A comprehensive Terraform module for creating and managing networking resources on Google Cloud Platform (GCP). This module provides a complete networking setup including VPC networks, subnets, Cloud NAT, firewall rules, routes, and VPC Flow Logs.

• VPC Network: Custom VPC networks with configurable routing modes
• Subnets: Multiple subnets across regions with secondary IP ranges
• Cloud NAT: Optional Cloud NAT with customizable router configuration
• Firewall Rules: Flexible firewall rule definitions with support for INGRESS/EGRESS
• Routes: Custom routing tables with multiple next-hop options
• VPC Flow Logs: Network monitoring with configurable sampling and aggregation
• Modular Design: Clean separation of concerns with individual modules

module "networking" { source = "github.com/your-username/gcp-networking-module" project_id = "my-project" region = "us-central1" network_name = "my-vpc" subnets = [ { name = "subnet-01" ip_cidr_range = "10.10.10.0/24" region = "us-central1" } ] create_nat = true enable_flow_logs = true }

This module creates a fully managed networking infrastructure in GCP with the following components:

1. VPC Network: The foundational network container
2. Subnets: Regional subnets with optional secondary IP ranges
3. Cloud NAT: Provides internet access for private instances
4. Firewall Rules: Controls traffic flow based on protocols, ports, and tags
5. Routes: Defines network paths and next-hop destinations
6. VPC Flow Logs: Monitors and logs network flows for analysis

module "networking" { source = "./modules/networking" project_id = "my-project" region = "us-central1" network_name = "basic-vpc" subnets = [ { name = "web-subnet" ip_cidr_range = "10.0.0.0/24" region = "us-central1" }, { name = "db-subnet" ip_cidr_range = "10.0.1.0/24" region = "us-central1" } ] }

module "networking" { source = "./modules/networking" project_id = "my-project" region = "us-central1" network_name = "advanced-vpc" subnets = [ { name = "prod-subnet" ip_cidr_range = "10.0.0.0/24" region = "us-central1" secondary_ip_ranges = [ { range_name = "pods" ip_cidr_range = "10.1.0.0/16" } ] } ] create_nat = true nat_name = "prod-nat" firewall_rules = [ { name = "allow-ssh" description = "Allow SSH access" direction = "INGRESS" ranges = ["0.0.0.0/0"] allow = [ { protocol = "tcp" ports = ["22"] } ] target_tags = ["ssh"] } ] }

. ├── main.tf # Main configuration ├── variables.tf # Input variables ├── outputs.tf # Output definitions ├── versions.tf # Provider versions ├── modules/ │ ├── vpc/ # VPC and subnet resources │ ├── nat/ # Cloud NAT configuration │ ├── firewall/ # Firewall rule management │ ├── routes/ # Custom route definitions │ └── flow-logs/ # VPC Flow Logs setup └── examples/ └── complete/ # Complete example configuration 

• Terraform >= 1.0.0
• Google Provider >= 4.0.0
• Google Beta Provider >= 4.0.0

git clone https://github.com/your-username/gcp-networking-module.git cd gcp-networking-module # Initialize Terraform terraform init # Review the plan terraform plan # Apply the configuration terraform apply

1. Subnet Design: Use appropriate CIDR ranges to avoid IP conflicts
2. NAT Configuration: Enable NAT for private instances that need internet access
3. Firewall Rules: Follow the principle of least privilege
4. Flow Logs: Enable for network troubleshooting and security monitoring
5. Tagging: Use consistent tags for resource organization

Check the examples/ directory for complete working examples:

• examples/complete/: Full-featured configuration with all components

To run tests:

cd examples/complete terraform init terraform plan

• Thanks to the Terraform community
• Built following GCP best practices

• GCP VPC Documentation
• Terraform Google Provider Documentation
• Cloud NAT Documentation

Made with ❤️ for the cloud community