From e72210f43e923d36229001c32df9b621d5102f40 Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Fri, 10 Apr 2026 17:41:55 +0200 Subject: [PATCH] Remove leftover datasets for data platform (#3854) --- fast/stages/.gitignore | 1 - .../folders/data-platform/.config.yaml | 17 --- .../folders/data-platform/dev/.config.yaml | 29 ---- .../folders/data-platform/prod/.config.yaml | 19 --- .../folders/data-platform/.config.yaml | 17 --- .../folders/data-platform/dev/.config.yaml | 29 ---- .../folders/data-platform/prod/.config.yaml | 19 --- .../folders/data-platform/.config.yaml | 25 --- .../folders/data-platform/dev/.config.yaml | 52 ------- .../folders/data-platform/prod/.config.yaml | 19 --- tests/fast/stages/s0_org_setup/hardened.yaml | 144 +++--------------- tests/fast/stages/s0_org_setup/simple.yaml | 63 ++------ 12 files changed, 39 insertions(+), 395 deletions(-) delete mode 100644 fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/.config.yaml delete mode 100644 fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/dev/.config.yaml delete mode 100644 fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/prod/.config.yaml delete mode 100644 fast/stages/0-org-setup/datasets/classic/folders/data-platform/.config.yaml delete mode 100644 fast/stages/0-org-setup/datasets/classic/folders/data-platform/dev/.config.yaml delete mode 100644 fast/stages/0-org-setup/datasets/classic/folders/data-platform/prod/.config.yaml delete mode 100644 fast/stages/0-org-setup/datasets/hardened/folders/data-platform/.config.yaml delete mode 100644 fast/stages/0-org-setup/datasets/hardened/folders/data-platform/dev/.config.yaml delete mode 100644 fast/stages/0-org-setup/datasets/hardened/folders/data-platform/prod/.config.yaml diff --git a/fast/stages/.gitignore b/fast/stages/.gitignore index 7a2da5846..e69de29bb 100644 --- a/fast/stages/.gitignore +++ b/fast/stages/.gitignore @@ -1 +0,0 @@ -!diagrams-data-platform.excalidraw diff --git a/fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/.config.yaml b/fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/.config.yaml deleted file mode 100644 index 7ea777cc8..000000000 --- a/fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/.config.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# yaml-language-server: $schema=../../../../schemas/folder.schema.json - -name: Data Platform diff --git a/fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/dev/.config.yaml b/fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/dev/.config.yaml deleted file mode 100644 index 4a833cf8f..000000000 --- a/fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/dev/.config.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# yaml-language-server: $schema=../../../../../schemas/folder.schema.json - -name: Development -iam_by_principals: - $iam_principals:service_accounts/iac-0/iac-dp-dev-rw: - - roles/logging.admin - - roles/owner - - roles/resourcemanager.folderAdmin - - roles/resourcemanager.projectCreator - - roles/compute.xpnAdmin - $iam_principals:service_accounts/iac-0/iac-dp-dev-ro: - - roles/viewer - - roles/resourcemanager.folderViewer -tag_bindings: - environment: $tag_values:environment/development diff --git a/fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/prod/.config.yaml b/fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/prod/.config.yaml deleted file mode 100644 index 4af54a114..000000000 --- a/fast/stages/0-org-setup/datasets/classic-gcd/folders/data-platform/prod/.config.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# yaml-language-server: $schema=../../../../../schemas/folder.schema.json - -name: Production -tag_bindings: - environment: $tag_values:environment/production diff --git a/fast/stages/0-org-setup/datasets/classic/folders/data-platform/.config.yaml b/fast/stages/0-org-setup/datasets/classic/folders/data-platform/.config.yaml deleted file mode 100644 index 7ea777cc8..000000000 --- a/fast/stages/0-org-setup/datasets/classic/folders/data-platform/.config.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# yaml-language-server: $schema=../../../../schemas/folder.schema.json - -name: Data Platform diff --git a/fast/stages/0-org-setup/datasets/classic/folders/data-platform/dev/.config.yaml b/fast/stages/0-org-setup/datasets/classic/folders/data-platform/dev/.config.yaml deleted file mode 100644 index 4a833cf8f..000000000 --- a/fast/stages/0-org-setup/datasets/classic/folders/data-platform/dev/.config.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# yaml-language-server: $schema=../../../../../schemas/folder.schema.json - -name: Development -iam_by_principals: - $iam_principals:service_accounts/iac-0/iac-dp-dev-rw: - - roles/logging.admin - - roles/owner - - roles/resourcemanager.folderAdmin - - roles/resourcemanager.projectCreator - - roles/compute.xpnAdmin - $iam_principals:service_accounts/iac-0/iac-dp-dev-ro: - - roles/viewer - - roles/resourcemanager.folderViewer -tag_bindings: - environment: $tag_values:environment/development diff --git a/fast/stages/0-org-setup/datasets/classic/folders/data-platform/prod/.config.yaml b/fast/stages/0-org-setup/datasets/classic/folders/data-platform/prod/.config.yaml deleted file mode 100644 index 4af54a114..000000000 --- a/fast/stages/0-org-setup/datasets/classic/folders/data-platform/prod/.config.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# yaml-language-server: $schema=../../../../../schemas/folder.schema.json - -name: Production -tag_bindings: - environment: $tag_values:environment/production diff --git a/fast/stages/0-org-setup/datasets/hardened/folders/data-platform/.config.yaml b/fast/stages/0-org-setup/datasets/hardened/folders/data-platform/.config.yaml deleted file mode 100644 index 482a2a1d3..000000000 --- a/fast/stages/0-org-setup/datasets/hardened/folders/data-platform/.config.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# yaml-language-server: $schema=../../../../schemas/folder.schema.json - -name: Data Platform -# To enforce once the constraints are provisionned -# org_policies: -# custom.iamDisableAdminServiceAccount: -# rules: -# - enforce: false -# custom.iamDisableProjectServiceAccountImpersonationRoles: -# rules: -# - enforce: false diff --git a/fast/stages/0-org-setup/datasets/hardened/folders/data-platform/dev/.config.yaml b/fast/stages/0-org-setup/datasets/hardened/folders/data-platform/dev/.config.yaml deleted file mode 100644 index d51fd1221..000000000 --- a/fast/stages/0-org-setup/datasets/hardened/folders/data-platform/dev/.config.yaml +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# yaml-language-server: $schema=../../../../../schemas/folder.schema.json - -name: Development -iam_by_principals: - $iam_principals:service_accounts/iac-0/iac-dp-dev-rw: - - roles/bigquery.admin - - roles/composer.admin - - roles/compute.xpnAdmin - - roles/dataflow.admin - - roles/iam.serviceAccountAdmin - - roles/logging.admin - - roles/pubsub.admin - - roles/resourcemanager.folderAdmin - - roles/resourcemanager.projectCreator - - roles/resourcemanager.projectDeleter - - roles/resourcemanager.projectIamAdmin - - roles/serviceusage.serviceUsageAdmin - - roles/storage.admin - $iam_principals:service_accounts/iac-0/iac-dp-dev-ro: - - roles/bigquery.dataViewer - - roles/bigquery.jobUser - - roles/browser - - roles/composer.user - - roles/datacatalog.viewer - - roles/dataflow.viewer - - roles/logging.viewer - - roles/pubsub.viewer - - roles/resourcemanager.folderViewer - - roles/resourcemanager.tagViewer - - roles/serviceusage.serviceUsageViewer - - roles/storage.bucketViewer - - roles/storage.objectViewer - - $custom_roles:folder_viewer - - $custom_roles:logging_viewer - - $custom_roles:service_account_viewer - - $custom_roles:storage_viewer -tag_bindings: - environment: $tag_values:environment/development diff --git a/fast/stages/0-org-setup/datasets/hardened/folders/data-platform/prod/.config.yaml b/fast/stages/0-org-setup/datasets/hardened/folders/data-platform/prod/.config.yaml deleted file mode 100644 index 4af54a114..000000000 --- a/fast/stages/0-org-setup/datasets/hardened/folders/data-platform/prod/.config.