diff --git a/blueprints/data-solutions/data-platform-foundations/06-common.tf b/blueprints/data-solutions/data-platform-foundations/06-common.tf index 5a84ee777e..0078b169da 100644 --- a/blueprints/data-solutions/data-platform-foundations/06-common.tf +++ b/blueprints/data-solutions/data-platform-foundations/06-common.tf @@ -64,7 +64,7 @@ module "common-datacatalog" { tags = var.data_catalog_tags } -# To create KMS keys in the common projet: uncomment this section and assigne key links accondingly in local.service_encryption_keys variable +# To create KMS keys in the common project: uncomment this section and assigne key links accondingly in local.service_encryption_keys variable # module "cmn-kms-0" { # source = "../../../modules/kms" diff --git a/modules/artifact-registry/README.md b/modules/artifact-registry/README.md index 92f103a530..b782c06888 100644 --- a/modules/artifact-registry/README.md +++ b/modules/artifact-registry/README.md @@ -37,7 +37,7 @@ module "docker_artifact_registry" { | name | description | sensitive | |---|---|:---:| -| [id](outputs.tf#L17) | Repository id. | | +| [id](outputs.tf#L17) | Fully qualified repository id. | | | [name](outputs.tf#L22) | Repository name. | | diff --git a/modules/artifact-registry/outputs.tf b/modules/artifact-registry/outputs.tf index 2933d5d83d..b864789081 100644 --- a/modules/artifact-registry/outputs.tf +++ b/modules/artifact-registry/outputs.tf @@ -15,7 +15,7 @@ */ output "id" { - description = "Repository id." + description = "Fully qualified repository id." value = google_artifact_registry_repository.registry.id } diff --git a/modules/bigtable-instance/README.md b/modules/bigtable-instance/README.md index 06c85ccafb..abc1509f45 100644 --- a/modules/bigtable-instance/README.md +++ b/modules/bigtable-instance/README.md @@ -245,7 +245,7 @@ module "bigtable-instance" { | name | description | sensitive | |---|---|:---:| -| [id](outputs.tf#L17) | An identifier for the resource with format projects/{{project}}/instances/{{name}}. | | +| [id](outputs.tf#L17) | Fully qualified instance id. | | | [instance](outputs.tf#L26) | BigTable intance. | | | [table_ids](outputs.tf#L35) | Map of fully qualified table ids keyed by table name. | | | [tables](outputs.tf#L40) | Table resources. | | diff --git a/modules/bigtable-instance/outputs.tf b/modules/bigtable-instance/outputs.tf index 3cb4622462..93f817dcdc 100644 --- a/modules/bigtable-instance/outputs.tf +++ b/modules/bigtable-instance/outputs.tf @@ -15,7 +15,7 @@ */ output "id" { - description = "An identifier for the resource with format projects/{{project}}/instances/{{name}}." + description = "Fully qualified instance id." value = google_bigtable_instance.default.id depends_on = [ google_bigtable_instance_iam_binding.default, diff --git a/modules/billing-budget/README.md b/modules/billing-budget/README.md index 3db5faa325..72fe574b5c 100644 --- a/modules/billing-budget/README.md +++ b/modules/billing-budget/README.md @@ -84,6 +84,6 @@ module "pubsub" { | name | description | sensitive | |---|---|:---:| | [budget](outputs.tf#L17) | Budget resource. | | -| [id](outputs.tf#L22) | Budget ID. | | +| [id](outputs.tf#L22) | Fully qualified budget id. | | diff --git a/modules/billing-budget/outputs.tf b/modules/billing-budget/outputs.tf index 1d4e082f18..530f857381 100644 --- a/modules/billing-budget/outputs.tf +++ b/modules/billing-budget/outputs.tf @@ -20,6 +20,6 @@ output "budget" { } output "id" { - description = "Budget ID." + description = "Fully qualified budget id." value = google_billing_budget.budget.id } diff --git a/modules/binauthz/README.md b/modules/binauthz/README.md index 105a097a2f..64ef2d0fbb 100644 --- a/modules/binauthz/README.md +++ b/modules/binauthz/README.md @@ -73,7 +73,7 @@ module "binauthz" { | name | description | sensitive | |---|---|:---:| | [attestors](outputs.tf#L17) | Attestors. | | -| [id](outputs.tf#L25) | Binary Authorization policy ID. | | +| [id](outputs.tf#L25) | Fully qualified Binary Authorization policy ID. | | | [notes](outputs.tf#L30) | Notes. | | diff --git a/modules/binauthz/outputs.tf b/modules/binauthz/outputs.tf index 6a1d7c6de3..874f9ae6f0 100644 --- a/modules/binauthz/outputs.tf +++ b/modules/binauthz/outputs.tf @@ -23,7 +23,7 @@ output "attestors" { } output "id" { - description = "Binary Authorization policy ID." + description = "Fully qualified Binary Authorization policy ID." value = google_binary_authorization_policy.policy.id } diff --git a/modules/cloud-dataplex/README.md b/modules/cloud-dataplex/README.md index 8a46900d04..6849db8446 100644 --- a/modules/cloud-dataplex/README.md +++ b/modules/cloud-dataplex/README.md @@ -68,7 +68,8 @@ module "dataplex" { | name | description | sensitive | |---|---|:---:| | [assets](outputs.tf#L17) | Assets attached to the lake of Dataplex Lake. | | -| [lake](outputs.tf#L22) | The lake name of Dataplex Lake. | | -| [zones](outputs.tf#L27) | The zone name of Dataplex Lake. | | +| [id](outputs.tf#L22) | Fully qualified Dataplex Lake id. | | +| [lake](outputs.tf#L27) | The lake name of Dataplex Lake. | | +| [zones](outputs.tf#L32) | The zone name of Dataplex Lake. | | diff --git a/modules/cloud-dataplex/outputs.tf b/modules/cloud-dataplex/outputs.tf index bdc5562eab..7a68ff289b 100644 --- a/modules/cloud-dataplex/outputs.tf +++ b/modules/cloud-dataplex/outputs.tf @@ -19,6 +19,11 @@ output "assets" { value = local.zone_assets[*]["asset_name"] } +output "id" { + description = "Fully qualified Dataplex Lake id." + value = google_dataplex_lake.basic_lake.id +} + output "lake" { description = "The lake name of Dataplex Lake." value = google_dataplex_lake.basic_lake.name diff --git a/modules/cloud-function/README.md b/modules/cloud-function/README.md index 7a0abe7c49..71dd5ef468 100644 --- a/modules/cloud-function/README.md +++ b/modules/cloud-function/README.md @@ -284,13 +284,14 @@ module "cf-http-two" { | [bucket_name](outputs.tf#L24) | Bucket name. | | | [function](outputs.tf#L29) | Cloud function resources. | | | [function_name](outputs.tf#L34) | Cloud function name. | | -| [service_account](outputs.tf#L39) | Service account resource. | | -| [service_account_email](outputs.tf#L44) | Service account email. | | -| [service_account_iam_email](outputs.tf#L49) | Service account email. | | -| [trigger_service_account](outputs.tf#L57) | Service account resource. | | -| [trigger_service_account_email](outputs.tf#L62) | Service account email. | | -| [trigger_service_account_iam_email](outputs.tf#L67) | Service account email. | | -| [uri](outputs.tf#L75) | Cloud function service uri. | | -| [vpc_connector](outputs.tf#L80) | VPC connector resource if created. | | +| [id](outputs.tf#L39) | Fully qualified function id. | | +| [service_account](outputs.tf#L44) | Service account resource. | | +| [service_account_email](outputs.tf#L49) | Service account email. | | +| [service_account_iam_email](outputs.tf#L54) | Service account email. | | +| [trigger_service_account](outputs.tf#L62) | Service account resource. | | +| [trigger_service_account_email](outputs.tf#L67) | Service account email. | | +| [trigger_service_account_iam_email](outputs.tf#L72) | Service account email. | | +| [uri](outputs.tf#L80) | Cloud function service uri. | | +| [vpc_connector](outputs.tf#L85) | VPC connector resource if created. | | diff --git a/modules/cloud-function/outputs.tf b/modules/cloud-function/outputs.tf index 04ce290503..1f18798a66 100644 --- a/modules/cloud-function/outputs.tf +++ b/modules/cloud-function/outputs.tf @@ -36,6 +36,11 @@ output "function_name" { value = local.function.name } +output "id" { + description = "Fully qualified function id." + value = local.function.id +} + output "service_account" { description = "Service account resource." value = try(google_service_account.service_account[0], null) diff --git a/modules/cloud-identity-group/README.md b/modules/cloud-identity-group/README.md index