Add periods at the end of each description field where missing (#478)
This commit is contained in:
Simone Ruffilli
GitHub
parent
e2abd772f2
commit
abb6b50a46
|
|
@ -36,6 +36,6 @@ Note that Terraform 0.13 at least is required due to the use of `for_each` with
|
|||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [teams](outputs.tf#L17) | Team resources | |
|
||||
| [teams](outputs.tf#L17) | Team resources. | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -15,11 +15,11 @@
|
|||
*/
|
||||
|
||||
output "host_project_id" {
|
||||
description = "Shared VPC Host project id"
|
||||
description = "Shared VPC Host project id."
|
||||
value = module.project-host.project_id
|
||||
}
|
||||
|
||||
output "shared_vpc_self_link" {
|
||||
description = "Shared VPC Self link"
|
||||
description = "Shared VPC Self link."
|
||||
value = module.shared-vpc.self_link
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,12 +15,12 @@
|
|||
*/
|
||||
|
||||
variable "host_project" {
|
||||
description = "Host project name"
|
||||
description = "Host project name."
|
||||
default = "host"
|
||||
}
|
||||
|
||||
variable "service_projects" {
|
||||
description = "List of service project names"
|
||||
description = "List of service project names."
|
||||
type = list(any)
|
||||
default = [
|
||||
"app-team1",
|
||||
|
|
@ -29,7 +29,7 @@ variable "service_projects" {
|
|||
}
|
||||
|
||||
variable "region" {
|
||||
description = "Region in which to create the subnet"
|
||||
description = "Region in which to create the subnet."
|
||||
default = "europe-west1"
|
||||
}
|
||||
|
||||
|
|
@ -42,24 +42,24 @@ variable "project_services" {
|
|||
}
|
||||
|
||||
variable "organization_id" {
|
||||
description = "The organization ID"
|
||||
description = "The organization ID."
|
||||
}
|
||||
|
||||
variable "billing_account" {
|
||||
description = "The ID of the billing account to associate this project with"
|
||||
description = "The ID of the billing account to associate this project with."
|
||||
}
|
||||
|
||||
variable "prefix" {
|
||||
description = "Customer name to use as prefix for resources' naming"
|
||||
description = "Customer name to use as prefix for resources' naming."
|
||||
default = "test-dns"
|
||||
}
|
||||
|
||||
variable "dns_domain" {
|
||||
description = "DNS domain under which each application team DNS domain will be created"
|
||||
description = "DNS domain under which each application team DNS domain will be created."
|
||||
default = "prod.internal"
|
||||
}
|
||||
|
||||
variable "teams" {
|
||||
description = "List of teams that require their own Cloud DNS instance"
|
||||
description = "List of teams that require their own Cloud DNS instance."
|
||||
default = ["appteam1", "appteam2"]
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
*/
|
||||
|
||||
output "teams" {
|
||||
description = "Team resources"
|
||||
description = "Team resources."
|
||||
value = {
|
||||
for k, v in local.projects : k => {
|
||||
project = v
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ resource "google_project_iam_binding" "iam_bindings" {
|
|||
members = var.project_administrators
|
||||
condition {
|
||||
title = "delegated_role_grant_${each.value.index}"
|
||||
description = "Delegated role grants (${each.value.index}/${length(local.expressions)})"
|
||||
description = "Delegated role grants (${each.value.index}/${length(local.expressions)})."
|
||||
expression = each.value.expression
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -74,12 +74,12 @@ address for security reasons, Internet connectivity is done with [Cloud NAT](htt
|
|||
|---|---|:---:|:---:|:---:|
|
||||
| [project_id](variables.tf#L55) | Project id that references existing project. | <code>string</code> | ✓ | |
|
||||
| [billing_account](variables.tf#L17) | Billing account id used as default for new projects. | <code>string</code> | | <code>null</code> |
|
||||
| [cidrs](variables.tf#L23) | CIDR ranges for subnets | <code>map(string)</code> | | <code title="{ image-builder = "10.0.0.0/24" }">{…}</code> |
|
||||
| [cidrs](variables.tf#L23) | CIDR ranges for subnets. | <code>map(string)</code> | | <code title="{ image-builder = "10.0.0.0/24" }">{…}</code> |
|
||||
| [create_packer_vars](variables.tf#L31) | Create packer variables file using template file and terraform output. | <code>bool</code> | | <code>false</code> |
|
||||
| [packer_account_users](variables.tf#L37) | List of members that will be allowed to impersonate Packer image builder service account in IAM format, i.e. 'user:{emailid}'. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [packer_source_cidrs](variables.tf#L43) | List of CIDR ranges allowed to connect to the temporary VM for provisioning. | <code>list(string)</code> | | <code>["0.0.0.0/0"]</code> |
|
||||
| [project_create](variables.tf#L49) | Create project instead of using an existing one. | <code>bool</code> | | <code>true</code> |
|
||||
| [region](variables.tf#L60) | Default region for resources | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [region](variables.tf#L60) | Default region for resources. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [root_node](variables.tf#L66) | The resource name of the parent folder or organization for project creation, in 'folders/folder_id' or 'organizations/org_id' format. | <code>string</code> | | <code>null</code> |
|
||||
| [use_iap](variables.tf#L72) | Use IAP tunnel to connect to Compute Engine instance for provisioning. | <code>bool</code> | | <code>true</code> |
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ variable "billing_account" {
|
|||
}
|
||||
|
||||
variable "cidrs" {
|
||||
description = "CIDR ranges for subnets"
|
||||
description = "CIDR ranges for subnets."
|
||||
type = map(string)
|
||||
default = {
|
||||
image-builder = "10.0.0.0/24"
|
||||
|
|
@ -58,7 +58,7 @@ variable "project_id" {
|
|||
}
|
||||
|
||||
variable "region" {
|
||||
description = "Default region for resources"
|
||||
description = "Default region for resources."
|
||||
type = string
|
||||
default = "europe-west1"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,6 +34,6 @@ Clone this repository or [open it in cloud shell](https://ssh.cloud.google.com/c
|
|||
| [project_create](variables.tf#L29) | Create project instead ofusing an existing one. | <code>bool</code> | | <code>false</code> |
|
||||
| [quota_config](variables.tf#L40) | Cloud function configuration. | <code title="object({ filters = list(string) projects = list(string) regions = list(string) })">object({…})</code> | | <code title="{ filters = null projects = null regions = null }">{…}</code> |
|
||||
| [region](variables.tf#L54) | Compute region used in the example. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [schedule_config](variables.tf#L60) | Schedule timer configuration in crontab format | <code>string</code> | | <code>"0 * * * *"</code> |
|
||||
| [schedule_config](variables.tf#L60) | Schedule timer configuration in crontab format. | <code>string</code> | | <code>"0 * * * *"</code> |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ variable "region" {
|
|||
}
|
||||
|
||||
variable "schedule_config" {
|
||||
description = "Schedule timer configuration in crontab format"
|
||||
description = "Schedule timer configuration in crontab format."
|
||||
type = string
|
||||
default = "0 * * * *"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ This is an optional part, created if `cai_gcs_export` is set to `true`. The high
|
|||
| [billing_account](variables.tf#L17) | Billing account id used as default for new projects. | <code>string</code> | | <code>null</code> |
|
||||
| [bundle_path](variables.tf#L23) | Path used to write the intermediate Cloud Function code bundle. | <code>string</code> | | <code>"./bundle.zip"</code> |
|
||||
| [bundle_path_cffile](variables.tf#L30) | Path used to write the intermediate Cloud Function code bundle. | <code>string</code> | | <code>"./bundle_cffile.zip"</code> |
|
||||
| [cai_gcs_export](variables.tf#L47) | Enable optional part to export tables to GCS | <code>bool</code> | | <code>false</code> |
|
||||
| [cai_gcs_export](variables.tf#L47) | Enable optional part to export tables to GCS. | <code>bool</code> | | <code>false</code> |
|
||||
| [file_config](variables.tf#L54) | Optional BQ table as a file export function config. | <code title="object({ bucket = string filename = string format = string bq_dataset = string bq_table = string })">object({…})</code> | | <code title="{ bucket = null filename = null format = null bq_dataset = null bq_table = null }">{…}</code> |
|
||||
| [location](variables.tf#L73) | Appe Engine location used in the example. | <code>string</code> | | <code>"europe-west"</code> |
|
||||
| [name](variables.tf#L80) | Arbitrary string used to name created resources. | <code>string</code> | | <code>"asset-inventory"</code> |
|
||||
|
|
|
|||
|
|
@ -148,7 +148,7 @@ resource "google_cloud_scheduler_job" "job" {
|
|||
project = google_app_engine_application.app.project
|
||||
region = var.region
|
||||
name = "cai-export-job"
|
||||
description = "CAI Export Job"
|
||||
description = "CAI Export Job."
|
||||
schedule = "* 9 * * 1"
|
||||
time_zone = "Etc/UTC"
|
||||
|
||||
|
|
@ -171,7 +171,7 @@ resource "google_cloud_scheduler_job" "job_file" {
|
|||
project = google_app_engine_application.app.project
|
||||
region = var.region
|
||||
name = "file-export-job"
|
||||
description = "File export from BQ Job"
|
||||
description = "File export from BQ Job."
|
||||
schedule = "* 9 * * 1"
|
||||
time_zone = "Etc/UTC"
|
||||
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ variable "cai_config" {
|
|||
|
||||
|
||||
variable "cai_gcs_export" {
|
||||
description = "Enable optional part to export tables to GCS"
|
||||
description = "Enable optional part to export tables to GCS."
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ The script use 'google_access_context_manager_service_perimeter_resource' terraf
|
|||
|---|---|:---:|:---:|:---:|
|
||||
| [billing_account_id](variables.tf#L21) | Billing account id. | <code>string</code> | ✓ | |
|
||||
| [root_node](variables.tf#L50) | Parent folder or organization in 'folders/folder_id' or 'organizations/org_id' format. | <code>string</code> | ✓ | |
|
||||
| [admins](variables.tf#L15) | List of users allowed to impersonate the service account | <code>list(string)</code> | | <code>null</code> |
|
||||
| [admins](variables.tf#L15) | List of users allowed to impersonate the service account. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [prefix](variables.tf#L26) | Prefix used to generate project id and name. | <code>string</code> | | <code>null</code> |
|
||||
| [project_names](variables.tf#L32) | Override this variable if you need non-standard names. | <code title="object({ datamart = string dwh = string landing = string services = string transformation = string })">object({…})</code> | | <code title="{ datamart = "datamart" dwh = "datawh" landing = "landing" services = "services" transformation = "transformation" }">{…}</code> |
|
||||
| [service_account_names](variables.tf#L55) | Override this variable if you need non-standard names. | <code title="object({ main = string })">object({…})</code> | | <code title="{ main = "data-platform-main" }">{…}</code> |
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
# limitations under the License.
|
||||
|
||||
variable "admins" {
|
||||
description = "List of users allowed to impersonate the service account"
|
||||
description = "List of users allowed to impersonate the service account."
|
||||
type = list(string)
|
||||
default = null
|
||||
}
|
||||
|
|
|
|||
|
|
@ -57,15 +57,15 @@ You can configure GCP resources to use existing CMEK keys configuring the 'servi
|
|||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [project_ids](variables.tf#L108) | Project IDs. | <code title="object({ datamart = string dwh = string landing = string services = string transformation = string })">object({…})</code> | ✓ | |
|
||||
| [admins](variables.tf#L16) | List of users allowed to impersonate the service account | <code>list(string)</code> | | <code>null</code> |
|
||||
| [datamart_bq_datasets](variables.tf#L22) | Datamart Bigquery datasets | <code title="map(object({ iam = map(list(string)) location = string }))">map(object({…}))</code> | | <code title="{ bq_datamart_dataset = { location = "EU" iam = { } } }">{…}</code> |
|
||||
| [dwh_bq_datasets](variables.tf#L40) | DWH Bigquery datasets | <code title="map(object({ location = string iam = map(list(string)) }))">map(object({…}))</code> | | <code title="{ bq_raw_dataset = { iam = {} location = "EU" } }">{…}</code> |
|
||||
| [landing_buckets](variables.tf#L54) | List of landing buckets to create | <code title="map(object({ location = string name = string }))">map(object({…}))</code> | | <code title="{ raw-data = { location = "EU" name = "raw-data" } data-schema = { location = "EU" name = "data-schema" } }">{…}</code> |
|
||||
| [landing_pubsub](variables.tf#L72) | List of landing pubsub topics and subscriptions to create | <code title="map(map(object({ iam = map(list(string)) labels = map(string) options = object({ ack_deadline_seconds = number message_retention_duration = number retain_acked_messages = bool expiration_policy_ttl = number }) })))">map(map(object({…})))</code> | | <code title="{ landing-1 = { sub1 = { iam = { } labels = {} options = null } sub2 = { iam = {} labels = {}, options = null }, } }">{…}</code> |
|
||||
| [admins](variables.tf#L16) | List of users allowed to impersonate the service account. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [datamart_bq_datasets](variables.tf#L22) | Datamart Bigquery datasets. | <code title="map(object({ iam = map(list(string)) location = string }))">map(object({…}))</code> | | <code title="{ bq_datamart_dataset = { location = "EU" iam = { } } }">{…}</code> |
|
||||
| [dwh_bq_datasets](variables.tf#L40) | DWH Bigquery datasets. | <code title="map(object({ location = string iam = map(list(string)) }))">map(object({…}))</code> | | <code title="{ bq_raw_dataset = { iam = {} location = "EU" } }">{…}</code> |
|
||||
| [landing_buckets](variables.tf#L54) | List of landing buckets to create. | <code title="map(object({ location = string name = string }))">map(object({…}))</code> | | <code title="{ raw-data = { location = "EU" name = "raw-data" } data-schema = { location = "EU" name = "data-schema" } }">{…}</code> |
|
||||
| [landing_pubsub](variables.tf#L72) | List of landing pubsub topics and subscriptions to create. | <code title="map(map(object({ iam = map(list(string)) labels = map(string) options = object({ ack_deadline_seconds = number message_retention_duration = number retain_acked_messages = bool expiration_policy_ttl = number }) })))">map(map(object({…})))</code> | | <code title="{ landing-1 = { sub1 = { iam = { } labels = {} options = null } sub2 = { iam = {} labels = {}, options = null }, } }">{…}</code> |
|
||||
| [landing_service_account](variables.tf#L102) | landing service accounts list. | <code>string</code> | | <code>"sa-landing"</code> |
|
||||
| [service_account_names](variables.tf#L119) | Project service accounts list. | <code title="object({ datamart = string dwh = string landing = string services = string transformation = string })">object({…})</code> | | <code title="{ datamart = "sa-datamart" dwh = "sa-datawh" landing = "sa-landing" services = "sa-services" transformation = "sa-transformation" }">{…}</code> |
|
||||
| [service_encryption_key_ids](variables.tf#L137) | Cloud KMS encryption key in {LOCATION => [KEY_URL]} format. Keys belong to existing project. | <code title="object({ multiregional = string global = string })">object({…})</code> | | <code title="{ multiregional = null global = null }">{…}</code> |
|
||||
| [transformation_buckets](variables.tf#L149) | List of transformation buckets to create | <code title="map(object({ location = string name = string }))">map(object({…}))</code> | | <code title="{ temp = { location = "EU" name = "temp" }, templates = { location = "EU" name = "templates" }, }">{…}</code> |
|
||||
| [transformation_buckets](variables.tf#L149) | List of transformation buckets to create. | <code title="map(object({ location = string name = string }))">map(object({…}))</code> | | <code title="{ temp = { location = "EU" name = "temp" }, templates = { location = "EU" name = "templates" }, }">{…}</code> |
|
||||
| [transformation_subnets](variables.tf#L167) | List of subnets to create in the transformation Project. | <code title="list(object({ ip_cidr_range = string name = string region = string secondary_ip_range = map(string) }))">list(object({…}))</code> | | <code title="[ { ip_cidr_range = "10.1.0.0/20" name = "transformation-subnet" region = "europe-west3" secondary_ip_range = {} }, ]">[…]</code> |
|
||||
| [transformation_vpc_name](variables.tf#L185) | Name of the VPC created in the transformation Project. | <code>string</code> | | <code>"transformation-vpc"</code> |
|
||||
|
||||
|
|
@ -78,6 +78,6 @@ You can configure GCP resources to use existing CMEK keys configuring the 'servi
|
|||
| [landing-buckets](outputs.tf#L29) | List of buckets created for the landing project. | |
|
||||
| [landing-pubsub](outputs.tf#L34) | List of pubsub topics and subscriptions created for the landing project. | |
|
||||
| [transformation-buckets](outputs.tf#L44) | List of buckets created for the transformation project. | |
|
||||
| [transformation-vpc](outputs.tf#L49) | Transformation VPC details | |
|
||||
| [transformation-vpc](outputs.tf#L49) | Transformation VPC details. | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ output "transformation-buckets" {
|
|||
}
|
||||
|
||||
output "transformation-vpc" {
|
||||
description = "Transformation VPC details"
|
||||
description = "Transformation VPC details."
