GCP gateway terraform example w/ cloud nat #3940
Comments
jamilbk
added
area/devops
|
@jamilbk just wanted to clarify what is the use case for showing examples for Google Cloud itself? Because Cloud Nat is just one of many VPC components, it should not matter how you set the VPC up as long as we can reach the gateway, so I'm not sure if we need to maintain a library of ways to deploy it. P.S.: I believe we are already running our gateways behind cloud nat on production: https://github.com/firezone/firezone/blame/main/terraform/modules/google-cloud-vpc/main.tf#L30 |
|
Use case is the 1.0 version of this: https://www.firezone.dev/docs/user-guides/use-cases/nat-gateway Customer wants all gateways in a VPC to egress out of a single static IP to use for whitelisting to other services/clients in different clouds or networks. It's a pretty common one (why we published that docs article above) The advantage in 1.0 is the scalability -- you can deploy more gateways for more availability Yeah I was planning to use our prod deployment as a starting point, but then add network creation, cloud NAT to achieve the above use case with fewer TF inputs. See https://docs.google.com/document/d/1_CJ6aHlt0h1ZKlBRE5snjGWEXu1V1sZvzkpftR1-2Xc/edit for more info |
Requested by customer
The text was updated successfully, but these errors were encountered: