Example usage:
provider "google" {
project = "my-infrastructure"
region = "europe-west1"
zone = "europe-west1-b"
}
module "admin" {
source = "TaitoUnited/admin/google"
version = "1.0.0"
project_id = "my-infrastructure"
permissions = yamldecode(file("${path.root}/../infra.yaml"))["permissions"]
service_accounts = yamldecode(file("${path.root}/../infra.yaml"))["serviceAccounts"]
apis = yamldecode(file("${path.root}/../infra.yaml"))["apis"]
}
Example YAML:
permissions:
- id: group:[email protected]
roles:
- roles/owner
- id: group:[email protected]
roles:
- custom/developer
- id: user:[email protected]
roles:
- custom/limitedDeveloper
- id: user:[email protected]
roles:
- custom/limitedDataViewer
serviceAccounts:
- id: database-proxy
- id: cicd-tester
- id: my-kms-viewer
roles:
- roles/cloudkms.publicKeyViewer
apis:
- id: cloudbuild.googleapis.com
- id: cloudfunctions.googleapis.com
- id: cloudkms.googleapis.com
- id: cloudscheduler.googleapis.com
- id: compute.googleapis.com
- id: container.googleapis.com
- id: containerregistry.googleapis.com
- id: monitoring.googleapis.com
- id: pubsub.googleapis.com
- id: servicenetworking.googleapis.com
- id: sql-component.googleapis.com
- id: sqladmin.googleapis.com
YAML attributes:
- See variables.tf for all the supported YAML attributes.
- TIP: See Creating custom roles on how to create custom roles at the project or organization level.
Combine with the following modules to get a complete infrastructure defined by YAML:
- Admin
- DNS
- Network
- Compute
- Kubernetes
- Databases
- Storage
- Monitoring
- Integrations
- PostgreSQL privileges
- MySQL privileges
Similar modules are also available for AWS, Azure, and DigitalOcean. All modules are used by infrastructure templates of Taito CLI. TIP: See also Google Cloud project resources, Full Stack Helm Chart, and full-stack-template.
Contributions are welcome!