Merge pull request #56 from ollionorg/enhancement/readme-update

Enhancement/readme update
ollionorg · Mar 11, 2024 · d6ed32a · d6ed32a
2 parents 369c55a + ca54f7c
commit d6ed32a
Show file tree

Hide file tree

Showing 23 changed files with 574 additions and 284 deletions.
diff --git a/1-org/envs/shared/README.md b/1-org/envs/shared/README.md
@@ -10,6 +10,7 @@
 
 | Name | Version |
 |------|---------|
+| <a name="provider_archive"></a> [archive](#provider\_archive) | n/a |
 | <a name="provider_google"></a> [google](#provider\_google) | 4.47.0 |
 | <a name="provider_google.impersonate"></a> [google.impersonate](#provider\_google.impersonate) | 4.47.0 |
 | <a name="provider_random"></a> [random](#provider\_random) | 3.5.1 |
@@ -49,6 +50,7 @@
 | <a name="module_org_shared_vpc_lien_removal"></a> [org\_shared\_vpc\_lien\_removal](#module\_org\_shared\_vpc\_lien\_removal) | ../../../modules/org_policies | n/a |
 | <a name="module_org_skip_default_network"></a> [org\_skip\_default\_network](#module\_org\_skip\_default\_network) | ../../../modules/org_policies | n/a |
 | <a name="module_org_vm_external_ip_access"></a> [org\_vm\_external\_ip\_access](#module\_org\_vm\_external\_ip\_access) | ../../../modules/org_policies | n/a |
+| <a name="module_output_bucket"></a> [output\_bucket](#module\_output\_bucket) | ../../../modules/storage | n/a |
 | <a name="module_pubsub_destination"></a> [pubsub\_destination](#module\_pubsub\_destination) | ../../../modules/pubsub | n/a |
 | <a name="module_restricted_network_hub"></a> [restricted\_network\_hub](#module\_restricted\_network\_hub) | ../../../modules/base_network_hub | n/a |
 | <a name="module_scc_notifications"></a> [scc\_notifications](#module\_scc\_notifications) | ../../../modules/base_network_hub | n/a |
@@ -64,7 +66,9 @@
 | [google_access_context_manager_access_policy.access_policy](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/access_context_manager_access_policy) | resource |
 | [google_bigquery_dataset.billing_dataset](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/bigquery_dataset) | resource |
 | [google_billing_account_iam_member.billing_admin_user](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/billing_account_iam_member) | resource |
-| [google_billing_account_iam_member.billing_admin_user_vishal](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/billing_account_iam_member) | resource |
+| [google_cloud_scheduler_job.cto_scheduler](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/cloud_scheduler_job) | resource |
+| [google_cloudfunctions_function.monitoring_ctos](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/cloudfunctions_function) | resource |
+| [google_cloudfunctions_function_iam_member.invoker](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/cloudfunctions_function_iam_member) | resource |
 | [google_folder.common](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/folder) | resource |
 | [google_folder_iam_audit_config.folder_config](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/folder_iam_audit_config) | resource |
 | [google_folder_iam_member.network_viewer](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/folder_iam_member) | resource |
@@ -114,7 +118,10 @@
 | [google_pubsub_subscription.scc_notification_subscription](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/pubsub_subscription) | resource |
 | [google_pubsub_topic.scc_notification_topic](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/pubsub_topic) | resource |
 | [google_scc_notification_config.scc_notification_config](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/scc_notification_config) | resource |
+| [google_storage_bucket.cf_default](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/storage_bucket) | resource |
+| [google_storage_bucket_object.cf_object](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/resources/storage_bucket_object) | resource |
 | [random_string.suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
+| [archive_file.default](https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/file) | data source |
 | [google_service_account_access_token.default](https://registry.terraform.io/providers/hashicorp/google/4.47.0/docs/data-sources/service_account_access_token) | data source |
 | [terraform_remote_state.bootstrap](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/data-sources/remote_state) | data source |
 
