/** * Copyright 2023 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ locals { } # This block is a replicate from https://github.com/terraform-google-modules/terraform-google-lb-http/blob/v9.0.0/modules/serverless_negs/main.tf resource "google_compute_backend_service" "default" { provider = google-beta for_each = var.backends project = var.project name = "${var.name}-backend-${each.key}" load_balancing_scheme = var.load_balancing_scheme port_name = lookup(each.value, "port_name", "http") protocol = lookup(each.value, "protocol", "HTTP") description = lookup(each.value, "description", null) connection_draining_timeout_sec = lookup(each.value, "connection_draining_timeout_sec", null) enable_cdn = lookup(each.value, "enable_cdn", false) compression_mode = lookup(each.value, "compression_mode", "DISABLED") custom_request_headers = lookup(each.value, "custom_request_headers", []) custom_response_headers = lookup(each.value, "custom_response_headers", []) session_affinity = lookup(each.value, "session_affinity", null) affinity_cookie_ttl_sec = lookup(each.value, "affinity_cookie_ttl_sec", null) # # To achieve a null backend edge_security_policy, set each.value.edge_security_policy to "" (empty string), otherwise, it fallsback to var.edge_security_policy. # edge_security_policy = lookup(each.value, "edge_security_policy") == "" ? null : (lookup(each.value, "edge_security_policy") == null ? var.edge_security_policy : each.value.edge_security_policy) # # To achieve a null backend security_policy, set each.value.security_policy to "" (empty string), otherwise, it fallsback to var.security_policy. # security_policy = lookup(each.value, "security_policy") == "" ? null : (lookup(each.value, "security_policy") == null ? var.security_policy : each.value.security_policy) dynamic "backend" { for_each = toset(each.value["groups"]) content { description = lookup(backend.value, "description", null) group = lookup(backend.value, "group") } } dynamic "log_config" { for_each = lookup(lookup(each.value, "log_config", {}), "enable", true) ? [1] : [] content { enable = lookup(lookup(each.value, "log_config", {}), "enable", true) sample_rate = lookup(lookup(each.value, "log_config", {}), "sample_rate", "1.0") } } dynamic "iap" { for_each = lookup(lookup(each.value, "iap_config", {}), "enable", false) ? [1] : [] content { oauth2_client_id = lookup(lookup(each.value, "iap_config", {}), "oauth2_client_id", "") oauth2_client_secret = lookup(lookup(each.value, "iap_config", {}), "oauth2_client_secret", "") } } dynamic "cdn_policy" { for_each = each.value.enable_cdn ? [1] : [] content { cache_mode = each.value.cdn_policy.cache_mode signed_url_cache_max_age_sec = each.value.cdn_policy.signed_url_cache_max_age_sec default_ttl = each.value.cdn_policy.default_ttl max_ttl = each.value.cdn_policy.max_ttl client_ttl = each.value.cdn_policy.client_ttl negative_caching = each.value.cdn_policy.negative_caching serve_while_stale = each.value.cdn_policy.serve_while_stale dynamic "negative_caching_policy" { for_each = each.value.cdn_policy.negative_caching_policy != null ? [1] : [] content { code = each.value.cdn_policy.negative_caching_policy.code ttl = each.value.cdn_policy.negative_caching_policy.ttl } } dynamic "cache_key_policy" { for_each = each.value.cdn_policy.cache_key_policy != null ? [1] : [] content { include_host = each.value.cdn_policy.cache_key_policy.include_host include_protocol = each.value.cdn_policy.cache_key_policy.include_protocol include_query_string = each.value.cdn_policy.cache_key_policy.include_query_string query_string_blacklist = each.value.cdn_policy.cache_key_policy.query_string_blacklist query_string_whitelist = each.value.cdn_policy.cache_key_policy.query_string_whitelist include_http_headers = each.value.cdn_policy.cache_key_policy.include_http_headers include_named_cookies = each.value.cdn_policy.cache_key_policy.include_named_cookies } } } } }