Correct typos

Rename module to be consistent with the real name of the GCP service
Add link to the module on READMEs

CHANGELOG.md

@@ -7,6 +7,7 @@ All notable changes to this project will be documented in this file.
 - **incompatible change** routes in the `net-vpc` module now interpolate the VPC name to ensure uniqueness, upgrading from a previous version will drop and recreate routes
 - the top-level `docker-images` folder has been moved inside `modules/cloud-config-container/onprem`
 - `dns_keys` output added to the `dns` module
+- new 'Cloud Endpoints' module
 
 ## [2.0.0] - 2020-06-11
 

README.md

@@ -34,7 +34,7 @@ The current list of modules supports most of the core foundational and networkin
 Currently available modules:
 
 - **foundational** - [folders](./modules/folders), [log sinks](./modules/logging-sinks), [organization](./modules/organization), [project](./modules/project), [service accounts](./modules/iam-service-accounts)
-- **networking** - [VPC](./modules/net-vpc), [VPC firewall](./modules/net-vpc-firewall), [VPC peering](./modules/net-vpc-peering), [VPN static](./modules/net-vpn-static), [VPN dynamic](./modules/net-vpn-dynamic), [VPN HA](./modules/net-vpn-ha), [NAT](./modules/net-cloudnat), [address reservation](./modules/net-address), [DNS](./modules/dns), [L4 ILB](./modules/net-ilb), [Service Directory](./modules/service-directory)
+- **networking** - [VPC](./modules/net-vpc), [VPC firewall](./modules/net-vpc-firewall), [VPC peering](./modules/net-vpc-peering), [VPN static](./modules/net-vpn-static), [VPN dynamic](./modules/net-vpn-dynamic), [VPN HA](./modules/net-vpn-ha), [NAT](./modules/net-cloudnat), [address reservation](./modules/net-address), [DNS](./modules/dns), [L4 ILB](./modules/net-ilb), [Service Directory](./modules/service-directory), [Cloud Endpoints](./modules/cloudenpoints)
 - **compute** - [VM/VM group](./modules/compute-vm), [MIG](./modules/compute-mig), [GKE cluster](./modules/gke-cluster), [GKE nodepool](./modules/gke-nodepool), [COS container](./modules/cos-container) (coredns, mysql, onprem, squid)
 - **data** - [GCS](./modules/gcs), [BigQuery dataset](./modules/bigquery-dataset), [Pub/Sub](./modules/pubsub), [Datafusion](./modules/datafusion), [Bigtable instance](./modules/bigtable-instance)
 - **security** - [KMS](./modules/kms), [SecretManager](./modules/secret-manager)

modules/README.md

@@ -21,6 +21,7 @@ Specific modules also offer support for non-authoritative bindings (e.g. `google
 - [address reservation](./net-address)
 - [Cloud DNS](./dns)
 - [Cloud NAT](./net-cloudnat)
+- [Cloud Endpoints](./endpoints)
 - [L4 Internal Load Balancer](./net-ilb)
 - [Service Directory](./service-directory)
 - [VPC](./net-vpc)

modules/endpoints/main.tf

@@ -0,0 +1,36 @@
+/**
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+locals {
+  iam_roles_bindings = {
+    for k in var.iam_roles : k => lookup(var.iam_members, k, [])
+  }
+}
+
+resource "google_endpoints_service" "default" {
+  project              = var.project_id
+  service_name         = var.service_name
+  openapi_config       = var.openapi_config != null ? file(var.openapi_config.yaml_path) : null
+  grpc_config          = var.grpc_config != null ? file(var.grpc_config.yaml_path) : null
+  protoc_output_base64 = var.grpc_config != null ? base64encode(file(var.grpc_config.protoc_output_path)) : null
+}
+
+resource "google_endpoints_service_iam_binding" "default" {
+  for_each     = local.iam_roles_bindings
+  service_name = google_endpoints_service.default.service_name
+  role         = "roles/${each.key}"
+  members      = each.value
+}

modules/endpoints/outputs.tf

@@ -0,0 +1,30 @@
+/**
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "service_name" {
+  description = "The name of the service.."
+  value       = google_endpoints_service.default.service_name
+}
+
+output "endpoints_service" {
+  description = "The Endpoint service resource."
+  value       = google_endpoints_service.default
+}
+
+output "endpoints" {
+  description = "A list of Endpoint objects."
+  value       =  google_endpoints_service.default.endpoints
+}

modules/endpoints/variables.tf

@@ -0,0 +1,53 @@
+/**
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "grpc_config" {
+  description = "The configuration for a gRPC enpoint. Either this, openapi_config must be specified."
+  type        = object({
+    yaml_path          = string
+    protoc_output_path = string
+  })
+}
+
+variable "iam_roles" {
+  description = "Authoritative for a given role. Updates the IAM policy to grant a role to a list of members."
+  type        = list(string)
+  default     = []
+}
+
+variable "iam_members" {
+  description = "Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved."
+  type        = map(list(string))
+  default     = {}
+}
+
+variable "openapi_config" {
+  description = "The configuration for an OpenAPI endopoint. Either this, grpc_config must be specified."
+  type        = object({
+    yaml_path = string
+  })
+}
+
+variable "project_id" {
+  description = "The project ID that the service belongs to."
+  type        = string
+  default     = null
+}
+
+variable "service_name" {
+  description = "The name of the service. Usually of the form '$apiname.endpoints.$projectid.cloud.goog'."
+  type        = string
+}

modules/endpoints/versions.tf

@@ -0,0 +1,19 @@
+/**
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+terraform {
+  required_version = ">= 0.12.6"
+}