From 17fd907b0c42dbff0ddde9e60592edc7955ce5c9 Mon Sep 17 00:00:00 2001
From: Eric Zhao <zhaoe@google.com>
Date: Mon, 5 Oct 2020 17:42:34 +1100
Subject: [PATCH] feat:consumer quota management

---
 main.tf                            | 10 +++++++
 modules/quota_manager/README.md    | 42 ++++++++++++++++++++++++++++++
 modules/quota_manager/main.tf      | 31 ++++++++++++++++++++++
 modules/quota_manager/outputs.tf   | 20 ++++++++++++++
 modules/quota_manager/variables.tf | 31 ++++++++++++++++++++++
 modules/quota_manager/versions.tf  | 23 ++++++++++++++++
 variables.tf                       | 11 ++++++++
 7 files changed, 168 insertions(+)
 create mode 100644 modules/quota_manager/README.md
 create mode 100644 modules/quota_manager/main.tf
 create mode 100644 modules/quota_manager/outputs.tf
 create mode 100644 modules/quota_manager/variables.tf
 create mode 100644 modules/quota_manager/versions.tf

diff --git a/main.tf b/main.tf
index 8f5c6137..1dacf288 100644
--- a/main.tf
+++ b/main.tf
@@ -79,3 +79,13 @@ module "budget" {
   alert_pubsub_topic               = var.budget_alert_pubsub_topic
   monitoring_notification_channels = var.budget_monitoring_notification_channels
 }
+
+/******************************************
+  Quota to override if metrics are set
+ *****************************************/
+module "quotas" {
+  source = "./modules/quota_manager"
+
+  project_id      = module.project-factory.project_id
+  consumer_quotas = var.consumer_quotas
+}
diff --git a/modules/quota_manager/README.md b/modules/quota_manager/README.md
new file mode 100644
index 00000000..3ab8eec4
--- /dev/null
+++ b/modules/quota_manager/README.md
@@ -0,0 +1,42 @@
+# Consumer quota override for a project
+
+This module allows to manage the consumer override of quotas of a [google service usage consumer quota override](https://www.terraform.io/docs/providers/google/r/service_usage_consumer_quota_override.html) tied to a specific `project_id`
+
+## Usage
+
+Basic usage of this module is as follows:
+
+```hcl
+module "project_quota_manager" {
+  source          = "terraform-google-modules/project-factory/google//modules/quota_manager"
+  project         = "my-project-id"
+  consumer_quotas = [
+    {
+        service        = "compute.googleapis.com"
+        metric         = "SimulateMaintenanceEventGroup"
+        limit          = "%2F100s%2Fproject"
+        value = "19"
+    },{
+        metric         = "servicemanagement.googleapis.com%2Fdefault_requests"
+        limit          = "%2Fmin%2Fproject"
+        value = "95"
+    }
+  ]
+}
+```
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| consumer\_quotas | The quotas configuration you want to override to the project. | object | `<list>` | no |
+| project\_id | The GCP project where you want to manage the consumer quotas | string | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| quota\_overrides | The server-generated names of the quota override. |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/modules/quota_manager/main.tf b/modules/quota_manager/main.tf
new file mode 100644
index 00000000..8f888bc1
--- /dev/null
+++ b/modules/quota_manager/main.tf
@@ -0,0 +1,31 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+locals {
+  consumer_quotas = { for index, quota in var.consumer_quotas : index => quota }
+}
+
+resource "google_service_usage_consumer_quota_override" "override" {
+  provider = google-beta
+  for_each = local.consumer_quotas
+
+  project        = var.project_id
+  service        = each.value.service
+  metric         = each.value.metric
+  limit          = each.value.limit
+  override_value = each.value.value
+  force          = true
+}
diff --git a/modules/quota_manager/outputs.tf b/modules/quota_manager/outputs.tf
new file mode 100644
index 00000000..10bc0409
--- /dev/null
+++ b/modules/quota_manager/outputs.tf
@@ -0,0 +1,20 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "quota_overrides" {
+  description = "The server-generated names of the quota override."
+  value       = google_service_usage_consumer_quota_override.override
+}
diff --git a/modules/quota_manager/variables.tf b/modules/quota_manager/variables.tf
new file mode 100644
index 00000000..5bf08620
--- /dev/null
+++ b/modules/quota_manager/variables.tf
@@ -0,0 +1,31 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+  description = "The GCP project where you want to manage the consumer quotas"
+  type        = string
+}
+
+variable "consumer_quotas" {
+  description = "The quotas configuration you want to override to the project."
+  type = list(object({
+    service = string,
+    metric  = string,
+    limit   = string,
+    value   = string,
+  }))
+  default = []
+}
diff --git a/modules/quota_manager/versions.tf b/modules/quota_manager/versions.tf
new file mode 100644
index 00000000..01f7937e
--- /dev/null
+++ b/modules/quota_manager/versions.tf
@@ -0,0 +1,23 @@
+/**
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+terraform {
+  required_version = ">=0.12.6, <0.14"
+
+  required_providers {
+    google-beta = ">= 3.1, < 4.0"
+  }
+}
diff --git a/variables.tf b/variables.tf
index 93f46178..ac83fe5a 100644
--- a/variables.tf
+++ b/variables.tf
@@ -241,3 +241,14 @@ variable "vpc_service_control_perimeter_name" {
   type        = string
   default     = null
 }
+
+variable "consumer_quotas" {
+  description = "The quotas configuration you want to override to the project."
+  type = list(object({
+    service = string,
+    metric  = string,
+    limit   = string,
+    value   = string,
+  }))
+  default = []
+}