diff --git a/mmv1/templates/terraform/examples/go/scan_config_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/scan_config_basic.tf.tmpl new file mode 100644 index 000000000000..65459c8d5a3d --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scan_config_basic.tf.tmpl @@ -0,0 +1,11 @@ +resource "google_compute_address" "scanner_static_ip" { + provider = google-beta + name = "{{index $.Vars "address_name"}}" +} + +resource "google_security_scanner_scan_config" "{{$.PrimaryResourceId}}" { + provider = google-beta + display_name = "{{index $.Vars "scan_config_name"}}" + starting_urls = ["http://${google_compute_address.scanner_static_ip.address}"] + target_platforms = ["COMPUTE"] +} diff --git a/mmv1/templates/terraform/examples/go/scc_event_threat_detection_custom_module.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_event_threat_detection_custom_module.tf.tmpl new file mode 100644 index 000000000000..e56912cb99e2 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_event_threat_detection_custom_module.tf.tmpl @@ -0,0 +1,18 @@ +resource "google_scc_event_threat_detection_custom_module" "{{$.PrimaryResourceId}}" { + organization = "{{index $.TestEnvVars "org_id"}}" + display_name = "{{index $.Vars "display_name"}}" + enablement_state = "ENABLED" + type = "{{index $.Vars "type"}}" + description = "My Event Threat Detection Custom Module" + config = jsonencode({ + "metadata": { + "severity": "LOW", + "description": "Flagged by Forcepoint as malicious", + "recommendation": "Contact the owner of the relevant project." + }, + "ips": [ + "192.0.2.1", + "192.0.2.0/24" + ] + }) +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/scc_folder_custom_module_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_folder_custom_module_basic.tf.tmpl new file mode 100644 index 000000000000..dc500936f42a --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_folder_custom_module_basic.tf.tmpl @@ -0,0 +1,23 @@ +resource "google_folder" "folder" { + parent = "organizations/{{index $.TestEnvVars "org_id"}}" + display_name = "{{index $.Vars "folder_display_name"}}" +} + +resource "google_scc_folder_custom_module" "{{$.PrimaryResourceId}}" { + folder = google_folder.folder.folder_id + display_name = "{{index $.Vars "display_name"}}" + enablement_state = "ENABLED" + custom_config { + predicate { + expression = "resource.rotationPeriod > duration(\"2592000s\")" + } + resource_selector { + resource_types = [ + "cloudkms.googleapis.com/CryptoKey", + ] + } + description = "The rotation period of the identified cryptokey resource exceeds 30 days." + recommendation = "Set the rotation period to at most 30 days." + severity = "MEDIUM" + } +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/scc_folder_custom_module_full.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_folder_custom_module_full.tf.tmpl new file mode 100644 index 000000000000..058069aae278 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_folder_custom_module_full.tf.tmpl @@ -0,0 +1,37 @@ +resource "google_folder" "folder" { + parent = "organizations/{{index $.TestEnvVars "org_id"}}" + display_name = "{{index $.Vars "folder_display_name"}}" +} + +resource "google_scc_folder_custom_module" "{{$.PrimaryResourceId}}" { + folder = google_folder.folder.folder_id + display_name = "{{index $.Vars "display_name"}}" + enablement_state = "ENABLED" + custom_config { + predicate { + expression = "resource.rotationPeriod > duration(\"2592000s\")" + title = "Purpose of the expression" + description = "description of the expression" + location = "location of the expression" + } + custom_output { + properties { + name = "duration" + value_expression { + expression = "resource.rotationPeriod" + title = "Purpose of the expression" + description = "description of the expression" + location = "location of the expression" + } + } + } + resource_selector { + resource_types = [ + "cloudkms.googleapis.com/CryptoKey", + ] + } + severity = "LOW" + description = "Description of the custom module" + recommendation = "Steps to resolve violation" + } +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/scc_mute_config.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_mute_config.tf.tmpl new file mode 100644 index 000000000000..c1656175b8c7 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_mute_config.tf.tmpl @@ -0,0 +1,6 @@ +resource "google_scc_mute_config" "{{$.PrimaryResourceId}}" { + mute_config_id = "{{index $.Vars "mute_config_id"}}" + parent = "organizations/{{index $.TestEnvVars "org_id"}}" + filter = "category: \"OS_VULNERABILITY\"" + description = "My Mute Config" +} diff --git a/mmv1/templates/terraform/examples/go/scc_notification_config_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_notification_config_basic.tf.tmpl new file mode 100644 index 000000000000..7fcdbd7cc78b --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_notification_config_basic.tf.tmpl @@ -0,0 +1,14 @@ +resource "google_pubsub_topic" "scc_notification" { + name = "{{index $.Vars "topic_name"}}" +} + +resource "google_scc_notification_config" "{{$.PrimaryResourceId}}" { + config_id = "{{index $.Vars "config_id"}}" + organization = "{{index $.TestEnvVars "org_id"}}" + description = "My custom Cloud Security Command Center Finding Notification Configuration" + pubsub_topic = google_pubsub_topic.scc_notification.id + + streaming_config { + filter = "category = \"OPEN_FIREWALL\" AND state = \"ACTIVE\"" + } +} diff --git a/mmv1/templates/terraform/examples/go/scc_organization_custom_module_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_organization_custom_module_basic.tf.tmpl new file mode 100644 index 000000000000..430cc4052606 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_organization_custom_module_basic.tf.tmpl @@ -0,0 +1,18 @@ +resource "google_scc_organization_custom_module" "{{$.PrimaryResourceId}}" { + organization = "{{index $.TestEnvVars "org_id"}}" + display_name = "{{index $.Vars "display_name"}}" + enablement_state = "ENABLED" + custom_config { + predicate { + expression = "resource.rotationPeriod > duration(\"2592000s\")" + } + resource_selector { + resource_types = [ + "cloudkms.googleapis.com/CryptoKey", + ] + } + description = "The rotation period of the identified cryptokey resource exceeds 30 days." + recommendation = "Set the rotation period to at most 30 days." + severity = "MEDIUM" + } +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/scc_organization_custom_module_full.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_organization_custom_module_full.tf.tmpl new file mode 100644 index 000000000000..4f2f02187181 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_organization_custom_module_full.tf.tmpl @@ -0,0 +1,32 @@ +resource "google_scc_organization_custom_module" "{{$.PrimaryResourceId}}" { + organization = "{{index $.TestEnvVars "org_id"}}" + display_name = "{{index $.Vars "display_name"}}" + enablement_state = "ENABLED" + custom_config { + predicate { + expression = "resource.rotationPeriod > duration(\"2592000s\")" + title = "Purpose of the expression" + description = "description of the expression" + location = "location of the expression" + } + custom_output { + properties { + name = "duration" + value_expression { + expression = "resource.rotationPeriod" + title = "Purpose of the expression" + description = "description of the expression" + location = "location of the expression" + } + } + } + resource_selector { + resource_types = [ + "cloudkms.googleapis.com/CryptoKey", + ] + } + severity = "LOW" + description = "Description of the custom module" + recommendation = "Steps to resolve violation" + } +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/scc_project_custom_module_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_project_custom_module_basic.tf.tmpl new file mode 100644 index 000000000000..aa4f8167ca56 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_project_custom_module_basic.tf.tmpl @@ -0,0 +1,17 @@ +resource "google_scc_project_custom_module" "{{$.PrimaryResourceId}}" { + display_name = "{{index $.Vars "display_name"}}" + enablement_state = "ENABLED" + custom_config { + predicate { + expression = "resource.rotationPeriod > duration(\"2592000s\")" + } + resource_selector { + resource_types = [ + "cloudkms.googleapis.com/CryptoKey", + ] + } + description = "The rotation period of the identified cryptokey resource exceeds 30 days." + recommendation = "Set the rotation period to at most 30 days." + severity = "MEDIUM" + } +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/scc_project_custom_module_full.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_project_custom_module_full.tf.tmpl new file mode 100644 index 000000000000..00681d2c3c05 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_project_custom_module_full.tf.tmpl @@ -0,0 +1,31 @@ +resource "google_scc_project_custom_module" "{{$.PrimaryResourceId}}" { + display_name = "{{index $.Vars "display_name"}}" + enablement_state = "ENABLED" + custom_config { + predicate { + expression = "resource.rotationPeriod > duration(\"2592000s\")" + title = "Purpose of the expression" + description = "description of the expression" + location = "location of the expression" + } + custom_output { + properties { + name = "duration" + value_expression { + expression = "resource.rotationPeriod" + title = "Purpose of the expression" + description = "description of the expression" + location = "location of the expression" + } + } + } + resource_selector { + resource_types = [ + "cloudkms.googleapis.com/CryptoKey", + ] + } + severity = "LOW" + description = "Description of the custom module" + recommendation = "Steps to resolve violation" + } +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/scc_source_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/scc_source_basic.tf.tmpl new file mode 100644 index 000000000000..7672ca07eccc --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scc_source_basic.tf.tmpl @@ -0,0 +1,5 @@ +resource "google_scc_source" "{{$.PrimaryResourceId}}" { + display_name = "{{index $.Vars "source_display_name"}}" + organization = "{{index $.TestEnvVars "org_id"}}" + description = "My custom Cloud Security Command Center Finding Source" +} diff --git a/mmv1/templates/terraform/examples/go/scheduler_job_app_engine.tf.tmpl b/mmv1/templates/terraform/examples/go/scheduler_job_app_engine.tf.tmpl new file mode 100644 index 000000000000..d5d909119dca --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scheduler_job_app_engine.tf.tmpl @@ -0,0 +1,26 @@ +resource "google_cloud_scheduler_job" "job" { + name = "{{index $.Vars "job_name"}}" + schedule = "*/4 * * * *" + description = "test app engine job" + time_zone = "Europe/London" + attempt_deadline = "320s" + + retry_config { + min_backoff_duration = "1s" + max_retry_duration = "10s" + max_doublings = 2 + retry_count = 3 + } + + app_engine_http_target { + http_method = "POST" + + app_engine_routing { + service = "web" + version = "prod" + instance = "my-instance-001" + } + + relative_uri = "/ping" + } +} diff --git a/mmv1/templates/terraform/examples/go/scheduler_job_http.tf.tmpl b/mmv1/templates/terraform/examples/go/scheduler_job_http.tf.tmpl new file mode 100644 index 000000000000..970a25999520 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scheduler_job_http.tf.tmpl @@ -0,0 +1,20 @@ +resource "google_cloud_scheduler_job" "job" { + name = "{{index $.Vars "job_name"}}" + description = "test http job" + schedule = "*/8 * * * *" + time_zone = "America/New_York" + attempt_deadline = "320s" + + retry_config { + retry_count = 1 + } + + http_target { + http_method = "POST" + uri = "https://example.com/" + body = base64encode("{\"foo\":\"bar\"}") + headers = { + "Content-Type" = "application/json" + } + } +} diff --git a/mmv1/templates/terraform/examples/go/scheduler_job_oauth.tf.tmpl b/mmv1/templates/terraform/examples/go/scheduler_job_oauth.tf.tmpl new file mode 100644 index 000000000000..e75d33cb0eb6 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scheduler_job_oauth.tf.tmpl @@ -0,0 +1,19 @@ +data "google_compute_default_service_account" "default" { +} + +resource "google_cloud_scheduler_job" "job" { + name = "{{index $.Vars "job_name"}}" + description = "test http job" + schedule = "*/8 * * * *" + time_zone = "America/New_York" + attempt_deadline = "320s" + + http_target { + http_method = "GET" + uri = "https://cloudscheduler.googleapis.com/v1/projects/{{index $.TestEnvVars "project_name"}}/locations/{{index $.TestEnvVars "region"}}/jobs" + + oauth_token { + service_account_email = data.google_compute_default_service_account.default.email + } + } +} diff --git a/mmv1/templates/terraform/examples/go/scheduler_job_oidc.tf.tmpl b/mmv1/templates/terraform/examples/go/scheduler_job_oidc.tf.tmpl new file mode 100644 index 000000000000..4b34ada4f88c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scheduler_job_oidc.tf.tmpl @@ -0,0 +1,19 @@ +data "google_compute_default_service_account" "default" { +} + +resource "google_cloud_scheduler_job" "job" { + name = "{{index $.Vars "job_name"}}" + description = "test http job" + schedule = "*/8 * * * *" + time_zone = "America/New_York" + attempt_deadline = "320s" + + http_target { + http_method = "GET" + uri = "https://example.com/ping" + + oidc_token { + service_account_email = data.google_compute_default_service_account.default.email + } + } +} diff --git a/mmv1/templates/terraform/examples/go/scheduler_job_paused.tf.tmpl b/mmv1/templates/terraform/examples/go/scheduler_job_paused.tf.tmpl new file mode 100644 index 000000000000..f00860fea7ae --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scheduler_job_paused.tf.tmpl @@ -0,0 +1,21 @@ +resource "google_cloud_scheduler_job" "job" { + paused = true + name = "{{index $.Vars "job_name"}}" + description = "test http job with updated fields" + schedule = "*/8 * * * *" + time_zone = "America/New_York" + attempt_deadline = "320s" + + retry_config { + retry_count = 1 + } + + http_target { + http_method = "POST" + uri = "https://example.com/ping" + body = base64encode("{\"foo\":\"bar\"}") + headers = { + "Content-Type" = "application/json" + } + } +} diff --git a/mmv1/templates/terraform/examples/go/scheduler_job_pubsub.tf.tmpl b/mmv1/templates/terraform/examples/go/scheduler_job_pubsub.tf.tmpl new file mode 100644 index 000000000000..1a21c85281dd --- /dev/null +++ b/mmv1/templates/terraform/examples/go/scheduler_job_pubsub.tf.tmpl @@ -0,0 +1,15 @@ +resource "google_pubsub_topic" "topic" { + name = "{{index $.Vars "topic_name"}}" +} + +resource "google_cloud_scheduler_job" "job" { + name = "{{index $.Vars "job_name"}}" + description = "test job" + schedule = "*/2 * * * *" + + pubsub_target { + # topic.id is the topic's full resource name. + topic_name = google_pubsub_topic.topic.id + data = base64encode("test") + } +} diff --git a/mmv1/templates/terraform/examples/go/secret_config_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/secret_config_basic.tf.tmpl new file mode 100644 index 000000000000..ed2ffe869280 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secret_config_basic.tf.tmpl @@ -0,0 +1,18 @@ +resource "google_secret_manager_secret" "{{$.PrimaryResourceId}}" { + secret_id = "{{index $.Vars "secret_id"}}" + + labels = { + label = "my-label" + } + + replication { + user_managed { + replicas { + location = "us-central1" + } + replicas { + location = "us-east1" + } + } + } +} diff --git a/mmv1/templates/terraform/examples/go/secret_version_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/secret_version_basic.tf.tmpl new file mode 100644 index 000000000000..e0e0f4f61545 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secret_version_basic.tf.tmpl @@ -0,0 +1,18 @@ +resource "google_secret_manager_secret" "secret-basic" { + secret_id = "{{index $.Vars "secret_id"}}" + + labels = { + label = "my-label" + } + + replication { + auto {} + } +} + + +resource "google_secret_manager_secret_version" "{{$.PrimaryResourceId}}" { + secret = google_secret_manager_secret.secret-basic.id + + secret_data = "{{index $.Vars "data"}}" +} diff --git a/mmv1/templates/terraform/examples/go/secret_version_deletion_policy_abandon.tf.tmpl b/mmv1/templates/terraform/examples/go/secret_version_deletion_policy_abandon.tf.tmpl new file mode 100644 index 000000000000..ec443a6769c7 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secret_version_deletion_policy_abandon.tf.tmpl @@ -0,0 +1,18 @@ +resource "google_secret_manager_secret" "secret-basic" { + secret_id = "{{index $.Vars "secret_id"}}" + + replication { + user_managed { + replicas { + location = "us-central1" + } + } + } +} + +resource "google_secret_manager_secret_version" "{{$.PrimaryResourceId}}" { + secret = google_secret_manager_secret.secret-basic.id + + secret_data = "{{index $.Vars "data"}}" + deletion_policy = "ABANDON" +} diff --git a/mmv1/templates/terraform/examples/go/secret_version_deletion_policy_disable.tf.tmpl