zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Leverage new shared VPC project config defaults across the repo

This commit is contained in:
Julio Castillo 2022-10-07 08:55:47 +02:00
parent 3c3e65c2c3
commit 894647ff9e
24 changed files with 43 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CONTRIBUTING.md
View File

@ -141,9 +141,8 @@ module "project" {
storage = [local.kms.europe.gcs] storage = [local.kms.europe.gcs]
} }
shared_vpc_service_config = { shared_vpc_service_config = {
attach = true attach = true
host_project = "project-host" host_project = "project-host"
service_identity_iam = {}
} }
} }
``` ```
@ -258,9 +257,8 @@ module "project" {
source = "./modules/project" source = "./modules/project"
name = "prj-1" name = "prj-1"
shared_vpc_service_config = { shared_vpc_service_config = {
attach = true attach = true
host_project = "project-host" host_project = "project-host"
service_identity_iam = {}
} }
} }
``` ```

3
blueprints/cloud-operations/dns-shared-vpc/examples/shared-vpc-example/projects.tf
View File

@ -37,8 +37,7 @@ module "project-host" {
services = var.project_services services = var.project_services
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = [] # defined later
} }
} }

24
blueprints/cloud-operations/network-dashboard/tests/test.tf
View File

@ -30,8 +30,7 @@ module "project-hub" {
services = var.project_vm_services services = var.project_vm_services
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = [] # defined later
} }
} }
@ -58,9 +57,8 @@ module "project-svc-hub" {
services = var.project_vm_services services = var.project_vm_services
shared_vpc_service_config = { shared_vpc_service_config = {
attach = true attach = true
host_project = module.project-hub.project_id host_project = module.project-hub.project_id
service_identity_iam = {}
} }
} }
@ -73,8 +71,7 @@ module "project-prod" {
services = var.project_vm_services services = var.project_vm_services
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = [] # defined later
} }
} }
@ -101,9 +98,8 @@ module "project-svc-prod" {
services = var.project_vm_services services = var.project_vm_services
shared_vpc_service_config = { shared_vpc_service_config = {
attach = true attach = true
host_project = module.project-prod.project_id host_project = module.project-prod.project_id
service_identity_iam = {}
} }
} }
@ -116,8 +112,7 @@ module "project-dev" {
services = var.project_vm_services services = var.project_vm_services
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = [] # defined later
} }
} }
@ -144,9 +139,8 @@ module "project-svc-dev" {
services = var.project_vm_services services = var.project_vm_services
shared_vpc_service_config = { shared_vpc_service_config = {
attach = true attach = true
host_project = module.project-dev.project_id host_project = module.project-dev.project_id
service_identity_iam = {}
} }
} }

5
blueprints/data-solutions/cloudsql-multiregion/main.tf
View File

@ -94,9 +94,8 @@ module "project" {
] ]
shared_vpc_service_config = local.shared_vpc_project == null ? null : { shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true attach = true
host_project = local.shared_vpc_project host_project = local.shared_vpc_project
service_identity_iam = {}
} }
service_encryption_key_ids = { service_encryption_key_ids = {

5
blueprints/data-solutions/composer-2/main.tf
View File

@ -97,9 +97,8 @@ module "project" {
] ]
shared_vpc_service_config = local.shared_vpc_project == null ? null : { shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true attach = true
host_project = local.shared_vpc_project host_project = local.shared_vpc_project
service_identity_iam = {}
} }
service_encryption_key_ids = { service_encryption_key_ids = {

5
blueprints/data-solutions/data-platform-foundations/02-load.tf
View File

@ -74,9 +74,8 @@ module "load-project" {
storage = [try(local.service_encryption_keys.storage, null)] storage = [try(local.service_encryption_keys.storage, null)]
} }
shared_vpc_service_config = local.shared_vpc_project == null ? null : { shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true attach = true
host_project = local.shared_vpc_project host_project = local.shared_vpc_project
service_identity_iam = {}
} }
} }

5
blueprints/data-solutions/data-platform-foundations/03-orchestration.tf
View File

@ -92,9 +92,8 @@ module "orch-project" {
storage = [try(local.service_encryption_keys.storage, null)] storage = [try(local.service_encryption_keys.storage, null)]
} }
shared_vpc_service_config = local.shared_vpc_project == null ? null : { shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true attach = true
host_project = local.shared_vpc_project host_project = local.shared_vpc_project
service_identity_iam = {}
} }
} }

5
blueprints/data-solutions/data-platform-foundations/04-transformation.tf
View File

@ -72,9 +72,8 @@ module "transf-project" {
storage = [try(local.service_encryption_keys.storage, null)] storage = [try(local.service_encryption_keys.storage, null)]
} }
shared_vpc_service_config = local.shared_vpc_project == null ? null : { shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true attach = true
host_project = local.shared_vpc_project host_project = local.shared_vpc_project
service_identity_iam = {}
} }
} }

5
blueprints/data-solutions/gcs-to-bq-with-least-privileges/main.tf
View File

@ -125,9 +125,8 @@ module "project" {
iam = var.project_create != null ? local.iam : {} iam = var.project_create != null ? local.iam : {}
iam_additive = var.project_create == null ? local.iam : {} iam_additive = var.project_create == null ? local.iam : {}
shared_vpc_service_config = local.shared_vpc_project == null ? null : { shared_vpc_service_config = local.shared_vpc_project == null ? null : {
attach = true attach = true
host_project = local.shared_vpc_project host_project = local.shared_vpc_project
service_identity_iam = {}
} }
} }

