From 1ca493e3d7cc1bd62c3dafea2535d964b2f16fc2 Mon Sep 17 00:00:00 2001 From: Brian Jung <65934595+brianhmj@users.noreply.github.com> Date: Thu, 27 Oct 2022 13:17:20 -0400 Subject: [PATCH] Update main.tf Added a terraform and provider block - terraform relies on plugins and following best practices to allow allowing the rightmost component of a version to increment. (https://developer.hashicorp.com/terraform/language/providers/requirements#version-constraints) Also removed comment about it being ok to use project roles of monitoring viewer and compute networkViewer. (Look at Issue #922) --- .../cloud-operations/network-dashboard/main.tf | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/blueprints/cloud-operations/network-dashboard/main.tf b/blueprints/cloud-operations/network-dashboard/main.tf index 00ca7bb2..99a17400 100644 --- a/blueprints/cloud-operations/network-dashboard/main.tf +++ b/blueprints/cloud-operations/network-dashboard/main.tf @@ -13,7 +13,16 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - + +terraform { + required_version = "~> 1.3.3" + required_providers { + google = { + version = "~> 4.41.0" + } + } +} + locals { project_ids = toset(var.monitored_projects_list) projects = join(",", local.project_ids) @@ -50,7 +59,6 @@ module "service-account-function" { # Required IAM permissions for this service account are: # 1) compute.networkViewer on projects to be monitored (I gave it at organization level for now for simplicity) # 2) monitoring viewer on the projects to be monitored (I gave it at organization level for now for simplicity) - # 3) if you dont have permission to create service account and assign permission at organization Level, move these 3 roles to project level. iam_organization_roles = { "${var.organization_id}" = [ @@ -184,4 +192,4 @@ module "cloud-function" { resource "google_monitoring_dashboard" "dashboard" { dashboard_json = file("${path.module}/dashboards/quotas-utilization.json") project = local.monitoring_project -} \ No newline at end of file +}