b/mmv1/templates/terraform/examples/go/secret_version_deletion_policy_disable.tf.tmpl new file mode 100644 index 000000000000..a13fcd375e4f --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secret_version_deletion_policy_disable.tf.tmpl @@ -0,0 +1,18 @@ +resource "google_secret_manager_secret" "secret-basic" { + secret_id = "{{index $.Vars "secret_id"}}" + + replication { + user_managed { + replicas { + location = "us-central1" + } + } + } +} + +resource "google_secret_manager_secret_version" "{{$.PrimaryResourceId}}" { + secret = google_secret_manager_secret.secret-basic.id + + secret_data = "{{index $.Vars "data"}}" + deletion_policy = "DISABLE" +} diff --git a/mmv1/templates/terraform/examples/go/secret_version_with_base64_string_secret_data.tf.tmpl b/mmv1/templates/terraform/examples/go/secret_version_with_base64_string_secret_data.tf.tmpl new file mode 100644 index 000000000000..989c40d60633 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secret_version_with_base64_string_secret_data.tf.tmpl @@ -0,0 +1,18 @@ +resource "google_secret_manager_secret" "secret-basic" { + secret_id = "{{index $.Vars "secret_id"}}" + + replication { + user_managed { + replicas { + location = "us-central1" + } + } + } +} + +resource "google_secret_manager_secret_version" "{{$.PrimaryResourceId}}" { + secret = google_secret_manager_secret.secret-basic.id + + is_secret_data_base64 = true + secret_data = filebase64("{{index $.Vars "data"}}") +} diff --git a/mmv1/templates/terraform/examples/go/secret_with_annotations.tf.tmpl b/mmv1/templates/terraform/examples/go/secret_with_annotations.tf.tmpl new file mode 100644 index 000000000000..3c3a7ac8cd1e --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secret_with_annotations.tf.tmpl @@ -0,0 +1,19 @@ +resource "google_secret_manager_secret" "{{$.PrimaryResourceId}}" { + secret_id = "{{index $.Vars "secret_id"}}" + + labels = { + label = "my-label" + } + + annotations = { + key1 = "someval" + key2 = "someval2" + key3 = "someval3" + key4 = "someval4" + key5 = "someval5" + } + + replication { + auto {} + } +} diff --git a/mmv1/templates/terraform/examples/go/secret_with_automatic_cmek.tf.tmpl b/mmv1/templates/terraform/examples/go/secret_with_automatic_cmek.tf.tmpl new file mode 100644 index 000000000000..d47f98984fe7 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secret_with_automatic_cmek.tf.tmpl @@ -0,0 +1,21 @@ +data "google_project" "project" {} + +resource "google_kms_crypto_key_iam_member" "kms-secret-binding" { + crypto_key_id = "{{index $.Vars "kms_key_name"}}" + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-secretmanager.iam.gserviceaccount.com" +} + +resource "google_secret_manager_secret" "{{$.PrimaryResourceId}}" { + secret_id = "{{index $.Vars "secret_id"}}" + + replication { + auto { + customer_managed_encryption { + kms_key_name = "{{index $.Vars "kms_key_name"}}" + } + } + } + + depends_on = [ google_kms_crypto_key_iam_member.kms-secret-binding ] +} diff --git a/mmv1/templates/terraform/examples/go/secure_source_manager_instance_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/secure_source_manager_instance_basic.tf.tmpl new file mode 100644 index 000000000000..90f296e2a678 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secure_source_manager_instance_basic.tf.tmpl @@ -0,0 +1,7 @@ +resource "google_secure_source_manager_instance" "{{$.PrimaryResourceId}}" { + location = "us-central1" + instance_id = "{{index $.Vars "instance_id"}}" + labels = { + "foo" = "bar" + } +} diff --git a/mmv1/templates/terraform/examples/go/secure_source_manager_instance_cmek.tf.tmpl b/mmv1/templates/terraform/examples/go/secure_source_manager_instance_cmek.tf.tmpl new file mode 100644 index 000000000000..2f75a5c03420 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secure_source_manager_instance_cmek.tf.tmpl @@ -0,0 +1,28 @@ +resource "google_kms_key_ring" "key_ring" { + name = "{{index $.Vars "keyring_name"}}" + location = "us-central1" +} + +resource "google_kms_crypto_key" "crypto_key" { + name = "{{index $.Vars "key_name"}}" + key_ring = google_kms_key_ring.key_ring.id +} + +resource "google_kms_crypto_key_iam_member" "crypto_key_binding" { + crypto_key_id = google_kms_crypto_key.crypto_key.id + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + + member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-sourcemanager.iam.gserviceaccount.com" +} + +resource "google_secure_source_manager_instance" "{{$.PrimaryResourceId}}" { + location = "us-central1" + instance_id = "{{index $.Vars "instance_id"}}" + kms_key = google_kms_crypto_key.crypto_key.id + + depends_on = [ + google_kms_crypto_key_iam_member.crypto_key_binding + ] +} + +data "google_project" "project" {} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/secure_source_manager_instance_private.tf.tmpl b/mmv1/templates/terraform/examples/go/secure_source_manager_instance_private.tf.tmpl new file mode 100644 index 000000000000..b6ea6f9ed078 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/secure_source_manager_instance_private.tf.tmpl @@ -0,0 +1,76 @@ +resource "google_privateca_ca_pool" "ca_pool" { + name = "{{index $.Vars "ca_pool_id"}}" + location = "us-central1" + tier = "ENTERPRISE" + publishing_options { + publish_ca_cert = true + publish_crl = true + } +} + +resource "google_privateca_certificate_authority" "root_ca" { + pool = google_privateca_ca_pool.ca_pool.name + certificate_authority_id = "{{index $.Vars "root_ca_id"}}" + location = "us-central1" + config { + subject_config { + subject { + organization = "google" + common_name = "my-certificate-authority" + } + } + x509_config { + ca_options { + is_ca = true + } + key_usage { + base_key_usage { + cert_sign = true + crl_sign = true + } + extended_key_usage { + server_auth = true + } + } + } + } + key_spec { + algorithm = "RSA_PKCS1_4096_SHA256" + } + + // Disable deletion protections for easier test cleanup purposes + deletion_protection = false + ignore_active_certificates_on_deletion = true + skip_grace_period = true +} + +resource "google_privateca_ca_pool_iam_binding" "ca_pool_binding" { + ca_pool = google_privateca_ca_pool.ca_pool.id + role = "roles/privateca.certificateRequester" + + members = [ + "serviceAccount:service-${data.google_project.project.number}@gcp-sa-sourcemanager.iam.gserviceaccount.com" + ] +} + +resource "google_secure_source_manager_instance" "{{$.PrimaryResourceId}}" { + instance_id = "{{index $.Vars "instance_id"}}" + location = "us-central1" + private_config { + is_private = true + ca_pool = google_privateca_ca_pool.ca_pool.id + } + depends_on = [ + google_privateca_certificate_authority.root_ca, + time_sleep.wait_60_seconds + ] +} + +# ca pool IAM permissions can take time to propagate +resource "time_sleep" "wait_60_seconds" { + depends_on = [google_privateca_ca_pool_iam_binding.ca_pool_binding] + + create_duration = "60s" +} + +data "google_project" "project" {} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/securityposture_posture_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/securityposture_posture_basic.tf.tmpl new file mode 100644 index 000000000000..65dc93c09890 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/securityposture_posture_basic.tf.tmpl @@ -0,0 +1,93 @@ +resource "google_securityposture_posture" "{{$.PrimaryResourceId}}"{ + posture_id = "posture_example" + parent = "organizations/{{index $.TestEnvVars "org_id"}}" + location = "global" + state = "ACTIVE" + description = "a new posture" + policy_sets { + policy_set_id = "org_policy_set" + description = "set of org policies" + policies { + policy_id = "canned_org_policy" + constraint { + org_policy_constraint { + canned_constraint_id = "storage.uniformBucketLevelAccess" + policy_rules { + enforce = true + condition { + description = "condition description" + expression = "resource.matchTag('org_id/tag_key_short_name,'tag_value_short_name')" + title = "a CEL condition" + } + } + } + } + } + policies { + policy_id = "custom_org_policy" + constraint { + org_policy_constraint_custom { + custom_constraint { + name = "organizations/{{index $.TestEnvVars "org_id"}}/customConstraints/custom.disableGkeAutoUpgrade" + display_name = "Disable GKE auto upgrade" + description = "Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced." + action_type = "ALLOW" + condition = "resource.management.autoUpgrade == false" + method_types = ["CREATE", "UPDATE"] + resource_types = ["container.googleapis.com/NodePool"] + } + policy_rules { + enforce = true + condition { + description = "condition description" + expression = "resource.matchTagId('tagKeys/key_id','tagValues/value_id')" + title = "a CEL condition" + } + } + } + } + } + } + policy_sets { + policy_set_id = "sha_policy_set" + description = "set of sha policies" + policies { + policy_id = "sha_builtin_module" + constraint { + security_health_analytics_module { + module_name = "BIGQUERY_TABLE_CMEK_DISABLED" + module_enablement_state = "ENABLED" + } + } + description = "enable BIGQUERY_TABLE_CMEK_DISABLED" + } + policies { + policy_id = "sha_custom_module" + constraint { + security_health_analytics_custom_module { + display_name = "custom_SHA_policy" + config { + predicate { + expression = "resource.rotationPeriod > duration('2592000s')" + } + custom_output { + properties { + name = "duration" + value_expression { + expression = "resource.rotationPeriod" + } + } + } + resource_selector { + resource_types = ["cloudkms.googleapis.com/CryptoKey"] + } + severity = "LOW" + description = "Custom Module" + recommendation = "Testing custom modules" + } + module_enablement_state = "ENABLED" + } + } + } + } +} diff --git a/mmv1/templates/terraform/examples/go/securityposture_posture_deployment_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/securityposture_posture_deployment_basic.tf.tmpl new file mode 100644 index 000000000000..479686f7b9ea --- /dev/null +++ b/mmv1/templates/terraform/examples/go/securityposture_posture_deployment_basic.tf.tmpl @@ -0,0 +1,32 @@ +resource "google_securityposture_posture" "posture_1" { + posture_id = "posture_1" + parent = "organizations/{{index $.TestEnvVars "org_id"}}" + location = "global" + state = "ACTIVE" + description = "a new posture" + policy_sets { + policy_set_id = "org_policy_set" + description = "set of org policies" + policies { + policy_id = "policy_1" + constraint { + org_policy_constraint { + canned_constraint_id = "storage.uniformBucketLevelAccess" + policy_rules { + enforce = true + } + } + } + } + } +} + +resource "google_securityposture_posture_deployment" "{{$.PrimaryResourceId}}" { + posture_deployment_id = "posture_deployment_1" + parent = "organizations/{{index $.TestEnvVars "org_id"}}" + location = "global" + description = "a new posture deployment" + target_resource = "projects/{{index $.TestEnvVars "project_number"}}" + posture_id = google_securityposture_posture.posture_1.name + posture_revision_id = google_securityposture_posture.posture_1.revision_id +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/service_attachment_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/service_attachment_basic.tf.tmpl new file mode 100644 index 000000000000..f6ebbbb3a1b3 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/service_attachment_basic.tf.tmpl @@ -0,0 +1,79 @@ +resource "google_compute_service_attachment" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "service_attachment_name"}}" + region = "us-west2" + description = "A service attachment configured with Terraform" + + domain_names = ["gcp.tfacc.hashicorptest.com."] + enable_proxy_protocol = true + connection_preference = "ACCEPT_AUTOMATIC" + nat_subnets = [google_compute_subnetwork.psc_ilb_nat.id] + target_service = google_compute_forwarding_rule.psc_ilb_target_service.id +} + +resource "google_compute_address" "psc_ilb_consumer_address" { + name = "{{index $.Vars "consumer_address_name"}}" + region = "us-west2" + + subnetwork = "default" + address_type = "INTERNAL" +} + +resource "google_compute_forwarding_rule" "psc_ilb_consumer" { + name = "{{index $.Vars "consumer_forwarding_rule_name"}}" + region = "us-west2" + + target = google_compute_service_attachment.psc_ilb_service_attachment.id + load_balancing_scheme = "" # need to override EXTERNAL default when target is a service attachment + network = "default" + ip_address = google_compute_address.psc_ilb_consumer_address.id +} + +resource "google_compute_forwarding_rule" "psc_ilb_target_service" { + name = "{{index $.Vars "producer_forwarding_rule_name"}}" + region = "us-west2" + + load_balancing_scheme = "INTERNAL" + backend_service = google_compute_region_backend_service.producer_service_backend.id + all_ports = true + network = google_compute_network.psc_ilb_network.name + subnetwork = google_compute_subnetwork.psc_ilb_producer_subnetwork.name +} + +resource "google_compute_region_backend_service" "producer_service_backend" { + name = "{{index $.Vars "producer_service_name"}}" + region = "us-west2" + + health_checks = [google_compute_health_check.producer_service_health_check.id] +} + +resource "google_compute_health_check" "producer_service_health_check" { + name = "{{index $.Vars "producer_health_check_name"}}" + + check_interval_sec = 1 + timeout_sec = 1 + tcp_health_check { + port = "80" + } +} + +resource "google_compute_network" "psc_ilb_network" { + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "psc_ilb_producer_subnetwork" { + name = "{{index $.Vars "producer_subnetwork_name"}}" + region = "us-west2" + + network = google_compute_network.psc_ilb_network.id + ip_cidr_range = "10.0.0.0/16" +} + +resource "google_compute_subnetwork" "psc_ilb_nat" { + name = "{{index $.Vars "nat_subnetwork_name"}}" + region = "us-west2" + + network = google_compute_network.psc_ilb_network.id + purpose = "PRIVATE_SERVICE_CONNECT" + ip_cidr_range = "10.1.0.0/16" +} diff --git a/mmv1/templates/terraform/examples/go/service_attachment_explicit_networks.tf.tmpl b/mmv1/templates/terraform/examples/go/service_attachment_explicit_networks.tf.tmpl new file mode 100644 index 000000000000..d07bd41db553 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/service_attachment_explicit_networks.tf.tmpl @@ -0,0 +1,97 @@ +resource "google_compute_service_attachment" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "service_attachment_name"}}" + region = "us-west2" + description = "A service attachment configured with Terraform" + + enable_proxy_protocol = false + + connection_preference = "ACCEPT_MANUAL" + nat_subnets = [google_compute_subnetwork.psc_ilb_nat.id] + target_service = google_compute_forwarding_rule.psc_ilb_target_service.id + + consumer_accept_lists { + network_url = google_compute_network.psc_ilb_consumer_network.self_link + connection_limit = 1 + } +} + +resource "google_compute_network" "psc_ilb_consumer_network" { + name = "{{index $.Vars "consumer_network_name"}}" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "psc_ilb_consumer_subnetwork" { + name = "{{index $.Vars "consumer_network_name"}}" + ip_cidr_range = "10.0.0.0/16" + region = "us-west2" + network = google_compute_network.psc_ilb_consumer_network.id +} + +resource "google_compute_address" "psc_ilb_consumer_address" { + name = "{{index $.Vars "consumer_address_name"}}" + region = "us-west2" + + subnetwork = google_compute_subnetwork.psc_ilb_consumer_subnetwork.id + address_type = "INTERNAL" +} + +resource "google_compute_forwarding_rule" "psc_ilb_consumer" { + name = "{{index $.Vars "consumer_forwarding_rule_name"}}" + region = "us-west2" + + target = google_compute_service_attachment.psc_ilb_service_attachment.id + load_balancing_scheme = "" # need to override EXTERNAL default when target is a service attachment + network = google_compute_network.psc_ilb_consumer_network.id + subnetwork = google_compute_subnetwork.psc_ilb_consumer_subnetwork.id + ip_address = google_compute_address.psc_ilb_consumer_address.id +} + +resource "google_compute_forwarding_rule" "psc_ilb_target_service" { + name = "{{index $.Vars "producer_forwarding_rule_name"}}" + region = "us-west2" + + load_balancing_scheme = "INTERNAL" + backend_service = google_compute_region_backend_service.producer_service_backend.id + all_ports = true + network = google_compute_network.psc_ilb_network.name + subnetwork = google_compute_subnetwork.psc_ilb_producer_subnetwork.name +} + +resource "google_compute_region_backend_service" "producer_service_backend" { + name = "{{index $.Vars "producer_service_name"}}" + region = "us-west2" + + health_checks = [google_compute_health_check.producer_service_health_check.id] +} + +resource "google_compute_health_check" "producer_service_health_check" { + name = "{{index $.Vars "producer_health_check_name"}}" + + check_interval_sec = 1 + timeout_sec = 1 + tcp_health_check { + port = "80" + } +} + +resource "google_compute_network" "psc_ilb_network" { + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "psc_ilb_producer_subnetwork" { + name = "{{index $.Vars "producer_subnetwork_name"}}" + region = "us-west2" + + network = google_compute_network.psc_ilb_network.id + ip_cidr_range = "10.0.0.0/16" +} + +resource "google_compute_subnetwork" "psc_ilb_nat" { + name = "{{index $.Vars "nat_subnetwork_name"}}" + region = "us-west2" + + network = google_compute_network.psc_ilb_network.id + purpose = "PRIVATE_SERVICE_CONNECT" + ip_cidr_range = "10.1.0.0/16" +} diff --git a/mmv1/templates/terraform/examples/go/service_attachment_explicit_projects.tf.tmpl b/mmv1/templates/terraform/examples/go/service_attachment_explicit_projects.tf.tmpl new file mode 100644 index 000000000000..ad1bd225abef --- /dev/null +++ b/mmv1/templates/terraform/examples/go/service_attachment_explicit_projects.tf.tmpl @@ -0,0 +1,86 @@ +resource "google_compute_service_attachment" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "service_attachment_name"}}" + region = "us-west2" + description = "A service attachment configured with Terraform" + + domain_names = ["gcp.tfacc.hashicorptest.com."] + enable_proxy_protocol = true + connection_preference = "ACCEPT_MANUAL" + nat_subnets = [google_compute_subnetwork.psc_ilb_nat.id] + target_service = google_compute_forwarding_rule.psc_ilb_target_service.id + + consumer_reject_lists = ["673497134629", "482878270665"] + + consumer_accept_lists { + project_id_or_num = "658859330310" + connection_limit = 4 + } +} + +resource "google_compute_address" "psc_ilb_consumer_address" { + name = "{{index $.Vars "consumer_address_name"}}" + region = "us-west2" + + subnetwork = "default" + address_type = "INTERNAL" +} + +resource "google_compute_forwarding_rule" "psc_ilb_consumer" { + name = "{{index $.Vars "consumer_forwarding_rule_name"}}" + region = "us-west2" + + target = google_compute_service_attachment.psc_ilb_service_attachment.id + load_balancing_scheme = "" # need to override EXTERNAL default when target is a service attachment + network = "default" + ip_address = google_compute_address.psc_ilb_consumer_address.id +} + +resource "google_compute_forwarding_rule" "psc_ilb_target_service" { + name = "{{index $.Vars "producer_forwarding_rule_name"}}" + region = "us-west2" + + load_balancing_scheme = "INTERNAL" + backend_service = google_compute_region_backend_service.producer_service_backend.id + all_ports = true + network = google_compute_network.psc_ilb_network.name + subnetwork = google_compute_subnetwork.psc_ilb_producer_subnetwork.name +} + +resource "google_compute_region_backend_service" "producer_service_backend" { + name = "{{index $.Vars "producer_service_name"}}" + region = "us-west2" + + health_checks = [google_compute_health_check.producer_service_health_check.id] +} + +resource "google_compute_health_check" "producer_service_health_check" { + name = "{{index $.Vars "producer_health_check_name"}}" + + check_interval_sec = 1 + timeout_sec = 1 + tcp_health_check { + port = "80" + } +} + +resource "google_compute_network" "psc_ilb_network" { + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "psc_ilb_producer_subnetwork" { + name = "{{index $.Vars "producer_subnetwork_name"}}" + region = "us-west2" + + network = google_compute_network.psc_ilb_network.id + ip_cidr_range = "10.0.0.0/16" +} + +resource "google_compute_subnetwork" "psc_ilb_nat" { + name = "{{index $.Vars "nat_subnetwork_name"}}" + region = "us-west2" + + network = google_compute_network.psc_ilb_network.id + purpose = "PRIVATE_SERVICE_CONNECT" + ip_cidr_range = "10.1.0.0/16" +} diff --git a/mmv1/templates/terraform/examples/go/service_attachment_reconcile_connections.tf.tmpl b/mmv1/templates/terraform/examples/go/service_attachment_reconcile_connections.tf.tmpl new file mode 100644 index 000000000000..54512ef7ec23 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/service_attachment_reconcile_connections.tf.tmpl @@ -0,0 +1,70 @@ +resource "google_compute_service_attachment" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "service_attachment_name"}}" + region = "us-west2" + description = "A service attachment configured with Terraform" + + domain_names = ["gcp.tfacc.hashicorptest.com."] + enable_proxy_protocol = true + connection_preference = "ACCEPT_MANUAL" + nat_subnets = [google_compute_subnetwork.psc_ilb_nat.id] + target_service = google_compute_forwarding_rule.psc_ilb_target_service.id + + consumer_reject_lists = ["673497134629", "482878270665"] + + consumer_accept_lists { + project_id_or_num = "658859330310" + connection_limit = 4 + } + + reconcile_connections = false +} + +resource "google_compute_forwarding_rule" "psc_ilb_target_service" { + name = "{{index $.Vars "producer_forwarding_rule_name"}}" + region = "us-west2" + + load_balancing_scheme = "INTERNAL" + backend_service = google_compute_region_backend_service.producer_service_backend.id + all_ports = true + network = google_compute_network.psc_ilb_network.name + subnetwork = google_compute_subnetwork.psc_ilb_producer_subnetwork.name +} + +resource "google_compute_region_backend_service" "producer_service_backend" { + name = "{{index $.Vars "producer_service_name"}}" + region = "us-west2" + + health_checks = [google_compute_health_check.producer_service_health_check.id] +} + +resource "google_compute_health_check" "producer_service_health_check" { + name = "{{index $.Vars "producer_health_check_name"}}" + + check_interval_sec = 1 + timeout_sec = 1 + tcp_health_check { + port = "80" + } +} + +resource "google_compute_network" "psc_ilb_network" { + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "psc_ilb_producer_subnetwork" { + name = "{{index $.Vars "producer_subnetwork_name"}}" + region = "us-west2" + + network = google_compute_network.psc_ilb_network.id + ip_cidr_range = "10.0.0.0/16" +} + +resource "google_compute_subnetwork" "psc_ilb_nat" { + name = "{{index $.Vars "nat_subnetwork_name"}}" + region = "us-west2" + + network = google_compute_network.psc_ilb_network.id + purpose = "PRIVATE_SERVICE_CONNECT" + ip_cidr_range = "10.1.0.0/16" +} diff --git a/mmv1/templates/terraform/examples/go/service_directory_endpoint_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/service_directory_endpoint_basic.tf.tmpl new file mode 100644 index 000000000000..8a9a7a8a04cc --- /dev/null +++ b/mmv1/templates/terraform/examples/go/service_directory_endpoint_basic.tf.tmpl @@ -0,0 +1,25 @@ +resource "google_service_directory_namespace" "{{$.PrimaryResourceId}}" { + provider = google-beta + namespace_id = "{{index $.Vars "namespace_id"}}" + location = "us-central1" +} + +resource "google_service_directory_service" "{{$.PrimaryResourceId}}" { + provider = google-beta + service_id = "{{index $.Vars "service_id"}}" + namespace = google_service_directory_namespace.{{$.PrimaryResourceId}}.id +} + +resource "google_service_directory_endpoint" "{{$.PrimaryResourceId}}" { + provider = google-beta + endpoint_id = "{{index $.Vars "endpoint_id"}}" + service = google_service_directory_service.{{$.PrimaryResourceId}}.id + + metadata = { + stage = "prod" + region = "us-central1" + } + + address = "1.2.3.4" + port = 5353 +} diff --git a/mmv1/templates/terraform/examples/go/service_directory_endpoint_with_network.tf.tmpl b/mmv1/templates/terraform/examples/go/service_directory_endpoint_with_network.tf.tmpl new file mode 100644 index 000000000000..12229782691a --- /dev/null +++ b/mmv1/templates/terraform/examples/go/service_directory_endpoint_with_network.tf.tmpl @@ -0,0 +1,35 @@ +data "google_project" "project" { + provider = google-beta +} + +resource "google_compute_network" "{{$.PrimaryResourceId}}" { + provider = google-beta + name = "{{index $.Vars "network_name"}}" +} + +resource "google_service_directory_namespace" "{{$.PrimaryResourceId}}" { + provider = google-beta + namespace_id = "{{index $.Vars "namespace_id"}}" + location = "us-central1" +} + +resource "google_service_directory_service" "{{$.PrimaryResourceId}}" { + provider = google-beta + service_id = "{{index $.Vars "service_id"}}" + namespace = google_service_directory_namespace.{{$.PrimaryResourceId}}.id +} + +resource "google_service_directory_endpoint" "{{$.PrimaryResourceId}}" { + provider = google-beta + endpoint_id = "{{index $.Vars "endpoint_id"}}" + service = google_service_directory_service.{{$.PrimaryResourceId}}.id + + metadata = { + stage = "prod" + region = "us-central1" + } + + network = "projects/${data.google_project.project.number}/locations/global/networks/${google_compute_network.{{$.PrimaryResourceId}}.name}" + address = "1.2.3.4" + port = 5353 +} diff --git a/mmv1/templates/terraform/examples/go/service_directory_namespace_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/service_directory_namespace_basic.tf.tmpl new file mode 100644 index 000000000000..5352383bdf52 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/service_directory_namespace_basic.tf.tmpl @@ -0,0 +1,10 @@ +resource "google_service_directory_namespace" "{{$.PrimaryResourceId}}" { + provider = google-beta + namespace_id = "{{index $.Vars "namespace_id"}}" + location = "us-central1" + + labels = { + key = "value" + foo = "bar" + } +} diff --git a/mmv1/templates/terraform/examples/go/service_directory_service_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/service_directory_service_basic.tf.tmpl new file mode 100644 index 000000000000..119570512e10 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/service_directory_service_basic.tf.tmpl @@ -0,0 +1,16 @@ +resource "google_service_directory_namespace" "{{$.PrimaryResourceId}}" { + provider = google-beta + namespace_id = "{{index $.Vars "namespace_id"}}" + location = "us-central1" +} + +resource "google_service_directory_service" "{{$.PrimaryResourceId}}" { + provider = google-beta + service_id = "{{index $.Vars "service_id"}}" + namespace = google_service_directory_namespace.{{$.PrimaryResourceId}}.id + + metadata = { + stage = "prod" + region = "us-central1" + } +} diff --git a/mmv1/templates/terraform/examples/go/shared_reservation_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/shared_reservation_basic.tf.tmpl new file mode 100644 index 000000000000..adc0fe50ad3c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/shared_reservation_basic.tf.tmpl @@ -0,0 +1,51 @@ +resource "google_project" "owner_project" { + project_id = "tf-test%{random_suffix}" + name = "tf-test%{random_suffix}" + org_id = "{{index $.TestEnvVars "org_id"}}" + billing_account = "{{index $.TestEnvVars "billing_account"}}" +} + + +resource "google_project_service" "compute" { + project = google_project.owner_project.project_id + service = "compute.googleapis.com" + disable_on_destroy = false +} + +resource "google_project" "guest_project" { + project_id = "tf-test-2%{random_suffix}" + name = "tf-test-2%{random_suffix}" + org_id = "{{index $.TestEnvVars "org_id"}}" +} + +resource "google_organization_policy" "shared_reservation_org_policy" { + org_id = "{{index $.TestEnvVars "org_id"}}" + constraint = "constraints/compute.sharedReservationsOwnerProjects" + list_policy { + allow { + values = ["projects/${google_project.owner_project.number}"] + } + } +} + +resource "google_compute_reservation" "{{$.PrimaryResourceId}}" { + project = google_project.owner_project.project_id + name = "{{index $.Vars "reservation_name"}}" + zone = "us-central1-a" + + specific_reservation { + count = 1 + instance_properties { + min_cpu_platform = "Intel Cascade Lake" + machine_type = "n2-standard-2" + } + } + share_settings { + share_type = "SPECIFIC_PROJECTS" + project_map { + id = google_project.guest_project.project_id + project_id = google_project.guest_project.project_id + } + } + depends_on = [google_organization_policy.shared_reservation_org_policy,google_project_service.compute] +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/snapshot_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/snapshot_basic.tf.tmpl new file mode 100644 index 000000000000..f397cf34b47c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/snapshot_basic.tf.tmpl @@ -0,0 +1,22 @@ +resource "google_compute_snapshot" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "snapshot_name"}}" + source_disk = google_compute_disk.persistent.id + zone = "us-central1-a" + labels = { + my_label = "value" + } + storage_locations = ["us-central1"] +} + +data "google_compute_image" "debian" { + family = "debian-11" + project = "debian-cloud" +} + +resource "google_compute_disk" "persistent" { + name = "{{index $.Vars "disk_name"}}" + image = data.google_compute_image.debian.self_link + size = 10 + type = "pd-ssd" + zone = "us-central1-a" +} diff --git a/mmv1/templates/terraform/examples/go/snapshot_chainname.tf.tmpl b/mmv1/templates/terraform/examples/go/snapshot_chainname.tf.tmpl new file mode 100644 index 000000000000..052a83553eba --- /dev/null +++ b/mmv1/templates/terraform/examples/go/snapshot_chainname.tf.tmpl @@ -0,0 +1,23 @@ +resource "google_compute_snapshot" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "snapshot_name"}}" + source_disk = google_compute_disk.persistent.id + zone = "us-central1-a" + chain_name = "{{index $.Vars "chain_name"}}" + labels = { + my_label = "value" + } + storage_locations = ["us-central1"] +} + +data "google_compute_image" "debian" { + family = "debian-11" + project = "debian-cloud" +} + +resource "google_compute_disk" "persistent" { + name = "{{index $.Vars "disk_name"}}" + image = data.google_compute_image.debian.self_link + size = 10 + type = "pd-ssd" + zone = "us-central1-a" +} diff --git a/mmv1/templates/terraform/examples/go/sourcerepo_repository_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/sourcerepo_repository_basic.tf.tmpl new file mode 100644 index 000000000000..e01151bdcc58 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sourcerepo_repository_basic.tf.tmpl @@ -0,0 +1,3 @@ +resource "google_sourcerepo_repository" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "repository_name"}}" +} diff --git a/mmv1/templates/terraform/examples/go/sourcerepo_repository_full.tf.tmpl b/mmv1/templates/terraform/examples/go/sourcerepo_repository_full.tf.tmpl new file mode 100644 index 000000000000..704324ef7e67 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sourcerepo_repository_full.tf.tmpl @@ -0,0 +1,17 @@ +resource "google_service_account" "test_account" { + account_id = "{{index $.Vars "account_id"}}" + display_name = "Test Service Account" +} + +resource "google_pubsub_topic" "topic" { + name = "{{index $.Vars "topic_name"}}" +} + +resource "google_sourcerepo_repository" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "repository_name"}}" + pubsub_configs { + topic = google_pubsub_topic.topic.id + message_format = "JSON" + service_account_email = google_service_account.test_account.email + } +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/spanner_database_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/spanner_database_basic.tf.tmpl new file mode 100644 index 000000000000..069aae72dcdc --- /dev/null +++ b/mmv1/templates/terraform/examples/go/spanner_database_basic.tf.tmpl @@ -0,0 +1,16 @@ +resource "google_spanner_instance" "main" { + config = "regional-europe-west1" + display_name = "main-instance" + num_nodes = 1 +} + +resource "google_spanner_database" "database" { + instance = google_spanner_instance.main.name + name = "{{index $.Vars "database_name"}}" + version_retention_period = "3d" + ddl = [ + "CREATE TABLE t1 (t1 INT64 NOT NULL,) PRIMARY KEY(t1)", + "CREATE TABLE t2 (t2 INT64 NOT NULL,) PRIMARY KEY(t2)", + ] + deletion_protection = false +} diff --git a/mmv1/templates/terraform/examples/go/spanner_instance_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/spanner_instance_basic.tf.tmpl new file mode 100644 index 000000000000..02bd2715d9a9 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/spanner_instance_basic.tf.tmpl @@ -0,0 +1,8 @@ +resource "google_spanner_instance" "example" { + config = "regional-us-central1" + display_name = "Test Spanner Instance" + num_nodes = 2 + labels = { + "foo" = "bar" + } +} diff --git a/mmv1/templates/terraform/examples/go/spanner_instance_multi_regional.tf.tmpl b/mmv1/templates/terraform/examples/go/spanner_instance_multi_regional.tf.tmpl new file mode 100644 index 000000000000..052d6714af43 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/spanner_instance_multi_regional.tf.tmpl @@ -0,0 +1,8 @@ +resource "google_spanner_instance" "example" { + config = "nam-eur-asia1" + display_name = "Multi Regional Instance" + num_nodes = 2 + labels = { + "foo" = "bar" + } +} diff --git a/mmv1/templates/terraform/examples/go/spanner_instance_processing_units.tf.tmpl b/mmv1/templates/terraform/examples/go/spanner_instance_processing_units.tf.tmpl new file mode 100644 index 000000000000..b26e40e59763 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/spanner_instance_processing_units.tf.tmpl @@ -0,0 +1,8 @@ +resource "google_spanner_instance" "example" { + config = "regional-us-central1" + display_name = "Test Spanner Instance" + processing_units = 200 + labels = { + "foo" = "bar" + } +} diff --git a/mmv1/templates/terraform/examples/go/spanner_instance_with_autoscaling.tf.tmpl