GoogleCloudPlatform · apeabody · May 24, 2024 · May 23, 2024
@@ -10,10 +10,8 @@ An overview of the multitenant infrastructure pipeline is shown below.
 The following resources are created:
 - GCP Project (cluster project)
 - GKE cluster(s)
-- Cloud SQL PostgreSQL (accounts-db, ledger-db)
-- Cloud Endpoint
 - Cloud Armor
-- IP addresses (frontend-ip)
+- App IP addresses (see below for details)
 
 ## Prerequisites
 
@@ -36,7 +34,21 @@ The following resources are created:
    mv terraform.example.tfvars terraform.tfvars
    ```
 
-1. Update the file with values for your environment. See any of the envs folder [README.md](./envs/production/README.md#inputs) files for additional information on the values in the `terraform.tfvars` file.
+1. Update the file with values for your environment. See any of the envs folder
+[README.md](./envs/production/README.md#inputs) files for additional information
+on the values in the `terraform.tfvars` file. In addition to `envs` from
+prerequisites, each App must have it's own entry under `apps` with a list of any
+dedicated IP address to be provisioned.
+
+  ```
+  apps = {
+    "my-app" : {
+      "ip_address_names" : [
+        "my-app-ip",
+      ]
+    }
+  }
+  ```
 
 You can now deploy each of your environments (e.g. production).
 

@@ -3,20 +3,21 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| apps | Applications | <pre>map(object({<br>    ip_address_names = list(string)<br>  }))</pre> | n/a | yes |
 | envs | Environments | <pre>map(object({<br>    billing_account    = string<br>    folder_id          = string<br>    network_project_id = string<br>    network_self_link  = string<br>    org_id             = string<br>    subnets_self_links = list(string)<br>  }))</pre> | n/a | yes |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
+| app\_ip\_addresses | IP Addresses |
+| app\_service\_accounts | IP Addresses |
 | cluster\_membership\_ids | GKE cluster membership IDs |
 | cluster\_project\_id | Cluster Project ID |
 | cluster\_regions | Regions with clusters |
 | clusters\_ids | GKE cluster IDs |
 | env | Environment |
 | fleet\_project\_id | Fleet Project ID |
-| ip\_address\_self\_links | IP Address Self Links |
-| ip\_addresses | IP Addresses |
 | network\_project\_id | Network Project ID |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -21,6 +21,7 @@ locals {
 module "env" {
   source = "../../modules/env_baseline"
 
+  apps                = var.apps
   env                 = local.env
   org_id              = var.envs[local.env].org_id
   folder_id           = var.envs[local.env].folder_id

@@ -49,13 +49,12 @@ output "cluster_membership_ids" {
   value       = module.env.cluster_membership_ids
 }
 
-output "ip_address_self_links" {
-  description = "IP Address Self Links"
-  value       = module.env.ip_address_self_links
+output "app_ip_addresses" {
+  description = "IP Addresses"
+  value       = module.env.app_ip_addresses
 }
 
-output "ip_addresses" {
+output "app_service_accounts" {
   description = "IP Addresses"
-  value       = module.env.ip_addresses
+  value       = module.env.app_service_accounts
 }
-
@@ -14,6 +14,7 @@
  * limitations under the License.
  */
 
+# Define Multi-Tenant Environments
 variable "envs" {
   description = "Environments"
   type = map(object({
@@ -25,3 +26,11 @@ variable "envs" {
     subnets_self_links = list(string)
   }))
 }
+
+# Define Applications
+variable "apps" {
+  description = "Applications"
+  type = map(object({
+    ip_address_names = list(string)
+  }))
+}
@@ -3,20 +3,21 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| apps | Applications | <pre>map(object({<br>    ip_address_names = list(string)<br>  }))</pre> | n/a | yes |
 | envs | Environments | <pre>map(object({<br>    billing_account    = string<br>    folder_id          = string<br>    network_project_id = string<br>    network_self_link  = string<br>    org_id             = string<br>    subnets_self_links = list(string)<br>  }))</pre> | n/a | yes |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
+| app\_ip\_addresses | IP Addresses |
+| app\_service\_accounts | IP Addresses |
 | cluster\_membership\_ids | GKE cluster membership IDs |
 | cluster\_project\_id | Cluster Project ID |
 | cluster\_regions | Regions with clusters |
 | clusters\_ids | GKE cluster IDs |
 | env | Environment |
 | fleet\_project\_id | Fleet Project ID |
-| ip\_address\_self\_links | IP Address Self Links |
-| ip\_addresses | IP Addresses |
 | network\_project\_id | Network Project ID |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -21,6 +21,7 @@ locals {
 module "env" {
   source = "../../modules/env_baseline"
 
