Terraform: using exportCustomRoutes when setting peering connection

terraform google-cloud-platform vpc-peering

I am trying to set-up a peering connection between 2 VPC networks.

One network (the transit one) configures static routes, and I would like to have those propagated to the peered network.

Here's an example:

...

data "google_compute_network" "transit-network" {
  project       = var.transit_project_id
  name = var.transit_network
}

resource "google_compute_network_peering" "to-transit" {
  name = "${var.project}-transit"
  network = "${google_compute_network.vpc_network.self_link}"
  peer_network = data.google_compute_network.transit-network.self_link
}

resource "google_compute_network_peering" "from-transit" {
  name = "transit-${var.project}"
  network = data.google_compute_network.transit-network.self_link
  peer_network = "${google_compute_network.vpc_network.self_link}"
}

...

I know that this is simply through the GCP console, but, I can't find a way to do it through terraform.

From the API it seems that is by using the field peering.exchangeSubnetRoutes

EDIT: I have found the solution using the google-beta provider:

resource "google_compute_network_peering" "to-transit" {
  name = "${var.project}-transit"
  provider = "google-beta"
  network = "${google_compute_network.vpc_network.self_link}"
  peer_network = data.google_compute_network.transit-network.self_link
  import_custom_routes = true
}

resource "google_compute_network_peering" "from-transit" {
  name = "transit-${var.project}"
  provider = "google-beta"
  network = data.google_compute_network.transit-network.self_link
  peer_network = "${google_compute_network.vpc_network.self_link}"
  export_custom_routes = true
}

Using the beta provider I can specify import_custom_routes and export_custom_routes


Solution 1:

Thanks! I've checked your solution on my project and it works for me with a slightly changed syntax:

resource "google_compute_network_peering" "vpc-network-to-transit-network" {
  provider             = google-beta
  name                 = "vpc-network-to-transit-network"
  network              = google_compute_network.vpc-network.self_link
  peer_network         = google_compute_network.transit-network.self_link 
  import_custom_routes = true
}

resource "google_compute_network_peering" "transit-network-to-vpc-network" {
  provider             = google-beta
  name                 = "transit-network-to-vpc-network"
  network              = google_compute_network.transit-network.self_link
  peer_network         = google_compute_network.vpc-network.self_link
  export_custom_routes = true
}

and

$ gcloud compute networks peerings list
NAME                            NETWORK          PEER_PROJECT  PEER_NETWORK     PEER_MTU  IMPORT_CUSTOM_ROUTES  EXPORT_CUSTOM_ROUTES  STATE   STATE_DETAILS
transit-network-to-vpc-network  transit-network  test-prj      vpc-network                False                 True                  ACTIVE  [2020-11-13T02:05:12.111-08:00]: Connected.
vpc-network-to-transit-network  vpc-network      test-prj      transit-network            True                  False                 ACTIVE  [2020-11-13T02:05:29.387-08:00]: Connected.

I used current version of Terraform:

$ terraform version
Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/google v3.5.0
+ provider registry.terraform.io/hashicorp/google-beta v3.47.0

Related

Hide site's real IP address like Cloudflare does?
ec2 permissions to manage only firewall access
How do I connect the Azure App service to the Local OnPremise Corporate network using ExpressRoute?
Find out which GCP project is hosting which appengine or which GCS bucket
Is it a good idea to put shared files outside public_html / root? [closed]
Memory used but not reported on Linux
Can't connect to SFTP and SSH (Google Cloud Platform)
MariaDB 10.2.35 Memory Spikes
CentOS working with older repos
Set up bridged vxlan network in linux
How can I start Windows Updates on 10 Windows 2016 servers remotely using Powershell
Gitlab on a minimal requirement Server