Commit 1c41674a authored by Kenny Moore's avatar Kenny Moore
Browse files

Initial Import

parent 70f17dcd
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Crash log files
crash.log
# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
# .tfvars files are managed as part of configuration and so should be included in
# version control.
#
# Never commit the tfvars files
*.tfvars
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Include override files you do wish to add to version control using negated pattern
#
# !example_override.tf
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*
# Don't publish GCP service account creds
vci-dev-tf-admin-a9b805dc141e.json
# Ignore Mac junk
.DS_store
\ No newline at end of file
locals {
folder = {
its = "folders/120222398674"
campus = "folders/1013928641872"
michigan_medicine = "folders/332243639992"
}
}
\ No newline at end of file
resource "random_id" "id" {
byte_length = 2
}
locals{
project_name_string = substr(lower(replace(var.project_name, "/\\s/", "-")), 0, 25)
}
resource "google_project" "gcp_project" {
# name = "${var.projectPrefix}-${var.project_type}${var.worker_id}"
name = "${var.project_name}"
project_id = var.project_id == "" ? "${local.project_name_string}-${random_id.id.hex}" : var.project_id
folder_id = local.folder[var.division]
billing_account = var.billing_id
auto_create_network = false
depends_on = [random_id.id]
}
resource "google_logging_project_sink" "log_export" {
project = "${google_project.gcp_project.project_id}"
name = "${google_project.gcp_project.project_id}-log-export"
destination = "${var.log_export_destination}"
filter = "projects/${google_project.gcp_project.project_id}/logs/cloudaudit.googleapis.com%2Factivity" # Need this
unique_writer_identity = true
# give unique_writer pubsub publisher permission
# depends_on = [google_project.gcp_project]
}
# resource "google_project_service" "bq-api" {
# count = var.project_type != "network" ? 1 : 0
# project = google_project.hipaa_project.project_id
# service = "bigquery-json.googleapis.com"
# # disable_dependent_services = true
# }
# count = var.project_type == "monitor" ? 1 : 0
# logFilterText = "projects/"+projectId+"/logs/cloudaudit.googleapis.com%2Factivity"
# logExportName = projectId +'-log-export'
# pubSubDestination = 'projects/vci-mcloud-service/topics/vci-service-project-logs-export'
# logFilter = 'logName='+ '"' + logFilterText + '"'
\ No newline at end of file
variable "project_name" {
default = ""
}
variable "project_id" {
default = ""
}
variable "division" {
default = ""
}
variable "mcomm_group" {
default = ""
}
variable "billing_id" {
default = ""
}
# variable "billing_contact" {}
variable "security_contact" {
default = ""
}
variable "egress_waiver" {
default = ""
}
variable "redhat_image" {
default = ""
}
variable "log_export_destination" {
# default = "projects/vci-mcloud-service/topics/vci-service-project-logs-export"
default = "pubsub.googleapis.com/projects/vci-mcloud-service/topics/vci-service-project-logs-export"
}
# variable "sensitiveData" {
# dictionary?
# }
# # # Separate Module for VPN/Network? # # #
# variable "vpn" {
# default = false
# }
# variable "network" {
# default = false
# }
variable "requestor"{
default = ""
}
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment