zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Leverage new shared VPC project config defaults across the repo

This commit is contained in:
Julio Castillo 2022-10-07 08:55:47 +02:00
parent 3c3e65c2c3
commit 894647ff9e
24 changed files with 43 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CONTRIBUTING.md
View File

@ -141,9 +141,8 @@ module "project" {
storage = [local.kms.europe.gcs]
}
shared_vpc_service_config = {
attach = true
host_project = "project-host"
service_identity_iam = {}
attach = true
host_project = "project-host"
}
}
```
@ -258,9 +257,8 @@ module "project" {
source = "./modules/project"
name = "prj-1"
shared_vpc_service_config = {
attach = true
host_project = "project-host"
service_identity_iam = {}
attach = true
host_project = "project-host"
}
}
```

3
blueprints/cloud-operations/dns-shared-vpc/examples/shared-vpc-example/projects.tf
View File

@ -37,8 +37,7 @@ module "project-host" {
services = var.project_services
shared_vpc_host_config = {
enabled = true
service_projects = [] # defined later
enabled = true
}
}

24
blueprints/cloud-operations/network-dashboard/tests/test.tf
View File

@ -30,8 +30,7 @@ module "project-hub" {
services = var.project_vm_services
shared_vpc_host_config = {
enabled = true
service_projects = [] # defined later
enabled = true
}
}
@ -58,9 +57,8 @@ module "project-svc-hub" {
services = var.project_vm_services
shared_vpc_service_config = {
attach = true
host_project = module.project-hub.project_id
service_identity_iam = {}
attach = true
host_project = module.project-hub.project_id
}
}
@ -73,8 +71,7 @@ module "project-prod" {
services = var.project_vm_services
shared_vpc_host_config = {
enabled = true
service_projects = [] # defined later
enabled = true
}
}
@ -101,9 +98,8 @@ module "project-svc-prod" {
services = var.project_vm_services
shared_vpc_service_config = {
attach = true
host_project = module.project-prod.project_id
service_identity_iam = {}
attach = true
host_project = module.project-prod.project_id
}
}
@ -116,8 +112,7 @@ module "project-dev" {
services = var.project_vm_services
shared_vpc_host_config = {
enabled = true
service_projects = [] # defined later
enabled = true
}
}
@ -144,9 +139,8 @@ module "project-svc-dev" {
services = var.project_vm_services
shared_vpc_service_config = {
attach = true
host_project = module.project-dev.project_id
service_identity_iam = {}
attach = true
host_project = module.project-dev.project_id
}
}

5
blueprints/data-solutions/cloudsql-multiregion/main.tf
View File

@ -94,9 +94,8 @@ module "project" {
]
shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true
host_project = local.shared_vpc_project
service_identity_iam = {}
attach = true
host_project = local.shared_vpc_project
}
service_encryption_key_ids = {

5
blueprints/data-solutions/composer-2/main.tf
View File

@ -97,9 +97,8 @@ module "project" {
]
shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true
host_project = local.shared_vpc_project
service_identity_iam = {}
attach = true
host_project = local.shared_vpc_project
}
service_encryption_key_ids = {

5
blueprints/data-solutions/data-platform-foundations/02-load.tf
View File

@ -74,9 +74,8 @@ module "load-project" {
storage = [try(local.service_encryption_keys.storage, null)]
}
shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true
host_project = local.shared_vpc_project
service_identity_iam = {}
attach = true
host_project = local.shared_vpc_project
}
}

5
blueprints/data-solutions/data-platform-foundations/03-orchestration.tf
View File

@ -92,9 +92,8 @@ module "orch-project" {
storage = [try(local.service_encryption_keys.storage, null)]
}
shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true
host_project = local.shared_vpc_project
service_identity_iam = {}
attach = true
host_project = local.shared_vpc_project
}
}

5
blueprints/data-solutions/data-platform-foundations/04-transformation.tf
View File

@ -72,9 +72,8 @@ module "transf-project" {
storage = [try(local.service_encryption_keys.storage, null)]
}
shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true
host_project = local.shared_vpc_project
service_identity_iam = {}
attach = true
host_project = local.shared_vpc_project
}
}

