diff --git a/blueprints/factories/project-factory/README.md b/blueprints/factories/project-factory/README.md index d374dceb0a..927edd73c8 100644 --- a/blueprints/factories/project-factory/README.md +++ b/blueprints/factories/project-factory/README.md @@ -67,7 +67,7 @@ module "projects" { folder_id = each.value.folder_id group_iam = try(each.value.group_iam, {}) iam = try(each.value.iam, {}) - kms_service_agents = try(each.value.kms, {}) + kms_service_agents = try(each.value.kms_service_agents, {}) labels = try(each.value.labels, {}) org_policies = try(each.value.org_policies, {}) prefix = each.value.prefix @@ -76,7 +76,7 @@ module "projects" { service_identities_iam = try(each.value.service_identities_iam, {}) vpc = try(each.value.vpc, null) } -# tftest modules=7 resources=30 inventory=example.yaml +# tftest modules=7 resources=34 inventory=example.yaml ``` ### Projects configuration diff --git a/fast/stages/3-project-factory/dev/main.tf b/fast/stages/3-project-factory/dev/main.tf index e0deb24856..e38348fe9a 100644 --- a/fast/stages/3-project-factory/dev/main.tf +++ b/fast/stages/3-project-factory/dev/main.tf @@ -44,7 +44,7 @@ module "projects" { folder_id = try(each.value.folder_id, local.defaults.folder_id) group_iam = try(each.value.group_iam, {}) iam = try(each.value.iam, {}) - kms_service_agents = try(each.value.kms, {}) + kms_service_agents = try(each.value.kms_service_agents, {}) labels = try(each.value.labels, {}) org_policies = try(each.value.org_policies, null) prefix = var.prefix diff --git a/tests/blueprints/factories/project_factory/examples/example.yaml b/tests/blueprints/factories/project_factory/examples/example.yaml index fe33a437d6..f8396ef1d1 100644 --- a/tests/blueprints/factories/project_factory/examples/example.yaml +++ b/tests/blueprints/factories/project_factory/examples/example.yaml @@ -170,6 +170,22 @@ values: condition: [] project: fast-dev-net-spoke-0 role: roles/compute.securityAdmin + module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["compute.key1"]: + condition: [] + crypto_key_id: key1 + role: roles/cloudkms.cryptoKeyEncrypterDecrypter + module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["compute.key2"]: + condition: [] + crypto_key_id: key2 + role: roles/cloudkms.cryptoKeyEncrypterDecrypter + module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["storage.key1"]: + condition: [] + crypto_key_id: key1 + role: roles/cloudkms.cryptoKeyEncrypterDecrypter + module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["storage.key2"]: + condition: [] + crypto_key_id: key2 + role: roles/cloudkms.cryptoKeyEncrypterDecrypter module.projects["project"].module.project.google_project_service.project_services["billingbudgets.googleapis.com"]: disable_dependent_services: false disable_on_destroy: false @@ -233,3 +249,4 @@ counts: google_project_service: 8 google_service_account: 2 google_storage_project_service_account: 1 + google_kms_crypto_key_iam_member: 4