@@ -145,10 +152,13 @@
 | <a name="input_interconnect_project_alert_pubsub_topic"></a> [interconnect\_project\_alert\_pubsub\_topic](#input\_interconnect\_project\_alert\_pubsub\_topic) | The name of the Cloud Pub/Sub topic where budget related messages will be published, in the form of `projects/{project_id}/topics/{topic_id}` for the Dedicated Interconnect project. | `string` | `null` | no |
 | <a name="input_interconnect_project_alert_spent_percents"></a> [interconnect\_project\_alert\_spent\_percents](#input\_interconnect\_project\_alert\_spent\_percents) | A list of percentages of the budget to alert on when threshold is exceeded for the Dedicated Interconnect project. | `list(number)` | <pre>[<br>  0.5,<br>  0.75,<br>  0.9,<br>  0.95<br>]</pre> | no |
 | <a name="input_interconnect_project_budget_amount"></a> [interconnect\_project\_budget\_amount](#input\_interconnect\_project\_budget\_amount) | The amount to use as the budget for the Dedicated Interconnect project. | `number` | `1000` | no |
+| <a name="input_key_algorithm"></a> [key\_algorithm](#input\_key\_algorithm) | The algorithm to use when creating a version based on this template. See the https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm for possible inputs. | `string` | `"GOOGLE_SYMMETRIC_ENCRYPTION"` | no |
+| <a name="input_key_protection_level"></a> [key\_protection\_level](#input\_key\_protection\_level) | The protection level to use when creating a version based on this template. Default value: "SOFTWARE" Possible values: ["SOFTWARE", "HSM"] | `string` | `"SOFTWARE"` | no |
+| <a name="input_key_rotation_period"></a> [key\_rotation\_period](#input\_key\_rotation\_period) | n/a | `string` | `"7776000s"` | no |
 | <a name="input_log_export_storage_force_destroy"></a> [log\_export\_storage\_force\_destroy](#input\_log\_export\_storage\_force\_destroy) | (Optional) If set to true, delete all contents when destroying the resource; otherwise, destroying the resource will fail if contents are present. | `bool` | `true` | no |
 | <a name="input_log_export_storage_location"></a> [log\_export\_storage\_location](#input\_log\_export\_storage\_location) | The location of the storage bucket used to export logs. | `string` | `"US"` | no |
 | <a name="input_log_export_storage_retention_policy"></a> [log\_export\_storage\_retention\_policy](#input\_log\_export\_storage\_retention\_policy) | Configuration of the bucket's data retention policy for how long objects in the bucket should be retained. | <pre>object({<br>    is_locked             = bool<br>    retention_period_days = number<br>  })</pre> | `null` | no |
-| <a name="input_log_export_storage_versioning"></a> [log\_export\_storage\_versioning](#input\_log\_export\_storage\_versioning) | (Optional) Toggles bucket versioning, ability to retain a non-current object version when the live object version gets replaced or deleted. | `bool` | `false` | no |
+| <a name="input_log_export_storage_versioning"></a> [log\_export\_storage\_versioning](#input\_log\_export\_storage\_versioning) | (Optional) Toggles bucket versioning, ability to retain a non-current object version when the live object version gets replaced or deleted. | `bool` | `true` | no |
 | <a name="input_org_audit_logs_project_alert_pubsub_topic"></a> [org\_audit\_logs\_project\_alert\_pubsub\_topic](#input\_org\_audit\_logs\_project\_alert\_pubsub\_topic) | The name of the Cloud Pub/Sub topic where budget related messages will be published, in the form of `projects/{project_id}/topics/{topic_id}` for the org audit logs project. | `string` | `null` | no |
 | <a name="input_org_audit_logs_project_alert_spent_percents"></a> [org\_audit\_logs\_project\_alert\_spent\_percents](#input\_org\_audit\_logs\_project\_alert\_spent\_percents) | A list of percentages of the budget to alert on when threshold is exceeded for the org audit logs project. | `list(number)` | <pre>[<br>  0.5,<br>  0.75,<br>  0.9,<br>  0.95<br>]</pre> | no |
 | <a name="input_org_audit_logs_project_budget_amount"></a> [org\_audit\_logs\_project\_budget\_amount](#input\_org\_audit\_logs\_project\_budget\_amount) | The amount to use as the budget for the org audit logs project. | `number` | `1000` | no |

diff --git a/2-env/envs/development/README.md b/2-env/envs/development/README.md
@@ -1,28 +1,61 @@
-<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+Copyright 2021 Google LLC
 
