module.internal-lb-subnet.subnets["us-south1/int-lb-subnet-b"].id,
-      "create_proxy_only_subnet" : false,
     }
   ]
 }

modules/frontend/README.md

@@ -19,7 +19,7 @@ This module creates `HTTP(S) forwarding rule` and its dependencies. This modules
 | http\_port | The port for the HTTP load balancer | `number` | `80` | no |
 | https\_port | The port for the HTTPS load balancer | `number` | `443` | no |
 | https\_redirect | Set to `true` to enable https redirect on the lb. | `bool` | `false` | no |
-| internal\_forwarding\_rules\_config | List of internal managed forwarding rules config. One of 'address' or 'subnetwork' is required for each. If 'create\_proxy\_only\_subnet' is true, 'proxy\_only\_subnet\_ip' is required. It is only applicable for internal load balancer. | <pre>list(object({<br>    region                   = string<br>    address                  = optional(string)<br>    subnetwork               = optional(string)<br>    create_proxy_only_subnet = bool<br>    proxy_only_subnet_ip     = optional(string)<br>  }))</pre> | `[]` | no |
+| internal\_forwarding\_rules\_config | List of internal managed forwarding rules config. One of 'address' or 'subnetwork' is required for each. If 'create\_proxy\_only\_subnet' is true, 'proxy\_only\_subnet\_ip' is required. It is only applicable for internal load balancer. | <pre>list(object({<br>    region                   = string<br>    address                  = optional(string)<br>    subnetwork               = optional(string)<br>    create_proxy_only_subnet = optional(bool, false)<br>    proxy_only_subnet_ip     = optional(string, "10.127.0.0/23")<br>  }))</pre> | `[]` | no |
 | ipv6\_address | An existing IPv6 address to use (the actual IP address value) | `string` | `null` | no |
 | labels | The labels to attach to resources created by this module | `map(string)` | `{}` | no |
 | load\_balancing\_scheme | Load balancing scheme type (EXTERNAL for classic external load balancer, EXTERNAL\_MANAGED for Envoy-based load balancer, INTERNAL\_MANAGED for internal load balancer and INTERNAL\_SELF\_MANAGED for traffic director) | `string` | `"EXTERNAL_MANAGED"` | no |

modules/frontend/metadata.yaml

@@ -196,8 +196,8 @@ spec:
               region                   = string
               address                  = optional(string)
               subnetwork               = optional(string)
-              create_proxy_only_subnet = bool
-              proxy_only_subnet_ip     = optional(string)
+              create_proxy_only_subnet = optional(bool, false)
+              proxy_only_subnet_ip     = optional(string, "10.127.0.0/23")
             }))
         defaultValue: []
     outputs:

modules/frontend/variables.tf

@@ -205,8 +205,15 @@ variable "internal_forwarding_rules_config" {
     region                   = string
     address                  = optional(string)
     subnetwork               = optional(string)
-    create_proxy_only_subnet = bool
-    proxy_only_subnet_ip     = optional(string)
+    create_proxy_only_subnet = optional(bool, false)
+    proxy_only_subnet_ip     = optional(string, "10.127.0.0/23")
   }))
   default = []
+  validation {
+    condition = alltrue([
+      for rule in var.internal_forwarding_rules_config :
+      rule.address != null || rule.subnetwork != null
+    ])
+    error_message = "Each internal forwarding rule config must specify either 'address' or 'subnetwork'."
+  }
 }