re-enable project billing association in project factory, extends to folder (#3554)
This commit is contained in:
Ludovico Magnocavallo
committed by
GitHub
GitHub
parent
a8384b85d1
commit
26d43d8ec5
@@ -277,17 +277,17 @@ update_rules:
|
||||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [id](variables.tf#L145) | Billing account id. | <code>string</code> | ✓ | |
|
||||
| [id](variables.tf#L147) | Billing account id. | <code>string</code> | ✓ | |
|
||||
| [budget_notification_channels](variables.tf#L17) | Notification channels used by budget alerts. | <code title="map(object({ project_id = string type = string description = optional(string) display_name = optional(string) enabled = optional(bool, true) force_delete = optional(bool) labels = optional(map(string)) sensitive_labels = optional(list(object({ auth_token = optional(string) password = optional(string) service_key = optional(string) }))) user_labels = optional(map(string)) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [budgets](variables.tf#L47) | Billing budgets. Notification channels are either keys in corresponding variable, or external ids. | <code title="map(object({ amount = object({ currency_code = optional(string) nanos = optional(number) units = optional(number) use_last_period = optional(bool) }) display_name = optional(string) ownership_scope = optional(string) filter = optional(object({ credit_types_treatment = optional(object({ exclude_all = optional(bool) include_specified = optional(list(string)) })) label = optional(object({ key = string value = string })) period = optional(object({ calendar = optional(string) custom = optional(object({ start_date = object({ day = number month = number year = number }) end_date = optional(object({ day = number month = number year = number })) })) })) projects = optional(list(string)) resource_ancestors = optional(list(string)) services = optional(list(string)) subaccounts = optional(list(string)) })) threshold_rules = optional(list(object({ percent = number forecasted_spend = optional(bool) })), []) update_rules = optional(map(object({ disable_default_iam_recipients = optional(bool) monitoring_notification_channels = optional(list(string)) pubsub_topic = optional(string) })), {}) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [context](variables.tf#L122) | Context-specific interpolations. | <code title="object({ custom_roles = optional(map(string), {}) folder_ids = optional(map(string), {}) iam_principals = optional(map(string), {}) notification_channels = optional(map(string), {}) project_ids = optional(map(string), {}) storage_buckets = optional(map(string), {}) })">object({…})</code> | | <code>{}</code> |
|
||||
| [factories_config](variables.tf#L136) | Path to folder containing budget alerts data files. | <code title="object({ budgets_data_path = optional(string, "data/billing-budgets") })">object({…})</code> | | <code>{}</code> |
|
||||
| [budgets](variables.tf#L47) | Billing budgets. Notification channels are either keys in corresponding variable, or external ids. | <code title="map(object({ amount = object({ currency_code = optional(string) nanos = optional(number) units = optional(number) use_last_period = optional(bool) }) display_name = optional(string) ownership_scope = optional(string) filter = optional(object({ credit_types_treatment = optional(object({ exclude_all = optional(bool) include_specified = optional(list(string)) })) label = optional(object({ key = string value = string })) period = optional(object({ calendar = optional(string) custom = optional(object({ start_date = object({ day = number month = number year = number }) end_date = optional(object({ day = number month = number year = number })) })) })) projects = optional(list(string), []) resource_ancestors = optional(list(string), []) services = optional(list(string)) subaccounts = optional(list(string)) })) threshold_rules = optional(list(object({ percent = number forecasted_spend = optional(bool) })), []) update_rules = optional(map(object({ disable_default_iam_recipients = optional(bool) monitoring_notification_channels = optional(list(string)) pubsub_topic = optional(string) })), {}) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [context](variables.tf#L122) | Context-specific interpolations. | <code title="object({ custom_roles = optional(map(string), {}) folder_ids = optional(map(string), {}) folder_sets = optional(map(list(string)), {}) iam_principals = optional(map(string), {}) notification_channels = optional(map(string), {}) project_ids = optional(map(string), {}) project_sets = optional(map(list(string)), {}) storage_buckets = optional(map(string), {}) })">object({…})</code> | | <code>{}</code> |
|
||||
| [factories_config](variables.tf#L138) | Path to folder containing budget alerts data files. | <code title="object({ budgets_data_path = optional(string, "data/billing-budgets") })">object({…})</code> | | <code>{}</code> |
|
||||
