diff --git a/modules/project-factory/factory-projects-object.tf b/modules/project-factory/factory-projects-object.tf index 0703beafb..e23b818c8 100644 --- a/modules/project-factory/factory-projects-object.tf +++ b/modules/project-factory/factory-projects-object.tf @@ -116,7 +116,7 @@ locals { ) } _projects_output = { - for k, v in local._projects_input : lookup(v, "name", k) => merge(v, { + for k, v in local._projects_input : k => merge(v, { billing_account = try(coalesce( local.__projects_config.data_overrides.billing_account, try(v.billing_account, null), @@ -171,6 +171,7 @@ locals { try(v.metric_scopes, null), local.__projects_config.data_defaults.metric_scopes ) + name = lookup(v, "name", k) org_policies = try(v.org_policies, {}) parent = coalesce( local.__projects_config.data_overrides.parent, diff --git a/modules/project-factory/factory-projects.tf b/modules/project-factory/factory-projects.tf index deb619822..6efcc9c32 100644 --- a/modules/project-factory/factory-projects.tf +++ b/modules/project-factory/factory-projects.tf @@ -60,7 +60,8 @@ locals { buckets = flatten([ for k, v in local.projects : [ for name, opts in v.buckets : { - project = k + project_key = k + project_name = v.name name = name description = lookup(opts, "description", "Terraform-managed.") encryption_key = lookup(opts, "encryption_key", null) @@ -88,10 +89,10 @@ locals { ] ]) service_accounts = flatten([ - for k, v in local.projects : [ - for name, opts in v.service_accounts : { - project = k - name = name + for k, project in local.projects : [ + for name, opts in project.service_accounts : { + project_key = k + name = name display_name = coalesce( try(var.data_overrides.service_accounts.display_name, null), try(opts.display_name, null), diff --git a/modules/project-factory/main.tf b/modules/project-factory/main.tf index 6787c0cf0..d6ee531c6 100644 --- a/modules/project-factory/main.tf +++ b/modules/project-factory/main.tf @@ -195,19 +195,19 @@ module "projects-iam" { module "buckets" { source = "../gcs" for_each = { - for k in local.buckets : "${k.project}/${k.name}" => k + for k in local.buckets : "${k.project_key}/${k.name}" => k } - project_id = module.projects[each.value.project].project_id + project_id = module.projects[each.value.project_key].project_id prefix = each.value.prefix - name = "${each.value.project}-${each.value.name}" + name = "${each.value.project_name}-${each.value.name}" encryption_key = each.value.encryption_key iam = { for k, v in each.value.iam : k => [ for vv in v : try( # project service accounts - module.service-accounts["${each.value.project}/${vv}"].iam_email, + module.service-accounts["${each.value.project_key}/${vv}"].iam_email, # automation service account - local.context.iam_principals["${each.value.project}/${vv}"], + local.context.iam_principals["${each.value.project_key}/${vv}"], # other projects service accounts module.service-accounts[vv].iam_email, # other automation service account @@ -265,9 +265,9 @@ module "buckets" { module "service-accounts" { source = "../iam-service-account" for_each = { - for k in local.service_accounts : "${k.project}/${k.name}" => k + for k in local.service_accounts : "${k.project_key}/${k.name}" => k } - project_id = module.projects[each.value.project].project_id + project_id = module.projects[each.value.project_key].project_id name = each.value.name display_name = each.value.display_name iam_project_roles = merge( @@ -276,7 +276,7 @@ module "service-accounts" { lookup(var.factories_config.context.vpc_host_projects, k, k) => v }, each.value.iam_self_roles == null ? {} : { - (module.projects[each.value.project].project_id) = each.value.iam_self_roles + (module.projects[each.value.project_key].project_id) = each.value.iam_self_roles } ) }