b/mmv1/templates/terraform/examples/go/spanner_instance_with_autoscaling.tf.tmpl new file mode 100644 index 000000000000..aa541cff768d --- /dev/null +++ b/mmv1/templates/terraform/examples/go/spanner_instance_with_autoscaling.tf.tmpl @@ -0,0 +1,20 @@ +resource "google_spanner_instance" "example" { + config = "regional-us-central1" + display_name = "Test Spanner Instance" + autoscaling_config { + autoscaling_limits { + // Define the minimum and maximum compute capacity allocated to the instance + // Either use nodes or processing units to specify the limits, + // but should use the same unit to set both the min_limit and max_limit. + max_processing_units = 3000 // OR max_nodes = 3 + min_processing_units = 2000 // OR min_nodes = 2 + } + autoscaling_targets { + high_priority_cpu_utilization_percent = 75 + storage_utilization_percent = 90 + } + } + labels = { + "foo" = "bar" + } +} diff --git a/mmv1/templates/terraform/examples/go/spot_instance_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/spot_instance_basic.tf.tmpl new file mode 100644 index 000000000000..18c695305bc0 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/spot_instance_basic.tf.tmpl @@ -0,0 +1,29 @@ +# [START compute_spot_instance_create] + +resource "google_compute_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "spot_instance_name"}}" + machine_type = "f1-micro" + zone = "us-central1-c" + + boot_disk { + initialize_params { + image = "debian-cloud/debian-11" + } + } + + scheduling { + preemptible = true + automatic_restart = false + provisioning_model = "SPOT" + instance_termination_action = "STOP" + } + + network_interface { + # A default network is created for all GCP projects + network = "default" + access_config { + } + } +} + +# [END compute_spot_instance_create] diff --git a/mmv1/templates/terraform/examples/go/sql_database_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_database_basic.tf.tmpl new file mode 100644 index 000000000000..9c1915799fa8 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_database_basic.tf.tmpl @@ -0,0 +1,18 @@ +# [START cloud_sql_database_create] +resource "google_sql_database" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "database_name"}}" + instance = google_sql_database_instance.instance.name +} +# [END cloud_sql_database_create] + +# See versions at https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#database_version +resource "google_sql_database_instance" "instance" { + name = "{{index $.Vars "database_instance_name"}}" + region = "us-central1" + database_version = "MYSQL_8_0" + settings { + tier = "db-f1-micro" + } + + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} diff --git a/mmv1/templates/terraform/examples/go/sql_database_deletion_policy.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_database_deletion_policy.tf.tmpl new file mode 100644 index 000000000000..f0704eab298c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_database_deletion_policy.tf.tmpl @@ -0,0 +1,19 @@ +# [START cloud_sql_database_create] +resource "google_sql_database" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "database_name"}}" + instance = google_sql_database_instance.instance.name + deletion_policy = "ABANDON" +} +# [END cloud_sql_database_create] + +# See versions at https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#database_version +resource "google_sql_database_instance" "instance" { + name = "{{index $.Vars "database_instance_name"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + tier = "db-g1-small" + } + + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} diff --git a/mmv1/templates/terraform/examples/go/sql_database_instance_my_sql.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_database_instance_my_sql.tf.tmpl new file mode 100644 index 000000000000..124e40ca8f2a --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_database_instance_my_sql.tf.tmpl @@ -0,0 +1,30 @@ +# [START cloud_sql_mysql_instance_80_db_n1_s2] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "database_instance_name"}}" + region = "us-central1" + database_version = "MYSQL_8_0" + settings { + tier = "db-n1-standard-2" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_80_db_n1_s2] + +# [START cloud_sql_mysql_instance_user] +resource "random_password" "pwd" { + length = 16 + special = false +} + +resource "google_sql_user" "user" { + name = "user" + instance = google_sql_database_instance.instance.name + password = random_password.pwd.result + password_policy { + allowed_failed_attempts = 6 + password_expiration_duration = "2592000s" + enable_failed_attempts_check = true + enable_password_verification = true + } +} +# [END cloud_sql_mysql_instance_user] diff --git a/mmv1/templates/terraform/examples/go/sql_database_instance_postgres.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_database_instance_postgres.tf.tmpl new file mode 100644 index 000000000000..2a41ff5a4017 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_database_instance_postgres.tf.tmpl @@ -0,0 +1,25 @@ +# [START cloud_sql_postgres_instance_80_db_n1_s2] + +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "database_instance_name"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + tier = "db-custom-2-7680" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_80_db_n1_s2] + +# [START cloud_sql_postgres_instance_user] +resource "random_password" "pwd" { + length = 16 + special = false +} + +resource "google_sql_user" "user" { + name = "user" + instance = google_sql_database_instance.instance.name + password = random_password.pwd.result +} +# [END cloud_sql_postgres_instance_user] diff --git a/mmv1/templates/terraform/examples/go/sql_database_instance_sqlserver.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_database_instance_sqlserver.tf.tmpl new file mode 100644 index 000000000000..370d70d28d3b --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_database_instance_sqlserver.tf.tmpl @@ -0,0 +1,25 @@ +# [START cloud_sql_sqlserver_instance_80_db_n1_s2] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "database_instance_name"}}" + region = "us-central1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_80_db_n1_s2] + +# [START cloud_sql_sqlserver_instance_user] +resource "random_password" "pwd" { + length = 16 + special = false +} + +resource "google_sql_user" "user" { + name = "user" + instance = google_sql_database_instance.instance.name + password = random_password.pwd.result +} +# [END cloud_sql_sqlserver_instance_user] diff --git a/mmv1/templates/terraform/examples/go/sql_instance_cmek.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_instance_cmek.tf.tmpl new file mode 100644 index 000000000000..fa875cd2bf18 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_instance_cmek.tf.tmpl @@ -0,0 +1,76 @@ +# [START cloud_sql_instance_service_identity] +resource "google_project_service_identity" "gcp_sa_cloud_sql" { + provider = google-beta + service = "sqladmin.googleapis.com" +} +# [END cloud_sql_instance_service_identity] + +# [START cloud_sql_instance_keyring] +resource "google_kms_key_ring" "keyring" { + provider = google-beta + name = "{{index $.Vars "keyring_name"}}" + location = "us-central1" +} +# [END cloud_sql_instance_keyring] + +# [START cloud_sql_instance_key] +resource "google_kms_crypto_key" "key" { + provider = google-beta + name = "{{index $.Vars "crypto_key_name"}}" + key_ring = google_kms_key_ring.keyring.id + purpose = "ENCRYPT_DECRYPT" +} +# [END cloud_sql_instance_key] + +# [START cloud_sql_instance_crypto_key] +resource "google_kms_crypto_key_iam_member" "crypto_key" { + provider = google-beta + crypto_key_id = google_kms_crypto_key.key.id + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + + member = "serviceAccount:${google_project_service_identity.gcp_sa_cloud_sql.email}" +} +# [END cloud_sql_instance_crypto_key] + +# [START cloud_sql_mysql_instance_cmek] +resource "google_sql_database_instance" "mysql_instance_with_cmek" { + name = "{{index $.Vars "mysql_instance_cmek"}}" + provider = google-beta + region = "us-central1" + database_version = "MYSQL_8_0" + encryption_key_name = google_kms_crypto_key.key.id + settings { + tier = "db-n1-standard-2" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_cmek] + +# [START cloud_sql_postgres_instance_cmek] +resource "google_sql_database_instance" "postgres_instance_with_cmek" { + name = "{{index $.Vars "postgres_instance_cmek"}}" + provider = google-beta + region = "us-central1" + database_version = "POSTGRES_14" + encryption_key_name = google_kms_crypto_key.key.id + settings { + tier = "db-custom-2-7680" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_cmek] + +# [START cloud_sql_sqlserver_instance_cmek] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance_cmek"}}" + provider = google-beta + region = "us-central1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE " + encryption_key_name = google_kms_crypto_key.key.id + settings { + tier = "db-custom-2-7680" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_cmek] diff --git a/mmv1/templates/terraform/examples/go/sql_instance_ha.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_instance_ha.tf.tmpl new file mode 100644 index 000000000000..6ac502c2ddd4 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_instance_ha.tf.tmpl @@ -0,0 +1,53 @@ +# [START cloud_sql_mysql_instance_ha] +resource "google_sql_database_instance" "mysql_instance_ha" { + name = "{{index $.Vars "mysql_instance_ha"}}" + region = "asia-northeast1" + database_version = "MYSQL_8_0" + settings { + tier = "db-f1-micro" + availability_type = "REGIONAL" + backup_configuration { + enabled = true + binary_log_enabled = true + start_time = "20:55" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_ha] + +# [START cloud_sql_postgres_instance_ha] +resource "google_sql_database_instance" "postgres_instance_ha" { + name = "{{index $.Vars "postgres_instance_ha"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + tier = "db-custom-2-7680" + availability_type = "REGIONAL" + backup_configuration { + enabled = true + point_in_time_recovery_enabled = true + start_time = "20:55" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_ha] + +# [START cloud_sql_sqlserver_instance_ha] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance_ha"}}" + region = "us-central1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + availability_type = "REGIONAL" + backup_configuration { + enabled = true + start_time = "20:55" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_ha] diff --git a/mmv1/templates/terraform/examples/go/sql_instance_iam_condition.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_instance_iam_condition.tf.tmpl new file mode 100644 index 000000000000..9e80323369b8 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_instance_iam_condition.tf.tmpl @@ -0,0 +1,39 @@ +data "google_project" "project" { +} + +resource "google_project_service_identity" "gcp_sa_cloud_sql" { + provider = google-beta + service = "sqladmin.googleapis.com" +} + +# [START cloud_sql_instance_iam_conditions] +data "google_iam_policy" "sql_iam_policy" { + binding { + role = "roles/cloudsql.client" + members = [ + "serviceAccount:${google_project_service_identity.gcp_sa_cloud_sql.email}", + ] + condition { + expression = "resource.name == 'google_sql_database_instance.default.id' && resource.service == 'sqladmin.googleapis.com'" + title = "created" + description = "Cloud SQL instance creation" + } + } +} + +resource "google_project_iam_policy" "project" { + project = data.google_project.project.id + policy_data = data.google_iam_policy.sql_iam_policy.policy_data +} +# [END cloud_sql_instance_iam_conditions] + +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "mysql_instance_iam_condition"}}" + provider = google-beta + region = "us-central1" + database_version = "MYSQL_8_0" + settings { + tier = "db-n1-standard-2" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} diff --git a/mmv1/templates/terraform/examples/go/sql_instance_labels.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_instance_labels.tf.tmpl new file mode 100644 index 000000000000..06a6bbc81a24 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_instance_labels.tf.tmpl @@ -0,0 +1,48 @@ +# [START cloud_sql_mysql_instance_labels] +resource "google_sql_database_instance" "mysql_instance_labels" { + name = "{{index $.Vars "mysql_instance_labels"}}" + region = "us-central1" + database_version = "MYSQL_8_0" + settings { + tier = "db-n1-standard-2" + user_labels = { + track = "production" + billing-code = 34802 + } + } + deletion_protection = "false" +} +# [END cloud_sql_mysql_instance_labels] + +# [START cloud_sql_postgres_instance_labels] +resource "google_sql_database_instance" "postgres_instance_labels" { + name = "{{index $.Vars "postgres_instance_labels"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + tier = "db-custom-2-7680" + user_labels = { + track = "production" + billing-code = 34802 + } + } + deletion_protection = "false" +} +# [END cloud_sql_postgres_instance_labels] + +# [START cloud_sql_sqlserver_instance_labels] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance_labels"}}" + region = "us-central1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + user_labels = { + track = "production" + billing-code = 34802 + } + } + deletion_protection = "false" +} +# [END cloud_sql_sqlserver_instance_labels] diff --git a/mmv1/templates/terraform/examples/go/sql_instance_pitr.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_instance_pitr.tf.tmpl new file mode 100644 index 000000000000..a06e64956bf6 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_instance_pitr.tf.tmpl @@ -0,0 +1,35 @@ +# [START cloud_sql_mysql_instance_pitr] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "mysql_instance_pitr"}}" + region = "asia-northeast1" + database_version = "MYSQL_8_0" + settings { + tier = "db-f1-micro" + backup_configuration { + enabled = true + binary_log_enabled = true + start_time = "20:55" + transaction_log_retention_days = "3" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_pitr] + +# [START cloud_sql_postgres_instance_pitr] +resource "google_sql_database_instance" "postgres_instance_pitr" { + name = "{{index $.Vars "postgres_instance__pitr"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + tier = "db-custom-2-7680" + backup_configuration { + enabled = true + point_in_time_recovery_enabled = true + start_time = "20:55" + transaction_log_retention_days = "3" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_pitr] diff --git a/mmv1/templates/terraform/examples/go/sql_instance_ssl_cert.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_instance_ssl_cert.tf.tmpl new file mode 100644 index 000000000000..e976fd8c142a --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_instance_ssl_cert.tf.tmpl @@ -0,0 +1,59 @@ +# [START cloud_sql_mysql_instance_require_ssl] +resource "google_sql_database_instance" "mysql_instance" { + name = "{{index $.Vars "mysql_instance"}}" + region = "asia-northeast1" + database_version = "MYSQL_8_0" + settings { + tier = "db-f1-micro" + ip_configuration { + require_ssl = "true" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_require_ssl] + +# [START cloud_sql_mysql_instance_ssl_cert] +resource "google_sql_ssl_cert" "mysql_client_cert" { + common_name = "mysql_common_name" + instance = google_sql_database_instance.mysql_instance.name +} +# [END cloud_sql_mysql_instance_ssl_cert] + +# [START cloud_sql_postgres_instance_require_ssl] +resource "google_sql_database_instance" "postgres_instance" { + name = "{{index $.Vars "postgres_instance"}}" + region = "asia-northeast1" + database_version = "postgres_14" + settings { + tier = "db-custom-2-7680" + ip_configuration { + require_ssl = "true" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_require_ssl] + +# [START cloud_sql_postgres_instance_ssl_cert] +resource "google_sql_ssl_cert" "postgres_client_cert" { + common_name = "postgres_common_name" + instance = google_sql_database_instance.postgres_instance.name +} +# [END cloud_sql_postgres_instance_ssl_cert] + +# [START cloud_sql_sqlserver_instance_require_ssl] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance"}}" + region = "asia-northeast1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + ip_configuration { + require_ssl = "true" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_require_ssl] diff --git a/mmv1/templates/terraform/examples/go/sql_mysql_instance_authorized_network.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_mysql_instance_authorized_network.tf.tmpl new file mode 100644 index 000000000000..2e6490cd6fe4 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_mysql_instance_authorized_network.tf.tmpl @@ -0,0 +1,18 @@ +# [START cloud_sql_mysql_instance_authorized_network] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "mysql_instance_with_authorized_network"}}" + region = "us-central1" + database_version = "MYSQL_8_0" + settings { + tier = "db-f1-micro" + ip_configuration { + authorized_networks { + name = "Network Name" + value = "192.0.2.0/24" + expiration_time = "3021-11-15T16:19:00.094Z" + } + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_authorized_network] diff --git a/mmv1/templates/terraform/examples/go/sql_mysql_instance_backup.