5
blueprints/data-solutions/sqlserver-alwayson/main.tf
View File

@ -49,8 +49,7 @@ module "project" {
iam = {} iam = {}
iam_additive = {} iam_additive = {}
shared_vpc_service_config = var.shared_vpc_project_id == null ? null : { shared_vpc_service_config = var.shared_vpc_project_id == null ? null : {
attach = true attach = true
host_project = var.shared_vpc_project_id host_project = var.shared_vpc_project_id
service_identity_iam = {}
} }
} }

3
blueprints/gke/multi-cluster-mesh-gke-fleet-api/main.tf
View File

@ -24,8 +24,7 @@ module "host_project" {
parent = var.parent parent = var.parent
name = var.host_project_id name = var.host_project_id
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
services = [ services = [
"container.googleapis.com" "container.googleapis.com"

6
blueprints/networking/decentralized-firewall/main.tf
View File

@ -25,8 +25,7 @@ module "project-host-prod" {
services = var.project_services services = var.project_services
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
} }
@ -39,8 +38,7 @@ module "project-host-dev" {
services = var.project_services services = var.project_services
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
} }

3
blueprints/networking/filtering-proxy/main.tf
View File

@ -48,8 +48,7 @@ module "project-host" {
"logging.googleapis.com" "logging.googleapis.com"
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
} }

3
blueprints/networking/shared-vpc-gke/main.tf
View File

@ -27,8 +27,7 @@ module "project-host" {
name = "net" name = "net"
services = concat(var.project_services, ["dns.googleapis.com"]) services = concat(var.project_services, ["dns.googleapis.com"])
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = [] # defined later
} }
iam = { iam = {
"roles/owner" = var.owners_host "roles/owner" = var.owners_host

3
fast/stages/02-networking-nva/landing.tf
View File

@ -30,8 +30,7 @@ module "landing-project" {
"stackdriver.googleapis.com" "stackdriver.googleapis.com"
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
iam = { iam = {
"roles/dns.admin" = compact([ "roles/dns.admin" = compact([

3
fast/stages/02-networking-nva/spoke-dev.tf
View File

@ -31,8 +31,7 @@ module "dev-spoke-project" {
"stackdriver.googleapis.com", "stackdriver.googleapis.com",
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
metric_scopes = [module.landing-project.project_id] metric_scopes = [module.landing-project.project_id]
iam = { iam = {

3
fast/stages/02-networking-nva/spoke-prod.tf
View File

@ -31,8 +31,7 @@ module "prod-spoke-project" {
"stackdriver.googleapis.com", "stackdriver.googleapis.com",
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
metric_scopes = [module.landing-project.project_id] metric_scopes = [module.landing-project.project_id]
iam = { iam = {

3
fast/stages/02-networking-peering/landing.tf
View File

@ -30,8 +30,7 @@ module "landing-project" {
"stackdriver.googleapis.com" "stackdriver.googleapis.com"
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
iam = { iam = {
"roles/dns.admin" = compact([ "roles/dns.admin" = compact([

3
fast/stages/02-networking-peering/spoke-dev.tf
View File

@ -32,8 +32,7 @@ module "dev-spoke-project" {
"stackdriver.googleapis.com", "stackdriver.googleapis.com",
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
metric_scopes = [module.landing-project.project_id] metric_scopes = [module.landing-project.project_id]
iam = { iam = {

3
fast/stages/02-networking-peering/spoke-prod.tf
View File

@ -32,8 +32,7 @@ module "prod-spoke-project" {
"stackdriver.googleapis.com", "stackdriver.googleapis.com",
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
metric_scopes = [module.landing-project.project_id] metric_scopes = [module.landing-project.project_id]
iam = { iam = {

3
fast/stages/02-networking-vpn/landing.tf
View File

@ -30,8 +30,7 @@ module "landing-project" {
"stackdriver.googleapis.com" "stackdriver.googleapis.com"
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
iam = { iam = {
"roles/dns.admin" = compact([ "roles/dns.admin" = compact([

3
fast/stages/02-networking-vpn/spoke-dev.tf
View File

@ -32,8 +32,7 @@ module "dev-spoke-project" {
"stackdriver.googleapis.com", "stackdriver.googleapis.com",
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
metric_scopes = [module.landing-project.project_id] metric_scopes = [module.landing-project.project_id]
iam = { iam = {

3
fast/stages/02-networking-vpn/spoke-prod.tf
View File

@ -32,8 +32,7 @@ module "prod-spoke-project" {
"stackdriver.googleapis.com", "stackdriver.googleapis.com",
] ]
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
metric_scopes = [module.landing-project.project_id] metric_scopes = [module.landing-project.project_id]
iam = { iam = {

3
modules/project/README.md
View File

@ -123,8 +123,7 @@ module "project" {
source = "./fabric/modules/project" source = "./fabric/modules/project"
name = "project-example" name = "project-example"
shared_vpc_host_config = { shared_vpc_host_config = {
enabled = true enabled = true
service_projects = []
} }
} }
# tftest modules=1 resources=2 # tftest modules=1 resources=2