It seems the following resource: "google_compute_firewall" "allow-ssh-from-bastion-to-webservers"
name/reference is wrong, and should be: "allow-ssh-from-bastion-to-webservers".
Also, your diagram shows web connection to your private subnetwork, why?
- Private subnetworks should not be exposed to external connections.
- It might be a mistake, since I could not find such a configuration, though I might have missed such
It seems the following resource: "google_compute_firewall" "allow-ssh-from-bastion-to-webservers"
name/reference is wrong, and should be: "allow-ssh-from-bastion-to-webservers".
Also, your diagram shows web connection to your private subnetwork, why?