zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Checklist attribution bucket (#2000)

This commit is contained in:
Ludovico Magnocavallo 2024-01-23 12:32:14 +01:00 committed by GitHub
parent 0ef7ee4670
commit 070584ae74
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 131 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fast/stages/0-bootstrap/README.md
View File

@ -578,7 +578,7 @@ The `fast_features` variable consists of 4 toggles:
|---|---|---|---|
| [automation.tf](./automation.tf) | Automation project and resources. | <code>gcs</code> · <code>iam-service-account</code> · <code>project</code> | |
| [billing.tf](./billing.tf) | Billing export project and dataset. | <code>bigquery-dataset</code> · <code>project</code> | <code>google_billing_account_iam_member</code> |
| [checklist.tf](./checklist.tf) | None | | |
| [checklist.tf](./checklist.tf) | None | <code>gcs</code> | <code>google_storage_bucket_object</code> |
| [cicd.tf](./cicd.tf) | Workload Identity Federation configurations for CI/CD. | <code>iam-service-account</code> · <code>source-repository</code> | |
| [identity-providers.tf](./identity-providers.tf) | Workload Identity Federation provider definitions. | | <code>google_iam_workload_identity_pool</code> · <code>google_iam_workload_identity_pool_provider</code> |
| [log-export.tf](./log-export.tf) | Audit log project and sink. | <code>bigquery-dataset</code> · <code>gcs</code> · <code>logging-bucket</code> · <code>project</code> · <code>pubsub</code> | |

33
fast/stages/0-bootstrap/checklist.tf
View File

@ -85,6 +85,11 @@ locals {
]))
location = try(local._cl_data.logging.sinks[0].destination.location, null)
}
uses_checklist = (
var.factories_config.checklist_data != null
||
var.factories_config.checklist_org_iam != null
)
}
check "checklist" {
@ -120,3 +125,31 @@ check "checklist" {
error_message = "Checklist org IAM organization id mismatch, file ignored."
}
}
# checklist files bucket
module "automation-tf-checklist-gcs" {
source = "../../../modules/gcs"
count = local.uses_checklist ? 1 : 0
project_id = module.automation-project.project_id
name = "iac-core-checklist-0"
prefix = local.prefix
location = local.locations.gcs
storage_class = local.gcs_storage_class
versioning = true
depends_on = [module.organization]
}
resource "google_storage_bucket_object" "checklist_data" {
count = var.factories_config.checklist_data != null ? 1 : 0
bucket = module.automation-tf-checklist-gcs.0.name
name = "checklist/data.tfvars.json"
source = var.factories_config.checklist_data
}
resource "google_storage_bucket_object" "checklist_org_iam" {
count = var.factories_config.checklist_org_iam != null ? 1 : 0
bucket = module.automation-tf-checklist-gcs.0.name
name = "checklist/org-iam.tfvars.json"
source = var.factories_config.checklist_org_iam
}

12
tests/fast/stages/s0_bootstrap/checklist.yaml
View File

@ -305,9 +305,9 @@ values:
member: group:gcp-security-admins@fast.example.com
org_id: '123456789012'
role: roles/logging.privateLogViewer
? module.organization.google_organization_iam_member.bindings["roles/monitoring.admin-group:gcp-monitoring-admins@fast-onboarding-0.joonix.net"]
? module.organization.google_organization_iam_member.bindings["roles/monitoring.admin-group:gcp-monitoring-admins@fast.example.com"]
: condition: []
member: group:gcp-monitoring-admins@fast-onboarding-0.joonix.net
member: group:gcp-monitoring-admins@fast.example.com
org_id: '123456789012'
role: roles/monitoring.admin
? module.organization.google_organization_iam_member.bindings["roles/orgpolicy.policyAdmin-group:gcp-organization-admins@fast.example.com"]
@ -372,12 +372,12 @@ counts:
google_project_service_identity: 3
google_service_account: 4
google_service_account_iam_binding: 2
google_storage_bucket: 3
google_storage_bucket: 4
google_storage_bucket_iam_binding: 2
google_storage_bucket_iam_member: 4
google_storage_bucket_object: 7
google_storage_bucket_object: 9
google_storage_project_service_account: 3
google_tags_tag_key: 1
google_tags_tag_value: 1
modules: 15
resources: 174
modules: 16
resources: 177

