Fix
This commit is contained in:
parent
7252e7ec01
commit
8906252528
|
@ -158,6 +158,7 @@ Due to its simplicity, this stage lends itself easily to customizations: adding
|
|||
| [main.tf](./main.tf) | Module-level locals and resources. | | |
|
||||
| [organization.tf](./organization.tf) | Organization policies. | <code>organization</code> | |
|
||||
| [outputs.tf](./outputs.tf) | Module outputs. | | <code>local_file</code> |
|
||||
| [providers.tf](./providers.tf) | Provider configurations. | | |
|
||||
| [variables.tf](./variables.tf) | Module variables. | | |
|
||||
|
||||
## Variables
|
||||
|
@ -178,12 +179,13 @@ Due to its simplicity, this stage lends itself easily to customizations: adding
|
|||
|
||||
| name | description | sensitive | consumers |
|
||||
|---|---|:---:|---|
|
||||
| [networking](outputs.tf#L107) | Data for the networking stage. | | <code>02-networking</code> |
|
||||
| [project_factories](outputs.tf#L117) | Data for the project factories stage. | | <code>xx-teams</code> |
|
||||
| [providers](outputs.tf#L134) | Terraform provider files for this stage and dependent stages. | ✓ | <code>02-networking</code> · <code>02-security</code> · <code>xx-sandbox</code> · <code>xx-teams</code> |
|
||||
| [sandbox](outputs.tf#L141) | Data for the sandbox stage. | | <code>xx-sandbox</code> |
|
||||
| [security](outputs.tf#L151) | Data for the networking stage. | | <code>02-security</code> |
|
||||
| [teams](outputs.tf#L161) | Data for the teams stage. | | |
|
||||
| [tfvars](outputs.tf#L174) | Terraform variable files for the following stages. | ✓ | |
|
||||
| [dataplatform](outputs.tf#L104) | Data for the Data Platform stage. | | <code>02-networking</code> |
|
||||
| [networking](outputs.tf#L121) | Data for the networking stage. | | <code>02-networking</code> |
|
||||
| [project_factories](outputs.tf#L131) | Data for the project factories stage. | | <code>xx-teams</code> |
|
||||
| [providers](outputs.tf#L148) | Terraform provider files for this stage and dependent stages. | ✓ | <code>02-networking</code> · <code>02-security</code> · <code>xx-sandbox</code> · <code>xx-teams</code> |
|
||||
| [sandbox](outputs.tf#L155) | Data for the sandbox stage. | | <code>xx-sandbox</code> |
|
||||
| [security](outputs.tf#L165) | Data for the networking stage. | | <code>02-security</code> |
|
||||
| [teams](outputs.tf#L175) | Data for the teams stage. | | |
|
||||
| [tfvars](outputs.tf#L188) | Terraform variable files for the following stages. | ✓ | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
@ -35,21 +35,11 @@ module "branch-dp-dev-folder" {
|
|||
group_iam = {}
|
||||
iam = {
|
||||
# remove owner here and at project level if SA does not manage project resources
|
||||
"roles/owner" = [
|
||||
module.branch-dp-dev-sa.iam_email
|
||||
]
|
||||
"roles/logging.admin" = [
|
||||
module.branch-dp-dev-sa.iam_email
|
||||
]
|
||||
"roles/resourcemanager.folderAdmin" = [
|
||||
module.branch-dp-dev-sa.iam_email
|
||||
]
|
||||
"roles/resourcemanager.projectCreator" = [
|
||||
module.branch-dp-dev-sa.iam_email
|
||||
]
|
||||
"roles/compute.xpnAdmin" = [
|
||||
module.branch-teams-dev-projectfactory-sa.iam_email
|
||||
]
|
||||
"roles/logging.admin" = [module.branch-dp-dev-sa.iam_email]
|
||||
"roles/owner" = [module.branch-dp-dev-sa.iam_email]
|
||||
"roles/resourcemanager.folderAdmin" = [module.branch-dp-dev-sa.iam_email]
|
||||
"roles/resourcemanager.projectCreator" = [module.branch-dp-dev-sa.iam_email]
|
||||
"roles/compute.xpnAdmin" = [module.branch-dp-dev-sa.iam_email]
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -78,11 +78,11 @@ module "organization" {
|
|||
module.branch-network-sa.iam_email,
|
||||
module.branch-security-sa.iam_email,
|
||||
],
|
||||
local.branch_dataplatform_sa_iam_emails,
|
||||
# enable if individual teams can create their own projects
|
||||
# [
|
||||
# for k, v in module.branch-teams-team-sa : v.iam_email
|
||||
# ],
|
||||
local.branch_dataplatform_sa_iam_emails,
|
||||
local.branch_teams_pf_sa_iam_emails
|
||||
)
|
||||
} : {}
|
||||
|
|
|
@ -101,6 +101,23 @@ resource "local_file" "tfvars" {
|
|||
|
||||
# outputs
|
||||
|
||||
output "dataplatform" {
|
||||
# tfdoc:output:consumers 03-dataplatform
|
||||
description = "Data for the Data Platform stage."
|
||||
value = {
|
||||
dev = {
|
||||
folder = module.branch-dp-dev-folder.id
|
||||
gcs_bucket = module.branch-dp-dev-gcs.name
|
||||
service_account = module.branch-dp-dev-sa.email
|
||||
}
|
||||
prod = {
|
||||
folder = module.branch-dp-prod-folder.id
|
||||
gcs_bucket = module.branch-dp-prod-gcs.name
|
||||
service_account = module.branch-dp-prod-sa.email
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
output "networking" {
|
||||
# tfdoc:output:consumers 02-networking
|
||||
description = "Data for the networking stage."
|
||||
|
@ -129,7 +146,7 @@ output "project_factories" {
|
|||
# ready to use provider configurations for subsequent stages
|
||||
|
||||
output "providers" {
|
||||
# tfdoc:output:consumers 02-networking 02-security xx-sandbox xx-teams
|
||||
# tfdoc:output:consumers 02-networking 02-security 03-dataplatform xx-sandbox xx-teams
|
||||
description = "Terraform provider files for this stage and dependent stages."
|
||||
sensitive = true
|
||||
value = local.providers
|
||||
|
|
Loading…
Reference in New Issue