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+**/
+
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_google"></a> [google](#provider\_google) | 4.65.2 |
+| <a name="provider_google.impersonate"></a> [google.impersonate](#provider\_google.impersonate) | 4.65.2 |
+| <a name="provider_terraform"></a> [terraform](#provider\_terraform) | n/a |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_env"></a> [env](#module\_env) | ../../../modules/env_baseline | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [google_project_iam_member.base_network_operations](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource |
+| [google_project_iam_member.prod_logging](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource |
+| [google_project_iam_member.prod_monitoring](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource |
+| [google_project_iam_member.prod_secrets](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource |
+| [google_service_account_access_token.default](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/service_account_access_token) | data source |
+| [terraform_remote_state.bootstrap](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/data-sources/remote_state) | data source |
+| [terraform_remote_state.org](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/data-sources/remote_state) | data source |
 
 ## Inputs
 
-| Name                         | Description                                                                                                                                                                                                                                                                                                          | Type     | Default  | Required |
-|------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|----------|:--------:|
-| billing\_account             | The ID of the billing account to associate this project with                                                                                                                                                                                                                                                         | `string` | n/a      |   yes    |
-| folder\_prefix               | Name prefix to use for folders created. Should be the same in all steps.                                                                                                                                                                                                                                             | `string` | `"fldr"` |    no    |
-| monitoring\_workspace\_users | Google Workspace or Cloud Identity group that have access to Monitoring Workspaces.                                                                                                                                                                                                                                  | `string` | n/a      |   yes    |
-| org\_id                      | The organization id for the associated services                                                                                                                                                                                                                                                                      | `string` | n/a      |   yes    |
-| parent\_folder               | Optional - for an organization with existing projects or for development/validation. It will place all the example foundation resources under the provided folder instead of the root organization. The value is the numeric folder ID. The folder must already exist. Must be the same value used in previous step. | `string` | `""`     |    no    |
-| project\_prefix              | Name prefix to use for projects created. Should be the same in all steps. Max size is 3 characters.                                                                                                                                                                                                                  | `string` | `"prj"`  |    no    |
-| terraform\_service\_account  | Service account email of the account to impersonate to run Terraform.                                                                                                                                                                                                                                                | `string` | n/a      |   yes    |
-
-## Outputs dev 
-
-| Name                                 | Description                              |
-|--------------------------------------|------------------------------------------|
-| base\_shared\_vpc\_project\_id       | Project for base shared VPC.             |
-| env\_folder                          | Environment folder created under parent. |
-| env\_secrets\_project\_id            | Project for environment related secrets. |
-| monitoring\_project\_id              | Project for monitoring infra.            |
-| restricted\_shared\_vpc\_project\_id | Project for restricted shared VPC.       |
-
-<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
-
-#
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_parent_folder"></a> [parent\_folder](#input\_parent\_folder) | Optional - for an organization with existing projects or for development/validation. It will place all the example foundation resources under the provided folder instead of the root organization. The value is the numeric folder ID. The folder must already exist. Must be the same value used in previous step. | `string` | `""` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_base_shared_vpc_project_id"></a> [base\_shared\_vpc\_project\_id](#output\_base\_shared\_vpc\_project\_id) | Project for base shared VPC. |
+| <a name="output_env_folder"></a> [env\_folder](#output\_env\_folder) | Environment folder created under parent. |
+| <a name="output_env_secrets_project_id"></a> [env\_secrets\_project\_id](#output\_env\_secrets\_project\_id) | Project for environment related secrets. |
+| <a name="output_logging_project_id"></a> [logging\_project\_id](#output\_logging\_project\_id) | Project for logging sink. |
+| <a name="output_monitoring_project_id"></a> [monitoring\_project\_id](#output\_monitoring\_project\_id) | Project for monitoring infra. |
+| <a name="output_restricted_shared_vpc_project_id"></a> [restricted\_shared\_vpc\_project\_id](#output\_restricted\_shared\_vpc\_project\_id) | Project for restricted shared VPC. |