kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d8d66583f8eeafd568ea2b0269c9542052d45335
hunfabric/fast/project-templates/managed-kafka/project.yaml
Ludovico Magnocavallo 2dea1224e5 Align FAST project templates project definitions to new format (#3399) 
* fix os apt registries template

* align project templates to new pf format

* align project templates to new pf format
2025-10-09 15:36:47 +02:00

60 lines
2.2 KiB
YAML
Raw Blame History

# Copyright 2025 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# FAST-compliant project definition for the Managed Kafka cluster
# TODO: edit and uncomment the following line to create the project in a folder
# parent: $folder_ids:shared
# project id can be customized here if file name cannot be changed
# name: prod-shared-managed-kafka-0
services:
- compute.googleapis.com
- logging.googleapis.com
- monitoring.googleapis.com
- kafka.googleapis.com
- dns.googleapis.com
iam:
roles/compute.admin:
- $iam_principals:service_accounts/managed-kafka/automation/rw
roles/servicedirectory.admin:
- $iam_principals:service_accounts/managed-kafka/automation/rw
roles/managedkafka.client:
- $iam_principals:service_accounts/managed-kafka/automation/rw
automation:
# TODO: edit the automation project and optionally edit resource names
project: $project_ids:iac-0
service_accounts:
rw:
description: Read/write automation service account for Managed Kafka.
bucket:
description: Terraform state bucket for Managed Kafka.
# this reuses the existing stage state bucket and creates a folder in it
name: iac-stage-state
create: false
managed_folders:
managed-kafka:
iam:
roles/storage.objectAdmin:
# the project id in the service account ref matches this file name
- $iam_principals:service_accounts/managed-kafka/automation/rw
roles/storage.objectViewer:
- $iam_principals:service_accounts/managed-kafka/automation/rw
# Edit or comment shared VPC service host
shared_vpc_service_config:
host_project: $project_ids:dev-spoke-0
network_users:
- $iam_principals:service_accounts/managed-kafka/automation/rw
Reference in New Issue View Git Blame Copy Permalink