Merge branch 'GoogleCloudPlatform:master' into master
This commit is contained in:
commit
953cda6462
|
@ -1,51 +0,0 @@
|
||||||
# Copyright 2022 Google LLC
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
# you may not use this file except in compliance with the License.
|
|
||||||
# You may obtain a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
# See the License for the specific language governing permissions and
|
|
||||||
# limitations under the License.
|
|
||||||
|
|
||||||
name: Post-merge tasks
|
|
||||||
|
|
||||||
on:
|
|
||||||
pull_request:
|
|
||||||
branches:
|
|
||||||
- master
|
|
||||||
types:
|
|
||||||
- closed
|
|
||||||
|
|
||||||
env:
|
|
||||||
PYTHON_VERSION: "3.10"
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
if_merged:
|
|
||||||
if: github.event.pull_request.merged == true
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v2
|
|
||||||
- name: Set up Python
|
|
||||||
uses: actions/setup-python@v2
|
|
||||||
with:
|
|
||||||
python-version: ${{ env.PYTHON_VERSION }}
|
|
||||||
- name: Install dependencies
|
|
||||||
run: |
|
|
||||||
pip install -r tools/requirements.txt
|
|
||||||
- name: Update Changelog
|
|
||||||
run: |
|
|
||||||
python3 tools/changelog.py --token secrets.GITHUB_TOKEN CHANGELOG.md
|
|
||||||
- name: Commit and push Changelog
|
|
||||||
env:
|
|
||||||
CI_COMMIT_MESSAGE: Update Changelog
|
|
||||||
CI_COMMIT_AUTHOR: Fabric Repo Workflows
|
|
||||||
run: |
|
|
||||||
git config --global user.name "${{ env.CI_COMMIT_AUTHOR }}"
|
|
||||||
git config --global user.email "username@users.noreply.github.com"
|
|
||||||
git commit -a -m "${{ env.CI_COMMIT_MESSAGE }}"
|
|
||||||
git push
|
|
|
@ -9,6 +9,7 @@ All notable changes to this project will be documented in this file.
|
||||||
|
|
||||||
### FAST
|
### FAST
|
||||||
|
|
||||||
|
- [[#793](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/793)] FAST: fix typo in CI/CD stage outputs. ([fawzihmouda](https://github.com/fawzihmouda)) <!-- 2022-09-04 11:50:36+00:00 -->
|
||||||
- [[#774](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/774)] FAST: fix data-platform-dev folder in stage 03-data-platform ([sttomm](https://github.com/sttomm)) <!-- 2022-08-16 07:36:24+00:00 -->
|
- [[#774](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/774)] FAST: fix data-platform-dev folder in stage 03-data-platform ([sttomm](https://github.com/sttomm)) <!-- 2022-08-16 07:36:24+00:00 -->
|
||||||
- [[#770](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/770)] FAST: fix to move without `output_location` ([daisuky-jp](https://github.com/daisuky-jp)) <!-- 2022-08-07 07:00:27+00:00 -->
|
- [[#770](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/770)] FAST: fix to move without `output_location` ([daisuky-jp](https://github.com/daisuky-jp)) <!-- 2022-08-07 07:00:27+00:00 -->
|
||||||
- [[#767](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/767)] Allow interpolating SAs in project factory subnet IAM bindings ([ludoo](https://github.com/ludoo)) <!-- 2022-08-04 08:39:28+00:00 -->
|
- [[#767](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/767)] Allow interpolating SAs in project factory subnet IAM bindings ([ludoo](https://github.com/ludoo)) <!-- 2022-08-04 08:39:28+00:00 -->
|
||||||
|
@ -98,6 +99,7 @@ All notable changes to this project will be documented in this file.
|
||||||
|
|
||||||
### TOOLS
|
### TOOLS
|
||||||
|
|
||||||
|
- [[#794](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/794)] Test documentation examples in the `examples/` folder ([juliocc](https://github.com/juliocc)) <!-- 2022-09-06 19:38:26+00:00 -->
|
||||||
- [[#788](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/788)] fix yaml quotes for merge-pr workflow ([drebes](https://github.com/drebes)) <!-- 2022-08-31 13:47:33+00:00 -->
|
- [[#788](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/788)] fix yaml quotes for merge-pr workflow ([drebes](https://github.com/drebes)) <!-- 2022-08-31 13:47:33+00:00 -->
|
||||||
- [[#763](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/763)] Changelog generator ([ludoo](https://github.com/ludoo)) <!-- 2022-08-02 09:45:06+00:00 -->
|
- [[#763](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/763)] Changelog generator ([ludoo](https://github.com/ludoo)) <!-- 2022-08-02 09:45:06+00:00 -->
|
||||||
- [[#762](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/762)] Update changelog on pull request merge ([ludoo](https://github.com/ludoo)) <!-- 2022-07-30 17:04:00+00:00 -->
|
- [[#762](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/762)] Update changelog on pull request merge ([ludoo](https://github.com/ludoo)) <!-- 2022-07-30 17:04:00+00:00 -->
|
||||||
|
|
|
@ -33,6 +33,7 @@ You can easily configure the example for this use case:
|
||||||
delegated_role_grants = ["roles/compute.networkUser"]
|
delegated_role_grants = ["roles/compute.networkUser"]
|
||||||
direct_role_grants = []
|
direct_role_grants = []
|
||||||
restricted_role_grant = "roles/compute.networkAdmin"
|
restricted_role_grant = "roles/compute.networkAdmin"
|
||||||
|
# tftest skip
|
||||||
```
|
```
|
||||||
|
|
||||||
This diagram shows the resources and expected behaviour:
|
This diagram shows the resources and expected behaviour:
|
||||||
|
|
|
@ -127,7 +127,7 @@ We suggest a centralized approach to key management, where Organization Security
|
||||||
|
|
||||||
To configure the use of Cloud KMS on resources, you have to specify the key id on the `service_encryption_keys` variable. Key locations should match resource locations. Example:
|
To configure the use of Cloud KMS on resources, you have to specify the key id on the `service_encryption_keys` variable. Key locations should match resource locations. Example:
|
||||||
|
|
||||||
```hcl
|
```tfvars
|
||||||
service_encryption_keys = {
|
service_encryption_keys = {
|
||||||
bq = "KEY_URL_MULTIREGIONAL"
|
bq = "KEY_URL_MULTIREGIONAL"
|
||||||
composer = "KEY_URL_REGIONAL"
|
composer = "KEY_URL_REGIONAL"
|
||||||
|
@ -135,6 +135,7 @@ service_encryption_keys = {
|
||||||
storage = "KEY_URL_MULTIREGIONAL"
|
storage = "KEY_URL_MULTIREGIONAL"
|
||||||
pubsub = "KEY_URL_MULTIREGIONAL"
|
pubsub = "KEY_URL_MULTIREGIONAL"
|
||||||
}
|
}
|
||||||
|
# tftest skip
|
||||||
```
|
```
|
||||||
|
|
||||||
This step is optional and depends on customer policies and security best practices.
|
This step is optional and depends on customer policies and security best practices.
|
||||||
|
@ -191,12 +192,13 @@ The Data Platform is meant to be executed by a Service Account (or a regular use
|
||||||
|
|
||||||
There are three sets of variables you will need to fill in:
|
There are three sets of variables you will need to fill in:
|
||||||
|
|
||||||
```hcl
|
```tfvars
|
||||||
billing_account_id = "111111-222222-333333"
|
billing_account_id = "111111-222222-333333"
|
||||||
older_id = "folders/123456789012"
|
older_id = "folders/123456789012"
|
||||||
organization_domain = "domain.com"
|
organization_domain = "domain.com"
|
||||||
prefix = "myco"
|
prefix = "myco"
|
||||||
```
|
# tftest skip`
|
||||||
|
``
|
||||||
|
|
||||||
For more fine details check variables on [`variables.tf`](./variables.tf) and update according to the desired configuration. Remember to create team groups described [below](#groups).
|
For more fine details check variables on [`variables.tf`](./variables.tf) and update according to the desired configuration. Remember to create team groups described [below](#groups).
|
||||||
|
|
||||||
|
@ -207,6 +209,22 @@ terraform init
|
||||||
terraform apply
|
terraform apply
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## How to use this example from Terraform
|
||||||
|
|
||||||
|
While this example can be used as a standalone deployment, it can also be called directly as a Terraform module by providing the variables values as show below:
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
module "data-platform" {
|
||||||
|
source = "./fabric/examples/data-solutions/data-platform-foundations"
|
||||||
|
billing_account_id = var.billing_account_id
|
||||||
|
folder_id = var.folder_id
|
||||||
|
organization_domain = "example.com"
|
||||||
|
prefix = "myprefix"
|
||||||
|
}
|
||||||
|
|
||||||
|
# tftest modules=1 resources=1
|
||||||
|
```
|
||||||
|
|
||||||
## Customizations
|
## Customizations
|
||||||
|
|
||||||
### Create Cloud Key Management keys as part of the Data Platform
|
### Create Cloud Key Management keys as part of the Data Platform
|
||||||
|
|
|
@ -79,6 +79,8 @@ module "projects" {
|
||||||
services_iam = try(each.value.services_iam, {})
|
services_iam = try(each.value.services_iam, {})
|
||||||
vpc = try(each.value.vpc, null)
|
vpc = try(each.value.vpc, null)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# tftest skip
|
||||||
```
|
```
|
||||||
|
|
||||||
### Projects configuration
|
### Projects configuration
|
||||||
|
|
|
@ -47,7 +47,7 @@ The example configures the peering with the GKE master VPC to export routes for
|
||||||
|
|
||||||
Change the GKE cluster module and add a new variable after `private_cluster_config`:
|
Change the GKE cluster module and add a new variable after `private_cluster_config`:
|
||||||
|
|
||||||
```hcl
|
```tfvars
|
||||||
peering_config = {
|
peering_config = {
|
||||||
export_routes = true
|
export_routes = true
|
||||||
import_routes = false
|
import_routes = false
|
||||||
|
|
|
@ -50,6 +50,8 @@ module "project" {
|
||||||
disable_dependent_services = false
|
disable_dependent_services = false
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# tftest skip
|
||||||
```
|
```
|
||||||
|
|
||||||
## Testing
|
## Testing
|
||||||
|
|
|
@ -23,7 +23,7 @@ locals {
|
||||||
tfvars = {
|
tfvars = {
|
||||||
cicd_repositories = merge(local.cicd_repositories_by_system["gitlab"], local.cicd_repositories_by_system["github"])
|
cicd_repositories = merge(local.cicd_repositories_by_system["gitlab"], local.cicd_repositories_by_system["github"])
|
||||||
cicd_ssh_urls = merge(local.gitlab_cicd_ssh, local.github_cicd_ssh)
|
cicd_ssh_urls = merge(local.gitlab_cicd_ssh, local.github_cicd_ssh)
|
||||||
cicd_https_urls = merge(local.gitlab_cicd_https, local.gitlab_cicd_https)
|
cicd_https_urls = merge(local.gitlab_cicd_https, local.github_cicd_https)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@ Since it's currently impossible to fetch those addresses using a GCP data source
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "dns-policy-addresses" {
|
module "dns-policy-addresses" {
|
||||||
source = "./modules/__experimental/net-dns-policy-addresses"
|
source = "./fabric/modules/__experimental/net-dns-policy-addresses"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
regions = ["europe-west1", "europe-west3"]
|
regions = ["europe-west1", "europe-west3"]
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,7 +7,7 @@ Note: this module will integrated into a general-purpose load balancing module i
|
||||||
## Example
|
## Example
|
||||||
```hcl
|
```hcl
|
||||||
module "neg" {
|
module "neg" {
|
||||||
source = "./modules/net-neg"
|
source = "./fabric/modules/net-neg"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
name = "myneg"
|
name = "myneg"
|
||||||
network = module.vpc.self_link
|
network = module.vpc.self_link
|
||||||
|
|
|
@ -6,7 +6,7 @@ This module allows creating an API with its associated API config and API gatewa
|
||||||
## Basic example
|
## Basic example
|
||||||
```hcl
|
```hcl
|
||||||
module "gateway" {
|
module "gateway" {
|
||||||
source = "./modules/api-gateway"
|
source = "./fabric/modules/api-gateway"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
api_id = "api"
|
api_id = "api"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
@ -21,7 +21,7 @@ module "gateway" {
|
||||||
## Basic example + customer service account
|
## Basic example + customer service account
|
||||||
```hcl
|
```hcl
|
||||||
module "gateway" {
|
module "gateway" {
|
||||||
source = "./modules/api-gateway"
|
source = "./fabric/modules/api-gateway"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
api_id = "api"
|
api_id = "api"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
@ -40,7 +40,7 @@ module "gateway" {
|
||||||
## Basic example + service account creation
|
## Basic example + service account creation
|
||||||
```hcl
|
```hcl
|
||||||
module "gateway" {
|
module "gateway" {
|
||||||
source = "./modules/api-gateway"
|
source = "./fabric/modules/api-gateway"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
api_id = "api"
|
api_id = "api"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module allows managing a single Apigee organization and its environments an
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "apigee-organization" {
|
module "apigee-organization" {
|
||||||
source = "./modules/apigee-organization"
|
source = "./fabric/modules/apigee-organization"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
analytics_region = "us-central1"
|
analytics_region = "us-central1"
|
||||||
runtime_type = "CLOUD"
|
runtime_type = "CLOUD"
|
||||||
|
@ -36,7 +36,7 @@ module "apigee-organization" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "apigee-organization" {
|
module "apigee-organization" {
|
||||||
source = "./modules/apigee-organization"
|
source = "./fabric/modules/apigee-organization"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
analytics_region = "us-central1"
|
analytics_region = "us-central1"
|
||||||
runtime_type = "CLOUD"
|
runtime_type = "CLOUD"
|
||||||
|
@ -76,7 +76,7 @@ module "apigee-organization" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "apigee-organization" {
|
module "apigee-organization" {
|
||||||
source = "./modules/apigee-organization"
|
source = "./fabric/modules/apigee-organization"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
analytics_region = "us-central1"
|
analytics_region = "us-central1"
|
||||||
runtime_type = "HYBRID"
|
runtime_type = "HYBRID"
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module allows managing a single Apigee X instance and its environment attac
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "apigee-x-instance" {
|
module "apigee-x-instance" {
|
||||||
source = "./modules/apigee-x-instance"
|
source = "./fabric/modules/apigee-x-instance"
|
||||||
name = "my-us-instance"
|
name = "my-us-instance"
|
||||||
region = "us-central1"
|
region = "us-central1"
|
||||||
ip_range = "10.0.0.0/22"
|
ip_range = "10.0.0.0/22"
|
||||||
|
@ -26,7 +26,7 @@ module "apigee-x-instance" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "apigee-x-instance" {
|
module "apigee-x-instance" {
|
||||||
source = "./modules/apigee-x-instance"
|
source = "./fabric/modules/apigee-x-instance"
|
||||||
name = "my-us-instance"
|
name = "my-us-instance"
|
||||||
region = "us-central1"
|
region = "us-central1"
|
||||||
ip_range = "10.0.0.0/22"
|
ip_range = "10.0.0.0/22"
|
||||||
|
|
|
@ -8,7 +8,7 @@ Note: Artifact Registry is still in beta, hence this module currently uses the b
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "docker_artifact_registry" {
|
module "docker_artifact_registry" {
|
||||||
source = "./modules/artifact-registry"
|
source = "./fabric/modules/artifact-registry"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
location = "europe-west1"
|
location = "europe-west1"
|
||||||
format = "DOCKER"
|
format = "DOCKER"
|
||||||
|
|
|
@ -19,7 +19,7 @@ The access variables are split into `access` and `access_identities` variables,
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "bigquery-dataset" {
|
module "bigquery-dataset" {
|
||||||
source = "./modules/bigquery-dataset"
|
source = "./fabric/modules/bigquery-dataset"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
id = "my-dataset"
|
id = "my-dataset"
|
||||||
access = {
|
access = {
|
||||||
|
@ -44,7 +44,7 @@ Access configuration can also be specified via IAM instead of basic roles via th
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "bigquery-dataset" {
|
module "bigquery-dataset" {
|
||||||
source = "./modules/bigquery-dataset"
|
source = "./fabric/modules/bigquery-dataset"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
id = "my-dataset"
|
id = "my-dataset"
|
||||||
iam = {
|
iam = {
|
||||||
|
@ -60,7 +60,7 @@ Dataset options are set via the `options` variable. all options must be specifie
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "bigquery-dataset" {
|
module "bigquery-dataset" {
|
||||||
source = "./modules/bigquery-dataset"
|
source = "./fabric/modules/bigquery-dataset"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
id = "my-dataset"
|
id = "my-dataset"
|
||||||
options = {
|
options = {
|
||||||
|
@ -85,7 +85,7 @@ locals {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "bigquery-dataset" {
|
module "bigquery-dataset" {
|
||||||
source = "./modules/bigquery-dataset"
|
source = "./fabric/modules/bigquery-dataset"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
id = "my_dataset"
|
id = "my_dataset"
|
||||||
tables = {
|
tables = {
|
||||||
|
@ -113,7 +113,7 @@ locals {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "bigquery-dataset" {
|
module "bigquery-dataset" {
|
||||||
source = "./modules/bigquery-dataset"
|
source = "./fabric/modules/bigquery-dataset"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
id = "my-dataset"
|
id = "my-dataset"
|
||||||
tables = {
|
tables = {
|
||||||
|
@ -145,7 +145,7 @@ locals {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "bigquery-dataset" {
|
module "bigquery-dataset" {
|
||||||
source = "./modules/bigquery-dataset"
|
source = "./fabric/modules/bigquery-dataset"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
id = "my_dataset"
|
id = "my_dataset"
|
||||||
tables = {
|
tables = {
|
||||||
|
|
|
@ -14,7 +14,7 @@ This module allows managing a single BigTable instance, including access configu
|
||||||
```hcl
|
```hcl
|
||||||
|
|
||||||
module "bigtable-instance" {
|
module "bigtable-instance" {
|
||||||
source = "./modules/bigtable-instance"
|
source = "./fabric/modules/bigtable-instance"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "instance"
|
name = "instance"
|
||||||
cluster_id = "instance"
|
cluster_id = "instance"
|
||||||
|
|
|
@ -15,7 +15,7 @@ Send a notification to an email when a set of projects reach $100 of spend.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "budget" {
|
module "budget" {
|
||||||
source = "./modules/billing-budget"
|
source = "./fabric/modules/billing-budget"
|
||||||
billing_account = var.billing_account_id
|
billing_account = var.billing_account_id
|
||||||
name = "$100 budget"
|
name = "$100 budget"
|
||||||
amount = 100
|
amount = 100
|
||||||
|
@ -42,7 +42,7 @@ Send a notification to a PubSub topic the total spend of a billing account reach
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "budget" {
|
module "budget" {
|
||||||
source = "./modules/billing-budget"
|
source = "./fabric/modules/billing-budget"
|
||||||
billing_account = var.billing_account_id
|
billing_account = var.billing_account_id
|
||||||
name = "previous period budget"
|
name = "previous period budget"
|
||||||
amount = 0
|
amount = 0
|
||||||
|
@ -54,7 +54,7 @@ module "budget" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "pubsub" {
|
module "pubsub" {
|
||||||
source = "./modules/pubsub"
|
source = "./fabric/modules/pubsub"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "budget-topic"
|
name = "budget-topic"
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module simplifies the creation of a Binary Authorization policy, attestors
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "binauthz" {
|
module "binauthz" {
|
||||||
source = "./modules/binauthz"
|
source = "./fabric/modules/binauthz"
|
||||||
project_id = "my_project"
|
project_id = "my_project"
|
||||||
global_policy_evaluation_mode = "DISABLE"
|
global_policy_evaluation_mode = "DISABLE"
|
||||||
default_admission_rule = {
|
default_admission_rule = {
|
||||||
|
|
|
@ -24,7 +24,7 @@ This example will create a `cloud-config` that uses the module's defaults, creat
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-coredns" {
|
module "cos-coredns" {
|
||||||
source = "./modules/cloud-config-container/coredns"
|
source = "./fabric/modules/cloud-config-container/coredns"
|
||||||
}
|
}
|
||||||
|
|
||||||
# use it as metadata in a compute instance or template
|
# use it as metadata in a compute instance or template
|
||||||
|
@ -40,8 +40,8 @@ This example will create a `cloud-config` using a custom CoreDNS configuration,
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-coredns" {
|
module "cos-coredns" {
|
||||||
source = "./modules/cloud-config-container/coredns"
|
source = "./fabric/modules/cloud-config-container/coredns"
|
||||||
coredns_config = "./modules/cloud-config-container/coredns/Corefile-hosts"
|
coredns_config = "./fabric/modules/cloud-config-container/coredns/Corefile-hosts"
|
||||||
files = {
|
files = {
|
||||||
"/etc/coredns/example.hosts" = {
|
"/etc/coredns/example.hosts" = {
|
||||||
content = "127.0.0.2 foo.example.org foo"
|
content = "127.0.0.2 foo.example.org foo"
|
||||||
|
@ -57,7 +57,7 @@ This example shows how to create the single instance optionally managed by the m
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-coredns" {
|
module "cos-coredns" {
|
||||||
source = "./modules/cloud-config-container/coredns"
|
source = "./fabric/modules/cloud-config-container/coredns"
|
||||||
test_instance = {
|
test_instance = {
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
|
|
|
@ -14,7 +14,7 @@ This example will create a `cloud-config` that starts [Envoy Proxy](https://www.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-envoy" {
|
module "cos-envoy" {
|
||||||
source = "./modules/cos-generic-metadata"
|
source = "./fabric/modules/cos-generic-metadata"
|
||||||
|
|
||||||
container_image = "envoyproxy/envoy:v1.14.1"
|
container_image = "envoyproxy/envoy:v1.14.1"
|
||||||
container_name = "envoy"
|
container_name = "envoy"
|
||||||
|
|
|
@ -13,12 +13,12 @@ This module depends on the [`cos-generic-metadata` module](../cos-generic-metada
|
||||||
```hcl
|
```hcl
|
||||||
# Envoy TD config
|
# Envoy TD config
|
||||||
module "cos-envoy-td" {
|
module "cos-envoy-td" {
|
||||||
source = "./modules/cloud-config-container/envoy-traffic-director"
|
source = "./fabric/modules/cloud-config-container/envoy-traffic-director"
|
||||||
}
|
}
|
||||||
|
|
||||||
# COS VM
|
# COS VM
|
||||||
module "vm-cos" {
|
module "vm-cos" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = local.project_id
|
project_id = local.project_id
|
||||||
zone = local.zone
|
zone = local.zone
|
||||||
name = "cos-envoy-td"
|
name = "cos-envoy-td"
|
||||||
|
|
|
@ -26,7 +26,7 @@ This example will create a `cloud-config` that uses the container's default conf
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-mysql" {
|
module "cos-mysql" {
|
||||||
source = "./modules/cos-container/mysql"
|
source = "./fabric/modules/cos-container/mysql"
|
||||||
mysql_password = "foo"
|
mysql_password = "foo"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -43,7 +43,7 @@ This example will create a `cloud-config` that uses a custom MySQL configuration
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-mysql" {
|
module "cos-mysql" {
|
||||||
source = "./modules/cos-container/mysql"
|
source = "./fabric/modules/cos-container/mysql"
|
||||||
mysql_config = "./my.cnf"
|
mysql_config = "./my.cnf"
|
||||||
mysql_password = "CiQAsd7WY=="
|
mysql_password = "CiQAsd7WY=="
|
||||||
kms_config = {
|
kms_config = {
|
||||||
|
@ -61,7 +61,7 @@ This example shows how to create the single instance optionally managed by the m
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-mysql" {
|
module "cos-mysql" {
|
||||||
source = "./modules/cos-container/mysql"
|
source = "./fabric/modules/cos-container/mysql"
|
||||||
mysql_password = "foo"
|
mysql_password = "foo"
|
||||||
test_instance = {
|
test_instance = {
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
|
|
|
@ -14,12 +14,12 @@ This module depends on the [`cos-generic-metadata` module](../cos-generic-metada
|
||||||
```hcl
|
```hcl
|
||||||
# Nginx with self-signed TLS config
|
# Nginx with self-signed TLS config
|
||||||
module "cos-nginx-tls" {
|
module "cos-nginx-tls" {
|
||||||
source = "./modules/cloud-config-container/nginx-tls"
|
source = "./fabric/modules/cloud-config-container/nginx-tls"
|
||||||
}
|
}
|
||||||
|
|
||||||
# COS VM
|
# COS VM
|
||||||
module "vm-nginx-tls" {
|
module "vm-nginx-tls" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = local.project_id
|
project_id = local.project_id
|
||||||
zone = local.zone
|
zone = local.zone
|
||||||
name = "cos-nginx-tls"
|
name = "cos-nginx-tls"
|
||||||
|
|
|
@ -24,7 +24,7 @@ This example will create a `cloud-config` that uses the module's defaults, creat
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
}
|
}
|
||||||
|
|
||||||
# use it as metadata in a compute instance or template
|
# use it as metadata in a compute instance or template
|
||||||
|
@ -40,7 +40,7 @@ This example shows how to create the single instance optionally managed by the m
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
test_instance = {
|
test_instance = {
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
|
|
|
@ -24,7 +24,7 @@ The test instance is optional, as described above.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cloud-vpn" {
|
module "cloud-vpn" {
|
||||||
source = "./modules/net-vpn-static"
|
source = "./fabric/modules/net-vpn-static"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
network = "my-vpc"
|
network = "my-vpc"
|
||||||
|
@ -41,7 +41,7 @@ module "cloud-vpn" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "on-prem" {
|
module "on-prem" {
|
||||||
source = "./modules/cos-container/on-prem"
|
source = "./fabric/modules/cos-container/on-prem"
|
||||||
name = "onprem"
|
name = "onprem"
|
||||||
vpn_config = {
|
vpn_config = {
|
||||||
type = "static"
|
type = "static"
|
||||||
|
|
|
@ -24,7 +24,7 @@ This example will create a `cloud-config` that allows any client in the 10.0.0.0
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-squid" {
|
module "cos-squid" {
|
||||||
source = "./modules/cloud-config-container/squid"
|
source = "./fabric/modules/cloud-config-container/squid"
|
||||||
whitelist = [".github.com"]
|
whitelist = [".github.com"]
|
||||||
clients = ["10.0.0.0/8"]
|
clients = ["10.0.0.0/8"]
|
||||||
}
|
}
|
||||||
|
@ -42,7 +42,7 @@ This example shows how to create the single instance optionally managed by the m
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-squid" {
|
module "cos-squid" {
|
||||||
source = "./modules/cloud-config-container/squid"
|
source = "./fabric/modules/cloud-config-container/squid"
|
||||||
whitelist = ["github.com"]
|
whitelist = ["github.com"]
|
