Added IPSEC_INTERCONNECT addresses to net-address module

modules/net-address/README.md

@@ -77,18 +77,42 @@ module "addresses" {
 }
 # tftest modules=1 resources=2 inventory=psc.yaml
 ```
-<!-- BEGIN TFDOC -->
 
+# IPSec Interconnect addresses
+
+```hcl
+module "addresses" {
+  source     = "./fabric/modules/net-address"
+  project_id = var.project_id
+  ipsec_interconnect_addresses = {
+    vpn-gw-range-1 = {
+      address       = "10.255.255.0"
+      region        = var.region
+      network       = var.vpc.self_link
+      prefix_length = 29
+    }
+    vpn-gw-range-2 = {
+      address       = "10.255.255.8"
+      region        = var.region
+      network       = var.vpc.self_link
+      prefix_length = 29
+    }
+  }
+}
+# tftest modules=1 resources=2 inventory=ipsec-interconnect.yaml
+```
+<!-- BEGIN TFDOC -->
 ## Variables
 
 | name | description | type | required | default |
 |---|---|:---:|:---:|:---:|
-| [project_id](variables.tf#L55) | Project where the addresses will be created. | <code>string</code> | ✓ |  |
+| [project_id](variables.tf#L67) | Project where the addresses will be created. | <code>string</code> | ✓ |  |
 | [external_addresses](variables.tf#L17) | Map of external address regions, keyed by name. | <code>map&#40;string&#41;</code> |  | <code>&#123;&#125;</code> |
 | [global_addresses](variables.tf#L29) | List of global addresses to create. | <code>list&#40;string&#41;</code> |  | <code>&#91;&#93;</code> |
 | [internal_addresses](variables.tf#L35) | Map of internal addresses to create, keyed by name. | <code title="map&#40;object&#40;&#123;&#10;  region      &#61; string&#10;  subnetwork  &#61; string&#10;  address     &#61; optional&#40;string&#41;&#10;  description &#61; optional&#40;string, &#34;Terraform managed.&#34;&#41;&#10;  labels      &#61; optional&#40;map&#40;string&#41;&#41;&#10;  purpose     &#61; optional&#40;string&#41;&#10;  tier        &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
-| [psa_addresses](variables.tf#L60) | Map of internal addresses used for Private Service Access. | <code title="map&#40;object&#40;&#123;&#10;  address       &#61; string&#10;  network       &#61; string&#10;  description   &#61; optional&#40;string, &#34;Terraform managed.&#34;&#41;&#10;  prefix_length &#61; number&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
-| [psc_addresses](variables.tf#L71) | Map of internal addresses used for Private Service Connect. | <code title="map&#40;object&#40;&#123;&#10;  address     &#61; string&#10;  network     &#61; string&#10;  description &#61; optional&#40;string, &#34;Terraform managed.&#34;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
+| [ipsec_interconnect_addresses](variables.tf#L49) | Map of internal addresses used for HPA VPN over Cloud Interconnect. | <code title="map&#40;object&#40;&#123;&#10;  region        &#61; string&#10;  address       &#61; string&#10;  network       &#61; string&#10;  description   &#61; optional&#40;string, &#34;Terraform managed.&#34;&#41;&#10;  prefix_length &#61; number&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
+| [psa_addresses](variables.tf#L72) | Map of internal addresses used for Private Service Access. | <code title="map&#40;object&#40;&#123;&#10;  address       &#61; string&#10;  network       &#61; string&#10;  description   &#61; optional&#40;string, &#34;Terraform managed.&#34;&#41;&#10;  prefix_length &#61; number&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
+| [psc_addresses](variables.tf#L83) | Map of internal addresses used for Private Service Connect. | <code title="map&#40;object&#40;&#123;&#10;  address     &#61; string&#10;  network     &#61; string&#10;  description &#61; optional&#40;string, &#34;Terraform managed.&#34;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> |  | <code>&#123;&#125;</code> |
 
