Merge pull request #11020 from drebes/remote_traffic_selector

provider/google: remote_traffic_selector for google_compute_vpn_tunnel

r/compute_vpn_tunnel.html.markdown

@@ -15,17 +15,25 @@ Manages a VPN Tunnel to the GCE network. For more info, read the
 
 ```js
 resource "google_compute_network" "network1" {
-  name       = "network1"
-  ipv4_range = "10.120.0.0/16"
+  name = "network1"
+}
+
+resource "google_compute_subnetwork" "subnet1" {
+  name          = "subnet1"
+  network       = "${google_compute_network.network1.self_link}"
+  ip_cidr_range = "10.120.0.0/16"
+  region        = "us-central1"
 }
 
 resource "google_compute_vpn_gateway" "target_gateway" {
   name    = "vpn1"
   network = "${google_compute_network.network1.self_link}"
+  region  = "${google_compute_subnetwork.subnet1.region}"
 }
 
 resource "google_compute_address" "vpn_static_ip" {
   name   = "vpn-static-ip"
+  region = "${google_compute_subnetwork.subnet1.region}"
 }
 
 resource "google_compute_forwarding_rule" "fr_esp" {
@@ -58,6 +66,9 @@ resource "google_compute_vpn_tunnel" "tunnel1" {
 
   target_vpn_gateway = "${google_compute_vpn_gateway.target_gateway.self_link}"
 
+  local_traffic_selector = ["${google_compute_subnetwork.subnet1.ip_cidr_range}"]
+  remote_traffic_selector = ["172.16.0.0/12"]
+
   depends_on = [
     "google_compute_forwarding_rule.fr_esp",
     "google_compute_forwarding_rule.fr_udp500",
@@ -104,6 +115,11 @@ The following arguments are supported:
     custom subnetted network. Refer to Google documentation for more
     information.
 
+* `remote_traffic_selector` - (Optional) Specifies which CIDR ranges the VPN
+    tunnel can route to the remote side. Mandatory if the VPN gateway is attached to a
+    custom subnetted network. Refer to Google documentation for more
+    information.
+
 * `project` - (Optional) The project in which the resource belongs. If it
     is not provided, the provider project is used.