Merge remote-tracking branch 'origin/master' into fast-dev
This commit is contained in:
Ludovico Magnocavallo
51
.gitignore
vendored
51
.gitignore
vendored
@@ -1,16 +1,16 @@
|
||||
venv/*
|
||||
*/venv/*
|
||||
**/.python-version
|
||||
**/.terraform
|
||||
**/terraform.tfstate*
|
||||
**/terraform.tfvars
|
||||
**/*.auto.tfvars
|
||||
**/.terraform.tfstate.lock.info
|
||||
**/.terraform.lock.hcl
|
||||
.python-version
|
||||
.terraform
|
||||
terraform.tfstate*
|
||||
terraform.tfvars
|
||||
*.auto.tfvars
|
||||
.terraform.tfstate.lock.info
|
||||
.terraform.lock.hcl
|
||||
!tests/**/terraform.tfvars
|
||||
**/__pycache__
|
||||
**/.pytest_cache
|
||||
**/.test.lock
|
||||
__pycache__
|
||||
.pytest_cache
|
||||
.test.lock
|
||||
.idea
|
||||
.idx/dev.nix
|
||||
backend.tf
|
||||
@@ -20,8 +20,6 @@ key.json
|
||||
terraform-ls.tf
|
||||
bundle.zip
|
||||
.DS_Store
|
||||
**/packer_cache
|
||||
**/*.pkrvars.hcl
|
||||
fixture_*
|
||||
fast/configs
|
||||
fast/**/[0-9]*providers.tf
|
||||
@@ -29,35 +27,8 @@ fast/**/terraform.tfvars
|
||||
fast/**/terraform.tfvars.json
|
||||
fast/**/terraform-*.auto.tfvars.json
|
||||
fast/**/[0-9]*.auto.tfvars*
|
||||
**/node_modules
|
||||
node_modules
|
||||
fast/**/globals.auto.tfvars.json
|
||||
cloud_sql_proxy
|
||||
examples/cloud-operations/binauthz/tenant-setup.yaml
|
||||
examples/cloud-operations/binauthz/app/app.yaml
|
||||
env/
|
||||
examples/cloud-operations/adfs/ansible/vars/vars.yaml
|
||||
examples/cloud-operations/adfs/ansible/gssh.sh
|
||||
examples/cloud-operations/multi-cluster-mesh-gke-fleet-api/ansible/vars.yaml
|
||||
examples/cloud-operations/multi-cluster-mesh-gke-fleet-api/ansible/gssh.sh
|
||||
blueprints/cloud-operations/network-quota-monitoring/cloud-function.zip
|
||||
blueprints/apigee/bigquery-analytics/bundle-export.zip
|
||||
blueprints/apigee/bigquery-analytics/bundle-gcs2bq.zip
|
||||
blueprints/apigee/bigquery-analytics/apiproxy.zip
|
||||
blueprints/apigee/bigquery-analytics/create-datastore.sh
|
||||
blueprints/apigee/bigquery-analytics/deploy-apiproxy.sh
|
||||
blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/bundle/apiproxy/targets/default.xml
|
||||
blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/bundle.zip
|
||||
blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/deploy-apiproxy.sh
|
||||
blueprints/apigee/hybrid-gke/apiproxy.zip
|
||||
blueprints/apigee/hybrid-gke/deploy-apiproxy.sh
|
||||
blueprints/apigee/hybrid-gke/ansible/gssh.sh
|
||||
blueprints/apigee/hybrid-gke/ansible/vars/vars.yaml
|
||||
blueprints/gke/autopilot/ansible/gssh.sh
|
||||
blueprints/gke/autopilot/ansible/vars/vars.yaml
|
||||
blueprints/gke/autopilot/bundle/monitoring/kustomization.yaml
|
||||
blueprints/gke/autopilot/bundle/locust/kustomization.yaml
|
||||
blueprints/gke/autopilot/bundle.tar.gz
|
||||
blueprints/gke/patterns/batch/job-*.yaml
|
||||
modules/apigee/recipe-apigee-swp/bundle.zip
|
||||
modules/apigee/recipe-apigee-swp/deploy-apiproxy.sh
|
||||
|
||||
|
||||
@@ -32,7 +32,7 @@ Currently available modules:
|
||||
- **process factories** - [project factory](./modules/project-factory/README.md)
|
||||
- **networking** - [DNS](./modules/dns), [DNS Response Policy](./modules/dns-response-policy/), [Cloud Endpoints](./modules/endpoints), [address reservation](./modules/net-address), [NAT](./modules/net-cloudnat), [VLAN Attachment](./modules/net-vlan-attachment/), [External Application LB](./modules/net-lb-app-ext/), [External Passthrough Network LB](./modules/net-lb-ext), [External Regional Application Load Balancer](./modules/net-lb-app-ext-regional/), [Firewall policy](./modules/net-firewall-policy), [Internal Application LB](./modules/net-lb-app-int), [Cross-region Internal Application LB](./modules/net-lb-app-int-cross-region), [Internal Passthrough Network LB](./modules/net-lb-int), [Internal Proxy Network LB](./modules/net-lb-proxy-int), [IPSec over Interconnect](./modules/net-ipsec-over-interconnect), [VPC](./modules/net-vpc), [VPC factory](./modules/net-vpc-factory/README.md), [VPC firewall](./modules/net-vpc-firewall), [VPC peering](./modules/net-vpc-peering), [VPN dynamic](./modules/net-vpn-dynamic), [HA VPN](./modules/net-vpn-ha), [VPN static](./modules/net-vpn-static), [Service Directory](./modules/service-directory), [Secure Web Proxy](./modules/net-swp)
|
||||
- **compute** - [VM/VM group](./modules/compute-vm), [MIG](./modules/compute-mig), [COS container](./modules/cloud-config-container/cos-generic-metadata/) (coredns, mysql, onprem, squid), [GKE cluster](./modules/gke-cluster-standard), [GKE hub](./modules/gke-hub), [GKE nodepool](./modules/gke-nodepool), [GCVE private cloud](./modules/gcve-private-cloud)
|
||||
- **data** - [AlloyDB instance](./modules/alloydb), [Analytics Hub](./modules/analytics-hub), [BigQuery dataset](./modules/bigquery-dataset), [Biglake Catalog](./modules/biglake-catalog), [Bigtable instance](./modules/bigtable-instance), [Dataplex](./modules/dataplex), [Dataplex Aspect Types](./modules/dataplex-aspect-types/), [Dataplex DataScan](./modules/dataplex-datascan), [Cloud SQL instance](./modules/cloudsql-instance), [Spanner instance](./modules/spanner-instance), [Firestore](./modules/firestore), [Data Catalog Policy Tag](./modules/data-catalog-policy-tag), [Data Catalog Tag](./modules/data-catalog-tag), [Data Catalog Tag Template](./modules/data-catalog-tag-template), [Datafusion](./modules/datafusion), [Dataproc](./modules/dataproc), [GCS](./modules/gcs), [Pub/Sub](./modules/pubsub), [Dataform Repository](./modules/dataform-repository/), [Looker Core](./modules/looker-core)
|
||||
- **data** - [AlloyDB instance](./modules/alloydb), [Analytics Hub](./modules/analytics-hub), [BigQuery connection](./modules/bigquery-connection), [BigQuery dataset](./modules/bigquery-dataset), [Biglake Catalog](./modules/biglake-catalog), [Bigtable instance](./modules/bigtable-instance), [Dataplex](./modules/dataplex), [Dataplex Aspect Types](./modules/dataplex-aspect-types/), [Dataplex DataScan](./modules/dataplex-datascan), [Cloud SQL instance](./modules/cloudsql-instance), [Spanner instance](./modules/spanner-instance), [Firestore](./modules/firestore), [Data Catalog Policy Tag](./modules/data-catalog-policy-tag), [Data Catalog Tag](./modules/data-catalog-tag), [Data Catalog Tag Template](./modules/data-catalog-tag-template), [Datafusion](./modules/datafusion), [Dataproc](./modules/dataproc), [GCS](./modules/gcs), [Pub/Sub](./modules/pubsub), [Dataform Repository](./modules/dataform-repository/), [Looker Core](./modules/looker-core)
|
||||
- **AI** - [AI Applications](./modules/ai-applications/README.md)
|
||||
- **development** - [API Gateway](./modules/api-gateway), [Apigee](./modules/apigee), [Artifact Registry](./modules/artifact-registry), [Cloud Build V2 Connection](./modules/cloud-build-v2-connection), [Container Registry](./modules/container-registry), [Cloud Source Repository](./modules/source-repository), [Cloud Deploy](./modules/cloud-deploy), [Secure Source Manager instance](./modules/secure-source-manager-instance), [Workstation cluster](./modules/workstation-cluster)
|
||||
- **security** - [Binauthz](./modules/binauthz/), [Certificate Authority Service (CAS)](./modules/certificate-authority-service), [KMS](./modules/kms), [SecretManager](./modules/secret-manager), [VPC Service Control](./modules/vpc-sc), [Certificate Manager](./modules/certificate-manager/)
|
||||
|
||||
@@ -82,6 +82,7 @@ These modules are used in the examples included in this repository. If you are u
|
||||
|
||||
- [AlloyDB](./alloydb)
|
||||
- [Analytics Hub](./analytics-hub)
|
||||
- [BigQuery connectio](./bigquery-connection)
|
||||
- [BigQuery dataset](./bigquery-dataset)
|
||||
- [Bigtable instance](./bigtable-instance)
|
||||
- [Biglake catalog](./biglake-catalog)
|
||||
|
||||
152
modules/bigquery-connection/README.md
Normal file
152
modules/bigquery-connection/README.md
Normal file
@@ -0,0 +1,152 @@
|
||||
# BigQuery Connection
|
||||
|
||||
This module allows creating a BigQuery connection.
|
||||
|
||||
<!-- BEGIN TOC -->
|
||||
- [Cloud SQL Connection](#cloud-sql-connection)
|
||||
- [Cloud SQL Connection with Cloud KMS](#cloud-sql-connection-with-cloud-kms)
|
||||
- [Spanner Connection](#spanner-connection)
|
||||
- [Spanner Connection with Context interpolations](#spanner-connection-with-context-interpolations)
|
||||
- [Variables](#variables)
|
||||
- [Outputs](#outputs)
|
||||
<!-- END TOC -->
|
||||
|
||||
## Cloud SQL Connection
|
||||
|
||||
```hcl
|
||||
module "bigquery-connection" {
|
||||
source = "./fabric/modules/bigquery-connection"
|
||||
project_id = var.project_id
|
||||
location = "EU"
|
||||
connection_id = "my-connection"
|
||||
friendly_name = "My Cloud SQL Connection"
|
||||
description = "A connection to a Cloud SQL instance."
|
||||
|
||||
connection_config = {
|
||||
cloud_sql = {
|
||||
instance_id = "my-instance-id"
|
||||
database = "my-database"
|
||||
type = "POSTGRES"
|
||||
credential = {
|
||||
username = "my-username"
|
||||
password = "my-password"
|
||||
}
|
||||
}
|
||||
}
|
||||
iam = {
|
||||
"roles/bigquery.connectionUser" = ["user:my-user@example.com"]
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2 inventory=cloudsql.yaml
|
||||
```
|
||||
|
||||
## Cloud SQL Connection with Cloud KMS
|
||||
|
||||
```hcl
|
||||
module "bigquery-connection" {
|
||||
source = "./fabric/modules/bigquery-connection"
|
||||
project_id = var.project_id
|
||||
location = "EU"
|
||||
connection_id = "my-connection"
|
||||
friendly_name = "My BigQuery Connection"
|
||||
description = "A connection to a Cloud SQL instance."
