Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow customizable prefix in net-vpc module PSA configs #2535

Merged
merged 3 commits into from
Aug 28, 2024
Merged

Allow customizable prefix in net-vpc module PSA configs #2535

merged 3 commits into from
Aug 28, 2024

Conversation

ludoo
Copy link
Collaborator

@ludoo ludoo commented Aug 28, 2024

Fixes #2529

juliocc
juliocc approved these changes Aug 28, 2024
View reviewed changes
Copy link
Collaborator

@juliocc juliocc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@ludoo ludoo enabled auto-merge (squash) August 28, 2024 09:14
@ludoo ludoo merged commit cecce6b into master Aug 28, 2024
18 checks passed
@ludoo ludoo deleted the ludo/issue-2529 branch August 28, 2024 09:24
@intotecho
Copy link

intotecho commented Sep 6, 2024
edited
Loading

Really appreciate this fix as it saved having to delete and rebuild network elements in use.
However, my plan is still trying to replace a psa_connection[0] with .psa_connection["servicenetworking.googleapis.com"] .

Config

module "host_network" {
  source = "../cloud-foundation-fabric/modules/net-vpc"
  project_id                      = var.network_project_id
  auto_create_subnetworks         = false
  name                            = var.network_name
  delete_default_routes_on_create = true
  description                     = var.description
  shared_vpc_host                 = var.shared_vpc
  subnets                         = var.subnets
  subnets_proxy_only              = var.subnets_proxy_only
  shared_vpc_service_projects     = var.service_project_ids
  #subnet_iam_additive             = var.subnet_iam_permissions
  psa_configs = [{
    ranges = { range-a = "10.200.0.0/16" }
    range_prefix = ""
  }]
}

Plan

module....host_network.google_service_networking_connection.psa_connection[0] will be destroyed
  # (because resource does not use count)
  - resource "google_service_networking_connection" "psa_connection" {
      - id                      = "projects%PROJECT%2Fglobal%2Fnetworks%2Fgeo-nw-uat:servicenetworking.googleapis.com" -> null
      - network                 = "projects/PROJECT/global/networks/geo-nw-uat" -> null
      - peering                 = "servicenetworking-googleapis-com" -> null
      - reserved_peering_ranges = [
          - "range-a",
        ] -> null
      - service                 = "servicenetworking.googleapis.com" -> null
    }

Apply

Unable to remove Service Networking Connection, err: Error waiting for Delete Service Networking Connection: Error code 9, message: Failed to delete connection; Producer services (e.g. CloudSQL, Cloud Memstore, etc.) are still using this connection.

I am not sure how to proceed?

@juliocc
Copy link
Collaborator

juliocc commented Sep 6, 2024

Can you share the full plan? I think that one can be fixed with a moved block.

@intotecho
Copy link

I was able to resolve this with

terraform state mv module.my_network.google_service_networking_connection.psa_connection[0]   module.my_network.google_service_networking_connection.psa_connection[\"servicenetworking.googleapis.com\"]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juliocc juliocc juliocc approved these changes

Assignees
No one assigned
Labels
on:modules
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cannot Control Private Service Access Range Name within net-vpc module
3 participants
@ludoo @intotecho @juliocc