BigQuery reservation (#3441)

* First Commit. * Improve * Fix README * Fix lint * fix * Fix Tests. * Improve output * fix yaml lint * Fix * Fic test * Fix * Fix output
2025-11-03 11:36:42 +01:00
parent 0a70b9dd2c
commit 64632eb957
6 changed files with 361 additions and 46 deletions
--- a/modules/project/README.md
+++ b/modules/project/README.md
--- a/modules/project/bigquery-reservation.tf
+++ b/modules/project/bigquery-reservation.tf
@@ -0,0 +1,66 @@
+/**
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+locals {
+  _assignments = flatten([
+    for reservation_name, reservation in var.bigquery_reservations : [
+      for job_type, assignees in reservation.assignments : [
+        for assignee in assignees : {
+          key              = "${reservation_name}-${job_type}-${assignee}"
+          reservation_name = reservation_name
+          location         = reservation.location
+          job_type         = job_type
+          assignee         = assignee
+        }
+      ]
+    ]
+  ])
+  assignments = { for a in local._assignments : a.key => a }
+}
+
+resource "google_bigquery_reservation" "default" {
+  for_each = var.bigquery_reservations
+
+  project            = local.project.project_id
+  location           = each.value.location
+  name               = each.key
+  slot_capacity      = each.value.slot_capacity
+  ignore_idle_slots  = each.value.ignore_idle_slots
+  concurrency        = each.value.concurrency
+  edition            = each.value.edition
+  secondary_location = each.value.secondary_location
+
+  dynamic "autoscale" {
+    for_each = each.value.max_slots == null ? [] : [each.value.max_slots]
+    content {
+      max_slots = autoscale.value
+    }
+  }
+
+  depends_on = [
+    google_project_service.project_services
+  ]
+}
+
+resource "google_bigquery_reservation_assignment" "default" {
+  for_each = local.assignments
+
+  project     = local.project.project_id
+  location    = each.value.location
+  reservation = google_bigquery_reservation.default[each.value.reservation_name].id
+  assignee    = each.value.assignee
+  job_type    = each.value.job_type
+}
--- a/modules/project/main.tf
+++ b/modules/project/main.tf
@@ -19,6 +19,20 @@ locals {
  _observability_factory_path = pathexpand(coalesce(
    var.factories_config.observability, "-"
  ))
+  bigquery_reservations_assigments = {
+    for reservation_name, reservation in google_bigquery_reservation.default :
+    reservation_name => {
+      (reservation.location) = {
+        for job_type in distinct([
+          for a in values(google_bigquery_reservation_assignment.default) : a.job_type
+          if a.reservation == reservation.id
+          ]) : job_type => [
+          for a in values(google_bigquery_reservation_assignment.default) : a.assignee
+          if a.reservation == reservation.id && a.job_type == job_type
+        ]
+      }
+    }
+  }
  ctx = {
    for k, v in var.context : k => {
      for kk, vv in v : "${local.ctx_p}${k}:${kk}" => vv
--- a/modules/project/outputs.tf
+++ b/modules/project/outputs.tf
@@ -22,6 +22,14 @@ output "alert_ids" {
  }
 }

+output "bigquery_reservations" {
+  description = "BigQuery reservations and assignments."
+  value = {
+    reservations = google_bigquery_reservation.default
+    assignments  = local.bigquery_reservations_assigments
+  }
+}
+
 output "custom_role_id" {
  description = "Map of custom role IDs created in the project."
  value       = local.custom_role_ids
--- a/modules/project/variables.tf
+++ b/modules/project/variables.tf
@@ -20,6 +20,43 @@ variable "auto_create_network" {
  default     = false
 }