||||||
clients = ["10.0.0.0/8"]
|
clients = ["10.0.0.0/8"]
|
||||||
test_instance = {
|
test_instance = {
|
||||||
|
|
|
@ -16,7 +16,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cf-http" {
|
module "cf-http" {
|
||||||
source = "./modules/cloud-function"
|
source = "./fabric/modules/cloud-function"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "test-cf-http"
|
name = "test-cf-http"
|
||||||
bucket_name = "test-cf-bundles"
|
bucket_name = "test-cf-bundles"
|
||||||
|
@ -35,7 +35,7 @@ Other trigger types other than HTTP are configured via the `trigger_config` vari
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cf-http" {
|
module "cf-http" {
|
||||||
source = "./modules/cloud-function"
|
source = "./fabric/modules/cloud-function"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "test-cf-http"
|
name = "test-cf-http"
|
||||||
bucket_name = "test-cf-bundles"
|
bucket_name = "test-cf-bundles"
|
||||||
|
@ -59,7 +59,7 @@ To allow anonymous access to the function, grant the `roles/cloudfunctions.invok
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cf-http" {
|
module "cf-http" {
|
||||||
source = "./modules/cloud-function"
|
source = "./fabric/modules/cloud-function"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "test-cf-http"
|
name = "test-cf-http"
|
||||||
bucket_name = "test-cf-bundles"
|
bucket_name = "test-cf-bundles"
|
||||||
|
@ -81,7 +81,7 @@ You can have the module auto-create the GCS bucket used for deployment via the `
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cf-http" {
|
module "cf-http" {
|
||||||
source = "./modules/cloud-function"
|
source = "./fabric/modules/cloud-function"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "test-cf-http"
|
name = "test-cf-http"
|
||||||
bucket_name = "test-cf-bundles"
|
bucket_name = "test-cf-bundles"
|
||||||
|
@ -104,7 +104,7 @@ To use a custom service account managed by the module, set `service_account_crea
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cf-http" {
|
module "cf-http" {
|
||||||
source = "./modules/cloud-function"
|
source = "./fabric/modules/cloud-function"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "test-cf-http"
|
name = "test-cf-http"
|
||||||
bucket_name = "test-cf-bundles"
|
bucket_name = "test-cf-bundles"
|
||||||
|
@ -122,7 +122,7 @@ To use an externally managed service account, pass its email in `service_account
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cf-http" {
|
module "cf-http" {
|
||||||
source = "./modules/cloud-function"
|
source = "./fabric/modules/cloud-function"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "test-cf-http"
|
name = "test-cf-http"
|
||||||
bucket_name = "test-cf-bundles"
|
bucket_name = "test-cf-bundles"
|
||||||
|
@ -142,7 +142,7 @@ In order to help prevent `archive_zip.output_md5` from changing cross platform (
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cf-http" {
|
module "cf-http" {
|
||||||
source = "./modules/cloud-function"
|
source = "./fabric/modules/cloud-function"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "test-cf-http"
|
name = "test-cf-http"
|
||||||
bucket_name = "test-cf-bundles"
|
bucket_name = "test-cf-bundles"
|
||||||
|
|
|
@ -17,7 +17,7 @@ Until that bug is fixed, this module will only support the creation of MEMBER an
|
||||||
### Simple Group
|
### Simple Group
|
||||||
```hcl
|
```hcl
|
||||||
module "group" {
|
module "group" {
|
||||||
source = "./modules/cloud-identity-group"
|
source = "./fabric/modules/cloud-identity-group"
|
||||||
customer_id = "customers/C01234567"
|
customer_id = "customers/C01234567"
|
||||||
name = "mygroup@example.com"
|
name = "mygroup@example.com"
|
||||||
display_name = "My group name"
|
display_name = "My group name"
|
||||||
|
@ -34,7 +34,7 @@ module "group" {
|
||||||
### Group with managers
|
### Group with managers
|
||||||
```hcl
|
```hcl
|
||||||
module "group" {
|
module "group" {
|
||||||
source = "./modules/cloud-identity-group"
|
source = "./fabric/modules/cloud-identity-group"
|
||||||
customer_id = "customers/C01234567"
|
customer_id = "customers/C01234567"
|
||||||
name = "mygroup2@example.com"
|
name = "mygroup2@example.com"
|
||||||
display_name = "My group name 2"
|
display_name = "My group name 2"
|
||||||
|
|
|
@ -10,7 +10,7 @@ This deploys a Cloud Run service and sets some environment variables.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cloud_run" {
|
module "cloud_run" {
|
||||||
source = "./modules/cloud-run"
|
source = "./fabric/modules/cloud-run"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "hello"
|
name = "hello"
|
||||||
containers = [{
|
containers = [{
|
||||||
|
@ -36,7 +36,7 @@ module "cloud_run" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cloud_run" {
|
module "cloud_run" {
|
||||||
source = "./modules/cloud-run"
|
source = "./fabric/modules/cloud-run"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "hello"
|
name = "hello"
|
||||||
containers = [{
|
containers = [{
|
||||||
|
@ -64,7 +64,7 @@ module "cloud_run" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cloud_run" {
|
module "cloud_run" {
|
||||||
source = "./modules/cloud-run"
|
source = "./fabric/modules/cloud-run"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "hello"
|
name = "hello"
|
||||||
region = var.region
|
region = var.region
|
||||||
|
@ -98,7 +98,7 @@ This deploys a Cloud Run service with traffic split between two revisions.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cloud_run" {
|
module "cloud_run" {
|
||||||
source = "./modules/cloud-run"
|
source = "./fabric/modules/cloud-run"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "hello"
|
name = "hello"
|
||||||
revision_name = "green"
|
revision_name = "green"
|
||||||
|
@ -123,7 +123,7 @@ This deploys a Cloud Run service that will be triggered when messages are publis
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cloud_run" {
|
module "cloud_run" {
|
||||||
source = "./modules/cloud-run"
|
source = "./fabric/modules/cloud-run"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "hello"
|
name = "hello"
|
||||||
containers = [{
|
containers = [{
|
||||||
|
@ -147,7 +147,7 @@ This deploys a Cloud Run service that will be triggered when specific log events
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cloud_run" {
|
module "cloud_run" {
|
||||||
source = "./modules/cloud-run"
|
source = "./fabric/modules/cloud-run"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "hello"
|
name = "hello"
|
||||||
containers = [{
|
containers = [{
|
||||||
|
@ -173,7 +173,7 @@ To use a custom service account managed by the module, set `service_account_crea
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cloud_run" {
|
module "cloud_run" {
|
||||||
source = "./modules/cloud-run"
|
source = "./fabric/modules/cloud-run"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "hello"
|
name = "hello"
|
||||||
containers = [{
|
containers = [{
|
||||||
|
@ -192,7 +192,7 @@ To use an externally managed service account, pass its email in `service_account
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cloud_run" {
|
module "cloud_run" {
|
||||||
source = "./modules/cloud-run"
|
source = "./fabric/modules/cloud-run"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "hello"
|
name = "hello"
|
||||||
containers = [{
|
containers = [{
|
||||||
|
|
|
@ -12,7 +12,7 @@ This example shows how to setup a project, VPC and a standalone Cloud SQL instan
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
billing_account = var.billing_account_id
|
billing_account = var.billing_account_id
|
||||||
parent = var.organization_id
|
parent = var.organization_id
|
||||||
name = "my-db-project"
|
name = "my-db-project"
|
||||||
|
@ -22,7 +22,7 @@ module "project" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
psa_config = {
|
psa_config = {
|
||||||
|
@ -32,7 +32,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "db" {
|
module "db" {
|
||||||
source = "./modules/cloudsql-instance"
|
source = "./fabric/modules/cloudsql-instance"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
network = module.vpc.self_link
|
network = module.vpc.self_link
|
||||||
name = "db"
|
name = "db"
|
||||||
|
@ -47,7 +47,7 @@ module "db" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "db" {
|
module "db" {
|
||||||
source = "./modules/cloudsql-instance"
|
source = "./fabric/modules/cloudsql-instance"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
network = var.vpc.self_link
|
network = var.vpc.self_link
|
||||||
name = "db"
|
name = "db"
|
||||||
|
@ -67,7 +67,7 @@ module "db" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "db" {
|
module "db" {
|
||||||
source = "./modules/cloudsql-instance"
|
source = "./fabric/modules/cloudsql-instance"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
network = var.vpc.self_link
|
network = var.vpc.self_link
|
||||||
name = "db"
|
name = "db"
|
||||||
|
@ -98,7 +98,7 @@ module "db" {
|
||||||
```hcl
|
```hcl
|
||||||
|
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
billing_account = var.billing_account_id
|
billing_account = var.billing_account_id
|
||||||
parent = var.organization_id
|
parent = var.organization_id
|
||||||
name = "my-db-project"
|
name = "my-db-project"
|
||||||
|
@ -109,7 +109,7 @@ module "project" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "kms" {
|
module "kms" {
|
||||||
source = "./modules/kms"
|
source = "./fabric/modules/kms"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
keyring = {
|
keyring = {
|
||||||
name = "keyring"
|
name = "keyring"
|
||||||
|
@ -128,7 +128,7 @@ module "kms" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "db" {
|
module "db" {
|
||||||
source = "./modules/cloudsql-instance"
|
source = "./fabric/modules/cloudsql-instance"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
encryption_key_name = module.kms.keys["key-sql"].id
|
encryption_key_name = module.kms.keys["key-sql"].id
|
||||||
network = var.vpc.self_link
|
network = var.vpc.self_link
|
||||||
|
|
|
@ -12,11 +12,11 @@ This example shows how to manage a simple MIG that leverages the `compute-vm` mo
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-template" {
|
module "nginx-template" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "nginx-template"
|
name = "nginx-template"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
|
@ -39,7 +39,7 @@ module "nginx-template" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-mig" {
|
module "nginx-mig" {
|
||||||
source = "./modules/compute-mig"
|
source = "./fabric/modules/compute-mig"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
name = "mig-test"
|
name = "mig-test"
|
||||||
|
@ -58,11 +58,11 @@ If multiple versions are desired, use more `compute-vm` instances for the additi
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-template" {
|
module "nginx-template" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "nginx-template"
|
name = "nginx-template"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
|
@ -85,7 +85,7 @@ module "nginx-template" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-mig" {
|
module "nginx-mig" {
|
||||||
source = "./modules/compute-mig"
|
source = "./fabric/modules/compute-mig"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
name = "mig-test"
|
name = "mig-test"
|
||||||
|
@ -111,11 +111,11 @@ Autohealing policies can use an externally defined health check, or have this mo
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-template" {
|
module "nginx-template" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "nginx-template"
|
name = "nginx-template"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
|
@ -138,7 +138,7 @@ module "nginx-template" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-mig" {
|
module "nginx-mig" {
|
||||||
source = "./modules/compute-mig"
|
source = "./fabric/modules/compute-mig"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
name = "mig-test"
|
name = "mig-test"
|
||||||
|
@ -167,11 +167,11 @@ The module can create and manage an autoscaler associated with the MIG. When usi
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-template" {
|
module "nginx-template" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "nginx-template"
|
name = "nginx-template"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
|
@ -194,7 +194,7 @@ module "nginx-template" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-mig" {
|
module "nginx-mig" {
|
||||||
source = "./modules/compute-mig"
|
source = "./fabric/modules/compute-mig"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
name = "mig-test"
|
name = "mig-test"
|
||||||
|
@ -219,11 +219,11 @@ module "nginx-mig" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-template" {
|
module "nginx-template" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "nginx-template"
|
name = "nginx-template"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
|
@ -246,7 +246,7 @@ module "nginx-template" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-mig" {
|
module "nginx-mig" {
|
||||||
source = "./modules/compute-mig"
|
source = "./fabric/modules/compute-mig"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
name = "mig-test"
|
name = "mig-test"
|
||||||
|
@ -281,11 +281,11 @@ Note that when referencing the stateful disk, you use `device_name` and not `dis
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-template" {
|
module "nginx-template" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "nginx-template"
