From b1d8c064228197a5fe3cbce15e4f91c9da0d7a68 Mon Sep 17 00:00:00 2001 From: Lorenzo Caggioni Date: Mon, 28 Jun 2021 10:57:11 +0200 Subject: [PATCH] fix variables --- .../data-platform-foundations/01-environment/README.md | 2 ++ .../data-platform-foundations/01-environment/main.tf | 1 + .../data-platform-foundations/01-environment/outputs.tf | 8 ++------ .../data-platform-foundations/01-environment/variables.tf | 8 +------- .../data-platform-foundations/02-resources/README.md | 1 + .../data-platform-foundations/02-resources/variables.tf | 2 +- 6 files changed, 8 insertions(+), 14 deletions(-) diff --git a/data-solutions/data-platform-foundations/01-environment/README.md b/data-solutions/data-platform-foundations/01-environment/README.md index 60d4e715..c621f7d1 100644 --- a/data-solutions/data-platform-foundations/01-environment/README.md +++ b/data-solutions/data-platform-foundations/01-environment/README.md @@ -43,6 +43,7 @@ Once done testing, you can clean up resources by running `terraform destroy`. | *prefix* | Prefix used to generate project id and name. | string | | null | | *project_names* | Override this variable if you need non-standard names. | object({...}) | | ... | | *service_account_names* | Override this variable if you need non-standard names. | object({...}) | | ... | +| *service_encryption_key_ids* | Cloud KMS encryption key in {LOCATION => [KEY_URL]} format. Keys belong to existing project. | object({...}) | | ... | ## Outputs @@ -50,4 +51,5 @@ Once done testing, you can clean up resources by running `terraform destroy`. |---|---|:---:| | project_ids | Project ids for created projects. | | | service_account | Main service account. | | +| service_encryption_key_ids | Cloud KMS encryption keys in {LOCATION => [KEY_URL]} format. | | diff --git a/data-solutions/data-platform-foundations/01-environment/main.tf b/data-solutions/data-platform-foundations/01-environment/main.tf index e211237d..d41e19ee 100644 --- a/data-solutions/data-platform-foundations/01-environment/main.tf +++ b/data-solutions/data-platform-foundations/01-environment/main.tf @@ -30,6 +30,7 @@ module "project-datamart" { "bigquery.googleapis.com", "bigquerystorage.googleapis.com", "bigqueryreservation.googleapis.com", + "storage.googleapis.com", "storage-component.googleapis.com", ] iam = { diff --git a/data-solutions/data-platform-foundations/01-environment/outputs.tf b/data-solutions/data-platform-foundations/01-environment/outputs.tf index 555bf6ac..a008faf9 100644 --- a/data-solutions/data-platform-foundations/01-environment/outputs.tf +++ b/data-solutions/data-platform-foundations/01-environment/outputs.tf @@ -26,12 +26,8 @@ output "project_ids" { } output "service_encryption_key_ids" { - description = "Project ids for created projects." - value = { - regional = var.service_encryption_key_ids.regional - multiregional = var.service_encryption_key_ids.multiregional - global = var.service_encryption_key_ids.global - } + description = "Cloud KMS encryption keys in {LOCATION => [KEY_URL]} format." + value = var.service_encryption_key_ids } output "service_account" { diff --git a/data-solutions/data-platform-foundations/01-environment/variables.tf b/data-solutions/data-platform-foundations/01-environment/variables.tf index ac31fee7..39235998 100644 --- a/data-solutions/data-platform-foundations/01-environment/variables.tf +++ b/data-solutions/data-platform-foundations/01-environment/variables.tf @@ -56,14 +56,8 @@ variable "service_account_names" { } } -variable "create_encryption_keys" { - description = "Cloud KMS encryption key will be created in the Service Project." - type = bool - default = false -} - variable "service_encryption_key_ids" { - description = "Cloud KMS encryption key in {SERVICE => [KEY_URL]} format. Keys belong to existing project." + description = "Cloud KMS encryption key in {LOCATION => [KEY_URL]} format. Keys belong to existing project." type = object({ regional = string multiregional = string diff --git a/data-solutions/data-platform-foundations/02-resources/README.md b/data-solutions/data-platform-foundations/02-resources/README.md index 3f1e6e9a..1ec7bc80 100644 --- a/data-solutions/data-platform-foundations/02-resources/README.md +++ b/data-solutions/data-platform-foundations/02-resources/README.md @@ -61,6 +61,7 @@ Once done testing, you can clean up resources by running `terraform destroy`. | *landing_pubsub* | List of landing pubsub topics and subscriptions to create | map(map(object({...}))) | | ... | | *landing_service_account* | landing service accounts list. | string | | sa-landing | | *service_account_names* | Project service accounts list. | object({...}) | | ... | +| *service_encryption_key_ids* | Cloud KMS encryption key in {LOCATION => [KEY_URL]} format. Keys belong to existing project. | object({...}) | | ... | | *transformation_buckets* | List of transformation buckets to create | map(object({...})) | | ... | | *transformation_subnets* | List of subnets to create in the transformation Project. | list(object({...})) | | ... | | *transformation_vpc_name* | Name of the VPC created in the transformation Project. | string | | transformation-vpc | diff --git a/data-solutions/data-platform-foundations/02-resources/variables.tf b/data-solutions/data-platform-foundations/02-resources/variables.tf index 56588a60..e949a219 100644 --- a/data-solutions/data-platform-foundations/02-resources/variables.tf +++ b/data-solutions/data-platform-foundations/02-resources/variables.tf @@ -171,7 +171,7 @@ variable "transformation_vpc_name" { } variable "service_encryption_key_ids" { - description = "Cloud KMS encryption key in {SERVICE => [KEY_URL]} format." + description = "Cloud KMS encryption key in {LOCATION => [KEY_URL]} format. Keys belong to existing project." type = object({ regional = string multiregional = string