|
||||
value = {
|
||||
name = module.vpc-transformation.name
|
||||
subnets = {
|
||||
|
|
|
|||
|
|
@ -14,13 +14,13 @@
|
|||
|
||||
|
||||
variable "admins" {
|
||||
description = "List of users allowed to impersonate the service account"
|
||||
description = "List of users allowed to impersonate the service account."
|
||||
type = list(string)
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "datamart_bq_datasets" {
|
||||
description = "Datamart Bigquery datasets"
|
||||
description = "Datamart Bigquery datasets."
|
||||
type = map(object({
|
||||
iam = map(list(string))
|
||||
location = string
|
||||
|
|
@ -38,7 +38,7 @@ variable "datamart_bq_datasets" {
|
|||
}
|
||||
|
||||
variable "dwh_bq_datasets" {
|
||||
description = "DWH Bigquery datasets"
|
||||
description = "DWH Bigquery datasets."
|
||||
type = map(object({
|
||||
location = string
|
||||
iam = map(list(string))
|
||||
|
|
@ -52,7 +52,7 @@ variable "dwh_bq_datasets" {
|
|||
}
|
||||
|
||||
variable "landing_buckets" {
|
||||
description = "List of landing buckets to create"
|
||||
description = "List of landing buckets to create."
|
||||
type = map(object({
|
||||
location = string
|
||||
name = string
|
||||
|
|
@ -70,7 +70,7 @@ variable "landing_buckets" {
|
|||
}
|
||||
|
||||
variable "landing_pubsub" {
|
||||
description = "List of landing pubsub topics and subscriptions to create"
|
||||
description = "List of landing pubsub topics and subscriptions to create."
|
||||
type = map(map(object({
|
||||
iam = map(list(string))
|
||||
labels = map(string)
|
||||
|
|
@ -147,7 +147,7 @@ variable "service_encryption_key_ids" {
|
|||
}
|
||||
|
||||
variable "transformation_buckets" {
|
||||
description = "List of transformation buckets to create"
|
||||
description = "List of transformation buckets to create."
|
||||
type = map(object({
|
||||
location = string
|
||||
name = string
|
||||
|
|
|
|||
|
|
@ -117,7 +117,7 @@ You can check data imported into Google BigQuery from the Google Cloud Console U
|
|||
|---|---|:---:|:---:|:---:|
|
||||
| [project_id](variables.tf#L31) | Project id, references existing project if `project_create` is null. | <code>string</code> | ✓ | |
|
||||
| [prefix](variables.tf#L16) | Unique prefix used for resource names. Not used for project if 'project_create' is null. | <code>string</code> | | <code>null</code> |
|
||||
| [project_create](variables.tf#L22) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
| [project_create](variables.tf#L22) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
| [region](variables.tf#L36) | The region where resources will be deployed. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [vpc_subnet_range](variables.tf#L42) | Ip range used for the VPC subnet created for the example. | <code>string</code> | | <code>"10.0.0.0/20"</code> |
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ variable "prefix" {
|
|||
}
|
||||
|
||||
variable "project_create" {
|
||||
description = "Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format"
|
||||
description = "Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format."
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ bq query --use_legacy_sql=false 'SELECT * FROM `PROJECT.datalake.person` LIMIT 1
|
|||
| [project_id](variables.tf#L40) | Project id, references existing project if `project_create` is null. | <code>string</code> | ✓ | |
|
||||
| [cmek_encryption](variables.tf#L15) | Flag to enable CMEK on GCP resources created. | <code>bool</code> | | <code>false</code> |
|
||||
| [data_eng_principals](variables.tf#L21) | Groups with Service Account Token creator role on service accounts in IAM format, eg 'group:group@domain.com'. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [project_create](variables.tf#L31) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
| [project_create](variables.tf#L31) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||||
| [region](variables.tf#L45) | The region where resources will be deployed. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [vpc_subnet_range](variables.tf#L51) | Ip range used for the VPC subnet created for the example. | <code>string</code> | | <code>"10.0.0.0/20"</code> |
|
||||
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ variable "prefix" {
|
|||
}
|
||||
|
||||
variable "project_create" {
|
||||
description = "Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format"
|
||||
description = "Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format."
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
|
|
|
|||
|
|
@ -140,7 +140,7 @@ web-app-a-ingress:
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [config_directories](variables.tf#L17) | List of paths to folders where firewall configs are stored in yaml format. Folder may include subfolders with configuration files. Files suffix must be `.yaml` | <code>list(string)</code> | ✓ | |
|
||||
| [config_directories](variables.tf#L17) | List of paths to folders where firewall configs are stored in yaml format. Folder may include subfolders with configuration files. Files suffix must be `.yaml`. | <code>list(string)</code> | ✓ | |
|
||||
| [network](variables.tf#L30) | Name of the network this set of firewall rules applies to. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L35) | Project Id. | <code>string</code> | ✓ | |
|
||||
| [log_config](variables.tf#L22) | Log configuration. Possible values for `metadata` are `EXCLUDE_ALL_METADATA` and `INCLUDE_ALL_METADATA`. Set to `null` for disabling firewall logging. | <code title="object({ metadata = string })">object({…})</code> | | <code>null</code> |
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
*/
|
||||
|
||||
variable "config_directories" {
|
||||
description = "List of paths to folders where firewall configs are stored in yaml format. Folder may include subfolders with configuration files. Files suffix must be `.yaml`"
|
||||
description = "List of paths to folders where firewall configs are stored in yaml format. Folder may include subfolders with configuration files. Files suffix must be `.yaml`."
|
||||
type = list(string)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -223,7 +223,7 @@ vpc:
|
|||
| [project_id](variables.tf#L111) | Project id. | <code>string</code> | ✓ | |
|
||||
| [billing_alert](variables.tf#L22) | Billing alert configuration. | <code title="object({ amount = number thresholds = object({ current = list(number) forecasted = list(number) }) credit_treatment = string })">object({…})</code> | | <code>null</code> |
|
||||
| [dns_zones](variables.tf#L56) | DNS private zones to create as child of var.defaults.environment_dns_zone. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [essential_contacts](variables.tf#L62) | Email contacts to be used for billing and GCP notifications | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [essential_contacts](variables.tf#L62) | Email contacts to be used for billing and GCP notifications. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [group_iam](variables.tf#L73) | Custom IAM settings in group => [role] format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [iam](variables.tf#L79) | Custom IAM settings in role => [principal] format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [kms_service_agents](variables.tf#L85) | KMS IAM configuration in as service => [key]. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ variable "dns_zones" {
|
|||
}
|
||||
|
||||
variable "essential_contacts" {
|
||||
description = "Email contacts to be used for billing and GCP notifications"
|
||||
description = "Email contacts to be used for billing and GCP notifications."
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,10 +24,10 @@ You can optionally deploy the Squid server as [Managed Instance Group](https://c
|
|||
| [prefix](variables.tf#L52) | Prefix used for resources that need unique names. | <code>string</code> | ✓ | |
|
||||
| [root_node](variables.tf#L63) | Root node for the new hierarchy, either 'organizations/org_id' or 'folders/folder_id'. | <code>string</code> | ✓ | |
|
||||
| [allowed_domains](variables.tf#L17) | List of domains allowed by the squid proxy. | <code>list(string)</code> | | <code title="[ ".google.com", ".github.com" ]">[…]</code> |
|
||||
| [cidrs](variables.tf#L31) | CIDR ranges for subnets | <code>map(string)</code> | | <code title="{ apps = "10.0.0.0/24" proxy = "10.0.1.0/28" }">{…}</code> |
|
||||
| [cidrs](variables.tf#L31) | CIDR ranges for subnets. | <code>map(string)</code> | | <code title="{ apps = "10.0.0.0/24" proxy = "10.0.1.0/28" }">{…}</code> |
|
||||
| [mig](variables.tf#L40) | Enables the creation of an autoscaling managed instance group of squid instances. | <code>bool</code> | | <code>false</code> |
|
||||
| [nat_logging](variables.tf#L46) | Enables Cloud NAT logging if not null, value is one of 'ERRORS_ONLY', 'TRANSLATIONS_ONLY', 'ALL'. | <code>string</code> | | <code>"ERRORS_ONLY"</code> |
|
||||
| [region](variables.tf#L57) | Default region for resources | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [region](variables.tf#L57) | Default region for resources. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ variable "billing_account" {
|
|||
}
|
||||
|
||||
variable "cidrs" {
|
||||
description = "CIDR ranges for subnets"
|
||||
description = "CIDR ranges for subnets."
|
||||
type = map(string)
|
||||
default = {
|
||||
apps = "10.0.0.0/24"
|
||||
|
|
@ -55,7 +55,7 @@ variable "prefix" {
|
|||
}
|
||||
|
||||
variable "region" {
|
||||
description = "Default region for resources"
|
||||
description = "Default region for resources."
|
||||
type = string
|
||||
default = "europe-west1"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ resource "google_organization_iam_binding" "billing_org_ext_admin_delegated" {
|
|||
members = [module.automation-tf-resman-sa.iam_email]
|
||||
condition {
|
||||
title = "automation_sa_delegated_grants"
|
||||
description = "Automation service account delegated grants"
|
||||
description = "Automation service account delegated grants."
|
||||
expression = format(
|
||||
"api.getAttribute('iam.googleapis.com/modifiedGrantsByRole', []).hasOnly([%s])",
|
||||
join(",", formatlist("'%s'", [
|
||||
|
|
|
|||
|
|
@ -182,7 +182,7 @@ resource "google_organization_iam_binding" "org_admin_delegated" {
|
|||
members = [module.automation-tf-resman-sa.iam_email]
|
||||
condition {
|
||||
title = "automation_sa_delegated_grants"
|
||||
description = "Automation service account delegated grants"
|
||||
description = "Automation service account delegated grants."
