eaa420534b
* feat(agent-engine): add support for container and custom image specs - Add container_config to deployment_files. - Add image_spec with build_args to source_config. - Make agent_framework optional and document supported values. - Implement dynamic specs for container and source deployments. - Add examples and automated tests for new deployment types. * chore: update Google provider version to 7.28.0 across modules Mechanical update of versions.tf and versions.tofu files using tools/versions.py. * feat(agent-engine): refactor for container deployments and API alignment - Group deployment settings under 'deployment_config' (renamed from 'deployment_files'). - Support container-based deployments via 'container_config' and 'image_spec'. - Refactor 'source_files_config' (renamed from 'source_config') to include mutually exclusive 'python_spec' and 'image_spec'. - Support 'developer_connect_config' as a source code type. - Group engine settings (framework, env, secrets) under 'agent_engine_config'. - Add support for 'memory_bank_config' persistent memory. - Overhaul reasoning engine resources with dynamic blocks to match provider schema. - Update all documentation examples, add TOC, and refresh test inventories. * Update dynamic python_spec block and related example yamls * Ignore changes setting for developer_connect_source under lifecycle management * fixing review comments for `try` and default path for `source_path` --------- Co-authored-by: Hemanand <hemr@google.com> Co-authored-by: Julio Castillo <jccb@google.com>
Cloud Identity Group Module
This module allows creating a Cloud Identity group and assigning members.
Usage
To use this module you must either run terraform as a user that has the Groups Admin role in Cloud Identity or enable domain-wide delegation to the service account used by terraform. If you use a service account, you must also grant that service account the Groups Admin role in Cloud Identity.
Please note that the underlying terraform resources only allow the creation of groups with members that are part of the organization. If you want to create memberships for identities outside your own organization, you have to manually allow members outside your organization in the Cloud Identity admin console.
As of version 4.34 of the GCP Terraform provider one operation is not working:
- removing a group that has at least one OWNER managed by terraform (bug)
Until that bug is fixed, this module will only support the creation of MEMBER and MANAGER memberships.
Examples
Simple Group
module "group" {
source = "./fabric/modules/cloud-identity-group"
customer_id = "customers/C01234567"
name = "mygroup@example.com"
display_name = "My group name"
description = "My group Description"
members = [
"user1@example.com",
"user2@example.com",
"service-account@my-gcp-project.iam.gserviceaccount.com"
]
}
# tftest modules=1 resources=4 inventory=members.yaml
Group with managers
module "group" {
source = "./fabric/modules/cloud-identity-group"
customer_id = "customers/C01234567"
name = "mygroup2@example.com"
display_name = "My group name 2"
description = "My group 2 Description"
members = [
"user1@example.com",
"user2@example.com",
"service-account@my-gcp-project.iam.gserviceaccount.com"
]
managers = [
"user3@example.com"
]
}
# tftest modules=1 resources=5
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| customer_id | Directory customer ID in the form customers/C0xxxxxxx. | string |
✓ | |
| display_name | Group display name. | string |
✓ | |
| name | Group ID (usually an email). | string |
✓ | |
| description | Group description. | string |
null |
|
| managers | List of group managers. | list(string) |
[] |
|
| members | List of group members. | list(string) |
[] |
Outputs
| name | description | sensitive |
|---|---|---|
| id | Fully qualified group id. | |
| name | Group name. |