|
||||
encryption_key = "my-key"
|
||||
|
||||
connection_config = {
|
||||
cloud_sql = {
|
||||
instance_id = "my-instance-id"
|
||||
database = "my-database"
|
||||
type = "POSTGRES"
|
||||
credential = {
|
||||
username = "my-username"
|
||||
password = "my-password"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=1 inventory=cloudsql_kms.yaml
|
||||
```
|
||||
|
||||
## Spanner Connection
|
||||
|
||||
```hcl
|
||||
module "bigquery-connection" {
|
||||
source = "./fabric/modules/bigquery-connection"
|
||||
project_id = var.project_id
|
||||
location = "EU"
|
||||
connection_id = "my-connection"
|
||||
friendly_name = "My BigQuery Connection"
|
||||
description = "A connection to a Spanner instance."
|
||||
|
||||
connection_config = {
|
||||
cloud_spanner = {
|
||||
database = "projects/my-project/instances/my-instance/databases/my-database"
|
||||
use_parallelism = true
|
||||
use_data_boost = true
|
||||
max_parallelism = 2
|
||||
}
|
||||
}
|
||||
iam = {
|
||||
"roles/bigquery.connectionUser" = ["user:my-user@example.com"]
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2 inventory=spanner.yaml
|
||||
```
|
||||
|
||||
## Spanner Connection with Context interpolations
|
||||
|
||||
```hcl
|
||||
module "bigquery-connection" {
|
||||
source = "./fabric/modules/bigquery-connection"
|
||||
project_id = var.project_id
|
||||
location = "EU"
|
||||
connection_id = "my-connection"
|
||||
friendly_name = "My BigQuery Connection"
|
||||
description = "A connection to a Spanner instance."
|
||||
|
||||
connection_config = {
|
||||
cloud_spanner = {
|
||||
database = "projects/my-project/instances/my-instance/databases/my-database"
|
||||
use_parallelism = true
|
||||
use_data_boost = true
|
||||
max_parallelism = 2
|
||||
}
|
||||
}
|
||||
context = {
|
||||
iam_principals = {
|
||||
myuser = "user:my-user@example.com"
|
||||
}
|
||||
}
|
||||
iam = {
|
||||
"roles/bigquery.connectionUser" = ["$iam_principals:myuser"]
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=2 inventory=spanner_context.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
## Variables
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [connection_id](variables.tf#L59) | The ID of the connection. | <code>string</code> | ✓ | |
|
||||
| [location](variables.tf#L132) | The geographic location where the connection should reside. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L137) | The ID of the project in which the resource belongs. | <code>string</code> | ✓ | |
|
||||
| [connection_config](variables.tf#L17) | Connection properties. | <code title="object({ cloud_sql = optional(object({ instance_id = string database = string type = string credential = object({ username = string password = string }) })) aws = optional(object({ access_role = object({ iam_role_id = string }) })) azure = optional(object({ customer_tenant_id = string federated_application_client_id = optional(string) })) cloud_spanner = optional(object({ database = string use_parallelism = optional(bool) use_data_boost = optional(bool) max_parallelism = optional(number) database_role = optional(string) })) cloud_resource = optional(object({ })) spark = optional(object({ metastore_service_config = optional(object({ metastore_service = string })) spark_history_server_config = optional(object({ dataproc_cluster = string })) })) })">object({…})</code> | | <code>{}</code> |
|
||||
| [context](variables.tf#L64) | Context-specific interpolations. | <code title="object({ iam_principals = optional(map(string), {}) })">object({…})</code> | | <code>{}</code> |
|
||||
| [description](variables.tf#L73) | A description of the connection. | <code>string</code> | | <code>null</code> |
|
||||
| [encryption_key](variables.tf#L79) | The name of the KMS key used for encryption. | <code>string</code> | | <code>null</code> |
|
||||
| [friendly_name](variables.tf#L85) | A descriptive name for the connection. | <code>string</code> | | <code>null</code> |
|
||||
| [iam](variables.tf#L91) | IAM bindings for the connection in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [iam_bindings](variables.tf#L97) | Authoritative IAM bindings in {KEY => {role = ROLE, members = [], condition = {}}}. Keys are arbitrary. | <code title="map(object({ members = list(string) role = string condition = optional(object({ expression = string title = string description = optional(string) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [iam_bindings_additive](variables.tf#L111) | Individual additive IAM bindings. Keys are arbitrary. | <code title="map(object({ member = string role = string condition = optional(object({ expression = string title = string description = optional(string) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [iam_by_principals](variables.tf#L125) | Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
| name | description | sensitive |
|
||||
|---|---|:---:|
|
||||
| [connection_config](outputs.tf#L17) | The connection configuration. | |
|
||||
| [connection_id](outputs.tf#L29) | The ID of the BigQuery connection. | |
|
||||
| [description](outputs.tf#L34) | The description of the connection. | |
|
||||
| [location](outputs.tf#L39) | The location of the connection. | |
|
||||
<!-- END TFDOC -->
|
||||
77
modules/bigquery-connection/iam.tf
Normal file
77
modules/bigquery-connection/iam.tf
Normal file
@@ -0,0 +1,77 @@
|
||||
/**
|
||||
* Copyright 2025 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
locals {
|
||||
_iam_principal_roles = distinct(flatten(values(var.iam_by_principals)))
|
||||
_iam_principals = {
|
||||
for r in local._iam_principal_roles : r => [
|
||||
for k, v in var.iam_by_principals :
|
||||
k if try(index(v, r), null) != null
|
||||
]
|
||||
}
|
||||
iam = {
|
||||
for role in distinct(concat(keys(var.iam), keys(local._iam_principals))) :
|
||||
role => concat(
|
||||
try(var.iam[role], []),
|
||||
try([for v in local._iam_principals[role] : lookup(local.ctx.iam_principals, v, v)], [])
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_bigquery_connection_iam_binding" "authoritative" {
|
||||
for_each = local.iam
|
||||
project = google_bigquery_connection.connection.project
|
||||
location = google_bigquery_connection.connection.location
|
||||
connection_id = google_bigquery_connection.connection.connection_id
|
||||
role = each.key
|
||||
members = [
|
||||
for v in each.value : lookup(local.ctx.iam_principals, v, v)
|
||||
]
|
||||
}
|
||||
|
||||
resource "google_bigquery_connection_iam_binding" "bindings" {
|
||||
for_each = var.iam_bindings
|
||||
project = google_bigquery_connection.connection.project
|
||||
location = google_bigquery_connection.connection.location
|
||||
connection_id = google_bigquery_connection.connection.connection_id
|
||||
role = each.value.role
|
||||
members = lookup(local.ctx.iam_principals, each.value.member, each.value.member)
|
||||
dynamic "condition" {
|
||||
for_each = each.value.condition == null ? [] : [""]
|
||||
content {
|
||||
expression = each.value.condition.expression
|
||||
title = each.value.condition.title
|
||||
description = each.value.condition.description
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_bigquery_connection_iam_member" "bindings" {
|
||||
for_each = var.iam_bindings_additive
|
||||
project = google_bigquery_connection.connection.project
|
||||
location = google_bigquery_connection.connection.location
|
||||
connection_id = google_bigquery_connection.connection.connection_id
|
||||
role = each.value.role
|
||||
member = lookup(local.ctx.iam_principals, each.value.member, each.value.member)
|
||||
dynamic "condition" {
|
||||
for_each = each.value.condition == null ? [] : [""]
|
||||
content {
|
||||
expression = each.value.condition.expression
|
||||
title = each.value.condition.title
|
||||
description = each.value.condition.description
|
||||
}
|
||||
}
|
||||
}
|
||||
97
modules/bigquery-connection/main.tf
Normal file
97
modules/bigquery-connection/main.tf
Normal file
@@ -0,0 +1,97 @@
|
||||
/**
|
||||
* Copyright 2025 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
locals {
|
||||
ctx = {
|
||||
for k, v in var.context : k => {
|
||||
for kk, vv in v : "${local.ctx_p}${k}:${kk}" => vv
|
||||
} if k != "condition_vars"
|
||||
}
|
||||
ctx_p = "$"
|
||||
}
|
||||
|
||||
resource "google_bigquery_connection" "connection" {
|
||||
project = var.project_id
|
||||
location = var.location
|
||||
connection_id = var.connection_id
|
||||
friendly_name = var.friendly_name
|
||||
description = var.description
|
||||
kms_key_name = var.encryption_key
|
||||
|
||||
dynamic "cloud_sql" {
|
||||
for_each = var.connection_config.cloud_sql == null ? [] : [var.connection_config.cloud_sql]
|
||||
content {
|
||||
instance_id = cloud_sql.value.instance_id
|
||||
database = cloud_sql.value.database
|
||||
type = cloud_sql.value.type
|
||||
credential {
|
||||
username = cloud_sql.value.credential.username
|
||||
password = cloud_sql.value.credential.password
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
dynamic "aws" {
|
||||
for_each = var.connection_config.aws == null ? [] : [var.connection_config.aws]
|
||||
content {
|
||||
access_role {
|
||||
iam_role_id = aws.value.access_role.iam_role_id
|
||||
identity = aws.value.access_role.identity
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
dynamic "azure" {
|
||||
for_each = var.connection_config.azure == null ? [] : [var.connection_config.azure]
|
||||
content {
|
||||
application = azure.value.application
|
||||
client_id = azure.value.client_id
|
||||
object_id = azure.value.object_id
|
||||
customer_tenant_id = azure.value.customer_tenant_id
|
||||
federated_application_client_id = azure.value.federated_application_client_id
|
||||
redirect_uri = azure.value.redirect_uri
|
||||
identity = azure.value.identity
|
||||
}
|
||||
}
|
||||
|
||||
dynamic "cloud_spanner" {
|
||||
for_each = var.connection_config.cloud_spanner == null ? [] : [var.connection_config.cloud_spanner]
|
||||
content {
|
||||
database = cloud_spanner.value.database
|
||||
use_parallelism = cloud_spanner.value.use_parallelism
|
||||
use_data_boost = cloud_spanner.value.use_data_boost
|
||||
max_parallelism = cloud_spanner.value.max_parallelism
|
||||
database_role = cloud_spanner.value.database_role
|
||||
}
|
||||
}
|
||||
|
||||
dynamic "cloud_resource" {
|
||||
for_each = var.connection_config.cloud_resource == null ? [] : [var.connection_config.cloud_resource]
|
||||
content {}
|
||||
}
|
||||
|
||||
dynamic "spark" {
|
||||
for_each = var.connection_config.spark == null ? [] : [var.connection_config.spark]
|
||||
content {
|
||||
metastore_service_config {
|
||||
metastore_service = spark.value.metastore_service_config.metastore_service
|
||||
}
|
||||
spark_history_server_config {
|
||||
dataproc_cluster = spark.value.spark_history_server_config.dataproc_cluster
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
42
modules/bigquery-connection/outputs.tf
Normal file
42
modules/bigquery-connection/outputs.tf
Normal file
@@ -0,0 +1,42 @@
|
||||
/**
|
||||
* Copyright 2025 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
output "connection_config" {
|
||||
description = "The connection configuration."
|
||||
value = {
|
||||
aws = one(google_bigquery_connection.connection.aws)
|
||||
azure = one(google_bigquery_connection.connection.azure)
|
||||
cloud_resource = one(google_bigquery_connection.connection.cloud_resource)
|
||||
cloud_spanner = one(google_bigquery_connection.connection.cloud_spanner)
|
||||
cloud_sql = one(google_bigquery_connection.connection.cloud_sql)
|
||||
spark = one(google_bigquery_connection.connection.spark)
|
||||
}
|
||||
}
|
||||
|
||||
output "connection_id" {
|
||||
description = "The ID of the BigQuery connection."