|
name = "nginx-template"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
|
@ -319,7 +319,7 @@ module "nginx-template" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-mig" {
|
module "nginx-mig" {
|
||||||
source = "./modules/compute-mig"
|
source = "./fabric/modules/compute-mig"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
name = "mig-test"
|
name = "mig-test"
|
||||||
|
@ -358,11 +358,11 @@ Note that you will need to know the instance name in order to use this configura
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-template" {
|
module "nginx-template" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "nginx-template"
|
name = "nginx-template"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
|
@ -396,7 +396,7 @@ module "nginx-template" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "nginx-mig" {
|
module "nginx-mig" {
|
||||||
source = "./modules/compute-mig"
|
source = "./fabric/modules/compute-mig"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
name = "mig-test"
|
name = "mig-test"
|
||||||
|
|
|
@ -15,7 +15,7 @@ The simplest example leverages defaults for the boot disk image and size, and us
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "simple-vm-example" {
|
module "simple-vm-example" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
name = "test"
|
name = "test"
|
||||||
|
@ -37,7 +37,7 @@ module "simple-vm-example" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "spot-vm-example" {
|
module "spot-vm-example" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
name = "test"
|
name = "test"
|
||||||
|
@ -72,7 +72,7 @@ This is an example of attaching a pre-existing regional PD to a new instance:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "simple-vm-example" {
|
module "simple-vm-example" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
zone = "${var.region}-b"
|
zone = "${var.region}-b"
|
||||||
name = "test"
|
name = "test"
|
||||||
|
@ -102,7 +102,7 @@ And the same example for an instance template (where not using the full self lin
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "simple-vm-example" {
|
module "simple-vm-example" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
zone = "${var.region}-b"
|
zone = "${var.region}-b"
|
||||||
name = "test"
|
name = "test"
|
||||||
|
@ -135,7 +135,7 @@ This example shows how to control disk encryption via the the `encryption` varia
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "kms-vm-example" {
|
module "kms-vm-example" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
name = "kms-test"
|
name = "kms-test"
|
||||||
|
@ -175,7 +175,7 @@ This example shows how to add additional [Alias IPs](https://cloud.google.com/vp
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vm-with-alias-ips" {
|
module "vm-with-alias-ips" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
name = "test"
|
name = "test"
|
||||||
|
@ -224,7 +224,7 @@ resource "google_compute_image" "cos-gvnic" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vm-with-gvnic" {
|
module "vm-with-gvnic" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
name = "test"
|
name = "test"
|
||||||
|
@ -256,7 +256,7 @@ This example shows how to use the module to manage an instance template that def
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-test" {
|
module "cos-test" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
name = "test"
|
name = "test"
|
||||||
|
@ -296,7 +296,7 @@ locals {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "instance-group" {
|
module "instance-group" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
zone = "europe-west1-b"
|
zone = "europe-west1-b"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
|
|
|
@ -6,7 +6,7 @@ This module simplifies the creation of GCS buckets used by Google Container Regi
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "container_registry" {
|
module "container_registry" {
|
||||||
source = "./modules/container-registry"
|
source = "./fabric/modules/container-registry"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
location = "EU"
|
location = "EU"
|
||||||
iam = {
|
iam = {
|
||||||
|
|
|
@ -9,7 +9,7 @@ Note: Data Catalog is still in beta, hence this module currently uses the beta p
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cmn-dc" {
|
module "cmn-dc" {
|
||||||
source = "./modules/data-catalog-policy-tag"
|
source = "./fabric/modules/data-catalog-policy-tag"
|
||||||
name = "my-datacatalog-policy-tags"
|
name = "my-datacatalog-policy-tags"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
tags = {
|
tags = {
|
||||||
|
@ -23,7 +23,7 @@ module "cmn-dc" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cmn-dc" {
|
module "cmn-dc" {
|
||||||
source = "./modules/data-catalog-policy-tag"
|
source = "./fabric/modules/data-catalog-policy-tag"
|
||||||
name = "my-datacatalog-policy-tags"
|
name = "my-datacatalog-policy-tags"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
tags = {
|
tags = {
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module allows simple management of ['Google Data Fusion'](https://cloud.goo
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "datafusion" {
|
module "datafusion" {
|
||||||
source = "./modules/datafusion"
|
source = "./fabric/modules/datafusion"
|
||||||
name = "my-datafusion"
|
name = "my-datafusion"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
|
@ -23,7 +23,7 @@ module "datafusion" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "datafusion" {
|
module "datafusion" {
|
||||||
source = "./modules/datafusion"
|
source = "./fabric/modules/datafusion"
|
||||||
name = "my-datafusion"
|
name = "my-datafusion"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
|
|
|
@ -10,7 +10,7 @@ For DNSSEC configuration, refer to the [`dns_managed_zone` documentation](https:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "private-dns" {
|
module "private-dns" {
|
||||||
source = "./modules/dns"
|
source = "./fabric/modules/dns"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
type = "private"
|
type = "private"
|
||||||
name = "test-example"
|
name = "test-example"
|
||||||
|
@ -27,7 +27,7 @@ module "private-dns" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "private-dns" {
|
module "private-dns" {
|
||||||
source = "./modules/dns"
|
source = "./fabric/modules/dns"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
type = "forwarding"
|
type = "forwarding"
|
||||||
name = "test-example"
|
name = "test-example"
|
||||||
|
@ -42,7 +42,7 @@ module "private-dns" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "private-dns" {
|
module "private-dns" {
|
||||||
source = "./modules/dns"
|
source = "./fabric/modules/dns"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
type = "peering"
|
type = "peering"
|
||||||
name = "test-example"
|
name = "test-example"
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module allows simple management of ['Google Cloud Endpoints'](https://cloud
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "endpoint" {
|
module "endpoint" {
|
||||||
source = "./modules/endpoints"
|
source = "./fabric/modules/endpoints"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
service_name = "YOUR-API.endpoints.YOUR-PROJECT-ID.cloud.goog"
|
service_name = "YOUR-API.endpoints.YOUR-PROJECT-ID.cloud.goog"
|
||||||
openapi_config = { "yaml_path" = "openapi.yaml" }
|
openapi_config = { "yaml_path" = "openapi.yaml" }
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module allows the creation and management of folders, including support for
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "folder" {
|
module "folder" {
|
||||||
source = "./modules/folder"
|
source = "./fabric/modules/folder"
|
||||||
parent = "organizations/1234567890"
|
parent = "organizations/1234567890"
|
||||||
name = "Folder name"
|
name = "Folder name"
|
||||||
group_iam = {
|
group_iam = {
|
||||||
|
@ -28,7 +28,7 @@ module "folder" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "folder" {
|
module "folder" {
|
||||||
source = "./modules/folder"
|
source = "./fabric/modules/folder"
|
||||||
parent = "organizations/1234567890"
|
parent = "organizations/1234567890"
|
||||||
name = "Folder name"
|
name = "Folder name"
|
||||||
policy_boolean = {
|
policy_boolean = {
|
||||||
|
@ -53,7 +53,7 @@ In the same way as for the [organization](../organization) module, the in-built
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "folder" {
|
module "folder" {
|
||||||
source = "./modules/folder"
|
source = "./fabric/modules/folder"
|
||||||
parent = "organizations/1234567890"
|
parent = "organizations/1234567890"
|
||||||
name = "Folder name"
|
name = "Folder name"
|
||||||
firewall_policy_factory = {
|
firewall_policy_factory = {
|
||||||
|
@ -109,33 +109,33 @@ allow-ssh-from-iap:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "gcs" {
|
module "gcs" {
|
||||||
source = "./modules/gcs"
|
source = "./fabric/modules/gcs"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "gcs_sink"
|
name = "gcs_sink"
|
||||||
force_destroy = true
|
force_destroy = true
|
||||||
}
|
}
|
||||||
|
|
||||||
module "dataset" {
|
module "dataset" {
|
||||||
source = "./modules/bigquery-dataset"
|
source = "./fabric/modules/bigquery-dataset"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
id = "bq_sink"
|
id = "bq_sink"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "pubsub" {
|
module "pubsub" {
|
||||||
source = "./modules/pubsub"
|
source = "./fabric/modules/pubsub"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "pubsub_sink"
|
name = "pubsub_sink"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "bucket" {
|
module "bucket" {
|
||||||
source = "./modules/logging-bucket"
|
source = "./fabric/modules/logging-bucket"
|
||||||
parent_type = "project"
|
parent_type = "project"
|
||||||
parent = "my-project"
|
parent = "my-project"
|
||||||
id = "bucket"
|
id = "bucket"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "folder-sink" {
|
module "folder-sink" {
|
||||||
source = "./modules/folder"
|
source = "./fabric/modules/folder"
|
||||||
parent = "folders/657104291943"
|
parent = "folders/657104291943"
|
||||||
name = "my-folder"
|
name = "my-folder"
|
||||||
logging_sinks = {
|
logging_sinks = {
|
||||||
|
@ -181,7 +181,7 @@ module "folder-sink" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "folder1" {
|
module "folder1" {
|
||||||
source = "./modules/folder"
|
source = "./fabric/modules/folder"
|
||||||
parent = var.organization_id
|
parent = var.organization_id
|
||||||
name = "policy-container"
|
name = "policy-container"
|
||||||
|
|
||||||
|
@ -206,7 +206,7 @@ module "folder1" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "folder2" {
|
module "folder2" {
|
||||||
source = "./modules/folder"
|
source = "./fabric/modules/folder"
|
||||||
parent = var.organization_id
|
parent = var.organization_id
|
||||||
name = "hf2"
|
name = "hf2"
|
||||||
firewall_policy_association = {
|
firewall_policy_association = {
|
||||||
|
@ -222,7 +222,7 @@ Refer to the [Creating and managing tags](https://cloud.google.com/resource-mana
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "org" {
|
module "org" {
|
||||||
source = "./modules/organization"
|
source = "./fabric/modules/organization"
|
||||||
organization_id = var.organization_id
|
organization_id = var.organization_id
|
||||||
tags = {
|
tags = {
|
||||||
environment = {
|
environment = {
|
||||||
|
@ -237,7 +237,7 @@ module "org" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "folder" {
|
module "folder" {
|
||||||
source = "./modules/folder"
|
source = "./fabric/modules/folder"
|
||||||
name = "Test"
|
name = "Test"
|
||||||
parent = module.org.organization_id
|
parent = module.org.organization_id
|
||||||
tag_bindings = {
|
tag_bindings = {
|
||||||
|
|
|
@ -6,7 +6,7 @@ This module allows creation and management of an organizational hierarchy "unit"
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "folders-unit" {
|
module "folders-unit" {
|
||||||
source = "./modules/folders-unit"
|
source = "./fabric/modules/folders-unit"
|
||||||
name = "Business Intelligence"
|
name = "Business Intelligence"
|
||||||
short_name = "bi"
|
short_name = "bi"
|
||||||
automation_project_id = "automation-project-394yr923811"
|
automation_project_id = "automation-project-394yr923811"
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "bucket" {
|
module "bucket" {
|
||||||
source = "./modules/gcs"
|
source = "./fabric/modules/gcs"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
prefix = "test"
|
prefix = "test"
|
||||||
name = "my-bucket"
|
name = "my-bucket"
|
||||||
|
@ -18,7 +18,7 @@ module "bucket" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "bucket" {
|
module "bucket" {
|
||||||
source = "./modules/gcs"
|
source = "./fabric/modules/gcs"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
prefix = "test"
|
prefix = "test"
|
||||||
name = "my-bucket"
|
name = "my-bucket"
|
||||||
|
@ -34,7 +34,7 @@ module "bucket" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "bucket" {
|
module "bucket" {
|
||||||
source = "./modules/gcs"
|
source = "./fabric/modules/gcs"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
prefix = "test"
|
prefix = "test"
|
||||||
name = "my-bucket"
|
name = "my-bucket"
|
||||||
|
@ -59,7 +59,7 @@ module "bucket" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "bucket" {
|
