Rename examples folder to blueprints

blueprints/cloud-operations/dns-shared-vpc/examples/shared-vpc-example/README.md

@@ -0,0 +1,33 @@
+# Usage
+
+/!\ Requires Terraform version 12.20 at least. Visit https://releases.hashicorp.com/terraform/ to get it.
+
+You need to add your own `terraform.tfvars` with the following values:
+``` terraform
+organization_id = "<YOUR ORG ID>"
+billing_account = "<YOUR BILLING ACCOUNT ID>"
+```
+
+You should create a `backend.tf` file with the following configuration:
+``` terraform
+terraform {
+  required_providers {
+    google = ">= 3.51.0"
+    google-beta = ">= 3.51.0"
+  }
+
+  backend "gcs" {
+    bucket = "<YOUR BUCKET FOR THE TERRAFORM STATE>"
+    prefix = "<NAME FOR THE TERRAFORM STATE FOLDER>"
+  }
+}
+```
+
+# Testing
+
+Optionally, you can rename `test.example` into `test.tf`.
+This file will create 2 VM instances and corresponding DNS records so you can easily test this solution.
+
+# Clean Up
+
+Run `terraform destroy` to clean up all resources created by this terraform code.

blueprints/cloud-operations/dns-shared-vpc/examples/shared-vpc-example/network.tf

@@ -0,0 +1,43 @@
+/**
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module "shared-vpc" {
+  source = "../../../../modules/net-vpc"
+
+  project_id = module.project-host.project_id
+  name       = "shared-vpc"
+
+  subnets = [
+    {
+      name               = "subnet-01"
+      ip_cidr_range      = "10.10.1.0/24"
+      region             = var.region
+      secondary_ip_range = {}
+    }
+  ]
+}
+
+# cloud DNS configuration
+module "cloud-dns" {
+  source = "../../"
+
+  billing_account = var.billing_account
+  folder_id       = module.folder.id
+  shared_vpc_link = module.shared-vpc.self_link
+
+  teams      = var.teams
+  dns_domain = var.dns_domain
+}

blueprints/cloud-operations/dns-shared-vpc/examples/shared-vpc-example/outputs.tf

@@ -0,0 +1,25 @@
+/**
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "host_project_id" {
+  description = "Shared VPC Host project id."
+  value       = module.project-host.project_id
+}
+
+output "shared_vpc_self_link" {
+  description = "Shared VPC Self link."
+  value       = module.shared-vpc.self_link
+}

blueprints/cloud-operations/dns-shared-vpc/examples/shared-vpc-example/projects.tf

@@ -0,0 +1,74 @@
+/**
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+# root folder
+module "folder" {
+  source = "../../../../modules/folder"
+  parent = "organizations/${var.organization_id}"
+  name   = var.prefix
+}
+
+# Generating a random id for project ids
+resource "random_id" "id" {
+  byte_length = 4
+}
+
+# Creating the host project
+module "project-host" {
+  source = "../../../../modules/project"
+
+  parent          = module.folder.id
+  billing_account = var.billing_account
+  prefix          = var.prefix
+  name            = "${random_id.id.hex}-${var.host_project}"
+  services        = var.project_services
+
+  shared_vpc_host_config = {
+    enabled          = true
+    service_projects = [] # defined later
+  }
+}
+
+# Note that by default, this module doesn't create the default Network.
+module "project-service-1" {
+  source = "../../../../modules/project"
+
+  parent          = module.folder.id
+  billing_account = var.billing_account
+  prefix          = var.prefix
+  name            = "${random_id.id.hex}-${var.service_projects[0]}"
+  services        = var.project_services
+
+  shared_vpc_service_config = {
+    attach       = true
+    host_project = module.project-host.project_id
+  }
+}
+
+module "project-service-2" {
+  source = "../../../../modules/project"
+
+  parent          = module.folder.id
+  billing_account = var.billing_account
+  prefix          = var.prefix
+  name            = "${random_id.id.hex}-${var.service_projects[1]}"
+  services        = var.project_services
+
+  shared_vpc_service_config = {
+    attach       = true
+    host_project = module.project-host.project_id
+  }
+}

blueprints/cloud-operations/dns-shared-vpc/examples/shared-vpc-example/test.example