 ## Outputs
 
@@ -97,7 +121,7 @@ module "addresses" {
 | [external_addresses](outputs.tf#L17) | Allocated external addresses. |  |
 | [global_addresses](outputs.tf#L25) | Allocated global external addresses. |  |
 | [internal_addresses](outputs.tf#L33) | Allocated internal addresses. |  |
-| [psa_addresses](outputs.tf#L41) | Allocated internal addresses for PSA endpoints. |  |
-| [psc_addresses](outputs.tf#L49) | Allocated internal addresses for PSC endpoints. |  |
-
+| [ipsec_interconnect_addresses](outputs.tf#L41) | Allocated internal addresses for HA VPN over Cloud Interconnect. |  |
+| [psa_addresses](outputs.tf#L49) | Allocated internal addresses for PSA endpoints. |  |
+| [psc_addresses](outputs.tf#L57) | Allocated internal addresses for PSC endpoints. |  |
 <!-- END TFDOC -->

modules/net-address/main.tf

@@ -69,3 +69,16 @@ resource "google_compute_global_address" "psa" {
   purpose       = "VPC_PEERING"
   # labels       = lookup(var.internal_address_labels, each.key, {})
 }
+
+resource "google_compute_address" "ipsec_interconnect" {
+  for_each      = var.ipsec_interconnect_addresses
+  project       = var.project_id
+  name          = each.key
+  description   = each.value.description
+  address       = each.value.address
+  address_type  = "INTERNAL"
+  region        = each.value.region
+  network       = each.value.network
+  prefix_length = each.value.prefix_length
+  purpose       = "IPSEC_INTERCONNECT"
+}

modules/net-address/outputs.tf

@@ -38,6 +38,14 @@ output "internal_addresses" {
   }
 }
 
+output "ipsec_interconnect_addresses" {
+  description = "Allocated internal addresses for HA VPN over Cloud Interconnect."
+  value = {
+    for address in google_compute_address.ipsec_interconnect :
+    address.name => address
+  }
+}
+
 output "psa_addresses" {
   description = "Allocated internal addresses for PSA endpoints."
   value = {
@@ -52,4 +60,4 @@ output "psc_addresses" {
     for address in google_compute_global_address.psc :
     address.name => address
   }
-}
+}

modules/net-address/variables.tf

@@ -46,6 +46,18 @@ variable "internal_addresses" {
   default = {}
 }
 
+variable "ipsec_interconnect_addresses" {
+  description = "Map of internal addresses used for HPA VPN over Cloud Interconnect."
+  type = map(object({
+    region        = string
+    address       = string
+    network       = string
+    description   = optional(string, "Terraform managed.")
+    prefix_length = number
+  }))
+  default = {}
+}
+
 # variable "internal_address_labels" {
 #   description = "Optional labels for internal addresses, keyed by address name."
 #   type        = map(map(string))
@@ -76,4 +88,4 @@ variable "psc_addresses" {
     description = optional(string, "Terraform managed.")
   }))
   default = {}
-}
+}

tests/modules/net_address/examples/ipsec-interconnect.yaml

@@ -0,0 +1,22 @@
+values:
+  module.addresses.google_compute_address.ipsec_interconnect["vpn-gw-range-1"]:
+    address: 10.255.255.0
+    address_type: INTERNAL
+    name: vpn-gw-range-1
+    network: projects/xxx/global/networks/aaa
+    prefix_length: 29
+    project: project-id
+    purpose: IPSEC_INTERCONNECT
+    region: region
+  module.addresses.google_compute_address.ipsec_interconnect["vpn-gw-range-2"]:
+    address: 10.255.255.8
+    address_type: INTERNAL
+    name: vpn-gw-range-2
+    network: projects/xxx/global/networks/aaa
+    prefix_length: 29
+    project: project-id
+    purpose: IPSEC_INTERCONNECT
+    region: region
+
+counts:
+  google_compute_address: 2