module "bucket" {
|
||||||
source = "./modules/gcs"
|
source = "./fabric/modules/gcs"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
prefix = "test"
|
prefix = "test"
|
||||||
name = "my-bucket"
|
name = "my-bucket"
|
||||||
|
@ -91,7 +91,7 @@ module "bucket" {
|
||||||
### Minimal example with GCS notifications
|
### Minimal example with GCS notifications
|
||||||
```hcl
|
```hcl
|
||||||
module "bucket-gcs-notification" {
|
module "bucket-gcs-notification" {
|
||||||
source = "./modules/gcs"
|
source = "./fabric/modules/gcs"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
prefix = "test"
|
prefix = "test"
|
||||||
name = "my-bucket"
|
name = "my-bucket"
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module allows simplified creation and management of GKE clusters and should
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cluster-1" {
|
module "cluster-1" {
|
||||||
source = "./modules/gke-cluster"
|
source = "./fabric/modules/gke-cluster"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
name = "cluster-1"
|
name = "cluster-1"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
|
@ -37,7 +37,7 @@ module "cluster-1" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cluster-1" {
|
module "cluster-1" {
|
||||||
source = "./modules/gke-cluster"
|
source = "./fabric/modules/gke-cluster"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
name = "cluster-1"
|
name = "cluster-1"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
|
|
|
@ -17,7 +17,7 @@ To use this module you must ensure the following APIs are enabled in the target
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
billing_account = var.billing_account_id
|
billing_account = var.billing_account_id
|
||||||
name = "gkehub-test"
|
name = "gkehub-test"
|
||||||
parent = "folders/12345"
|
parent = "folders/12345"
|
||||||
|
@ -33,7 +33,7 @@ module "project" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
name = "network"
|
name = "network"
|
||||||
subnets = [{
|
subnets = [{
|
||||||
|
@ -48,7 +48,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "cluster_1" {
|
module "cluster_1" {
|
||||||
source = "./modules/gke-cluster"
|
source = "./fabric/modules/gke-cluster"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
name = "cluster-1"
|
name = "cluster-1"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
|
@ -67,7 +67,7 @@ module "cluster_1" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "hub" {
|
module "hub" {
|
||||||
source = "./modules/gke-hub"
|
source = "./fabric/modules/gke-hub"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
clusters = {
|
clusters = {
|
||||||
cluster-1 = module.cluster_1.id
|
cluster-1 = module.cluster_1.id
|
||||||
|
@ -124,7 +124,7 @@ module "hub" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
billing_account = "123-456-789"
|
billing_account = "123-456-789"
|
||||||
name = "gkehub-test"
|
name = "gkehub-test"
|
||||||
parent = "folders/12345"
|
parent = "folders/12345"
|
||||||
|
@ -140,7 +140,7 @@ module "project" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
name = "vpc"
|
name = "vpc"
|
||||||
mtu = 1500
|
mtu = 1500
|
||||||
|
@ -173,7 +173,7 @@ module "vpc" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "firewall" {
|
module "firewall" {
|
||||||
source = "./modules/net-vpc-firewall"
|
source = "./fabric/modules/net-vpc-firewall"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
network = module.vpc.name
|
network = module.vpc.name
|
||||||
custom_rules = {
|
custom_rules = {
|
||||||
|
@ -225,7 +225,7 @@ module "firewall" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "cluster_1" {
|
module "cluster_1" {
|
||||||
source = "./modules/gke-cluster"
|
source = "./fabric/modules/gke-cluster"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
name = "cluster-1"
|
name = "cluster-1"
|
||||||
location = "europe-wes1"
|
location = "europe-wes1"
|
||||||
|
@ -252,7 +252,7 @@ module "cluster_1" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "cluster_1_nodepool" {
|
module "cluster_1_nodepool" {
|
||||||
source = "./modules/gke-nodepool"
|
source = "./fabric/modules/gke-nodepool"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
cluster_name = module.cluster_1.name
|
cluster_name = module.cluster_1.name
|
||||||
location = "europe-west1"
|
location = "europe-west1"
|
||||||
|
@ -264,7 +264,7 @@ module "cluster_1_nodepool" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "cluster_2" {
|
module "cluster_2" {
|
||||||
source = "./modules/gke-cluster"
|
source = "./fabric/modules/gke-cluster"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
name = "cluster-1"
|
name = "cluster-1"
|
||||||
location = "europe-wes1"
|
location = "europe-wes1"
|
||||||
|
@ -291,7 +291,7 @@ module "cluster_2" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "cluster_2_nodepool" {
|
module "cluster_2_nodepool" {
|
||||||
source = "./modules/gke-nodepool"
|
source = "./fabric/modules/gke-nodepool"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
cluster_name = module.cluster_2.name
|
cluster_name = module.cluster_2.name
|
||||||
location = "europe-west4"
|
location = "europe-west4"
|
||||||
|
@ -304,7 +304,7 @@ module "cluster_2_nodepool" {
|
||||||
|
|
||||||
|
|
||||||
module "hub" {
|
module "hub" {
|
||||||
source = "./modules/gke-hub"
|
source = "./fabric/modules/gke-hub"
|
||||||
project_id = module.project.project_id
|
project_id = module.project.project_id
|
||||||
clusters = {
|
clusters = {
|
||||||
cluster-1 = module.cluster_1.id
|
cluster-1 = module.cluster_1.id
|
||||||
|
|
|
@ -10,7 +10,7 @@ If no specific node configuration is set via variables, the module uses the prov
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cluster-1-nodepool-1" {
|
module "cluster-1-nodepool-1" {
|
||||||
source = "./modules/gke-nodepool"
|
source = "./fabric/modules/gke-nodepool"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
cluster_name = "cluster-1"
|
cluster_name = "cluster-1"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
|
@ -24,7 +24,7 @@ To have the module auto-create a service account for the nodes, set the `node_se
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cluster-1-nodepool-1" {
|
module "cluster-1-nodepool-1" {
|
||||||
source = "./modules/gke-nodepool"
|
source = "./fabric/modules/gke-nodepool"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
cluster_name = "cluster-1"
|
cluster_name = "cluster-1"
|
||||||
location = "europe-west1-b"
|
location = "europe-west1-b"
|
||||||
|
|
|
@ -8,7 +8,7 @@ Note that this module does not fully comply with our design principles, as outpu
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "myproject-default-service-accounts" {
|
module "myproject-default-service-accounts" {
|
||||||
source = "./modules/iam-service-account"
|
source = "./fabric/modules/iam-service-account"
|
||||||
project_id = "myproject"
|
project_id = "myproject"
|
||||||
name = "vm-default"
|
name = "vm-default"
|
||||||
generate_key = true
|
generate_key = true
|
||||||
|
|
|
@ -44,7 +44,7 @@ device_2:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "iot-platform" {
|
module "iot-platform" {
|
||||||
source = "./modules/iot-core"
|
source = "./fabric/modules/iot-core"
|
||||||
project_id = "my_project_id"
|
project_id = "my_project_id"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
telemetry_pubsub_topic_id = "telemetry_topic_id"
|
telemetry_pubsub_topic_id = "telemetry_topic_id"
|
||||||
|
@ -67,7 +67,7 @@ If you need to match specific MQTT topics (eg, /temperature) into specific PubSu
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "iot-platform" {
|
module "iot-platform" {
|
||||||
source = "./modules/iot-core"
|
source = "./fabric/modules/iot-core"
|
||||||
project_id = "my_project_id"
|
project_id = "my_project_id"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
telemetry_pubsub_topic_id = "telemetry_topic_id"
|
telemetry_pubsub_topic_id = "telemetry_topic_id"
|
||||||
|
@ -99,7 +99,7 @@ In this example, we will show how to extend the **[Data Foundations Platform](..
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "iot-platform" {
|
module "iot-platform" {
|
||||||
source = "./modules/iot-core"
|
source = "./fabric/modules/iot-core"
|
||||||
project_id = "landing-project-id"
|
project_id = "landing-project-id"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
telemetry_pubsub_topic_id = "landing_pubsub_topic_id"
|
telemetry_pubsub_topic_id = "landing_pubsub_topic_id"
|
||||||
|
|
|
@ -14,7 +14,7 @@ In this module **no lifecycle blocks are set on resources to prevent destroy**,
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "kms" {
|
module "kms" {
|
||||||
source = "./modules/kms"
|
source = "./fabric/modules/kms"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
iam = {
|
iam = {
|
||||||
"roles/cloudkms.admin" = ["user:user1@example.com"]
|
"roles/cloudkms.admin" = ["user:user1@example.com"]
|
||||||
|
@ -30,7 +30,7 @@ module "kms" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "kms" {
|
module "kms" {
|
||||||
source = "./modules/kms"
|
source = "./fabric/modules/kms"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
iam_additive = {
|
iam_additive = {
|
||||||
"roles/cloudkms.cryptoKeyEncrypterDecrypter" = [
|
"roles/cloudkms.cryptoKeyEncrypterDecrypter" = [
|
||||||
|
@ -63,7 +63,7 @@ module "kms" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "kms" {
|
module "kms" {
|
||||||
source = "./modules/kms"
|
source = "./fabric/modules/kms"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
key_purpose = {
|
key_purpose = {
|
||||||
key-c = {
|
key-c = {
|
||||||
|
|
|
@ -12,7 +12,7 @@ See also the `logging_sinks` argument within the [project](../project/), [folder
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "bucket" {
|
module "bucket" {
|
||||||
source = "./modules/logging-bucket"
|
source = "./fabric/modules/logging-bucket"
|
||||||
parent_type = "project"
|
parent_type = "project"
|
||||||
parent = var.project_id
|
parent = var.project_id
|
||||||
id = "mybucket"
|
id = "mybucket"
|
||||||
|
@ -25,13 +25,13 @@ module "bucket" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "folder" {
|
module "folder" {
|
||||||
source = "./modules/folder"
|
source = "./fabric/modules/folder"
|
||||||
parent = "folders/657104291943"
|
parent = "folders/657104291943"
|
||||||
name = "my folder"
|
name = "my folder"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "bucket-default" {
|
module "bucket-default" {
|
||||||
source = "./modules/logging-bucket"
|
source = "./fabric/modules/logging-bucket"
|
||||||
parent_type = "folder"
|
parent_type = "folder"
|
||||||
parent = module.folder.id
|
parent = module.folder.id
|
||||||
id = "_Default"
|
id = "_Default"
|
||||||
|
|
|
@ -14,7 +14,7 @@ In its default configuration, the module supports an option prefix and suffix, a
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "names-org" {
|
module "names-org" {
|
||||||
source = "./modules/naming-convention"
|
source = "./fabric/modules/naming-convention"
|
||||||
prefix = "myco"
|
prefix = "myco"
|
||||||
environment = "dev"
|
environment = "dev"
|
||||||
team = "cloud"
|
team = "cloud"
|
||||||
|
@ -30,7 +30,7 @@ module "names-org" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "project-tf" {
|
module "project-tf" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
# myco-cloud-dev-tf
|
# myco-cloud-dev-tf
|
||||||
name = module.names-org.names.project.tf
|
name = module.names-org.names.project.tf
|
||||||
# { environment = "dev", scope = "global", team = "cloud" }
|
# { environment = "dev", scope = "global", team = "cloud" }
|
||||||
|
@ -42,7 +42,7 @@ You can also enable resource type naming, useful with some legacy CMDB setups. W
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "names-org" {
|
module "names-org" {
|
||||||
source = "./modules/naming-convention"
|
source = "./fabric/modules/naming-convention"
|
||||||
prefix = "myco"
|
prefix = "myco"
|
||||||
environment = "dev"
|
environment = "dev"
|
||||||
team = "cloud"
|
team = "cloud"
|
||||||
|
@ -59,7 +59,7 @@ module "names-org" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "project-tf" {
|
module "project-tf" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
# prj-myco-cloud-dev-tf
|
# prj-myco-cloud-dev-tf
|
||||||
name = module.names-org.names.prj.tf
|
name = module.names-org.names.prj.tf
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module allows reserving Compute Engine external, global, and internal addre
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "addresses" {
|
module "addresses" {
|
||||||
source = "./modules/net-address"
|
source = "./fabric/modules/net-address"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
external_addresses = {
|
external_addresses = {
|
||||||
nat-1 = var.region
|
nat-1 = var.region
|
||||||
|
@ -23,7 +23,7 @@ module "addresses" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "addresses" {
|
module "addresses" {
|
||||||
source = "./modules/net-address"
|
source = "./fabric/modules/net-address"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
internal_addresses = {
|
internal_addresses = {
|
||||||
ilb-1 = {
|
ilb-1 = {
|
||||||
|
@ -51,7 +51,7 @@ module "addresses" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "addresses" {
|
module "addresses" {
|
||||||
source = "./modules/net-address"
|
source = "./fabric/modules/net-address"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