|
||||
expression = format(
|
||||
"api.getAttribute('iam.googleapis.com/modifiedGrantsByRole', []).hasOnly([%s])",
|
||||
join(",", formatlist("'%s'", concat(
|
||||
|
|
|
|||
|
|
@ -313,12 +313,12 @@ DNS configurations are centralised in the `dns.tf` file. Spokes delegate DNS res
|
|||
| [prefix](variables.tf#L113) | Prefix used for resources that need unique names. | <code>string</code> | ✓ | | <code>00-bootstrap</code> |
|
||||
| [custom_adv](variables.tf#L23) | Custom advertisement definitions in name => range format. | <code>map(string)</code> | | <code title="{ cloud_dns = "35.199.192.0/19" gcp_all = "10.128.0.0/16" gcp_dev = "10.128.32.0/19" gcp_landing = "10.128.0.0/19" gcp_prod = "10.128.64.0/19" googleapis_private = "199.36.153.8/30" googleapis_restricted = "199.36.153.4/30" rfc_1918_10 = "10.0.0.0/8" rfc_1918_172 = "172.16.0.0/16" rfc_1918_192 = "192.168.0.0/16" }">{…}</code> | |
|
||||
| [data_dir](variables.tf#L40) | Relative path for the folder storing configuration data for network resources. | <code>string</code> | | <code>"data"</code> | |
|
||||
| [dns](variables.tf#L46) | Onprem DNS resolvers | <code>map(list(string))</code> | | <code title="{ onprem = ["10.0.200.3"] }">{…}</code> | |
|
||||
| [dns](variables.tf#L46) | Onprem DNS resolvers. | <code>map(list(string))</code> | | <code title="{ onprem = ["10.0.200.3"] }">{…}</code> | |
|
||||
| [folder_id](variables.tf#L54) | Folder to be used for the networking resources in folders/nnnnnnnnnnn format. If null, folder will be created. | <code>string</code> | | <code>null</code> | <code>01-resman</code> |
|
||||
| [gke](variables.tf#L68) | | <code title="map(object({ folder_id = string sa = string gcs = string }))">map(object({…}))</code> | | <code>{}</code> | <code>01-resman</code> |
|
||||
| [l7ilb_subnets](variables.tf#L79) | Subnets used for L7 ILBs. | <code title="map(list(object({ ip_cidr_range = string region = string })))">map(list(object({…})))</code> | | <code title="{ prod = [ { ip_cidr_range = "10.128.92.0/24", region = "europe-west1" }, { ip_cidr_range = "10.128.93.0/24", region = "europe-west4" } ] dev = [ { ip_cidr_range = "10.128.60.0/24", region = "europe-west1" }, { ip_cidr_range = "10.128.61.0/24", region = "europe-west4" } ] }">{…}</code> | |
|
||||
| [outputs_location](variables.tf#L107) | Path where providers and tfvars files for the following stages are written. Leave empty to disable. | <code>string</code> | | <code>null</code> | |
|
||||
| [project_factory_sa](variables.tf#L119) | IAM emails for project factory service accounts | <code>map(string)</code> | | <code>{}</code> | <code>01-resman</code> |
|
||||
| [project_factory_sa](variables.tf#L119) | IAM emails for project factory service accounts. | <code>map(string)</code> | | <code>{}</code> | <code>01-resman</code> |
|
||||
| [psa_ranges](variables.tf#L126) | IP ranges used for Private Service Access (e.g. CloudSQL). | <code>map(map(string))</code> | | <code title="{ prod = { cloudsql-mysql = "10.128.94.0/24" cloudsql-sqlserver = "10.128.95.0/24" } dev = { cloudsql-mysql = "10.128.62.0/24" cloudsql-sqlserver = "10.128.63.0/24" } }">{…}</code> | |
|
||||
| [router_configs](variables.tf#L141) | Configurations for CRs and onprem routers. | <code title="map(object({ adv = object({ custom = list(string) default = bool }) asn = number }))">map(object({…}))</code> | | <code title="{ onprem-ew1 = { asn = "65534" adv = null } landing-ew1 = { asn = "64512", adv = null } landing-ew4 = { asn = "64512", adv = null } spoke-dev-ew1 = { asn = "64513", adv = null } spoke-dev-ew4 = { asn = "64513", adv = null } spoke-prod-ew1 = { asn = "64514", adv = null } spoke-prod-ew4 = { asn = "64514", adv = null } }">{…}</code> | |
|
||||
| [vpn_onprem_configs](variables.tf#L165) | VPN gateway configuration for onprem interconnection. | <code title="map(object({ adv = object({ default = bool custom = list(string) }) peer_external_gateway = object({ redundancy_type = string interfaces = list(object({ id = number ip_address = string })) }) tunnels = list(object({ peer_asn = number peer_external_gateway_interface = number secret = string session_range = string vpn_gateway_interface = number })) }))">map(object({…}))</code> | | <code title="{ landing-ew1 = { adv = { default = false custom = [ "cloud_dns", "googleapis_private", "googleapis_restricted", "gcp_all" ] } peer_external_gateway = { redundancy_type = "SINGLE_IP_INTERNALLY_REDUNDANT" interfaces = [ { id = 0, ip_address = "8.8.8.8" }, ] } tunnels = [ { peer_asn = 65534 peer_external_gateway_interface = 0 secret = "foobar" session_range = "169.254.1.0/30" vpn_gateway_interface = 0 }, { peer_asn = 65534 peer_external_gateway_interface = 0 secret = "foobar" session_range = "169.254.1.4/30" vpn_gateway_interface = 1 } ] } }">{…}</code> | |
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ variable "data_dir" {
|
|||
}
|
||||
|
||||
variable "dns" {
|
||||
description = "Onprem DNS resolvers"
|
||||
description = "Onprem DNS resolvers."
|
||||
type = map(list(string))
|
||||
default = {
|
||||
onprem = ["10.0.200.3"]
|
||||
|
|
@ -118,7 +118,7 @@ variable "prefix" {
|
|||
|
||||
variable "project_factory_sa" {
|
||||
# tfdoc:variable:source 01-resman
|
||||
description = "IAM emails for project factory service accounts"
|
||||
description = "IAM emails for project factory service accounts."
|
||||
type = map(string)
|
||||
default = {}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ resource "google_project_iam_member" "dev_key_admin_delegated" {
|
|||
member = each.key
|
||||
condition {
|
||||
title = "kms_sa_delegated_grants"
|
||||
description = "Automation service account delegated grants"
|
||||
description = "Automation service account delegated grants."
|
||||
expression = format(
|
||||
"api.getAttribute('iam.googleapis.com/modifiedGrantsByRole', []).hasOnly([%s])",
|
||||
join(",", formatlist("'%s'", [
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ resource "google_project_iam_member" "prod_key_admin_delegated" {
|
|||
member = each.key
|
||||
condition {
|
||||
title = "kms_sa_delegated_grants"
|
||||
description = "Automation service account delegated grants"
|
||||
description = "Automation service account delegated grants."
|
||||
expression = format(
|
||||
"api.getAttribute('iam.googleapis.com/modifiedGrantsByRole', []).hasOnly([%s])",
|
||||
join(",", formatlist("'%s'", [
|
||||
|
|
|
|||
|
|
@ -29,19 +29,19 @@ module "neg" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [endpoints](variables.tf#L42) | List of (instance, port, address) of the NEG | <code title="list(object({ instance = string port = number ip_address = string }))">list(object({…}))</code> | ✓ | |
|
||||
| [name](variables.tf#L22) | NEG name | <code>string</code> | ✓ | |
|
||||
| [endpoints](variables.tf#L42) | List of (instance, port, address) of the NEG. | <code title="list(object({ instance = string port = number ip_address = string }))">list(object({…}))</code> | ✓ | |
|
||||
| [name](variables.tf#L22) | NEG name. | <code>string</code> | ✓ | |
|
||||
| [network](variables.tf#L27) | Name or self link of the VPC used for the NEG. Use the self link for Shared VPC. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L17) | NEG project id. | <code>string</code> | ✓ | |
|
||||
| [subnetwork](variables.tf#L32) | VPC subnetwork name or self link. | <code>string</code> | ✓ | |
|
||||
| [zone](variables.tf#L37) | NEG zone | <code>string</code> | ✓ | |
|
||||
| [zone](variables.tf#L37) | NEG zone. | <code>string</code> | ✓ | |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [id](outputs.tf#L17) | Network endpoint group ID | |
|
||||
| [self_lnk](outputs.tf#L27) | Network endpoint group self link | |
|
||||
| [size](outputs.tf#L22) | Size of the network endpoint group | |
|
||||
| [id](outputs.tf#L17) | Network endpoint group ID. | |
|
||||
| [self_lnk](outputs.tf#L27) | Network endpoint group self link. | |
|
||||
| [size](outputs.tf#L22) | Size of the network endpoint group. | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -15,16 +15,16 @@
|
|||
*/
|
||||
|
||||
output "id" {
|
||||
description = "Network endpoint group ID"
|
||||
description = "Network endpoint group ID."
|
||||
value = google_compute_network_endpoint_group.group.name
|
||||
}
|
||||
|
||||
output "size" {
|
||||
description = "Size of the network endpoint group"
|
||||
description = "Size of the network endpoint group."
|
||||
value = google_compute_network_endpoint_group.group.size
|
||||
}
|
||||
|
||||
output "self_lnk" {
|
||||
description = "Network endpoint group self link"
|
||||
description = "Network endpoint group self link."
|
||||
value = google_compute_network_endpoint_group.group.self_link
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ variable "project_id" {
|
|||
}
|
||||
|
||||
variable "name" {
|
||||
description = "NEG name"
|
||||
description = "NEG name."
|
||||
type = string
|
||||
}
|
||||
|
||||
|
|
@ -35,12 +35,12 @@ variable "subnetwork" {
|
|||
}
|
||||
|
||||
variable "zone" {
|
||||
description = "NEG zone"
|
||||
description = "NEG zone."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "endpoints" {
|
||||
description = "List of (instance, port, address) of the NEG"
|
||||
description = "List of (instance, port, address) of the NEG."
|
||||
type = list(object({
|
||||
instance = string
|
||||
port = number
|
||||
|
|
|
|||
|
|
@ -48,8 +48,8 @@ module "apigee-x-instance" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [apigee_org_id](variables.tf#L32) | Apigee Organization ID | <code>string</code> | ✓ | |
|
||||
| [cidr_mask](variables.tf#L37) | CIDR mask for the Apigee instance | <code>number</code> | ✓ | |
|
||||
| [apigee_org_id](variables.tf#L32) | Apigee Organization ID. | <code>string</code> | ✓ | |
|
||||
| [cidr_mask](variables.tf#L37) | CIDR mask for the Apigee instance. | <code>number</code> | ✓ | |
|
||||
| [name](variables.tf#L52) | Apigee instance name. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L57) | Compute region. | <code>string</code> | ✓ | |
|
||||
| [apigee_envgroups](variables.tf#L17) | Apigee Environment Groups. | <code title="map(object({ environments = list(string) hostnames = list(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
|
|
|
|||
|
|
@ -30,12 +30,12 @@ variable "apigee_environments" {
|
|||
}
|
||||
|
||||
variable "apigee_org_id" {
|
||||
description = "Apigee Organization ID"
|
||||
description = "Apigee Organization ID."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "cidr_mask" {
|
||||
description = "CIDR mask for the Apigee instance"
|
||||
description = "CIDR mask for the Apigee instance."
|
||||
type = number
|
||||
validation {
|
||||
condition = contains([16, 20, 22], var.cidr_mask)
|
||||
|
|
|
|||
|
|
@ -25,19 +25,19 @@ module "docker_artifact_registry" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [id](variables.tf#L35) | Repository id | <code>string</code> | ✓ | |
|
||||
| [id](variables.tf#L35) | Repository id. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L52) | Registry project id. | <code>string</code> | ✓ | |
|
||||
| [description](variables.tf#L17) | An optional description for the repository | <code>string</code> | | <code>"Terraform-managed registry"</code> |
|
||||
| [format](variables.tf#L23) | Repository format. One of DOCKER or UNSPECIFIED | <code>string</code> | | <code>"DOCKER"</code> |
|
||||
| [description](variables.tf#L17) | An optional description for the repository. | <code>string</code> | | <code>"Terraform-managed registry"</code> |
|
||||
| [format](variables.tf#L23) | Repository format. One of DOCKER or UNSPECIFIED. | <code>string</code> | | <code>"DOCKER"</code> |
|
||||
| [iam](variables.tf#L29) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [labels](variables.tf#L40) | Labels to be attached to the registry. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [location](variables.tf#L46) | Registry location. Use `gcloud beta artifacts locations list' to get valid values | <code>string</code> | | <code>null</code> |
|
||||
| [location](variables.tf#L46) | Registry location. Use `gcloud beta artifacts locations list' to get valid values. | <code>string</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [id](outputs.tf#L17) | Repository id | |
|
||||
| [name](outputs.tf#L22) | Repository name | |
|
||||
| [id](outputs.tf#L17) | Repository id. | |
|
||||
| [name](outputs.tf#L22) | Repository name. | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -15,11 +15,11 @@
|
|||
*/
|
||||
|
||||
output "id" {
|
||||
description = "Repository id"
|
||||
description = "Repository id."
|
||||
value = google_artifact_registry_repository.registry.id
|
||||
}
|
||||
|
||||
output "name" {
|
||||
description = "Repository name"
|
||||
description = "Repository name."
|
||||
value = google_artifact_registry_repository.registry.name
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,13 +15,13 @@
|
|||
*/
|
||||
|
||||
variable "description" {
|
||||
description = "An optional description for the repository"
|
||||
description = "An optional description for the repository."
|
||||
type = string
|
||||
default = "Terraform-managed registry"
|
||||
}
|
||||
|
||||
variable "format" {
|
||||
description = "Repository format. One of DOCKER or UNSPECIFIED"
|
||||
description = "Repository format. One of DOCKER or UNSPECIFIED."
|
||||
type = string
|
||||
default = "DOCKER"
|
||||
}
|
||||
|
|
@ -33,7 +33,7 @@ variable "iam" {
|
|||
}
|
||||
|
||||
variable "id" {
|
||||
description = "Repository id"
|
||||
description = "Repository id."
|
||||
type = string
|
||||
}
|
||||
|
||||
|
|
@ -44,7 +44,7 @@ variable "labels" {
|
|||
}
|
||||
|
||||
variable "location" {
|
||||
description = "Registry location. Use `gcloud beta artifacts locations list' to get valid values"
|
||||
description = "Registry location. Use `gcloud beta artifacts locations list' to get valid values."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
|
|
|||
|
|
@ -71,7 +71,7 @@ module "pubsub" {
|
|||
| [name](variables.tf#L50) | Budget name. | <code>string</code> | ✓ | |
|
||||
| [thresholds](variables.tf#L85) | Thresholds percentages at which alerts are sent. Must be a value between 0 and 1. | <code title="object({ current = list(number) forecasted = list(number) })">object({…})</code> | ✓ | |
|
||||
| [amount](variables.tf#L17) | Amount in the billing account's currency for the budget. Use 0 to set budget to 100% of last period's spend. | <code>number</code> | | <code>0</code> |
|
||||
| [credit_treatment](variables.tf#L28) | How credits should be treated when determining spend for threshold calculations. Only INCLUDE_ALL_CREDITS or EXCLUDE_ALL_CREDITS are supported | <code>string</code> | | <code>"INCLUDE_ALL_CREDITS"</code> |
|
||||
| [credit_treatment](variables.tf#L28) | How credits should be treated when determining spend for threshold calculations. Only INCLUDE_ALL_CREDITS or EXCLUDE_ALL_CREDITS are supported. | <code>string</code> | | <code>"INCLUDE_ALL_CREDITS"</code> |
|
||||
| [email_recipients](variables.tf#L41) | Emails where budget notifications will be sent. Setting this will create a notification channel for each email in the specified project. | <code title="object({ project_id = string emails = list(string) })">object({…})</code> | | <code>null</code> |
|
||||
| [notification_channels](variables.tf#L55) | Monitoring notification channels where to send updates. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [notify_default_recipients](variables.tf#L61) | Notify Billing Account Administrators and Billing Account Users IAM roles for the target account. | <code>bool</code> | | <code>false</code> |
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ variable "billing_account" {
|
|||
}
|
||||
|
||||
variable "credit_treatment" {
|
||||
description = "How credits should be treated when determining spend for threshold calculations. Only INCLUDE_ALL_CREDITS or EXCLUDE_ALL_CREDITS are supported"
|
||||
description = "How credits should be treated when determining spend for threshold calculations. Only INCLUDE_ALL_CREDITS or EXCLUDE_ALL_CREDITS are supported."
