zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/tests/blueprints/factories/project_factory/examples/example.yaml

256 lines
11 KiB
YAML
Raw Blame History

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This is one of the few modules where it actually makes sense to be
# very verbose with values
values:
module.projects["project"].google_compute_subnetwork_iam_member.default["dev-default-ew1:serviceAccount:my-service-account"]:
condition: []
member: serviceAccount:my-service-account
project: fast-dev-net-spoke-0
region: europe-west1
role: roles/compute.networkUser
subnetwork: projects/fast-dev-net-spoke-0/regions/europe-west1/subnetworks/dev-default-ew1
module.projects["project"].google_compute_subnetwork_iam_member.default["dev-default-ew1:user:foobar@example.com"]:
condition: []
member: user:foobar@example.com
project: fast-dev-net-spoke-0
region: europe-west1
role: roles/compute.networkUser
subnetwork: projects/fast-dev-net-spoke-0/regions/europe-west1/subnetworks/dev-default-ew1
module.projects["project"].module.billing-alert["1"].google_billing_budget.budget:
all_updates_rule:
- disable_default_iam_recipients: false
pubsub_topic: null
schema_version: '1.0'
amount:
- last_period_amount: null
specified_amount:
- nanos: null
units: '10'
billing_account: 012345-67890A-BCDEF0
budget_filter:
- calendar_period: null
credit_types_treatment: INCLUDE_ALL_CREDITS
custom_period: []
display_name: test1-project budget
threshold_rules:
- spend_basis: CURRENT_SPEND
threshold_percent: 0.5
- spend_basis: CURRENT_SPEND
threshold_percent: 0.8
module.projects["project"].module.billing-alert["1"].google_monitoring_notification_channel.email_channels["team-a-contacts@example.com"]:
display_name: test1-project budget budget email notification (team-a-contacts@example.com)
labels:
email_address: team-a-contacts@example.com
project: test1-project
sensitive_labels: []
type: email
module.projects["project"].module.billing-alert["1"].google_monitoring_notification_channel.email_channels["team-contacts@example.com"]:
display_name: test1-project budget budget email notification (team-contacts@example.com)
labels:
email_address: team-contacts@example.com
project: test1-project
sensitive_labels: []
type: email
module.projects["project"].module.dns["ipsum"].google_dns_managed_zone.dns_managed_zone[0]:
dns_name: ipsum.dev.example.org
name: ipsum
private_visibility_config:
- gke_clusters: []
networks:
- network_url: projects/foo/networks/bar
project: fast-dev-net-spoke-0
visibility: private
module.projects["project"].module.dns["lorem"].google_dns_managed_zone.dns_managed_zone[0]:
dns_name: lorem.dev.example.org
name: lorem
private_visibility_config:
- gke_clusters: []
networks:
- network_url: projects/foo/networks/bar
project: fast-dev-net-spoke-0
module.projects["project"].module.project.google_compute_shared_vpc_service_project.shared_vpc_service[0]:
host_project: fast-dev-net-spoke-0
service_project: test1-project
module.projects["project"].module.project.google_essential_contacts_contact.contact["team-a-contacts@example.com"]:
email: team-a-contacts@example.com
language_tag: en
notification_category_subscriptions:
- ALL
parent: projects/test1-project
module.projects["project"].module.project.google_essential_contacts_contact.contact["team-contacts@example.com"]:
email: team-contacts@example.com
language_tag: en
notification_category_subscriptions:
- ALL
parent: projects/test1-project
module.projects["project"].module.project.google_org_policy_policy.default["compute.disableGuestAttributesAccess"]:
name: projects/test1-project/policies/compute.disableGuestAttributesAccess
parent: projects/test1-project
spec:
- inherit_from_parent: null
reset: null
rules:
- allow_all: null
condition: []
deny_all: null
enforce: 'TRUE'
values: []
module.projects["project"].module.project.google_org_policy_policy.default["compute.trustedImageProjects"]:
name: projects/test1-project/policies/compute.trustedImageProjects
parent: projects/test1-project
spec:
- inherit_from_parent: null
reset: null
rules:
- allow_all: null
condition: []
deny_all: null
enforce: null
values:
- allowed_values:
- projects/fast-dev-iac-core-0
denied_values: null
module.projects["project"].module.project.google_org_policy_policy.default["compute.vmExternalIpAccess"]:
name: projects/test1-project/policies/compute.vmExternalIpAccess
parent: projects/test1-project
spec:
- inherit_from_parent: null
reset: null
rules:
- allow_all: null
condition: []
deny_all: 'TRUE'
enforce: null
values: []
module.projects["project"].module.project.google_project.project[0]:
auto_create_network: false
billing_account: 012345-67890A-BCDEF0
folder_id: 012345678901
labels:
application: example-app