psa_addresses = {
|
psa_addresses = {
|
||||||
cloudsql-mysql = {
|
cloudsql-mysql = {
|
||||||
|
@ -68,7 +68,7 @@ module "addresses" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "addresses" {
|
module "addresses" {
|
||||||
source = "./modules/net-address"
|
source = "./fabric/modules/net-address"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
psc_addresses = {
|
psc_addresses = {
|
||||||
one = {
|
one = {
|
||||||
|
|
|
@ -6,7 +6,7 @@ Simple Cloud NAT management, with optional router creation.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "nat" {
|
module "nat" {
|
||||||
source = "./modules/net-cloudnat"
|
source = "./fabric/modules/net-cloudnat"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
name = "default"
|
name = "default"
|
||||||
|
|
|
@ -10,7 +10,7 @@ This is a minimal example, which creates a global HTTP load balancer, pointing t
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -35,7 +35,7 @@ A very similar coniguration also applies to GCE instance groups:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -72,7 +72,7 @@ For example, to contextually create a health check and attach it to the backend
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -117,7 +117,7 @@ Serverless backends can also be used, as shown in the example below.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -163,7 +163,7 @@ Backends can be multiple, group and bucket backends can be mixed and group backe
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -227,7 +227,7 @@ In this example, we're using one backend service as the default backend
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -295,7 +295,7 @@ Optionally, a static IP address can be reserved:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -332,7 +332,7 @@ If no `ssl_certificates_config` variable is specified, a managed certificate for
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -366,7 +366,7 @@ If the ids specified in the `target_proxy_https_config` variable are not found i
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -414,7 +414,7 @@ Using unamanged certificates is also possible. Here is an example:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
|
|
||||||
|
@ -487,7 +487,7 @@ You can also use regional load balancing by specifying a `region` parameter:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "glb" {
|
module "glb" {
|
||||||
source = "./modules/net-glb"
|
source = "./fabric/modules/net-glb"
|
||||||
name = "glb-test"
|
name = "glb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = var.region
|
region = var.region
|
||||||
|
|
|
@ -11,7 +11,7 @@ An HTTP ILB with a backend service pointing to a GCE instance group:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb-l7"
|
source = "./fabric/modules/net-ilb-l7"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
@ -39,7 +39,7 @@ Network and subnetwork can be entered using their name (if present in the same p
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb-l7"
|
source = "./fabric/modules/net-ilb-l7"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
@ -75,7 +75,7 @@ For example, to contextually create a health check and attach it to the backend
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb-l7"
|
source = "./fabric/modules/net-ilb-l7"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
@ -118,7 +118,7 @@ Zonal Network Endpoint Groups (NEGs) can also be used, as shown in the example b
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb-l7"
|
source = "./fabric/modules/net-ilb-l7"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
@ -175,7 +175,7 @@ In this example, we're using a backend service as the default backend
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb-l7"
|
source = "./fabric/modules/net-ilb-l7"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
@ -234,7 +234,7 @@ Optionally, a static IP address can be reserved:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb-l7"
|
source = "./fabric/modules/net-ilb-l7"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
@ -271,7 +271,7 @@ When HTTPS is enabled, if the ids specified in the `target_proxy_https_config` v
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb-l7"
|
source = "./fabric/modules/net-ilb-l7"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
@ -307,7 +307,7 @@ Otherwise, unmanaged certificates can also be contextually created:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb-l7"
|
source = "./fabric/modules/net-ilb-l7"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
|
|
|
@ -18,7 +18,7 @@ This examples shows how to create an ILB by combining externally managed instanc
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb"
|
source = "./fabric/modules/net-ilb"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
|
@ -58,11 +58,11 @@ Note that the example uses the GCE default service account. You might want to cr
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "cos-nginx" {
|
module "cos-nginx" {
|
||||||
source = "./modules/cloud-config-container/nginx"
|
source = "./fabric/modules/cloud-config-container/nginx"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "instance-group" {
|
module "instance-group" {
|
||||||
source = "./modules/compute-vm"
|
source = "./fabric/modules/compute-vm"
|
||||||
for_each = toset(["b", "c"])
|
for_each = toset(["b", "c"])
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
zone = "europe-west1-${each.key}"
|
zone = "europe-west1-${each.key}"
|
||||||
|
@ -86,7 +86,7 @@ module "instance-group" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "ilb" {
|
module "ilb" {
|
||||||
source = "./modules/net-ilb"
|
source = "./fabric/modules/net-ilb"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
name = "ilb-test"
|
name = "ilb-test"
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module allows creation of a VLAN attachment for Direct Interconnect and rou
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vlan-attachment-1" {
|
module "vlan-attachment-1" {
|
||||||
source = "./modules/net-interconnect-attachment-direct"
|
source = "./fabric/modules/net-interconnect-attachment-direct"
|
||||||
project_id = "dedicated-ic-5-8492"
|
project_id = "dedicated-ic-5-8492"
|
||||||
region = "us-west2"
|
region = "us-west2"
|
||||||
router_network = "myvpc"
|
router_network = "myvpc"
|
||||||
|
@ -25,7 +25,7 @@ module "vlan-attachment-1" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vlan-attachment-1" {
|
module "vlan-attachment-1" {
|
||||||
source = "./modules/net-interconnect-attachment-direct"
|
source = "./fabric/modules/net-interconnect-attachment-direct"
|
||||||
project_id = "dedicated-ic-3-8386"
|
project_id = "dedicated-ic-3-8386"
|
||||||
region = "us-west2"
|
region = "us-west2"
|
||||||
router_name = "router-1"
|
router_name = "router-1"
|
||||||
|
@ -63,7 +63,7 @@ module "vlan-attachment-1" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vlan-attachment-2" {
|
module "vlan-attachment-2" {
|
||||||
source = "./modules/net-interconnect-attachment-direct"
|
source = "./fabric/modules/net-interconnect-attachment-direct"
|
||||||
project_id = "dedicated-ic-3-8386"
|
project_id = "dedicated-ic-3-8386"
|
||||||
region = "us-west2"
|
region = "us-west2"
|
||||||
router_name = "router-2"
|
router_name = "router-2"
|
||||||
|
|
|
@ -16,7 +16,7 @@ This is often useful for prototyping or testing infrastructure, allowing open in
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "firewall" {
|
module "firewall" {
|
||||||
source = "./modules/net-vpc-firewall"
|
source = "./fabric/modules/net-vpc-firewall"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
network = "my-network"
|
network = "my-network"
|
||||||
admin_ranges = ["10.0.0.0/8"]
|
admin_ranges = ["10.0.0.0/8"]
|
||||||
|
@ -30,7 +30,7 @@ This is an example of how to define custom rules, with a sample rule allowing op
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "firewall" {
|
module "firewall" {
|
||||||
source = "./modules/net-vpc-firewall"
|
source = "./fabric/modules/net-vpc-firewall"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
network = "my-network"
|
network = "my-network"
|
||||||
admin_ranges = ["10.0.0.0/8"]
|
admin_ranges = ["10.0.0.0/8"]
|
||||||
|
@ -57,7 +57,7 @@ If you don't want any predefined rules set `admin_ranges`, `http_source_ranges`,
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "firewall" {
|
module "firewall" {
|
||||||
source = "./modules/net-vpc-firewall"
|
source = "./fabric/modules/net-vpc-firewall"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
network = "my-network"
|
network = "my-network"
|
||||||
admin_ranges = []
|
admin_ranges = []
|
||||||
|
@ -87,7 +87,7 @@ The module includes a rules factory (see [Resource Factories](../../examples/fac
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "firewall" {
|
module "firewall" {
|
||||||
source = "./modules/net-vpc-firewall"
|
source = "./fabric/modules/net-vpc-firewall"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
network = "my-network"
|
network = "my-network"
|
||||||
data_folder = "config/firewall"
|
data_folder = "config/firewall"
|
||||||
|
|
|
@ -13,7 +13,7 @@ Basic usage of this module is as follows:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "peering" {
|
module "peering" {
|
||||||
source = "./modules/net-vpc-peering"
|
source = "./fabric/modules/net-vpc-peering"
|
||||||
prefix = "name-prefix"
|
prefix = "name-prefix"
|
||||||
local_network = "projects/project-1/global/networks/vpc-1"
|
local_network = "projects/project-1/global/networks/vpc-1"
|
||||||
peer_network = "projects/project-1/global/networks/vpc-2"
|
peer_network = "projects/project-1/global/networks/vpc-2"
|
||||||
|
@ -25,14 +25,14 @@ If you need to create more than one peering for the same VPC Network `(A -> B, A
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "peering-a-b" {
|
module "peering-a-b" {
|
||||||
source = "./modules/net-vpc-peering"
|
source = "./fabric/modules/net-vpc-peering"
|
||||||
prefix = "name-prefix"
|
prefix = "name-prefix"
|
||||||
local_network = "projects/project-a/global/networks/vpc-a"
|
local_network = "projects/project-a/global/networks/vpc-a"
|
||||||
peer_network = "projects/project-b/global/networks/vpc-b"
|
peer_network = "projects/project-b/global/networks/vpc-b"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "peering-a-c" {
|
module "peering-a-c" {
|
||||||
source = "./modules/net-vpc-peering"
|
source = "./fabric/modules/net-vpc-peering"
|
||||||
prefix = "name-prefix"
|
prefix = "name-prefix"
|
||||||
local_network = "projects/project-a/global/networks/vpc-a"
|
local_network = "projects/project-a/global/networks/vpc-a"
|
||||||
peer_network = "projects/project-c/global/networks/vpc-c"
|
peer_network = "projects/project-c/global/networks/vpc-c"
|
||||||
|
|
|
@ -10,7 +10,7 @@ The module allows for several different VPC configurations, some of the most com
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
|
@ -42,7 +42,7 @@ If you only want to create the "local" side of the peering, use `peering_create_
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc-hub" {
|
module "vpc-hub" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "hub"
|
project_id = "hub"
|
||||||
name = "vpc-hub"
|
name = "vpc-hub"
|
||||||
subnets = [{
|
subnets = [{
|
||||||
|
@ -54,7 +54,7 @@ module "vpc-hub" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vpc-spoke-1" {
|
module "vpc-spoke-1" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "spoke1"
|
project_id = "spoke1"
|
||||||
name = "vpc-spoke1"
|
name = "vpc-spoke1"
|
||||||
subnets = [{
|
subnets = [{
|
||||||
|
@ -89,7 +89,7 @@ locals {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vpc-host" {
|
module "vpc-host" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-host-network"
|
name = "my-host-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
|
@ -127,7 +127,7 @@ module "vpc-host" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
|
@ -152,7 +152,7 @@ Custom routes can be optionally exported/imported through the peering formed wit
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
subnets = [
|
subnets = [
|
||||||
|
@ -180,7 +180,7 @@ Along with common private subnets module supports creation more service specific
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
|
|
||||||
|
@ -207,7 +207,7 @@ module "vpc" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
dns_policy = {
|
dns_policy = {
|
||||||
|
@ -236,7 +236,7 @@ The `net-vpc` module includes a subnet factory (see [Resource Factories](../../e
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc" {
|
module "vpc" {
|
||||||
source = "./modules/net-vpc"
|
source = "./fabric/modules/net-vpc"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-network"
|
name = "my-network"
|
||||||
data_folder = "config/subnets"
|
data_folder = "config/subnets"
|
||||||
|
|
|
@ -9,7 +9,7 @@ This example shows how to configure a single VPN tunnel using a couple of extra
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpn-dynamic" {
|
module "vpn-dynamic" {
|
||||||
source = "./modules/net-vpn-dynamic"
|
source = "./fabric/modules/net-vpn-dynamic"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
region = "europe-west1"
|
region = "europe-west1"
|
||||||
network = "my-vpc"
|
network = "my-vpc"
|
||||||
|
|
|
@ -6,7 +6,7 @@ This module makes it easy to deploy either GCP-to-GCP or GCP-to-On-prem [Cloud H
|
||||||
### GCP to GCP
|
### GCP to GCP
|
||||||
```hcl
|
```hcl
|
||||||
module "vpn_ha-1" {
|
module "vpn_ha-1" {
|
||||||
source = "./modules/net-vpn-ha"
|
source = "./fabric/modules/net-vpn-ha"
|
||||||
project_id = "<PROJECT_ID>"
|
project_id = "<PROJECT_ID>"
|
||||||
region = "europe-west4"
|
region = "europe-west4"
|
||||||
network = "https://www.googleapis.com/compute/v1/projects/<PROJECT_ID>/global/networks/network-1"
|
network = "https://www.googleapis.com/compute/v1/projects/<PROJECT_ID>/global/networks/network-1"
|
||||||
|
@ -51,7 +51,7 @@ module "vpn_ha-1" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vpn_ha-2" {
|
module "vpn_ha-2" {
|
||||||
source = "./modules/net-vpn-ha"
|
source = "./fabric/modules/net-vpn-ha"
|
||||||
project_id = "<PROJECT_ID>"
|
project_id = "<PROJECT_ID>"
|
||||||
region = "europe-west4"
|
region = "europe-west4"
|
||||||
network = "https://www.googleapis.com/compute/v1/projects/<PROJECT_ID>/global/networks/local-network"
|
network = "https://www.googleapis.com/compute/v1/projects/<PROJECT_ID>/global/networks/local-network"
|
||||||
|
@ -96,7 +96,7 @@ Note: When using the `for_each` meta-argument you might experience a Cycle Error
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpn_ha" {
|
module "vpn_ha" {
|
||||||
source = "./modules/net-vpn-ha"
|
source = "./fabric/modules/net-vpn-ha"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = var.region
|
region = var.region
|
||||||
network = var.vpc.self_link
|
network = var.vpc.self_link
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "addresses" {
|
module "addresses" {
|
||||||
source = "./modules/net-address"
|
source = "./fabric/modules/net-address"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
external_addresses = {
|
external_addresses = {
|
||||||
vpn = "europe-west1"
|
vpn = "europe-west1"
|
||||||
|
@ -12,7 +12,7 @@ module "addresses" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "vpn" {
|
module "vpn" {
|
||||||
source = "./modules/net-vpn-static"
|
source = "./fabric/modules/net-vpn-static"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
region = var.region
|
region = var.region
|
||||||
network = var.vpc.self_link
|
network = var.vpc.self_link
|
||||||
|
|
|
@ -13,14 +13,14 @@ Yaml based factory can simplify centralized management of Org Policies for a Dev
|
||||||
```hcl
|
```hcl
|
||||||
# using configuration provided in a set of yaml files
|
# using configuration provided in a set of yaml files
|
||||||
module "org-policy-factory" {
|
module "org-policy-factory" {
|
||||||
source = "./modules/organization-policy"
|
source = "./fabric/modules/organization-policy"
|
||||||
|
|
||||||
config_directory = "./policies"
|
config_directory = "./policies"
|
||||||
}
|
}
|
||||||
|
|
||||||
# using configuration provided in the module variable
|
# using configuration provided in the module variable
|
||||||
module "org-policy" {
|
module "org-policy" {
|
||||||
source = "./modules/organization-policy"
|
source = "./fabric/modules/organization-policy"
|
||||||
|
|
||||||
policies = {
|
policies = {
|
||||||
"folders/1234567890" = {
|
"folders/1234567890" = {
|
||||||
|
|
|
@ -11,7 +11,7 @@ This module allows managing several organization properties:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "org" {
|
module "org" {
|
||||||
source = "./modules/organization"
|
source = "./fabric/modules/organization"
|
||||||
organization_id = "organizations/1234567890"
|
organization_id = "organizations/1234567890"
|
||||||
group_iam = {
|
group_iam = {
|
||||||
"cloud-owners@example.org" = ["roles/owner", "roles/projectCreator"]
|
"cloud-owners@example.org" = ["roles/owner", "roles/projectCreator"]
|
||||||
|
@ -60,7 +60,7 @@ Once you have policies (either created via the module or externally), you can as
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "org" {
|
module "org" {
|
||||||
source = "./modules/organization"
|
source = "./fabric/modules/organization"
|
||||||
organization_id = var.organization_id
|
organization_id = var.organization_id
|
||||||
firewall_policies = {
|
firewall_policies = {
|
||||||
iap-policy = {
|
iap-policy = {
|
||||||
|
@ -92,7 +92,7 @@ The in-built factory allows you to define a single policy, using one file for ru
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "org" {
|
module "org" {
|
||||||
source = "./modules/organization"
|
source = "./fabric/modules/organization"
|
||||||
organization_id = var.organization_id
|
organization_id = var.organization_id
|
||||||
firewall_policy_factory = {
|
firewall_policy_factory = {
|
||||||
cidr_file = "data/cidrs.yaml"
|
cidr_file = "data/cidrs.yaml"
|
||||||
|
@ -147,33 +147,33 @@ allow-ssh-from-iap:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "gcs" {
|
module "gcs" {
|
||||||
source = "./modules/gcs"
|
source = "./fabric/modules/gcs"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "gcs_sink"
|
name = "gcs_sink"
|
||||||
force_destroy = true
|
force_destroy = true
|
||||||
}
|
}
|
||||||
|
|
||||||
module "dataset" {
|
module "dataset" {
|
||||||
source = "./modules/bigquery-dataset"
|
source = "./fabric/modules/bigquery-dataset"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
id = "bq_sink"
|
id = "bq_sink"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "pubsub" {
|
module "pubsub" {
|
||||||
source = "./modules/pubsub"
|
source = "./fabric/modules/pubsub"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "pubsub_sink"
|
name = "pubsub_sink"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "bucket" {
|
module "bucket" {
|
||||||
source = "./modules/logging-bucket"
|
source = "./fabric/modules/logging-bucket"
|
||||||
parent_type = "project"
|
parent_type = "project"
|
||||||
parent = "my-project"
|
parent = "my-project"
|
||||||
id = "bucket"
|
id = "bucket"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "org" {
|
module "org" {
|
||||||
source = "./modules/organization"
|
source = "./fabric/modules/organization"
|
||||||
organization_id = var.organization_id
|
organization_id = var.organization_id
|
||||||
|
|
||||||
logging_sinks = {
|
logging_sinks = {
|
||||||
|
@ -223,7 +223,7 @@ module "org" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "org" {
|
module "org" {
|
||||||
source = "./modules/organization"
|
source = "./fabric/modules/organization"
|
||||||
organization_id = var.organization_id
|
organization_id = var.organization_id
|
||||||
custom_roles = {
|
custom_roles = {
|
||||||
"myRole" = [
|
"myRole" = [
|
||||||
|
@ -243,7 +243,7 @@ Refer to the [Creating and managing tags](https://cloud.google.com/resource-mana
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "org" {
|
module "org" {
|
||||||
source = "./modules/organization"
|
source = "./fabric/modules/organization"
|
||||||
organization_id = var.organization_id
|
organization_id = var.organization_id
|
||||||
tags = {
|
tags = {
|
||||||
environment = {
|
environment = {
|
||||||
|
|
|
@ -21,7 +21,7 @@ locals {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
billing_account = "123456-123456-123456"
|
billing_account = "123456-123456-123456"
|
||||||
name = "project-example"
|
name = "project-example"
|
||||||
parent = "folders/1234567890"
|
parent = "folders/1234567890"
|
||||||
|
@ -43,7 +43,7 @@ The `group_iam` variable uses group email addresses as keys and is a convenient
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
billing_account = "123456-123456-123456"
|
billing_account = "123456-123456-123456"
|
||||||
name = "project-example"
|
name = "project-example"
|
||||||
parent = "folders/1234567890"
|
parent = "folders/1234567890"
|
||||||
|
@ -70,7 +70,7 @@ Additive IAM is typically used where bindings for specific roles are controlled
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
name = "project-example"
|
name = "project-example"
|
||||||
iam_additive = {
|
iam_additive = {
|
||||||
"roles/viewer" = [
|
"roles/viewer" = [
|
||||||
|
@ -94,7 +94,7 @@ As mentioned above, there are cases where authoritative management of specific I
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
name = "project-example"
|
name = "project-example"
|
||||||
group_iam = {
|
group_iam = {
|
||||||
"foo@example.com" = [
|
"foo@example.com" = [
|
||||||
|
@ -120,7 +120,7 @@ You can enable Shared VPC Host at the project level and manage project service a
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
name = "project-example"
|
name = "project-example"
|
||||||
shared_vpc_host_config = {
|
shared_vpc_host_config = {
|
||||||
enabled = true
|
enabled = true
|
||||||
|
@ -134,7 +134,7 @@ module "project" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
name = "project-example"
|
name = "project-example"
|
||||||
shared_vpc_service_config = {
|
shared_vpc_service_config = {
|
||||||
attach = true
|
attach = true
|
||||||
|
@ -159,7 +159,7 @@ module "project" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
billing_account = "123456-123456-123456"
|
billing_account = "123456-123456-123456"
|
||||||
name = "project-example"
|
name = "project-example"
|
||||||
parent = "folders/1234567890"
|
parent = "folders/1234567890"
|
||||||
|
@ -188,33 +188,33 @@ module "project" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "gcs" {
|
module "gcs" {
|
||||||
source = "./modules/gcs"
|
source = "./fabric/modules/gcs"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "gcs_sink"
|
name = "gcs_sink"
|
||||||
force_destroy = true
|
force_destroy = true
|
||||||
}
|
}
|
||||||
|
|
||||||
module "dataset" {
|
module "dataset" {
|
||||||
source = "./modules/bigquery-dataset"
|
source = "./fabric/modules/bigquery-dataset"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
id = "bq_sink"
|
id = "bq_sink"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "pubsub" {
|
module "pubsub" {
|
||||||
source = "./modules/pubsub"
|
source = "./fabric/modules/pubsub"
|
||||||
project_id = var.project_id
|
project_id = var.project_id
|
||||||
name = "pubsub_sink"
|
name = "pubsub_sink"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "bucket" {
|
module "bucket" {
|
||||||
source = "./modules/logging-bucket"
|
source = "./fabric/modules/logging-bucket"
|
||||||
parent_type = "project"
|
parent_type = "project"
|
||||||
parent = "my-project"
|
parent = "my-project"
|
||||||
id = "bucket"
|
id = "bucket"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "project-host" {
|
module "project-host" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
name = "my-project"
|
name = "my-project"
|
||||||
billing_account = "123456-123456-123456"
|
billing_account = "123456-123456-123456"
|
||||||
parent = "folders/1234567890"
|
parent = "folders/1234567890"
|
||||||
|
@ -267,7 +267,7 @@ The module offers a simple, centralized way to assign `roles/cloudkms.cryptoKeyE
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
name = "my-project"
|
name = "my-project"
|
||||||
billing_account = "123456-123456-123456"
|
billing_account = "123456-123456-123456"
|
||||||
prefix = "foo"
|
prefix = "foo"
|
||||||
|
@ -294,7 +294,7 @@ Refer to the [Creating and managing tags](https://cloud.google.com/resource-mana
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "org" {
|
module "org" {
|
||||||
source = "./modules/organization"
|
source = "./fabric/modules/organization"
|
||||||
organization_id = var.organization_id
|
organization_id = var.organization_id
|
||||||
tags = {
|
tags = {
|
||||||
environment = {
|
environment = {
|
||||||
|
@ -309,7 +309,7 @@ module "org" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
name = "test-project"
|
name = "test-project"
|
||||||
tag_bindings = {
|
tag_bindings = {
|
||||||
env-prod = module.org.tag_values["environment/prod"].id
|
env-prod = module.org.tag_values["environment/prod"].id
|
||||||
|
@ -327,7 +327,7 @@ One non-obvious output is `service_accounts`, which offers a simple way to disco
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "project" {
|
module "project" {
|
||||||
source = "./modules/project"
|
source = "./fabric/modules/project"
|
||||||
name = "project-example"
|
name = "project-example"
|
||||||
services = [
|
services = [
|
||||||
"compute.googleapis.com"
|
"compute.googleapis.com"
|
||||||
|
|
|
@ -10,7 +10,7 @@ A good usage pattern would be when we want all the projects under a specific fol
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "my-org" {
|
module "my-org" {
|
||||||
source = "./modules/projects-data-source"
|
source = "./fabric/modules/projects-data-source"
|
||||||
parent = "organizations/123456789"
|
parent = "organizations/123456789"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -29,7 +29,7 @@ output "folders" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "my-dev" {
|
module "my-dev" {
|
||||||
source = "./modules/projects-data-source"
|
source = "./fabric/modules/projects-data-source"
|
||||||
parent = "folders/123456789"
|
parent = "folders/123456789"
|
||||||
filter = "labels.env:DEV lifecycleState:ACTIVE"
|
filter = "labels.env:DEV lifecycleState:ACTIVE"
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ This module allows managing a single Pub/Sub topic, including multiple subscript
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "pubsub" {
|
module "pubsub" {
|
||||||
source = "./modules/pubsub"
|
source = "./fabric/modules/pubsub"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-topic"
|
name = "my-topic"
|
||||||
iam = {
|
iam = {
|
