Support org-level logging cmek config in schema, use context for org-level logging config, update schema docs. (#3657)
* support org-level logging cmek config in schema, update schema docs * fix org logging identity context
This commit is contained in:
Ludovico Magnocavallo
committed by
GitHub
GitHub
parent
04de8f7de7
commit
558e552b5e
@@ -51,7 +51,10 @@ module "factory" {
|
||||
}
|
||||
)
|
||||
iam_principals = merge(
|
||||
local.org_logging_identities,
|
||||
{
|
||||
for k, v in local.org_logging_identities :
|
||||
k => "serviceAccount:${v}" if v != null
|
||||
},
|
||||
local.iam_principals
|
||||
)
|
||||
tag_values = merge(
|
||||
|
||||
@@ -62,6 +62,7 @@
|
||||
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
|
||||
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
|
||||
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **iam_by_principals_conditional**: *reference([iam_by_principals_conditional](#refs-iam_by_principals_conditional))*
|
||||
- **name**: *string*
|
||||
- **org_policies**: *object*
|
||||
<br>*additional properties: false*
|
||||
@@ -157,6 +158,18 @@
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:)`**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_by_principals_conditional**<a name="refs-iam_by_principals_conditional"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:)`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**condition**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**expression**: *string*
|
||||
- ⁺**title**: *string*
|
||||
- **description**: *string*
|
||||
- ⁺**roles**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^[a-z0-9-]+$`**: *array*
|
||||
|
||||
@@ -98,6 +98,9 @@
|
||||
"type": "object",
|
||||
"additionalProperties": false,
|
||||
"properties": {
|
||||
"kms_key_name": {
|
||||
"type": "string"
|
||||
},
|
||||
"storage_location": {
|
||||
"type": "string"
|
||||
},
|
||||
|
||||
@@ -32,9 +32,11 @@
|
||||
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
|
||||
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
|
||||
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **iam_by_principals_conditional**: *reference([iam_by_principals_conditional](#refs-iam_by_principals_conditional))*
|
||||
- **iam_by_principals_additive**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **logging**: *object*
|
||||
<br>*additional properties: false*
|
||||
- **kms_key_name**: *string*
|
||||
- **storage_location**: *string*
|
||||
- **sinks**: *object*
|
||||
<br>*additional properties: false*
|
||||
@@ -133,6 +135,18 @@
|
||||
- **`^(?:\$[a-z_-]+:|domain:|group:|serviceAccount:|user:|principal:|principalSet:)`**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_by_principals_conditional**<a name="refs-iam_by_principals_conditional"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^(?:\$[a-z_-]+:|domain:|group:|serviceAccount:|user:|principal:|principalSet:)`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**condition**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**expression**: *string*
|
||||
- ⁺**title**: *string*
|
||||
- **description**: *string*
|
||||
- ⁺**roles**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **pam_entitlements**<a name="refs-pam_entitlements"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^[a-z][a-z0-9-]{0,61}[a-z0-9]$`**: *object*
|
||||
|
||||
@@ -71,6 +71,7 @@
|
||||
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
|
||||
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
|
||||
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **iam_by_principals_conditional**: *reference([iam_by_principals_conditional](#refs-iam_by_principals_conditional))*
|
||||
- **iam_by_principals_additive**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **kms**: *object*
|
||||
<br>*additional properties: false*
|
||||
@@ -342,6 +343,18 @@
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:[a-z0-9_-]+)`**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_by_principals_conditional**<a name="refs-iam_by_principals_conditional"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:[a-z0-9_-]+)`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**condition**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**expression**: *string*
|
||||
- ⁺**title**: *string*
|
||||
- **description**: *string*
|
||||
- ⁺**roles**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^[a-z0-9-]+$`**: *array*
|
||||
|
||||
@@ -62,6 +62,7 @@
|
||||
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
|
||||
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
|
||||
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **iam_by_principals_conditional**: *reference([iam_by_principals_conditional](#refs-iam_by_principals_conditional))*
|
||||
- **name**: *string*
|
||||
- **org_policies**: *object*
|
||||
<br>*additional properties: false*
|
||||
@@ -157,6 +158,18 @@
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:)`**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_by_principals_conditional**<a name="refs-iam_by_principals_conditional"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:)`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**condition**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**expression**: *string*
|
||||
- ⁺**title**: *string*
|
||||
- **description**: *string*
|
||||
- ⁺**roles**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^[a-z0-9-]+$`**: *array*
|
||||
|
||||
@@ -71,6 +71,7 @@
|
||||
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
|
||||
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
|
||||
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **iam_by_principals_conditional**: *reference([iam_by_principals_conditional](#refs-iam_by_principals_conditional))*
|
||||
- **iam_by_principals_additive**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **kms**: *object*
|
||||
<br>*additional properties: false*
|
||||
