From 7cacc46b4b004fbc41d58bf29a151f1886ea9b2e Mon Sep 17 00:00:00 2001 From: Albert Lloveras Date: Tue, 20 Jun 2023 09:53:08 +1000 Subject: [PATCH] =?UTF-8?q?fixup(project-factory):=20Use=20the=20correct?= =?UTF-8?q?=20KMS=20Service=20Agents=20attribute=20=E2=80=A6=20(#1446)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fixup(project-factory): Use the correct KMS Service Agents attribute name * Add new KMS bindings to tests * Update test resource counts * Update README.md resource count --- blueprints/factories/project-factory/README.md | 4 ++-- fast/stages/3-project-factory/dev/main.tf | 2 +- .../project_factory/examples/example.yaml | 17 +++++++++++++++++ 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/blueprints/factories/project-factory/README.md b/blueprints/factories/project-factory/README.md index d374dceb0a..927edd73c8 100644 --- a/blueprints/factories/project-factory/README.md +++ b/blueprints/factories/project-factory/README.md @@ -67,7 +67,7 @@ module "projects" { folder_id = each.value.folder_id group_iam = try(each.value.group_iam, {}) iam = try(each.value.iam, {}) - kms_service_agents = try(each.value.kms, {}) + kms_service_agents = try(each.value.kms_service_agents, {}) labels = try(each.value.labels, {}) org_policies = try(each.value.org_policies, {}) prefix = each.value.prefix @@ -76,7 +76,7 @@ module "projects" { service_identities_iam = try(each.value.service_identities_iam, {}) vpc = try(each.value.vpc, null) } -# tftest modules=7 resources=30 inventory=example.yaml +# tftest modules=7 resources=34 inventory=example.yaml ``` ### Projects configuration diff --git a/fast/stages/3-project-factory/dev/main.tf b/fast/stages/3-project-factory/dev/main.tf index e0deb24856..e38348fe9a 100644 --- a/fast/stages/3-project-factory/dev/main.tf +++ b/fast/stages/3-project-factory/dev/main.tf @@ -44,7 +44,7 @@ module "projects" { folder_id = try(each.value.folder_id, local.defaults.folder_id) group_iam = try(each.value.group_iam, {}) iam = try(each.value.iam, {}) - kms_service_agents = try(each.value.kms, {}) + kms_service_agents = try(each.value.kms_service_agents, {}) labels = try(each.value.labels, {}) org_policies = try(each.value.org_policies, null) prefix = var.prefix diff --git a/tests/blueprints/factories/project_factory/examples/example.yaml b/tests/blueprints/factories/project_factory/examples/example.yaml index fe33a437d6..f8396ef1d1 100644 --- a/tests/blueprints/factories/project_factory/examples/example.yaml +++ b/tests/blueprints/factories/project_factory/examples/example.yaml @@ -170,6 +170,22 @@ values: condition: [] project: fast-dev-net-spoke-0 role: roles/compute.securityAdmin + module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["compute.key1"]: + condition: [] + crypto_key_id: key1 + role: roles/cloudkms.cryptoKeyEncrypterDecrypter + module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["compute.key2"]: + condition: [] + crypto_key_id: key2 + role: roles/cloudkms.cryptoKeyEncrypterDecrypter + module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["storage.key1"]: + condition: [] + crypto_key_id: key1 + role: roles/cloudkms.cryptoKeyEncrypterDecrypter + module.projects["project"].module.project.google_kms_crypto_key_iam_member.service_identity_cmek["storage.key2"]: + condition: [] + crypto_key_id: key2 + role: roles/cloudkms.cryptoKeyEncrypterDecrypter module.projects["project"].module.project.google_project_service.project_services["billingbudgets.googleapis.com"]: disable_dependent_services: false disable_on_destroy: false @@ -233,3 +249,4 @@ counts: google_project_service: 8 google_service_account: 2 google_storage_project_service_account: 1 + google_kms_crypto_key_iam_member: 4