58
tests/fast/stages/s0_bootstrap/data/checklist-data.json
View File

@ -402,7 +402,7 @@
},
"access_control": [
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -414,7 +414,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -426,7 +426,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -438,7 +438,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -450,7 +450,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -462,7 +462,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -474,7 +474,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -486,7 +486,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -498,7 +498,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -510,7 +510,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -522,7 +522,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -534,7 +534,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -546,7 +546,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -558,7 +558,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -570,7 +570,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -582,7 +582,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -594,7 +594,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -606,7 +606,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -618,7 +618,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -630,7 +630,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -642,7 +642,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -654,7 +654,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -666,7 +666,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -678,7 +678,7 @@
}
},
{
"principal": "group:gcp-developers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-developers@fast.example.com",
"group_id": "DEVELOPERS",
"role": [
"roles/compute.instanceAdmin.v1",
@ -690,7 +690,7 @@
}
},
{
"principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-logging-viewers@fast.example.com",
"group_id": "LOGGING_VIEWERS",
"role": [
"roles/logging.viewer",
@ -700,11 +700,11 @@
],
"resource": {
"type": "ORGANIZATION",
"id": "656131167402"
"id": "123456789012"
}
},
{
"principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-logging-viewers@fast.example.com",
"group_id": "LOGGING_VIEWERS",
"role": [
"roles/logging.viewer",
@ -718,7 +718,7 @@
}
},
{
"principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net",
"principal": "group:gcp-logging-viewers@fast.example.com",
"group_id": "LOGGING_VIEWERS",
"role": [
"roles/logging.viewer",
@ -731,7 +731,7 @@
}
},
{
"principal": "group:gcp-security-admins@fast-onboarding-0.joonix.net",
"principal": "group:gcp-security-admins@fast.example.com",
"group_id": "SECURITY_ADMINS",
"role": [
"roles/bigquery.dataViewer"

28
tests/fast/stages/s0_bootstrap/data/checklist-org-iam.json
View File

@ -7,7 +7,7 @@
},
"iam_bindings": [
{
"principal": "group:gcp-organization-admins@fast-onboarding-0.joonix.net",
"principal": "group:gcp-organization-admins@fast.example.com",
"group_id": "ORG_ADMINS",
"role": [
"roles/storage.objectAdmin",
@ -21,11 +21,11 @@
],
"resource": {
"type": "ORGANIZATION",
"id": "656131167402"
"id": "123456789012"
}
},
{
"principal": "group:gcp-billing-admins@fast-onboarding-0.joonix.net",
"principal": "group:gcp-billing-admins@fast.example.com",
"group_id": "BILLING_ADMINS",
"role": [
"roles/billing.admin",
@ -34,11 +34,11 @@
],
"resource": {
"type": "ORGANIZATION",
"id": "656131167402"
"id": "123456789012"
}
},
{
"principal": "group:gcp-network-admins@fast-onboarding-0.joonix.net",
"principal": "group:gcp-network-admins@fast.example.com",
"group_id": "NETWORK_ADMINS",
"role": [
"roles/compute.networkAdmin",
@ -48,33 +48,33 @@
],
"resource": {
"type": "ORGANIZATION",
"id": "656131167402"
"id": "123456789012"
}
},
{
"principal": "group:gcp-logging-admins@fast-onboarding-0.joonix.net",
"principal": "group:gcp-logging-admins@fast.example.com",
"group_id": "LOGGING_ADMINS",
"role": [
"roles/logging.admin"
],
"resource": {
"type": "ORGANIZATION",
"id": "656131167402"
"id": "123456789012"
}
},
{
"principal": "group:gcp-monitoring-admins@fast-onboarding-0.joonix.net",
"principal": "group:gcp-monitoring-admins@fast.example.com",
"group_id": "MONITORING_ADMINS",
"role": [
"roles/monitoring.admin"
],
"resource": {
"type": "ORGANIZATION",
"id": "656131167402"
"id": "123456789012"
}
},
{
"principal": "group:gcp-security-admins@fast-onboarding-0.joonix.net",
"principal": "group:gcp-security-admins@fast.example.com",
"group_id": "SECURITY_ADMINS",
"role": [
"roles/orgpolicy.policyAdmin",
@ -89,18 +89,18 @@
],
"resource": {
"type": "ORGANIZATION",
"id": "656131167402"
"id": "123456789012"
}
},
{
"principal": "group:gcp-devops@fast-onboarding-0.joonix.net",
"principal": "group:gcp-devops@fast.example.com",
"group_id": "DEVOPS",
"role": [
"roles/resourcemanager.folderViewer"
],
"resource": {
"type": "ORGANIZATION",
"id": "656131167402"
"id": "123456789012"
}
}
]