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_mysql_instance_backup.tf.tmpl new file mode 100644 index 000000000000..67dfdc4fad50 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_mysql_instance_backup.tf.tmpl @@ -0,0 +1,16 @@ +# [START cloud_sql_mysql_instance_backup] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "mysql_instance_backup"}}" + region = "asia-northeast1" + database_version = "MYSQL_8_0" + settings { + tier = "db-f1-micro" + backup_configuration { + enabled = true + binary_log_enabled = true + start_time = "20:55" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_backup] diff --git a/mmv1/templates/terraform/examples/go/sql_mysql_instance_backup_location.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_mysql_instance_backup_location.tf.tmpl new file mode 100644 index 000000000000..916d12bf09ac --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_mysql_instance_backup_location.tf.tmpl @@ -0,0 +1,15 @@ +# [START cloud_sql_mysql_instance_backup_location] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "mysql_instance_backup_location"}}" + region = "asia-northeast1" + database_version = "MYSQL_8_0" + settings { + tier = "db-f1-micro" + backup_configuration { + enabled = true + location = "asia-northeast1" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_backup_location] diff --git a/mmv1/templates/terraform/examples/go/sql_mysql_instance_backup_retention.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_mysql_instance_backup_retention.tf.tmpl new file mode 100644 index 000000000000..57e630c34e2f --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_mysql_instance_backup_retention.tf.tmpl @@ -0,0 +1,18 @@ +# [START cloud_sql_mysql_instance_backup_retention] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "mysql_instance_backup_retention"}}" + region = "asia-northeast1" + database_version = "MYSQL_8_0" + settings { + tier = "db-f1-micro" + backup_configuration { + enabled = true + backup_retention_settings { + retained_backups = 365 + retention_unit = "COUNT" + } + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_backup_retention] diff --git a/mmv1/templates/terraform/examples/go/sql_mysql_instance_clone.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_mysql_instance_clone.tf.tmpl new file mode 100644 index 000000000000..5ea986116ac5 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_mysql_instance_clone.tf.tmpl @@ -0,0 +1,23 @@ +# [START cloud_sql_mysql_instance_source] +resource "google_sql_database_instance" "source" { + name = "{{index $.Vars "mysql_instance_source_name"}}" + region = "us-central1" + database_version = "MYSQL_8_0" + settings { + tier = "db-n1-standard-2" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_source] + +# [START cloud_sql_mysql_instance_clone] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "mysql_instance_clone_name"}}" + region = "us-central1" + database_version = "MYSQL_8_0" + clone { + source_instance_name = google_sql_database_instance.source.id + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_clone] diff --git a/mmv1/templates/terraform/examples/go/sql_mysql_instance_flags.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_mysql_instance_flags.tf.tmpl new file mode 100644 index 000000000000..a2421e78283e --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_mysql_instance_flags.tf.tmpl @@ -0,0 +1,24 @@ +# [START cloud_sql_mysql_instance_flags] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + database_version = "MYSQL_8_0" + name = "{{index $.Vars "mysql_instance"}}" + region = "us-central1" + settings { + database_flags { + name = "general_log" + value = "on" + } + database_flags { + name = "skip_show_database" + value = "on" + } + database_flags { + name = "wait_timeout" + value = "200000" + } + disk_type = "PD_SSD" + tier = "db-n1-standard-2" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_flags] diff --git a/mmv1/templates/terraform/examples/go/sql_mysql_instance_public_ip.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_mysql_instance_public_ip.tf.tmpl new file mode 100644 index 000000000000..8165b86cd381 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_mysql_instance_public_ip.tf.tmpl @@ -0,0 +1,24 @@ +# [START cloud_sql_mysql_instance_public_ip] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + database_version = "MYSQL_5_7" + name = "{{index $.Vars "mysql_public_ip_instance_name"}}" + region = "asia-southeast2" + settings { + availability_type = "ZONAL" + disk_size = 100 + disk_type = "PD_SSD" + ip_configuration { + # Add optional authorized networks + # Update to match the customer's networks + authorized_networks { + name = "test-net-3" + value = "203.0.113.0/24" + } + # Enable public IP + ipv4_enabled = true + } + tier = "db-custom-4-26624" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_public_ip] diff --git a/mmv1/templates/terraform/examples/go/sql_mysql_instance_pvp.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_mysql_instance_pvp.tf.tmpl new file mode 100644 index 000000000000..de0fd811c86b --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_mysql_instance_pvp.tf.tmpl @@ -0,0 +1,19 @@ +# [START cloud_sql_mysql_instance_pvp] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "mysql_pvp_instance_name"}}" + region = "asia-northeast1" + database_version = "MYSQL_8_0" + root_password = "abcABC123!" + settings { + tier = "db-f1-micro" + password_validation_policy { + min_length = 6 + complexity = "COMPLEXITY_DEFAULT" + reuse_interval = 2 + disallow_username_substring = true + enable_password_policy = true + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_pvp] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/sql_mysql_instance_replica.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_mysql_instance_replica.tf.tmpl new file mode 100644 index 000000000000..6b36e0c5c05a --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_mysql_instance_replica.tf.tmpl @@ -0,0 +1,35 @@ +# [START cloud_sql_mysql_instance_primary] +resource "google_sql_database_instance" "primary" { + name = "{{index $.Vars "mysql_primary_instance_name"}}" + region = "europe-west4" + database_version = "MYSQL_8_0" + settings { + tier = "db-n1-standard-2" + backup_configuration { + enabled = "true" + binary_log_enabled = "true" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_primary] + +# [START cloud_sql_mysql_instance_replica] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "mysql_replica_instance_name"}}" + master_instance_name = google_sql_database_instance.primary.name + region = "europe-west4" + database_version = "MYSQL_8_0" + + replica_configuration { + failover_target = false + } + + settings { + tier = "db-n1-standard-2" + availability_type = "ZONAL" + disk_size = "100" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_mysql_instance_replica] diff --git a/mmv1/templates/terraform/examples/go/sql_postgres_instance_authorized_network.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_postgres_instance_authorized_network.tf.tmpl new file mode 100644 index 000000000000..77bd979fa7d1 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_postgres_instance_authorized_network.tf.tmpl @@ -0,0 +1,18 @@ +# [START cloud_sql_postgres_instance_authorized_network] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "postgres_instance_with_authorized_network"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + tier = "db-custom-2-7680" + ip_configuration { + authorized_networks { + name = "Network Name" + value = "192.0.2.0/24" + expiration_time = "3021-11-15T16:19:00.094Z" + } + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_authorized_network] diff --git a/mmv1/templates/terraform/examples/go/sql_postgres_instance_backup.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_postgres_instance_backup.tf.tmpl new file mode 100644 index 000000000000..be494aa10a38 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_postgres_instance_backup.tf.tmpl @@ -0,0 +1,15 @@ +# [START cloud_sql_postgres_instance_backup] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "postgres_instance_backup"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + tier = "db-custom-2-7680" + backup_configuration { + enabled = true + start_time = "20:55" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_backup] diff --git a/mmv1/templates/terraform/examples/go/sql_postgres_instance_backup_location.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_postgres_instance_backup_location.tf.tmpl new file mode 100644 index 000000000000..523fe2128d10 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_postgres_instance_backup_location.tf.tmpl @@ -0,0 +1,15 @@ +# [START cloud_sql_postgres_instance_backup_location] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "postgres_instance_backup_location"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + tier = "db-custom-2-7680" + backup_configuration { + enabled = true + location = "us-central1" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_backup_location] diff --git a/mmv1/templates/terraform/examples/go/sql_postgres_instance_backup_retention.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_postgres_instance_backup_retention.tf.tmpl new file mode 100644 index 000000000000..5851ba5db1b5 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_postgres_instance_backup_retention.tf.tmpl @@ -0,0 +1,18 @@ +# [START cloud_sql_postgres_instance_backup_retention] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "postgres_instance_backup_retention"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + tier = "db-custom-2-7680" + backup_configuration { + enabled = true + backup_retention_settings { + retained_backups = 365 + retention_unit = "COUNT" + } + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_backup_retention] diff --git a/mmv1/templates/terraform/examples/go/sql_postgres_instance_clone.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_postgres_instance_clone.tf.tmpl new file mode 100644 index 000000000000..d0a68e4b6c9c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_postgres_instance_clone.tf.tmpl @@ -0,0 +1,23 @@ +# [START cloud_sql_postgres_instance_source] +resource "google_sql_database_instance" "source" { + name = "{{index $.Vars "postgres_instance_source_name"}}" + region = "us-central1" + database_version = "POSTGRES_12" + settings { + tier = "db-n1-standard-2" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_source] + +# [START cloud_sql_postgres_instance_clone] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "postgres_instance_clone_name"}}" + region = "us-central1" + database_version = "POSTGRES_12" + clone { + source_instance_name = google_sql_database_instance.source.id + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_clone] diff --git a/mmv1/templates/terraform/examples/go/sql_postgres_instance_flags.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_postgres_instance_flags.tf.tmpl new file mode 100644 index 000000000000..eec472895808 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_postgres_instance_flags.tf.tmpl @@ -0,0 +1,19 @@ +# [START cloud_sql_postgres_instance_flags] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "postgres_instance"}}" + region = "us-central1" + database_version = "POSTGRES_14" + settings { + database_flags { + name = "log_connections" + value = "on" + } + database_flags { + name = "log_min_error_statement" + value = "error" + } + tier = "db-custom-2-7680" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_flags] diff --git a/mmv1/templates/terraform/examples/go/sql_postgres_instance_public_ip.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_postgres_instance_public_ip.tf.tmpl new file mode 100644 index 000000000000..8fbb18db8910 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_postgres_instance_public_ip.tf.tmpl @@ -0,0 +1,22 @@ +# [START cloud_sql_postgres_instance_public_ip] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + database_version = "POSTGRES_14" + name = "{{index $.Vars "postgres_public_ip_instance_name"}}" + region = "asia-southeast2" + settings { + availability_type = "ZONAL" + ip_configuration { + # Add optional authorized networks + # Update to match the customer's networks + authorized_networks { + name = "test-net-3" + value = "203.0.113.0/24" + } + # Enable public IP + ipv4_enabled = true + } + tier = "db-custom-2-7680" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_public_ip] diff --git a/mmv1/templates/terraform/examples/go/sql_postgres_instance_pvp.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_postgres_instance_pvp.tf.tmpl new file mode 100644 index 000000000000..d9036765b51c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_postgres_instance_pvp.tf.tmpl @@ -0,0 +1,20 @@ +# [START cloud_sql_postgres_instance_pvp] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "postgres_pvp_instance_name"}}" + region = "asia-northeast1" + database_version = "POSTGRES_14" + root_password = "abcABC123!" + settings { + tier = "db-custom-2-7680" + password_validation_policy { + min_length = 6 + reuse_interval = 2 + complexity = "COMPLEXITY_DEFAULT" + disallow_username_substring = true + password_change_interval = "30s" + enable_password_policy = true + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_pvp] diff --git a/mmv1/templates/terraform/examples/go/sql_postgres_instance_replica.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_postgres_instance_replica.tf.tmpl new file mode 100644 index 000000000000..8f205eb48d40 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_postgres_instance_replica.tf.tmpl @@ -0,0 +1,34 @@ +# [START cloud_sql_postgres_instance_primary] +resource "google_sql_database_instance" "primary" { + name = "{{index $.Vars "postgres_primary_instance_name"}}" + region = "europe-west4" + database_version = "POSTGRES_14" + settings { + tier = "db-custom-2-7680" + backup_configuration { + enabled = "true" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_primary] + +# [START cloud_sql_postgres_instance_replica] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "postgres_replica_instance_name"}}" + master_instance_name = google_sql_database_instance.primary.name + region = "europe-west4" + database_version = "POSTGRES_14" + + replica_configuration { + failover_target = false + } + + settings { + tier = "db-custom-2-7680" + availability_type = "ZONAL" + disk_size = "100" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_postgres_instance_replica] diff --git a/mmv1/templates/terraform/examples/go/sql_source_representation_instance_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_source_representation_instance_basic.tf.tmpl new file mode 100644 index 000000000000..625d1f7e0b5d --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_source_representation_instance_basic.tf.tmpl @@ -0,0 +1,10 @@ +resource "google_sql_source_representation_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "name"}}" + region = "us-central1" + database_version = "MYSQL_8_0" + host = "10.20.30.40" + port = 3306 + username = "some-user" + password = "password-for-the-user" + dump_file_path = "gs://replica-bucket/source-database.sql.gz" +} diff --git a/mmv1/templates/terraform/examples/go/sql_source_representation_instance_postgres.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_source_representation_instance_postgres.tf.tmpl new file mode 100644 index 000000000000..30e8d69e92f1 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_source_representation_instance_postgres.tf.tmpl @@ -0,0 +1,10 @@ +resource "google_sql_source_representation_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "name"}}" + region = "us-central1" + database_version = "POSTGRES_9_6" + host = "10.20.30.40" + port = 3306 + username = "some-user" + password = "password-for-the-user" + dump_file_path = "gs://replica-bucket/source-database.sql.gz" +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_authorized_network.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_authorized_network.tf.tmpl new file mode 100644 index 000000000000..bb36f15ae286 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_authorized_network.tf.tmpl @@ -0,0 +1,19 @@ +# [START cloud_sql_sqlserver_instance_authorized_network] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance_with_authorized_network"}}" + region = "us-central1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + ip_configuration { + authorized_networks { + name = "Network Name" + value = "192.0.2.0/24" + expiration_time = "3021-11-15T16:19:00.094Z" + } + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_authorized_network] diff --git a/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_backup.