costcenter: apps
department: accounting
environment: dev
foo: bar
name: test1-project
org_id: null
project_id: test1-project
skip_delete: false
module.projects["project"].module.project.google_project_iam_binding.authoritative["roles/compute.admin"]:
condition: []
project: test1-project
role: roles/compute.admin
module.projects["project"].module.project.google_project_iam_binding.authoritative["roles/compute.adminv1"]:
condition: []
project: test1-project
role: roles/compute.adminv1
module.projects["project"].module.project.google_project_iam_binding.authoritative["roles/storage.objectViewer"]:
condition: []
project: test1-project
role: roles/storage.objectViewer
module.projects["project"].module.project.google_project_iam_member.shared_vpc_host_robots["roles/compute.networkUser:cloudservices"]:
condition: []
project: fast-dev-net-spoke-0
role: roles/compute.networkUser
module.projects["project"].module.project.google_project_iam_member.shared_vpc_host_robots["roles/compute.securityAdmin:container-engine"]:
condition: []
project: fast-dev-net-spoke-0
role: roles/compute.securityAdmin
module.projects["project"].module.project.google_project_iam_member.shared_vpc_host_robots["roles/compute.networkUser:dataproc"]:
project: fast-dev-net-spoke-0
role: roles/compute.networkUser
module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["compute.key1"]:
condition: []
crypto_key_id: key1
role: roles/cloudkms.cryptoKeyEncrypterDecrypter
module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["compute.key2"]:
condition: []
crypto_key_id: key2
role: roles/cloudkms.cryptoKeyEncrypterDecrypter
module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["storage.key1"]:
condition: []
crypto_key_id: key1
role: roles/cloudkms.cryptoKeyEncrypterDecrypter
module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["storage.key2"]:
condition: []
crypto_key_id: key2
role: roles/cloudkms.cryptoKeyEncrypterDecrypter
module.projects["project"].module.project.google_project_service.project_services["billingbudgets.googleapis.com"]:
disable_dependent_services: false
disable_on_destroy: false
project: test1-project
service: billingbudgets.googleapis.com
module.projects["project"].module.project.google_project_service.project_services["compute.googleapis.com"]:
disable_dependent_services: false
disable_on_destroy: false
project: test1-project
service: compute.googleapis.com
module.projects["project"].module.project.google_project_service.project_services["container.googleapis.com"]:
disable_dependent_services: false
disable_on_destroy: false
project: test1-project
service: container.googleapis.com
module.projects["project"].module.project.google_project_service.project_services["dns.googleapis.com"]:
disable_dependent_services: false
disable_on_destroy: false
project: test1-project
service: dns.googleapis.com
module.projects["project"].module.project.google_project_service.project_services["essentialcontacts.googleapis.com"]:
disable_dependent_services: false
disable_on_destroy: false
project: test1-project
service: essentialcontacts.googleapis.com
module.projects["project"].module.project.google_project_service.project_services["orgpolicy.googleapis.com"]:
disable_dependent_services: false
disable_on_destroy: false
project: test1-project
service: orgpolicy.googleapis.com
module.projects["project"].module.project.google_project_service.project_services["stackdriver.googleapis.com"]:
disable_dependent_services: false
disable_on_destroy: false
project: test1-project
service: stackdriver.googleapis.com
module.projects["project"].module.project.google_project_service.project_services["storage.googleapis.com"]:
disable_dependent_services: false
disable_on_destroy: false
project: test1-project
service: storage.googleapis.com
module.projects["project"].module.service-accounts["another-service-account"].google_service_account.service_account[0]:
account_id: another-service-account
display_name: Terraform-managed.
project: test1-project
module.projects["project"].module.service-accounts["my-service-account"].google_service_account.service_account[0]:
account_id: my-service-account
display_name: Terraform-managed.
project: test1-project
counts:
google_billing_budget: 1
google_compute_shared_vpc_service_project: 1
google_compute_subnetwork_iam_member: 2
google_dns_managed_zone: 2
google_essential_contacts_contact: 2
google_monitoring_notification_channel: 2
google_org_policy_policy: 3
google_project: 1
google_project_iam_binding: 3
google_project_iam_member: 4
google_project_service: 8
google_service_account: 2
google_storage_project_service_account: 1
google_kms_crypto_key_iam_member: 4
Reference in New Issue View Git Blame Copy Permalink