vpc peering from gitlab-analysis to gitlab-prod, postgres port on one subnet

parent 2d22a70c
......@@ -46,29 +46,27 @@ data "google_iam_policy" "dr-sa-access" {
#
#################################
resource "google_compute_network_peering" "peering-gitlab-analysis" {
name = "peering-gitlab-analysis"
network = "${var.network_env}"
peer_network = "https://www.googleapis.com/compute/v1/projects/gitlab-analysis/global/networks/default"
}
#resource "google_compute_network_peering" "peering-gitlab-analysis" {
# name = "peering-gitlab-analysis"
# network = "${var.network_env}"
# peer_network = "https://www.googleapis.com/compute/v1/projects/gitlab-analysis/global/networks/default"
#}
#
#resource "google_compute_firewall" "allow-postgres-gitlab-analysis" {
# name = "allow-postgres-gitlab-analysis"
# description = "allow gitlab-analysis default network to access gprd network"
# network = "${var.network_env}"
#
# source_ranges = [
# "10.138.0.0/20", # only from us-west-1 default subnet
# ]
#
# target_tags = [
# "postgres-dr-archive",
# ]
#
# allow {
# protocol = "tcp"
# ports = ["5432"]
# }
#}
resource "google_compute_firewall" "allow-postgres-gitlab-analysis" {
name = "allow-postgres-gitlab-analysis"
description = "allow gitlab-analysis default network to access gprd network"
network = "${var.network_env}"
source_ranges = [
"10.138.0.0/20", # only from us-west1 default subnet
]
target_tags = [
"postgres-dr-archive",
]
allow {
protocol = "tcp"
ports = ["5432"]
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment