zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Simplify conditional expressions

This commit is contained in:
Julio Diez 2023-02-10 12:48:47 +01:00
parent a8de9088c6
commit 3935867d92
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
blueprints/serverless/cloud-run-explore/main.tf
View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
locals {
gclb_create = var.custom_domain == null ? false : true
}
@ -100,7 +100,7 @@ module "glb" {
# Cloud Armor configuration
resource "google_compute_security_policy" "policy" {
count = local.gclb_create ? (var.security_policy.enabled ? 1 : 0) : 0
count = local.gclb_create && var.security_policy.enabled ? 1 : 0
name = "cloud-run-policy"
project = module.project.project_id
rule {
@ -147,7 +147,7 @@ resource "google_compute_security_policy" "policy" {
# Destroying a Terraform-managed Brand will remove it from state but
# will not delete it from Google Cloud.
resource "google_iap_brand" "iap_brand" {
count = local.gclb_create ? (var.iap.enabled ? 1 : 0) : 0
count = local.gclb_create && var.iap.enabled ? 1 : 0
project = module.project.project_id
# Support email displayed on the OAuth consent screen. The caller must be
# the user with the associated email address, or if a group email is
@ -164,7 +164,7 @@ resource "google_iap_brand" "iap_brand" {
# Warning:
# All arguments including secret will be stored in the raw state as plain-text.
resource "google_iap_client" "iap_client" {
count = local.gclb_create ? (var.iap.enabled ? 1 : 0) : 0
count = local.gclb_create && var.iap.enabled ? 1 : 0
display_name = var.iap.oauth2_client_name
brand = google_iap_brand.iap_brand[0].name
}
@ -172,7 +172,7 @@ resource "google_iap_client" "iap_client" {
# IAM policy for IAP
# For simplicity we use the same email as support_email and authorized member
resource "google_iap_web_iam_member" "iap_iam" {
count = local.gclb_create ? (var.iap.enabled ? 1 : 0) : 0
count = local.gclb_create && var.iap.enabled ? 1 : 0
project = module.project.project_id
role = "roles/iap.httpsResourceAccessor"
member = "user:${var.iap.email}"