Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat!: changes net module to be serverless generic #112

Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
Renames net module to serverless, receives the identity email as vari…
…able
  • Loading branch information
amandakarina committed Apr 6, 2023
commit 705f81b830ab921f2cdc0f338c8c4d39c9995885
4 changes: 3 additions & 1 deletion modules/secure-cloud-run/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ module "vpc_project_apis" {
}

module "cloud_run_network" {
source = "../secure-cloud-run-net"
source = "../secure-cloud-serverless-net"

connector_name = var.connector_name
subnet_name = var.subnet_name
Expand All @@ -57,6 +57,8 @@ module "cloud_run_network" {
create_subnet = var.create_subnet
resource_names_suffix = var.resource_names_suffix

serverless_service_identity_email = google_project_service_identity.serverless_sa.email

depends_on = [
module.vpc_project_apis
]
Expand Down
2 changes: 1 addition & 1 deletion modules/secure-cloud-run/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,6 @@ output "cloud_services_sa" {
}

output "run_identity_services_sa" {
value = module.cloud_run_network.run_identity_services_sa
value = google_project_service_identity.serverless_sa.email
description = "Service Identity to run services."
}
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ module "cloud_run_network" {
| location | The location where resources are going to be deployed. | `string` | n/a | yes |
| resource\_names\_suffix | A suffix to concat in the end of the resources names. | `string` | `null` | no |
| serverless\_project\_id | The project where cloud run is going to be deployed. | `string` | n/a | yes |
| serverless\_service\_identity\_email | The Service Identity email for the serverless resource (Cloud Run or Cloud Function). | `string` | n/a | yes |
| shared\_vpc\_name | Shared VPC name which is going to be used to create Serverless Connector. | `string` | n/a | yes |
| subnet\_name | Subnet name to be re-used to create Serverless Connector. | `string` | n/a | yes |
| vpc\_project\_id | The project where shared vpc is. | `string` | n/a | yes |
Expand All @@ -60,7 +61,6 @@ module "cloud_run_network" {
| cloud\_services\_sa | Google APIs service agent. |
| connector\_id | VPC serverless connector ID. |
| gca\_vpcaccess\_sa | Google APIs Service Agent for VPC Access. |
| run\_identity\_services\_sa | Google APIs Service Agent to Cloud Run Service. |
| subnet\_name | The name of the sub-network used to create VPC Connector. |

<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,6 @@ resource "google_project_service_identity" "vpcaccess_identity_sa" {
service = "vpcaccess.googleapis.com"
}

resource "google_project_service_identity" "run_identity_sa" {
provider = google-beta

project = var.serverless_project_id
service = "run.googleapis.com"
}

resource "google_project_iam_member" "gca_sa_vpcaccess" {
count = var.connector_on_host_project ? 0 : 1

Expand All @@ -53,5 +46,5 @@ resource "google_project_iam_member" "run_identity_services" {

project = var.vpc_project_id
role = "roles/vpcaccess.user"
member = "serviceAccount:${google_project_service_identity.run_identity_sa.email}"
member = "serviceAccount:${var.serverless_service_identity_email}"
}
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,6 @@ output "cloud_services_sa" {
description = "Google APIs service agent."
}

output "run_identity_services_sa" {
value = google_project_service_identity.run_identity_sa.email
description = "Google APIs Service Agent to Cloud Run Service."
}

output "subnet_name" {
value = local.subnet_name
description = "The name of the sub-network used to create VPC Connector."
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,11 @@ variable "serverless_project_id" {
type = string
}

variable "serverless_service_identity_email" {
description = "The Service Identity email for the serverless resource (Cloud Run or Cloud Function)."
type = string
}

variable "connector_name" {
description = "The name of the serverless connector which is going to be created."
type = string
Expand Down