||||||
|
@ -26,7 +26,7 @@ Subscriptions are defined with the `subscriptions` variable, allowing optional c
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "pubsub" {
|
module "pubsub" {
|
||||||
source = "./modules/pubsub"
|
source = "./fabric/modules/pubsub"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-topic"
|
name = "my-topic"
|
||||||
subscriptions = {
|
subscriptions = {
|
||||||
|
@ -52,7 +52,7 @@ Push subscriptions need extra configuration in the `push_configs` variable.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "pubsub" {
|
module "pubsub" {
|
||||||
source = "./modules/pubsub"
|
source = "./fabric/modules/pubsub"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-topic"
|
name = "my-topic"
|
||||||
subscriptions = {
|
subscriptions = {
|
||||||
|
@ -73,7 +73,7 @@ module "pubsub" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "pubsub" {
|
module "pubsub" {
|
||||||
source = "./modules/pubsub"
|
source = "./fabric/modules/pubsub"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-topic"
|
name = "my-topic"
|
||||||
subscriptions = {
|
subscriptions = {
|
||||||
|
|
|
@ -14,7 +14,7 @@ The secret replication policy is automatically managed if no location is set, or
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "secret-manager" {
|
module "secret-manager" {
|
||||||
source = "./modules/secret-manager"
|
source = "./fabric/modules/secret-manager"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
secrets = {
|
secrets = {
|
||||||
test-auto = null
|
test-auto = null
|
||||||
|
@ -30,7 +30,7 @@ IAM bindings can be set per secret in the same way as for most other modules sup
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "secret-manager" {
|
module "secret-manager" {
|
||||||
source = "./modules/secret-manager"
|
source = "./fabric/modules/secret-manager"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
secrets = {
|
secrets = {
|
||||||
test-auto = null
|
test-auto = null
|
||||||
|
@ -54,7 +54,7 @@ As mentioned above, please be aware that **version data will be stored in state
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "secret-manager" {
|
module "secret-manager" {
|
||||||
source = "./modules/secret-manager"
|
source = "./fabric/modules/secret-manager"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
secrets = {
|
secrets = {
|
||||||
test-auto = null
|
test-auto = null
|
||||||
|
|
|
@ -11,7 +11,7 @@ It can be used in conjunction with the [DNS](../dns) module to create [service-d
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "service-directory" {
|
module "service-directory" {
|
||||||
source = "./modules/service-directory"
|
source = "./fabric/modules/service-directory"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1"
|
location = "europe-west1"
|
||||||
name = "sd-1"
|
name = "sd-1"
|
||||||
|
@ -28,7 +28,7 @@ module "service-directory" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "service-directory" {
|
module "service-directory" {
|
||||||
source = "./modules/service-directory"
|
source = "./fabric/modules/service-directory"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1"
|
location = "europe-west1"
|
||||||
name = "sd-1"
|
name = "sd-1"
|
||||||
|
@ -59,7 +59,7 @@ Wiring a service directory namespace to a private DNS zone allows querying the n
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "service-directory" {
|
module "service-directory" {
|
||||||
source = "./modules/service-directory"
|
source = "./fabric/modules/service-directory"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
location = "europe-west1"
|
location = "europe-west1"
|
||||||
name = "apps"
|
name = "apps"
|
||||||
|
@ -77,7 +77,7 @@ module "service-directory" {
|
||||||
}
|
}
|
||||||
|
|
||||||
module "dns-sd" {
|
module "dns-sd" {
|
||||||
source = "./modules/dns"
|
source = "./fabric/modules/dns"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
type = "service-directory"
|
type = "service-directory"
|
||||||
name = "apps"
|
name = "apps"
|
||||||
|
|
|
@ -8,7 +8,7 @@ This module allows managing a single Cloud Source Repository, including IAM bind
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "repo" {
|
module "repo" {
|
||||||
source = "./modules/source-repository"
|
source = "./fabric/modules/source-repository"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-repo"
|
name = "my-repo"
|
||||||
iam = {
|
iam = {
|
||||||
|
@ -22,7 +22,7 @@ module "repo" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "repo" {
|
module "repo" {
|
||||||
source = "./modules/source-repository"
|
source = "./fabric/modules/source-repository"
|
||||||
project_id = "my-project"
|
project_id = "my-project"
|
||||||
name = "my-repo"
|
name = "my-repo"
|
||||||
triggers = {
|
triggers = {
|
||||||
|
|
|
@ -14,7 +14,7 @@ By default, the module is configured to use an existing policy, passed in by nam
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "test" {
|
module "test" {
|
||||||
source = "./modules/vpc-sc"
|
source = "./fabric/modules/vpc-sc"
|
||||||
access_policy = "12345678"
|
access_policy = "12345678"
|
||||||
}
|
}
|
||||||
# tftest modules=0 resources=0
|
# tftest modules=0 resources=0
|
||||||
|
@ -24,7 +24,7 @@ If you need the module to create the policy for you, use the `access_policy_crea
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "test" {
|
module "test" {
|
||||||
source = "./modules/vpc-sc"
|
source = "./fabric/modules/vpc-sc"
|
||||||
access_policy = null
|
access_policy = null
|
||||||
access_policy_create = {
|
access_policy_create = {
|
||||||
parent = "organizations/123456"
|
parent = "organizations/123456"
|
||||||
|
@ -40,7 +40,7 @@ As highlighted above, the `access_levels` type replicates the underlying resourc
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "test" {
|
module "test" {
|
||||||
source = "./modules/vpc-sc"
|
source = "./fabric/modules/vpc-sc"
|
||||||
access_policy = "12345678"
|
access_policy = "12345678"
|
||||||
access_levels = {
|
access_levels = {
|
||||||
a1 = {
|
a1 = {
|
||||||
|
@ -81,7 +81,7 @@ Resources for both perimeters have a `lifecycle` block that ignores changes to `
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "test" {
|
module "test" {
|
||||||
source = "./modules/vpc-sc"
|
source = "./fabric/modules/vpc-sc"
|
||||||
access_policy = "12345678"
|
access_policy = "12345678"
|
||||||
service_perimeters_bridge = {
|
service_perimeters_bridge = {
|
||||||
b1 = {
|
b1 = {
|
||||||
|
@ -103,7 +103,7 @@ module "test" {
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "test" {
|
module "test" {
|
||||||
source = "./modules/vpc-sc"
|
source = "./fabric/modules/vpc-sc"
|
||||||
access_policy = "12345678"
|
access_policy = "12345678"
|
||||||
access_levels = {
|
access_levels = {
|
||||||
a1 = {
|
a1 = {
|
||||||
|
|
|
@ -11,7 +11,6 @@
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
"Shared fixtures"
|
"Shared fixtures"
|
||||||
|
|
||||||
import inspect
|
import inspect
|
||||||
|
@ -46,12 +45,13 @@ def _plan_runner():
|
||||||
tf = tftest.TerraformTest(tmp_path, BASEDIR,
|
tf = tftest.TerraformTest(tmp_path, BASEDIR,
|
||||||
os.environ.get('TERRAFORM', 'terraform'))
|
os.environ.get('TERRAFORM', 'terraform'))
|
||||||
tf.setup(upgrade=True)
|
tf.setup(upgrade=True)
|
||||||
return tf.plan(output=True, refresh=refresh, tf_vars=tf_vars, targets=targets)
|
return tf.plan(output=True, refresh=refresh, tf_vars=tf_vars,
|
||||||
|
targets=targets)
|
||||||
|
|
||||||
return run_plan
|
return run_plan
|
||||||
|
|
||||||
|
|
||||||
@ pytest.fixture(scope='session')
|
@pytest.fixture(scope='session')
|
||||||
def plan_runner(_plan_runner):
|
def plan_runner(_plan_runner):
|
||||||
"Returns a function to run Terraform plan on a module fixture."
|
"Returns a function to run Terraform plan on a module fixture."
|
||||||
|
|
||||||
|
@ -65,15 +65,15 @@ def plan_runner(_plan_runner):
|
||||||
return run_plan
|
return run_plan
|
||||||
|
|
||||||
|
|
||||||
@ pytest.fixture(scope='session')
|
@pytest.fixture(scope='session')
|
||||||
def e2e_plan_runner(_plan_runner):
|
def e2e_plan_runner(_plan_runner):
|
||||||
"Returns a function to run Terraform plan on an end-to-end fixture."
|
"Returns a function to run Terraform plan on an end-to-end fixture."
|
||||||
|
|
||||||
def run_plan(fixture_path=None, targets=None, refresh=True,
|
def run_plan(fixture_path=None, targets=None, refresh=True,
|
||||||
include_bare_resources=False, **tf_vars):
|
include_bare_resources=False, **tf_vars):
|
||||||
"Runs Terraform plan on an end-to-end module using defaults, returns data."
|
"Runs Terraform plan on an end-to-end module using defaults, returns data."
|
||||||
plan = _plan_runner(fixture_path, targets=targets,
|
plan = _plan_runner(fixture_path, targets=targets, refresh=refresh,
|
||||||
refresh=refresh, **tf_vars)
|
**tf_vars)
|
||||||
# skip the fixture
|
# skip the fixture
|
||||||
root_module = plan.root_module['child_modules'][0]
|
root_module = plan.root_module['child_modules'][0]
|
||||||
modules = dict((mod['address'], mod['resources'])
|
modules = dict((mod['address'], mod['resources'])
|
||||||
|
@ -87,7 +87,7 @@ def e2e_plan_runner(_plan_runner):
|
||||||
return run_plan
|
return run_plan
|
||||||
|
|
||||||
|
|
||||||
@ pytest.fixture(scope='session')
|
@pytest.fixture(scope='session')
|
||||||
def doc_example_plan_runner(_plan_runner):
|
def doc_example_plan_runner(_plan_runner):
|
||||||
"Returns a function to run Terraform plan on documentation examples."
|
"Returns a function to run Terraform plan on documentation examples."
|
||||||
|
|
||||||
|
@ -99,14 +99,12 @@ def doc_example_plan_runner(_plan_runner):
|
||||||
plan = tf.plan(output=True, refresh=True)
|
plan = tf.plan(output=True, refresh=True)
|
||||||
# the fixture is the example we are testing
|
# the fixture is the example we are testing
|
||||||
modules = plan.modules or {}
|
modules = plan.modules or {}
|
||||||
return (
|
return (len(modules), sum(len(m.resources) for m in modules.values()))
|
||||||
len(modules),
|
|
||||||
sum(len(m.resources) for m in modules.values()))
|
|
||||||
|
|
||||||
return run_plan
|
return run_plan
|
||||||
|
|
||||||
|
|
||||||
@ pytest.fixture(scope='session')
|
@pytest.fixture(scope='session')
|
||||||
def apply_runner():
|
def apply_runner():
|
||||||
"Returns a function to run Terraform apply on a fixture."
|
"Returns a function to run Terraform apply on a fixture."
|
||||||
|
|
||||||
|
|
|
@ -16,18 +16,19 @@ from pathlib import Path
|
||||||
|
|
||||||
import marko
|
import marko
|
||||||
|
|
||||||
MODULES_PATH = Path(__file__).parents[2] / 'modules/'
|
FABRIC_ROOT = Path(__file__).parents[2]
|
||||||
|
MODULES_PATH = FABRIC_ROOT / 'modules/'
|
||||||
|
EXAMPLES_PATH = FABRIC_ROOT / 'examples/'
|
||||||
|
|
||||||
|
|
||||||
def pytest_generate_tests(metafunc):
|
def pytest_generate_tests(metafunc):
|
||||||
if 'example' in metafunc.fixturenames:
|
if 'example' in metafunc.fixturenames:
|
||||||
modules = [
|
modules = [x for x in MODULES_PATH.iterdir() if x.is_dir()]
|
||||||
x for x in MODULES_PATH.iterdir()
|
modules.extend(x for x in EXAMPLES_PATH.glob("*/*") if x.is_dir())
|
||||||
if x.is_dir()
|
|
||||||
]
|
|
||||||
modules.sort()
|
modules.sort()
|
||||||
examples = []
|
examples = []
|
||||||
ids = []
|
ids = []
|
||||||
|
|
||||||
for module in modules:
|
for module in modules:
|
||||||
readme = module / 'README.md'
|
readme = module / 'README.md'
|
||||||
if not readme.exists():
|
if not readme.exists():
|
||||||
|
@ -42,7 +43,8 @@ def pytest_generate_tests(metafunc):
|
||||||
if 'tftest skip' in code:
|
if 'tftest skip' in code:
|
||||||
continue
|
continue
|
||||||
examples.append(code)
|
examples.append(code)
|
||||||
name = f'{module.stem}:{last_header}'
|
path = module.relative_to(FABRIC_ROOT)
|
||||||
|
name = f'{path}:{last_header}'
|
||||||
if index > 1:
|
if index > 1:
|
||||||
name += f' {index}'
|
name += f' {index}'
|
||||||
ids.append(name)
|
ids.append(name)
|
||||||
|
|
|
@ -15,14 +15,12 @@
|
||||||
import re
|
import re
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
|
|
||||||
|
|
||||||
BASE_PATH = Path(__file__).parent
|
BASE_PATH = Path(__file__).parent
|
||||||
EXPECTED_RESOURCES_RE = re.compile(r'# tftest modules=(\d+) resources=(\d+)')
|
EXPECTED_RESOURCES_RE = re.compile(r'# tftest modules=(\d+) resources=(\d+)')
|
||||||
|
|
||||||
|
|
||||||
def test_example(doc_example_plan_runner, tmp_path, example):
|
def test_example(doc_example_plan_runner, tmp_path, example):
|
||||||
(tmp_path / 'modules').symlink_to(
|
(tmp_path / 'fabric').symlink_to(Path(BASE_PATH, '../../').resolve())
|
||||||
Path(BASE_PATH, '../../modules/').resolve())
|
|
||||||
(tmp_path / 'variables.tf').symlink_to(
|
(tmp_path / 'variables.tf').symlink_to(
|
||||||
Path(BASE_PATH, 'variables.tf').resolve())
|
Path(BASE_PATH, 'variables.tf').resolve())
|
||||||
(tmp_path / 'main.tf').write_text(example)
|
(tmp_path / 'main.tf').write_text(example)
|
||||||
|
|
|
@ -32,6 +32,10 @@ variable "organization_id" {
|
||||||
default = "organizations/1122334455"
|
default = "organizations/1122334455"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "folder_id" {
|
||||||
|
default = "folders/1122334455"
|
||||||
|
}
|
||||||
|
|
||||||
variable "project_id" {
|
variable "project_id" {
|
||||||
default = "projects/project-id"
|
default = "projects/project-id"
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue