Cloud Router Terraform Module

This module handles opinionated Google Cloud Platform cloud router. Optionally it can also create cloud nat

Compatibility

This module is meant for use with Terraform 1.3+ and tested using Terraform 1.3+. If you find incompatibilities using Terraform >=1.3, please open an issue.

Version

Upgrade guides:

• 5.X -> 6.0.

Usage

Basic usage of this module is as follows:

module "cloud_router" {
  source  = "terraform-google-modules/cloud-router/google"
  version = "~> 6.2"

  name    = "example-router"
  region  = "us-central1"

  bgp = {
    # The ASN (16550, 64512 - 65534, 4200000000 - 4294967294) can be any private ASN
    # not already used as a peer ASN in the same region and network or 16550 for Partner Interconnect.
    asn = "65001"
  }

  project = "<PROJECT ID>"
  network = "default"
}

Functional examples are included in the examples directory. By default logging will be enabled for Cloud NAT with filter set to All. You can disable cloud nat logging by setting parameters in nats.log_config

Inputs

Name	Description	Type	Default	Required
bgp	BGP information specific to this router.	object({ asn = string advertise_mode = optional(string, "CUSTOM") advertised_groups = optional(list(string)) advertised_ip_ranges = optional(list(object({ range = string description = optional(string) })), []) keepalive_interval = optional(number) })	null	no
description	An optional description of this resource	string	null	no
name	Name of the router	string	n/a	yes
nats	NATs to deploy on this router.	list(object({ name = string nat_ip_allocate_option = optional(string) source_subnetwork_ip_ranges_to_nat = optional(string) nat_ips = optional(list(string), []) drain_nat_ips = optional(list(string), []) min_ports_per_vm = optional(number) max_ports_per_vm = optional(number) udp_idle_timeout_sec = optional(number) icmp_idle_timeout_sec = optional(number) tcp_established_idle_timeout_sec = optional(number) tcp_transitory_idle_timeout_sec = optional(number) tcp_time_wait_timeout_sec = optional(number) enable_endpoint_independent_mapping = optional(bool) enable_dynamic_port_allocation = optional(bool) log_config = optional(object({ enable = optional(bool, true) filter = optional(string, "ALL") }), {}) subnetworks = optional(list(object({ name = string source_ip_ranges_to_nat = list(string) secondary_ip_range_names = optional(list(string)) })), []) }))	[]	no
network	A reference to the network to which this router belongs	string	n/a	yes
project	The project ID to deploy to	string	n/a	yes
region	Region where the router resides	string	n/a	yes

Outputs

Name	Description
nat	Created NATs
router	Created Router

nats

Requirements

These sections describe requirements for using this module.

Software

The following dependencies must be available:

• Terraform v1.3 and above
• Terraform Provider for GCP plugin v4.51 and above

Service Account

A service account with the following roles must be used to provision the resources of this module:

• Network Admin: roles/compute.networkAdmin

The Project Factory module and the [IAM module][iam-module] may be used in combination to provision a service account with the necessary roles applied.

APIs

A project with the following APIs enabled must be used to host the resources of this module:

• Google Cloud Compute Engine API: compute.googleapis.com

The Project Factory module can be used to provision a project with the necessary APIs enabled.

Contributing

Refer to the contribution guidelines for information on contributing to this module.