Expose filtered CIDRs ranges for default domains #9326
Conversation
bpineau
changed the title
bpineau
force-pushed
the
bp/default-domains-ranges
branch
from
c56f00a
to
58f3dce
Compare
Per https://cloud.google.com/vpc/docs/configure-private-google-access#ip-addr-defaults : > The IP addresses used by the default domains for Google APIs and services fit within > the list of ranges computed by taking away all ranges in cloud.json from those in > goog.json. The following example shows you how to get this range using Python. `terraform-provider-google` was offering access to both `goog.json` (`google-netblocks`) and `cloud.json` (`cloud-netblocks`) but not to that useful subset of addresses in goog.json but not in cloud.json, which is hard to process otherwise (using only terraform native transforms). This mirrors the above doc's python script's behavior.
bpineau
force-pushed
the
bp/default-domains-ranges
branch
from
58f3dce
to
ccf95c9
Compare
|
This looks pretty good! The only thing I'm hesitant about is adding the dependency on another repo. Is there a way to replicate that behavior without the external dependency? If not I'll likely approve this, but it will take me a little bit to upstream to preserve it between this repo and the beta provider |
|
Hi, Is there any follow up for this PR? We stumbled across a problem that requires set of filtered CIDRs ranges for GCP default domains. If needed, I would like to provide support that needed to make this PR accepted. Looking at the dependency that needed for this PR, it looks like https://github.com/go-netaddr/netaddr is not maintained anymore? |
|
No follow up, and I'm going to close this PR for now as it's been so long. My only concern for this PR in general was the dependency, and we probably shouldn't use it if it's not maintained. |
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Per https://cloud.google.com/vpc/docs/configure-private-google-access#ip-addr-defaults :
terraform-provider-googlewas offering access to bothgoog.json(
google-netblocks) andcloud.json(cloud-netblocks) but not tothat useful subset of addresses in goog.json but not in cloud.json,
which is hard to process otherwise (using only terraform native transforms).
This mirrors the above doc's python script's behavior.
The "default domains" name comes straight from the documentation linked above,
but I'm not sure if that the best choice here?