kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e49b2d686ff2f6c3e1835887f20289fa9c005a08
hunfabric/modules/workstation-cluster
History
Jay Bana 2a2c4a96ce Add support for sqlAssertion AutoDQ rule type in dataplex-datascan (#2416) 
* Add sql_assertion rule type to Dataplex AutoDQ data_quality_spec

* Fix broken link to API reference public doc for DQ spec

* Update README.md after linting

* Add example tests for dataplex-datascan

* Bump provider versions

* Bump provider versions everywhere
2024-07-09 21:29:45 +00:00
..
iam.tf
Minor fixes in workstations IAM (#2375)
2024-06-24 08:59:29 +02:00
main.tf
fis issues with private workstation-cluster module and persistent_directories (#2247)
2024-05-02 06:09:10 +00:00
outputs.tf
Added workstation-cluster module
2023-11-30 07:02:28 +01:00
README.md
remove default location from remaining modules (#2304)
2024-05-24 09:20:53 +02:00
variables.tf
remove default location from remaining modules (#2304)
2024-05-24 09:20:53 +02:00
versions.tf
Add support for sqlAssertion AutoDQ rule type in dataplex-datascan (#2416)
2024-07-09 21:29:45 +00:00

README.md

Workstation cluster

This module allows to create a workstation cluster with associated workstation configs and workstations. In addition to this it allows to set up IAM bindings for the workstation configs and the workstations.

Simple example

Simple example showing how to create a cluster with publicly accessible workstations using the default base image.

module "workstation-cluster" {
  source     = "./fabric/modules/workstation-cluster"
  project_id = var.project_id
  id         = "my-workstation-cluster"
  location   = var.region
  network_config = {
    network    = var.vpc.self_link
    subnetwork = var.subnet.self_link
  }
  workstation_configs = {
    my-workstation-config = {
      workstations = {
        my-workstation = {
          labels = {
            team = "my-team"
          }
        }
      }
    }
  }
}
# tftest modules=1 resources=3 inventory=simple.yaml

Private cluster

Example showing how to create a cluster with a privately accessible workstation using the default base image.

module "workstation-cluster" {
  source     = "./fabric/modules/workstation-cluster"
  project_id = var.project_id
  id         = "my-workstation-cluster"
  location   = var.region
  network_config = {
    network    = var.vpc.self_link
    subnetwork = var.subnet.self_link
  }
  private_cluster_config = {
    enable_private_endpoint = true
  }
  workstation_configs = {
    my-workstation-config = {
      gce_instance = {
        disable_public_ip_addresses = true
      }
      workstations = {
        my-workstation = {
          labels = {
            team = "my-team"
          }
        }
      }
    }
  }
}
# tftest modules=1 resources=3 inventory=private-cluster.yaml

Custom image

Example showing how to create a cluster with publicly accessible workstation that run a custom image.

module "workstation-cluster" {
  source     = "./fabric/modules/workstation-cluster"
  project_id = var.project_id
  id         = "my-workstation-cluster"
  location   = var.region
  network_config = {
    network    = var.vpc.self_link
    subnetwork = var.subnet.self_link
  }
  workstation_configs = {
    my-workstation-config = {
      container = {
        image = "repo/my-image:v10.0.0"
        args  = ["--arg1", "value1", "--arg2", "value2"]
        env = {
          VAR1 = "VALUE1"
          VAR2 = "VALUE2"
        }
        working_dir = "/my-dir"
      }
      workstations = {
        my-workstation = {
          labels = {
            team = "my-team"
          }
        }
      }
    }
  }
}
# tftest modules=1 resources=3 inventory=custom-image.yaml

IAM

Example showing how to grant IAM roles on the workstation configuration or workstation.

module "workstation-cluster" {
  source     = "./fabric/modules/workstation-cluster"
  project_id = var.project_id
  id         = "my-workstation-cluster"
  location   = var.region
  network_config = {
    network    = var.vpc.self_link
    subnetwork = var.subnet.self_link
  }
  workstation_configs = {
    my-workstation-config = {
      workstations = {
        my-workstation = {
          labels = {
            team = "my-team"
          }
          iam = {
            "roles/workstations.user" = ["user:user1@my-org.com"]
          }
        }
      }
      iam = {
        "roles/viewer" = ["group:group1@my-org.com"]
      }
      iam_bindings = {
        workstations-config-viewer = {
          role    = "roles/viewer"
          members = ["group:group2@my-org.com"]
          condition = {
            title      = "limited-access"
            expression = "resource.name.startsWith('my-')"
          }
        }
      }
      iam_bindings_additive = {
        workstations-config-editor = {
          role   = "roles/editor"
          member = "group:group3@my-org.com"
          condition = {
            title      = "limited-access"
            expression = "resource.name.startsWith('my-')"
          }
        }
      }
    }
  }
}
# tftest modules=1 resources=7 inventory=iam.yaml

Variables

name description type required default
id Workstation cluster ID. string
location Location. string
network_config Network configuration. object({…})
project_id Cluster ID. string
workstation_configs Workstation configurations. map(object({…}))
annotations Workstation cluster annotations. map(string) {}
display_name Display name. string null
domain Domain. string null
labels Workstation cluster labels. map(string) {}
private_cluster_config Private cluster config. object({…}) {}

Outputs

name description sensitive
cluster_hostname Cluster hostname.
id Workstation cluster id.
service_attachment_uri Workstation service attachment URI.
workstation_configs Workstation configurations.
workstations Workstations.