Merge pull request #4 from terraform-google-modules/iot

Cloud IoT module

README.md

@@ -40,6 +40,7 @@ module "pubsub" {
 
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
+| create\_topic | Specify true if you want to create a topic | bool | `"true"` | no |
 | message\_storage\_policy | A map of storage policies. Default - inherit from organization's Resource Location Restriction policy. | map | `<map>` | no |
 | project\_id | The project ID to manage the Pub/Sub resources | string | n/a | yes |
 | pull\_subscriptions | The list of the pull subscriptions | list(map(string)) | `<list>` | no |

examples/cloudiot/README.md

@@ -0,0 +1,35 @@
+# Cloud IoT Example
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| name | The name for the Cloud IoT registry | string | n/a | yes |
+| project\_id | The project ID to manage the Pub/Sub resources | string | n/a | yes |
+| region | The region for the IoT resources | string | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| project\_id | The project ID |
+| region | The region for the IoT resources |
+| registry\_name | The name of the Pub/Sub topic created |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
+## Requirements
+
+The following sections describe the requirements which must be met in
+order to invoke this example. The requirements of the
+[cloudiot module](../../modules/cloudiot) must be met.
+
+## Usage
+
+To provision this example, populate `terraform.tfvars` with the [required variables](#inputs) and run the following commands within
+this directory:
+- `terraform init` to get the plugins
+- `terraform plan` to see the infrastructure plan
+- `terraform apply` to apply the infrastructure build
+- `terraform destroy` to destroy the built infrastructure

examples/cloudiot/main.tf

@@ -0,0 +1,82 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+provider "google" {
+  version = "~> 2.13"
+  region  = var.region
+}
+
+resource "tls_private_key" "private_keys" {
+  count     = 2
+  algorithm = "RSA"
+}
+
+resource "tls_self_signed_cert" "certs" {
+  count           = 2
+  key_algorithm   = "RSA"
+  private_key_pem = tls_private_key.private_keys[count.index].private_key_pem
+  subject {
+    common_name  = "example.com"
+    organization = "ACME Examples, Inc"
+  }
+  validity_period_hours = 12
+  allowed_uses          = []
+}
+
+module "iot" {
+  source             = "../../modules/cloudiot"
+  name               = var.name
+  region             = var.region
+  project_id         = var.project_id
+  mqtt_enabled_state = "MQTT_ENABLED"
+  http_enabled_state = "HTTP_DISABLED"
+  public_key_certificates = [
+    {
+      format      = "X509_CERTIFICATE_PEM"
+      certificate = tls_self_signed_cert.certs[0].cert_pem
+    },
+    {
+      format      = "X509_CERTIFICATE_PEM"
+      certificate = tls_self_signed_cert.certs[1].cert_pem
+    },
+  ]
+  event_notification_config = {
+    topic              = "${var.name}-event-topic"
+    topic_labels       = {}
+    create_topic       = true
+    push_subscriptions = []
+    pull_subscriptions = [
+      {
+        name                 = "${var.name}-event-pull"
+        ack_deadline_seconds = 20
+      }
+    ]
+  }
+  state_notification_config = {
+    topic        = "${var.name}-state-topic"
+    topic_labels = {}
+    create_topic = true
+    push_subscriptions = [
+      {
+        name                 = "${var.name}-state-push"
+        push_endpoint        = "https://${var.project_id}.appspot.com/"
+        x-goog-version       = "v1beta1"
+        ack_deadline_seconds = 20
+      },
+    ]
+    pull_subscriptions = []
+  }
+}

examples/cloudiot/outputs.tf

@@ -0,0 +1,30 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "project_id" {
+  value       = var.project_id
+  description = "The project ID"
+}
+
+output "region" {
+  value       = module.iot.region
+  description = "The region for the IoT resources"
+}
+
+output "registry_name" {
+  value       = module.iot.name
+  description = "The name of the Pub/Sub topic created"
+}

examples/cloudiot/variables.tf

@@ -0,0 +1,30 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+  type        = string
+  description = "The project ID to manage the Pub/Sub resources"
+}
+
+variable "region" {
+  type        = string
+  description = "The region for the IoT resources"
+}
+
+variable "name" {
+  type        = string
+  description = "The name for the Cloud IoT registry"
+}

kitchen.yml

@@ -31,7 +31,11 @@ platforms:
   - name: local
 
 suites:
-  - name: default
+  - name: pubsub
     driver:
       name: terraform
-      root_module_directory: test/fixtures
+      root_module_directory: test/fixtures/pubsub
+  - name: cloudiot
+    driver:
+      name: terraform
+      root_module_directory: test/fixtures/cloudiot

main.tf

@@ -19,6 +19,7 @@ locals {
 }
 
 resource "google_pubsub_topic" "topic" {
+  count   = var.create_topic ? 1 : 0
   project = var.project_id
   name    = var.topic
   labels  = var.topic_labels
@@ -32,9 +33,9 @@ resource "google_pubsub_topic" "topic" {
 }
 
