Merge pull request #925 from brianhmj/master

Updating main.tf and README following #922
GoogleCloudPlatform · Oct 28, 2022 · 9622635 · 9622635
2 parents 2267384 + 980cc67
commit 9622635
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 2 deletions.
diff --git a/blueprints/cloud-operations/network-dashboard/README.md b/blueprints/cloud-operations/network-dashboard/README.md
@@ -26,6 +26,8 @@ Clone this repository, then go through the following steps to create resources:
 - `terraform init`
 - `terraform apply`
 
+Note: Org level viewing permission is required for some metrics such as firewall policies.
+
 Once the resources are deployed, go to the following page to see the dashboard: https://console.cloud.google.com/monitoring/dashboards?project=<YOUR-MONITORING-PROJECT>.
 A dashboard called "quotas-utilization" should be created.
 
@@ -74,6 +76,7 @@ In a future release, we could support:
 - Dynamic routes calculation for VPCs/PPGs with "global routing" set to OFF
 - Static routes calculation for projects/PPGs with "custom routes importing/exporting" set to OFF
 - Calculations for cross Organization peering groups
+- Support different scopes (reduced and fine-grained) 
 
 If you are interested in this and/or would like to contribute, please contact [email protected].
 <!-- BEGIN TFDOC -->

diff --git a/blueprints/cloud-operations/network-dashboard/main.tf b/blueprints/cloud-operations/network-dashboard/main.tf
@@ -50,7 +50,6 @@ module "service-account-function" {
   # Required IAM permissions for this service account are:
   # 1) compute.networkViewer on projects to be monitored (I gave it at organization level for now for simplicity)
   # 2) monitoring viewer on the projects to be monitored (I gave it at organization level for now for simplicity)
-  # 3) if you dont have permission to create service account and assign permission at organization Level, move these 3 roles to project level.
 
   iam_organization_roles = {
     "${var.organization_id}" = [
@@ -184,4 +183,4 @@ module "cloud-function" {
 resource "google_monitoring_dashboard" "dashboard" {
   dashboard_json = file("${path.module}/dashboards/quotas-utilization.json")
   project        = local.monitoring_project
-}
+}
diff --git a/blueprints/cloud-operations/network-dashboard/versions.tf b/blueprints/cloud-operations/network-dashboard/versions.tf
@@ -0,0 +1,27 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+terraform {
+  required_version = ">= 1.3.1"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = ">= 4.40.0" # tftest
+    }
+    google-beta = {
+      source  = "hashicorp/google-beta"
+      version = ">= 4.40.0" # tftest
+    }
+  }
+}