KEMBAR78
GitHub - terraform-google-modules/terraform-google-folders: Creates several Google Cloud folders under the same parent
Skip to content

terraform-google-modules/terraform-google-folders

terraform-google-folders

This module helps create several folders under the same parent, enforcing consistent permissions, and with a common naming convention.

The resources/services/activations/deletions that this module will create/trigger are:

  • Create folders with the provided names
  • Assign the defined permissions to the provided list of users or groups.

Compatibility

This module is meant for use with Terraform 0.13+ and tested using Terraform 1.0+. If you find incompatibilities using Terraform >=0.13, please open an issue. If you haven't upgraded and need a Terraform 0.12.x-compatible version of this module, the last released version intended for Terraform 0.12.x is 2.0.2.

Usage

Basic usage of this module is as follows:

module "folders" {
  source  = "terraform-google-modules/folders/google"
  version = "~> 5.1"

  parent  = "folders/65552901371"

  names = [
    "dev",
    "staging",
    "production",
  ]

  set_roles = true

  per_folder_admins = {
    dev = {
      members = [
        "group:gcp-developers@domain.com"
      ],
    },
    staging = {
      members = [
        "group:gcp-qa@domain.com"
      ],
    }
    production = {
      members = [
        "group:gcp-ops@domain.com"
      ],
    }
  }

  all_folder_admins = [
    "group:gcp-security@domain.com",
  ]
}

Functional examples are included in the examples directory.

Inputs

Name Description Type Default Required
all_folder_admins List of IAM-style members that will get the extended permissions across all the folders. list(string) [] no
deletion_protection Prevent Terraform from destroying or recreating the folder. bool true no
folder_admin_roles List of roles that will be applied to a folder if roles are not explictly specified in per_folder_admins list(string)
[
"roles/owner",
"roles/resourcemanager.folderViewer",
"roles/resourcemanager.projectCreator",
"roles/compute.networkAdmin"
]
no
names Folder names. list(string) [] no
parent The resource name of the parent Folder or Organization. Must be of the form folders/folder_id or organizations/org_id string n/a yes
per_folder_admins IAM-style roles per members per folder who will get extended permissions. If roles are not provided for a folder/member combination, the list provided as folder_admin_roles will be applied as default.
map(object({
members = list(string)
roles = optional(list(string))
}))
{} no
prefix Optional prefix to enforce uniqueness of folder names. string "" no
set_roles Enable setting roles via the folder admin variables. bool false no

Outputs

Name Description
folder Folder resource (for single use).
folders Folder resources as list.
folders_map Folder resources by name.
id Folder id (for single use).
ids Folder ids.
ids_list List of folder ids.
name Folder name (for single use).
names Folder names.
names_list List of folder names.
per_folder_admins IAM-style members per folder who will get extended permissions.

Requirements

These sections describe requirements for using this module.

Software

The following dependencies must be available:

Service Account

A service account with the following roles must be used to provision the resources of this module:

  • Folder Creator: roles/resourcemanager.folderCreator

The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.

APIs

A project with the following APIs enabled must be used to host the resources of this module:

  • Cloud Resource Manager API: cloudresourcemanager.googleapis.com

The Project Factory module can be used to provision a project with the necessary APIs enabled.

Contributing

Refer to the contribution guidelines for information on contributing to this module.

About

Creates several Google Cloud folders under the same parent

Topics

Resources

License

Contributing

Security policy

Stars

Watchers

Forks

Packages

No packages published

Contributors 19