https://github.com/osinfra-io/google-cloud-networking
Infrastructure as Code (IaC) example for Google Cloud Platform networking resources.
https://github.com/osinfra-io/google-cloud-networking
google-cloud-landing-zone-platform google-cloud-platform infrastructure-as-code osinfra platform-team terraform
Last synced: 3 months ago
JSON representation
Infrastructure as Code (IaC) example for Google Cloud Platform networking resources.
- Host: GitHub
- URL: https://github.com/osinfra-io/google-cloud-networking
- Owner: osinfra-io
- License: gpl-2.0
- Created: 2022-10-01T12:15:31.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2025-03-14T03:18:11.000Z (4 months ago)
- Last Synced: 2025-03-14T04:24:48.280Z (4 months ago)
- Topics: google-cloud-landing-zone-platform, google-cloud-platform, infrastructure-as-code, osinfra, platform-team, terraform
- Language: HCL
- Homepage: https://www.osinfra.io
- Size: 507 KB
- Stars: 1
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md
Awesome Lists containing this project
README
# 
Google Cloud Platform - Networking
**[GitHub Actions](https://github.com/osinfra-io/google-cloud-networking/actions):**
[](https://github.com/osinfra-io/google-cloud-networking/actions/workflows/dependabot.yml)
**[Infracost](https://www.infracost.io):**
[](https://dashboard.infracost.io/org/osinfra-io/repos/f0cb1c98-ae8e-48c8-9cbe-8f00a8901fd7?tab=settings)
💵 Monthly estimates based on Infracost baseline costs.
## 📄 Repository Description
This repository manages networking resources like VPC, subnet, DNS, and NAT that can be shared across an organization. It aligns with our [Google Cloud landing zone platform](https://docs.osinfra.io/product-guides/google-cloud-platform/landing-zone) design. A landing zone should be a prerequisite to deploying enterprise workloads in a cloud environment.
## 🏭 Platform Information
- Documentation: [docs.osinfra.io](https://docs.osinfra.io/product-guides/google-cloud-platform/landing-zone/google-cloud-networking)
- Service Interfaces: [github.com](https://github.com/osinfra-io/google-cloud-networking/issues/new/choose)
## 
Development
Our focus is on the core fundamental practice of platform engineering, Infrastructure as Code.
>Open Source Infrastructure (as Code) is a development model for infrastructure that focuses on open collaboration and applying relative lessons learned from software development practices that organizations can use internally at scale. - [Open Source Infrastructure (as Code)](https://www.osinfra.io)
To avoid slowing down stream-aligned teams, we want to open up the possibility for contributions. The Open Source Infrastructure (as Code) model allows team members external to the platform team to contribute with only a slight increase in cognitive load. This section is for developers who want to contribute to this repository, describing the tools used, the skills, and the knowledge required, along with Terraform documentation.
See the documentation for setting up a development environment [here](https://docs.osinfra.io/fundamentals/development-setup).
### 🛠️ Tools
- [checkov](https://github.com/bridgecrewio/checkov)
- [infracost](https://github.com/infracost/infracost)
- [pre-commit](https://github.com/pre-commit/pre-commit)
- [pre-commit-terraform](https://github.com/antonbabenko/pre-commit-terraform)
- [terraform-docs](https://github.com/terraform-docs/terraform-docs)
### 📋 Skills and Knowledge
Links to documentation and other resources required to develop and iterate in this repository successfully.
- [vpc](https://cloud.google.com/vpc/docs)
- [shared-vpc](https://cloud.google.com/vpc/docs/shared-vpc)
- [subnets](https://cloud.google.com/vpc/docs/subnets)
### 📓 Terraform Documentation
#### Providers
| Name | Version |
|------|---------|
| google | 6.19.0 |
#### Modules
| Name | Source | Version |
|------|--------|---------|
| datadog | github.com/osinfra-io/terraform-datadog-google-integration | v0.3.3 |
| helpers | github.com/osinfra-io/terraform-core-helpers//root | v0.1.2 |
| private\_dns | github.com/osinfra-io/terraform-google-network//dns | v0.2.1 |
| project | github.com/osinfra-io/terraform-google-project | v0.4.5 |
| public\_dns | github.com/osinfra-io/terraform-google-network//dns | v0.2.1 |
| vpc | github.com/osinfra-io/terraform-google-network | v0.2.1 |
#### Resources
| Name | Type |
|------|------|
| [google_compute_global_address.service_network_peering_range](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_global_address) | resource |
| [google_compute_shared_vpc_service_project.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_shared_vpc_service_project) | resource |
| [google_dns_record_set.private](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_record_set) | resource |
| [google_dns_record_set.public](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_record_set) | resource |
| [google_project_iam_member.container_engine_firewall_management](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource |
| [google_project_iam_member.container_engine_service_agent_user](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource |
| [google_project_iam_member.dns_records_admins](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource |
| [google_project_iam_member.iam_admins](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource |
| [google_service_networking_connection.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_networking_connection) | resource |
#### Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| datadog\_api\_key | Datadog API key | `string` | n/a | yes |
| datadog\_app\_key | Datadog APP key | `string` | n/a | yes |
| datadog\_enable | Enable Datadog integration | `bool` | `false` | no |
| dns\_records\_admins | The set of service accounts that can administer DNS records in this project | `set(string)` | `[]` | no |
| iam\_admins | The set of service accounts that can administer IAM in this project | `set(string)` | `[]` | no |
| private\_record\_sets | Private DNS record sets | ```list(object({ name = string rrdatas = list(string) type = string ttl = number }))``` | `[]` | no |
| project\_billing\_account | The alphanumeric ID of the billing account this project belongs to | `string` | `"01C550-A2C86B-B8F16B"` | no |
| project\_cis\_2\_2\_logging\_sink\_project\_id | The CIS 2.2 logging sink benchmark project ID | `string` | n/a | yes |
| project\_folder\_id | The numeric ID of the folder this project should be created under. Only one of `org_id` or `folder_id` may be specified | `string` | n/a | yes |
| public\_record\_sets | Private DNS record sets | ```list(object({ name = string rrdatas = list(string) type = string ttl = number }))``` | `[]` | no |
| vpc\_service\_projects | The map of Kubernetes service project IDs and numbers (The number should only be added if the project is a Kubernetes service project) | ```map(object({ number = optional(number) }))``` | `{}` | no |
#### Outputs
| Name | Description |
|------|-------------|
| project\_id | The project ID |
| vpc\_name | The VPC name |
### 📓 Terraform Regional Documentation
- [regional](regional/README.md)