| access_context_manager_policy_id |
The id of the default Access Context Manager policy created in step 1-org. Can be obtained by running gcloud access-context-manager policies list --organization YOUR_ORGANIZATION_ID --format="value(name)". |
number |
n/a |
yes |
| default_region1 |
First subnet region. The shared vpc modules only configures two regions. |
string |
n/a |
yes |
| default_region2 |
Second subnet region. The shared vpc modules only configures two regions. |
string |
n/a |
yes |
| dns_enable_inbound_forwarding |
Toggle inbound query forwarding for VPC DNS. |
bool |
true |
no |
| dns_enable_logging |
Toggle DNS logging for VPC DNS. |
bool |
true |
no |
| domain |
The DNS name of peering managed zone, for instance 'example.com.'. Must end with a period. |
string |
n/a |
yes |
| enable_hub_and_spoke |
Enable Hub-and-Spoke architecture. |
bool |
false |
no |
| enable_hub_and_spoke_transitivity |
Enable transitivity via gateway VMs on Hub-and-Spoke architecture. |
bool |
false |
no |
| enable_partner_interconnect |
Enable Partner Interconnect in the environment. |
bool |
false |
no |
| firewall_enable_logging |
Toggle firewall logging for VPC Firewalls. |
bool |
true |
no |
| folder_prefix |
Name prefix to use for folders created. Should be the same in all steps. |
string |
"fldr" |
no |
| nat_bgp_asn |
BGP ASN for first NAT cloud routes. |
number |
64514 |
no |
| nat_enabled |
Toggle creation of NAT cloud router. |
bool |
false |
no |
| nat_num_addresses |
Number of external IPs to reserve for Cloud NAT. |
number |
2 |
no |
| nat_num_addresses_region1 |
Number of external IPs to reserve for first Cloud NAT. |
number |
2 |
no |
| nat_num_addresses_region2 |
Number of external IPs to reserve for second Cloud NAT. |
number |
2 |
no |
| optional_fw_rules_enabled |
Toggle creation of optional firewall rules: IAP SSH, IAP RDP and Internal & Global load balancing health check and load balancing IP ranges. |
bool |
false |
no |
| org_id |
Organization ID |
string |
n/a |
yes |
| parent_folder |
Optional - for an organization with existing projects or for development/validation. It will place all the example foundation resources under the provided folder instead of the root organization. The value is the numeric folder ID. The folder must already exist. Must be the same value used in previous step. |
string |
"" |
no |
| preactivate_partner_interconnect |
Preactivate Partner Interconnect VLAN attachment in the environment. |
bool |
false |
no |
| subnetworks_enable_logging |
Toggle subnetworks flow logging for VPC Subnetworks. |
bool |
true |
no |
| terraform_service_account |
Service account email of the account to impersonate to run Terraform. |
string |
n/a |
yes |
| windows_activation_enabled |
Enable Windows license activation for Windows workloads. |
bool |
false |
no |