From bc33e125de9148328ce0bf36684591f4915b542b Mon Sep 17 00:00:00 2001 From: Matt Moore Date: Sat, 9 Dec 2023 18:28:02 -0800 Subject: [PATCH] Add a route to the internet gateway. This appears to be necessary to access Google services even with the bit set on the subnets. Signed-off-by: Matt Moore --- networking/README.md | 1 + networking/main.tf | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/networking/README.md b/networking/README.md index 6bbc12aa..ec6ed2b2 100644 --- a/networking/README.md +++ b/networking/README.md @@ -46,6 +46,7 @@ No modules. | Name | Type | |------|------| | [google_compute_network.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_network) | resource | +| [google_compute_route.egress-inet](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_route) | resource | | [google_compute_subnetwork.regional](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork) | resource | | [google_dns_managed_zone.cloud-run-internal](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone) | resource | | [google_dns_managed_zone.private-google-apis](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone) | resource | diff --git a/networking/main.tf b/networking/main.tf index 3487816e..88a96487 100644 --- a/networking/main.tf +++ b/networking/main.tf @@ -7,6 +7,15 @@ resource "google_compute_network" "this" { delete_default_routes_on_create = true } +// Create a default route to the Internet. +resource "google_compute_route" "egress-inet" { + name = var.name + network = google_compute_network.this.name + + dest_range = "0.0.0.0/0" + next_hop_gateway = "default-internet-gateway" +} + // Create regional subnets in each of the specified regions, // which we will use to operate Cloud Run services. resource "google_compute_subnetwork" "regional" {