|
||||
type = string
|
||||
default = "INCLUDE_ALL_CREDITS"
|
||||
validation {
|
||||
|
|
|
|||
|
|
@ -65,17 +65,17 @@ module "cos-envoy" {
|
|||
|---|---|:---:|:---:|:---:|
|
||||
| [container_image](variables.tf#L42) | Container image. | <code>string</code> | ✓ | |
|
||||
| [authenticate_gcr](variables.tf#L112) | Setup docker to pull images from private GCR. Requires at least one user since the token is stored in the home of the first user defined. | <code>bool</code> | | <code>false</code> |
|
||||
| [boot_commands](variables.tf#L17) | List of cloud-init `bootcmd`s | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [boot_commands](variables.tf#L17) | List of cloud-init `bootcmd`s. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [cloud_config](variables.tf#L23) | Cloud config template path. If provided, takes precedence over all other arguments. | <code>string</code> | | <code>null</code> |
|
||||
| [config_variables](variables.tf#L29) | Additional variables used to render the template passed via `cloud_config` | <code>map(any)</code> | | <code>{}</code> |
|
||||
| [container_args](variables.tf#L35) | Arguments for container | <code>string</code> | | <code>""</code> |
|
||||
| [container_name](variables.tf#L47) | Name of the container to be run | <code>string</code> | | <code>"container"</code> |
|
||||
| [container_volumes](variables.tf#L53) | List of volumes | <code title="list(object({ host = string, container = string }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [docker_args](variables.tf#L62) | Extra arguments to be passed for docker | <code>string</code> | | <code>null</code> |
|
||||
| [config_variables](variables.tf#L29) | Additional variables used to render the template passed via `cloud_config`. | <code>map(any)</code> | | <code>{}</code> |
|
||||
| [container_args](variables.tf#L35) | Arguments for container. | <code>string</code> | | <code>""</code> |
|
||||
| [container_name](variables.tf#L47) | Name of the container to be run. | <code>string</code> | | <code>"container"</code> |
|
||||
| [container_volumes](variables.tf#L53) | List of volumes. | <code title="list(object({ host = string, container = string }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [docker_args](variables.tf#L62) | Extra arguments to be passed for docker. | <code>string</code> | | <code>null</code> |
|
||||
| [file_defaults](variables.tf#L68) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L80) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [gcp_logging](variables.tf#L90) | Should container logs be sent to Google Cloud Logging | <code>bool</code> | | <code>true</code> |
|
||||
| [run_commands](variables.tf#L96) | List of cloud-init `runcmd`s | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [gcp_logging](variables.tf#L90) | Should container logs be sent to Google Cloud Logging. | <code>bool</code> | | <code>true</code> |
|
||||
| [run_commands](variables.tf#L96) | List of cloud-init `runcmd`s. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [users](variables.tf#L102) | List of usernames to be created. If provided, first user will be used to run the container. | <code title="list(object({ username = string, uid = number, }))">list(object({…}))</code> | | <code title="[ ]">[…]</code> |
|
||||
|
||||
## Outputs
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
*/
|
||||
|
||||
variable "boot_commands" {
|
||||
description = "List of cloud-init `bootcmd`s"
|
||||
description = "List of cloud-init `bootcmd`s."
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
|
@ -27,13 +27,13 @@ variable "cloud_config" {
|
|||
}
|
||||
|
||||
variable "config_variables" {
|
||||
description = "Additional variables used to render the template passed via `cloud_config`"
|
||||
description = "Additional variables used to render the template passed via `cloud_config`."
|
||||
type = map(any)
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "container_args" {
|
||||
description = "Arguments for container"
|
||||
description = "Arguments for container."
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
|
@ -45,13 +45,13 @@ variable "container_image" {
|
|||
}
|
||||
|
||||
variable "container_name" {
|
||||
description = "Name of the container to be run"
|
||||
description = "Name of the container to be run."
|
||||
type = string
|
||||
default = "container"
|
||||
}
|
||||
|
||||
variable "container_volumes" {
|
||||
description = "List of volumes"
|
||||
description = "List of volumes."
|
||||
type = list(object({
|
||||
host = string,
|
||||
container = string
|
||||
|
|
@ -60,7 +60,7 @@ variable "container_volumes" {
|
|||
}
|
||||
|
||||
variable "docker_args" {
|
||||
description = "Extra arguments to be passed for docker"
|
||||
description = "Extra arguments to be passed for docker."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
|
@ -88,13 +88,13 @@ variable "files" {
|
|||
}
|
||||
|
||||
variable "gcp_logging" {
|
||||
description = "Should container logs be sent to Google Cloud Logging"
|
||||
description = "Should container logs be sent to Google Cloud Logging."
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "run_commands" {
|
||||
description = "List of cloud-init `runcmd`s"
|
||||
description = "List of cloud-init `runcmd`s."
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ module "vm-cos" {
|
|||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [envoy_image](variables.tf#L17) | Envoy Proxy container image to use. | <code>string</code> | | <code>"envoyproxy/envoy:v1.14.1"</code> |
|
||||
| [gcp_logging](variables.tf#L23) | Should container logs be sent to Google Cloud Logging | <code>bool</code> | | <code>true</code> |
|
||||
| [gcp_logging](variables.tf#L23) | Should container logs be sent to Google Cloud Logging. | <code>bool</code> | | <code>true</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ variable "envoy_image" {
|
|||
}
|
||||
|
||||
variable "gcp_logging" {
|
||||
description = "Should container logs be sent to Google Cloud Logging"
|
||||
description = "Should container logs be sent to Google Cloud Logging."
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
*/
|
||||
|
||||
output "test_instance" {
|
||||
description = "Optional test instance name and address"
|
||||
description = "Optional test instance name and address."
|
||||
value = (var.test_instance == null ? {} : {
|
||||
address = google_compute_instance.default[0].network_interface.0.network_ip
|
||||
name = google_compute_instance.default[0].name
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ module "cos-squid" {
|
|||
| [clients](variables.tf#L69) | List of CIDR ranges from which Squid will allow connections. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [cloud_config](variables.tf#L17) | Cloud config template path. If null default will be used. | <code>string</code> | | <code>null</code> |
|
||||
| [config_variables](variables.tf#L23) | Additional variables used to render the cloud-config and Squid templates. | <code>map(any)</code> | | <code>{}</code> |
|
||||
| [default_action](variables.tf#L75) | Default action for domains not matching neither the allow or deny lists | <code>string</code> | | <code>"deny"</code> |
|
||||
| [default_action](variables.tf#L75) | Default action for domains not matching neither the allow or deny lists. | <code>string</code> | | <code>"deny"</code> |
|
||||
| [deny](variables.tf#L63) | List of domains Squid will deny connections to. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [file_defaults](variables.tf#L35) | Default owner and permissions for files. | <code title="object({ owner = string permissions = string })">object({…})</code> | | <code title="{ owner = "root" permissions = "0644" }">{…}</code> |
|
||||
| [files](variables.tf#L47) | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | <code title="map(object({ content = string owner = string permissions = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ variable "clients" {
|
|||
}
|
||||
|
||||
variable "default_action" {
|
||||
description = "Default action for domains not matching neither the allow or deny lists"
|
||||
description = "Default action for domains not matching neither the allow or deny lists."
|
||||
type = string
|
||||
default = "deny"
|
||||
validation {
|
||||
|
|
|
|||
|
|
@ -170,14 +170,14 @@ module "cf-http" {
|
|||
| [function_config](variables.tf#L52) | Cloud function configuration. | <code title="object({ entry_point = string instances = number memory = number runtime = string timeout = number })">object({…})</code> | | <code title="{ entry_point = "main" instances = 1 memory = 256 runtime = "python37" timeout = 180 }">{…}</code> |
|
||||
| [iam](variables.tf#L70) | IAM bindings for topic in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [ingress_settings](variables.tf#L76) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL and ALLOW_INTERNAL_ONLY. | <code>string</code> | | <code>null</code> |
|
||||
| [labels](variables.tf#L82) | Resource labels | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [labels](variables.tf#L82) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [prefix](variables.tf#L93) | Optional prefix used for resource names. | <code>string</code> | | <code>null</code> |
|
||||
| [region](variables.tf#L104) | Region used for all resources. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [service_account](variables.tf#L110) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L116) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [trigger_config](variables.tf#L122) | Function trigger configuration. Leave null for HTTP trigger. | <code title="object({ event = string resource = string retry = bool })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector](variables.tf#L132) | VPC connector configuration. Set create to 'true' if a new connector needs to be created | <code title="object({ create = bool name = string egress_settings = string })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector_config](variables.tf#L142) | VPC connector network configuration. Must be provided if new VPC connector is being created | <code title="object({ ip_cidr_range = string network = string })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector](variables.tf#L132) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | <code title="object({ create = bool name = string egress_settings = string })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector_config](variables.tf#L142) | VPC connector network configuration. Must be provided if new VPC connector is being created. | <code title="object({ ip_cidr_range = string network = string })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ variable "ingress_settings" {
|
|||
}
|
||||
|
||||
variable "labels" {
|
||||
description = "Resource labels"
|
||||
description = "Resource labels."
|
||||
type = map(string)
|
||||
default = {}
|
||||
}
|
||||
|
|
@ -130,7 +130,7 @@ variable "trigger_config" {
|
|||
}
|
||||
|
||||
variable "vpc_connector" {
|
||||
description = "VPC connector configuration. Set create to 'true' if a new connector needs to be created"
|
||||
description = "VPC connector configuration. Set create to 'true' if a new connector needs to be created."
|
||||
type = object({
|
||||
create = bool
|
||||
name = string
|
||||
|
|
@ -140,7 +140,7 @@ variable "vpc_connector" {
|
|||
}
|
||||
|
||||
variable "vpc_connector_config" {
|
||||
description = "VPC connector network configuration. Must be provided if new VPC connector is being created"
|
||||
description = "VPC connector network configuration. Must be provided if new VPC connector is being created."
|
||||
type = object({
|
||||
ip_cidr_range = string
|
||||
network = string
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ module "group" {
|
|||
| [customer_id](variables.tf#L17) | Directory customer ID in the form customers/C0xxxxxxx. | <code>string</code> | ✓ | |
|
||||
| [display_name](variables.tf#L32) | Group display name. | <code>string</code> | ✓ | |
|
||||
| [name](variables.tf#L43) | Group ID (usually an email). | <code>string</code> | ✓ | |
|
||||
| [description](variables.tf#L26) | Group description | <code>string</code> | | <code>null</code> |
|
||||
| [description](variables.tf#L26) | Group description. | <code>string</code> | | <code>null</code> |
|
||||
| [members](variables.tf#L37) | List of group members. | <code>list(string)</code> | | <code>[]</code> |
|
||||
|
||||
## Outputs
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ variable "customer_id" {
|
|||
}
|
||||
|
||||
variable "description" {
|
||||
description = "Group description"
|
||||
description = "Group description."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
|
|
|||
|
|
@ -212,33 +212,33 @@ module "cloud_run" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [containers](variables.tf#L27) | Containers | <code title="list(object({ image = string options = object({ command = list(string) args = list(string) env = map(string) env_from = map(object({ key = string name = string })) }) resources = object({ limits = object({ cpu = string memory = string }) requests = object({ cpu = string memory = string }) }) ports = list(object({ name = string protocol = string container_port = string })) volume_mounts = map(string) }))">list(object({…}))</code> | ✓ | |
|
||||
| [name](variables.tf#L77) | Name used for cloud run service | <code>string</code> | ✓ | |
|
||||
| [containers](variables.tf#L27) | Containers. | <code title="list(object({ image = string options = object({ command = list(string) args = list(string) env = map(string) env_from = map(object({ key = string name = string })) }) resources = object({ limits = object({ cpu = string memory = string }) requests = object({ cpu = string memory = string }) }) ports = list(object({ name = string protocol = string container_port = string })) volume_mounts = map(string) }))">list(object({…}))</code> | ✓ | |
|
||||
| [name](variables.tf#L77) | Name used for cloud run service. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L88) | Project id used for all resources. | <code>string</code> | ✓ | |
|
||||
| [audit_log_triggers](variables.tf#L18) | Event arc triggers (Audit log) | <code title="list(object({ service_name = string method_name = string }))">list(object({…}))</code> | | <code>null</code> |
|
||||
| [audit_log_triggers](variables.tf#L18) | Event arc triggers (Audit log). | <code title="list(object({ service_name = string method_name = string }))">list(object({…}))</code> | | <code>null</code> |
|
||||
| [iam](variables.tf#L59) | IAM bindings for Cloud Run service in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [ingress_settings](variables.tf#L65) | Ingress settings | <code>string</code> | | <code>null</code> |
|
||||
| [labels](variables.tf#L71) | Resource labels | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [ingress_settings](variables.tf#L65) | Ingress settings. | <code>string</code> | | <code>null</code> |
|
||||
| [labels](variables.tf#L71) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [prefix](variables.tf#L82) | Optional prefix used for resource names. | <code>string</code> | | <code>null</code> |
|
||||
| [pubsub_triggers](variables.tf#L93) | Eventarc triggers (Pub/Sub) | <code>list(string)</code> | | <code>null</code> |
|
||||
| [pubsub_triggers](variables.tf#L93) | Eventarc triggers (Pub/Sub). | <code>list(string)</code> | | <code>null</code> |
|
||||
| [region](variables.tf#L99) | Region used for all resources. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [revision_name](variables.tf#L105) | Revision name | <code>string</code> | | <code>null</code> |
|
||||
| [revision_name](variables.tf#L105) | Revision name. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account](variables.tf#L111) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L117) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [traffic](variables.tf#L123) | Traffic | <code>map(number)</code> | | <code>null</code> |
|
||||
| [volumes](variables.tf#L129) | Volumes | <code title="list(object({ name = string secret_name = string items = list(object({ key = string path = string })) }))">list(object({…}))</code> | | <code>null</code> |
|
||||
| [vpc_connector](variables.tf#L142) | VPC connector configuration. Set create to 'true' if a new connecto needs to be created | <code title="object({ create = bool name = string egress_settings = string })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector_config](variables.tf#L152) | VPC connector network configuration. Must be provided if new VPC connector is being created | <code title="object({ ip_cidr_range = string network = string })">object({…})</code> | | <code>null</code> |
|
||||
| [traffic](variables.tf#L123) | Traffic. | <code>map(number)</code> | | <code>null</code> |
|
||||
| [volumes](variables.tf#L129) | Volumes. | <code title="list(object({ name = string secret_name = string items = list(object({ key = string path = string })) }))">list(object({…}))</code> | | <code>null</code> |
|
||||
| [vpc_connector](variables.tf#L142) | VPC connector configuration. Set create to 'true' if a new connecto needs to be created. | <code title="object({ create = bool name = string egress_settings = string })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector_config](variables.tf#L152) | VPC connector network configuration. Must be provided if new VPC connector is being created. | <code title="object({ ip_cidr_range = string network = string })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [service](outputs.tf#L18) | Cloud Run service | |
|
||||
| [service](outputs.tf#L18) | Cloud Run service. | |
|
||||
| [service_account](outputs.tf#L23) | Service account resource. | |
|
||||
| [service_account_email](outputs.tf#L28) | Service account email. | |
|
||||
| [service_account_iam_email](outputs.tf#L33) | Service account email. | |
|
||||
| [service_name](outputs.tf#L41) | Cloud Run service name | |
|
||||
| [service_name](outputs.tf#L41) | Cloud Run service name. | |
|
||||
| [vpc_connector](outputs.tf#L47) | VPC connector resource if created. | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
*/
|
||||
|
||||
output "service" {
|
||||
description = "Cloud Run service"
|
||||
description = "Cloud Run service."