|
||||
value = google_bigquery_connection.connection.connection_id
|
||||
}
|
||||
|
||||
output "description" {
|
||||
description = "The description of the connection."
|
||||
value = google_bigquery_connection.connection.description
|
||||
}
|
||||
|
||||
output "location" {
|
||||
description = "The location of the connection."
|
||||
value = google_bigquery_connection.connection.location
|
||||
}
|
||||
140
modules/bigquery-connection/variables.tf
Normal file
140
modules/bigquery-connection/variables.tf
Normal file
@@ -0,0 +1,140 @@
|
||||
/**
|
||||
* Copyright 2025 Google LLC
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
variable "connection_config" {
|
||||
description = "Connection properties."
|
||||
type = object({
|
||||
cloud_sql = optional(object({
|
||||
instance_id = string
|
||||
database = string
|
||||
type = string
|
||||
credential = object({
|
||||
username = string
|
||||
password = string
|
||||
})
|
||||
}))
|
||||
aws = optional(object({
|
||||
access_role = object({
|
||||
iam_role_id = string
|
||||
})
|
||||
}))
|
||||
azure = optional(object({
|
||||
customer_tenant_id = string
|
||||
federated_application_client_id = optional(string)
|
||||
}))
|
||||
cloud_spanner = optional(object({
|
||||
database = string
|
||||
use_parallelism = optional(bool)
|
||||
use_data_boost = optional(bool)
|
||||
max_parallelism = optional(number)
|
||||
database_role = optional(string)
|
||||
}))
|
||||
cloud_resource = optional(object({
|
||||
}))
|
||||
spark = optional(object({
|
||||
metastore_service_config = optional(object({
|
||||
metastore_service = string
|
||||
}))
|
||||
spark_history_server_config = optional(object({
|
||||
dataproc_cluster = string
|
||||
}))
|
||||
}))
|
||||
})
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "connection_id" {
|
||||
description = "The ID of the connection."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "context" {
|
||||
description = "Context-specific interpolations."
|
||||
type = object({
|
||||
iam_principals = optional(map(string), {})
|
||||
})
|
||||
default = {}
|
||||
nullable = false
|
||||
}
|
||||
|
||||
variable "description" {
|
||||
description = "A description of the connection."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "encryption_key" {
|
||||
description = "The name of the KMS key used for encryption."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "friendly_name" {
|
||||
description = "A descriptive name for the connection."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "iam" {
|
||||
description = "IAM bindings for the connection in {ROLE => [MEMBERS]} format."
|
||||
type = map(list(string))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "iam_bindings" {
|
||||
description = "Authoritative IAM bindings in {KEY => {role = ROLE, members = [], condition = {}}}. Keys are arbitrary."
|
||||
type = map(object({
|
||||
members = list(string)
|
||||
role = string
|
||||
condition = optional(object({
|
||||
expression = string
|
||||
title = string
|
||||
description = optional(string)
|
||||
}))
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "iam_bindings_additive" {
|
||||
description = "Individual additive IAM bindings. Keys are arbitrary."
|
||||
type = map(object({
|
||||
member = string
|
||||
role = string
|
||||
condition = optional(object({
|
||||
expression = string
|
||||
title = string
|
||||
description = optional(string)
|
||||
}))
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "iam_by_principals" {
|
||||
description = "Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable."
|
||||
type = map(list(string))
|
||||
default = {}
|
||||
nullable = false
|
||||
}
|
||||
|
||||
variable "location" {
|
||||
description = "The geographic location where the connection should reside."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "project_id" {
|
||||
description = "The ID of the project in which the resource belongs."
|
||||
type = string
|
||||
}
|
||||
35
modules/bigquery-connection/versions.tf
generated
Normal file
35
modules/bigquery-connection/versions.tf
generated
Normal file
@@ -0,0 +1,35 @@
|
||||
# Copyright 2025 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# Fabric release: v45.0.0
|
||||
|
||||
terraform {
|
||||
required_version = ">= 1.12.2"
|
||||
required_providers {
|
||||
google = {
|
||||
source = "hashicorp/google"
|
||||
version = ">= 7.0.1, < 8.0.0" # tftest
|
||||
}
|
||||
google-beta = {
|
||||
source = "hashicorp/google-beta"
|
||||
version = ">= 7.0.1, < 8.0.0" # tftest
|
||||
}
|
||||
}
|
||||
provider_meta "google" {
|
||||
module_name = "google-pso-tool/cloud-foundation-fabric/modules/bigquery-connection:v45.0.0-tf"
|
||||
}
|
||||
provider_meta "google-beta" {
|
||||
module_name = "google-pso-tool/cloud-foundation-fabric/modules/bigquery-connection:v45.0.0-tf"
|
||||
}
|
||||
}
|
||||
35
modules/bigquery-connection/versions.tofu
generated
Normal file
35
modules/bigquery-connection/versions.tofu
generated
Normal file
@@ -0,0 +1,35 @@
|
||||
# Copyright 2025 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# Fabric release: v45.0.0
|
||||
|
||||
terraform {
|
||||
required_version = ">= 1.10.0"
|
||||
required_providers {
|
||||
google = {
|
||||
source = "hashicorp/google"
|
||||
version = ">= 7.0.1, < 8.0.0" # tftest
|
||||
}
|
||||
google-beta = {
|
||||
source = "hashicorp/google-beta"
|
||||
version = ">= 7.0.1, < 8.0.0" # tftest
|
||||
}
|
||||
}
|
||||
provider_meta "google" {
|
||||
module_name = "google-pso-tool/cloud-foundation-fabric/modules/bigquery-connection:v45.0.0-tofu"
|
||||
}
|
||||
provider_meta "google-beta" {
|
||||
module_name = "google-pso-tool/cloud-foundation-fabric/modules/bigquery-connection:v45.0.0-tofu"
|
||||
}
|
||||
}
|
||||
@@ -370,10 +370,10 @@ module "bigquery-dataset" {
|
||||
| [location](variables.tf#L122) | Dataset location. | <code>string</code> | | <code>"EU"</code> |
|
||||
