File tree Expand file tree Collapse file tree 2 files changed +32
-9
lines changed
Expand file tree Collapse file tree 2 files changed +32
-9
lines changed Original file line number Diff line number Diff line change @@ -137,15 +137,20 @@ resource "random_id" "cloudnat_suffix" {
137137}
138138
139139module "cloud_nat" {
140- source = " terraform-google-modules/cloud-nat/google"
141- version = " ~> 2.2.0"
142- project_id = . project_id
143- region = . region
144- router = format (" %s-router" . project_id )
145- name = " ${ var . project_id } -cloud-nat-${ random_id . cloudnat_suffix . hex } "
146- network = . gitlab . self_link
147- create_router = true
148- min_ports_per_vm = " 2048"
140+ source = " terraform-google-modules/cloud-nat/google"
141+ version = " ~> 2.2.0"
142+ project_id = . project_id
143+ region = . region
144+ router = format (" %s-router" . project_id )
145+ name = " ${ var . project_id } -cloud-nat-${ random_id . cloudnat_suffix . hex } "
146+ network = . gitlab . self_link
147+ create_router = true
148+ # We force the endpoint independent mapping to false as described in this issue:
149+ # https://github.com/hashicorp/terraform-provider-google/issues/10609
150+ enable_endpoint_independent_mapping = false
151+ min_ports_per_vm = . cloud_nat_min_ports_per_vm
152+ log_config_enable = . cloud_nat_log_config_enable
153+ log_config_filter = . cloud_nat_log_config_filter
149154}
150155
151156resource "google_compute_firewall" "admission_webhook" {
Original file line number Diff line number Diff line change @@ -577,3 +577,21 @@ variable "gitlab_gitaly_max_unavailable" {
577577 description = " For PodDisruptionBudget, how many pods can be unavailable at one time for Gitaly StatefulSet"
578578 default = 0
579579}
580+
581+ variable "cloud_nat_min_ports_per_vm" {
582+ type = string
583+ description = " Minimum number of ports allocated to a VM from this NAT config."
584+ default = " 64"
585+ }
586+
587+ variable "cloud_nat_log_config_enable" {
588+ type = bool
589+ description = " Indicates whether or not to export logs."
590+ default = false
591+ }
592+
593+ variable "cloud_nat_log_config_filter" {
594+ type = string
595+ description = " Specifies the desired filtering of logs on this NAT. Valid values are: 'ERRORS_ONLY', 'TRANSLATIONS_ONLY', 'ALL'."
596+ default = " ALL"
597+ }
You can’t perform that action at this time.
0 commit comments