graphql-engine/server/test-manual/alloydb/network.tf

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

48 lines
1.4 KiB
Terraform
Raw Normal View History

# AlloyDB requires a dedicated virtual private network.
resource "google_compute_network" "default" {
name = "${var.name}-testing-alloydb-network"
}
resource "google_compute_global_address" "private_ip_alloc" {
name = "${var.name}-testing-alloydb-cluster"
address_type = "INTERNAL"
purpose = "VPC_PEERING"
prefix_length = 16
network = google_compute_network.default.id
}
resource "google_service_networking_connection" "default" {
network = google_compute_network.default.id
service = "servicenetworking.googleapis.com"
reserved_peering_ranges = [google_compute_global_address.private_ip_alloc.name]
}
# Allows instances with the tag "ssh" to expose port 22.
resource "google_compute_firewall" "ssh" {
name = "${var.name}-testing-alloydb-allow-ssh"
allow {
ports = ["22"]
protocol = "tcp"
}
direction = "INGRESS"
network = google_compute_network.default.id
priority = 1000
source_ranges = ["0.0.0.0/0"]
target_tags = ["ssh"]
}
# Allows instances with the tag "postgres" to expose port 5432.
resource "google_compute_firewall" "postgres" {
name = "${var.name}-testing-alloydb-allow-postgres"
allow {
ports = ["5432"]
protocol = "tcp"
}
direction = "INGRESS"
network = google_compute_network.default.id
priority = 1000
source_ranges = ["0.0.0.0/0"]
target_tags = ["postgres"]
}