diff --git a/main.tf b/main.tf index 41f8d54..5b05442 100644 --- a/main.tf +++ b/main.tf @@ -23,6 +23,8 @@ module "hub_network" { cidr = var.hub.cidr region = var.hub.region }] + + nat = true } module "spoke_network" { @@ -36,6 +38,8 @@ module "spoke_network" { region = var.spoke.region } ] + + nat = true } module "hub_to_spoke_peering" { @@ -61,7 +65,7 @@ module "hub_to_spoke_peering" { ] } -module "vm-hub" { +module "vm_hub" { source = "./modules/linux-vm" name = "vm-${var.hub.name}" @@ -72,7 +76,7 @@ module "vm-hub" { depends_on = [module.hub_network] } -module "vm-spoke" { +module "vm_spoke" { source = "./modules/linux-vm" name = "vm-${var.spoke.name}" diff --git a/modules/network/main.tf b/modules/network/main.tf index f97d81f..06792d1 100644 --- a/modules/network/main.tf +++ b/modules/network/main.tf @@ -15,6 +15,7 @@ resource "google_compute_subnetwork" "subnet" { # Cloud NAT resource "google_compute_router" "cr" { + count = var.nat ? 1 : 0 name = "${var.name}-router" network = var.name @@ -22,8 +23,9 @@ resource "google_compute_router" "cr" { } resource "google_compute_router_nat" "nat" { + count = var.nat ? 1 : 0 name = "${var.name}-nat" - router = google_compute_router.cr.name + router = google_compute_router.cr[0].name nat_ip_allocate_option = "AUTO_ONLY" source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" enable_dynamic_port_allocation = true diff --git a/modules/network/variables.tf b/modules/network/variables.tf index 40d017a..428123e 100644 --- a/modules/network/variables.tf +++ b/modules/network/variables.tf @@ -18,3 +18,9 @@ variable "subnets" { error_message = "The region for the first subnet must be specified." } } + +variable "nat" { + description = "Enable Cloud NAT for the network." + type = bool + default = false +}