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_backup.tf.tmpl new file mode 100644 index 000000000000..80b315b42fe3 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_backup.tf.tmpl @@ -0,0 +1,16 @@ +# [START cloud_sql_sqlserver_instance_backup] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance_backup"}}" + region = "us-central1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + backup_configuration { + enabled = true + start_time = "20:55" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_backup] diff --git a/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_backup_location.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_backup_location.tf.tmpl new file mode 100644 index 000000000000..46cbacab1c67 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_backup_location.tf.tmpl @@ -0,0 +1,16 @@ +# [START cloud_sql_sqlserver_instance_backup_location] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance_backup_location"}}" + region = "us-central1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + backup_configuration { + enabled = true + location = "us-central1" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_backup_location] diff --git a/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_backup_retention.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_backup_retention.tf.tmpl new file mode 100644 index 000000000000..0898f0083008 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_backup_retention.tf.tmpl @@ -0,0 +1,19 @@ +# [START cloud_sql_sqlserver_instance_backup_retention] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance_backup_retention"}}" + region = "us-central1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + backup_configuration { + enabled = true + backup_retention_settings { + retained_backups = 365 + retention_unit = "COUNT" + } + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_backup_retention] diff --git a/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_clone.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_clone.tf.tmpl new file mode 100644 index 000000000000..121529a7065d --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_clone.tf.tmpl @@ -0,0 +1,25 @@ +# [START cloud_sql_sqlserver_instance_source] +resource "google_sql_database_instance" "source" { + name = "{{index $.Vars "sqlserver_instance_source_name"}}" + region = "us-central1" + database_version = "SQLSERVER_2017_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_source] + +# [START cloud_sql_sqlserver_instance_clone] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance_clone_name"}}" + region = "us-central1" + database_version = "SQLSERVER_2017_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + clone { + source_instance_name = google_sql_database_instance.source.id + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_clone] diff --git a/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_flags.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_flags.tf.tmpl new file mode 100644 index 000000000000..559ea293afb1 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_flags.tf.tmpl @@ -0,0 +1,24 @@ +# [START cloud_sql_sqlserver_instance_flags] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_instance"}}" + region = "us-central1" + database_version = "SQLSERVER_2019_STANDARD" + root_password = "INSERT-PASSWORD-HERE" + settings { + database_flags { + name = "1204" + value = "on" + } + database_flags { + name = "remote access" + value = "on" + } + database_flags { + name = "remote query timeout (s)" + value = "300" + } + tier = "db-custom-2-7680" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_flags] diff --git a/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_public_ip.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_public_ip.tf.tmpl new file mode 100644 index 000000000000..789aba01520a --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_public_ip.tf.tmpl @@ -0,0 +1,23 @@ +# [START cloud_sql_sqlserver_instance_public_ip] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_public_ip_instance_name"}}" + region = "europe-west4" + database_version = "SQLSERVER_2019_ENTERPRISE" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + availability_type = "ZONAL" + ip_configuration { + # Add optional authorized networks + # Update to match the customer's networks + authorized_networks { + name = "test-net-3" + value = "203.0.113.0/24" + } + # Enable public IP + ipv4_enabled = true + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_public_ip] diff --git a/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_replica.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_replica.tf.tmpl new file mode 100644 index 000000000000..88d0acc1e8d9 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_sqlserver_instance_replica.tf.tmpl @@ -0,0 +1,35 @@ +# [START cloud_sql_sqlserver_instance_primary] +resource "google_sql_database_instance" "primary" { + name = "{{index $.Vars "sqlserver_primary_instance_name"}}" + region = "europe-west4" + database_version = "SQLSERVER_2019_ENTERPRISE" + root_password = "INSERT-PASSWORD-HERE" + settings { + tier = "db-custom-2-7680" + backup_configuration { + enabled = "true" + } + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_primary] + +# [START cloud_sql_sqlserver_instance_replica] +resource "google_sql_database_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "sqlserver_replica_instance_name"}}" + master_instance_name = google_sql_database_instance.primary.name + region = "europe-west4" + database_version = "SQLSERVER_2019_ENTERPRISE" + root_password = "INSERT-PASSWORD-HERE" + replica_configuration { + failover_target = false + } + + settings { + tier = "db-custom-2-7680" + availability_type = "ZONAL" + disk_size = "100" + } + deletion_protection = "{{index $.Vars "deletion_protection"}}" +} +# [END cloud_sql_sqlserver_instance_replica] diff --git a/mmv1/templates/terraform/examples/go/sql_sqlserver_vm_instance.tf.tmpl b/mmv1/templates/terraform/examples/go/sql_sqlserver_vm_instance.tf.tmpl new file mode 100644 index 000000000000..24ed99f68177 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/sql_sqlserver_vm_instance.tf.tmpl @@ -0,0 +1,58 @@ +# VPC network +resource "google_compute_network" "default" { + provider = google-beta + name = "{{index $.Vars "vpc_network"}}" + auto_create_subnetworks = false +} + +# Subnet +resource "google_compute_subnetwork" "default" { + provider = google-beta + name = "{{index $.Vars "vpc_subnet"}}" + ip_cidr_range = "10.0.1.0/24" + region = "europe-west1" + network = google_compute_network.default.id +} + +# [START cloud_sql_sqlserver_vm_instance] +resource "google_compute_instance" "{{$.PrimaryResourceId}}" { + provider = google-beta + name = "{{index $.Vars "sqlserver_vm"}}" + boot_disk { + auto_delete = true + device_name = "persistent-disk-0" + initialize_params { + image = "windows-sql-cloud/sql-std-2019-win-2022" + size = 50 + type = "pd-balanced" + } + mode = "READ_WRITE" + } + machine_type = "n1-standard-4" + zone = "europe-west1-b" + network_interface { + access_config { + network_tier = "PREMIUM" + } + network = google_compute_network.default.id + stack_type = "IPV4_ONLY" + subnetwork = google_compute_subnetwork.default.id + } +} +# [END cloud_sql_sqlserver_vm_instance] + +# [START cloud_sql_sqlserver_vm_firewall_rule] +resource "google_compute_firewall" "sql_server_1433" { + provider = google-beta + name = "{{index $.Vars "sql_server_1433_3"}}" + allow { + ports = ["1433"] + protocol = "tcp" + } + description = "Allow SQL Server access from all sources on port 1433." + direction = "INGRESS" + network = google_compute_network.default.id + priority = 1000 + source_ranges = ["0.0.0.0/0"] +} +# [END cloud_sql_sqlserver_vm_firewall_rule] diff --git a/mmv1/templates/terraform/examples/go/ssl_certificate_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/ssl_certificate_basic.tf.tmpl new file mode 100644 index 000000000000..f8adfac700ef --- /dev/null +++ b/mmv1/templates/terraform/examples/go/ssl_certificate_basic.tf.tmpl @@ -0,0 +1,10 @@ +resource "google_compute_ssl_certificate" "default" { + name_prefix = "my-certificate-" + description = "a description" + private_key = file("path/to/private.key") + certificate = file("path/to/certificate.crt") + + lifecycle { + create_before_destroy = true + } +} diff --git a/mmv1/templates/terraform/examples/go/ssl_certificate_random_provider.tf.tmpl b/mmv1/templates/terraform/examples/go/ssl_certificate_random_provider.tf.tmpl new file mode 100644 index 000000000000..22447105f033 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/ssl_certificate_random_provider.tf.tmpl @@ -0,0 +1,23 @@ +# You may also want to control name generation explicitly: +resource "google_compute_ssl_certificate" "default" { + # The name will contain 8 random hex digits, + # e.g. "my-certificate-48ab27cd2a" + name = random_id.certificate.hex + private_key = file("path/to/private.key") + certificate = file("path/to/certificate.crt") + + lifecycle { + create_before_destroy = true + } +} + +resource "random_id" "certificate" { + byte_length = 4 + prefix = "my-certificate-" + + # For security, do not expose raw certificate values in the output + keepers = { + private_key = filebase64sha256("path/to/private.key") + certificate = filebase64sha256("path/to/certificate.crt") + } +} diff --git a/mmv1/templates/terraform/examples/go/ssl_certificate_target_https_proxies.tf.tmpl b/mmv1/templates/terraform/examples/go/ssl_certificate_target_https_proxies.tf.tmpl new file mode 100644 index 000000000000..09d98bc85207 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/ssl_certificate_target_https_proxies.tf.tmpl @@ -0,0 +1,63 @@ +// Using with Target HTTPS Proxies +// +// SSL certificates cannot be updated after creation. In order to apply +// the specified configuration, Terraform will destroy the existing +// resource and create a replacement. To effectively use an SSL +// certificate resource with a Target HTTPS Proxy resource, it's +// recommended to specify create_before_destroy in a lifecycle block. +// Either omit the Instance Template name attribute, specify a partial +// name with name_prefix, or use random_id resource. Example: + +resource "google_compute_ssl_certificate" "default" { + name_prefix = "my-certificate-" + private_key = file("path/to/private.key") + certificate = file("path/to/certificate.crt") + + lifecycle { + create_before_destroy = true + } +} + +resource "google_compute_target_https_proxy" "default" { + name = "{{index $.Vars "target_https_proxy_name"}}" + url_map = google_compute_url_map.default.id + ssl_certificates = [google_compute_ssl_certificate.default.id] +} + +resource "google_compute_url_map" "default" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + + default_service = google_compute_backend_service.default.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.default.id + + path_rule { + paths = ["/*"] + service = google_compute_backend_service.default.id + } + } +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + name = "{{index $.Vars "http_health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} diff --git a/mmv1/templates/terraform/examples/go/ssl_policy_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/ssl_policy_basic.tf.tmpl new file mode 100644 index 000000000000..e76e691a6d6f --- /dev/null +++ b/mmv1/templates/terraform/examples/go/ssl_policy_basic.tf.tmpl @@ -0,0 +1,17 @@ +resource "google_compute_ssl_policy" "prod-ssl-policy" { + name = "{{index $.Vars "production_ssl_policy_name"}}" + profile = "MODERN" +} + +resource "google_compute_ssl_policy" "nonprod-ssl-policy" { + name = "{{index $.Vars "nonprod_ssl_policy_name"}}" + profile = "MODERN" + min_tls_version = "TLS_1_2" +} + +resource "google_compute_ssl_policy" "custom-ssl-policy" { + name = "{{index $.Vars "custom_ssl_policy_name"}}" + min_tls_version = "TLS_1_2" + profile = "CUSTOM" + custom_features = ["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"] +} diff --git a/mmv1/templates/terraform/examples/go/stateful_igm.tf.tmpl b/mmv1/templates/terraform/examples/go/stateful_igm.tf.tmpl new file mode 100644 index 000000000000..5ee43046a890 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/stateful_igm.tf.tmpl @@ -0,0 +1,68 @@ +data "google_compute_image" "my_image" { + family = "debian-11" + project = "debian-cloud" +} + +resource "google_compute_instance_template" "igm-basic" { + name = "{{index $.Vars "template_name"}}" + machine_type = "e2-medium" + can_ip_forward = false + tags = ["foo", "bar"] + + disk { + source_image = data.google_compute_image.my_image.self_link + auto_delete = true + boot = true + } + + network_interface { + network = "default" + } + + service_account { + scopes = ["userinfo-email", "compute-ro", "storage-ro"] + } +} + +resource "google_compute_instance_group_manager" "igm-no-tp" { + description = "Terraform test instance group manager" + name = "{{index $.Vars "igm_name"}}" + + version { + name = "prod" + instance_template = google_compute_instance_template.igm-basic.self_link + } + + base_instance_name = "igm-no-tp" + zone = "us-central1-c" + target_size = 2 +} + +resource "google_compute_disk" "default" { + name = "{{index $.Vars "disk_name"}}" + type = "pd-ssd" + zone = google_compute_instance_group_manager.igm.zone + image = "debian-11-bullseye-v20220719" + physical_block_size_bytes = 4096 +} + +resource "google_compute_per_instance_config" "with_disk" { + zone = google_compute_instance_group_manager.igm.zone + instance_group_manager = google_compute_instance_group_manager.igm.name + name = "instance-1" + preserved_state { + metadata = { + foo = "bar" + // Adding a reference to the instance template used causes the stateful instance to update + // if the instance template changes. Otherwise there is no explicit dependency and template + // changes may not occur on the stateful instance + instance_template = google_compute_instance_template.igm-basic.self_link + } + + disk { + device_name = "my-stateful-disk" + source = google_compute_disk.default.id + mode = "READ_ONLY" + } + } +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/stateful_rigm.tf.tmpl b/mmv1/templates/terraform/examples/go/stateful_rigm.tf.tmpl new file mode 100644 index 000000000000..4d7e2f919ca3 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/stateful_rigm.tf.tmpl @@ -0,0 +1,74 @@ +data "google_compute_image" "my_image" { + family = "debian-11" + project = "debian-cloud" +} + +resource "google_compute_instance_template" "igm-basic" { + name = "{{index $.Vars "template_name"}}" + machine_type = "e2-medium" + can_ip_forward = false + tags = ["foo", "bar"] + + disk { + source_image = data.google_compute_image.my_image.self_link + auto_delete = true + boot = true + } + + network_interface { + network = "default" + } + + service_account { + scopes = ["userinfo-email", "compute-ro", "storage-ro"] + } +} + +resource "google_compute_region_instance_group_manager" "rigm" { + description = "Terraform test instance group manager" + name = "{{index $.Vars "igm_name"}}" + + version { + name = "prod" + instance_template = google_compute_instance_template.igm-basic.self_link + } + + update_policy { + type = "OPPORTUNISTIC" + instance_redistribution_type = "NONE" + minimal_action = "RESTART" + } + + base_instance_name = "rigm" + region = "us-central1" + target_size = 2 +} + +resource "google_compute_disk" "default" { + name = "{{index $.Vars "disk_name"}}" + type = "pd-ssd" + zone = "us-central1-a" + image = "debian-11-bullseye-v20220719" + physical_block_size_bytes = 4096 +} + +resource "google_compute_region_per_instance_config" "with_disk" { + region = google_compute_region_instance_group_manager.igm.region + region_instance_group_manager = google_compute_region_instance_group_manager.rigm.name + name = "instance-1" + preserved_state { + metadata = { + foo = "bar" + // Adding a reference to the instance template used causes the stateful instance to update + // if the instance template changes. Otherwise there is no explicit dependency and template + // changes may not occur on the stateful instance + instance_template = google_compute_instance_template.igm-basic.self_link + } + + disk { + device_name = "my-stateful-disk" + source = google_compute_disk.default.id + mode = "READ_ONLY" + } + } +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/storage_bucket_access_control_public_bucket.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_bucket_access_control_public_bucket.tf.tmpl new file mode 100644 index 000000000000..6bc203c53060 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_bucket_access_control_public_bucket.tf.tmpl @@ -0,0 +1,10 @@ +resource "google_storage_bucket_access_control" "{{$.PrimaryResourceId}}" { + bucket = google_storage_bucket.bucket.name + role = "READER" + entity = "allUsers" +} + +resource "google_storage_bucket" "bucket" { + name = "{{index $.Vars "bucket_name"}}" + location = "US" +} diff --git a/mmv1/templates/terraform/examples/go/storage_bucket_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_bucket_basic.tf.tmpl new file mode 100644 index 000000000000..7b2514c8c8b7 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_bucket_basic.tf.tmpl @@ -0,0 +1,5 @@ +resource "google_storage_bucket" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "name"}}" + location = "US" + uniform_bucket_level_access = true +} diff --git a/mmv1/templates/terraform/examples/go/storage_bucket_storage_class.