cc7108b95f..eee01c4073 100644 --- a/modules/cloud-identity-group/README.md +++ b/modules/cloud-identity-group/README.md @@ -67,7 +67,7 @@ module "group" { | name | description | sensitive | |---|---|:---:| -| [id](outputs.tf#L17) | Group ID. | | +| [id](outputs.tf#L17) | Fully qualified group id. | | | [name](outputs.tf#L22) | Group name. | | diff --git a/modules/cloud-identity-group/outputs.tf b/modules/cloud-identity-group/outputs.tf index 1a05893388..95c31de208 100644 --- a/modules/cloud-identity-group/outputs.tf +++ b/modules/cloud-identity-group/outputs.tf @@ -15,7 +15,7 @@ */ output "id" { - description = "Group ID." + description = "Fully qualified group id." value = google_cloud_identity_group.group.id } diff --git a/modules/cloud-run/README.md b/modules/cloud-run/README.md index cd655a5f68..b1c44f4c97 100644 --- a/modules/cloud-run/README.md +++ b/modules/cloud-run/README.md @@ -333,11 +333,12 @@ module "cloud_run" { | name | description | sensitive | |---|---|:---:| -| [service](outputs.tf#L18) | Cloud Run service. | | -| [service_account](outputs.tf#L23) | Service account resource. | | -| [service_account_email](outputs.tf#L28) | Service account email. | | -| [service_account_iam_email](outputs.tf#L33) | Service account email. | | -| [service_name](outputs.tf#L41) | Cloud Run service name. | | -| [vpc_connector](outputs.tf#L47) | VPC connector resource if created. | | +| [id](outputs.tf#L18) | Fully qualified service id. | | +| [service](outputs.tf#L23) | Cloud Run service. | | +| [service_account](outputs.tf#L28) | Service account resource. | | +| [service_account_email](outputs.tf#L33) | Service account email. | | +| [service_account_iam_email](outputs.tf#L38) | Service account email. | | +| [service_name](outputs.tf#L46) | Cloud Run service name. | | +| [vpc_connector](outputs.tf#L52) | VPC connector resource if created. | | diff --git a/modules/cloud-run/outputs.tf b/modules/cloud-run/outputs.tf index 9a235f9595..2aec9f6523 100644 --- a/modules/cloud-run/outputs.tf +++ b/modules/cloud-run/outputs.tf @@ -15,6 +15,11 @@ * limitations under the License. */ +output "id" { + description = "Fully qualified service id." + value = google_cloud_run_service.service.id +} + output "service" { description = "Cloud Run service." value = google_cloud_run_service.service diff --git a/modules/cloudsql-instance/README.md b/modules/cloudsql-instance/README.md index a8e5d59744..ad9ec39508 100644 --- a/modules/cloudsql-instance/README.md +++ b/modules/cloudsql-instance/README.md @@ -161,7 +161,6 @@ module "db" { } # tftest modules=1 resources=2 inventory=public-ip.yaml ``` - ## Variables @@ -198,8 +197,8 @@ module "db" { |---|---|:---:| | [connection_name](outputs.tf#L24) | Connection name of the primary instance. | | | [connection_names](outputs.tf#L29) | Connection names of all instances. | | -| [id](outputs.tf#L37) | ID of the primary instance. | | -| [ids](outputs.tf#L42) | IDs of all instances. | | +| [id](outputs.tf#L37) | Fully qualified primary instance id. | | +| [ids](outputs.tf#L42) | Fully qualified ids of all instances. | | | [instances](outputs.tf#L50) | Cloud SQL instance resources. | ✓ | | [ip](outputs.tf#L56) | IP address of the primary instance. | | | [ips](outputs.tf#L61) | IP addresses of all instances. | | diff --git a/modules/cloudsql-instance/outputs.tf b/modules/cloudsql-instance/outputs.tf index 8c814c06a1..1859d8453c 100644 --- a/modules/cloudsql-instance/outputs.tf +++ b/modules/cloudsql-instance/outputs.tf @@ -15,7 +15,7 @@ */ locals { - _all_intances = merge( + _all_instances = merge( { primary = google_sql_database_instance.primary }, google_sql_database_instance.replicas ) @@ -29,27 +29,27 @@ output "connection_name" { output "connection_names" { description = "Connection names of all instances." value = { - for id, instance in local._all_intances : + for id, instance in local._all_instances : id => instance.connection_name } } output "id" { - description = "ID of the primary instance." + description = "Fully qualified primary instance id." value = google_sql_database_instance.primary.private_ip_address } output "ids" { - description = "IDs of all instances." + description = "Fully qualified ids of all instances." value = { - for id, instance in local._all_intances : + for id, instance in local._all_instances : id => instance.id } } output "instances" { description = "Cloud SQL instance resources." - value = local._all_intances + value = local._all_instances sensitive = true } @@ -61,7 +61,7 @@ output "ip" { output "ips" { description = "IP addresses of all instances." value = { - for id, instance in local._all_intances : + for id, instance in local._all_instances : id => instance.private_ip_address } } @@ -74,7 +74,7 @@ output "name" { output "names" { description = "Names of all instances." value = { - for id, instance in local._all_intances : + for id, instance in local._all_instances : id => instance.name } } @@ -93,7 +93,7 @@ output "self_link" { output "self_links" { description = "Self links of all instances." value = { - for id, instance in local._all_intances : + for id, instance in local._all_instances : id => instance.self_link } } diff --git a/modules/compute-mig/README.md b/modules/compute-mig/README.md index 5851b6ad2f..9eb9433d57 100644 --- a/modules/compute-mig/README.md +++ b/modules/compute-mig/README.md @@ -444,5 +444,6 @@ module "nginx-mig" { | [autoscaler](outputs.tf#L17) | Auto-created autoscaler resource. | | | [group_manager](outputs.tf#L26) | Instance group resource. | | | [health_check](outputs.tf#L35) | Auto-created health-check resource. | | +| [id](outputs.tf#L44) | Fully qualified group manager id. | | diff --git a/modules/compute-mig/outputs.tf b/modules/compute-mig/outputs.tf index 41b20c1fa2..f76103564b 100644 --- a/modules/compute-mig/outputs.tf +++ b/modules/compute-mig/outputs.tf @@ -40,3 +40,12 @@ output "health_check" { : google_compute_health_check.default.0 ) } + +output "id" { + description = "Fully qualified group manager id." + value = try( + google_compute_instance_group_manager.default.0.id, + google_compute_region_instance_group_manager.default.0.id, + null + ) +} diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index bae1bf104f..c4badae306 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -541,15 +541,16 @@ module "instance-group" { |---|---|:---:| | [external_ip](outputs.tf#L17) | Instance main interface external IP addresses. | | | [group](outputs.tf#L26) | Instance group resource. | | -| [instance](outputs.tf#L31) | Instance resource. | | -| [internal_ip](outputs.tf#L36) | Instance main interface internal IP address. | | -| [internal_ips](outputs.tf#L44) | Instance interfaces internal IP addresses. | | -| [self_link](outputs.tf#L52) | Instance self links. | | -| [service_account](outputs.tf#L57) | Service account resource. | | -| [service_account_email](outputs.tf#L64) | Service account email. | | -| [service_account_iam_email](outputs.tf#L69) | Service account email. | | -| [template](outputs.tf#L77) | Template resource. | | -| [template_name](outputs.tf#L82) | Template name. | | +| [id](outputs.tf#L31) | Fully qualified instance id. | | +| [instance](outputs.tf#L36) | Instance resource. | | +| [internal_ip](outputs.tf#L41) | Instance main interface internal IP address. | | +| [internal_ips](outputs.tf#L49) | Instance interfaces internal IP addresses. | | +| [self_link](outputs.tf#L57) | Instance self links. | | +| [service_account](outputs.tf#L62) | Service account resource. | | +| [service_account_email](outputs.tf#L69) | Service account email. | | +| [service_account_iam_email](outputs.tf#L74) | Service account email. | | +| [template](outputs.tf#L82) | Template resource. | | +| [template_name](outputs.tf#L87) | Template name. | | ## TODO diff --git a/modules/compute-vm/outputs.tf b/modules/compute-vm/outputs.tf index 32c9ef9cba..a08f24847b 100644 --- a/modules/compute-vm/outputs.tf +++ b/modules/compute-vm/outputs.tf @@ -28,6 +28,11 @@ output "group" { value = try(google_compute_instance_group.unmanaged.0, null) } +output "id" { + description = "Fully qualified instance id." + value = try(google_compute_instance.default.0.id, null) +} + output "instance" { description = "Instance resource." value = try(google_compute_instance.default.0, null) diff --git a/modules/container-registry/README.md b/modules/container-registry/README.md index 7e7f42f4c2..a5748e2aeb 100644 --- a/modules/container-registry/README.md +++ b/modules/container-registry/README.md @@ -29,6 +29,6 @@ module "container_registry" { | name | description | sensitive | |---|---|:---:| -| [bucket_id](outputs.tf#L17) | ID of the GCS bucket created. | | +| [id](outputs.tf#L17) | Fully qualified id of the registry bucket. | | diff --git a/modules/container-registry/outputs.tf b/modules/container-registry/outputs.tf index f43f8ca8fa..1c2aeb4e4d 100644 --- a/modules/container-registry/outputs.tf +++ b/modules/container-registry/outputs.tf @@ -14,7 +14,7 @@ * limitations under the License. */ -output "bucket_id" { - description = "ID of the GCS bucket created." +output "id" { + description = "Fully qualified id of the registry bucket." value = google_container_registry.registry.id } diff --git a/modules/data-catalog-policy-tag/README.md b/modules/data-catalog-policy-tag/README.md index 3cf4aaafce..570bfbf5dd 100644 --- a/modules/data-catalog-policy-tag/README.md +++ b/modules/data-catalog-policy-tag/README.md @@ -59,8 +59,8 @@ module "cmn-dc" { | name | description | sensitive | |---|---|:---:| -| [tags](outputs.tf#L17) | Policy Tags. | | -| [taxonomy_id](outputs.tf#L22) | Taxonomy id. | | +| [id](outputs.tf#L17) | Fully qualified taxonomy id. | | +| [tags](outputs.tf#L22) | Policy Tags. | | ## TODO diff --git a/modules/data-catalog-policy-tag/outputs.tf b/modules/data-catalog-policy-tag/outputs.tf index 1f0bb2420f..4f579c284e 100644 --- a/modules/data-catalog-policy-tag/outputs.tf +++ b/modules/data-catalog-policy-tag/outputs.tf @@ -14,12 +14,12 @@ * limitations under the License. */ +output "id" { + description = "Fully qualified taxonomy id." + value = google_data_catalog_taxonomy.default.id +} + output "tags" { description = "Policy Tags." value = { for k, v in google_data_catalog_policy_tag.default : k => v.id } } - -output "taxonomy_id" { - description = "Taxonomy id." - value = google_data_catalog_taxonomy.default.id -} diff --git a/modules/datafusion/README.md b/modules/datafusion/README.md index 377e81452a..03b65b7b23 100644 --- a/modules/datafusion/README.md +++ b/modules/datafusion/README.md @@ -58,7 +58,7 @@ module "datafusion" { | name | description | sensitive | |---|---|:---:| -| [id](outputs.tf#L17) | DataFusion instance ID. | | +| [id](outputs.tf#L17) | Fully qualified instance id. | | | [ip_allocation](outputs.tf#L22) | IP range reserved for Data Fusion instance in case of a private instance. | | | [resource](outputs.tf#L27) | DataFusion resource. | | | [service_account](outputs.tf#L32) | DataFusion Service Account. | | diff --git a/modules/datafusion/outputs.tf b/modules/datafusion/outputs.tf index 513675e46f..a7248c137f 100644 --- a/modules/datafusion/outputs.tf +++ b/modules/datafusion/outputs.tf @@ -15,7 +15,7 @@ */ output "id" { - description = "DataFusion instance ID." + description = "Fully qualified instance id." value = google_data_fusion_instance.default.id } diff --git a/modules/dataproc/README.md b/modules/dataproc/README.md index e23b44c5a5..668f38f580 100644 --- a/modules/dataproc/README.md +++ b/modules/dataproc/README.md @@ -162,7 +162,8 @@ module "processing-dp-cluster" { |---|---|:---:| | [bucket_names](outputs.tf#L19) | List of bucket names which have been assigned to the cluster. | | | [http_ports](outputs.tf#L24) | The map of port descriptions to URLs. | | -| [instance_names](outputs.tf#L29) | List of instance names which have been assigned to the cluster. | | -| [name](outputs.tf#L38) | The name of the cluster. | | +| [id](outputs.tf#L29) | Fully qualified cluster id. | | +| [instance_names](outputs.tf#L34) | List of instance names which have been assigned to the cluster. | | +| [name](outputs.tf#L43) | The name of the cluster. | | diff --git a/modules/dataproc/outputs.tf b/modules/dataproc/outputs.tf index 4cd952a3cb..51edb807d4 100644 --- a/modules/dataproc/outputs.tf +++ b/modules/dataproc/outputs.tf @@ -26,6 +26,11 @@ output "http_ports" { value = google_dataproc_cluster.cluster.cluster_config.0.endpoint_config.0.http_ports } +output "id" { + description = "Fully qualified cluster id." + value = google_dataproc_cluster.cluster.id +} + output "instance_names" { description = "List of instance names which have been assigned to the cluster." value = { diff --git a/modules/dns-response-policy/README.md b/modules/dns-response-policy/README.md index e55cd3d321..2c77f4e936 100644 --- a/modules/dns-response-policy/README.md +++ b/modules/dns-response-policy/README.md @@ -142,7 +142,7 @@ restricted: | name | description | sensitive | |---|---|:---:| -| [id](outputs.tf#L17) | Policy id. | | +| [id](outputs.tf#L17) | Fully qualified policy id. | | | [name](outputs.tf#L22) | Policy name. | | | [policy](outputs.tf#L27) | Policy resource. | | diff --git a/modules/dns-response-policy/outputs.tf b/modules/dns-response-policy/outputs.tf index 1b6f76bc99..95b1086596 100644 --- a/modules/dns-response-policy/outputs.tf +++ b/modules/dns-response-policy/outputs.tf @@ -15,7 +15,7 @@ */ output "id" { - description = "Policy id." + description = "Fully qualified policy id." value = try(google_dns_response_policy.default.0.id, null) } diff --git a/modules/dns/README.md b/modules/dns/README.md index a5376fd975..e6d46a54d6 100644 --- a/modules/dns/README.md +++ b/modules/dns/README.md @@ -143,9 +143,10 @@ module "public-dns" { |---|---|:---:| | [dns_keys](outputs.tf#L17) | DNSKEY and DS records of DNSSEC-signed managed zones. | | | [domain](outputs.tf#L22) | The DNS zone domain. | | -| [name](outputs.tf#L27) | The DNS zone name. | | -| [name_servers](outputs.tf#L32) | The DNS zone name servers. | | -| [type](outputs.tf#L37) | The DNS zone type. | | -| [zone](outputs.tf#L42) | DNS zone resource. | | +| [id](outputs.tf#L27) | Fully qualified zone id. | | +| [name](outputs.tf#L32) | The DNS zone name. | | +| [name_servers](outputs.tf#L37) | The DNS zone name servers. | | +| [type](outputs.tf#L42) | The DNS zone type. | | +| [zone](outputs.tf#L47) | DNS zone resource. | | diff --git a/modules/dns/outputs.tf b/modules/dns/outputs.tf index c0e477376d..ba87aea44b 100644 --- a/modules/dns/outputs.tf +++ b/modules/dns/outputs.tf @@ -24,6 +24,11 @@ output "domain" { value = try(local.zone.dns_name, null) } +output "id" { + description = "Fully qualified zone id." + value = try(local.zone.id, null) +} + output "name" { description = "The DNS zone name." value = try(local.zone.name, null) diff --git a/modules/folder/README.md b/modules/folder/README.md index 8addd48ef2..a3a7f00922 100644 --- a/modules/folder/README.md +++ b/modules/folder/README.md @@ -358,7 +358,7 @@ module "folder" { | [firewall_policies](outputs.tf#L16) | Map of firewall policy resources created in this folder. | | | [firewall_policy_id](outputs.tf#L21) | Map of firewall policy ids created in this folder. | | | [folder](outputs.tf#L26) | Folder resource. | | -| [id](outputs.tf#L31) | Folder id. | | +| [id](outputs.tf#L31) | Fully qualified folder id. | | | [name](outputs.tf#L40) | Folder name. | | | [sink_writer_identities](outputs.tf#L45) | Writer identities created for each sink. | | diff --git a/modules/folder/outputs.tf b/modules/folder/outputs.tf index 8073951bfa..8b8ffc1c95 100644 --- a/modules/folder/outputs.tf +++ b/modules/folder/outputs.tf @@ -29,7 +29,7 @@ output "folder" { } output "id" { - description = "Folder id." + description = "Fully qualified folder id." value = local.folder.name depends_on = [ google_folder_iam_binding.authoritative, diff --git a/modules/gcs/README.md b/modules/gcs/README.md index 07c5a6d7bf..f7da2c2dce 100644 --- a/modules/gcs/README.md +++ b/modules/gcs/README.md @@ -119,7 +119,7 @@ module "bucket-gcs-notification" { | name | description | sensitive | |---|---|:---:| | [bucket](outputs.tf#L17) | Bucket resource. | | -| [id](outputs.tf#L28) | Bucket ID (same as name). | | +| [id](outputs.tf#L28) | Fully qualified bucket id. | | | [name](outputs.tf#L37) | Bucket name. | | | [notification](outputs.tf#L46) | GCS Notification self link. | | | [topic](outputs.tf#L51) | Topic ID used by GCS. | | diff --git a/modules/gcs/outputs.tf b/modules/gcs/outputs.tf index a00c04cf7a..4aeee76df5 100644 --- a/modules/gcs/outputs.tf +++ b/modules/gcs/outputs.tf @@ -26,7 +26,7 @@ output "bucket" { # assume any valid log destination has an `id` output). output "id" { - description = "Bucket ID (same as name)." + description = "Fully qualified bucket id." value = "${local.prefix}${lower(var.name)}" depends_on = [ google_storage_bucket.bucket, diff --git a/modules/gke-cluster-autopilot/README.md b/modules/gke-cluster-autopilot/README.md index f0144fea9d..8758bf177f 100644 --- a/modules/gke-cluster-autopilot/README.md +++ b/modules/gke-cluster-autopilot/README.md @@ -121,7 +121,7 @@ module "cluster-1" { | [ca_certificate](outputs.tf#L17) | Public certificate of the cluster (base64-encoded). | ✓ | | [cluster](outputs.tf#L23) | Cluster resource. | ✓ | | [endpoint](outputs.tf#L29) | Cluster endpoint. | | -| [id](outputs.tf#L34) | Cluster ID. | | +| [id](outputs.tf#L34) | FUlly qualified cluster id. | | | [location](outputs.tf#L39) | Cluster location. | | | [master_version](outputs.tf#L44) | Master version. | | | [name](outputs.tf#L49) | Cluster name. | | diff --git a/modules/gke-cluster-autopilot/outputs.tf b/modules/gke-cluster-autopilot/outputs.tf index c02c9be2b6..f48975c5bf 100644 --- a/modules/gke-cluster-autopilot/outputs.tf +++ b/modules/gke-cluster-autopilot/outputs.tf @@ -32,7 +32,7 @@ output "endpoint" { } output "id" { - description = "Cluster ID." + description = "FUlly qualified cluster id." value = google_container_cluster.cluster.id } @@ -68,4 +68,4 @@ output "workload_identity_pool" { depends_on = [ google_container_cluster.cluster ] -} \ No newline at end of file +} diff --git a/modules/gke-cluster-standard/README.md b/modules/gke-cluster-standard/README.md index 972d590482..a971d5ead4 100644 --- a/modules/gke-cluster-standard/README.md +++ b/modules/gke-cluster-standard/README.md @@ -159,7 +159,7 @@ module "cluster-1" { | [ca_certificate](outputs.tf#L17) | Public certificate of the cluster (base64-encoded). | ✓ | | [cluster](outputs.tf#L23) | Cluster resource. | ✓ | | [endpoint](outputs.tf#L29) | Cluster endpoint. | | -| [id](outputs.tf#L34) | Cluster ID. | | +| [id](outputs.tf#L34) | FUlly qualified cluster id. | | | [location](outputs.tf#L39) | Cluster location. | | | [master_version](outputs.tf#L44) | Master version. | | | [name](outputs.tf#L49) | Cluster name. | | diff --git a/modules/gke-cluster-standard/outputs.tf b/modules/gke-cluster-standard/outputs.tf index c02c9be2b6..f48975c5bf 100644 --- a/modules/gke-cluster-standard/outputs.tf +++ b/modules/gke-cluster-standard/outputs.tf @@ -32,7 +32,7 @@ output "endpoint" { } output "id" { - description = "Cluster ID." + description = "FUlly qualified cluster id." value = google_container_cluster.cluster.id } @@ -68,4 +68,4 @@ output "workload_identity_pool" { depends_on = [ google_container_cluster.cluster ] -} \ No newline at end of file +} diff --git a/modules/gke-hub/README.md b/modules/gke-hub/README.md index a94119494f..ec09ad9505 100644 --- a/modules/gke-hub/README.md +++ b/modules/gke-hub/README.md @@ -333,6 +333,6 @@ module "hub" { | name | description | sensitive | |---|---|:---:| -| [cluster_ids](outputs.tf#L17) | Ids of all the clusters created. | | +| [cluster_ids](outputs.tf#L17) | Fully qualified ids of all clusters. | | diff --git a/modules/gke-hub/outputs.tf b/modules/gke-hub/outputs.tf index b4fd3462b3..2e74cdaf0f 100644 --- a/modules/gke-hub/outputs.tf +++ b/modules/gke-hub/outputs.tf @@ -15,7 +15,7 @@ */ output "cluster_ids" { - description = "Ids of all the clusters created." + description = "Fully qualified ids of all clusters." value = { for k, v in google_gke_hub_membership.default : k => v.id } diff --git a/modules/gke-nodepool/README.md b/modules/gke-nodepool/README.md index 2f632c9c78..6a66b2c7bd 100644 --- a/modules/gke-nodepool/README.md +++ b/modules/gke-nodepool/README.md @@ -132,8 +132,9 @@ module "cluster-1-nodepool-1" { | name | description | sensitive | |---|---|:---:| -| [name](outputs.tf#L17) | Nodepool name. | | -| [service_account_email](outputs.tf#L22) | Service account email. | | -| [service_account_iam_email](outputs.tf#L27) | Service account email. | | +| [id](outputs.tf#L17) | Fully qualified nodepool id. | | +| [name](outputs.tf#L22) | Nodepool name. | | +| [service_account_email](outputs.tf#L27) | Service account email. | | +| [service_account_iam_email](outputs.tf#L32) | Service account email. | | diff --git a/modules/gke-nodepool/outputs.tf b/modules/gke-nodepool/outputs.tf index b0a94801c1..4102d9e11a 100644 --- a/modules/gke-nodepool/outputs.tf +++ b/modules/gke-nodepool/outputs.tf @@ -14,6 +14,11 @@ * limitations under the License. */ +output "id" { + description = "Fully qualified nodepool id." + value = google_container_node_pool.nodepool.id +} + output "name" { description = "Nodepool name." value = google_container_node_pool.nodepool.name diff --git a/modules/iam-service-account/README.md b/modules/iam-service-account/README.md index a62ce8f536..c1303386fc 100644 --- a/modules/iam-service-account/README.md +++ b/modules/iam-service-account/README.md @@ -65,7 +65,7 @@ module "myproject-default-service-accounts" { |---|---|:---:| | [email](outputs.tf#L17) | Service account email. | | | [iam_email](outputs.tf#L25) | IAM-format service account email. | | -| [id](outputs.tf#L33) | Service account id. | | +| [id](outputs.tf#L33) | Fully qualified service account id. | | | [key](outputs.tf#L42) | Service account key. | ✓ | | [name](outputs.tf#L48) | Service account name. | | | [service_account](outputs.tf#L57) | Service account resource. | | diff --git a/modules/iam-service-account/outputs.tf b/modules/iam-service-account/outputs.tf index e6c28dfdab..79210caec8 100644 --- a/modules/iam-service-account/outputs.tf +++ b/modules/iam-service-account/outputs.tf @@ -31,7 +31,7 @@ output "iam_email" { } output "id" { - description = "Service account id." + description = "Fully qualified service account id." value = local.service_account_id_static depends_on = [ data.google_service_account.service_account, diff --git a/modules/kms/README.md b/modules/kms/README.md index 9565c3a9de..446325d890 100644 --- a/modules/kms/README.md +++ b/modules/kms/README.md @@ -101,8 +101,8 @@ module "kms" { | name | description | sensitive | |---|---|:---:| -| [id](outputs.tf#L17) | Keyring self link. | | -| [key_ids](outputs.tf#L25) | Key self links. | | +| [id](outputs.tf#L17) | Fully qualified keyring id. | | +| [key_ids](outputs.tf#L25) | Fully qualified key ids. | | | [keyring](outputs.tf#L36) | Keyring resource. | | | [keys](outputs.tf#L44) | Key resources. | | | [location](outputs.tf#L52) | Keyring location. | | diff --git a/modules/kms/outputs.tf b/modules/kms/outputs.tf index 43f7997c68..b3e6d76aec 100644 --- a/modules/kms/outputs.tf +++ b/modules/kms/outputs.tf @@ -15,7 +15,7 @@ */ output "id" { - description = "Keyring self link." + description = "Fully qualified keyring id." value = local.keyring.id depends_on = [ google_kms_key_ring_iam_binding.default @@ -23,7 +23,7 @@ output "id" { } output "key_ids" { - description = "Key self links." + description = "Fully qualified key ids." value = { for name, resource in