Minor vpc-sc module corrections (#167)

* Fix #158

* fix variable type

modules/vpc-sc/README.md

@@ -13,7 +13,7 @@ The Use of this module requires credentials with the [correct permissions](https
 ```hcl
 module "vpc-sc" {
   source              = "./modules/vpc-sc"
-  org_id              = 112233
+  organization_id     = "organizations/112233"
   access_policy_title = "My Access Policy"
   access_levels = {
     my_trusted_proxy = {
@@ -53,7 +53,7 @@ module "vpc-sc" {
 ```hcl
 module "vpc-sc" {
   source              = "./modules/vpc-sc"
-  org_id              = 112233
+  organization_id     = "organizations/112233"
   access_policy_title = "My Access Policy"
   access_levels = {
     my_trusted_proxy = {
@@ -99,7 +99,7 @@ module "vpc-sc" {
 | name | description | type | required | default |
 |---|---|:---: |:---:|:---:|
 | access_policy_title | Access Policy title to be created. | <code title="">string</code> | ✓ |  |
-| org_id | Organization id in nnnnnn format. | <code title="">number</code> | ✓ |  |
+| organization_id | Organization id in organizations/nnnnnn format. | <code title="">string</code> | ✓ |  |
 | *access_level_perimeters* | Enforced mode -> Access Level -> Perimeters mapping. Enforced mode can be 'enforced' or 'dry_run' | <code title="map&#40;map&#40;list&#40;string&#41;&#41;&#41;">map(map(list(string)))</code> |  | <code title="">{}</code> |
 | *access_levels* | Access Levels. | <code title="map&#40;object&#40;&#123;&#10;combining_function &#61; string&#10;conditions &#61; list&#40;object&#40;&#123;&#10;ip_subnetworks &#61; list&#40;string&#41;&#10;members        &#61; list&#40;string&#41;&#10;negate         &#61; string&#10;&#125;&#41;&#41;&#10;&#125;&#41;&#41;">map(object({...}))</code> |  | <code title="">{}</code> |
 | *perimeter_projects* | Perimeter -> Enforced Mode -> Projects Number mapping. Enforced mode can be 'enforced' or 'dry_run'. | <code title="map&#40;map&#40;list&#40;number&#41;&#41;&#41;">map(map(list(number)))</code> |  | <code title="">{}</code> |
@@ -111,7 +111,7 @@ module "vpc-sc" {
 |---|---|:---:|
 | access_levels | Access Levels. |  |
 | access_policy_name | Access Policy resource |  |
-| org_id | Organization id dependent on module resources. |  |
+| organization_id | Organization id dependent on module resources. |  |
 | perimeters_bridge | VPC-SC bridge perimeter resources. |  |
 | perimeters_standard | VPC-SC standard perimeter resources. |  |
 <!-- END TFDOC -->

modules/vpc-sc/main.tf

@@ -32,7 +32,7 @@ locals {
 }
 
 resource "google_access_context_manager_access_policy" "default" {
-  parent = "organizations/${var.org_id}"
+  parent = var.organization_id
   title  = var.access_policy_title
 }
 
@@ -115,11 +115,11 @@ resource "google_access_context_manager_service_perimeter" "standard" {
     }
   }
 
-  # Uncomment if used alongside `google_access_context_manager_service_perimeter_resource`, 
+  # Uncomment if used alongside `google_access_context_manager_service_perimeter_resource`,
   # so they don't fight over which resources should be in the policy.
   # lifecycle {
   #   ignore_changes = [status[0].resources]
-  # }  
+  # }
 
   depends_on = [
     google_access_context_manager_access_level.default,
@@ -152,11 +152,11 @@ resource "google_access_context_manager_service_perimeter" "bridge" {
     }
   }
 
-  # Uncomment if used alongside `google_access_context_manager_service_perimeter_resource`, 
+  # Uncomment if used alongside `google_access_context_manager_service_perimeter_resource`,
   # so they don't fight over which resources should be in the policy.
   # lifecycle {
   #   ignore_changes = [status[0].resources]
-  # }  
+  # }
 
   depends_on = [
     google_access_context_manager_service_perimeter.standard,

modules/vpc-sc/outputs.tf

@@ -14,20 +14,6 @@
  * limitations under the License.
  */
 
-output "org_id" {
-  description = "Organization id dependent on module resources."
-  value       = var.org_id
-  # FIXME(jccb): these deps don't exist (??)
-  # depends_on = [
-  #   google_organization_iam_audit_config,
-  #   google_organization_iam_binding.authoritative,
-  #   google_organization_iam_custom_role.roles,
-  #   google_organization_iam_member.additive,
-  #   google_organization_policy.boolean,
-  #   google_organization_policy.list
-  # ]
-}
-
 output "access_policy_name" {
   description = "Access Policy resource"
   value       = local.access_policy_name
@@ -41,6 +27,14 @@ output "access_levels" {
   }
 }
 
+output "organization_id" {
+  description = "Organization id dependent on module resources."
+  value       = var.organization_id
+  depends_on = [
+    google_access_context_manager_access_policy.default
+  ]
+}
+
 output "perimeters_standard" {
   description = "VPC-SC standard perimeter resources."
   value = {

modules/vpc-sc/variables.tf

@@ -38,9 +38,9 @@ variable "access_policy_title" {
   type        = string
 }
 
-variable "org_id" {
-  description = "Organization id in nnnnnn format."
-  type        = number
+variable "organization_id" {
+  description = "Organization id in organizations/nnnnnn format."
+  type        = string
 }
 
 variable "perimeters" {