|
|
|
@ -327,22 +327,23 @@ Names used in internal references (e.g. `module.foo-prod.id`) are only used by T
|
|
|
|
|
| name | description | type | required | default | producer |
|
|
|
|
|
|---|---|:---:|:---:|:---:|:---:|
|
|
|
|
|
| [billing_account](variables.tf#L17) | Billing account id and organization id ('nnnnnnnn' or null). | <code title="object({ id = string organization_id = number })">object({…})</code> | ✓ | | |
|
|
|
|
|
| [organization](variables.tf#L84) | Organization details. | <code title="object({ domain = string id = number customer_id = string })">object({…})</code> | ✓ | | |
|
|
|
|
|
| [prefix](variables.tf#L99) | Prefix used for resources that need unique names. | <code>string</code> | ✓ | | |
|
|
|
|
|
| [organization](variables.tf#L96) | Organization details. | <code title="object({ domain = string id = number customer_id = string })">object({…})</code> | ✓ | | |
|
|
|
|
|
| [prefix](variables.tf#L111) | Prefix used for resources that need unique names. | <code>string</code> | ✓ | | |
|
|
|
|
|
| [bootstrap_user](variables.tf#L25) | Email of the nominal user running this stage for the first time. | <code>string</code> | | <code>null</code> | |
|
|
|
|
|
| [groups](variables.tf#L31) | Group names to grant organization-level permissions. | <code>map(string)</code> | | <code title="{ gcp-billing-admins = "gcp-billing-admins", gcp-devops = "gcp-devops", gcp-network-admins = "gcp-network-admins" gcp-organization-admins = "gcp-organization-admins" gcp-security-admins = "gcp-security-admins" gcp-support = "gcp-support" }">{…}</code> | |
|
|
|
|
|
| [iam](variables.tf#L45) | Organization-level custom IAM settings in role => [principal] format. | <code>map(list(string))</code> | | <code>{}</code> | |
|
|
|
|
|
| [iam_additive](variables.tf#L51) | Organization-level custom IAM settings in role => [principal] format for non-authoritative bindings. | <code>map(list(string))</code> | | <code>{}</code> | |
|
|
|
|
|
| [log_sinks](variables.tf#L59) | Org-level log sinks, in name => {type, filter} format. | <code title="map(object({ filter = string type = string }))">map(object({…}))</code> | | <code title="{ audit-logs = { filter = "logName:\"/logs/cloudaudit.googleapis.com%2Factivity\" OR logName:\"/logs/cloudaudit.googleapis.com%2Fsystem_event\"" type = "bigquery" } vpc-sc = { filter = "protoPayload.metadata.@type=\"type.googleapis.com/google.cloud.audit.VpcServiceControlAuditMetadata\"" type = "bigquery" } }">{…}</code> | |
|
|
|
|
|
| [outputs_location](variables.tf#L93) | Path where providers and tfvars files for the following stages are written. Leave empty to disable. | <code>string</code> | | <code>null</code> | |
|
|
|
|
|
| [custom_role_names](variables.tf#L31) | Names of custom roles defined at the org level. | <code title="object({ organization_iam_admin = string service_project_network_admin = string })">object({…})</code> | | <code title="{ organization_iam_admin = "organizationIamAdmin" service_project_network_admin = "serviceProjectNetworkAdmin" }">{…}</code> | |
|
|
|
|
|
| [groups](variables.tf#L43) | Group names to grant organization-level permissions. | <code>map(string)</code> | | <code title="{ gcp-billing-admins = "gcp-billing-admins", gcp-devops = "gcp-devops", gcp-network-admins = "gcp-network-admins" gcp-organization-admins = "gcp-organization-admins" gcp-security-admins = "gcp-security-admins" gcp-support = "gcp-support" }">{…}</code> | |
|
|
|
|
|
| [iam](variables.tf#L57) | Organization-level custom IAM settings in role => [principal] format. | <code>map(list(string))</code> | | <code>{}</code> | |
|
|
|
|
|
| [iam_additive](variables.tf#L63) | Organization-level custom IAM settings in role => [principal] format for non-authoritative bindings. | <code>map(list(string))</code> | | <code>{}</code> | |
|
|
|
|
|
| [log_sinks](variables.tf#L71) | Org-level log sinks, in name => {type, filter} format. | <code title="map(object({ filter = string type = string }))">map(object({…}))</code> | | <code title="{ audit-logs = { filter = "logName:\"/logs/cloudaudit.googleapis.com%2Factivity\" OR logName:\"/logs/cloudaudit.googleapis.com%2Fsystem_event\"" type = "bigquery" } vpc-sc = { filter = "protoPayload.metadata.@type=\"type.googleapis.com/google.cloud.audit.VpcServiceControlAuditMetadata\"" type = "bigquery" } }">{…}</code> | |
|
|
|
|
|
| [outputs_location](variables.tf#L105) | Path where providers and tfvars files for the following stages are written. Leave empty to disable. | <code>string</code> | | <code>null</code> | |
|
|
|
|
|
|
|
|
|
|
## Outputs
|
|
|
|
|
|
|
|
|
|
| name | description | sensitive | consumers |
|
|
|
|
|
|---|---|:---:|---|
|
|
|
|
|
| [billing_dataset](outputs.tf#L85) | BigQuery dataset prepared for billing export. | | |
|
|
|
|
|
| [project_ids](outputs.tf#L90) | Projects created by this stage. | | |
|
|
|
|
|
| [providers](outputs.tf#L101) | Terraform provider files for this stage and dependent stages. | ✓ | <code>stage-01</code> |
|
|
|
|
|
| [tfvars](outputs.tf#L110) | Terraform variable files for the following stages. | ✓ | |
|
|
|
|
|
| [billing_dataset](outputs.tf#L89) | BigQuery dataset prepared for billing export. | | |
|
|
|
|
|
| [project_ids](outputs.tf#L94) | Projects created by this stage. | | |
|
|
|
|
|
| [providers](outputs.tf#L105) | Terraform provider files for this stage and dependent stages. | ✓ | <code>stage-01</code> |
|
|
|
|
|
| [tfvars](outputs.tf#L114) | Terraform variable files for the following stages. | ✓ | |
|
|
|
|
|
|
|
|
|
|
<!-- END TFDOC -->
|
|
|
|
|