|
||||
value = google_cloud_run_service.service
|
||||
}
|
||||
|
||||
|
|
@ -39,7 +39,7 @@ output "service_account_iam_email" {
|
|||
}
|
||||
|
||||
output "service_name" {
|
||||
description = "Cloud Run service name"
|
||||
description = "Cloud Run service name."
|
||||
value = google_cloud_run_service.service.name
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
*/
|
||||
|
||||
variable "audit_log_triggers" {
|
||||
description = "Event arc triggers (Audit log)"
|
||||
description = "Event arc triggers (Audit log)."
|
||||
type = list(object({
|
||||
service_name = string
|
||||
method_name = string
|
||||
|
|
@ -25,7 +25,7 @@ variable "audit_log_triggers" {
|
|||
}
|
||||
|
||||
variable "containers" {
|
||||
description = "Containers"
|
||||
description = "Containers."
|
||||
type = list(object({
|
||||
image = string
|
||||
options = object({
|
||||
|
|
@ -63,19 +63,19 @@ variable "iam" {
|
|||
}
|
||||
|
||||
variable "ingress_settings" {
|
||||
description = "Ingress settings"
|
||||
description = "Ingress settings."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "labels" {
|
||||
description = "Resource labels"
|
||||
description = "Resource labels."
|
||||
type = map(string)
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "name" {
|
||||
description = "Name used for cloud run service"
|
||||
description = "Name used for cloud run service."
|
||||
type = string
|
||||
}
|
||||
|
||||
|
|
@ -91,7 +91,7 @@ variable "project_id" {
|
|||
}
|
||||
|
||||
variable "pubsub_triggers" {
|
||||
description = "Eventarc triggers (Pub/Sub)"
|
||||
description = "Eventarc triggers (Pub/Sub)."
|
||||
type = list(string)
|
||||
default = null
|
||||
}
|
||||
|
|
@ -103,7 +103,7 @@ variable "region" {
|
|||
}
|
||||
|
||||
variable "revision_name" {
|
||||
description = "Revision name"
|
||||
description = "Revision name."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
|
@ -121,13 +121,13 @@ variable "service_account_create" {
|
|||
}
|
||||
|
||||
variable "traffic" {
|
||||
description = "Traffic"
|
||||
description = "Traffic."
|
||||
type = map(number)
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "volumes" {
|
||||
description = "Volumes"
|
||||
description = "Volumes."
|
||||
type = list(object({
|
||||
name = string
|
||||
secret_name = string
|
||||
|
|
@ -140,7 +140,7 @@ variable "volumes" {
|
|||
}
|
||||
|
||||
variable "vpc_connector" {
|
||||
description = "VPC connector configuration. Set create to 'true' if a new connecto needs to be created"
|
||||
description = "VPC connector configuration. Set create to 'true' if a new connecto needs to be created."
|
||||
type = object({
|
||||
create = bool
|
||||
name = string
|
||||
|
|
@ -150,7 +150,7 @@ variable "vpc_connector" {
|
|||
}
|
||||
|
||||
variable "vpc_connector_config" {
|
||||
description = "VPC connector network configuration. Must be provided if new VPC connector is being created"
|
||||
description = "VPC connector network configuration. Must be provided if new VPC connector is being created."
|
||||
type = object({
|
||||
ip_cidr_range = string
|
||||
network = string
|
||||
|
|
|
|||
|
|
@ -103,8 +103,8 @@ module "db" {
|
|||
| [region](variables.tf#L112) | Region of the primary replica. | <code>string</code> | ✓ | |
|
||||
| [tier](variables.tf#L123) | The machine type to use for the instances. | <code>string</code> | ✓ | |
|
||||
| [authorized_networks](variables.tf#L17) | Map of NAME=>CIDR_RANGE to allow to connect to the database(s). | <code>map(string)</code> | | <code>null</code> |
|
||||
| [availability_type](variables.tf#L23) | Availability type for the primary replica. Either `ZONAL` or `REGIONAL` | <code>string</code> | | <code>"ZONAL"</code> |
|
||||
| [backup_configuration](variables.tf#L29) | Backup settings for primary instance. Will be automatically enabled if using MySQL with one or more replicas | <code title="object({ enabled = bool binary_log_enabled = bool start_time = string location = string log_retention_days = number retention_count = number })">object({…})</code> | | <code title="{ enabled = false binary_log_enabled = false start_time = "23:00" location = "EU" log_retention_days = 7 retention_count = 7 }">{…}</code> |
|
||||
| [availability_type](variables.tf#L23) | Availability type for the primary replica. Either `ZONAL` or `REGIONAL`. | <code>string</code> | | <code>"ZONAL"</code> |
|
||||
| [backup_configuration](variables.tf#L29) | Backup settings for primary instance. Will be automatically enabled if using MySQL with one or more replicas. | <code title="object({ enabled = bool binary_log_enabled = bool start_time = string location = string log_retention_days = number retention_count = number })">object({…})</code> | | <code title="{ enabled = false binary_log_enabled = false start_time = "23:00" location = "EU" log_retention_days = 7 retention_count = 7 }">{…}</code> |
|
||||
| [databases](variables.tf#L55) | Databases to create once the primary instance is created. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [deletion_protection](variables.tf#L61) | Allow terraform to delete instances. | <code>bool</code> | | <code>false</code> |
|
||||
| [disk_size](variables.tf#L67) | Disk size in GB. Set to null to enable autoresize. | <code>number</code> | | <code>null</code> |
|
||||
|
|
@ -113,21 +113,21 @@ module "db" {
|
|||
| [labels](variables.tf#L85) | Labels to be attached to all instances. | <code>map(string)</code> | | <code>null</code> |
|
||||
| [prefix](variables.tf#L101) | Prefix used to generate instance names. | <code>string</code> | | <code>null</code> |
|
||||
| [replicas](variables.tf#L117) | Map of NAME=>REGION for additional read replicas. Set to null to disable replica creation. | <code>map(any)</code> | | <code>null</code> |
|
||||
| [users](variables.tf#L128) | Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password | <code>map(string)</code> | | <code>null</code> |
|
||||
| [users](variables.tf#L128) | Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. | <code>map(string)</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [connection_name](outputs.tf#L24) | Connection name of the primary instance | |
|
||||
| [connection_names](outputs.tf#L29) | Connection names of all instances | |
|
||||
| [id](outputs.tf#L37) | ID of the primary instance | |
|
||||
| [ids](outputs.tf#L42) | IDs of all instances | |
|
||||
| [instances](outputs.tf#L50) | Cloud SQL instance resources | ✓ |
|
||||
| [ip](outputs.tf#L56) | IP address of the primary instance | |
|
||||
| [ips](outputs.tf#L61) | IP addresses of all instances | |
|
||||
| [self_link](outputs.tf#L69) | Self link of the primary instance | |
|
||||
| [self_links](outputs.tf#L74) | Self links of all instances | |
|
||||
| [connection_name](outputs.tf#L24) | Connection name of the primary instance. | |
|
||||
| [connection_names](outputs.tf#L29) | Connection names of all instances. | |
|
||||
| [id](outputs.tf#L37) | ID of the primary instance. | |
|
||||
| [ids](outputs.tf#L42) | IDs of all instances. | |
|
||||
| [instances](outputs.tf#L50) | Cloud SQL instance resources. | ✓ |
|
||||
| [ip](outputs.tf#L56) | IP address of the primary instance. | |
|
||||
| [ips](outputs.tf#L61) | IP addresses of all instances. | |
|
||||
| [self_link](outputs.tf#L69) | Self link of the primary instance. | |
|
||||
| [self_links](outputs.tf#L74) | Self links of all instances. | |
|
||||
| [user_passwords](outputs.tf#L82) | Map of containing the password of all users created through terraform. | ✓ |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -22,12 +22,12 @@ locals {
|
|||
}
|
||||
|
||||
output "connection_name" {
|
||||
description = "Connection name of the primary instance"
|
||||
description = "Connection name of the primary instance."
|
||||
value = google_sql_database_instance.primary.connection_name
|
||||
}
|
||||
|
||||
output "connection_names" {
|
||||
description = "Connection names of all instances"
|
||||
description = "Connection names of all instances."
|
||||
value = {
|
||||
for id, instance in local._all_intances :
|
||||
id => instance.connection_name
|
||||
|
|
@ -35,12 +35,12 @@ output "connection_names" {
|
|||
}
|
||||
|
||||
output "id" {
|
||||
description = "ID of the primary instance"
|
||||
description = "ID of the primary instance."
|
||||
value = google_sql_database_instance.primary.private_ip_address
|
||||
}
|
||||
|
||||
output "ids" {
|
||||
description = "IDs of all instances"
|
||||
description = "IDs of all instances."
|
||||
value = {
|
||||
for id, instance in local._all_intances :
|
||||
id => instance.id
|
||||
|
|
@ -48,18 +48,18 @@ output "ids" {
|
|||
}
|
||||
|
||||
output "instances" {
|
||||
description = "Cloud SQL instance resources"
|
||||
description = "Cloud SQL instance resources."
|
||||
value = local._all_intances
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
output "ip" {
|
||||
description = "IP address of the primary instance"
|
||||
description = "IP address of the primary instance."
|
||||
value = google_sql_database_instance.primary.private_ip_address
|
||||
}
|
||||
|
||||
output "ips" {
|
||||
description = "IP addresses of all instances"
|
||||
description = "IP addresses of all instances."
|
||||
value = {
|
||||
for id, instance in local._all_intances :
|
||||
id => instance.private_ip_address
|
||||
|
|
@ -67,12 +67,12 @@ output "ips" {
|
|||
}
|
||||
|
||||
output "self_link" {
|
||||
description = "Self link of the primary instance"
|
||||
description = "Self link of the primary instance."
|
||||
value = google_sql_database_instance.primary.self_link
|
||||
}
|
||||
|
||||
output "self_links" {
|
||||
description = "Self links of all instances"
|
||||
description = "Self links of all instances."
|
||||
value = {
|
||||
for id, instance in local._all_intances :
|
||||
id => instance.self_link
|
||||
|
|
|
|||
|
|
@ -21,13 +21,13 @@ variable "authorized_networks" {
|
|||
}
|
||||
|
||||
variable "availability_type" {
|
||||
description = "Availability type for the primary replica. Either `ZONAL` or `REGIONAL`"
|
||||
description = "Availability type for the primary replica. Either `ZONAL` or `REGIONAL`."
|
||||
type = string
|
||||
default = "ZONAL"
|
||||
}
|
||||
|
||||
variable "backup_configuration" {
|
||||
description = "Backup settings for primary instance. Will be automatically enabled if using MySQL with one or more replicas"
|
||||
description = "Backup settings for primary instance. Will be automatically enabled if using MySQL with one or more replicas."
|
||||
type = object({
|
||||
enabled = bool
|
||||
binary_log_enabled = bool
|
||||
|
|
@ -126,7 +126,7 @@ variable "tier" {
|
|||
}
|
||||
|
||||
variable "users" {
|
||||
description = "Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password"
|
||||
description = "Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password."
|
||||
type = map(string)
|
||||
default = null
|
||||
}
|
||||
|
|
|
|||
|
|
@ -310,7 +310,7 @@ module "instance-group" {
|
|||
| [confidential_compute](variables.tf#L84) | Enable Confidential Compute for these instances. | <code>bool</code> | | <code>false</code> |
|
||||
| [create_template](variables.tf#L90) | Create instance template instead of instances. | <code>bool</code> | | <code>false</code> |
|
||||
| [description](variables.tf#L95) | Description of a Compute Instance. | <code>string</code> | | <code>"Managed by the compute-vm Terraform module."</code> |
|
||||
| [enable_display](variables.tf#L100) | Enable virtual display on the instances | <code>bool</code> | | <code>false</code> |
|
||||
| [enable_display](variables.tf#L100) | Enable virtual display on the instances. | <code>bool</code> | | <code>false</code> |
|
||||
| [encryption](variables.tf#L106) | Encryption options. Only one of kms_key_self_link and disk_encryption_key_raw may be set. If needed, you can specify to encrypt or not the boot disk. | <code title="object({ encrypt_boot = bool disk_encryption_key_raw = string kms_key_self_link = string })">object({…})</code> | | <code>null</code> |
|
||||
| [group](variables.tf#L116) | Define this variable to create an instance group for instances. Disabled for template use. | <code title="object({ named_ports = map(number) })">object({…})</code> | | <code>null</code> |
|
||||
| [hostname](variables.tf#L124) | Instance FQDN name. | <code>string</code> | | <code>null</code> |
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ variable "description" {
|
|||
default = "Managed by the compute-vm Terraform module."
|
||||
}
|
||||
variable "enable_display" {
|
||||
description = "Enable virtual display on the instances"
|
||||
description = "Enable virtual display on the instances."
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,12 +23,12 @@ module "container_registry" {
|
|||
|---|---|:---:|:---:|:---:|
|
||||
| [project_id](variables.tf#L29) | Registry project id. | <code>string</code> | ✓ | |
|
||||
| [iam](variables.tf#L17) | IAM bindings for topic in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [location](variables.tf#L23) | Registry location. Can be US, EU, ASIA or empty | <code>string</code> | | <code>""</code> |
|
||||
| [location](variables.tf#L23) | Registry location. Can be US, EU, ASIA or empty. | <code>string</code> | | <code>""</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [bucket_id](outputs.tf#L17) | ID of the GCS bucket created | |
|
||||
| [bucket_id](outputs.tf#L17) | ID of the GCS bucket created. | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -15,6 +15,6 @@
|
|||
*/
|
||||
|
||||
output "bucket_id" {
|
||||
description = "ID of the GCS bucket created"
|
||||
description = "ID of the GCS bucket created."
|
||||
value = google_container_registry.registry.id
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ variable "iam" {
|
|||
}
|
||||
|
||||
variable "location" {
|
||||
description = "Registry location. Can be US, EU, ASIA or empty"
|
||||
description = "Registry location. Can be US, EU, ASIA or empty."
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ module "datafusion" {
|
|||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [name](variables.tf#L63) | Name of the DataFusion instance. | <code>string</code> | ✓ | |
|
||||
| [network](variables.tf#L68) | Name of the network in the project with which the tenant project will be peered for executing pipelines in the form of projects/{project-id}/global/networks/{network} | <code>string</code> | ✓ | |
|
||||
| [network](variables.tf#L68) | Name of the network in the project with which the tenant project will be peered for executing pipelines in the form of projects/{project-id}/global/networks/{network}. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L85) | Project ID. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L90) | DataFusion region. | <code>string</code> | ✓ | |
|
||||
| [description](variables.tf#L21) | DataFuzion instance description. | <code>string</code> | | <code>"Terraform managed."</code> |
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ variable "name" {
|
|||
}
|
||||
|
||||
variable "network" {
|
||||
description = "Name of the network in the project with which the tenant project will be peered for executing pipelines in the form of projects/{project-id}/global/networks/{network}"
|
||||
description = "Name of the network in the project with which the tenant project will be peered for executing pipelines in the form of projects/{project-id}/global/networks/{network}."
|
||||
type = string
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -236,14 +236,14 @@ module "folder2" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [contacts](variables.tf#L17) | List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [contacts](variables.tf#L17) | List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [firewall_policies](variables.tf#L24) | Hierarchical firewall policies created in this folder. | <code title="map(map(object({ action = string description = string direction = string logging = bool ports = map(list(string)) priority = number ranges = list(string) target_resources = list(string) target_service_accounts = list(string) })))">map(map(object({…})))</code> | | <code>{}</code> |
|
||||
| [firewall_policy_association](variables.tf#L41) | The hierarchical firewall policy to associate to this folder. Must be either a key in the `firewall_policies` map or the id of a policy defined somewhere else. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [firewall_policy_factory](variables.tf#L48) | Configuration for the firewall policy factory. | <code title="object({ cidr_file = string policy_name = string rules_file = string })">object({…})</code> | | <code>null</code> |
|
||||
| [folder_create](variables.tf#L58) | Create folder. When set to false, uses id to reference an existing folder. | <code>bool</code> | | <code>true</code> |
|
||||
| [group_iam](variables.tf#L64) | Authoritative IAM binding for organization groups, in {GROUP_EMAIL => [ROLES]} format. Group emails need to be static. Can be used in combination with the `iam` variable. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [iam](variables.tf#L71) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [id](variables.tf#L78) | Folder ID in case you use folder_create=false | <code>string</code> | | <code>null</code> |
|
||||
| [id](variables.tf#L78) | Folder ID in case you use folder_create=false. | <code>string</code> | | <code>null</code> |
|
||||
| [logging_exclusions](variables.tf#L84) | Logging exclusions for this folder in the form {NAME -> FILTER}. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [logging_sinks](variables.tf#L91) | Logging sinks to create for this folder. | <code title="map(object({ destination = string type = string filter = string include_children = bool exclusions = map(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [name](variables.tf#L112) | Folder name. | <code>string</code> | | <code>null</code> |
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ locals {
|
|||
resource "google_logging_folder_sink" "sink" {
|
||||
for_each = var.logging_sinks
|
||||
name = each.key
|
||||
#description = "${each.key} (Terraform-managed)"
|
||||
#description = "${each.key} (Terraform-managed)."
|
||||
folder = local.folder.name
|
||||
destination = "${each.value.type}.googleapis.com/${each.value.destination}"
|
||||
filter = each.value.filter
|
||||
|
|
@ -86,6 +86,6 @@ resource "google_logging_folder_exclusion" "logging-exclusion" {
|
|||
for_each = var.logging_exclusions
|
||||
name = each.key
|
||||
folder = local.folder.name
|
||||
description = "${each.key} (Terraform-managed)"
|
||||
description = "${each.key} (Terraform-managed)."
|
||||
filter = each.value
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
*/
|
||||
|
||||
variable "contacts" {
|
||||
description = "List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES"
|
||||
description = "List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES."
|
||||
type = map(list(string))
|
||||
default = {}
|
||||
nullable = false
|
||||
|
|
@ -76,7 +76,7 @@ variable "iam" {
|
|||
}
|
||||
|
||||
variable "id" {
|
||||
description = "Folder ID in case you use folder_create=false"
|
||||
description = "Folder ID in case you use folder_create=false."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
|
|
|||
|
|
@ -119,7 +119,7 @@ module "bucket-gcs-notification" {
|
|||
| [force_destroy](variables.tf#L34) | Optional map to set force destroy keyed by name, defaults to false. | <code>bool</code> | | <code>false</code> |
|
||||
| [iam](variables.tf#L40) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [labels](variables.tf#L46) | Labels to be attached to all buckets. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [lifecycle_rule](variables.tf#L52) | Bucket lifecycle rule | <code title="object({ action = object({ type = string storage_class = string }) condition = object({ age = number created_before = string with_state = string matches_storage_class = list(string) num_newer_versions = string custom_time_before = string days_since_custom_time = string days_since_noncurrent_time = string noncurrent_time_before = string }) })">object({…})</code> | | <code>null</code> |
|
||||
| [lifecycle_rule](variables.tf#L52) | Bucket lifecycle rule. | <code title="object({ action = object({ type = string storage_class = string }) condition = object({ age = number created_before = string with_state = string matches_storage_class = list(string) num_newer_versions = string custom_time_before = string days_since_custom_time = string days_since_noncurrent_time = string noncurrent_time_before = string }) })">object({…})</code> | | <code>null</code> |
|
||||
| [location](variables.tf#L74) | Bucket location. | <code>string</code> | | <code>"EU"</code> |
|
||||
| [logging_config](variables.tf#L80) | Bucket logging configuration. | <code title="object({ log_bucket = string log_object_prefix = string })">object({…})</code> | | <code>null</code> |
|
||||
| [notification_config](variables.tf#L94) | GCS Notification configuration. | <code title="object({ enabled = bool payload_format = string topic_name = string sa_email = string event_types = list(string) custom_attributes = map(string) })">object({…})</code> | | <code>null</code> |
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ variable "labels" {
|
|||
}
|
||||
|
||||
variable "lifecycle_rule" {
|
||||
description = "Bucket lifecycle rule"
|
||||
description = "Bucket lifecycle rule."
|
||||
type = object({
|
||||
action = object({
|
||||
type = string
|
||||
|
|
|
|||
|
|
@ -82,9 +82,9 @@ module "cluster-1" {
|
|||
| [default_max_pods_per_node](variables.tf#L83) | Maximum number of pods per node in this cluster. | <code>number</code> | | <code>110</code> |
|
||||
| [description](variables.tf#L89) | Cluster description. | <code>string</code> | | <code>null</code> |
|
||||
| [dns_config](variables.tf#L95) | Configuration for Using Cloud DNS for GKE. | <code title="object({ cluster_dns = string cluster_dns_scope = string cluster_dns_domain = string })">object({…})</code> | | <code title="{ cluster_dns = "PROVIDER_UNSPECIFIED" cluster_dns_scope = "DNS_SCOPE_UNSPECIFIED" cluster_dns_domain = "" }">{…}</code> |
|
||||
| [enable_autopilot](variables.tf#L109) | Create cluster in autopilot mode. With autopilot there's no need to create node-pools and some features are not supported (e.g. setting default_max_pods_per_node) | <code>bool</code> | | <code>false</code> |
|
||||
| [enable_autopilot](variables.tf#L109) | Create cluster in autopilot mode. With autopilot there's no need to create node-pools and some features are not supported (e.g. setting default_max_pods_per_node). | <code>bool</code> | | <code>false</code> |
|
||||
| [enable_binary_authorization](variables.tf#L115) | Enable Google Binary Authorization. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_dataplane_v2](variables.tf#L121) | Enable Dataplane V2 on the cluster, will disable network_policy addons config | <code>bool</code> | | <code>false</code> |
|
||||
| [enable_dataplane_v2](variables.tf#L121) | Enable Dataplane V2 on the cluster, will disable network_policy addons config. | <code>bool</code> | | <code>false</code> |
|
||||
| [enable_intranode_visibility](variables.tf#L127) | Enable intra-node visibility to make same node pod to pod traffic visible. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_l4_ilb_subsetting](variables.tf#L133) | Enable L4ILB Subsetting. | <code>bool</code> | | <code>null</code> |
|
||||
| [enable_shielded_nodes](variables.tf#L139) | Enable Shielded Nodes features on all nodes in this cluster. | <code>bool</code> | | <code>null</code> |
|
||||
|
|
@ -92,7 +92,7 @@ module "cluster-1" {
|
|||
| [labels](variables.tf#L151) | Cluster resource labels. | <code>map(string)</code> | | <code>null</code> |
|
||||
| [logging_config](variables.tf#L162) | Logging configuration (enabled components). | <code>list(string)</code> | | <code>null</code> |
|
||||
| [logging_service](variables.tf#L168) | Logging service (disable with an empty string). | <code>string</code> | | <code>"logging.googleapis.com/kubernetes"</code> |
|
||||
| [maintenance_config](variables.tf#L174) | Maintenance window configuration | <code title="object({ daily_maintenance_window = object({ start_time = string }) recurring_window = object({ start_time = string end_time = string recurrence = string }) maintenance_exclusion = list(object({ exclusion_name = string start_time = string end_time = string })) })">object({…})</code> | | <code title="{ daily_maintenance_window = { start_time = "03:00" } recurring_window = null maintenance_exclusion = [] }">{…}</code> |
|
||||
| [maintenance_config](variables.tf#L174) | Maintenance window configuration. | <code title="object({ daily_maintenance_window = object({ start_time = string }) recurring_window = object({ start_time = string end_time = string recurrence = string }) maintenance_exclusion = list(object({ exclusion_name = string start_time = string end_time = string })) })">object({…})</code> | | <code title="{ daily_maintenance_window = { start_time = "03:00" } recurring_window = null maintenance_exclusion = [] }">{…}</code> |
|
||||
| [master_authorized_ranges](variables.tf#L200) | External Ip address ranges that can access the Kubernetes cluster master through HTTPS. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [min_master_version](variables.tf#L206) | Minimum version of the master, defaults to the version of the most recent official release. | <code>string</code> | | <code>null</code> |
|
||||
| [monitoring_config](variables.tf#L212) | Monitoring configuration (enabled components). | <code>list(string)</code> | | <code>null</code> |
|
||||
|
|
|
|||
|
|
@ -107,7 +107,7 @@ variable "dns_config" {
|
|||
}
|
||||
|
||||
variable "enable_autopilot" {
|
||||
description = "Create cluster in autopilot mode. With autopilot there's no need to create node-pools and some features are not supported (e.g. setting default_max_pods_per_node)"
|
||||
description = "Create cluster in autopilot mode. With autopilot there's no need to create node-pools and some features are not supported (e.g. setting default_max_pods_per_node)."
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
|
@ -119,7 +119,7 @@ variable "enable_binary_authorization" {
|
|||
}
|
||||
|
||||
variable "enable_dataplane_v2" {
|
||||
description = "Enable Dataplane V2 on the cluster, will disable network_policy addons config"
|
||||
description = "Enable Dataplane V2 on the cluster, will disable network_policy addons config."
