2e7876b4c7
With this commit the folders module (now called simply 'folder') only creates a single google_folder resource. Support for creating multiple folders is no longer needed since Terraform 0.13 added for_each support to modules.
Google Cloud Folder Module
This module allows the creation and management of folders together with their individual IAM bindings and organization policies.
Examples
IAM bindings
module "folder" {
source = "./modules/folder"
parent = "organizations/1234567890"
name = "Folder name"
iam_members = {
"roles/owner" = ["group:users@example.com"]
}
iam_roles = ["roles/owner"]
}
Organization policies
module "folder" {
source = "./modules/folder"
parent = "organizations/1234567890"
name = "Folder name"
policy_boolean = {
"constraints/compute.disableGuestAttributesAccess" = true
"constraints/compute.skipDefaultNetworkCreation" = true
}
policy_list = {
"constraints/compute.trustedImageProjects" = {
inherit_from_parent = null
suggested_value = null
status = true
values = ["projects/my-project"]
}
}
}
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| name | Folder name. | string |
✓ | |
| parent | Parent in folders/folder_id or organizations/org_id format. | string |
✓ | |
| iam_members | List of IAM members keyed by role. | map(set(string)) |
null |
|
| iam_roles | List of IAM roles. | set(string) |
null |
|
| policy_boolean | Map of boolean org policies and enforcement value, set value to null for policy restore. | map(bool) |
{} |
|
| policy_list | Map of list org policies, status is true for allow, false for deny, null for restore. Values can only be used for allow or deny. | map(object({...})) |
{} |
Outputs
| name | description | sensitive |
|---|---|---|
| folder | Folder resource. | |
| id | Folder id. | |
| name | Folder name. |