Google Cloud Platform project Terraform module

This terraform module provisions a Google Cloud Platform project. It ships the following submodules:

• audit_config
• iam_bindings
• iam_memberships
• metadata
• metadata_ssh_keys
• project
• project_services

Usage

module "gcp_project" {
  source  = "nephosolutions/gcp-project/google"
  version = "~> 6.0.0"

  billing_account = "..."
  default_region  = "europe-west1"
  default_zone    = "europe-west1-b"
  labels          = {}
  org_id          = "..."
  project_name    = "My GCP Project"
}

Requirements

Name	Version
terraform	>= 0.13
google	>= 3.90
random	>= 2.0

Providers

Name	Version
google	4.44.1
random	3.4.3

Modules

Name	Source	Version
audit_config	./modules/audit_config	n/a
iam_memberships	./modules/iam_memberships	n/a
metadata	./modules/metadata	n/a
project	./modules/project	n/a
project_services	./modules/project_services	n/a

Resources

Name	Type
google_project_iam_binding.basic_role	resource
random_id.project_id	resource

Inputs

Name	Description	Type	Default	Required
auto_create_network	Create the 'default' network automatically.	bool	false	no
billing_account	the billing_account to which the project should be attached to	string	n/a	yes
default_zone	The zone within a region used by default to create new resources	string	n/a	yes
disable_dependent_project_services	If true, services that are enabled and which depend on this service should also be disabled when this service is destroyed. If false, an error will be generated if any enabled services depend on this service when destroying it.	bool	true	no
disable_project_services_on_destroy	Disable the service when the terraform resource is destroyed.	bool	true	no
editors	Identities that will be granted the basic role editor on the project	list(string)	[]	no
enable_guest_attributes	Enable setting guest attributes for the project.	bool	false	no
enable_os_config	n/a	bool	false	no
enable_os_inventory	Enables or disables OS inventory for the project.	bool	false	no
enable_os_login	Enables or disables SSH key management on the project.	bool	false	no
enable_os_login_2fa	Enable 2-step verification for OS Login.	bool	false	no
folder_id	The numeric ID of the folder this project should be created under.	string	null	no
iam_audit_config	Map of service APIs which will be enabled for audit logging, with a map of audit log types for which logging is to be configured, with an map of optional attributes including a list of identities that do not cause logging. google_folder_iam_audit_config	map(map(object({ exempted_members = list(string) })))	{}	no
iam_memberships	Updates the IAM policy to grant a role to a list of members.	map(list(string))	{}	no
labels	Map of key vale pairs to set as project labels	map(string)	n/a	yes
org_id	The numeric ID of the organization this project belongs to.	string	n/a	yes
owners	Identities that will be granted the basic role owner on the project	list(string)	[]	no
project_id	A globally unique identifier for the project. Changing this forces a new project to be created.	string	n/a	yes
project_name	The display name of the project.	string	n/a	yes
project_service_identities	List of service identities to create for the project and grant IAM roles.	list(object({ api = string roles = list(string) }))	[]	no
project_services	A list of Google APIs to activate on this project	list(string)	[]	no
random_project_id	Whether to use a random suffix for the project_id. Changing this forces a new project to be created.	bool	true	no
random_project_id_byte_length	The number of random bytes to produce. The minimum value is 1, which produces eight bits of randomness.	number	4	no
skip_delete	If true, the Terraform resource can be deleted without deleting the Project via the Google API.	bool	false	no
ssh_users	A map of user:ssk_key pairs	map(string)	{}	no
viewers	Identities that will be granted the basic role viewer on the project	list(string)	[]	no
vm_dns_setting	Enable zonal DNS and global DNS for the VMs in your project.	string	"ZonalOnly"	no

Outputs

Name	Description
project_id	The Google Cloud Platform project ID