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
|
@ -172,7 +172,7 @@ variable "logging_service" {
|
|||
}
|
||||
|
||||
variable "maintenance_config" {
|
||||
description = "Maintenance window configuration"
|
||||
description = "Maintenance window configuration."
|
||||
type = object({
|
||||
daily_maintenance_window = object({
|
||||
start_time = string
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ module "cluster-1-nodepool-1" {
|
|||
| [management_config](variables.tf#L64) | Optional node management configuration. | <code title="object({ auto_repair = bool auto_upgrade = bool })">object({…})</code> | | <code>null</code> |
|
||||
| [max_pods_per_node](variables.tf#L73) | Maximum number of pods per node. | <code>number</code> | | <code>null</code> |
|
||||
| [name](variables.tf#L79) | Optional nodepool name. | <code>string</code> | | <code>null</code> |
|
||||
| [node_boot_disk_kms_key](variables.tf#L85) | Customer Managed Encryption Key used to encrypt the boot disk attached to each node | <code>string</code> | | <code>null</code> |
|
||||
| [node_boot_disk_kms_key](variables.tf#L85) | Customer Managed Encryption Key used to encrypt the boot disk attached to each node. | <code>string</code> | | <code>null</code> |
|
||||
| [node_count](variables.tf#L91) | Number of nodes per instance group, can be updated after creation. Ignored when autoscaling is set. | <code>number</code> | | <code>null</code> |
|
||||
| [node_disk_size](variables.tf#L97) | Node disk size, defaults to 100GB. | <code>number</code> | | <code>100</code> |
|
||||
| [node_disk_type](variables.tf#L103) | Node disk type, defaults to pd-standard. | <code>string</code> | | <code>"pd-standard"</code> |
|
||||
|
|
@ -69,7 +69,7 @@ module "cluster-1-nodepool-1" {
|
|||
| [node_service_account_scopes](variables.tf#L182) | Scopes applied to service account. Default to: 'cloud-platform' when creating a service account; 'devstorage.read_only', 'logging.write', 'monitoring.write' otherwise. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [node_shielded_instance_config](variables.tf#L188) | Shielded instance options. | <code title="object({ enable_secure_boot = bool enable_integrity_monitoring = bool })">object({…})</code> | | <code>null</code> |
|
||||
| [node_tags](variables.tf#L197) | Network tags applied to nodes. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [node_taints](variables.tf#L203) | Kubernetes taints applied to nodes. E.g. type=blue:NoSchedule | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [node_taints](variables.tf#L203) | Kubernetes taints applied to nodes. E.g. type=blue:NoSchedule. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [upgrade_config](variables.tf#L215) | Optional node upgrade configuration. | <code title="object({ max_surge = number max_unavailable = number })">object({…})</code> | | <code>null</code> |
|
||||
| [workload_metadata_config](variables.tf#L224) | Metadata configuration to expose to workloads on the node pool. | <code>string</code> | | <code>"GKE_METADATA"</code> |
|
||||
|
||||
|
|
|
|||
|
|
@ -83,7 +83,7 @@ variable "name" {
|
|||
}
|
||||
|
||||
variable "node_boot_disk_kms_key" {
|
||||
description = "Customer Managed Encryption Key used to encrypt the boot disk attached to each node"
|
||||
description = "Customer Managed Encryption Key used to encrypt the boot disk attached to each node."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
|
@ -201,7 +201,7 @@ variable "node_tags" {
|
|||
}
|
||||
|
||||
variable "node_taints" {
|
||||
description = "Kubernetes taints applied to nodes. E.g. type=blue:NoSchedule"
|
||||
description = "Kubernetes taints applied to nodes. E.g. type=blue:NoSchedule."
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
|
|
|||
|
|
@ -110,23 +110,23 @@ module "vlan-attachment-2" {
|
|||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [interconnect](variables.tf#L46) | URL of the underlying Interconnect object that this attachment's traffic will traverse through. | <code>string</code> | ✓ | |
|
||||
| [peer](variables.tf#L57) | Peer Ip address and asn. Only IPv4 supported | <code title="object({ ip_address = string asn = number })">object({…})</code> | ✓ | |
|
||||
| [project_id](variables.tf#L65) | The project containing the resources | <code>string</code> | ✓ | |
|
||||
| [router_config](variables.tf#L76) | Router asn and custom advertisement configuration, ip_ranges is a map of address ranges and descriptions.. | <code title="object({ description = string asn = number advertise_config = object({ groups = list(string) ip_ranges = map(string) mode = string }) }) default = { description = null asn = 64514 advertise_config = null }">object({…}</code> | ✓ | |
|
||||
| [bgp](variables.tf#L17) | Bgp session parameters | <code title="object({ session_range = string candidate_ip_ranges = list(string) advertised_route_priority = number })">object({…})</code> | | <code>null</code> |
|
||||
| [config](variables.tf#L28) | VLAN attachment parameters: description, vlan_id, bandwidth, admin_enabled, interconnect | <code title="object({ description = string vlan_id = number bandwidth = string admin_enabled = bool mtu = number })">object({…})</code> | | <code title="{ description = null vlan_id = null bandwidth = "BPS_10G" admin_enabled = true mtu = 1440 }">{…}</code> |
|
||||
| [name](variables.tf#L51) | The name of the vlan attachment | <code>string</code> | | <code>"vlan-attachment"</code> |
|
||||
| [region](variables.tf#L70) | Region where the router resides | <code>string</code> | | <code>"europe-west1-b"</code> |
|
||||
| [peer](variables.tf#L57) | Peer Ip address and asn. Only IPv4 supported. | <code title="object({ ip_address = string asn = number })">object({…})</code> | ✓ | |
|
||||
| [project_id](variables.tf#L65) | The project containing the resources. | <code>string</code> | ✓ | |
|
||||
| [router_config](variables.tf#L76) | Router asn and custom advertisement configuration, ip_ranges is a map of address ranges and descriptions.. . | <code title="object({ description = string asn = number advertise_config = object({ groups = list(string) ip_ranges = map(string) mode = string }) }) default = { description = null asn = 64514 advertise_config = null }">object({…}</code> | ✓ | |
|
||||
| [bgp](variables.tf#L17) | Bgp session parameters. | <code title="object({ session_range = string candidate_ip_ranges = list(string) advertised_route_priority = number })">object({…})</code> | | <code>null</code> |
|
||||
| [config](variables.tf#L28) | VLAN attachment parameters: description, vlan_id, bandwidth, admin_enabled, interconnect. | <code title="object({ description = string vlan_id = number bandwidth = string admin_enabled = bool mtu = number })">object({…})</code> | | <code title="{ description = null vlan_id = null bandwidth = "BPS_10G" admin_enabled = true mtu = 1440 }">{…}</code> |
|
||||
| [name](variables.tf#L51) | The name of the vlan attachment. | <code>string</code> | | <code>"vlan-attachment"</code> |
|
||||
| [region](variables.tf#L70) | Region where the router resides. | <code>string</code> | | <code>"europe-west1-b"</code> |
|
||||
| [router_create](variables.tf#L95) | Create router. | <code>bool</code> | | <code>true</code> |
|
||||
| [router_name](variables.tf#L101) | Router name used for auto created router, or to specify an existing router to use if `router_create` is set to `true`. Leave blank to use vlan attachment name for auto created router. | <code>string</code> | | <code>"router-vlan-attachment"</code> |
|
||||
| [router_network](variables.tf#L107) | A reference to the network to which this router belongs | <code>string</code> | | <code>null</code> |
|
||||
| [router_network](variables.tf#L107) | A reference to the network to which this router belongs. | <code>string</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [bgpsession](outputs.tf#L16) | bgp session | |
|
||||
| [interconnect_attachment](outputs.tf#L21) | interconnect attachment | |
|
||||
| [bgpsession](outputs.tf#L16) | bgp session. | |
|
||||
| [interconnect_attachment](outputs.tf#L21) | interconnect attachment. | |
|
||||
| [router](outputs.tf#L26) | Router resource (only if auto-created). | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -14,12 +14,12 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
output "bgpsession" {
|
||||
description = "bgp session"
|
||||
description = "bgp session."
|
||||
value = google_compute_router_peer.peer
|
||||
}
|
||||
|
||||
output "interconnect_attachment" {
|
||||
description = "interconnect attachment"
|
||||
description = "interconnect attachment."
|
||||
value = google_compute_interconnect_attachment.interconnect_vlan_attachment
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
*/
|
||||
|
||||
variable "bgp" {
|
||||
description = "Bgp session parameters"
|
||||
description = "Bgp session parameters."
|
||||
type = object({
|
||||
session_range = string
|
||||
candidate_ip_ranges = list(string)
|
||||
|
|
@ -26,7 +26,7 @@ variable "bgp" {
|
|||
}
|
||||
|
||||
variable "config" {
|
||||
description = "VLAN attachment parameters: description, vlan_id, bandwidth, admin_enabled, interconnect"
|
||||
description = "VLAN attachment parameters: description, vlan_id, bandwidth, admin_enabled, interconnect."
|
||||
type = object({
|
||||
description = string
|
||||
vlan_id = number
|
||||
|
|
@ -49,13 +49,13 @@ variable "interconnect" {
|
|||
}
|
||||
|
||||
variable "name" {
|
||||
description = "The name of the vlan attachment"
|
||||
description = "The name of the vlan attachment."
|
||||
type = string
|
||||
default = "vlan-attachment"
|
||||
}
|
||||
|
||||
variable "peer" {
|
||||
description = "Peer Ip address and asn. Only IPv4 supported"
|
||||
description = "Peer Ip address and asn. Only IPv4 supported."
|
||||
type = object({
|
||||
ip_address = string
|
||||
asn = number
|
||||
|
|
@ -63,18 +63,18 @@ variable "peer" {
|
|||
}
|
||||
|
||||
variable "project_id" {
|
||||
description = "The project containing the resources"
|
||||
description = "The project containing the resources."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "region" {
|
||||
description = "Region where the router resides"
|
||||
description = "Region where the router resides."
|
||||
type = string
|
||||
default = "europe-west1-b"
|
||||
}
|
||||
|
||||
variable "router_config" {
|
||||
description = "Router asn and custom advertisement configuration, ip_ranges is a map of address ranges and descriptions.. "
|
||||
description = "Router asn and custom advertisement configuration, ip_ranges is a map of address ranges and descriptions.. ."
|
||||
type = object({
|
||||
description = string
|
||||
asn = number
|
||||
|
|
@ -105,7 +105,7 @@ variable "router_name" {
|
|||
}
|
||||
|
||||
variable "router_network" {
|
||||
description = "A reference to the network to which this router belongs"
|
||||
description = "A reference to the network to which this router belongs."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
|
|
|||
|
|
@ -137,7 +137,7 @@ healthchecks:
|
|||
| [data_folder](variables.tf#L48) | Path for optional folder containing firewall rules defined as YaML objects used by the rules factory. | <code>string</code> | | <code>null</code> |
|
||||
| [http_source_ranges](variables.tf#L54) | List of IP CIDR ranges for tag-based HTTP rule, defaults to the health checkers ranges. | <code>list(string)</code> | | <code>["35.191.0.0/16", "130.211.0.0/22", "209.85.152.0/22", "209.85.204.0/22"]</code> |
|
||||
| [https_source_ranges](variables.tf#L60) | List of IP CIDR ranges for tag-based HTTPS rule, defaults to the health checkers ranges. | <code>list(string)</code> | | <code>["35.191.0.0/16", "130.211.0.0/22", "209.85.152.0/22", "209.85.204.0/22"]</code> |
|
||||
| [named_ranges](variables.tf#L66) | Names that can be used of valid values for the `ranges` field of `custom_rules` | <code>map(list(string))</code> | | <code title="{ any = ["0.0.0.0/0"] dns-forwarders = ["35.199.192.0/19"] health-checkers = ["35.191.0.0/16", "130.211.0.0/22", "209.85.152.0/22", "209.85.204.0/22"] iap-forwarders = ["35.235.240.0/20"] private-googleapis = ["199.36.153.8/30"] restricted-googleapis = ["199.36.153.4/30"] rfc1918 = ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] }">{…}</code> |
|
||||
| [named_ranges](variables.tf#L66) | Names that can be used of valid values for the `ranges` field of `custom_rules`. | <code>map(list(string))</code> | | <code title="{ any = ["0.0.0.0/0"] dns-forwarders = ["35.199.192.0/19"] health-checkers = ["35.191.0.0/16", "130.211.0.0/22", "209.85.152.0/22", "209.85.204.0/22"] iap-forwarders = ["35.235.240.0/20"] private-googleapis = ["199.36.153.8/30"] restricted-googleapis = ["199.36.153.4/30"] rfc1918 = ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] }">{…}</code> |
|
||||
| [ssh_source_ranges](variables.tf#L90) | List of IP CIDR ranges for tag-based SSH rule, defaults to the IAP forwarders range. | <code>list(string)</code> | | <code>["35.235.240.0/20"]</code> |
|
||||
|
||||
## Outputs
|
||||
|
|
|
|||
|
|
@ -64,7 +64,7 @@ variable "https_source_ranges" {
|
|||
}
|
||||
|
||||
variable "named_ranges" {
|
||||
description = "Names that can be used of valid values for the `ranges` field of `custom_rules`"
|
||||
description = "Names that can be used of valid values for the `ranges` field of `custom_rules`."
