Skip to content

Commit

Permalink
Add ILB global access to ForwardingRule
Browse files Browse the repository at this point in the history 
Signed-off-by: Modular Magician <magic-modules@google.com>
  • Loading branch information
@chrisst
chrisst committed Dec 13, 2019
1 parent bd2a816 commit af04146
Show file tree
Hide file tree
Showing 3 changed files with 168 additions and 0 deletions.
51 changes: 51 additions & 0 deletions google-beta/resource_compute_forwarding_rule.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,12 @@ INTERNAL and protocol is TCP/UDP), set this to true to allow packets
addressed to any ports to be forwarded to the backends configured
with this forwarding rule. Used with backend service. Cannot be set
if port or portRange are set.`,
},
"allow_global_access": {
Type: schema.TypeBool,
Optional: true,
Description: `If true, clients can access ILB from all regions.
Otherwise only allows from the local region the ILB is located at.`,
},
"backend_service": {
Type: schema.TypeString,
Expand Down Expand Up @@ -365,6 +371,12 @@ func resourceComputeForwardingRuleCreate(d *schema.ResourceData, meta interface{
} else if v, ok := d.GetOkExists("target"); !isEmptyValue(reflect.ValueOf(targetProp)) && (ok || !reflect.DeepEqual(v, targetProp)) {
obj["target"] = targetProp
}
allowGlobalAccessProp, err := expandComputeForwardingRuleAllowGlobalAccess(d.Get("allow_global_access"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("allow_global_access"); ok || !reflect.DeepEqual(v, allowGlobalAccessProp) {
obj["allowGlobalAccess"] = allowGlobalAccessProp
}
labelsProp, err := expandComputeForwardingRuleLabels(d.Get("labels"), d, config)
if err != nil {
return err
Expand Down Expand Up @@ -532,6 +544,9 @@ func resourceComputeForwardingRuleRead(d *schema.ResourceData, meta interface{})
if err := d.Set("target", flattenComputeForwardingRuleTarget(res["target"], d)); err != nil {
return fmt.Errorf("Error reading ForwardingRule: %s", err)
}
if err := d.Set("allow_global_access", flattenComputeForwardingRuleAllowGlobalAccess(res["allowGlobalAccess"], d)); err != nil {
return fmt.Errorf("Error reading ForwardingRule: %s", err)
}
if err := d.Set("labels", flattenComputeForwardingRuleLabels(res["labels"], d)); err != nil {
return fmt.Errorf("Error reading ForwardingRule: %s", err)
}
Expand Down Expand Up @@ -598,6 +613,34 @@ func resourceComputeForwardingRuleUpdate(d *schema.ResourceData, meta interface{

d.SetPartial("target")
}
if d.HasChange("allow_global_access") {
obj := make(map[string]interface{})

allowGlobalAccessProp, err := expandComputeForwardingRuleAllowGlobalAccess(d.Get("allow_global_access"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("allow_global_access"); ok || !reflect.DeepEqual(v, allowGlobalAccessProp) {
obj["allowGlobalAccess"] = allowGlobalAccessProp
}

url, err := replaceVars(d, config, "{{ComputeBasePath}}projects/{{project}}/regions/{{region}}/forwardingRules/{{name}}")
if err != nil {
return err
}
res, err := sendRequestWithTimeout(config, "PATCH", project, url, obj, d.Timeout(schema.TimeoutUpdate))
if err != nil {
return fmt.Errorf("Error updating ForwardingRule %q: %s", d.Id(), err)
}

err = computeOperationWaitTime(
config, res, project, "Updating ForwardingRule",
int(d.Timeout(schema.TimeoutUpdate).Minutes()))
if err != nil {
return err
}

d.SetPartial("allow_global_access")
}
if d.HasChange("labels") || d.HasChange("label_fingerprint") {
obj := make(map[string]interface{})

Expand Down Expand Up @@ -756,6 +799,10 @@ func flattenComputeForwardingRuleTarget(v interface{}, d *schema.ResourceData) i
return ConvertSelfLinkToV1(v.(string))
}

func flattenComputeForwardingRuleAllowGlobalAccess(v interface{}, d *schema.ResourceData) interface{} {
return v
}

func flattenComputeForwardingRuleLabels(v interface{}, d *schema.ResourceData) interface{} {
return v
}
Expand Down Expand Up @@ -897,6 +944,10 @@ func expandComputeForwardingRuleTarget(v interface{}, d TerraformResourceData, c
return url + v.(string), nil
}

func expandComputeForwardingRuleAllowGlobalAccess(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
return v, nil
}

func expandComputeForwardingRuleLabels(v interface{}, d TerraformResourceData, config *Config) (map[string]string, error) {
if v == nil {
return map[string]string{}, nil
Expand Down
63 changes: 63 additions & 0 deletions google-beta/resource_compute_forwarding_rule_generated_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,69 @@ import (
"github.com/hashicorp/terraform-plugin-sdk/terraform"
)

func TestAccComputeForwardingRule_forwardingRuleGlobalInternallbExample(t *testing.T) {
t.Parallel()

context := map[string]interface{}{
"random_suffix": acctest.RandString(10),
}

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProvidersOiCS,
CheckDestroy: testAccCheckComputeForwardingRuleDestroy,
Steps: []resource.TestStep{
{
Config: testAccComputeForwardingRule_forwardingRuleGlobalInternallbExample(context),
},
},
})
}

func testAccComputeForwardingRule_forwardingRuleGlobalInternallbExample(context map[string]interface{}) string {
return Nprintf(`
// Forwarding rule for Internal Load Balancing
resource "google_compute_forwarding_rule" "default" {
provider = "google-beta"
name = "website-forwarding-rule%{random_suffix}"
region = "us-central1"
load_balancing_scheme = "INTERNAL"
backend_service = "${google_compute_region_backend_service.backend.self_link}"
all_ports = true
allow_global_access = true
network = "${google_compute_network.default.name}"
subnetwork = "${google_compute_subnetwork.default.name}"
}
resource "google_compute_region_backend_service" "backend" {
provider = "google-beta"
name = "website-backend%{random_suffix}"
region = "us-central1"
health_checks = ["${google_compute_health_check.hc.self_link}"]
}
resource "google_compute_health_check" "hc" {
provider = "google-beta"
name = "check-website-backend%{random_suffix}"
check_interval_sec = 1
timeout_sec = 1
tcp_health_check {
port = "80"
}
}
resource "google_compute_network" "default" {
provider = "google-beta"
name = "website-net%{random_suffix}"
auto_create_subnetworks = false
}
resource "google_compute_subnetwork" "default" {
provider = "google-beta"
name = "website-net%{random_suffix}"
ip_cidr_range = "10.0.0.0/16"
region = "us-central1"
network = "${google_compute_network.default.self_link}"
}
`, context)
}

func TestAccComputeForwardingRule_forwardingRuleBasicExample(t *testing.T) {
t.Parallel()

Expand Down
54 changes: 54 additions & 0 deletions website/docs/r/compute_forwarding_rule.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,55 @@ To get more information about ForwardingRule, see:
* How-to Guides
* [Official Documentation](https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules)

<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=forwarding_rule_global_internallb&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Forwarding Rule Global Internallb


```hcl
// Forwarding rule for Internal Load Balancing
resource "google_compute_forwarding_rule" "default" {
provider = "google-beta"
name = "website-forwarding-rule"
region = "us-central1"
load_balancing_scheme = "INTERNAL"
backend_service = "${google_compute_region_backend_service.backend.self_link}"
all_ports = true
allow_global_access = true
network = "${google_compute_network.default.name}"
subnetwork = "${google_compute_subnetwork.default.name}"
}
resource "google_compute_region_backend_service" "backend" {
provider = "google-beta"
name = "website-backend"
region = "us-central1"
health_checks = ["${google_compute_health_check.hc.self_link}"]
}
resource "google_compute_health_check" "hc" {
provider = "google-beta"
name = "check-website-backend"
check_interval_sec = 1
timeout_sec = 1
tcp_health_check {
port = "80"
}
}
resource "google_compute_network" "default" {
provider = "google-beta"
name = "website-net"
auto_create_subnetworks = false
}
resource "google_compute_subnetwork" "default" {
provider = "google-beta"
name = "website-net"
ip_cidr_range = "10.0.0.0/16"
region = "us-central1"
network = "${google_compute_network.default.self_link}"
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=forwarding_rule_basic&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
Expand Down Expand Up @@ -223,6 +272,11 @@ The following arguments are supported:
The forwarded traffic must be of a type appropriate to the target
object.

* `allow_global_access` -
(Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
If true, clients can access ILB from all regions.
Otherwise only allows from the local region the ILB is located at.

* `labels` -
(Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
Labels to apply to this forwarding rule. A list of key->value pairs.
Expand Down

0 comments on commit af04146

Please sign in to comment.