be3c461cf9
* preliminary net-ilb module, untested * outputs * fix basic mistakes, add initial test * test variable defaults on all resources * README stub * net-ilb module fixes and example * compute-vm module fixes * fix test * remove mig from compute vm module * split out mig from compute-vm (untested) * split out mig from compute-vm (untested) * fix mig versions * small fixes and examples for mig module * Update README.md * Update README.md * switch mig to using a single variable for both region and zone
Terraform modules suite for Google Cloud
The modules collected in this folder are designed as a suite: they are meant to be composed together, and are designed to be forked and modified where use of third party code and sources is not allowed.
Modules try to stay close to the low level provider resources they encapsulate, and they all share a similar interface that combines management of one resource or set or resources, and the corresponding IAM bindings.
Authoritative IAM bindings are primarily used (e.g. google_storage_bucket_iam_binding for GCS buckets) so that each module is authoritative for specific roles on the resources it manages, and can neutralize or reconcile IAM changes made elsewhere.
Specific modules also offer support for non-authoritative bindings (e.g. google_storage_bucket_iam_member for service accounts), to allow granular permission management on resources that they don't manage directly.
Foundational modules
Networking modules
- address reservation
- Cloud DNS
- Cloud NAT
- VPC
- VPC firewall
- VPC peering
- VPN static
- VPN dynamic
- VPN HA)
- TODO: xLB modules
Compute/Container
- COS container (coredns, mysql, onprem, squid)
- GKE cluster
- GKE nodepool
- VM/VM group