5
blueprints/data-solutions/gcs-to-bq-with-least-privileges/main.tf
View File

@ -125,9 +125,8 @@ module "project" {
iam = var.project_create != null ? local.iam : {}
iam_additive = var.project_create == null ? local.iam : {}
shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true
host_project = local.shared_vpc_project
service_identity_iam = {}
attach = true
host_project = local.shared_vpc_project
}
}

5
blueprints/data-solutions/sqlserver-alwayson/main.tf
View File

@ -49,8 +49,7 @@ module "project" {
iam = {}
iam_additive = {}
shared_vpc_service_config = var.shared_vpc_project_id == null ? null : {
attach = true
host_project = var.shared_vpc_project_id
service_identity_iam = {}
attach = true
host_project = var.shared_vpc_project_id
}
}

3
blueprints/gke/multi-cluster-mesh-gke-fleet-api/main.tf
View File

@ -24,8 +24,7 @@ module "host_project" {
parent = var.parent
name = var.host_project_id
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
services = [
"container.googleapis.com"

6
blueprints/networking/decentralized-firewall/main.tf
View File

@ -25,8 +25,7 @@ module "project-host-prod" {
services = var.project_services
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
}
@ -39,8 +38,7 @@ module "project-host-dev" {
services = var.project_services
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
}

3
blueprints/networking/filtering-proxy/main.tf
View File

@ -48,8 +48,7 @@ module "project-host" {
"logging.googleapis.com"
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
}

3
blueprints/networking/shared-vpc-gke/main.tf
View File

@ -27,8 +27,7 @@ module "project-host" {
name = "net"
services = concat(var.project_services, ["dns.googleapis.com"])
shared_vpc_host_config = {
enabled = true
service_projects = [] # defined later
enabled = true
}
iam = {
"roles/owner" = var.owners_host

3
fast/stages/02-networking-nva/landing.tf
View File

@ -30,8 +30,7 @@ module "landing-project" {
"stackdriver.googleapis.com"
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
iam = {
"roles/dns.admin" = compact([

3
fast/stages/02-networking-nva/spoke-dev.tf
View File

@ -31,8 +31,7 @@ module "dev-spoke-project" {
"stackdriver.googleapis.com",
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
metric_scopes = [module.landing-project.project_id]
iam = {

3
fast/stages/02-networking-nva/spoke-prod.tf
View File

@ -31,8 +31,7 @@ module "prod-spoke-project" {
"stackdriver.googleapis.com",
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
metric_scopes = [module.landing-project.project_id]
iam = {

3
fast/stages/02-networking-peering/landing.tf
View File

@ -30,8 +30,7 @@ module "landing-project" {
"stackdriver.googleapis.com"
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
iam = {
"roles/dns.admin" = compact([

3
fast/stages/02-networking-peering/spoke-dev.tf
View File

@ -32,8 +32,7 @@ module "dev-spoke-project" {
"stackdriver.googleapis.com",
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
metric_scopes = [module.landing-project.project_id]
iam = {

3
fast/stages/02-networking-peering/spoke-prod.tf
View File

@ -32,8 +32,7 @@ module "prod-spoke-project" {
"stackdriver.googleapis.com",
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
metric_scopes = [module.landing-project.project_id]
iam = {

3
fast/stages/02-networking-vpn/landing.tf
View File

@ -30,8 +30,7 @@ module "landing-project" {
"stackdriver.googleapis.com"
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
iam = {
"roles/dns.admin" = compact([

3
fast/stages/02-networking-vpn/spoke-dev.tf
View File

@ -32,8 +32,7 @@ module "dev-spoke-project" {
"stackdriver.googleapis.com",
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
metric_scopes = [module.landing-project.project_id]
iam = {

3
fast/stages/02-networking-vpn/spoke-prod.tf
View File

@ -32,8 +32,7 @@ module "prod-spoke-project" {
"stackdriver.googleapis.com",
]
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
metric_scopes = [module.landing-project.project_id]
iam = {

3
modules/project/README.md
View File

@ -123,8 +123,7 @@ module "project" {
source = "./fabric/modules/project"
name = "project-example"
shared_vpc_host_config = {
enabled = true
service_projects = []
enabled = true
}
}
# tftest modules=1 resources=2