google_kms_crypto_key.default : name => resource.id diff --git a/modules/logging-bucket/README.md b/modules/logging-bucket/README.md index 73a28fccae..f749fecdac 100644 --- a/modules/logging-bucket/README.md +++ b/modules/logging-bucket/README.md @@ -75,6 +75,6 @@ module "bucket-billing-account" { | name | description | sensitive | |---|---|:---:| -| [id](outputs.tf#L17) | ID of the created bucket. | | +| [id](outputs.tf#L17) | Fully qualified logging bucket id. | | diff --git a/modules/logging-bucket/outputs.tf b/modules/logging-bucket/outputs.tf index 7100237e34..1ea9874026 100644 --- a/modules/logging-bucket/outputs.tf +++ b/modules/logging-bucket/outputs.tf @@ -15,7 +15,7 @@ */ output "id" { - description = "ID of the created bucket." + description = "Fully qualified logging bucket id." value = try( google_logging_project_bucket_config.bucket.0.id, google_logging_folder_bucket_config.bucket.0.id, diff --git a/modules/ncc-spoke-ra/README.md b/modules/ncc-spoke-ra/README.md index d7dba8ea58..64d37843cd 100644 --- a/modules/ncc-spoke-ra/README.md +++ b/modules/ncc-spoke-ra/README.md @@ -146,7 +146,8 @@ module "spoke-ra" { | name | description | sensitive | |---|---|:---:| | [hub](outputs.tf#L17) | NCC hub resource (only if auto-created). | | -| [router](outputs.tf#L22) | Cloud Router resource. | | -| [spoke-ra](outputs.tf#L27) | NCC spoke resource. | | +| [id](outputs.tf#L22) | Fully qualified hub id. | | +| [router](outputs.tf#L27) | Cloud Router resource. | | +| [spoke-ra](outputs.tf#L32) | NCC spoke resource. | | diff --git a/modules/ncc-spoke-ra/outputs.tf b/modules/ncc-spoke-ra/outputs.tf index d1bfdb36d8..fd62c7f7bb 100644 --- a/modules/ncc-spoke-ra/outputs.tf +++ b/modules/ncc-spoke-ra/outputs.tf @@ -16,7 +16,12 @@ output "hub" { description = "NCC hub resource (only if auto-created)." - value = one(google_network_connectivity_hub.hub[*]) + value = try(google_network_connectivity_hub.hub.0, null) +} + +output "id" { + description = "Fully qualified hub id." + value = try(google_network_connectivity_hub.hub.0.id, null) } output "router" { diff --git a/modules/net-cloudnat/README.md b/modules/net-cloudnat/README.md index 637d5cb8ae..19b56ac8cd 100644 --- a/modules/net-cloudnat/README.md +++ b/modules/net-cloudnat/README.md @@ -80,10 +80,11 @@ module "nat" { | name | description | sensitive | |---|---|:---:| -| [name](outputs.tf#L17) | Name of the Cloud NAT. | | -| [nat_ip_allocate_option](outputs.tf#L22) | NAT IP allocation mode. | | -| [region](outputs.tf#L27) | Cloud NAT region. | | -| [router](outputs.tf#L32) | Cloud NAT router resources (if auto created). | | -| [router_name](outputs.tf#L41) | Cloud NAT router name. | | +| [id](outputs.tf#L17) | Fully qualified NAT (router) id. | | +| [name](outputs.tf#L22) | Name of the Cloud NAT. | | +| [nat_ip_allocate_option](outputs.tf#L27) | NAT IP allocation mode. | | +| [region](outputs.tf#L32) | Cloud NAT region. | | +| [router](outputs.tf#L37) | Cloud NAT router resources (if auto created). | | +| [router_name](outputs.tf#L46) | Cloud NAT router name. | | diff --git a/modules/net-cloudnat/outputs.tf b/modules/net-cloudnat/outputs.tf index d9e95d4bc9..62f6afa888 100644 --- a/modules/net-cloudnat/outputs.tf +++ b/modules/net-cloudnat/outputs.tf @@ -14,6 +14,11 @@ * limitations under the License. */ +output "id" { + description = "Fully qualified NAT (router) id." + value = google_compute_router_nat.nat.id +} + output "name" { description = "Name of the Cloud NAT." value = google_compute_router_nat.nat.name diff --git a/modules/net-dedicated-vlan-attachment/output.tf b/modules/net-dedicated-vlan-attachment/output.tf index 885281af11..9e55eb09be 100644 --- a/modules/net-dedicated-vlan-attachment/output.tf +++ b/modules/net-dedicated-vlan-attachment/output.tf @@ -14,19 +14,19 @@ * limitations under the License. */ -output "name" { - description = "The name of the VLAN attachment created." - value = google_compute_interconnect_attachment.default.name +output "attachment" { + description = "VLAN Attachment resource" + value = google_compute_interconnect_attachment.default } output "id" { - description = "The id of the VLAN attachment created." + description = "Fully qualified VLAN attachment id." value = google_compute_interconnect_attachment.default.id } -output "attachment" { - description = "VLAN Attachment resource" - value = google_compute_interconnect_attachment.default +output "name" { + description = "The name of the VLAN attachment created." + value = google_compute_interconnect_attachment.default.name } output "router" { diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index 1b1625f0fd..deeb1c7b78 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -819,6 +819,7 @@ module "glb-0" { | [forwarding_rule](outputs.tf#L36) | Forwarding rule resource. | | | [group_ids](outputs.tf#L41) | Autogenerated instance group ids. | | | [health_check_ids](outputs.tf#L48) | Autogenerated health check ids. | | -| [neg_ids](outputs.tf#L55) | Autogenerated network endpoint group ids. | | +| [id](outputs.tf#L55) | Fully qualified forwarding rule id. | | +| [neg_ids](outputs.tf#L60) | Autogenerated network endpoint group ids. | | diff --git a/modules/net-glb/outputs.tf b/modules/net-glb/outputs.tf index cfa4be3004..47f5607f1a 100644 --- a/modules/net-glb/outputs.tf +++ b/modules/net-glb/outputs.tf @@ -52,6 +52,11 @@ output "health_check_ids" { } } +output "id" { + description = "Fully qualified forwarding rule id." + value = google_compute_global_forwarding_rule.default.id +} + output "neg_ids" { description = "Autogenerated network endpoint group ids." value = { diff --git a/modules/net-ilb-l7/README.md b/modules/net-ilb-l7/README.md index 4250285bd0..64d476237a 100644 --- a/modules/net-ilb-l7/README.md +++ b/modules/net-ilb-l7/README.md @@ -634,6 +634,7 @@ module "ilb-l7" { | [forwarding_rule](outputs.tf#L36) | Forwarding rule resource. | | | [group_ids](outputs.tf#L41) | Autogenerated instance group ids. | | | [health_check_ids](outputs.tf#L48) | Autogenerated health check ids. | | -| [neg_ids](outputs.tf#L55) | Autogenerated network endpoint group ids. | | +| [id](outputs.tf#L55) | Fully qualified forwarding rule id. | | +| [neg_ids](outputs.tf#L60) | Autogenerated network endpoint group ids. | | diff --git a/modules/net-ilb-l7/outputs.tf b/modules/net-ilb-l7/outputs.tf index 27f4db3a1b..1491d8ca59 100644 --- a/modules/net-ilb-l7/outputs.tf +++ b/modules/net-ilb-l7/outputs.tf @@ -52,6 +52,11 @@ output "health_check_ids" { } } +output "id" { + description = "Fully qualified forwarding rule id." + value = google_compute_forwarding_rule.default.id +} + output "neg_ids" { description = "Autogenerated network endpoint group ids." value = { diff --git a/modules/net-ilb/README.md b/modules/net-ilb/README.md index aa428733b2..14c286c2de 100644 --- a/modules/net-ilb/README.md +++ b/modules/net-ilb/README.md @@ -202,12 +202,12 @@ module "ilb" { | [backend_service_self_link](outputs.tf#L27) | Backend self link. | | | [forwarding_rule](outputs.tf#L32) | Forwarding rule resource. | | | [forwarding_rule_address](outputs.tf#L37) | Forwarding rule address. | | -| [forwarding_rule_id](outputs.tf#L42) | Forwarding rule id. | | -| [forwarding_rule_self_link](outputs.tf#L47) | Forwarding rule self link. | | -| [group_self_links](outputs.tf#L52) | Optional unmanaged instance group self links. | | -| [groups](outputs.tf#L59) | Optional unmanaged instance group resources. | | -| [health_check](outputs.tf#L64) | Auto-created health-check resource. | | -| [health_check_self_id](outputs.tf#L69) | Auto-created health-check self id. | | -| [health_check_self_link](outputs.tf#L74) | Auto-created health-check self link. | | +| [forwarding_rule_self_link](outputs.tf#L42) | Forwarding rule self link. | | +| [group_self_links](outputs.tf#L47) | Optional unmanaged instance group self links. | | +| [groups](outputs.tf#L54) | Optional unmanaged instance