96
tests/fast/stages/s1_resman/checklist.yaml
View File

@ -71,12 +71,12 @@ values:
? module.checklist-folder-3["Department 1/Team 1/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 1/Team 1/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 1/Team 1/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -84,12 +84,12 @@ values:
? module.checklist-folder-3["Department 1/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 1/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 1/Team 1/Production"].google_folder.folder[0]:
display_name: Production
@ -100,12 +100,12 @@ values:
? module.checklist-folder-3["Department 1/Team 2/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 1/Team 2/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 1/Team 2/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -113,12 +113,12 @@ values:
? module.checklist-folder-3["Department 1/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 1/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 1/Team 2/Production"].google_folder.folder[0]:
display_name: Production
@ -129,12 +129,12 @@ values:
? module.checklist-folder-3["Department 1/Team 3/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 1/Team 3/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 1/Team 3/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -142,12 +142,12 @@ values:
? module.checklist-folder-3["Department 1/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 1/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 1/Team 3/Production"].google_folder.folder[0]:
display_name: Production
@ -158,12 +158,12 @@ values:
? module.checklist-folder-3["Department 1/Team 4/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 1/Team 4/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 1/Team 4/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -171,12 +171,12 @@ values:
? module.checklist-folder-3["Department 1/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 1/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 1/Team 4/Production"].google_folder.folder[0]:
display_name: Production
@ -187,12 +187,12 @@ values:
? module.checklist-folder-3["Department 2/Team 1/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 2/Team 1/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 2/Team 1/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -200,12 +200,12 @@ values:
? module.checklist-folder-3["Department 2/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 2/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 2/Team 1/Production"].google_folder.folder[0]:
display_name: Production
@ -216,12 +216,12 @@ values:
? module.checklist-folder-3["Department 2/Team 2/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 2/Team 2/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 2/Team 2/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -229,12 +229,12 @@ values:
? module.checklist-folder-3["Department 2/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 2/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 2/Team 2/Production"].google_folder.folder[0]:
display_name: Production
@ -245,12 +245,12 @@ values:
? module.checklist-folder-3["Department 2/Team 3/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 2/Team 3/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 2/Team 3/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -258,12 +258,12 @@ values:
? module.checklist-folder-3["Department 2/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 2/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 2/Team 3/Production"].google_folder.folder[0]:
display_name: Production
@ -274,12 +274,12 @@ values:
? module.checklist-folder-3["Department 2/Team 4/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 2/Team 4/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 2/Team 4/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -287,12 +287,12 @@ values:
? module.checklist-folder-3["Department 2/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 2/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 2/Team 4/Production"].google_folder.folder[0]:
display_name: Production
@ -303,12 +303,12 @@ values:
? module.checklist-folder-3["Department 3/Team 1/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 3/Team 1/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 3/Team 1/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -316,12 +316,12 @@ values:
? module.checklist-folder-3["Department 3/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 3/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 3/Team 1/Production"].google_folder.folder[0]:
display_name: Production
@ -332,12 +332,12 @@ values:
? module.checklist-folder-3["Department 3/Team 2/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 3/Team 2/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 3/Team 2/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -345,12 +345,12 @@ values:
? module.checklist-folder-3["Department 3/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 3/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 3/Team 2/Production"].google_folder.folder[0]:
display_name: Production
@ -361,12 +361,12 @@ values:
? module.checklist-folder-3["Department 3/Team 3/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 3/Team 3/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 3/Team 3/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -374,12 +374,12 @@ values:
? module.checklist-folder-3["Department 3/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 3/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 3/Team 3/Production"].google_folder.folder[0]:
display_name: Production
@ -390,12 +390,12 @@ values:
? module.checklist-folder-3["Department 3/Team 4/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 3/Team 4/Development"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 3/Team 4/Non-Production"].google_folder.folder[0]:
display_name: Non-Production
@ -403,12 +403,12 @@ values:
? module.checklist-folder-3["Department 3/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/compute.instanceAdmin.v1
? module.checklist-folder-3["Department 3/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"]
: condition: []
members:
- group:gcp-developers@fast-onboarding-0.joonix.net
- group:gcp-developers@fast.example.com
role: roles/container.admin
module.checklist-folder-3["Department 3/Team 4/Production"].google_folder.folder[0]:
display_name: Production