| [materialized_views](variables.tf#L128) | Materialized views definitions. | <code title="map(object({ query = string allow_non_incremental_definition = optional(bool) deletion_protection = optional(bool) description = optional(string, "Terraform managed.") enable_refresh = optional(bool) friendly_name = optional(string) labels = optional(map(string), {}) refresh_interval_ms = optional(bool) require_partition_filter = optional(bool) options = optional(object({ clustering = optional(list(string)) expiration_time = optional(number) }), {}) partitioning = optional(object({ field = optional(string) range = optional(object({ end = number interval = number start = number })) time = optional(object({ type = string expiration_ms = optional(number) field = optional(string) })) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [options](variables.tf#L161) | Dataset options. | <code title="object({ default_collation = optional(string) default_table_expiration_ms = optional(number) default_partition_expiration_ms = optional(number) delete_contents_on_destroy = optional(bool, false) is_case_insensitive = optional(bool) max_time_travel_hours = optional(number, 168) storage_billing_model = optional(string) })">object({…})</code> | | <code>{}</code> |
|
||||
| [routines](variables.tf#L180) | Routine definitions. | <code title="map(object({ description = optional(string) routine_type = string language = optional(string) definition_body = string imported_libraries = optional(list(string)) determinism_level = optional(string) data_governance_type = optional(string) return_table_type = optional(string) arguments = optional(map(object({ argument_kind = optional(string) mode = optional(string) data_type = optional(string) })), {}) spark_options = optional(object({ archive_uris = optional(list(string), []) connection = string container_image = optional(string) file_uris = optional(list(string), []) jar_uris = optional(list(string), []) main_file_uri = optional(string) main_class = optional(string) properties = optional(map(string), {}) py_file_uris = optional(list(string), []) runtime_version = optional(string) })) remote_function_options = optional(object({ connection = string endpoint = optional(string) max_batching_rows = optional(string) user_defined_context = optional(map(string), {}) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [tables](variables.tf#L218) | Table definitions. Options and partitioning default to null. Partitioning can only use `range` or `time`, set the unused one to null. | <code title="map(object({ deletion_protection = optional(bool) description = optional(string, "Terraform managed.") friendly_name = optional(string) labels = optional(map(string), {}) require_partition_filter = optional(bool) schema = optional(string) external_data_configuration = optional(object({ autodetect = bool source_uris = list(string) avro_logical_types = optional(bool) compression = optional(string) connection_id = optional(string) file_set_spec_type = optional(string) ignore_unknown_values = optional(bool) metadata_cache_mode = optional(string) object_metadata = optional(string) json_options_encoding = optional(string) reference_file_schema_uri = optional(string) schema = optional(string) source_format = optional(string) max_bad_records = optional(number) csv_options = optional(object({ quote = string allow_jagged_rows = optional(bool) allow_quoted_newlines = optional(bool) encoding = optional(string) field_delimiter = optional(string) skip_leading_rows = optional(number) })) google_sheets_options = optional(object({ range = optional(string) skip_leading_rows = optional(number) })) hive_partitioning_options = optional(object({ mode = optional(string) require_partition_filter = optional(bool) source_uri_prefix = optional(string) })) parquet_options = optional(object({ enum_as_string = optional(bool) enable_list_inference = optional(bool) })) })) options = optional(object({ clustering = optional(list(string)) encryption_key = optional(string) expiration_time = optional(number) max_staleness = optional(string) }), {}) partitioning = optional(object({ field = optional(string) range = optional(object({ end = number interval = number start = number })) time = optional(object({ type = string expiration_ms = optional(number) field = optional(string) })) })) table_constraints = optional(object({ primary_key_columns = optional(list(string)) foreign_keys = optional(object({ referenced_table = object({ project_id = string dataset_id = string table_id = string }) column_references = object({ referencing_column = string referenced_column = string }) name = optional(string) })) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [tag_bindings](variables.tf#L303) | Tag bindings for this dataset, in key => tag value id format. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [views](variables.tf#L310) | View definitions. | <code title="map(object({ query = string deletion_protection = optional(bool) description = optional(string, "Terraform managed.") friendly_name = optional(string) labels = optional(map(string), {}) use_legacy_sql = optional(bool) schema = optional(list(object({ name = string type = string description = string mode = optional(string) }))) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [routines](variables.tf#L180) | Routine definitions. | <code title="map(object({ description = optional(string) routine_type = string language = optional(string) definition_body = string imported_libraries = optional(list(string)) determinism_level = optional(string) data_governance_type = optional(string) return_type = optional(string) return_table_type = optional(string) arguments = optional(map(object({ argument_kind = optional(string) mode = optional(string) data_type = optional(string) })), {}) spark_options = optional(object({ archive_uris = optional(list(string), []) connection = string container_image = optional(string) file_uris = optional(list(string), []) jar_uris = optional(list(string), []) main_file_uri = optional(string) main_class = optional(string) properties = optional(map(string), {}) py_file_uris = optional(list(string), []) runtime_version = optional(string) })) remote_function_options = optional(object({ connection = string endpoint = optional(string) max_batching_rows = optional(string) user_defined_context = optional(map(string), {}) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [tables](variables.tf#L219) | Table definitions. Options and partitioning default to null. Partitioning can only use `range` or `time`, set the unused one to null. | <code title="map(object({ deletion_protection = optional(bool) description = optional(string, "Terraform managed.") friendly_name = optional(string) labels = optional(map(string), {}) require_partition_filter = optional(bool) schema = optional(string) external_data_configuration = optional(object({ autodetect = bool source_uris = list(string) avro_logical_types = optional(bool) compression = optional(string) connection_id = optional(string) file_set_spec_type = optional(string) ignore_unknown_values = optional(bool) metadata_cache_mode = optional(string) object_metadata = optional(string) json_options_encoding = optional(string) reference_file_schema_uri = optional(string) schema = optional(string) source_format = optional(string) max_bad_records = optional(number) csv_options = optional(object({ quote = string allow_jagged_rows = optional(bool) allow_quoted_newlines = optional(bool) encoding = optional(string) field_delimiter = optional(string) skip_leading_rows = optional(number) })) google_sheets_options = optional(object({ range = optional(string) skip_leading_rows = optional(number) })) hive_partitioning_options = optional(object({ mode = optional(string) require_partition_filter = optional(bool) source_uri_prefix = optional(string) })) parquet_options = optional(object({ enum_as_string = optional(bool) enable_list_inference = optional(bool) })) })) options = optional(object({ clustering = optional(list(string)) encryption_key = optional(string) expiration_time = optional(number) max_staleness = optional(string) }), {}) partitioning = optional(object({ field = optional(string) range = optional(object({ end = number interval = number start = number })) time = optional(object({ type = string expiration_ms = optional(number) field = optional(string) })) })) table_constraints = optional(object({ primary_key_columns = optional(list(string)) foreign_keys = optional(object({ referenced_table = object({ project_id = string dataset_id = string table_id = string }) column_references = object({ referencing_column = string referenced_column = string }) name = optional(string) })) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [tag_bindings](variables.tf#L304) | Tag bindings for this dataset, in key => tag value id format. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [views](variables.tf#L311) | View definitions. | <code title="map(object({ query = string deletion_protection = optional(bool) description = optional(string, "Terraform managed.") friendly_name = optional(string) labels = optional(map(string), {}) use_legacy_sql = optional(bool) schema = optional(list(object({ name = string type = string description = string mode = optional(string) }))) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
||||
@@ -373,7 +373,7 @@ resource "google_bigquery_table" "default" {
|
||||
}
|
||||
|
||||
resource "google_bigquery_table" "views" {
|
||||
depends_on = [google_bigquery_table.default]
|
||||
depends_on = [google_bigquery_table.default, google_bigquery_routine.default]
|
||||
for_each = var.views
|
||||
project = local.project_id
|
||||
dataset_id = google_bigquery_dataset.default.dataset_id
|
||||
@@ -382,7 +382,7 @@ resource "google_bigquery_table" "views" {
|
||||
description = each.value.description
|
||||
labels = each.value.labels
|
||||
deletion_protection = each.value.deletion_protection
|
||||
schema = try(jsonencode(each.value.schema), null)
|
||||
schema = each.value.schema != null ? jsonencode(each.value.schema) : null
|
||||
|
||||
view {
|
||||
query = each.value.query
|
||||
@@ -445,6 +445,7 @@ resource "google_bigquery_routine" "default" {
|
||||
imported_libraries = each.value.imported_libraries
|
||||
determinism_level = each.value.determinism_level
|
||||
data_governance_type = each.value.data_governance_type
|
||||
return_type = each.value.return_type
|
||||
return_table_type = each.value.return_table_type
|
||||
dynamic "arguments" {
|
||||
for_each = each.value.arguments
|
||||
|
||||
@@ -187,6 +187,7 @@ variable "routines" {
|
||||
imported_libraries = optional(list(string))
|
||||
determinism_level = optional(string)
|
||||
data_governance_type = optional(string)
|
||||
return_type = optional(string)
|
||||
return_table_type = optional(string)
|
||||
arguments = optional(map(object({
|
||||
argument_kind = optional(string)
|
||||
|
||||
@@ -37,14 +37,14 @@ locals {
|
||||
? {
|
||||
id = format(
|
||||
"projects/%s/global/networks/%s",
|
||||
var.project_id,
|
||||
local.project_id,
|
||||
var.name
|
||||
)
|
||||
name = var.name
|
||||
network_id = try(var.vpc_reuse.attributes.network_id, null)
|
||||
self_link = format(
|
||||
"https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s",
|
||||
var.project_id,
|
||||
local.project_id,
|
||||
var.name
|
||||
)
|
||||
}
|
||||
|
||||
@@ -94,7 +94,7 @@ output "network_id" {
|
||||
|
||||
output "project_id" {
|
||||
description = "Project ID containing the network. Use this when you need to create resources *after* the VPC is fully set up (e.g. subnets created, shared VPC service projects attached, Private Service Networking configured)."
|
||||
value = var.project_id
|
||||
value = local.project_id
|
||||
depends_on = [
|
||||
google_compute_subnetwork.subnetwork,
|
||||
google_compute_network_peering.local,
|
||||
|
||||
@@ -74,7 +74,7 @@ resource "google_service_networking_connection" "psa_connection" {
|
||||
|
||||
resource "google_compute_network_peering_routes_config" "psa_routes" {
|
||||
for_each = local.psa_configs
|
||||
project = var.project_id
|
||||
project = local.project_id
|
||||
peering = (
|
||||
google_service_networking_connection.psa_connection[each.key].peering
|
||||
)
|
||||
@@ -85,7 +85,7 @@ resource "google_compute_network_peering_routes_config" "psa_routes" {
|
||||
|
||||
resource "google_service_networking_peered_dns_domain" "name" {
|
||||
for_each = local.psa_peered_domains
|
||||
project = var.project_id
|
||||
project = local.project_id
|
||||
network = local.network.name
|
||||
name = each.key
|
||||
dns_suffix = each.value.dns_suffix
|
||||
|
||||
47
tests/modules/bigquery_connection/examples/cloudsql.yaml
Normal file
47
tests/modules/bigquery_connection/examples/cloudsql.yaml
Normal file
@@ -0,0 +1,47 @@
|
||||
# Copyright 2025 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.bigquery-connection.google_bigquery_connection.connection:
|
||||
aws: []
|
||||
azure: []
|
||||
cloud_resource: []
|
||||
cloud_spanner: []
|
||||
cloud_sql:
|
||||
- credential:
|
||||
- password: my-password
|
||||
username: my-username
|
||||
database: my-database
|
||||
instance_id: my-instance-id
|
||||
type: POSTGRES
|
||||
connection_id: my-connection
|
||||
description: A connection to a Cloud SQL instance.