|
||||
type = map(list(string))
|
||||
default = {
|
||||
any = ["0.0.0.0/0"]
|
||||
|
|
|
|||
|
|
@ -207,8 +207,8 @@ flow_logs: # enable, set to empty map to use defaults
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [name](variables.tf#L85) | The name of the network being created | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L106) | The ID of the project where this VPC will be created | <code>string</code> | ✓ | |
|
||||
| [name](variables.tf#L85) | The name of the network being created. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L106) | The ID of the project where this VPC will be created. | <code>string</code> | ✓ | |
|
||||
| [auto_create_subnetworks](variables.tf#L17) | Set to true to create an auto mode subnet, defaults to custom mode. | <code>bool</code> | | <code>false</code> |
|
||||
| [data_folder](variables.tf#L23) | An optional folder containing the subnet configurations in YaML format. | <code>string</code> | | <code>null</code> |
|
||||
| [delete_default_routes_on_create](variables.tf#L29) | Set to true to delete the default routes at creation time. | <code>bool</code> | | <code>false</code> |
|
||||
|
|
@ -219,12 +219,12 @@ flow_logs: # enable, set to empty map to use defaults
|
|||
| [log_configs](variables.tf#L74) | Map keyed by subnet 'region/name' of optional configurations for flow logs when enabled. | <code>map(map(string))</code> | | <code>{}</code> |
|
||||
| [mtu](variables.tf#L80) | Maximum Transmission Unit in bytes. The minimum value for this field is 1460 and the maximum value is 1500 bytes. | <code></code> | | <code>null</code> |
|
||||
| [peering_config](variables.tf#L90) | VPC peering configuration. | <code title="object({ peer_vpc_self_link = string export_routes = bool import_routes = bool })">object({…})</code> | | <code>null</code> |
|
||||
| [peering_create_remote_end](variables.tf#L100) | Skip creation of peering on the remote end when using peering_config | <code>bool</code> | | <code>true</code> |
|
||||
| [peering_create_remote_end](variables.tf#L100) | Skip creation of peering on the remote end when using peering_config. | <code>bool</code> | | <code>true</code> |
|
||||
| [psn_ranges](variables.tf#L111) | CIDR ranges used for Google services that support Private Service Networking. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [routes](variables.tf#L124) | Network routes, keyed by name. | <code title="map(object({ dest_range = string priority = number tags = list(string) next_hop_type = string # gateway, instance, ip, vpn_tunnel, ilb next_hop = string }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [routing_mode](variables.tf#L136) | The network routing mode (default 'GLOBAL') | <code>string</code> | | <code>"GLOBAL"</code> |
|
||||
| [routing_mode](variables.tf#L136) | The network routing mode (default 'GLOBAL'). | <code>string</code> | | <code>"GLOBAL"</code> |
|
||||
| [shared_vpc_host](variables.tf#L146) | Enable shared VPC for this project. | <code>bool</code> | | <code>false</code> |
|
||||
| [shared_vpc_service_projects](variables.tf#L152) | Shared VPC service projects to register with this host | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [shared_vpc_service_projects](variables.tf#L152) | Shared VPC service projects to register with this host. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [subnet_descriptions](variables.tf#L158) | Optional map of subnet descriptions, keyed by subnet 'region/name'. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [subnet_flow_logs](variables.tf#L164) | Optional map of boolean to control flow logs (default is disabled), keyed by subnet 'region/name'. | <code>map(bool)</code> | | <code>{}</code> |
|
||||
| [subnet_private_access](variables.tf#L170) | Optional map of boolean to control private Google access (default is enabled), keyed by subnet 'region/name'. | <code>map(bool)</code> | | <code>{}</code> |
|
||||
|
|
|
|||
|
|
@ -83,7 +83,7 @@ variable "mtu" {
|
|||
}
|
||||
|
||||
variable "name" {
|
||||
description = "The name of the network being created"
|
||||
description = "The name of the network being created."
|
||||
type = string
|
||||
}
|
||||
|
||||
|
|
@ -98,13 +98,13 @@ variable "peering_config" {
|
|||
}
|
||||
|
||||
variable "peering_create_remote_end" {
|
||||
description = "Skip creation of peering on the remote end when using peering_config"
|
||||
description = "Skip creation of peering on the remote end when using peering_config."
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "project_id" {
|
||||
description = "The ID of the project where this VPC will be created"
|
||||
description = "The ID of the project where this VPC will be created."
|
||||
type = string
|
||||
}
|
||||
|
||||
|
|
@ -134,7 +134,7 @@ variable "routes" {
|
|||
}
|
||||
|
||||
variable "routing_mode" {
|
||||
description = "The network routing mode (default 'GLOBAL')"
|
||||
description = "The network routing mode (default 'GLOBAL')."
|
||||
type = string
|
||||
default = "GLOBAL"
|
||||
validation {
|
||||
|
|
@ -150,7 +150,7 @@ variable "shared_vpc_host" {
|
|||
}
|
||||
|
||||
variable "shared_vpc_service_projects" {
|
||||
description = "Shared VPC service projects to register with this host"
|
||||
description = "Shared VPC service projects to register with this host."
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
|
|
|||
|
|
@ -166,7 +166,7 @@ module "vpn_ha" {
|
|||
| [bgp_peers](outputs.tf#L18) | BGP peer resources. | |
|
||||
| [external_gateway](outputs.tf#L25) | External VPN gateway resource. | |
|
||||
| [gateway](outputs.tf#L34) | VPN gateway resource (only if auto-created). | |
|
||||
| [name](outputs.tf#L43) | VPN gateway name (only if auto-created). | |
|
||||
| [name](outputs.tf#L43) | VPN gateway name (only if auto-created). . | |
|
||||
| [random_secret](outputs.tf#L52) | Generated secret. | |
|
||||
| [router](outputs.tf#L57) | Router resource (only if auto-created). | |
|
||||
| [router_name](outputs.tf#L66) | Router name. | |
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ output "gateway" {
|
|||
}
|
||||
|
||||
output "name" {
|
||||
description = "VPN gateway name (only if auto-created). "
|
||||
description = "VPN gateway name (only if auto-created). ."
|
||||
value = (
|
||||
var.vpn_gateway_create
|
||||
? google_compute_ha_vpn_gateway.ha_gateway[0].name
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ module "org" {
|
|||
firewall_policies = {
|
||||
iap-policy = {
|
||||
allow-iap-ssh = {
|
||||
description = "Always allow ssh from IAP"
|
||||
description = "Always allow ssh from IAP."
|
||||
direction = "INGRESS"
|
||||
action = "allow"
|
||||
priority = 100
|
||||
|
|
@ -257,7 +257,7 @@ module "org" {
|
|||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [organization_id](variables.tf#L151) | Organization id in organizations/nnnnnn format. | <code>string</code> | ✓ | |
|
||||
| [contacts](variables.tf#L17) | List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [contacts](variables.tf#L17) | List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [custom_roles](variables.tf#L24) | Map of role name => list of permissions to create in this project. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [firewall_policies](variables.tf#L31) | Hierarchical firewall policy rules created in the organization. | <code title="map(map(object({ action = string description = string direction = string logging = bool ports = map(list(string)) priority = number ranges = list(string) target_resources = list(string) target_service_accounts = list(string) })))">map(map(object({…})))</code> | | <code>{}</code> |
|
||||
| [firewall_policy_association](variables.tf#L48) | The hierarchical firewall policy to associate to this folder. Must be either a key in the `firewall_policies` map or the id of a policy defined somewhere else. | <code>map(string)</code> | | <code>{}</code> |
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ resource "google_organization_iam_custom_role" "roles" {
|
|||
org_id = local.organization_id_numeric
|
||||
role_id = each.key
|
||||
title = "Custom role ${each.key}"
|
||||
description = "Terraform-managed"
|
||||
description = "Terraform-managed."
|
||||
permissions = each.value
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -91,6 +91,6 @@ resource "google_logging_organization_exclusion" "logging-exclusion" {
|
|||
for_each = var.logging_exclusions
|
||||
name = each.key
|
||||
org_id = local.organization_id_numeric
|
||||
description = "${each.key} (Terraform-managed)"
|
||||
description = "${each.key} (Terraform-managed)."
|
||||
filter = each.value
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
*/
|
||||
|
||||
variable "contacts" {
|
||||
description = "List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES"
|
||||
description = "List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES."
|
||||
type = map(list(string))
|
||||
default = {}
|
||||
nullable = false
|
||||
|
|
|
|||
|
|
@ -197,11 +197,11 @@ module "project" {
|
|||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [name](variables.tf#L125) | Project name and id suffix. | <code>string</code> | ✓ | |
|
||||
| [auto_create_network](variables.tf#L17) | Whether to create the default network for the project | <code>bool</code> | | <code>false</code> |
|
||||
| [auto_create_network](variables.tf#L17) | Whether to create the default network for the project. | <code>bool</code> | | <code>false</code> |
|
||||
| [billing_account](variables.tf#L23) | Billing account id. | <code>string</code> | | <code>null</code> |
|
||||
| [contacts](variables.tf#L29) | List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [contacts](variables.tf#L29) | List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [custom_roles](variables.tf#L36) | Map of role name => list of permissions to create in this project. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [descriptive_name](variables.tf#L43) | Name of the project name. Used for project name instead of `name` variable | <code>string</code> | | <code>null</code> |
|
||||
| [descriptive_name](variables.tf#L43) | Name of the project name. Used for project name instead of `name` variable. | <code>string</code> | | <code>null</code> |
|
||||
| [group_iam](variables.tf#L49) | Authoritative IAM binding for organization groups, in {GROUP_EMAIL => [ROLES]} format. Group emails need to be static. Can be used in combination with the `iam` variable. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [iam](variables.tf#L56) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [iam_additive](variables.tf#L63) | IAM additive bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ resource "google_project_iam_custom_role" "roles" {
|
|||
project = local.project.project_id
|
||||
role_id = each.key
|
||||
title = "Custom role ${each.key}"
|
||||
description = "Terraform-managed"
|
||||
description = "Terraform-managed."
|
||||
permissions = each.value
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ locals {
|
|||
resource "google_logging_project_sink" "sink" {
|
||||
for_each = var.logging_sinks
|
||||
name = each.key
|
||||
#description = "${each.key} (Terraform-managed)"
|
||||
#description = "${each.key} (Terraform-managed)."
|
||||
project = local.project.project_id
|
||||
destination = "${each.value.type}.googleapis.com/${each.value.destination}"
|
||||
filter = each.value.filter
|
||||
|
|
@ -86,6 +86,6 @@ resource "google_logging_project_exclusion" "logging-exclusion" {
|
|||
for_each = var.logging_exclusions
|
||||
name = each.key
|
||||
project = local.project.project_id
|
||||
description = "${each.key} (Terraform-managed)"
|
||||
description = "${each.key} (Terraform-managed)."
|
||||
filter = each.value
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
*/
|
||||
|
||||
variable "auto_create_network" {
|
||||
description = "Whether to create the default network for the project"
|
||||
description = "Whether to create the default network for the project."
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
|
@ -27,7 +27,7 @@ variable "billing_account" {
|
|||
}
|
||||
|
||||
variable "contacts" {
|
||||
description = "List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES"
|
||||
description = "List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES."
|
||||
type = map(list(string))
|
||||
default = {}
|
||||
nullable = false
|
||||
|
|
@ -41,7 +41,7 @@ variable "custom_roles" {
|
|||
}
|
||||
|
||||
variable "descriptive_name" {
|
||||
description = "Name of the project name. Used for project name instead of `name` variable"
|
||||
description = "Name of the project name. Used for project name instead of `name` variable."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ variable "prefix" {
|
|||
}
|
||||
|
||||
variable "project_create" {
|
||||
description = "Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format"
|
||||
description = "Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format."
|
||||
type = object({
|
||||
billing_account_id = string
|
||||
parent = string
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
*/
|
||||
|
||||
variable "bgp" {
|
||||
description = "Bgp session parameters"
|
||||
description = "Bgp session parameters."
|
||||
type = object({
|
||||
session_range = string
|
||||
candidate_ip_ranges = list(string)
|
||||
|
|
@ -26,7 +26,7 @@ variable "bgp" {
|
|||
}
|
||||
|
||||
variable "config" {
|
||||
description = "VLAN attachment parameters: description, vlan_id, bandwidth, admin_enabled, interconnect"
|
||||
description = "VLAN attachment parameters: description, vlan_id, bandwidth, admin_enabled, interconnect."
|
||||
type = object({
|
||||
description = string
|
||||
vlan_id = number
|
||||
|
|
@ -51,13 +51,13 @@ variable "interconnect" {
|
|||
}
|
||||
|
||||
variable "name" {
|
||||
description = "The name of the vlan attachment"
|
||||
description = "The name of the vlan attachment."
|
||||
type = string
|
||||
default = "vlan-603"
|
||||
}
|
||||
|
||||
variable "peer" {
|
||||
description = "Peer Ip address and asn. Only IPv4 supported"
|
||||
description = "Peer Ip address and asn. Only IPv4 supported."
|
||||
type = object({
|
||||
ip_address = string
|
||||
asn = number
|
||||
|
|
@ -69,7 +69,7 @@ variable "peer" {
|
|||
}
|
||||
|
||||
variable "router_config" {
|
||||
description = "Router asn and custom advertisement configuration, ip_ranges is a map of address ranges and descriptions.. "
|
||||
description = "Router asn and custom advertisement configuration, ip_ranges is a map of address ranges and descriptions.. ."
|
||||
type = object({
|
||||
description = string
|
||||
asn = number
|
||||
|
|
@ -100,7 +100,7 @@ variable "router_name" {
|
|||
}
|
||||
|
||||
variable "router_network" {
|
||||
description = "A reference to the network to which this router belongs"
|
||||
description = "A reference to the network to which this router belongs."
|
||||
type = string
|
||||
default = "my-vpc"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -78,7 +78,7 @@ variable "routes" {
|
|||
}
|
||||
|
||||
variable "routing_mode" {
|
||||
description = "The network routing mode (default 'GLOBAL')"
|
||||
description = "The network routing mode (default 'GLOBAL')."
|
||||
type = string
|
||||
default = "GLOBAL"
|
||||
}
|
||||
|
|
@ -90,13 +90,13 @@ variable "shared_vpc_host" {
|
|||
}
|
||||
|
||||
variable "shared_vpc_service_projects" {
|
||||
description = "Shared VPC service projects to register with this host"
|
||||
description = "Shared VPC service projects to register with this host."
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "subnets" {
|
||||
description = "The list of subnets being created"
|
||||
description = "The list of subnets being created."
|
||||
type = list(object({
|
||||
name = string
|
||||
ip_cidr_range = string
|
||||
|
|
|
|||
|
|
@ -64,7 +64,7 @@ variable "https_source_ranges" {
|
|||
}
|
||||
|
||||
variable "named_ranges" {
|
||||
description = "Names that can be used of valid values for the `ranges` field of `custom_rules`"
|
||||
description = "Names that can be used of valid values for the `ranges` field of `custom_rules`."
|
||||
type = map(list(string))
|
||||
default = {
|
||||
any = ["0.0.0.0/0"]
|
||||
|
|
|
|||
Loading…
Reference in New Issue