6941313c7d
* factories refactor doc * Adds file schema and filesystem organization * Update 20231106-factories.md * move factories out of blueprints and create new factories README * align factory in billing-account module * align factory in dataplex-datascan module * align factory in billing-account module * align factory in net-firewall-policy module * align factory in dns-response-policy module * align factory in net-vpc-firewall module * align factory in net-vpc module * align factory variable names in FAST * remove decentralized firewall blueprint * bump terraform version * bump module versions * update top-level READMEs * move project factory to modules * fix variable names and tests * tfdoc * remove changelog link * add project factory to top-level README * fix cludrun eventarc diff * fix README * fix cludrun eventarc diff --------- Co-authored-by: Simone Ruffilli <sruffilli@google.com> |
||
---|---|---|
.. | ||
README.md | ||
main.tf | ||
outputs.tf | ||
variables.tf |
README.md
Google Cloud Identity Group Factory
This module allows creation and management of Cloud Identity Groups by defining them in well formatted yaml
files.
Yaml abstraction for Groups can simplify groups creation and members management. Yaml can be simpler and clearer comparing to HCL.
Example
Terraform code
module "groups" {
source = "./fabric/modules/__experimental_deprecated/cloud-identity-group-factory"
customer_id = "customers/C0xxxxxxx"
data_dir = "data"
}
# tftest modules=2 resources=3 files=group1
# tftest-file id=group1 path=data/group1@example.com.yaml
display_name: Group 1
description: Group 1
members:
- user1@example.com
managers:
- user2@example.com
Configuration Structure
Groups configuration should be placed in a set of yaml files. The name of the file identify the name of the group.
├── data
├── group1@domain.com.yaml
├── group2@domain.com.yaml
Group definition format and structure
Within each file, the group entry structure is following:
display_name: Group 1 # Group display name.
description: Group 1 description # Group description.
members: # List of group members.
- user_1@example.com
- user_2@example.com
managers: # List of group managers.
- manager_1@example.com
Variables
name | description | type | required | default |
---|---|---|---|---|
customer_id | Directory customer ID in the form customers/C0xxxxxxx. | string |
✓ | |
data_dir | Relative path for the folder storing configuration data. | string |
✓ |
Outputs
name | description | sensitive |
---|---|---|
group_id | Group name => Group ID mapping. |