KEMBAR78
GitHub - terraform-google-modules/terraform-google-cloud-router: Manages a Cloud Router on Google Cloud
Skip to content

terraform-google-modules/terraform-google-cloud-router

BranchesTags

Repository files navigation

Cloud Router Terraform Module

This module handles opinionated Google Cloud Platform cloud router. Optionally it can also create cloud nat

Compatibility

This module is meant for use with Terraform 1.3+ and tested using Terraform 1.3+. If you find incompatibilities using Terraform >=1.3, please open an issue.

Version

Upgrade guides:

Usage

Basic usage of this module is as follows:

module "cloud_router" {
  source  = "terraform-google-modules/cloud-router/google"
  version = "~> 7.3"

  name    = "example-router"
  region  = "us-central1"

  bgp = {
    # The ASN (16550, 64512 - 65534, 4200000000 - 4294967294) can be any private ASN
    # not already used as a peer ASN in the same region and network or 16550 for Partner Interconnect.
    asn = "65001"
  }

  project = "<PROJECT ID>"
  network = "default"
}

Functional examples are included in the examples directory. By default logging will be enabled for Cloud NAT with filter set to All. You can disable cloud nat logging by setting parameters in nats.log_config

Inputs

Name Description Type Default Required
bgp BGP information specific to this router. 
object({
    asn               = string
    advertise_mode    = optional(string, "CUSTOM")
    advertised_groups = optional(list(string))
    advertised_ip_ranges = optional(list(object({
      range       = string
      description = optional(string)
    })), [])
    keepalive_interval = optional(number)
  })
 null no
description An optional description of this resource string null no
encrypted_interconnect_router An optional field to indicate if a router is dedicated to use with encrypted Interconnect Attachment bool false no
name Name of the router string n/a yes
nats NATs to deploy on this router. 
list(object({
    name                                = string
    nat_ip_allocate_option              = optional(string)
    source_subnetwork_ip_ranges_to_nat  = optional(string)
    nat_ips                             = optional(list(string), [])
    drain_nat_ips                       = optional(list(string), [])
    min_ports_per_vm                    = optional(number)
    max_ports_per_vm                    = optional(number)
    udp_idle_timeout_sec                = optional(number)
    icmp_idle_timeout_sec               = optional(number)
    tcp_established_idle_timeout_sec    = optional(number)
    tcp_transitory_idle_timeout_sec     = optional(number)
    tcp_time_wait_timeout_sec           = optional(number)
    enable_endpoint_independent_mapping = optional(bool)
    enable_dynamic_port_allocation      = optional(bool)

    log_config = optional(object({
      enable = optional(bool, true)
      filter = optional(string, "ALL")
    }), {})

    subnetworks = optional(list(object({
      name                     = string
      source_ip_ranges_to_nat  = list(string)
      secondary_ip_range_names = optional(list(string))
    })), [])

  }))
 [] no
network A reference to the network to which this router belongs string n/a yes
project The project ID to deploy to string n/a yes
region Region where the router resides string n/a yes

Outputs

Name Description
nat Created NATs
router Created Router

nats

Requirements

These sections describe requirements for using this module.

Software

The following dependencies must be available:

Service Account

A service account with the following roles must be used to provision the resources of this module:

  • Network Admin: roles/compute.networkAdmin

The Project Factory module and the [IAM module][iam-module] may be used in combination to provision a service account with the necessary roles applied.

APIs

A project with the following APIs enabled must be used to host the resources of this module:

  • Google Cloud Compute Engine API: compute.googleapis.com

The Project Factory module can be used to provision a project with the necessary APIs enabled.

Contributing

Refer to the contribution guidelines for information on contributing to this module.

About

Manages a Cloud Router on Google Cloud

registry.terraform.io/modules/terraform-google-modules/cloud-router/google

Topics

networking cft-terraform

Resources

Readme

License

Apache-2.0 license

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

59 stars

Watchers

29 watching

Forks

58 forks
Report repository

Releases 24

v7.3.0 Latest
Sep 15, 2025
+ 23 releases

Packages

No packages published

Contributors 30
+ 16 contributors

Languages