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# yaml-language-server: $schema=../../../../../schemas/folder.schema.json - -name: Production -tag_bindings: - environment: $tag_values:environment/production diff --git a/tests/fast/stages/s0_org_setup/hardened.yaml b/tests/fast/stages/s0_org_setup/hardened.yaml index 67d33a194..36c497d27 100644 --- a/tests/fast/stages/s0_org_setup/hardened.yaml +++ b/tests/fast/stages/s0_org_setup/hardened.yaml @@ -12,8 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -# yamllint disable rule:line-length - values: google_storage_bucket_object.providers["0-org-setup"]: bucket: ft0-prod-iac-core-0-iac-outputs @@ -45,6 +43,7 @@ values: name: providers/0-org-setup-providers.tf retention: [] source: null + source_md5hash: 2a0bbb00e4b7f1454a50ac7f26c23c05 temporary_hold: null timeouts: null google_storage_bucket_object.providers["0-org-setup-ro"]: @@ -77,6 +76,7 @@ values: name: providers/0-org-setup-ro-providers.tf retention: [] source: null + source_md5hash: 2a0bbb00e4b7f1454a50ac7f26c23c05 temporary_hold: null timeouts: null google_storage_bucket_object.providers["1-vpcsc"]: @@ -110,6 +110,7 @@ values: name: providers/1-vpcsc-providers.tf retention: [] source: null + source_md5hash: d2df90abc46524d941227a1dec12dd86 temporary_hold: null timeouts: null google_storage_bucket_object.providers["2-networking"]: @@ -143,6 +144,7 @@ values: name: providers/2-networking-providers.tf retention: [] source: null + source_md5hash: a724885c3dcc9850116aca1ef4d4fc5a temporary_hold: null timeouts: null google_storage_bucket_object.providers["2-project-factory"]: @@ -176,6 +178,7 @@ values: name: providers/2-project-factory-providers.tf retention: [] source: null + source_md5hash: 165844578c46bc04c4581139c8b8b8d4 temporary_hold: null timeouts: null google_storage_bucket_object.providers["2-security"]: @@ -209,6 +212,7 @@ values: name: providers/2-security-providers.tf retention: [] source: null + source_md5hash: 5969d3e40a61a42d849a81417a6a84eb temporary_hold: null timeouts: null google_storage_bucket_object.tfvars["globals"]: @@ -228,6 +232,7 @@ values: name: tfvars/0-globals.auto.tfvars.json retention: [] source: null + source_md5hash: cdbf79d3eff8bced040e5deccf39d765 temporary_hold: null timeouts: null google_storage_bucket_object.tfvars["org-setup"]: @@ -264,6 +269,7 @@ values: name: versions/0-org-setup-version.txt retention: [] source: fast_version.txt + source_md5hash: f20ea48e4666fcbce129cff9fa658d16 temporary_hold: null timeouts: null google_storage_bucket_object.workflows["org-setup"]: @@ -377,6 +383,7 @@ values: name: workflows/org-setup.yaml retention: [] source: null + source_md5hash: e5dc153b195e936b1c81bc33db1935c7 temporary_hold: null timeouts: null local_file.providers["0-org-setup"]: @@ -699,7 +706,9 @@ values: goog-terraform-provisioned: 'true' enable_object_retention: null encryption: - - {} + - customer_managed_encryption_enforcement_config: [] + customer_supplied_encryption_enforcement_config: [] + google_managed_encryption_enforcement_config: [] force_destroy: false hierarchical_namespace: [] ip_filter: [] @@ -794,7 +803,9 @@ values: goog-terraform-provisioned: 'true' enable_object_retention: null encryption: - - {} + - customer_managed_encryption_enforcement_config: [] + customer_supplied_encryption_enforcement_config: [] + google_managed_encryption_enforcement_config: [] force_destroy: false hierarchical_namespace: [] ip_filter: [] @@ -889,7 +900,9 @@ values: goog-terraform-provisioned: 'true' enable_object_retention: null encryption: - - {} + - customer_managed_encryption_enforcement_config: [] + customer_supplied_encryption_enforcement_config: [] + google_managed_encryption_enforcement_config: [] force_destroy: false hierarchical_namespace: [] ip_filter: [] @@ -1257,12 +1270,6 @@ values: module.factory.module.folder-1-iam["teams"].google_folder_iam_binding.authoritative["roles/storage.admin"]: condition: [] role: roles/storage.admin - module.factory.module.folder-1["data-platform"].google_folder.folder[0]: - deletion_protection: false - display_name: Data Platform - parent: organizations/1234567890 - tags: null - timeouts: null module.factory.module.folder-1["networking"].google_folder.folder[0]: deletion_protection: false display_name: Networking @@ -1283,96 +1290,6 @@ values: timeouts: null module.factory.module.folder-1["teams"].google_tags_tag_binding.binding["context"]: timeouts: null - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["$custom_roles:folder_viewer"] - : condition: [] - role: organizations/1234567890/roles/folderViewer - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["$custom_roles:logging_viewer"] - : condition: [] - role: organizations/1234567890/roles/loggingViewer - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["$custom_roles:service_account_viewer"] - : condition: [] - role: organizations/1234567890/roles/serviceAccountViewer - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["$custom_roles:storage_viewer"] - : condition: [] - role: organizations/1234567890/roles/storageViewer - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/bigquery.admin"]: - condition: [] - role: roles/bigquery.admin - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/bigquery.dataViewer"] - : condition: [] - role: roles/bigquery.dataViewer - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/bigquery.jobUser"]: - condition: [] - role: roles/bigquery.jobUser - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/browser"]: - condition: [] - role: roles/browser - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/composer.admin"]: - condition: [] - role: roles/composer.admin - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/composer.user"]: - condition: [] - role: roles/composer.user - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/compute.xpnAdmin"]: - condition: [] - role: roles/compute.xpnAdmin - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/datacatalog.viewer"] - : condition: [] - role: roles/datacatalog.viewer - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/dataflow.admin"]: - condition: [] - role: roles/dataflow.admin - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/dataflow.viewer"]: - condition: [] - role: roles/dataflow.viewer - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/iam.serviceAccountAdmin"] - : condition: [] - role: roles/iam.serviceAccountAdmin - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/logging.admin"]: - condition: [] - role: roles/logging.admin - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/logging.viewer"]: - condition: [] - role: roles/logging.viewer - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/pubsub.admin"]: - condition: [] - role: roles/pubsub.admin - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/pubsub.viewer"]: - condition: [] - role: roles/pubsub.viewer - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/resourcemanager.folderAdmin"] - : condition: [] - role: roles/resourcemanager.folderAdmin - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/resourcemanager.folderViewer"] - : condition: [] - role: roles/resourcemanager.folderViewer - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/resourcemanager.projectCreator"] - : condition: [] - role: roles/resourcemanager.projectCreator - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/resourcemanager.projectDeleter"] - : condition: [] - role: roles/resourcemanager.projectDeleter - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/resourcemanager.projectIamAdmin"] - : condition: [] - role: roles/resourcemanager.projectIamAdmin - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/resourcemanager.tagViewer"] - : condition: [] - role: roles/resourcemanager.tagViewer - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/serviceusage.serviceUsageAdmin"] - : condition: [] - role: roles/serviceusage.serviceUsageAdmin - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/serviceusage.serviceUsageViewer"] - : condition: [] - role: roles/serviceusage.serviceUsageViewer - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/storage.admin"]: - condition: [] - role: roles/storage.admin - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/storage.bucketViewer"] - : condition: [] - role: roles/storage.bucketViewer - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/storage.objectViewer"] - : condition: [] - role: roles/storage.objectViewer ? module.factory.module.folder-2-iam["networking/dev"].google_folder_iam_binding.authoritative["$custom_roles:project_iam_viewer"] : condition: [] role: organizations/1234567890/roles/projectIamViewer @@ -1386,20 +1303,6 @@ values: ? module.factory.module.folder-2-iam["security/dev"].google_folder_iam_binding.authoritative["$custom_roles:cloudkms_viewer"] : condition: [] role: organizations/1234567890/roles/cloudKmsViewer - module.factory.module.folder-2["data-platform/dev"].google_folder.folder[0]: - deletion_protection: false - display_name: Development - tags: null - timeouts: null - module.factory.module.folder-2["data-platform/dev"].google_tags_tag_binding.binding["environment"]: - timeouts: null - module.factory.module.folder-2["data-platform/prod"].google_folder.folder[0]: - deletion_protection: false - display_name: Production - tags: null - timeouts: null - module.factory.module.folder-2["data-platform/prod"].google_tags_tag_binding.binding["environment"]: - timeouts: null module.factory.module.folder-2["networking/dev"].google_folder.folder[0]: deletion_protection: false display_name: Development @@ -8510,8 +8413,8 @@ counts: google_bigquery_default_service_account: 2 google_billing_account_iam_member: 6 google_essential_contacts_contact: 1 - google_folder: 10 - google_folder_iam_binding: 104 + google_folder: 7 + google_folder_iam_binding: 74 google_kms_crypto_key: 3 google_kms_crypto_key_iam_member: 3 google_kms_key_ring: 3 @@ -8541,13 +8444,13 @@ counts: google_storage_managed_folder: 4 google_storage_managed_folder_iam_binding: 8 google_storage_project_service_account: 3 - google_tags_tag_binding: 7 + google_tags_tag_binding: 5 google_tags_tag_key: 3 google_tags_tag_value: 6 google_tags_tag_value_iam_binding: 4 local_file: 9 - modules: 56 - resources: 710 + modules: 52 + resources: 675 terraform_data: 4 outputs: @@ -8562,3 +8465,4 @@ outputs: gcp-support: group:gcp-support@example.org projects: __missing__ tfvars: __missing__ + diff --git a/tests/fast/stages/s0_org_setup/simple.yaml b/tests/fast/stages/s0_org_setup/simple.yaml index 0f08d1f96..f210a0f22 100644 --- a/tests/fast/stages/s0_org_setup/simple.yaml +++ b/tests/fast/stages/s0_org_setup/simple.yaml @@ -12,8 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -# yamllint disable rule:line-length - values: google_storage_bucket_object.providers["0-org-setup"]: bucket: ft0-prod-iac-core-0-iac-outputs @@ -45,6 +43,7 @@ values: name: providers/0-org-setup-providers.tf retention: [] source: null + source_md5hash: 2a0bbb00e4b7f1454a50ac7f26c23c05 temporary_hold: null timeouts: null google_storage_bucket_object.providers["0-org-setup-ro"]: @@ -77,6 +76,7 @@ values: name: providers/0-org-setup-ro-providers.tf retention: [] source: null + source_md5hash: 2a0bbb00e4b7f1454a50ac7f26c23c05 temporary_hold: null timeouts: null google_storage_bucket_object.providers["1-vpcsc"]: @@ -110,6 +110,7 @@ values: name: providers/1-vpcsc-providers.tf retention: [] source: null + source_md5hash: d2df90abc46524d941227a1dec12dd86 temporary_hold: null timeouts: null google_storage_bucket_object.providers["2-networking"]: @@ -143,6 +144,7 @@ values: name: providers/2-networking-providers.tf retention: [] source: null + source_md5hash: a724885c3dcc9850116aca1ef4d4fc5a temporary_hold: null timeouts: null google_storage_bucket_object.providers["2-project-factory"]: @@ -176,6 +178,7 @@ values: name: providers/2-project-factory-providers.tf retention: [] source: null + source_md5hash: 165844578c46bc04c4581139c8b8b8d4 temporary_hold: null timeouts: null google_storage_bucket_object.providers["2-security"]: @@ -209,6 +212,7 @@ values: name: providers/2-security-providers.tf retention: [] source: null + source_md5hash: 5969d3e40a61a42d849a81417a6a84eb temporary_hold: null timeouts: null google_storage_bucket_object.tfvars["globals"]: @@ -228,6 +232,7 @@ values: name: tfvars/0-globals.auto.tfvars.json retention: [] source: null + source_md5hash: cdbf79d3eff8bced040e5deccf39d765 temporary_hold: null timeouts: null google_storage_bucket_object.tfvars["org-setup"]: @@ -264,6 +269,7 @@ values: name: versions/0-org-setup-version.txt retention: [] source: fast_version.txt + source_md5hash: f20ea48e4666fcbce129cff9fa658d16 temporary_hold: null timeouts: null google_storage_bucket_object.workflows["org-setup"]: @@ -377,6 +383,7 @@ values: name: workflows/org-setup.yaml retention: [] source: null + source_md5hash: e5dc153b195e936b1c81bc33db1935c7 temporary_hold: null timeouts: null local_file.providers["0-org-setup"]: @@ -974,12 +981,6 @@ values: module.factory.module.folder-1-iam["teams"].google_folder_iam_binding.authoritative["roles/viewer"]: condition: [] role: roles/viewer - module.factory.module.folder-1["data-platform"].google_folder.folder[0]: - deletion_protection: false - display_name: Data Platform - parent: organizations/1234567890 - tags: null - timeouts: null module.factory.module.folder-1["networking"].google_folder.folder[0]: deletion_protection: false display_name: Networking @@ -1000,27 +1001,6 @@ values: timeouts: null module.factory.module.folder-1["teams"].google_tags_tag_binding.binding["context"]: timeouts: null - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/compute.xpnAdmin"]: - condition: [] - role: roles/compute.xpnAdmin - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/logging.admin"]: - condition: [] - role: roles/logging.admin - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/owner"]: - condition: [] - role: roles/owner - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/resourcemanager.folderAdmin"] - : condition: [] - role: roles/resourcemanager.folderAdmin - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/resourcemanager.folderViewer"] - : condition: [] - role: roles/resourcemanager.folderViewer - ? module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/resourcemanager.projectCreator"] - : condition: [] - role: roles/resourcemanager.projectCreator - module.factory.module.folder-2-iam["data-platform/dev"].google_folder_iam_binding.authoritative["roles/viewer"]: - condition: [] - role: roles/viewer ? module.factory.module.folder-2-iam["networking/dev"].google_folder_iam_binding.authoritative["$custom_roles:project_iam_viewer"] : condition: [] role: organizations/1234567890/roles/projectIamViewer @@ -1031,20 +1011,6 @@ values: \ 'organizations/1234567890/roles/serviceProjectNetworkAdmin'\n])\n" title: Data platform dev delegated IAM grant. role: roles/resourcemanager.projectIamAdmin - module.factory.module.folder-2["data-platform/dev"].google_folder.folder[0]: - deletion_protection: false - display_name: Development - tags: null - timeouts: null - module.factory.module.folder-2["data-platform/dev"].google_tags_tag_binding.binding["environment"]: - timeouts: null - module.factory.module.folder-2["data-platform/prod"].google_folder.folder[0]: - deletion_protection: false - display_name: Production - tags: null - timeouts: null - module.factory.module.folder-2["data-platform/prod"].google_tags_tag_binding.binding["environment"]: - timeouts: null module.factory.module.folder-2["networking/dev"].google_folder.folder[0]: deletion_protection: false display_name: Development @@ -2905,8 +2871,8 @@ counts: google_bigquery_default_service_account: 2 google_billing_account_iam_member: 6 google_essential_contacts_contact: 1 - google_folder: 10 - google_folder_iam_binding: 44 + google_folder: 7 + google_folder_iam_binding: 37 google_logging_organization_settings: 1 google_logging_organization_sink: 3 google_logging_project_bucket_config: 3 @@ -2931,13 +2897,13 @@ counts: google_storage_managed_folder: 4 google_storage_managed_folder_iam_binding: 8 google_storage_project_service_account: 3 - google_tags_tag_binding: 7 + google_tags_tag_binding: 5 google_tags_tag_key: 3 google_tags_tag_value: 5 google_tags_tag_value_iam_binding: 4 local_file: 9 - modules: 48 - resources: 320 + modules: 44 + resources: 308 terraform_data: 4 outputs: @@ -2952,3 +2918,4 @@ outputs: gcp-support: group:gcp-support@example.org projects: __missing__ tfvars: __missing__ +