group resources. | | +| [health_check](outputs.tf#L59) | Auto-created health-check resource. | | +| [health_check_self_id](outputs.tf#L64) | Auto-created health-check self id. | | +| [health_check_self_link](outputs.tf#L69) | Auto-created health-check self link. | | +| [id](outputs.tf#L74) | Fully qualified forwarding rule id. | | diff --git a/modules/net-ilb/outputs.tf b/modules/net-ilb/outputs.tf index c97612f53d..3e4546fa2b 100644 --- a/modules/net-ilb/outputs.tf +++ b/modules/net-ilb/outputs.tf @@ -39,11 +39,6 @@ output "forwarding_rule_address" { value = google_compute_forwarding_rule.default.ip_address } -output "forwarding_rule_id" { - description = "Forwarding rule id." - value = google_compute_forwarding_rule.default.id -} - output "forwarding_rule_self_link" { description = "Forwarding rule self link." value = google_compute_forwarding_rule.default.self_link @@ -75,3 +70,8 @@ output "health_check_self_link" { description = "Auto-created health-check self link." value = try(google_compute_health_check.default.0.self_link, null) } + +output "id" { + description = "Fully qualified forwarding rule id." + value = google_compute_forwarding_rule.default.id +} diff --git a/modules/net-ipsec-over-interconnect/README.md b/modules/net-ipsec-over-interconnect/README.md index c166bb1748..cfe1dfd378 100644 --- a/modules/net-ipsec-over-interconnect/README.md +++ b/modules/net-ipsec-over-interconnect/README.md @@ -122,12 +122,11 @@ module "vpngw-a" { |---|---|:---:| | [bgp_peers](outputs.tf#L18) | BGP peer resources. | | | [external_gateway](outputs.tf#L25) | External VPN gateway resource. | | -| [gateway_id](outputs.tf#L30) | VPN gateway ID. | | -| [gateway_self_link](outputs.tf#L35) | VPN gateway self_link. | | -| [random_secret](outputs.tf#L40) | Generated secret. | | -| [router](outputs.tf#L45) | Router resource (only if auto-created). | | -| [router_name](outputs.tf#L50) | Router name. | | -| [self_link](outputs.tf#L55) | HA VPN gateway self link. | | -| [tunnels](outputs.tf#L60) | VPN tunnel resources. | | +| [id](outputs.tf#L30) | Fully qualified VPN gateway id. | | +| [random_secret](outputs.tf#L35) | Generated secret. | | +| [router](outputs.tf#L40) | Router resource (only if auto-created). | | +| [router_name](outputs.tf#L45) | Router name. | | +| [self_link](outputs.tf#L50) | HA VPN gateway self link. | | +| [tunnels](outputs.tf#L55) | VPN tunnel resources. | | diff --git a/modules/net-ipsec-over-interconnect/outputs.tf b/modules/net-ipsec-over-interconnect/outputs.tf index cb24e96276..6d1099b1a7 100644 --- a/modules/net-ipsec-over-interconnect/outputs.tf +++ b/modules/net-ipsec-over-interconnect/outputs.tf @@ -27,16 +27,11 @@ output "external_gateway" { value = local.peer_gateway } -output "gateway_id" { - description = "VPN gateway ID." +output "id" { + description = "Fully qualified VPN gateway id." value = google_compute_ha_vpn_gateway.default.id } -output "gateway_self_link" { - description = "VPN gateway self_link." - value = google_compute_ha_vpn_gateway.default.self_link -} - output "random_secret" { description = "Generated secret." value = local.secret diff --git a/modules/net-vpc-firewall-policy/README.md b/modules/net-vpc-firewall-policy/README.md index 5392a0b7c3..a24561386f 100644 --- a/modules/net-vpc-firewall-policy/README.md +++ b/modules/net-vpc-firewall-policy/README.md @@ -75,4 +75,10 @@ module "firewall-policy" { | [region](variables.tf#L110) | Policy region. Leave null for global policy. | string | | null | | [target_vpcs](variables.tf#L116) | VPC ids to which this policy will be attached, in descriptive name => self link format. | map(string) | | {} | +## Outputs + +| name | description | sensitive | +|---|---|:---:| +| [id](outputs.tf#L17) | Fully qualified firewall policy id. | | + diff --git a/modules/net-vpc-firewall-policy/outputs.tf b/modules/net-vpc-firewall-policy/outputs.tf new file mode 100644 index 0000000000..284dc96314 --- /dev/null +++ b/modules/net-vpc-firewall-policy/outputs.tf @@ -0,0 +1,24 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "id" { + description = "Fully qualified firewall policy id." + value = ( + var.region == null + ? try(google_compute_network_firewall_policy.default.0.id, null) + : try(google_compute_region_network_firewall_policy.default.0.id, null) + ) +} diff --git a/modules/net-vpc/README.md b/modules/net-vpc/README.md index f2810445f6..b5340af828 100644 --- a/modules/net-vpc/README.md +++ b/modules/net-vpc/README.md @@ -513,16 +513,17 @@ module "vpc" { | name | description | sensitive | |---|---|:---:| | [bindings](outputs.tf#L17) | Subnet IAM bindings. | | -| [name](outputs.tf#L22) | The name of the VPC being created. | | -| [network](outputs.tf#L34) | Network resource. | | -| [project_id](outputs.tf#L46) | Project ID containing the network. Use this when you need to create resources *after* the VPC is fully set up (e.g. subnets created, shared VPC service projects attached, Private Service Networking configured). | | -| [self_link](outputs.tf#L59) | The URI of the VPC being created. | | -| [subnet_ips](outputs.tf#L71) | Map of subnet address ranges keyed by name. | | -| [subnet_regions](outputs.tf#L78) | Map of subnet regions keyed by name. | | -| [subnet_secondary_ranges](outputs.tf#L85) | Map of subnet secondary ranges keyed by name. | | -| [subnet_self_links](outputs.tf#L96) | Map of subnet self links keyed by name. | | -| [subnets](outputs.tf#L102) | Subnet resources. | | -| [subnets_proxy_only](outputs.tf#L107) | L7 ILB or L7 Regional LB subnet resources. | | -| [subnets_psc](outputs.tf#L112) | Private Service Connect subnet resources. | | +| [id](outputs.tf#L22) | Fully qualified network id. | | +| [name](outputs.tf#L34) | Network name. | | +| [network](outputs.tf#L46) | Network resource. | | +| [project_id](outputs.tf#L58) | Project ID containing the network. Use this when you need to create resources *after* the VPC is fully set up (e.g. subnets created, shared VPC service projects attached, Private Service Networking configured). | | +| [self_link](outputs.tf#L71) | Network self link. | | +| [subnet_ips](outputs.tf#L83) | Map of subnet address ranges keyed by name. | | +| [subnet_regions](outputs.tf#L90) | Map of subnet regions keyed by name. | | +| [subnet_secondary_ranges](outputs.tf#L97) | Map of subnet secondary ranges keyed by name. | | +| [subnet_self_links](outputs.tf#L108) | Map of subnet self links keyed by name. | | +| [subnets](outputs.tf#L113) | Subnet resources. | | +| [subnets_proxy_only](outputs.tf#L118) | L7 ILB or L7 Regional LB subnet resources. | | +| [subnets_psc](outputs.tf#L123) | Private Service Connect subnet resources. | | diff --git a/modules/net-vpc/outputs.tf b/modules/net-vpc/outputs.tf index fd79de6594..3359cee712 100644 --- a/modules/net-vpc/outputs.tf +++ b/modules/net-vpc/outputs.tf @@ -19,8 +19,20 @@ output "bindings" { value = { for k, v in google_compute_subnetwork_iam_binding.binding : k => v } } +output "id" { + description = "Fully qualified network id." + value = local.network.id + depends_on = [ + google_compute_network_peering.local, + google_compute_network_peering.remote, + google_compute_shared_vpc_host_project.shared_vpc_host, + google_compute_shared_vpc_service_project.service_projects, + google_service_networking_connection.psa_connection + ] +} + output "name" { - description = "The name of the VPC being created." + description = "Network name." value = local.network.name depends_on = [ google_compute_network_peering.local, @@ -57,7 +69,7 @@ output "project_id" { } output "self_link" { - description = "The URI of the VPC being created." + description = "Network self link." value = local.network.self_link depends_on = [ google_compute_network_peering.local, @@ -98,7 +110,6 @@ output "subnet_self_links" { value = { for k, v in google_compute_subnetwork.subnetwork : k => v.self_link } } -# TODO(ludoo): use input names as