History

Ludovico Magnocavallo 02d867ff3d rename iam variables in folder module		2020-11-04 16:49:19 +01:00
..
README.md	rename iam variables in folder module	2020-11-04 16:49:19 +01:00
main.tf	rename iam variables in folder module	2020-11-04 16:49:19 +01:00
outputs.tf	Update folders module to Terraform 0.13	2020-10-20 15:41:03 +02:00
variables.tf	rename iam variables in folder module	2020-11-04 16:49:19 +01:00
versions.tf	Update folders module to Terraform 0.13	2020-10-20 15:41:03 +02:00

README.md

Google Cloud Folder Module

This module allows the creation and management of folders together with their individual IAM bindings and organization policies.

Examples

IAM bindings

module "folder" {
  source = "./modules/folder"
  parent = "organizations/1234567890"
  name  = "Folder name"
  iam = {
    "roles/owner" = ["group:users@example.com"]
  }
}

Organization policies

module "folder" {
  source = "./modules/folder"
  parent = "organizations/1234567890"
  name  = "Folder name"
  policy_boolean = {
    "constraints/compute.disableGuestAttributesAccess" = true
    "constraints/compute.skipDefaultNetworkCreation" = true
  }
  policy_list = {
    "constraints/compute.trustedImageProjects" = {
      inherit_from_parent = null
      suggested_value = null
      status = true
      values = ["projects/my-project"]
    }
  }
}

Variables

name	description	type	required	default
name	Folder name.	`string`	✓
parent	Parent in folders/folder_id or organizations/org_id format.	`string`	✓
iam	IAM bindings in {ROLE => [MEMBERS]} format.	`map(set(string))`		`null`
policy_boolean	Map of boolean org policies and enforcement value, set value to null for policy restore.	`map(bool)`		`{}`
policy_list	Map of list org policies, status is true for allow, false for deny, null for restore. Values can only be used for allow or deny.	`map(object({...}))`		`{}`

Outputs

name	description	sensitive
folder	Folder resource.
id	Folder id.
name	Folder name.