diff --git a/modules/project-factory/README.md b/modules/project-factory/README.md index b19b98453..6faa885aa 100644 --- a/modules/project-factory/README.md +++ b/modules/project-factory/README.md @@ -214,16 +214,19 @@ The following table lists the available context interpolations. External context | | | | IaC service accounts | | | | | other project service accounts | | | | | other project IaC service accounts | +| | | | project number in principals | | project | tag bindings | `tag_values` | | | project | IAM principals | `iam_principals` | project service accounts | | | | | IaC service accounts | | | | | other project service accounts | | | | | other project service agents | | | | | other project IaC service accounts | +| | | | project number in principals | | bucket | IAM principals | `iam_principals` | project service accounts | | | | | IaC service accounts | | | | | other project service accounts | | | | | other project IaC service accounts | +| | | | project number in principals | | service account | IAM projects | `vpc_host_projects` | | | service account | `iam_sa_roles` | | service accounts in the same project | | IaC bucket | IAM principals | `iam_principals` | IaC service accounts | diff --git a/modules/project-factory/main.tf b/modules/project-factory/main.tf index 8976bdb2b..71022959e 100644 --- a/modules/project-factory/main.tf +++ b/modules/project-factory/main.tf @@ -155,7 +155,9 @@ module "projects-iam" { # passthrough + error handling using tonumber until Terraform gets fail/raise function ( strcontains(vv, ":") - ? vv + ? templatestring( + vv, { project_number = module.projects[each.key].number } + ) : tonumber("[Error] Invalid member: '${vv}' in project '${each.key}'") ) ) @@ -180,7 +182,9 @@ module "projects-iam" { # passthrough + error handling using tonumber until Terraform gets fail/raise function ( strcontains(vv, ":") - ? vv + ? templatestring( + vv, { project_number = module.projects[each.key].number } + ) : tonumber("[Error] Invalid member: '${vv}' in project '${each.key}'") ) ) @@ -206,7 +210,9 @@ module "projects-iam" { # passthrough + error handling using tonumber until Terraform gets fail/raise function ( strcontains(v.member, ":") - ? v.member + ? templatestring( + v.member, { project_number = module.projects[each.key].number } + ) : tonumber("[Error] Invalid member: '${v.member}' in project '${each.key}'") ) ) @@ -231,7 +237,9 @@ module "projects-iam" { # passthrough + error handling using tonumber until Terraform gets fail/raise function ( strcontains(k, ":") - ? k + ? templatestring( + k, { project_number = module.projects[each.key].number } + ) : tonumber("[Error] Invalid member: '${k}' in project '${each.key}'") ) ) => [ @@ -267,7 +275,9 @@ module "projects-iam" { # passthrough + error handling using tonumber until Terraform gets fail/raise function ( strcontains(v.member, ":") - ? v.member + ? templatestring( + v.member, { project_number = module.projects[each.key].number } + ) : tonumber("[Error] Invalid member: '${v.member}' in project '${each.key}'") ) ) @@ -290,7 +300,9 @@ module "projects-iam" { # passthrough + error handling using tonumber until Terraform gets fail/raise function ( strcontains(vv, ":") - ? vv + ? templatestring( + vv, { project_number = module.projects[each.key].number } + ) : tonumber("[Error] Invalid member: '${vv}' in project '${each.key}'") ) ) @@ -329,7 +341,9 @@ module "buckets" { # passthrough + error handling using tonumber until Terraform gets fail/raise function ( strcontains(vv, ":") - ? vv + ? templatestring( + vv, { project_number = module.projects[each.key].number } + ) : tonumber("[Error] Invalid member: '${vv}' in project '${each.value.project_key}'") ) ) @@ -352,7 +366,9 @@ module "buckets" { # passthrough + error handling using tonumber until Terraform gets fail/raise function ( strcontains(vv, ":") - ? vv + ? templatestring( + vv, { project_number = module.projects[each.key].number } + ) : tonumber("[Error] Invalid member: '${vv}' in project '${each.value.project}'") ) ) @@ -375,7 +391,9 @@ module "buckets" { # passthrough + error handling using tonumber until Terraform gets fail/raise function ( strcontains(v.member, ":") - ? v.member + ? templatestring( + v.member, { project_number = module.projects[each.key].number } + ) : tonumber("[Error] Invalid member: '${v.member}' in project '${each.value.project}'") ) )