refactor: Use project ID instead of project name (#34)

* refactor(examples/single-account): Use project ID instead of project names

https://registry.terraform.io/providers/hashicorp/google/latest/docs

* refactor: Use project id's  instead of name

Author: Néstor Salceda

examples/organization/README.md

@@ -44,8 +44,8 @@ This example deploys Cloud Connector into a GCP organizational GCP account.
 | <a name="input_create_gcr_topic"></a> [create\_gcr\_topic](#input\_create\_gcr\_topic) | Deploys a PubSub topic called `gcr` as part of this stack, which is needed for GCR scanning. Set to `true` only if it doesn't exist yet. If this is not deployed, and no existing `gcr` topic is found, the GCR scanning is ommited and won't be deployed. For more info see [GCR PubSub topic](https://cloud.google.com/container-registry/docs/configuring-notifications#create_a_topic). | `bool` | `true` | no |
 | <a name="input_location"></a> [location](#input\_location) | Zone where the stack will be deployed | `string` | `"us-central1"` | no |
 | <a name="input_max_instances"></a> [max\_instances](#input\_max\_instances) | Max number of instances for the workloads | `number` | `1` | no |
-| <a name="input_naming_prefix"></a> [naming\_prefix](#input\_naming\_prefix) | Naming prefix for all the resources created | `string` | `"sfc"` | no |
-| <a name="input_org_project_name"></a> [org\_project\_name](#input\_org\_project\_name) | Google cloud project name | `string` | n/a | yes |
+| <a name="input_naming_prefix"></a> [naming\_prefix](#input\_naming\_prefix) | Naming prefix for all the resources created | `string` | `"secure-for-cloud"` | no |
+| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | Project ID | `string` | n/a | yes |
 | <a name="input_sysdig_secure_api_token"></a> [sysdig\_secure\_api\_token](#input\_sysdig\_secure\_api\_token) | Sysdig's Secure API Token | `string` | n/a | yes |
 | <a name="input_sysdig_secure_endpoint"></a> [sysdig\_secure\_endpoint](#input\_sysdig\_secure\_endpoint) | Sysdig Secure API endpoint | `string` | `"https://secure.sysdig.com"` | no |
 

examples/organization/main.tf

@@ -9,12 +9,12 @@ EOT
 }
 
 provider "google" {
-  project = var.org_project_name
+  project = var.project_id
   region  = var.location
 }
 
 data "google_project" "project" {
-  project_id = var.org_project_name
+  project_id = var.project_id
 }
 
 #######################
@@ -51,15 +51,15 @@ module "cloud_connector" {
 #       SCANNING      #
 #######################
 resource "google_service_account" "scanning_sa" {
-  account_id   = "${var.naming_prefix}-cloud-connector"
-  display_name = "Service account for cloud-connector"
+  account_id   = "${var.naming_prefix}-cloud-scanning"
+  display_name = "Service account for cloud-scanning"
 }
 
 
 resource "google_organization_iam_custom_role" "org_gcr_image_puller" {
   org_id = data.google_project.project.org_id
 
-  role_id     = "sysdig_gcr_image_puller"
+  role_id     = "${var.naming_prefix}_gcr_image_puller"
   title       = "Sysdig GCR Image Puller"
   description = "Allows pulling GCR images from all accounts in the organization"
   permissions = ["storage.objects.get", "storage.objects.list"]

examples/organization/variables.tf

@@ -4,9 +4,9 @@ variable "sysdig_secure_api_token" {
   description = "Sysdig's Secure API Token"
 }
 
-variable "org_project_name" {
+variable "project_id" {
   type        = string
-  description = "Google cloud project name"
+  description = "Project ID"
 }
 
 # Vars with defaults
@@ -25,7 +25,7 @@ variable "sysdig_secure_endpoint" {
 variable "naming_prefix" {
   type        = string
   description = "Naming prefix for all the resources created"
-  default     = "sfc"
+  default     = "secure-for-cloud"
 }
 
 variable "max_instances" {

examples/single-project/README.md

@@ -34,7 +34,6 @@ This example deploys Cloud Connector and Cloud Scanning into a GCP account.
 |------|------|
 | [google_service_account.connector_sa](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account) | resource |
 | [google_service_account.scanning_sa](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account) | resource |
-| [google_project.project](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/project) | data source |
 
 ## Inputs
 
@@ -43,7 +42,7 @@ This example deploys Cloud Connector and Cloud Scanning into a GCP account.
 | <a name="input_create_gcr_topic"></a> [create\_gcr\_topic](#input\_create\_gcr\_topic) | Deploys a PubSub topic called `gcr` as part of this stack, which is needed for GCR scanning. Set to `true` if it doesn't exist yet. If this is not deployed, and no existing `gcr` topic is found, the GCR scanning is ommited and won't be deployed. For more info see [GCR PubSub topic](https://cloud.google.com/container-registry/docs/configuring-notifications#create_a_topic). | `bool` | `true` | no |
 | <a name="input_location"></a> [location](#input\_location) | Zone where the stack will be deployed | `string` | `"us-central1"` | no |
 | <a name="input_naming_prefix"></a> [naming\_prefix](#input\_naming\_prefix) | Naming prefix for all the resources created | `string` | `"sfc"` | no |
-| <a name="input_project_name"></a> [project\_name](#input\_project\_name) | Google cloud project name | `string` | n/a | yes |
+| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | Project ID | `string` | n/a | yes |
 | <a name="input_sysdig_secure_api_token"></a> [sysdig\_secure\_api\_token](#input\_sysdig\_secure\_api\_token) | Sysdig's Secure API Token | `string` | n/a | yes |
 | <a name="input_sysdig_secure_endpoint"></a> [sysdig\_secure\_endpoint](#input\_sysdig\_secure\_endpoint) | Sysdig Secure API endpoint | `string` | `"https://secure.sysdig.com"` | no |
 

examples/single-project/main.tf

@@ -4,19 +4,16 @@ locals {
   protoPayload.methodName = "google.cloud.run.v1.Services.CreateService" OR protoPayload.methodName = "google.cloud.run.v1.Services.ReplaceService"
 EOT
   connector_filter = <<EOT
-  logName=~"^projects/${data.google_project.project.project_id}/logs/cloudaudit.googleapis.com" AND -resource.type="k8s_cluster"
+  logName=~"^projects/${var.project_id}/logs/cloudaudit.googleapis.com" AND -resource.type="k8s_cluster"
 EOT
 }
 
-data "google_project" "project" {
-}
-
 
 #######################
 #      CONNECTOR      #
 #######################
 provider "google" {
-  project = var.project_name
+  project = var.project_id
   region  = var.location
 }
 

examples/single-project/variables.tf

@@ -4,9 +4,9 @@ variable "sysdig_secure_api_token" {
   description = "Sysdig's Secure API Token"
 }
 
-variable "project_name" {
+variable "project_id" {
   type        = string
-  description = "Google cloud project name"
+  description = "Project ID"
 }
 
 # Vars with defaults