This module allows managing a single [Service Directory](https://cloud.google.com/service-directory) namespace, including multiple services, endpoints and IAM bindings at the namespace and service levels.
It can be used in conjunction with the [DNS](../dns) module to create [service-directory based DNS zones](https://cloud.google.com/service-directory/docs/configuring-service-directory-zone, offloading IAM control of `A` and `SRV` records at the namespace or service level to Service Directory. The last examples shows how to wire the two modules together.
Wiring a service directory namespace to a private DNS zone allows querying the namespace, and delegating control of DNS records at the namespace or service level. This effectively allows fine grained ACL control of Cloud DNS zones.
| project_id | Project used for resources. | <codetitle="">string</code> | ✓ | |
| *endpoint_config* | Map of endpoint attributes, keys are in service/endpoint format. | <codetitle="map(object({ address = string port = number metadata = map(string) }))">map(object({...}))</code> | | <codetitle="">{}</code> |
| *iam_members* | IAM members for each namespace role. | <codetitle="map(list(string))">map(list(string))</code> | | <codetitle="">{}</code> |
| *iam_roles* | IAM roles for the namespace. | <codetitle="list(string)">list(string)</code> | | <codetitle="">[]</code> |
| *service_iam_members* | IAM members for each service and role. | <codetitle="map(map(list(string)))">map(map(list(string)))</code> | | <codetitle="">{}</code> |
| *service_iam_roles* | IAM roles for each service. | <codetitle="map(list(string))">map(list(string))</code> | | <codetitle="">{}</code> |
| *services* | Service configuration, using service names as keys. | <codetitle="map(object({ endpoints = list(string) metadata = map(string) }))">map(object({...}))</code> | | <codetitle="">{}</code> |