keys output "subnets" { description = "Subnet resources." value = { for k, v in google_compute_subnetwork.subnetwork : k => v } diff --git a/modules/net-vpn-dynamic/README.md b/modules/net-vpn-dynamic/README.md index 447e5652c0..3a0ea1a3a0 100644 --- a/modules/net-vpn-dynamic/README.md +++ b/modules/net-vpn-dynamic/README.md @@ -74,13 +74,14 @@ module "vpn-dynamic" { |---|---|:---:| | [address](outputs.tf#L17) | VPN gateway address. | | | [gateway](outputs.tf#L22) | VPN gateway resource. | | -| [name](outputs.tf#L27) | VPN gateway name. | | -| [random_secret](outputs.tf#L32) | Generated secret. | | -| [router](outputs.tf#L38) | Router resource (only if auto-created). | | -| [router_name](outputs.tf#L43) | Router name. | | -| [self_link](outputs.tf#L48) | VPN gateway self link. | | -| [tunnel_names](outputs.tf#L53) | VPN tunnel names. | | -| [tunnel_self_links](outputs.tf#L61) | VPN tunnel self links. | | -| [tunnels](outputs.tf#L69) | VPN tunnel resources. | | +| [id](outputs.tf#L27) | Fully qualified VPN gateway id. | | +| [name](outputs.tf#L32) | VPN gateway name. | | +| [random_secret](outputs.tf#L37) | Generated secret. | | +| [router](outputs.tf#L43) | Router resource (only if auto-created). | | +| [router_name](outputs.tf#L48) | Router name. | | +| [self_link](outputs.tf#L53) | VPN gateway self link. | | +| [tunnel_names](outputs.tf#L58) | VPN tunnel names. | | +| [tunnel_self_links](outputs.tf#L66) | VPN tunnel self links. | | +| [tunnels](outputs.tf#L74) | VPN tunnel resources. | | diff --git a/modules/net-vpn-dynamic/outputs.tf b/modules/net-vpn-dynamic/outputs.tf index f049df1d1a..2595a8fc41 100644 --- a/modules/net-vpn-dynamic/outputs.tf +++ b/modules/net-vpn-dynamic/outputs.tf @@ -24,6 +24,11 @@ output "gateway" { value = google_compute_vpn_gateway.gateway } +output "id" { + description = "Fully qualified VPN gateway id." + value = google_compute_vpn_gateway.gateway.id +} + output "name" { description = "VPN gateway name." value = google_compute_vpn_gateway.gateway.name diff --git a/modules/net-vpn-ha/README.md b/modules/net-vpn-ha/README.md index e78e7c81ce..b22a48181e 100644 --- a/modules/net-vpn-ha/README.md +++ b/modules/net-vpn-ha/README.md @@ -147,7 +147,7 @@ module "vpn_ha" { | [bgp_peers](outputs.tf#L18) | BGP peer resources. | | | [external_gateway](outputs.tf#L25) | External VPN gateway resource. | | | [gateway](outputs.tf#L30) | VPN gateway resource (only if auto-created). | | -| [id](outputs.tf#L35) | Static gateway id. | | +| [id](outputs.tf#L35) | Fully qualified VPN gateway id. | | | [name](outputs.tf#L42) | VPN gateway name (only if auto-created). . | | | [random_secret](outputs.tf#L47) | Generated secret. | | | [router](outputs.tf#L52) | Router resource (only if auto-created). | | diff --git a/modules/net-vpn-ha/outputs.tf b/modules/net-vpn-ha/outputs.tf index 5b4f56d8d8..2655eea734 100644 --- a/modules/net-vpn-ha/outputs.tf +++ b/modules/net-vpn-ha/outputs.tf @@ -33,7 +33,7 @@ output "gateway" { } output "id" { - description = "Static gateway id." + description = "Fully qualified VPN gateway id." value = ( "projects/${var.project_id}/regions/${var.region}/vpnGateways/${var.name}" ) diff --git a/modules/net-vpn-static/README.md b/modules/net-vpn-static/README.md index 836746dcc2..64840740e8 100644 --- a/modules/net-vpn-static/README.md +++ b/modules/net-vpn-static/README.md @@ -52,11 +52,12 @@ module "vpn" { |---|---|:---:| | [address](outputs.tf#L17) | VPN gateway address. | | | [gateway](outputs.tf#L22) | VPN gateway resource. | | -| [name](outputs.tf#L27) | VPN gateway name. | | -| [random_secret](outputs.tf#L32) | Generated secret. | | -| [self_link](outputs.tf#L37) | VPN gateway self link. | | -| [tunnel_names](outputs.tf#L42) | VPN tunnel names. | | -| [tunnel_self_links](outputs.tf#L50) | VPN tunnel self links. | | -| [tunnels](outputs.tf#L58) | VPN tunnel resources. | | +| [id](outputs.tf#L27) | Fully qualified VPN gateway id. | | +| [name](outputs.tf#L32) | VPN gateway name. | | +| [random_secret](outputs.tf#L37) | Generated secret. | | +| [self_link](outputs.tf#L42) | VPN gateway self link. | | +| [tunnel_names](outputs.tf#L47) | VPN tunnel names. | | +| [tunnel_self_links](outputs.tf#L55) | VPN tunnel self links. | | +| [tunnels](outputs.tf#L63) | VPN tunnel resources. | | diff --git a/modules/net-vpn-static/outputs.tf b/modules/net-vpn-static/outputs.tf index 8a76460192..946063f728 100644 --- a/modules/net-vpn-static/outputs.tf +++ b/modules/net-vpn-static/outputs.tf @@ -24,6 +24,11 @@ output "gateway" { value = google_compute_vpn_gateway.gateway } +output "id" { + description = "Fully qualified VPN gateway id." + value = google_compute_vpn_gateway.gateway.id +} + output "name" { description = "VPN gateway name." value = google_compute_vpn_gateway.gateway.name diff --git a/modules/organization/README.md b/modules/organization/README.md index 39b5ff29e7..862b72fb4f 100644 --- a/modules/organization/README.md +++ b/modules/organization/README.md @@ -505,11 +505,12 @@ module "org" { | [custom_roles](outputs.tf#L30) | Map of custom roles resources created in the organization. | | | [firewall_policies](outputs.tf#L35) | Map of firewall policy resources created in the organization. | | | [firewall_policy_id](outputs.tf#L40) | Map of firewall policy ids created in the organization. | | -| [network_tag_keys](outputs.tf#L45) | Tag key resources. | | -| [network_tag_values](outputs.tf#L54) | Tag value resources. | | -| [organization_id](outputs.tf#L62) | Organization id dependent on module resources. | | -| [sink_writer_identities](outputs.tf#L79) | Writer identities created for each sink. | | -| [tag_keys](outputs.tf#L87) | Tag key resources. | | -| [tag_values](outputs.tf#L96) | Tag value resources. | | +| [id](outputs.tf#L45) | Fully qualified organization id. | | +| [network_tag_keys](outputs.tf#L62) | Tag key resources. | | +| [network_tag_values](outputs.tf#L71) | Tag value resources. | | +| [organization_id](outputs.tf#L81) | Organization id dependent on module resources. | | +| [sink_writer_identities](outputs.tf#L98) | Writer identities created for each sink. | | +| [tag_keys](outputs.tf#L106) | Tag key resources. | | +| [tag_values](outputs.tf#L115) | Tag value resources. | | diff --git a/modules/organization/outputs.tf b/modules/organization/outputs.tf index 2e594ee665..4450ecd0ff 100644 --- a/modules/organization/outputs.tf +++ b/modules/organization/outputs.tf @@ -42,6 +42,23 @@ output "firewall_policy_id" { value = { for k, v in google_compute_firewall_policy.policy : k => v.id } } +output "id" { + description = "Fully qualified organization id." + value = var.organization_id + depends_on = [ + google_organization_iam_audit_config.config, + google_organization_iam_binding.authoritative, + google_organization_iam_custom_role.roles, + google_organization_iam_member.additive, + google_organization_iam_policy.authoritative, + google_org_policy_policy.default, + google_tags_tag_key.default, + google_tags_tag_key_iam_binding.default, + google_tags_tag_value.default, + google_tags_tag_value_iam_binding.default, + ] +} + output "network_tag_keys" { description = "Tag key resources." value = { @@ -59,6 +76,8 @@ output "network_tag_values" { } } +# TODO: deprecate in favor of id + output "organization_id" { description = "Organization id dependent on module resources." value = var.organization_id diff --git a/modules/project/README.md b/modules/project/README.md index 2df16ce3cf..56b7d5a5b3 100644 --- a/modules/project/README.md +++ b/modules/project/README.md @@ -558,10 +558,11 @@ output "compute_robot" { | name | description | sensitive | |---|---|:---:| | [custom_roles](outputs.tf#L17) | Ids of the created custom roles. | | -| [name](outputs.tf#L25) | Project name. | | -| [number](outputs.tf#L37) | Project number. | | -| [project_id](outputs.tf#L54) | Project id. | | -| [service_accounts](outputs.tf#L73) | Product