| [iam](variables-iam.tf#L17) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [iam_bindings](variables-iam.tf#L24) | Authoritative IAM bindings in {KEY => {role = ROLE, members = [], condition = {}}}. Keys are arbitrary. | <code title="map(object({ members = list(string) role = string condition = optional(object({ expression = string title = string description = optional(string) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [iam_bindings_additive](variables-iam.tf#L39) | Individual additive IAM bindings. Keys are arbitrary. | <code title="map(object({ member = string role = string condition = optional(object({ expression = string title = string description = optional(string) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [iam_by_principals](variables-iam.tf#L54) | Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
| [logging_sinks](variables.tf#L150) | Logging sinks to create for the billing account. | <code title="map(object({ destination = string type = string bq_partitioned_table = optional(bool, false) description = optional(string) disabled = optional(bool, false) exclusions = optional(map(object({ filter = string description = optional(string) disabled = optional(bool) })), {}) filter = optional(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [projects](variables.tf#L183) | Projects associated with this billing account. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [logging_sinks](variables.tf#L152) | Logging sinks to create for the billing account. | <code title="map(object({ destination = string type = string bq_partitioned_table = optional(bool, false) description = optional(string) disabled = optional(bool, false) exclusions = optional(map(object({ filter = string description = optional(string) disabled = optional(bool) })), {}) filter = optional(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [projects](variables.tf#L185) | Projects associated with this billing account. | <code>list(string)</code> | | <code>[]</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
||||
@@ -48,6 +48,19 @@ resource "google_monitoring_notification_channel" "default" {
|
||||
}
|
||||
}
|
||||
|
||||
# resource "terraform_data" "defaults_preconditions" {
|
||||
# lifecycle {
|
||||
# precondition {
|
||||
# condition = local.factory_budgets == null
|
||||
# error_message = yamlencode(local.factory_budgets)
|
||||
# }
|
||||
# precondition {
|
||||
# condition = local.factory_budgets == null
|
||||
# error_message = yamlencode(local.ctx.project_sets)
|
||||
# }
|
||||
# }
|
||||
# }
|
||||
|
||||
resource "google_billing_budget" "default" {
|
||||
for_each = merge(local.factory_budgets, var.budgets)
|
||||
billing_account = var.id
|
||||
@@ -83,14 +96,20 @@ resource "google_billing_budget" "default" {
|
||||
labels = each.value.filter.label == null ? null : {
|
||||
(each.value.filter.label.key) = each.value.filter.label.value
|
||||
}
|
||||
projects = each.value.filter.projects == null ? [] : [
|
||||
for v in each.value.filter.projects :
|
||||
lookup(local.ctx.project_ids, v, v)
|
||||
]
|
||||
resource_ancestors = each.value.filter.resource_ancestors == null ? [] : [
|
||||
for v in each.value.filter.resource_ancestors :
|
||||
lookup(local.ctx.folder_ids, v, v)
|
||||
]
|
||||
projects = concat(
|
||||
[
|
||||
for v in each.value.filter.projects :
|
||||
lookup(local.ctx.project_ids, v, v)
|
||||
],
|
||||
lookup(local.ctx.project_sets, "$project_sets:${each.key}", [])
|
||||
)
|
||||
resource_ancestors = concat(
|
||||
[
|
||||
for v in each.value.filter.resource_ancestors :
|
||||
lookup(local.ctx.folder_ids, v, v)
|
||||
],
|
||||
lookup(local.ctx.folder_sets, "$folder_sets:${each.key}", [])
|
||||
)
|
||||
services = each.value.filter.services
|
||||
subaccounts = each.value.filter.subaccounts
|
||||
dynamic "custom_period" {
|
||||
|
||||
@@ -45,8 +45,8 @@ locals {
|
||||
)
|
||||
)
|
||||
label = try(v.filter.label, null)
|
||||
projects = try(v.filter.projects, null)
|
||||
resource_ancestors = try(v.filter.resource_ancestors, null)
|
||||
projects = try(v.filter.projects, [])
|
||||
resource_ancestors = try(v.filter.resource_ancestors, [])
|
||||
services = try(v.filter.services, null)
|
||||
subaccounts = try(v.filter.subaccounts, null)
|
||||
}
|
||||
|
||||
@@ -79,8 +79,8 @@ variable "budgets" {
|
||||
}))
|
||||
}))
|
||||
}))
|
||||
projects = optional(list(string))
|
||||
resource_ancestors = optional(list(string))
|
||||
projects = optional(list(string), [])
|
||||
resource_ancestors = optional(list(string), [])
|
||||
services = optional(list(string))
|
||||
subaccounts = optional(list(string))
|
||||
}))
|
||||
@@ -124,9 +124,11 @@ variable "context" {
|
||||
type = object({
|
||||
custom_roles = optional(map(string), {})
|
||||
folder_ids = optional(map(string), {})
|
||||
folder_sets = optional(map(list(string)), {})
|
||||
iam_principals = optional(map(string), {})
|
||||
notification_channels = optional(map(string), {})
|
||||
project_ids = optional(map(string), {})
|
||||
project_sets = optional(map(list(string)), {})
|
||||
storage_buckets = optional(map(string), {})
|
||||
})
|
||||
default = {}
|
||||
|
||||
Reference in New Issue
Block a user