@@ -0,0 +1,108 @@
+/**
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+ # This file is only for testing purposes
+
+# Creating 2 VMs, one in each service project
+module "vm1" {
+  source     = "../../../../modules/compute-vm"
+  project_id = module.project-service-1.project_id
+  region     = var.region
+  name       = "test-vm"
+  network_interfaces = [{
+    network    = module.shared-vpc.self_link
+    subnetwork = module.shared-vpc.subnet_self_links["${var.region}/subnet-01"]
+    nat        = false
+    addresses  = null
+  }]
+  tags = ["test-dns"]
+}
+
+module "vm2" {
+  source     = "../../../../modules/compute-vm"
+  project_id = module.project-service-2.project_id
+  region     = var.region
+  name       = "test-vm"
+  network_interfaces = [{
+    network    = module.shared-vpc.self_link
+    subnetwork = module.shared-vpc.subnet_self_links["${var.region}/subnet-01"]
+    nat        = false
+    addresses  = null
+  }]
+  tags = ["test-dns"]
+}
+
+# Creating firewall rule for ICMP and SSH
+resource "google_compute_firewall" "test-firewall" {
+  name    = "test-firewall"
+  project = module.project-host.project_id
+  network = module.shared-vpc.self_link
+
+  allow {
+    protocol = "icmp"
+  }
+
+  allow {
+    protocol = "tcp"
+    ports    = ["22"]
+  }
+
+  target_tags = ["test-dns"]
+}
+
+# Creating DNS records
+resource "google_dns_record_set" "record-vm1" {
+  name         = "test.${var.teams[0]}.${var.dns_domain}."
+  # Extracting project ID from the VPC self link
+  project  = regex("/projects/(.*?)/.*", module.cloud-dns.teams_dns_networks[var.teams[0]].network.self_link)[0]
+  managed_zone = var.teams[0]
+  type         = "A"
+  ttl          = 300
+
+  rrdatas = [module.vm1.internal_ips[0]]
+}
+
+resource "google_dns_record_set" "record-vm2" {
+  name         = "test.${var.teams[1]}.${var.dns_domain}."
+  # Extracting project ID from the VPC self link
+  project  = regex("/projects/(.*?)/.*", module.cloud-dns.teams_dns_networks[var.teams[1]].network.self_link)[0]
+  managed_zone = var.teams[1]
+  type         = "A"
+  ttl          = 300
+
+  rrdatas = [module.vm2.internal_ips[0]]
+}
+
+# Next step: SSH to the instances and ensure you can resolve the above DNS records
+
+/* Example:
+legranda@test-vm1:~$ ping test.appteam1.prod.internal
+PING test.appteam1.prod.internal (10.10.1.2) 56(84) bytes of data.
+64 bytes from test-vm1.europe-west1-c.c.test-dns-app-team1.internal (10.10.1.2): icmp_seq=1 ttl=64 time=0.020 ms
+64 bytes from test-vm1.europe-west1-c.c.test-dns-app-team1.internal (10.10.1.2): icmp_seq=2 ttl=64 time=0.031 ms
+^C
+--- test.appteam1.prod.internal ping statistics ---
+2 packets transmitted, 2 received, 0% packet loss, time 1029ms
+rtt min/avg/max/mdev = 0.020/0.025/0.031/0.007 ms
+legranda@test-vm1:~$ ping test.appteam2.prod.internal
+PING test.appteam2.prod.internal (10.10.1.3) 56(84) bytes of data.
+64 bytes from test-vm2.europe-west1-c.c.test-dns-app-team2.internal (10.10.1.3): icmp_seq=1 ttl=64 time=1.43 ms
+64 bytes from test-vm2.europe-west1-c.c.test-dns-app-team2.internal (10.10.1.3): icmp_seq=2 ttl=64 time=0.207 ms
+^C
+--- test.appteam2.prod.internal ping statistics ---
+2 packets transmitted, 2 received, 0% packet loss, time 1001ms
+rtt min/avg/max/mdev = 0.207/0.821/1.436/0.615 ms
+*/

blueprints/cloud-operations/dns-shared-vpc/examples/shared-vpc-example/variables.tf

@@ -0,0 +1,65 @@
+/**
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "host_project" {
+  description = "Host project name."
+  default     = "host"
+}
+
+variable "service_projects" {
+  description = "List of service project names."
+  type        = list(any)
+  default = [
+    "app-team1",
+    "app-team2",
+  ]
+}
+
+variable "region" {
+  description = "Region in which to create the subnet."
+  default     = "europe-west1"
+}
+
+variable "project_services" {
+  description = "Service APIs enabled by default in new projects."
+  default = [
+    "compute.googleapis.com",
+    "dns.googleapis.com",
+  ]
+}
+
+variable "organization_id" {
+  description = "The organization ID."
+}
+
+variable "billing_account" {
+  description = "The ID of the billing account to associate this project with."
+}
+
+variable "prefix" {
+  description = "Customer name to use as prefix for resources' naming."
+  default     = "test-dns"
+}
+
+variable "dns_domain" {
+  description = "DNS domain under which each application team DNS domain will be created."
+  default     = "prod.internal"
+}
+
+variable "teams" {
+  description = "List of teams that require their own Cloud DNS instance."
+  default     = ["appteam1", "appteam2"]
+}