robot service accounts in project. | | -| [sink_writer_identities](outputs.tf#L89) | Writer identities created for each sink. | | +| [id](outputs.tf#L25) | Project id. | | +| [name](outputs.tf#L44) | Project name. | | +| [number](outputs.tf#L56) | Project number. | | +| [project_id](outputs.tf#L75) | Project id. | | +| [service_accounts](outputs.tf#L94) | Product robot service accounts in project. | | +| [sink_writer_identities](outputs.tf#L110) | Writer identities created for each sink. | | diff --git a/modules/project/outputs.tf b/modules/project/outputs.tf index cb940d010d..81f20cdd3c 100644 --- a/modules/project/outputs.tf +++ b/modules/project/outputs.tf @@ -22,6 +22,25 @@ output "custom_roles" { } } +output "id" { + description = "Project id." + value = "${local.prefix}${var.name}" + depends_on = [ + google_project.project, + data.google_project.project, + google_org_policy_policy.default, + google_project_service.project_services, + google_compute_shared_vpc_host_project.shared_vpc_host, + google_compute_shared_vpc_service_project.shared_vpc_service, + google_compute_shared_vpc_service_project.service_projects, + google_project_iam_member.shared_vpc_host_robots, + google_kms_crypto_key_iam_member.service_identity_cmek, + google_project_service_identity.jit_si, + google_project_service_identity.servicenetworking, + google_project_iam_member.servicenetworking + ] +} + output "name" { description = "Project name." value = local.project.name @@ -51,6 +70,8 @@ output "number" { ] } +# TODO: deprecate in favor of id + output "project_id" { description = "Project id." value = "${local.prefix}${var.name}" diff --git a/modules/pubsub/README.md b/modules/pubsub/README.md index 21fb38e4de..44a0e737a3 100644 --- a/modules/pubsub/README.md +++ b/modules/pubsub/README.md @@ -168,7 +168,7 @@ module "pubsub" { | name | description | sensitive | |---|---|:---:| -| [id](outputs.tf#L17) | Topic id. | | +| [id](outputs.tf#L17) | Fully qualified topic id. | | | [schema](outputs.tf#L26) | Schema resource. | | | [schema_id](outputs.tf#L31) | Schema resource id. | | | [subscription_id](outputs.tf#L36) | Subscription ids. | | diff --git a/modules/pubsub/outputs.tf b/modules/pubsub/outputs.tf index 3e99889bbe..0d14930287 100644 --- a/modules/pubsub/outputs.tf +++ b/modules/pubsub/outputs.tf @@ -15,7 +15,7 @@ */ output "id" { - description = "Topic id." + description = "Fully qualified topic id." value = local.topic_id_static depends_on = [ google_pubsub_topic.default, diff --git a/modules/secret-manager/README.md b/modules/secret-manager/README.md index 446d26bfea..dc0929832f 100644 --- a/modules/secret-manager/README.md +++ b/modules/secret-manager/README.md @@ -108,7 +108,7 @@ module "secret-manager" { | name | description | sensitive | |---|---|:---:| -| [ids](outputs.tf#L17) | Secret ids keyed by secret_ids (names). | | +| [ids](outputs.tf#L17) | Fully qualified secret ids. | | | [secrets](outputs.tf#L24) | Secret resources. | | | [version_ids](outputs.tf#L29) | Version ids keyed by secret name : version name. | | | [versions](outputs.tf#L36) | Secret versions. | ✓ | diff --git a/modules/secret-manager/outputs.tf b/modules/secret-manager/outputs.tf index 7295b84df2..fcd6e1fce0 100644 --- a/modules/secret-manager/outputs.tf +++ b/modules/secret-manager/outputs.tf @@ -15,7 +15,7 @@ */ output "ids" { - description = "Secret ids keyed by secret_ids (names)." + description = "Fully qualified secret ids." value = { for k, v in google_secret_manager_secret.default : v.secret_id => v.id } diff --git a/modules/service-directory/README.md b/modules/service-directory/README.md index 191fa8a35a..ee8323e483 100644 --- a/modules/service-directory/README.md +++ b/modules/service-directory/README.md @@ -107,8 +107,8 @@ module "dns-sd" { | name | description | sensitive | |---|---|:---:| | [endpoints](outputs.tf#L17) | Endpoint resources. | | -| [id](outputs.tf#L22) | Namespace id (short name). | | -| [name](outputs.tf#L27) | Namespace name (long name). | | +| [id](outputs.tf#L22) | Fully qualified namespace id. | | +| [name](outputs.tf#L27) | Namespace name. | | | [namespace](outputs.tf#L32) | Namespace resource. | | | [service_id](outputs.tf#L40) | Service ids (short names). | | | [service_names](outputs.tf#L50) | Service ids (long names). | | diff --git a/modules/service-directory/outputs.tf b/modules/service-directory/outputs.tf index a7656002a1..964a2136a3 100644 --- a/modules/service-directory/outputs.tf +++ b/modules/service-directory/outputs.tf @@ -20,12 +20,12 @@ output "endpoints" { } output "id" { - description = "Namespace id (short name)." + description = "Fully qualified namespace id." value = google_service_directory_namespace.default.id } output "name" { - description = "Namespace name (long name)." + description = "Namespace name." value = google_service_directory_namespace.default.name } diff --git a/modules/source-repository/README.md b/modules/source-repository/README.md index b84d4fe218..17662fea92 100644 --- a/modules/source-repository/README.md +++ b/modules/source-repository/README.md @@ -73,7 +73,7 @@ module "repo" { | name | description | sensitive | |---|---|:---:| -| [id](outputs.tf#L17) | Repository id. | | +| [id](outputs.tf#L17) | Fully qualified repository id. | | | [name](outputs.tf#L22) | Repository name. | | | [url](outputs.tf#L27) | Repository URL. | | diff --git a/modules/source-repository/outputs.tf b/modules/source-repository/outputs.tf index be55307a6d..3b06d30cd6 100644 --- a/modules/source-repository/outputs.tf +++ b/modules/source-repository/outputs.tf @@ -15,7 +15,7 @@ */ output "id" { - description = "Repository id." + description = "Fully qualified repository id." value = google_sourcerepo_repository.default.id } diff --git a/modules/vpc-sc/README.md b/modules/vpc-sc/README.md index 32899912ac..83991361a2 100644 --- a/modules/vpc-sc/README.md +++ b/modules/vpc-sc/README.md @@ -217,8 +217,9 @@ module "test" { | [access_level_names](outputs.tf#L17) | Access level resources. | | | [access_levels](outputs.tf#L25) | Access level resources. | | | [access_policy](outputs.tf#L30) | Access policy resource, if autocreated. | | -| [access_policy_name](outputs.tf#L35) | Access policy name. | | -| [service_perimeters_bridge](outputs.tf#L40) | Bridge service perimeter resources. | | -| [service_perimeters_regular](outputs.tf#L45) | Regular service perimeter resources. | | +| [access_policy_name](outputs.tf#L37) | Access policy name. | | +| [id](outputs.tf#L42) | Fully qualified access policy id. | | +| [service_perimeters_bridge](outputs.tf#L47) | Bridge service perimeter resources. | | +| [service_perimeters_regular](outputs.tf#L52) | Regular service perimeter resources. | | diff --git a/modules/vpc-sc/outputs.tf b/modules/vpc-sc/outputs.tf index 4279594831..6a0ce68584 100644 --- a/modules/vpc-sc/outputs.tf +++ b/modules/vpc-sc/outputs.tf @@ -32,11 +32,18 @@ output "access_policy" { value = try(google_access_context_manager_access_policy.default.0, null) } +# TODO: deprecate in favor of id + output "access_policy_name" { description = "Access policy name." value = local.access_policy } +output "id" { + description = "Fully qualified access policy id." + value = local.access_policy +} + output "service_perimeters_bridge" { description = "Bridge service perimeter resources." value = google_access_context_manager_service_perimeter.bridge diff --git a/tools/check_documentation.py b/tools/check_documentation.py index c9d6531351..619cff57e3 100755 --- a/tools/check_documentation.py +++ b/tools/check_documentation.py @@ -132,7 +132,7 @@ def _check_dir(dir_name, exclude_files=None, files=False, show_extra=False): ]) elif nc := [o.name for o in newouts if not o.description.endswith('.')]: - state = state.FAIL_VARIABLE_PERIOD + state = state.FAIL_OUTPUT_PERIOD diff = "\n".join([ f'----- {mod_name} output descriptions missing ending period -----', ', '.join(nc),