From 5b0c5d33ebad4528fa64bd379237fd84d3d51b36 Mon Sep 17 00:00:00 2001
From: Slawomir Koszewski <slawek@koszewscy.waw.pl>
Date: Mon, 31 Mar 2025 10:29:07 +0200
Subject: [PATCH] Added option to enable or disable Cloud NAT.

---
 main.tf                      | 8 ++++++--
 modules/network/main.tf      | 4 +++-
 modules/network/variables.tf | 6 ++++++
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/main.tf b/main.tf
index 41f8d54..5b05442 100644
--- a/main.tf
+++ b/main.tf
@@ -23,6 +23,8 @@ module "hub_network" {
     cidr   = var.hub.cidr
     region = var.hub.region
   }]
+
+  nat = true
 }
 
 module "spoke_network" {
@@ -36,6 +38,8 @@ module "spoke_network" {
       region = var.spoke.region
     }
   ]
+
+  nat = true
 }
 
 module "hub_to_spoke_peering" {
@@ -61,7 +65,7 @@ module "hub_to_spoke_peering" {
   ]
 }
 
-module "vm-hub" {
+module "vm_hub" {
   source = "./modules/linux-vm"
 
   name         = "vm-${var.hub.name}"
@@ -72,7 +76,7 @@ module "vm-hub" {
   depends_on = [module.hub_network]
 }
 
-module "vm-spoke" {
+module "vm_spoke" {
   source = "./modules/linux-vm"
 
   name         = "vm-${var.spoke.name}"
diff --git a/modules/network/main.tf b/modules/network/main.tf
index f97d81f..06792d1 100644
--- a/modules/network/main.tf
+++ b/modules/network/main.tf
@@ -15,6 +15,7 @@ resource "google_compute_subnetwork" "subnet" {
 
 # Cloud NAT
 resource "google_compute_router" "cr" {
+  count   = var.nat ? 1 : 0
   name    = "${var.name}-router"
   network = var.name
 
@@ -22,8 +23,9 @@ resource "google_compute_router" "cr" {
 }
 
 resource "google_compute_router_nat" "nat" {
+  count                              = var.nat ? 1 : 0
   name                               = "${var.name}-nat"
-  router                             = google_compute_router.cr.name
+  router                             = google_compute_router.cr[0].name
   nat_ip_allocate_option             = "AUTO_ONLY"
   source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
   enable_dynamic_port_allocation     = true
diff --git a/modules/network/variables.tf b/modules/network/variables.tf
index 40d017a..428123e 100644
--- a/modules/network/variables.tf
+++ b/modules/network/variables.tf
@@ -18,3 +18,9 @@ variable "subnets" {
     error_message = "The region for the first subnet must be specified."
   }
 }
+
+variable "nat" {
+  description = "Enable Cloud NAT for the network."
+  type        = bool
+  default     = false
+}