From 6e3aa63090fdc2bfd58799e11a10415378c3f1fd Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 16 Apr 2024 16:59:32 +0300 Subject: [PATCH] Remove unused variables/locals from FAST --- fast/stages/0-bootstrap/organization.tf | 12 +----------- fast/stages/0-bootstrap/variables.tf | 7 ------- fast/stages/1-resman/variables.tf | 12 ------------ fast/stages/2-networking-d-separate-envs/main.tf | 3 +-- .../stages/2-networking-d-separate-envs/variables.tf | 9 --------- 5 files changed, 2 insertions(+), 41 deletions(-) diff --git a/fast/stages/0-bootstrap/organization.tf b/fast/stages/0-bootstrap/organization.tf index e263e54a57..f91b4e8c14 100644 --- a/fast/stages/0-bootstrap/organization.tf +++ b/fast/stages/0-bootstrap/organization.tf @@ -50,14 +50,7 @@ locals { var.org_policies_config.constraints.allowed_policy_member_domains ) drs_tag_name = "${var.organization.id}/${var.org_policies_config.tag_name}" - fast_custom_roles = [ - "organization_admin_viewer", - "organization_iam_admin", - "service_project_network_admin", - "storage_viewer", - "tag_viewer", - "tenant_network_admin", - ] + # intermediate values before we merge in what comes from the checklist _iam_principals = { for k, v in local.iam_principal_bindings : k => v.authoritative @@ -101,9 +94,6 @@ locals { flatten(values(local._iam_principals)), keys(local._iam) )) - iam_roles_additive = distinct([ - for k, v in local._iam_bindings_additive : v.role - ]) } # TODO: add a check block to ensure our custom roles exist in the factory files diff --git a/fast/stages/0-bootstrap/variables.tf b/fast/stages/0-bootstrap/variables.tf index 5493f5d628..64978dc30f 100644 --- a/fast/stages/0-bootstrap/variables.tf +++ b/fast/stages/0-bootstrap/variables.tf @@ -115,13 +115,6 @@ variable "fast_features" { nullable = false } -variable "group_iam" { - description = "Organization-level authoritative IAM binding for groups, in {GROUP_EMAIL => [ROLES]} format. Group emails need to be static. Can be used in combination with the `iam` variable." - type = map(list(string)) - default = {} - nullable = false -} - variable "groups" { # https://cloud.google.com/docs/enterprise/setup-checklist description = "Group names or IAM-format principals to grant organization-level permissions. If just the name is provided, the 'group:' principal and organization domain are interpolated." diff --git a/fast/stages/1-resman/variables.tf b/fast/stages/1-resman/variables.tf index a3ccd523f9..8417466730 100644 --- a/fast/stages/1-resman/variables.tf +++ b/fast/stages/1-resman/variables.tf @@ -229,18 +229,6 @@ variable "locations" { nullable = false } -variable "org_policy_tags" { - # tfdoc:variable:source 0-bootstrap - description = "Resource management tags for organization policy exceptions." - type = object({ - key_id = optional(string) - key_name = optional(string) - values = optional(map(string), {}) - }) - nullable = false - default = {} -} - variable "organization" { # tfdoc:variable:source 0-bootstrap description = "Organization details." diff --git a/fast/stages/2-networking-d-separate-envs/main.tf b/fast/stages/2-networking-d-separate-envs/main.tf index 928969abde..fd7b76e4d2 100644 --- a/fast/stages/2-networking-d-separate-envs/main.tf +++ b/fast/stages/2-networking-d-separate-envs/main.tf @@ -1,5 +1,5 @@ /** - * Copyright 2023 Google LLC + * Copyright 2024 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,6 @@ # tfdoc:file:description Networking folder and hierarchical policy. locals { - custom_roles = coalesce(var.custom_roles, {}) # combine all regions from variables and subnets regions = distinct(concat( values(var.regions), diff --git a/fast/stages/2-networking-d-separate-envs/variables.tf b/fast/stages/2-networking-d-separate-envs/variables.tf index 8beb832043..0c4165b3ab 100644 --- a/fast/stages/2-networking-d-separate-envs/variables.tf +++ b/fast/stages/2-networking-d-separate-envs/variables.tf @@ -60,15 +60,6 @@ variable "billing_account" { } } -variable "custom_roles" { - # tfdoc:variable:source 0-bootstrap - description = "Custom roles defined at the org level, in key => id format." - type = object({ - service_project_network_admin = string - }) - default = null -} - variable "dns" { description = "DNS configuration." type = object({