Skip to content

Latest commit

 

History

History
37 lines (33 loc) · 5.81 KB

README.md

File metadata and controls

37 lines (33 loc) · 5.81 KB
Raw

Inputs

Name Description Type Default Required
assured_workload_configuration Assured Workload configuration. See https://cloud.google.com/assured-workloads ."
enabled: If the assured workload should be created.
location: The location where the workload will be created.
display_name: User-assigned resource display name.
compliance_regime: Supported Compliance Regimes. See https://cloud.google.com/assured-workloads/docs/reference/rest/Shared.Types/ComplianceRegime .
resource_type: The type of resource. One of CONSUMER_FOLDER, KEYRING, or ENCRYPTION_KEYS_PROJECT.		 
object({
    enabled           = optional(bool, false)
    location          = optional(string, "us-central1")
    display_name      = optional(string, "FEDRAMP-MODERATE")
    compliance_regime = optional(string, "FEDRAMP_MODERATE")
    resource_type     = optional(string, "CONSUMER_FOLDER")
  })
 {} no
env The environment to prepare (ex. development) string n/a yes
environment_code A short form of the folder level resources (environment) within the Google Cloud organization (ex. d). string n/a yes
gcs_bucket_prefix Bucket Prefix string "bkt" no
gcs_logging_bucket_location Location of environment logging bucket string "us-central1" no
gcs_logging_key_rotation_period Rotation period in seconds to be used for KMS Key string "7776000s" no
gcs_logging_retention_period Retention configuration for environment logging bucket 
object({
    is_locked             = bool
    retention_period_days = number
  })
 null no
keyring_name Name to be used for KMS Keyring string "sample-keyring" no
keyring_regions Regions to create keyrings in list(string) 
[
  "us-central1",
  "us-east4"
]
 no
kms_prevent_destroy Wheter to prevent keyring and keys destruction. Must be set to false if the user wants to disable accidental terraform deletions protection. bool true no
monitoring_workspace_users Google Workspace or Cloud Identity group that have access to Monitoring Workspaces. string n/a yes
project_budget Budget configuration for projects.
budget_amount: The amount to use as the budget.
alert_spent_percents: A list of percentages of the budget to alert on when threshold is exceeded.
alert_pubsub_topic: The name of the Cloud Pub/Sub topic where budget related messages will be published, in the form of projects/{project_id}/topics/{topic_id}.
alert_spend_basis: The type of basis used to determine if spend has passed the threshold. Possible choices are CURRENT_SPEND or FORECASTED_SPEND (default).		 
object({
    base_network_budget_amount                  = optional(number, 1000)
    base_network_alert_spent_percents           = optional(list(number), [1.2])
    base_network_alert_pubsub_topic             = optional(string, null)
    base_network_budget_alert_spend_basis       = optional(string, "FORECASTED_SPEND")
    restricted_network_budget_amount            = optional(number, 1000)
    restricted_network_alert_spent_percents     = optional(list(number), [1.2])
    restricted_network_alert_pubsub_topic       = optional(string, null)
    restricted_network_budget_alert_spend_basis = optional(string, "FORECASTED_SPEND")
    monitoring_budget_amount                    = optional(number, 1000)
    monitoring_alert_spent_percents             = optional(list(number), [1.2])
    monitoring_alert_pubsub_topic               = optional(string, null)
    monitoring_budget_alert_spend_basis         = optional(string, "FORECASTED_SPEND")
    secret_budget_amount                        = optional(number, 1000)
    secret_alert_spent_percents                 = optional(list(number), [1.2])
    secret_alert_pubsub_topic                   = optional(string, null)
    secret_budget_alert_spend_basis             = optional(string, "FORECASTED_SPEND")
    kms_budget_amount                           = optional(number, 1000)
    kms_alert_spent_percents                    = optional(list(number), [1.2])
    kms_alert_pubsub_topic                      = optional(string, null)
    kms_budget_alert_spend_basis                = optional(string, "FORECASTED_SPEND")
    logging_budget_amount                       = optional(number, 1000)
    logging_alert_spent_percents                = optional(list(number), [1.2])
    logging_alert_pubsub_topic                  = optional(string, null)
    logging_budget_alert_spend_basis            = optional(string, "FORECASTED_SPEND")
  })
 {} no
remote_state_bucket Backend bucket to load Terraform Remote State Data from previous steps. string n/a yes
tfc_org_name Name of the TFC organization string n/a yes

Outputs

Name Description
assured_workload_id Assured Workload ID.
assured_workload_resources Resources associated with the Assured Workload.
env_folder Environment folder created under parent.
env_kms_project_id Project for environment Cloud Key Management Service (KMS).
env_kms_project_number Project number for environment Cloud Key Management Service (KMS).
env_log_bucket_name Name of environment log bucket
env_logs_project_id Project ID for environment logging.
env_logs_project_number Project number for environment logging.
env_secrets_project_id Project for environment secrets.
key_rings Keyring Names created
monitoring_project_id Project for monitoring infra.