Jojoooo1

module "gke" {
  source  = "terraform-google-modules/kubernetes-engine/google//modules/private-cluster"
  version = "29.0.0"

  project_id = var.project_id
  name       = local.gke_name

  # Update to regional for production (zonal is used for improved cost management)
  # region     = var.region
  regional = false

Jojoooo1

terraform {
  required_version = ">= 1.5.7"

  backend "gcs" {
    bucket = "<your-bucket-name>"
    prefix = "terraform/state/k8s/dev"
  }

  required_providers {
    google = {

Jojoooo1

module "static_ip_global_ingress_argo" {
  source  = "terraform-google-modules/address/google"
  version = "3.1.3"

  project_id   = var.project_id
  region       = var.region
  address_type = "EXTERNAL"
  global       = true

  # Warning: do not update naming convention or it will break the GKE Ingresses annotations:

Jojoooo1

module "static_ip_regional_ingress_nginx" {
  source  = "terraform-google-modules/address/google"
  version = "3.1.3"

  project_id   = var.project_id
  region       = var.region
  address_type = "EXTERNAL"
  global       = false

  names = [

Jojoooo1

terraform {
  required_version = ">= 1.5.7"

  backend "gcs" {
    bucket = "<your-bucket-name>"
    prefix = "terraform/state/ips"
  }

  required_providers {
    google = {

Jojoooo1

/******************************************
  Bastion host
  SSH: gcloud compute ssh --project="<your-project>" --zone="us-east1-b" bastion-host-dev --tunnel-through-iap
  SQL: gcloud compute ssh --project="<your-project>" --zone="us-east1-b" bastion-host-dev --tunnel-through-iap -- '/usr/local/bin/cloud_sql_proxy --private-ip --address 0.0.0.0 <your-connection-name>' 
  GKE: gcloud compute ssh --project="<your-project>" --zone="us-east1-b" bastion-host-dev --tunnel-through-iap -- -L8888:127.0.0.1:8888
 *****************************************/
module "bastion_with_iap" {
  source  = "terraform-google-modules/bastion-host/google"
  version = "6.0.0"

Jojoooo1

terraform {
  required_version = ">= 1.5.7"

  backend "gcs" {
    bucket = "<your-bucket-name>"
    prefix = "terraform/state/vm/bastion"
  }

  required_providers {
    google = {

Jojoooo1

#!/bin/bash
set -e

unset GTK_PATH # needed if using VSCode

HOST_PROJECT_ID="$1"
SERVICE_PROJECT_ID="$2"

[[ ! -x "$(command -v gcloud)" ]] && printf "gcloud not found, you need to install gcloud" && exit 1
[[ -z "${HOST_PROJECT_ID}" ]] && printf "HOST_PROJECT_ID is not set \nPlease start scripts as follow: ./connect-k8s.sh project-shared-host project-service-test" && exit 1

Jojoooo1

resource "google_iap_brand" "project_brand" {
  project = var.project_id

  application_title = "Cloud Diplomats internal"
  support_email     = "[email protected]"
}

# Note: You can also create the oauth2 client manually with the following redirect uri: https://iap.googleapis.com/v1/oauth/clientIds/CLIENT_ID:handleRedirect
resource "google_iap_client" "iap_internal_client_dev" {
  brand        = google_iap_brand.project_brand.id

Jojoooo1

module "dns_public_zone" {
  source  = "terraform-google-modules/cloud-dns/google"
  version = "5.1.1"

  project_id = var.project_id
  type       = "public"

  name        = var.dns_name
  domain      = var.dns_domain
  description = "DNS zone for ${var.dns_name} managed by Terraform"