@@ -342,6 +343,18 @@
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:[a-z0-9_-]+)`**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_by_principals_conditional**<a name="refs-iam_by_principals_conditional"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:[a-z0-9_-]+)`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**condition**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**expression**: *string*
|
||||
- ⁺**title**: *string*
|
||||
- **description**: *string*
|
||||
- ⁺**roles**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^[a-z0-9-]+$`**: *array*
|
||||
|
||||
@@ -79,6 +79,23 @@
|
||||
- **import_routes**: *boolean*
|
||||
- **policy_based_routes**<a name="refs-policy_based_routes"></a>: *object*
|
||||
- **`^[a-z0-9-]+$`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- **description**: *string*
|
||||
- **filter**: *object*
|
||||
<br>*additional properties: false*
|
||||
- **dest_range**: *string*
|
||||
- **ip_protocol**: *string*
|
||||
- **src_range**: *string*
|
||||
- **labels**: *object*
|
||||
<br>*additional properties: string*
|
||||
- **next_hop_ilb_ip**: *string*
|
||||
- **priority**: *number*
|
||||
- **target**: *object*
|
||||
<br>*additional properties: false*
|
||||
- **interconnect_attachment**: *string*
|
||||
- **tags**: *array*
|
||||
- items: *string*
|
||||
- **use_default_routing**: *boolean*
|
||||
- **psa_config**<a name="refs-psa_config"></a>: *object*
|
||||
- **deletion_policy**: *string*
|
||||
- **ranges**: *object*
|
||||
|
||||
@@ -62,6 +62,7 @@
|
||||
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
|
||||
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
|
||||
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **iam_by_principals_conditional**: *reference([iam_by_principals_conditional](#refs-iam_by_principals_conditional))*
|
||||
- **name**: *string*
|
||||
- **org_policies**: *object*
|
||||
<br>*additional properties: false*
|
||||
@@ -157,6 +158,18 @@
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:)`**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_by_principals_conditional**<a name="refs-iam_by_principals_conditional"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:)`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**condition**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**expression**: *string*
|
||||
- ⁺**title**: *string*
|
||||
- **description**: *string*
|
||||
- ⁺**roles**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^[a-z0-9-]+$`**: *array*
|
||||
|
||||
@@ -71,6 +71,7 @@
|
||||
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
|
||||
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
|
||||
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **iam_by_principals_conditional**: *reference([iam_by_principals_conditional](#refs-iam_by_principals_conditional))*
|
||||
- **iam_by_principals_additive**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **kms**: *object*
|
||||
<br>*additional properties: false*
|
||||
@@ -342,6 +343,18 @@
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:[a-z0-9_-]+)`**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_by_principals_conditional**<a name="refs-iam_by_principals_conditional"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:[a-z0-9_-]+)`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**condition**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**expression**: *string*
|
||||
- ⁺**title**: *string*
|
||||
- **description**: *string*
|
||||
- ⁺**roles**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^[a-z0-9-]+$`**: *array*
|
||||
|
||||
@@ -62,6 +62,7 @@
|
||||
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
|
||||
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
|
||||
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **iam_by_principals_conditional**: *reference([iam_by_principals_conditional](#refs-iam_by_principals_conditional))*
|
||||
- **name**: *string*
|
||||
- **org_policies**: *object*
|
||||
<br>*additional properties: false*
|
||||
@@ -157,6 +158,18 @@
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:)`**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_by_principals_conditional**<a name="refs-iam_by_principals_conditional"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:)`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**condition**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**expression**: *string*
|
||||
- ⁺**title**: *string*
|
||||
- **description**: *string*
|
||||
- ⁺**roles**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^[a-z0-9-]+$`**: *array*
|
||||
|
||||
@@ -71,6 +71,7 @@
|
||||
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
|
||||
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
|
||||
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **iam_by_principals_conditional**: *reference([iam_by_principals_conditional](#refs-iam_by_principals_conditional))*
|
||||
- **iam_by_principals_additive**: *reference([iam_by_principals](#refs-iam_by_principals))*
|
||||
- **kms**: *object*
|
||||
<br>*additional properties: false*
|
||||
@@ -342,6 +343,18 @@
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:[a-z0-9_-]+)`**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_by_principals_conditional**<a name="refs-iam_by_principals_conditional"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\$iam_principals:[a-z0-9_-]+)`**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**condition**: *object*
|
||||
<br>*additional properties: false*
|
||||
- ⁺**expression**: *string*
|
||||
- ⁺**title**: *string*
|
||||
- **description**: *string*
|
||||
- ⁺**roles**: *array*
|
||||
- items: *string*
|
||||
<br>*pattern: ^(?:roles/|\$custom_roles:)*
|
||||
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
|
||||
<br>*additional properties: false*
|
||||
- **`^[a-z0-9-]+$`**: *array*
|
||||
|
||||
Reference in New Issue
Block a user