diff --git a/fast/stages/3-project-factory/dev/README.md b/fast/stages/3-project-factory/dev/README.md
index c4cc4655b8..4c1fe75d23 100644
--- a/fast/stages/3-project-factory/dev/README.md
+++ b/fast/stages/3-project-factory/dev/README.md
@@ -79,8 +79,8 @@ terraform apply
| name | description | type | required | default | producer |
|---|---|:---:|:---:|:---:|:---:|
| [billing_account](variables.tf#L19) | Billing account id. If billing account is not part of the same org set `is_org_level` to false. | object({…})
| ✓ | | 0-bootstrap
|
-| [factory_data](variables.tf#L32) | Project data from either YAML files or externally parsed data. | object({…})
| ✓ | | |
-| [prefix](variables.tf#L48) | Prefix used for resources that need unique names. Use 9 characters or less. | string
| ✓ | | 0-bootstrap
|
+| [prefix](variables.tf#L51) | Prefix used for resources that need unique names. Use 9 characters or less. | string
| ✓ | | 0-bootstrap
|
+| [factory_data](variables.tf#L32) | Project data from either YAML files or externally parsed data. | object({…})
| | {…}
| |
## Outputs
diff --git a/fast/stages/3-project-factory/dev/data/defaults.yaml b/fast/stages/3-project-factory/dev/data/defaults.yaml
deleted file mode 100644
index e52bb132c5..0000000000
--- a/fast/stages/3-project-factory/dev/data/defaults.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-# skip boilerplate check
-
-billing_account_id: 012345-67890A-BCDEF0
-
-# [opt] Setup for billing alerts
-billing_alert:
- amount: 1000
- thresholds:
- current: [0.5, 0.8]
- forecasted: [0.5, 0.8]
- credit_treatment: INCLUDE_ALL_CREDITS
-
-# [opt] Contacts for billing alerts and important notifications
-essential_contacts: ["team-contacts@example.com"]
-
-# [opt] Labels set for all projects
-labels:
- environment: dev
- department: accounting
- application: example-app
- foo: bar
-
-# [opt] Additional notification channels for billing
-notification_channels: []
diff --git a/fast/stages/3-project-factory/dev/data/projects/project.yaml.sample b/fast/stages/3-project-factory/dev/data/projects/project.yaml.sample
deleted file mode 100644
index cc35b4c569..0000000000
--- a/fast/stages/3-project-factory/dev/data/projects/project.yaml.sample
+++ /dev/null
@@ -1,103 +0,0 @@
-# skip boilerplate check
-
-# [opt] Billing account id - overrides default if set
-billing_account_id: 012345-67890A-BCDEF0
-
-# [opt] Billing alerts config - overrides default if set
-billing_alert:
- amount: 10
- thresholds:
- current:
- - 0.5
- - 0.8
- forecasted: []
- credit_treatment: INCLUDE_ALL_CREDITS
-
-# [opt] DNS zones to be created as children of the environment_dns_zone defined in defaults
-dns_zones:
- - lorem
- - ipsum
-
-# [opt] Contacts for billing alerts and important notifications
-essential_contacts:
- - team-a-contacts@example.com
-
-# Folder the project will be created as children of
-parent: folders/012345678901
-
-# [opt] Authoritative IAM bindings in group => [roles] format
-group_iam:
- test-team-foobar@fast-lab-0.gcp-pso-italy.net:
- - roles/compute.admin
-
-# [opt] Authoritative IAM bindings in role => [principals] format
-# Generally used to grant roles to service accounts external to the project
-iam:
- roles/compute.admin:
- - serviceAccount:service-account
-
-# [opt] Service robots and keys they will be assigned as cryptoKeyEncrypterDecrypter
-# in service => [keys] format
-kms_service_agents:
- compute: [key1, key2]
- storage: [key1, key2]
-
-# [opt] Labels for the project - merged with the ones defined in defaults
-labels:
- environment: dev
-
-# [opt] Org policy overrides defined at project level
-org_policies:
- compute.disableGuestAttributesAccess:
- rules:
- - enforce: true
- compute.trustedImageProjects:
- rules:
- - allow:
- values:
- - projects/fast-dev-iac-core-0
- compute.vmExternalIpAccess:
- rules:
- - deny:
- all: true
-
-# [opt] Service account to create for the project and their roles on the project
-# in name => [roles] format
-service_accounts:
- another-service-account:
- - roles/compute.admin
- my-service-account:
- - roles/compute.admin
-
-# [opt] APIs to enable on the project.
-services:
- - storage.googleapis.com
- - stackdriver.googleapis.com
- - compute.googleapis.com
-
-# [opt] Roles to assign to the service identities in service => [roles] format
-service_identities_iam:
- compute:
- - roles/storage.objectViewer
-
- # [opt] VPC setup.
- # If set enables the `compute.googleapis.com` service and configures
- # service project attachment
-vpc:
- # [opt] If set, enables the container API
- gke_setup:
- # Grants "roles/container.hostServiceAgentUser" to the container robot if set
- enable_host_service_agent: false
-
- # Grants "roles/compute.securityAdmin" to the container robot if set
- enable_security_admin: true
-
- # Host project the project will be service project of
- host_project: fast-dev-net-spoke-0
-
- # [opt] Subnets in the host project where principals will be granted networkUser
- # in region/subnet-name => [principals]
- subnets_iam:
- europe-west1/dev-default-ew1:
- - user:foobar@example.com
- - serviceAccount:service-account1
diff --git a/fast/stages/3-project-factory/dev/data/projects/test-project.yaml b/fast/stages/3-project-factory/dev/data/projects/test-project.yaml
new file mode 100644
index 0000000000..dfe34e6ccc
--- /dev/null
+++ b/fast/stages/3-project-factory/dev/data/projects/test-project.yaml
@@ -0,0 +1,20 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+labels:
+ team: team-0
+parent: folders/1234567890
+services:
+- compute.googleapis.com
+- storage.googleapis.com
diff --git a/fast/stages/3-project-factory/dev/main.tf b/fast/stages/3-project-factory/dev/main.tf
index 261351cae9..4f23b49281 100644
--- a/fast/stages/3-project-factory/dev/main.tf
+++ b/fast/stages/3-project-factory/dev/main.tf
@@ -31,7 +31,7 @@ module "projects" {
]
}
data_overrides = {
- prefix = var.prefix
+ prefix = "${var.prefix}-dev"
}
factory_data = var.factory_data
}
diff --git a/fast/stages/3-project-factory/dev/variables.tf b/fast/stages/3-project-factory/dev/variables.tf
index d004aeb8e8..c7165e3ced 100644
--- a/fast/stages/3-project-factory/dev/variables.tf
+++ b/fast/stages/3-project-factory/dev/variables.tf
@@ -36,6 +36,9 @@ variable "factory_data" {
data_path = optional(string)
})
nullable = false
+ default = {
+ data_path = "data/projects"
+ }
validation {
condition = (
(var.factory_data.data != null ? 1 : 0) +
@@ -49,7 +52,6 @@ variable "prefix" {
# tfdoc:variable:source 0-bootstrap
description = "Prefix used for resources that need unique names. Use 9 characters or less."
type = string
-
validation {
condition = try(length(var.prefix), 0) < 10
error_message = "Use a maximum of 9 characters for prefix."