I’m having trouble with mixing modules and resources. I have a file, firewall.tf, and this file uses variables from an incoming variables.tf file to set firewall rules. Inside the file is a module which is what is consuming these variables in order to create firewall rules, the source is another repository. It’s working fine.
However, I’m being told that I also have to add a “google_compute_firewall” resource in the same firewall.tf file. This doesn’t make sense to me since the sourced repository used by the module already uses this resource to actually create the rules. I basically just create a single module, source it, pass in the variables. I’m not sure why I would need to do this, and even if I did, if my firewall.tf file contained a module, and then had the google_compute_firewall resource defined in it as well, how it would work when the incoming variables (one is a map of the rules to create) would be seen by the module and by the resource. I may just be missing something here. There are no differences between the variables sent to the module compared to the ones which would be used by declaring the resource.
I’m sorry if that’s a bit jumbled up, I can provide some code if it would help any.
That’s just a brief example, but if these were both in the the firewall.tf file, wouldn’t the same variables be used twice, once in the module, once in the resource, each time? Seems as if it would create duplicate rules.
And the var.firewall_rules is a map of the rules and isn’t really what I was aiming for help with, more of a how the heck would this work question.
Hi, “myrule” is just a placeholder, no worries The firewall already exists in a shared vpc, so the network_project_id is the name of the project where the shared vpc lives. It creates the rule there. And they want BOTH the module and the resource in the exact same file. That’s where I’m getting really confused.