 resource "google_pubsub_subscription" "push_subscriptions" {
-  count   = length(var.push_subscriptions)
+  count   = var.create_topic ? length(var.push_subscriptions) : 0
   name    = var.push_subscriptions[count.index].name
-  topic   = google_pubsub_topic.topic.name
+  topic   = google_pubsub_topic.topic.0.name
   project = var.project_id
   ack_deadline_seconds = lookup(
     var.push_subscriptions[count.index],
@@ -56,9 +57,9 @@ resource "google_pubsub_subscription" "push_subscriptions" {
 }
 
 resource "google_pubsub_subscription" "pull_subscriptions" {
-  count   = length(var.pull_subscriptions)
+  count   = var.create_topic ? length(var.pull_subscriptions) : 0
   name    = var.pull_subscriptions[count.index].name
-  topic   = google_pubsub_topic.topic.name
+  topic   = google_pubsub_topic.topic.0.name
   project = var.project_id
   ack_deadline_seconds = lookup(
     var.pull_subscriptions[count.index],

modules/cloudiot/README.md

@@ -0,0 +1,102 @@
+# terraform-google-pubsub for Cloud IoT
+
+## Overview
+
+In the early stage, this module will simply be implemented by using [existing pubsub module](https://github.com/terraform-google-modules/terraform-google-pubsub) and [one resource](https://www.terraform.io/docs/providers/google/r/cloudiot_registry.html).
+
+This module may not improve drastically efficiency. However, after implementing new resources like [terraform-provider-google#1495](https://github.com/terraform-providers/terraform-provider-google/issues/1495), this module will get more efficient by adopting the new resources.
+
+## Usage
+
+Let's seeing a simple usage of the module. See also a simple setup provided in the example directory.
+
+```hcl
+module "iot" {
+  source     = "terraform-google-modules/pubsub/iot"
+  name       = "sample-iot"
+  region     = "us-central1"
+  project_id = "tf-project"
+
+  mqtt_enabled_state = "MQTT_ENABLED"
+  http_enabled_state = "HTTP_DISABLED"
+
+  public_key_certificates = [
+    {
+      format      = "X509_CERTIFICATE_PEM"
+      certificate = file(var.cert_path)
+    },
+  ]
+
+  event_notification_config = {
+    topic              = "iot-event-topic"
+    topic_labels       = {}
+    create_topic       = true
+    push_subscriptions = []
+    pull_subscriptions = [
+      {
+        name                 = "iot-event-pull"
+        ack_deadline_seconds = 20
+      },
+    ]
+  }
+  state_notification_config = {
+    topic              = "iot-state-topic"
+    topic_labels       = {}
+    create_topic       = true
+    push_subscriptions = []
+    pull_subscriptions = [
+      {
+        name = "iot-state-pull"
+        ack_deadline_seconds = 20
+      },
+    ]
+  }
+}
+```
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| event\_notification\_config | The event notification configuration for the Cloud IoT registry. This contains `topic`, `topic_labels`, `pull_subscriptions` and `push_subscriptions` and `create_topic`. | object | `<map>` | no |
+| http\_enabled\_state | The field allows HTTP_ENABLED or HTTP_DISABLED | string | `"HTTP_DISABLED"` | no |
+| mqtt\_enabled\_state | The field allows MQTT_ENABLED or MQTT_DISABLED | string | `"MQTT_ENABLED"` | no |
+| name | The Cloud IoT registry name | string | n/a | yes |
+| project\_id | The project ID to manage the Cloud IoT resources | string | n/a | yes |
+| public\_key\_certificates | The list for public key certificates | object | `<list>` | no |
+| region | The region to host the registry | string | n/a | yes |
+| state\_notification\_config | The state notification configuration for the Cloud IoT registry. This contains `topic`, `topic_labels`, `pull_subscriptions` and `push_subscriptions` and `create_topic`. | object | `<map>` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| credentials | The credentials for Cloud IoT registry |
+| event\_notification\_subscription\_names | The name list of Pub/Sub subscriptions associated with the registry |
+| event\_notification\_subscription\_paths | The path list of Pub/Sub subscriptions associated with the registry |
+| event\_notification\_topic | The name of the Pub/Sub topic associated with the registry |
+| event\_notification\_topic\_id | The id of the Pub/Sub topic associated with the registry |
+| name | The name of the Cloud IoT registry |
+| region | The region of the Cloud IoT registry |
+| registry | The registry being created by this module |
+| state\_notification\_subscription\_names | The name list of Pub/Sub subscriptions associated with the registry |
+| state\_notification\_subscription\_paths | The path list of Pub/Sub subscriptions associated with the registry |
+| state\_notification\_topic | The name of the Pub/Sub topic associated with the registry |
+| state\_notification\_topic\_id | The id of the Pub/Sub topic associated with the registry |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
+## Requirements
+
+## Enable API
+
+In order to operate with the service account you must activate the following API on the project where the service account was created.
+
+- Cloud IoT API
+
+## Configure a Service Account
+
+In addition to the pubsub module's requirements, the following role should be attached to the service account.
+
+- Cloud IoT Editor