+  apps                = var.apps
   env                 = local.env
   org_id              = var.envs[local.env].org_id
   folder_id           = var.envs[local.env].folder_id

@@ -49,13 +49,12 @@ output "cluster_membership_ids" {
   value       = module.env.cluster_membership_ids
 }
 
-output "ip_address_self_links" {
-  description = "IP Address Self Links"
-  value       = module.env.ip_address_self_links
+output "app_ip_addresses" {
+  description = "IP Addresses"
+  value       = module.env.app_ip_addresses
 }
 
-output "ip_addresses" {
+output "app_service_accounts" {
   description = "IP Addresses"
-  value       = module.env.ip_addresses
+  value       = module.env.app_service_accounts
 }
-
@@ -25,3 +25,11 @@ variable "envs" {
     subnets_self_links = list(string)
   }))
 }
+
+# Define Applications
+variable "apps" {
+  description = "Applications"
+  type = map(object({
+    ip_address_names = list(string)
+  }))
+}
@@ -3,20 +3,21 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| apps | Applications | <pre>map(object({<br>    ip_address_names = list(string)<br>  }))</pre> | n/a | yes |
 | envs | Environments | <pre>map(object({<br>    billing_account    = string<br>    folder_id          = string<br>    network_project_id = string<br>    network_self_link  = string<br>    org_id             = string<br>    subnets_self_links = list(string)<br>  }))</pre> | n/a | yes |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
+| app\_ip\_addresses | IP Addresses |
+| app\_service\_accounts | IP Addresses |
 | cluster\_membership\_ids | GKE cluster membership IDs |
 | cluster\_project\_id | Cluster Project ID |
 | cluster\_regions | Regions with clusters |
 | clusters\_ids | GKE cluster IDs |
 | env | Environment |
 | fleet\_project\_id | Fleet Project ID |
-| ip\_address\_self\_links | IP Address Self Links |
-| ip\_addresses | IP Addresses |
 | network\_project\_id | Network Project ID |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -21,6 +21,7 @@ locals {
 module "env" {
   source = "../../modules/env_baseline"
 
+  apps                = var.apps
   env                 = local.env
   org_id              = var.envs[local.env].org_id
   folder_id           = var.envs[local.env].folder_id

@@ -49,13 +49,12 @@ output "cluster_membership_ids" {
   value       = module.env.cluster_membership_ids
 }
 
-output "ip_address_self_links" {
-  description = "IP Address Self Links"
-  value       = module.env.ip_address_self_links
+output "app_ip_addresses" {
+  description = "IP Addresses"
+  value       = module.env.app_ip_addresses
 }
 
-output "ip_addresses" {
+output "app_service_accounts" {
   description = "IP Addresses"
-  value       = module.env.ip_addresses
+  value       = module.env.app_service_accounts
 }
-
@@ -25,3 +25,11 @@ variable "envs" {
     subnets_self_links = list(string)
   }))
 }
+
+# Define Applications
+variable "apps" {
+  description = "Applications"
+  type = map(object({
+    ip_address_names = list(string)
+  }))
+}
@@ -15,6 +15,7 @@ The following resources are created:
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| apps | Applications | <pre>map(object({<br>    ip_address_names = list(string)<br>  }))</pre> | n/a | yes |
 | billing\_account | The billing account id associated with the project, e.g. XXXXXX-YYYYYY-ZZZZZZ | `string` | n/a | yes |
 | cluster\_subnetworks | The subnetwork self\_links for clusters | `list(string)` | n/a | yes |
 | create\_cluster\_project | Create Cluster Project ID, otherwise the Network Project ID is used | `bool` | `true` | no |
@@ -28,13 +29,13 @@ The following resources are created:
 
 | Name | Description |
 |------|-------------|
+| app\_ip\_addresses | App IP Addresses |
+| app\_service\_accounts | App Service Accounts |
 | cluster\_ids | GKE cluster IDs |
 | cluster\_membership\_ids | GKE cluster membership IDs |
 | cluster\_project\_id | Cluster Project ID |
 | cluster\_regions | Regions with clusters |
 | fleet\_project\_id | Fleet Project ID |
-| ip\_address\_self\_links | IP Address Self Links |
-| ip\_addresses | IP Addresses |
 | network\_project\_id | Network Project ID |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -0,0 +1,31 @@
+/**
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// Create App/Ip Addresses
+module "apps_ip_address" {
+  source  = "terraform-google-modules/address/google"
+  version = "~> 3.2"
+
+  for_each = {
+    for k, v in var.apps : k => v.ip_address_names
+  }
+
+  project_id   = data.google_project.eab_cluster_project.project_id
+  address_type = "EXTERNAL"
+  region       = "global"
+  global       = true
+  names        = each.value
+}