# Google Cloud Service Directory Module This module allows managing a single [Service Directory](https://cloud.google.com/service-directory) namespace, including multiple services, endpoints and IAM bindings at the namespace and service levels. It can be used in conjunction with the [DNS](../dns) module to create service-directory based DNS zones, offloading IAM control of `A` and `SRV` records at the namespace or service level to Service Directory. The last examples shows how to wire the two modules together. ## Examples ### Namespace with IAM ```hcl module "service-directory" { source = "./modules/service-directory" project_id = "my-project location = "europe-west1" name = "sd-1" iam_members = { "roles/servicedirectory.editor" = [ "serviceAccount:namespace-editor@example.com" ] } iam_roles = [ "roles/servicedirectory.editor" ] ``` ### Services with IAM and endpoints ```hcl module "service-directory" { source = "./modules/service-directory" project_id = "my-project location = "europe-west1" name = "sd-1" services = { one = { endpoints = ["first", "second"] metadata = null } } service_iam_members = { one = { "roles/servicedirectory.editor" = [ "serviceAccount:service-editor.example.com" ] } } service_iam_roles = { one = ["roles/servicedirectory.editor"] } endpoint_config = { "one/first" = { address = "127.0.0.1", port = 80, metadata = {} } "one/second" = { address = "127.0.0.2", port = 80, metadata = {} } } } ``` ### DNS based zone TODO ```hcl module "service-directory" { source = "./modules/service-directory" project_id = "my-project location = "europe-west1" name = "sd-1" } ``` ## Variables | name | description | type | required | default | |---|---|:---: |:---:|:---:| | location | Namespace location. | string | ✓ | | | name | Namespace name. | string | ✓ | | | project_id | Project used for resources. | string | ✓ | | | *endpoint_config* | Map of endpoint attributes, keys are in service/endpoint format. | map(object({...})) | | {} | | *iam_members* | IAM members for each namespace role. | map(list(string)) | | {} | | *iam_roles* | IAM roles for the namespace. | list(string) | | [] | | *labels* | Labels. | map(string) | | {} | | *service_iam_members* | IAM members for each service and role. | map(map(list(string))) | | {} | | *service_iam_roles* | IAM roles for each service. | map(list(string)) | | {} | | *services* | Service configuration, using service names as keys. | map(object({...})) | | {} | ## Outputs | name | description | sensitive | |---|---|:---:| | endpoints | Endpoint resources. | | | id | Namespace id (short name). | | | name | Namespace name (long name). | | | namespace | Namespace resource. | | | service_id | Service ids (short names). | | | service_names | Service ids (long names). | | | services | Service resources. | |