|
||||
friendly_name: My Cloud SQL Connection
|
||||
kms_key_name: null
|
||||
location: EU
|
||||
project: project-id
|
||||
spark: []
|
||||
timeouts: null
|
||||
module.bigquery-connection.google_bigquery_connection_iam_binding.authoritative["roles/bigquery.connectionUser"]:
|
||||
condition: []
|
||||
connection_id: my-connection
|
||||
location: EU
|
||||
members:
|
||||
- user:my-user@example.com
|
||||
project: project-id
|
||||
role: roles/bigquery.connectionUser
|
||||
|
||||
counts:
|
||||
google_bigquery_connection: 1
|
||||
google_bigquery_connection_iam_binding: 1
|
||||
38
tests/modules/bigquery_connection/examples/cloudsql_kms.yaml
Normal file
38
tests/modules/bigquery_connection/examples/cloudsql_kms.yaml
Normal file
@@ -0,0 +1,38 @@
|
||||
# Copyright 2025 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.bigquery-connection.google_bigquery_connection.connection:
|
||||
aws: []
|
||||
azure: []
|
||||
cloud_resource: []
|
||||
cloud_spanner: []
|
||||
cloud_sql:
|
||||
- credential:
|
||||
- password: my-password
|
||||
username: my-username
|
||||
database: my-database
|
||||
instance_id: my-instance-id
|
||||
type: POSTGRES
|
||||
connection_id: my-connection
|
||||
description: A connection to a Cloud SQL instance.
|
||||
friendly_name: My BigQuery Connection
|
||||
kms_key_name: my-key
|
||||
location: EU
|
||||
project: project-id
|
||||
spark: []
|
||||
timeouts: null
|
||||
|
||||
counts:
|
||||
google_bigquery_connection: 1
|
||||
47
tests/modules/bigquery_connection/examples/spanner.yaml
Normal file
47
tests/modules/bigquery_connection/examples/spanner.yaml
Normal file
@@ -0,0 +1,47 @@
|
||||
# Copyright 2025 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.bigquery-connection.google_bigquery_connection.connection:
|
||||
aws: []
|
||||
azure: []
|
||||
cloud_resource: []
|
||||
cloud_spanner:
|
||||
- database: projects/my-project/instances/my-instance/databases/my-database
|
||||
database_role: null
|
||||
max_parallelism: 2
|
||||
use_data_boost: true
|
||||
use_parallelism: true
|
||||
use_serverless_analytics: null
|
||||
cloud_sql: []
|
||||
connection_id: my-connection
|
||||
description: A connection to a Spanner instance.
|
||||
friendly_name: My BigQuery Connection
|
||||
kms_key_name: null
|
||||
location: EU
|
||||
project: project-id
|
||||
spark: []
|
||||
timeouts: null
|
||||
module.bigquery-connection.google_bigquery_connection_iam_binding.authoritative["roles/bigquery.connectionUser"]:
|
||||
condition: []
|
||||
connection_id: my-connection
|
||||
location: EU
|
||||
members:
|
||||
- user:my-user@example.com
|
||||
project: project-id
|
||||
role: roles/bigquery.connectionUser
|
||||
|
||||
counts:
|
||||
google_bigquery_connection: 1
|
||||
google_bigquery_connection_iam_binding: 1
|
||||
@@ -0,0 +1,47 @@
|
||||
# Copyright 2025 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.bigquery-connection.google_bigquery_connection.connection:
|
||||
aws: []
|
||||
azure: []
|
||||
cloud_resource: []
|
||||
cloud_spanner:
|
||||
- database: projects/my-project/instances/my-instance/databases/my-database
|
||||
database_role: null
|
||||
max_parallelism: 2
|
||||
use_data_boost: true
|
||||
use_parallelism: true
|
||||
use_serverless_analytics: null
|
||||
cloud_sql: []
|
||||
connection_id: my-connection
|
||||
description: A connection to a Spanner instance.
|
||||
friendly_name: My BigQuery Connection
|
||||
kms_key_name: null
|
||||
location: EU
|
||||
project: project-id
|
||||
spark: []
|
||||
timeouts: null
|
||||
module.bigquery-connection.google_bigquery_connection_iam_binding.authoritative["roles/bigquery.connectionUser"]:
|
||||
condition: []
|
||||
connection_id: my-connection
|
||||
location: EU
|
||||
members:
|
||||
- user:my-user@example.com
|
||||
project: project-id
|
||||
role: roles/bigquery.connectionUser
|
||||
|
||||
counts:
|
||||
google_bigquery_connection: 1
|
||||
google_bigquery_connection_iam_binding: 1
|
||||
@@ -48,7 +48,7 @@ values:
|
||||
project: my-project
|
||||
remote_function_options: []
|
||||
return_table_type: null
|
||||
return_type: null
|
||||
return_type: '{"typeKind":"STRING"}'
|
||||
routine_id: custom_masking_routine
|
||||
routine_type: SCALAR_FUNCTION
|
||||
spark_options: []
|
||||
@@ -58,4 +58,4 @@ counts:
|
||||
google_bigquery_dataset: 1
|
||||
google_bigquery_routine: 1
|
||||
modules: 1
|
||||
resources: 2
|
||||
resources: 2
|
||||
|
||||
Reference in New Issue
Block a user