diff --git a/modules/regional_proxy_lb/README.md b/modules/regional_proxy_lb/README.md index 57aabce..73b367b 100644 --- a/modules/regional_proxy_lb/README.md +++ b/modules/regional_proxy_lb/README.md @@ -75,9 +75,10 @@ module "gce-lb-tcp" { | network\_project | Name of the project where the network resides. Useful for shared VPC. Default is var.project. | `string` | n/a | yes | | port\_front\_end | Port of the load balancer front end | `number` | n/a | yes | | project | The project to deploy to, if not set the default provider project is used. | `string` | `null` | no | -| proxy\_only\_subnet\_cidr | The CIDR block of the proxy only subnet | `string` | n/a | yes | +| proxy\_header | Specifies the type of proxy header to append before sending data to the backend. Default value is NONE. Possible values are: NONE, PROXY\_V1 | `string` | `"NONE"` | no | +| proxy\_only\_subnet\_cidr | The CIDR block of the proxy only subnet.This is required when create\_proxy\_only\_subnet is set to true. | `string` | `""` | no | | region | Region of the created GCP resources from this module. | `string` | n/a | yes | -| target\_tags | List of target tags to allow traffic using firewall rule. | `list(string)` | n/a | yes | +| target\_tags | List of target tags to allow traffic using firewall rule.This is required when create\_firewall\_rules is set to true. | `list(string)` | `[]` | no | ## Outputs diff --git a/modules/regional_proxy_lb/main.tf b/modules/regional_proxy_lb/main.tf index 43f3305..e1a590e 100644 --- a/modules/regional_proxy_lb/main.tf +++ b/modules/regional_proxy_lb/main.tf @@ -51,6 +51,7 @@ resource "google_compute_region_target_tcp_proxy" "default" { name = "${var.name}-proxy" project = var.project region = var.region + proxy_header = var.proxy_header backend_service = google_compute_region_backend_service.default.id } @@ -135,7 +136,7 @@ resource "google_compute_firewall" "default-hc-fw" { } resource "google_compute_firewall" "default-proxy-fw" { - count = var.create_firewall_rules ? 1 : 0 + count = var.create_firewall_rules && var.create_proxy_only_subnet ? 1 : 0 name = "${var.name}-allow-proxy" direction = "INGRESS" project = var.network_project diff --git a/modules/regional_proxy_lb/variables.tf b/modules/regional_proxy_lb/variables.tf index 838b41a..8149b58 100644 --- a/modules/regional_proxy_lb/variables.tf +++ b/modules/regional_proxy_lb/variables.tf @@ -47,8 +47,9 @@ variable "create_firewall_rules" { } variable "target_tags" { - description = "List of target tags to allow traffic using firewall rule." + description = "List of target tags to allow traffic using firewall rule.This is required when create_firewall_rules is set to true." type = list(string) + default = [] } @@ -66,7 +67,8 @@ variable "create_proxy_only_subnet" { variable "proxy_only_subnet_cidr" { type = string - description = "The CIDR block of the proxy only subnet" + default = "" + description = "The CIDR block of the proxy only subnet.This is required when create_proxy_only_subnet is set to true." } variable "port_front_end" { @@ -74,6 +76,12 @@ variable "port_front_end" { type = number } +variable "proxy_header" { + type = string + default = "NONE" + description = "Specifies the type of proxy header to append before sending data to the backend. Default value is NONE. Possible values are: NONE, PROXY_V1" +} + variable "health_check" { description = "Health check to determine whether instances are responsive and able to do work" type = object({ diff --git a/modules/regional_proxy_lb/versions.tf b/modules/regional_proxy_lb/versions.tf index 83e4bcc..08aa918 100644 --- a/modules/regional_proxy_lb/versions.tf +++ b/modules/regional_proxy_lb/versions.tf @@ -19,12 +19,12 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 3.53, < 7" + version = ">= 4.53, < 7" } google-beta = { source = "hashicorp/google-beta" - version = ">= 3.53, < 7" + version = ">= 4.53, < 7" } }