Add cloud nat submodule (#22)

* Add cloud nat submodule

* Formating, allow bring existing router

* terraform-docs: automated action

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

Author: gkocur

README.md

@@ -81,7 +81,7 @@ No requirements.
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_cloud_nat"></a> [cloud\_nat](#module\_cloud\_nat) | registry.terraform.io/terraform-google-modules/cloud-nat/google | 5.1.0 |
+| <a name="module_cloud_nat"></a> [cloud\_nat](#module\_cloud\_nat) | ./modules/cloud-nat | n/a |
 | <a name="module_network"></a> [network](#module\_network) | registry.terraform.io/terraform-google-modules/network/google | 9.1.0 |
 | <a name="module_project"></a> [project](#module\_project) | registry.terraform.io/terraform-google-modules/project-factory/google | 15.0.1 |
 | <a name="module_project_services"></a> [project\_services](#module\_project\_services) | terraform-google-modules/project-factory/google//modules/project_services | 15.0.1 |
@@ -92,7 +92,6 @@ No requirements.
 |------|------|
 | [google-beta_google_container_node_pool.pools](https://registry.terraform.io/providers/hashicorp/google-beta/latest/docs/resources/google_container_node_pool) | resource |
 | [google_artifact_registry_repository.my-repo](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/artifact_registry_repository) | resource |
-| [google_compute_address.cloud_nat_address](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_address) | resource |
 | [google_container_cluster.gke](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster) | resource |
 
 ## Inputs

examples/existing-project/main.tf

@@ -10,6 +10,7 @@ module "gke" {
   regional                    = false
   zones                       = ["europe-central2-a"]
   cluster_deletion_protection = false
+  enable_private_nodes        = true
   node_pools = {
     default-pool = {
       disk_size_gb = 50

main.tf

@@ -48,24 +48,14 @@ module "network" {
   }
 }
 
-resource "google_compute_address" "cloud_nat_address" {
-  name    = local.cloud_nat_name
-  project = local.project_id
-  region  = var.region
-  count   = var.enable_private_nodes ? 1 : 0
-}
-
 module "cloud_nat" {
-  source        = "registry.terraform.io/terraform-google-modules/cloud-nat/google"
-  version       = "5.1.0"
-  project_id    = local.project_id
-  region        = var.region
-  network       = module.network.network_name
-  create_router = true
-  router        = local.router
-  name          = local.cloud_nat_name
-  nat_ips       = [google_compute_address.cloud_nat_address.0.self_link]
-  count         = var.enable_private_nodes ? 1 : 0
+  source     = "./modules/cloud-nat"
+  project_id = local.project_id
+  region     = var.region
+  network    = module.network.network_name
+  router     = local.router
+  name       = local.cloud_nat_name
+  count      = var.enable_private_nodes ? 1 : 0
 }
 
 resource "google_container_cluster" "gke" {

modules/cloud-nat/locals.tf

@@ -0,0 +1,3 @@
+locals {
+  router = var.create_router ? google_compute_router.router[0].name : var.router
+}

modules/cloud-nat/main.tf

@@ -0,0 +1,23 @@
+resource "google_compute_router" "router" {
+  count   = var.create_router ? 1 : 0
+  name    = var.router
+  project = var.project_id
+  region  = var.region
+  network = var.network
+}
+
+resource "google_compute_address" "cloud_nat_address" {
+  name    = var.name
+  project = var.project_id
+  region  = var.region
+}
+
+resource "google_compute_router_nat" "main" {
+  project                            = var.project_id
+  region                             = var.region
+  name                               = var.name
+  router                             = local.router
+  nat_ip_allocate_option             = "MANUAL_ONLY"
+  nat_ips                            = [google_compute_address.cloud_nat_address.self_link]
+  source_subnetwork_ip_ranges_to_nat = var.source_subnetwork_ip_ranges_to_nat
+}

modules/cloud-nat/outputs.tf

@@ -0,0 +1,3 @@
+output "cloud_nat_ip" {
+  value = google_compute_address.cloud_nat_address.address
+}

modules/cloud-nat/variables.tf

@@ -0,0 +1,30 @@
+variable "create_router" {
+  type        = bool
+  default     = true
+  description = "Whether to create router or use the existing one."
+}
+variable "router" {
+  type        = string
+  description = "The name of the router to create or the existing one."
+}
+variable "project_id" {
+  type        = string
+  description = "GCP project where to create the resources."
+}
+variable "region" {
+  type        = string
+  description = "The GCP region."
+}
+variable "network" {
+  type        = string
+  description = "The VPC name."
+}
+variable "name" {
+  type        = string
+  description = "The name of the NAT router."
+}
+variable "source_subnetwork_ip_ranges_to_nat" {
+  type        = string
+  description = "How NAT should be configured per Subnetwork. Valid values include: ALL_SUBNETWORKS_ALL_IP_RANGES, ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, LIST_OF_SUBNETWORKS. Changing this forces a new NAT to be created."
+  default     = "ALL_SUBNETWORKS_ALL_IP_RANGES"
+}

outputs.tf

@@ -43,7 +43,7 @@ output "gke_zones" {
   description = "List of zones where the cluster lives"
 }
 output "nat_ip" {
-  value       = google_compute_address.cloud_nat_address.*.address
+  value       = module.cloud_nat.*.cloud_nat_ip
   description = "The IP address allocated for NAT"
 }
 output "subnetwork_name" {