+variable "bigquery_reservations" {
+  description = "BigQuery reservations and assignments. Assignment specified as {JOB_TYPE = ['projects/PROJECT_ID']}."
+  type = map(object({
+    location           = string
+    slot_capacity      = number
+    ignore_idle_slots  = optional(bool, false)
+    concurrency        = optional(number)
+    edition            = optional(string, "STANDARD")
+    secondary_location = optional(string)
+    max_slots          = optional(number)
+    scaling_mode       = optional(string, "AUTOSCALE_ONLY")
+    assignments        = optional(map(list(string)), {})
+  }))
+  validation {
+    condition = alltrue([
+      for name, reservation in var.bigquery_reservations :
+      # Check the keys of the 'assignments' map within each reservation object.
+      # If 'assignments' is omitted (defaults to {}), the inner 'alltrue' evaluates to true.
+      alltrue([
+        for key in keys(reservation.assignments) :
+        contains(["JOB_TYPE_UNSPECIFIED",
+          "PIPELINE",
+          "QUERY",
+          "ML_EXTERNAL",
+          "BACKGROUND",
+          "CONTINUOUS",
+          "BACKGROUND_CHANGE_DATA_CAPTURE",
+          "BACKGROUND_COLUMN_METADATA_INDEX",
+        "BACKGROUND_SEARCH_INDEX_REFRESH"], key)
+      ])
+    ])
+    error_message = "All keys in the nested 'assignments' map (within 'bigquery_reservations') must be one of the following allowed values: ML_EXTERNAL, QUERY, or BACKGROUND."
+  }
+  default  = {}
+  nullable = false
+}
+
 variable "billing_account" {
  description = "Billing account id."
  type        = string
--- a/tests/modules/project/examples/bigqueryreservation.yaml
+++ b/tests/modules/project/examples/bigqueryreservation.yaml
@@ -0,0 +1,142 @@
+# Copyright 2025 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+values:
+  module.project-bq-billing.data.google_bigquery_default_service_account.bq_sa[0]:
+    project: test-project-billing
+  module.project-bq-billing.google_bigquery_reservation.default["ew8"]:
+    autoscale: []
+    concurrency: 0
+    edition: STANDARD
+    ignore_idle_slots: false
+    location: europe-west8
+    name: ew8
+    project: test-project-billing
+    secondary_location: null
+    slot_capacity: 0
+    timeouts: null
+  module.project-bq-billing.google_project.project[0]:
+    auto_create_network: false
+    billing_account: 123456-123456-123456
+    deletion_policy: DELETE
+    effective_labels:
+      goog-terraform-provisioned: 'true'
+    folder_id: '1122334455'
+    labels: null
+    name: test-project-billing
+    org_id: null
+    project_id: test-project-billing
+    tags: null
+    terraform_labels:
+      goog-terraform-provisioned: 'true'
+    timeouts: null
+  module.project-bq-billing.google_project_iam_member.service_agents["container-engine-robot"]:
+    condition: []
+    project: test-project-billing
+    role: roles/container.serviceAgent
+  module.project-bq-billing.google_project_iam_member.service_agents["gkenode"]:
+    condition: []
+    project: test-project-billing
+    role: roles/container.defaultNodeServiceAgent
+  module.project-bq-billing.google_project_service.project_services["bigquery.googleapis.com"]:
+    disable_dependent_services: false
+    disable_on_destroy: false
+    project: test-project-billing
+    service: bigquery.googleapis.com
+    timeouts: null
+  module.project-bq-billing.google_project_service.project_services["bigqueryreservation.googleapis.com"]:
+    disable_dependent_services: false
+    disable_on_destroy: false
+    project: test-project-billing
+    service: bigqueryreservation.googleapis.com
+    timeouts: null
+  module.project-bq-billing.google_project_service.project_services["container.googleapis.com"]:
+    disable_dependent_services: false
+    disable_on_destroy: false
+    project: test-project-billing
+    service: container.googleapis.com
+    timeouts: null
+  module.project-bq-billing.google_project_service.project_services["stackdriver.googleapis.com"]:
+    disable_dependent_services: false
+    disable_on_destroy: false
+    project: test-project-billing
+    service: stackdriver.googleapis.com
+    timeouts: null
+  module.project-bq-billing.google_project_service_identity.default["container.googleapis.com"]:
+    project: test-project-billing
+    service: container.googleapis.com
+    timeouts: null
+  module.project-bq-data.data.google_bigquery_default_service_account.bq_sa[0]:
+    project: test-project-data
+  module.project-bq-data.google_project.project[0]:
+    auto_create_network: false
+    billing_account: 123456-123456-123456
+    deletion_policy: DELETE
+    effective_labels:
+      goog-terraform-provisioned: 'true'
+    folder_id: '1122334455'
+    labels: null
+    name: test-project-data
+    org_id: null
+    project_id: test-project-data
+    tags: null
+    terraform_labels:
+      goog-terraform-provisioned: 'true'
+    timeouts: null
+  module.project-bq-data.google_project_iam_member.service_agents["container-engine-robot"]:
+    condition: []
+    project: test-project-data
+    role: roles/container.serviceAgent
+  module.project-bq-data.google_project_iam_member.service_agents["gkenode"]:
+    condition: []
+    project: test-project-data
+    role: roles/container.defaultNodeServiceAgent
+  module.project-bq-data.google_project_service.project_services["bigquery.googleapis.com"]:
+    disable_dependent_services: false
+    disable_on_destroy: false
+    project: test-project-data
+    service: bigquery.googleapis.com
+    timeouts: null
+  module.project-bq-data.google_project_service.project_services["bigqueryreservation.googleapis.com"]:
+    disable_dependent_services: false
+    disable_on_destroy: false
+    project: test-project-data
+    service: bigqueryreservation.googleapis.com
+    timeouts: null
+  module.project-bq-data.google_project_service.project_services["container.googleapis.com"]:
+    disable_dependent_services: false
+    disable_on_destroy: false
+    project: test-project-data
+    service: container.googleapis.com
+    timeouts: null
+  module.project-bq-data.google_project_service.project_services["stackdriver.googleapis.com"]:
+    disable_dependent_services: false
+    disable_on_destroy: false
+    project: test-project-data
+    service: stackdriver.googleapis.com
+    timeouts: null
+  module.project-bq-data.google_project_service_identity.default["container.googleapis.com"]:
+    project: test-project-data
+    service: container.googleapis.com
+    timeouts: null
+
+counts:
+  google_bigquery_default_service_account: 2
+  google_bigquery_reservation: 1
+  google_project: 2
+  google_project_iam_member: 4
+  google_project_service: 8
+  google_project_service_identity: 2
+  modules: 2
+  resources: 20