Fix Shielded Folder - VertexML interoperability (#1355)

* Fix Shielded Folder - VertexML interoperability * Fix README outputs * Adding prefix for keyrings and update output
2023-05-05 09:54:57 +02:00 · 2023-05-05 09:54:57 +02:00 · 4d66623de1
parent e333b6ffa2
commit 4d66623de1
6 changed files with 12 additions and 8 deletions
--- a/blueprints/data-solutions/shielded-folder/README.md
+++ b/blueprints/data-solutions/shielded-folder/README.md
@ -176,9 +176,9 @@ terraform apply
 |---|---|:---:|
 | [folders](outputs.tf#L15) | Folders id. |  |
 | [folders_sink_writer_identities](outputs.tf#L23) | Folders id. |  |
+| [kms_keys](outputs.tf#L31) | Cloud KMS encryption keys created. |  |

 <!-- END TFDOC -->
-
 ## Test

 ```hcl
--- a/blueprints/data-solutions/shielded-folder/kms.tf
+++ b/blueprints/data-solutions/shielded-folder/kms.tf
@ -81,7 +81,7 @@ module "sec-kms" {
  project_id = module.sec-project[0].project_id
  keyring = {
    location = each.key
-    name     = "${each.key}"
+    name     = "sec-${each.key}"
  }
  # rename to `key_iam` to switch to authoritative bindings
  key_iam_additive = {
@ -96,7 +96,7 @@ module "log-kms" {
  project_id = module.sec-project[0].project_id
  keyring = {
    location = each.key
-    name     = "${each.key}"
+    name     = "log-${each.key}"
  }
  keys = local.kms_log_locations_keys[each.key]
 }
--- a/blueprints/data-solutions/shielded-folder/outputs.tf
+++ b/blueprints/data-solutions/shielded-folder/outputs.tf
@ -28,3 +28,7 @@ output "folders_sink_writer_identities" {
  }
 }

+output "kms_keys" {
+  description = "Cloud KMS encryption keys created."
+  value       = { for k, v in module.sec-kms : k => v.key_ids }
+}
--- a/blueprints/data-solutions/vertex-mlops/README.md
+++ b/blueprints/data-solutions/vertex-mlops/README.md
@ -74,7 +74,6 @@ module "test" {
 }
 # tftest modules=11 resources=60
 ```
-
 <!-- BEGIN TFDOC -->

 ## Variables
@ -101,7 +100,7 @@ module "test" {
 |---|---|:---:|
 | [github](outputs.tf#L30) | Github Configuration. |  |
 | [notebook](outputs.tf#L35) | Vertex AI notebooks ids. |  |
-| [project](outputs.tf#L43) | The project resource as return by the `project` module. |  |
+| [project_id](outputs.tf#L43) | Project ID. |  |

 <!-- END TFDOC -->
 ## Test
--- a/blueprints/data-solutions/vertex-mlops/main.tf
+++ b/blueprints/data-solutions/vertex-mlops/main.tf
@ -242,6 +242,7 @@ module "project" {
  service_encryption_key_ids = {
    aiplatform    = [var.service_encryption_keys.aiplatform]
    bq            = [var.service_encryption_keys.bq]
+    compute       = [var.service_encryption_keys.notebooks]
    cloudbuild    = [var.service_encryption_keys.storage]
    notebooks     = [var.service_encryption_keys.notebooks]
    secretmanager = [var.service_encryption_keys.secretmanager]
--- a/blueprints/data-solutions/vertex-mlops/outputs.tf
+++ b/blueprints/data-solutions/vertex-mlops/outputs.tf
@ -40,7 +40,7 @@ output "notebook" {
  )
 }

-output "project" {
-  description = "The project resource as return by the `project` module."
-  value       = module.project
+output "project_id" {
+  description = "Project ID."
+  value       = module.project.project_id
 }