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_bucket_storage_class.tf.tmpl new file mode 100644 index 000000000000..6859f6895e9c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_bucket_storage_class.tf.tmpl @@ -0,0 +1,5 @@ +resource "google_storage_bucket" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "name"}}" + location = "US" + storage_class = "ARCHIVE" +} diff --git a/mmv1/templates/terraform/examples/go/storage_default_object_access_control_public.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_default_object_access_control_public.tf.tmpl new file mode 100644 index 000000000000..a68aaedf5f99 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_default_object_access_control_public.tf.tmpl @@ -0,0 +1,10 @@ +resource "google_storage_default_object_access_control" "{{$.PrimaryResourceId}}" { + bucket = google_storage_bucket.bucket.name + role = "READER" + entity = "allUsers" +} + +resource "google_storage_bucket" "bucket" { + name = "{{index $.Vars "bucket_name"}}" + location = "US" +} diff --git a/mmv1/templates/terraform/examples/go/storage_hmac_key.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_hmac_key.tf.tmpl new file mode 100644 index 000000000000..5d248640da3c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_hmac_key.tf.tmpl @@ -0,0 +1,11 @@ +# [START storage_hmac_key] +# Create a new service account +resource "google_service_account" "service_account" { + account_id = "{{index $.Vars "account_id"}}" +} + +#Create the HMAC key for the associated service account +resource "google_storage_hmac_key" "{{$.PrimaryResourceId}}" { + service_account_email = google_service_account.service_account.email +} +# [END storage_hmac_key] diff --git a/mmv1/templates/terraform/examples/go/storage_insights_report_config.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_insights_report_config.tf.tmpl new file mode 100644 index 000000000000..54d489ffac65 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_insights_report_config.tf.tmpl @@ -0,0 +1,52 @@ +data "google_project" "project" { +} + +resource "google_storage_insights_report_config" "{{$.PrimaryResourceId}}" { + display_name = "Test Report Config" + location = "us-central1" + frequency_options { + frequency = "WEEKLY" + start_date { + day = 15 + month = 3 + year = 2050 + } + end_date { + day = 15 + month = 4 + year = 2050 + } + } + csv_options { + record_separator = "\n" + delimiter = "," + header_required = false + } + object_metadata_report_options { + metadata_fields = ["bucket", "name", "project"] + storage_filters { + bucket = google_storage_bucket.report_bucket.name + } + storage_destination_options { + bucket = google_storage_bucket.report_bucket.name + destination_path = "test-insights-reports" + } + } + + depends_on = [ + google_storage_bucket_iam_member.admin + ] +} + +resource "google_storage_bucket" "report_bucket" { + name = "{{index $.Vars "bucket_name"}}" + location = "us-central1" + force_destroy = true + uniform_bucket_level_access = true +} + +resource "google_storage_bucket_iam_member" "admin" { + bucket = google_storage_bucket.report_bucket.name + role = "roles/storage.admin" + member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-storageinsights.iam.gserviceaccount.com" +} diff --git a/mmv1/templates/terraform/examples/go/storage_make_data_public.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_make_data_public.tf.tmpl new file mode 100644 index 000000000000..c020cc71de31 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_make_data_public.tf.tmpl @@ -0,0 +1,16 @@ +resource "google_storage_bucket" "{{$.PrimaryResourceId}}" { + provider = google-beta + name = "{{index $.Vars "example_bucket_name"}}" + location = "US" + uniform_bucket_level_access = true +} + +# [START storage_make_data_public] +# Make bucket public +resource "google_storage_bucket_iam_member" "member" { + provider = google-beta + bucket = google_storage_bucket.default.name + role = "roles/storage.objectViewer" + member = "allUsers" +} +# [END storage_make_data_public] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/storage_new_bucket.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_new_bucket.tf.tmpl new file mode 100644 index 000000000000..0e52b1e699a8 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_new_bucket.tf.tmpl @@ -0,0 +1,51 @@ +# [START storage_create_new_bucket_tf] +# Create new storage bucket in the US multi-region +# with coldline storage +resource "google_storage_bucket" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "new_bucket"}}" + location = "US" + storage_class = "COLDLINE" + + uniform_bucket_level_access = true +} +# [END storage_create_new_bucket_tf] + +# [START storage_upload_object_tf] +# Upload files +# Discussion about using tf to upload a large number of objects +# https://stackoverflow.com/questions/68455132/terraform-copy-multiple-files-to-bucket-at-the-same-time-bucket-creation + +# The text object in Cloud Storage +resource "google_storage_bucket_object" "default" { + name = "{{index $.Vars "new_object"}}" +# Uncomment and add valid path to an object. +# source = "/path/to/an/object" + content = "Data as string to be uploaded" + content_type = "text/plain" + bucket = google_storage_bucket.static.id +} +# [END storage_upload_object_tf] + +# [START storage_get_object_metadata_tf] +# Get object metadata +data "google_storage_bucket_object" "default" { + name = google_storage_bucket_object.default.name + bucket = google_storage_bucket.static.id +} + +output "object_metadata" { + value = data.google_storage_bucket_object.default +} +# [END storage_get_object_metadata_tf] + +# [START storage_get_bucket_metadata_tf] +# Get bucket metadata +data "google_storage_bucket" "default" { + name = google_storage_bucket.static.id +} + +output "bucket_metadata" { + value = data.google_storage_bucket.default +} +# [END storage_get_bucket_metadata_tf] + diff --git a/mmv1/templates/terraform/examples/go/storage_object_access_control_public_object.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_object_access_control_public_object.tf.tmpl new file mode 100644 index 000000000000..f804298c6902 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_object_access_control_public_object.tf.tmpl @@ -0,0 +1,17 @@ +resource "google_storage_object_access_control" "{{$.PrimaryResourceId}}" { + object = google_storage_bucket_object.object.output_name + bucket = google_storage_bucket.bucket.name + role = "READER" + entity = "allUsers" +} + +resource "google_storage_bucket" "bucket" { + name = "{{index $.Vars "bucket_name"}}" + location = "US" +} + +resource "google_storage_bucket_object" "object" { + name = "{{index $.Vars "object_name"}}" + bucket = google_storage_bucket.bucket.name + source = "../static/img/header-logo.png" +} diff --git a/mmv1/templates/terraform/examples/go/storage_object_lifecycle_setting.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_object_lifecycle_setting.tf.tmpl new file mode 100644 index 000000000000..b8fd64b062e1 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_object_lifecycle_setting.tf.tmpl @@ -0,0 +1,17 @@ +# [START storage_create_lifecycle_setting_tf] +resource "google_storage_bucket" "{{$.PrimaryResourceId}}" { + provider = google-beta + name = "{{index $.Vars "example_bucket"}}" + location = "US" + uniform_bucket_level_access = true + + lifecycle_rule { + condition { + age = 3 + } + action { + type = "Delete" + } + } +} +# [END storage_create_lifecycle_setting_tf] diff --git a/mmv1/templates/terraform/examples/go/storage_pubsub_notifications.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_pubsub_notifications.tf.tmpl new file mode 100644 index 000000000000..e586cbbb59d6 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_pubsub_notifications.tf.tmpl @@ -0,0 +1,36 @@ +# [START storage_create_pubsub_notifications_tf] +// Create a Pub/Sub notification. +resource "google_storage_notification" "notification" { + provider = google-beta + bucket = google_storage_bucket.bucket.name + payload_format = "JSON_API_V1" + topic = google_pubsub_topic.topic.id + depends_on = [google_pubsub_topic_iam_binding.binding] +} + +// Enable notifications by giving the correct IAM permission to the unique service account. +data "google_storage_project_service_account" "gcs_account" { + provider = google-beta +} + +// Create a Pub/Sub topic. +resource "google_pubsub_topic_iam_binding" "binding" { + provider = google-beta + topic = google_pubsub_topic.topic.id + role = "roles/pubsub.publisher" + members = ["serviceAccount:${data.google_storage_project_service_account.gcs_account.email_address}"] +} + +// Create a new storage bucket. +resource "google_storage_bucket" "bucket" { + name = "{{index $.Vars "example_bucket_name"}}" + provider = google-beta + location = "US" + uniform_bucket_level_access = true +} + +resource "google_pubsub_topic" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "your_topic_name"}}" + provider = google-beta +} +# [END storage_create_pubsub_notifications_tf] diff --git a/mmv1/templates/terraform/examples/go/storage_static_website.tf.tmpl b/mmv1/templates/terraform/examples/go/storage_static_website.tf.tmpl new file mode 100644 index 000000000000..826b69285cca --- /dev/null +++ b/mmv1/templates/terraform/examples/go/storage_static_website.tf.tmpl @@ -0,0 +1,40 @@ +# [START storage_static_website_create_bucket_tf] +# Create new storage bucket in the US multi-region +# with coldline storage and settings for main_page_suffix and not_found_page +resource "google_storage_bucket" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "static_website_bucket"}}" + location = "US" + storage_class = "COLDLINE" + website { + main_page_suffix = "{{index $.Vars "main_page_suffix"}}" + not_found_page = "{{index $.Vars "main_page_suffix"}}" + } +} +# [END storage_static_website_create_bucket_tf] + +# [START storage_static_website_make_bucket_public_tf] +# Make bucket public by granting allUsers READER access +resource "google_storage_bucket_access_control" "public_rule" { + bucket = google_storage_bucket.static_website.id + role = "READER" + entity = "allUsers" +} +# [END storage_static_website_make_bucket_public_tf] + +# [START storage_static_website_upload_files_tf] +# Upload a simple index.html page to the bucket +resource "google_storage_bucket_object" "indexpage" { + name = "{{index $.Vars "main_page_suffix"}}" + content = "Hello World!" + content_type = "text/html" + bucket = google_storage_bucket.static_website.id +} + +# Upload a simple 404 / error page to the bucket +resource "google_storage_bucket_object" "errorpage" { + name = "{{index $.Vars "not_found_page"}}" + content = "404!" + content_type = "text/html" + bucket = google_storage_bucket.static_website.id +} +# [END storage_static_website_upload_files_tf] diff --git a/mmv1/templates/terraform/examples/go/subnetwork_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/subnetwork_basic.tf.tmpl new file mode 100644 index 000000000000..71c30cddc144 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/subnetwork_basic.tf.tmpl @@ -0,0 +1,15 @@ +resource "google_compute_subnetwork" "network-with-private-secondary-ip-ranges" { + name = "{{index $.Vars "subnetwork_name"}}" + ip_cidr_range = "10.2.0.0/16" + region = "us-central1" + network = google_compute_network.custom-test.id + secondary_ip_range { + range_name = "tf-test-secondary-range-update1" + ip_cidr_range = "192.168.10.0/24" + } +} + +resource "google_compute_network" "custom-test" { + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} diff --git a/mmv1/templates/terraform/examples/go/subnetwork_cidr_overlap.tf.tmpl b/mmv1/templates/terraform/examples/go/subnetwork_cidr_overlap.tf.tmpl new file mode 100644 index 000000000000..030881251503 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/subnetwork_cidr_overlap.tf.tmpl @@ -0,0 +1,16 @@ +resource "google_compute_subnetwork" "subnetwork-cidr-overlap" { + provider = google-beta + + name = "{{index $.Vars "subnetwork_name"}}" + region = "us-west2" + ip_cidr_range = "192.168.1.0/24" + allow_subnet_cidr_routes_overlap = true + network = google_compute_network.net-cidr-overlap.id +} + +resource "google_compute_network" "net-cidr-overlap" { + provider = google-beta + + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} diff --git a/mmv1/templates/terraform/examples/go/subnetwork_internal_ipv6.tf.tmpl b/mmv1/templates/terraform/examples/go/subnetwork_internal_ipv6.tf.tmpl new file mode 100644 index 000000000000..95515345fe5a --- /dev/null +++ b/mmv1/templates/terraform/examples/go/subnetwork_internal_ipv6.tf.tmpl @@ -0,0 +1,17 @@ +resource "google_compute_subnetwork" "subnetwork-internal-ipv6" { + name = "{{index $.Vars "subnetwork_name"}}" + + ip_cidr_range = "10.0.0.0/22" + region = "us-west2" + + stack_type = "IPV4_IPV6" + ipv6_access_type = "INTERNAL" + + network = google_compute_network.custom-test.id +} + +resource "google_compute_network" "custom-test" { + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false + enable_ula_internal_ipv6 = true +} diff --git a/mmv1/templates/terraform/examples/go/subnetwork_internal_l7lb.tf.tmpl b/mmv1/templates/terraform/examples/go/subnetwork_internal_l7lb.tf.tmpl new file mode 100644 index 000000000000..70f007bdd713 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/subnetwork_internal_l7lb.tf.tmpl @@ -0,0 +1,17 @@ +resource "google_compute_subnetwork" "network-for-l7lb" { + provider = google-beta + + name = "{{index $.Vars "subnetwork_name"}}" + ip_cidr_range = "10.0.0.0/22" + region = "us-central1" + purpose = "REGIONAL_MANAGED_PROXY" + role = "ACTIVE" + network = google_compute_network.custom-test.id +} + +resource "google_compute_network" "custom-test" { + provider = google-beta + + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} diff --git a/mmv1/templates/terraform/examples/go/subnetwork_ipv6.tf.tmpl b/mmv1/templates/terraform/examples/go/subnetwork_ipv6.tf.tmpl new file mode 100644 index 000000000000..b1a1693b9980 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/subnetwork_ipv6.tf.tmpl @@ -0,0 +1,16 @@ +resource "google_compute_subnetwork" "subnetwork-ipv6" { + name = "{{index $.Vars "subnetwork_name"}}" + + ip_cidr_range = "10.0.0.0/22" + region = "us-west2" + + stack_type = "IPV4_IPV6" + ipv6_access_type = "EXTERNAL" + + network = google_compute_network.custom-test.id +} + +resource "google_compute_network" "custom-test" { + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} diff --git a/mmv1/templates/terraform/examples/go/subnetwork_logging_config.tf.tmpl b/mmv1/templates/terraform/examples/go/subnetwork_logging_config.tf.tmpl new file mode 100644 index 000000000000..9e854573e852 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/subnetwork_logging_config.tf.tmpl @@ -0,0 +1,17 @@ +resource "google_compute_subnetwork" "subnet-with-logging" { + name = "{{index $.Vars "subnetwork_name"}}" + ip_cidr_range = "10.2.0.0/16" + region = "us-central1" + network = google_compute_network.custom-test.id + + log_config { + aggregation_interval = "INTERVAL_10_MIN" + flow_sampling = 0.5 + metadata = "INCLUDE_ALL_METADATA" + } +} + +resource "google_compute_network" "custom-test" { + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} diff --git a/mmv1/templates/terraform/examples/go/subnetwork_purpose_private_nat.tf.tmpl b/mmv1/templates/terraform/examples/go/subnetwork_purpose_private_nat.tf.tmpl new file mode 100644 index 000000000000..7f6a49ecf5fe --- /dev/null +++ b/mmv1/templates/terraform/examples/go/subnetwork_purpose_private_nat.tf.tmpl @@ -0,0 +1,16 @@ +resource "google_compute_subnetwork" "subnetwork-purpose-private-nat" { + provider = google-beta + + name = "{{index $.Vars "subnetwork_name"}}" + region = "us-west2" + ip_cidr_range = "192.168.1.0/24" + purpose = "PRIVATE_NAT" + network = google_compute_network.custom-test.id +} + +resource "google_compute_network" "custom-test" { + provider = google-beta + + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} diff --git a/mmv1/templates/terraform/examples/go/tag_binding_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/tag_binding_basic.tf.tmpl new file mode 100644 index 000000000000..5ce32b6d2022 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/tag_binding_basic.tf.tmpl @@ -0,0 +1,22 @@ +resource "google_project" "project" { + project_id = "{{index $.Vars "project_id"}}" + name = "{{index $.Vars "project_id"}}" + org_id = "{{index $.TestEnvVars "org_id"}}" +} + +resource "google_tags_tag_key" "key" { + parent = "organizations/{{index $.TestEnvVars "org_id"}}" + short_name = "{{index $.Vars "key_short_name"}}" + description = "For {{index $.Vars "key_short_name"}} resources." +} + +resource "google_tags_tag_value" "value" { + parent = "tagKeys/${google_tags_tag_key.key.name}" + short_name = "{{index $.Vars "value_short_name"}}" + description = "For {{index $.Vars "value_short_name"}} resources." +} + +resource "google_tags_tag_binding" "{{$.PrimaryResourceId}}" { + parent = "//cloudresourcemanager.googleapis.com/projects/${google_project.project.number}" + tag_value = "tagValues/${google_tags_tag_value.value.name}" +} diff --git a/mmv1/templates/terraform/examples/go/tag_key_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/tag_key_basic.tf.tmpl new file mode 100644 index 000000000000..3ddd587cdf73 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/tag_key_basic.tf.tmpl @@ -0,0 +1,5 @@ +resource "google_tags_tag_key" "{{$.PrimaryResourceId}}" { + parent = "organizations/{{index $.TestEnvVars "org_id"}}" + short_name = "{{index $.Vars "short_name"}}" + description = "For {{index $.Vars "short_name"}} resources." +} diff --git a/mmv1/templates/terraform/examples/go/tag_value_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/tag_value_basic.tf.tmpl new file mode 100644 index 000000000000..f63b0d7d10cf --- /dev/null +++ b/mmv1/templates/terraform/examples/go/tag_value_basic.tf.tmpl @@ -0,0 +1,11 @@ +resource "google_tags_tag_key" "key" { + parent = "organizations/{{index $.TestEnvVars "org_id"}}" + short_name = "{{index $.Vars "key_short_name"}}" + description = "For {{index $.Vars "key_short_name"}} resources." +} + +resource "google_tags_tag_value" "{{$.PrimaryResourceId}}" { + parent = "tagKeys/${google_tags_tag_key.key.name}" + short_name = "{{index $.Vars "value_short_name"}}" + description = "For {{index $.Vars "value_short_name"}} resources." +} diff --git a/mmv1/templates/terraform/examples/go/target_grpc_proxy_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/target_grpc_proxy_basic.tf.tmpl new file mode 100644 index 000000000000..99596d6b90d3 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_grpc_proxy_basic.tf.tmpl @@ -0,0 +1,89 @@ +# [START cloudloadbalancing_target_grpc_proxy_basic] +resource "google_compute_target_grpc_proxy" "default" { + name = "{{index $.Vars "proxy_name"}}" + url_map = google_compute_url_map.urlmap.id + validate_for_proxyless = true +} + + +resource "google_compute_url_map" "urlmap" { + name = "{{index $.Vars "urlmap_name"}}" + description = "a description" + default_service = google_compute_backend_service.home.id + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.home.id + route_rules { + priority = 1 + header_action { + request_headers_to_remove = ["RemoveMe2"] + request_headers_to_add { + header_name = "AddSomethingElse" + header_value = "MyOtherValue" + replace = true + } + response_headers_to_remove = ["RemoveMe3"] + response_headers_to_add { + header_name = "AddMe" + header_value = "MyValue" + replace = false + } + } + match_rules { + full_path_match = "a full path" + header_matches { + header_name = "someheader" + exact_match = "match this exactly" + invert_match = true + } + ignore_case = true + metadata_filters { + filter_match_criteria = "MATCH_ANY" + filter_labels { + name = "PLANET" + value = "MARS" + } + } + query_parameter_matches { + name = "a query parameter" + present_match = true + } + } + url_redirect { + host_redirect = "A host" + https_redirect = false + path_redirect = "some/path" + redirect_response_code = "TEMPORARY_REDIRECT" + strip_query = true + } + } + } + test { + service = google_compute_backend_service.home.id + host = "hi.com" + path = "/home" + } +} +resource "google_compute_backend_service" "home" { + name = "{{index $.Vars "backend_name"}}" + port_name = "grpc" + protocol = "GRPC" + timeout_sec = 10 + health_checks = [google_compute_health_check.default.id] + load_balancing_scheme = "INTERNAL_SELF_MANAGED" +} +resource "google_compute_health_check" "default" { + name = "{{index $.Vars "healthcheck_name"}}" + timeout_sec = 1 + check_interval_sec = 1 + grpc_health_check { + port_name = "health-check-port" + port_specification = "USE_NAMED_PORT" + grpc_service_name = "testservice" + } +} +# [END cloudloadbalancing_target_grpc_proxy_basic] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/target_http_proxy_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/target_http_proxy_basic.tf.tmpl new file mode 100644 index 000000000000..5e5b374f711c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_http_proxy_basic.tf.tmpl @@ -0,0 +1,42 @@ +# [START cloudloadbalancing_target_http_proxy_basic] +resource "google_compute_target_http_proxy" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "target_http_proxy_name"}}" + url_map = google_compute_url_map.default.id +} + +resource "google_compute_url_map" "default" { + name = "{{index $.Vars "url_map_name"}}" + default_service = google_compute_backend_service.default.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.default.id + + path_rule { + paths = ["/*"] + service = google_compute_backend_service.default.id + } + } +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + name = "{{index $.Vars "http_health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} +# [END cloudloadbalancing_target_http_proxy_basic] diff --git a/mmv1/templates/terraform/examples/go/target_http_proxy_http_keep_alive_timeout.tf.tmpl b/mmv1/templates/terraform/examples/go/target_http_proxy_http_keep_alive_timeout.tf.tmpl new file mode 100644 index 000000000000..875d95a242f9 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_http_proxy_http_keep_alive_timeout.tf.tmpl @@ -0,0 +1,44 @@ +# [START cloudloadbalancing_target_http_proxy_http_keep_alive_timeout] +resource "google_compute_target_http_proxy" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "target_http_proxy_name"}}" + http_keep_alive_timeout_sec = 610 + url_map = google_compute_url_map.default.id +} + +resource "google_compute_url_map" "default" { + name = "{{index $.Vars "url_map_name"}}" + default_service = google_compute_backend_service.default.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.default.id + + path_rule { + paths = ["/*"] + service = google_compute_backend_service.default.id + } + } +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + load_balancing_scheme = "EXTERNAL_MANAGED" + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + name = "{{index $.Vars "http_health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} +# [END cloudloadbalancing_target_http_proxy_http_keep_alive_timeout] diff --git a/mmv1/templates/terraform/examples/go/target_http_proxy_https_redirect.tf.tmpl b/mmv1/templates/terraform/examples/go/target_http_proxy_https_redirect.tf.tmpl new file mode 100644 index 000000000000..e07e79da166d --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_http_proxy_https_redirect.tf.tmpl @@ -0,0 +1,14 @@ +# [START cloudloadbalancing_target_http_proxy_https_redirect] +resource "google_compute_target_http_proxy" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "target_http_proxy_name"}}" + url_map = google_compute_url_map.default.id +} + +resource "google_compute_url_map" "default" { + name = "{{index $.Vars "url_map_name"}}" + default_url_redirect { + https_redirect = true + strip_query = false + } +} +# [END cloudloadbalancing_target_http_proxy_https_redirect] diff --git a/mmv1/templates/terraform/examples/go/target_https_proxy_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/target_https_proxy_basic.tf.tmpl new file mode 100644 index 000000000000..5cfab5833370 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_https_proxy_basic.tf.tmpl @@ -0,0 +1,51 @@ +# [START cloudloadbalancing_target_https_proxy_basic] +resource "google_compute_target_https_proxy" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "target_https_proxy_name"}}" + url_map = google_compute_url_map.default.id + ssl_certificates = [google_compute_ssl_certificate.default.id] +} + +resource "google_compute_ssl_certificate" "default" { + name = "{{index $.Vars "ssl_certificate_name"}}" + private_key = file("path/to/private.key") + certificate = file("path/to/certificate.crt") +} + +resource "google_compute_url_map" "default" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + + default_service = google_compute_backend_service.default.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.default.id + + path_rule { + paths = ["/*"] + service = google_compute_backend_service.default.id + } + } +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + name = "{{index $.Vars "http_health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} +# [END cloudloadbalancing_target_https_proxy_basic] diff --git a/mmv1/templates/terraform/examples/go/target_https_proxy_certificate_manager_certificate.tf.tmpl b/mmv1/templates/terraform/examples/go/target_https_proxy_certificate_manager_certificate.tf.tmpl new file mode 100644 index 000000000000..42dc269039bc --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_https_proxy_certificate_manager_certificate.tf.tmpl @@ -0,0 +1,45 @@ + +resource "google_compute_target_https_proxy" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "target_https_proxy_name"}}" + url_map = google_compute_url_map.default.id + certificate_manager_certificates = ["//certificatemanager.googleapis.com/${google_certificate_manager_certificate.default.id}"] # [google_certificate_manager_certificate.default.id] is also acceptable +} + +resource "google_certificate_manager_certificate" "default" { + name = "{{index $.Vars "certificate_manager_certificate_name"}}" + scope = "ALL_REGIONS" + self_managed { + pem_certificate = file("test-fixtures/cert.pem") + pem_private_key = file("test-fixtures/private-key.pem") + } +} + +resource "google_compute_url_map" "default" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + + default_service = google_compute_backend_service.default.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.default.id + + path_rule { + paths = ["/*"] + service = google_compute_backend_service.default.id + } + } +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + load_balancing_scheme = "INTERNAL_MANAGED" +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/target_https_proxy_http_keep_alive_timeout.tf.tmpl b/mmv1/templates/terraform/examples/go/target_https_proxy_http_keep_alive_timeout.tf.tmpl new file mode 100644 index 000000000000..fe52d17cb089 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_https_proxy_http_keep_alive_timeout.tf.tmpl @@ -0,0 +1,53 @@ +# [START cloudloadbalancing_target_https_proxy_http_keep_alive_timeout] +resource "google_compute_target_https_proxy" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "target_https_proxy_name"}}" + http_keep_alive_timeout_sec = 610 + url_map = google_compute_url_map.default.id + ssl_certificates = [google_compute_ssl_certificate.default.id] +} + +resource "google_compute_ssl_certificate" "default" { + name = "{{index $.Vars "ssl_certificate_name"}}" + private_key = file("path/to/private.key") + certificate = file("path/to/certificate.crt") +} + +resource "google_compute_url_map" "default" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + + default_service = google_compute_backend_service.default.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.default.id + + path_rule { + paths = ["/*"] + service = google_compute_backend_service.default.id + } + } +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + load_balancing_scheme = "EXTERNAL_MANAGED" + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + name = "{{index $.Vars "http_health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} +# [END cloudloadbalancing_target_https_proxy_http_keep_alive_timeout] diff --git a/mmv1/templates/terraform/examples/go/target_https_proxy_mtls.tf.tmpl b/mmv1/templates/terraform/examples/go/target_https_proxy_mtls.tf.tmpl new file mode 100644 index 000000000000..08f749b2793c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_https_proxy_mtls.tf.tmpl @@ -0,0 +1,93 @@ +# [START cloudloadbalancing_target_https_proxy_mtls] +data "google_project" "project" { + provider = google-beta +} + +resource "google_compute_target_https_proxy" "{{$.PrimaryResourceId}}" { + provider = google-beta + name = "{{index $.Vars "target_https_proxy_name"}}" + url_map = google_compute_url_map.default.id + ssl_certificates = [google_compute_ssl_certificate.default.id] + server_tls_policy = google_network_security_server_tls_policy.default.id +} + +resource "google_certificate_manager_trust_config" "default" { + provider = google-beta + name = "{{index $.Vars "trust_config_name"}}" + description = "sample description for the trust config" + location = "global" + + trust_stores { + trust_anchors { + pem_certificate = file("test-fixtures/ca_cert.pem") + } + intermediate_cas { + pem_certificate = file("test-fixtures/ca_cert.pem") + } + } + + labels = { + foo = "bar" + } +} + +resource "google_network_security_server_tls_policy" "default" { + provider = google-beta + name = "{{index $.Vars "server_tls_policy_name"}}" + description = "my description" + location = "global" + allow_open = "false" + mtls_policy { + client_validation_mode = "ALLOW_INVALID_OR_MISSING_CLIENT_CERT" + client_validation_trust_config = "projects/${data.google_project.project.number}/locations/global/trustConfigs/${google_certificate_manager_trust_config.default.name}" + } +} + +resource "google_compute_ssl_certificate" "default" { + provider = google-beta + name = "{{index $.Vars "ssl_certificate_name"}}" + private_key = file("path/to/private.key") + certificate = file("path/to/certificate.crt") +} + +resource "google_compute_url_map" "default" { + provider = google-beta + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + + default_service = google_compute_backend_service.default.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.default.id + + path_rule { + paths = ["/*"] + service = google_compute_backend_service.default.id + } + } +} + +resource "google_compute_backend_service" "default" { + provider = google-beta + name = "{{index $.Vars "backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + provider = google-beta + name = "{{index $.Vars "http_health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} +# [END cloudloadbalancing_target_https_proxy_mtls] diff --git a/mmv1/templates/terraform/examples/go/target_instance_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/target_instance_basic.tf.tmpl new file mode 100644 index 000000000000..cbda03e1386b --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_instance_basic.tf.tmpl @@ -0,0 +1,25 @@ +resource "google_compute_target_instance" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "target_name"}}" + instance = google_compute_instance.target-vm.id +} + +data "google_compute_image" "vmimage" { + family = "debian-11" + project = "debian-cloud" +} + +resource "google_compute_instance" "target-vm" { + name = "{{index $.Vars "instance_name"}}" + machine_type = "e2-medium" + zone = "us-central1-a" + + boot_disk { + initialize_params { + image = data.google_compute_image.vmimage.self_link + } + } + + network_interface { + network = "default" + } +} diff --git a/mmv1/templates/terraform/examples/go/target_instance_custom_network.tf.tmpl b/mmv1/templates/terraform/examples/go/target_instance_custom_network.tf.tmpl new file mode 100644 index 000000000000..51be27d66939 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_instance_custom_network.tf.tmpl @@ -0,0 +1,34 @@ +resource "google_compute_target_instance" "{{$.PrimaryResourceId}}" { + provider = google-beta + name = "{{index $.Vars "target_name"}}" + instance = google_compute_instance.target-vm.id + network = data.google_compute_network.target-vm.self_link +} + +data "google_compute_network" "target-vm" { + provider = google-beta + name = "default" +} + +data "google_compute_image" "vmimage" { + provider = google-beta + family = "debian-10" + project = "debian-cloud" +} + +resource "google_compute_instance" "target-vm" { + provider = google-beta + name = "{{index $.Vars "instance_name"}}" + machine_type = "e2-medium" + zone = "us-central1-a" + + boot_disk { + initialize_params { + image = data.google_compute_image.vmimage.self_link + } + } + + network_interface { + network = "default" + } +} diff --git a/mmv1/templates/terraform/examples/go/target_instance_with_security_policy.tf.tmpl b/mmv1/templates/terraform/examples/go/target_instance_with_security_policy.tf.tmpl new file mode 100644 index 000000000000..ae5720d9b0c1 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_instance_with_security_policy.tf.tmpl @@ -0,0 +1,78 @@ +resource "google_compute_network" "default" { + provider = google-beta + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false + routing_mode = "REGIONAL" +} + +resource "google_compute_subnetwork" "default" { + provider = google-beta + name = "{{index $.Vars "subnetname_name"}}" + ip_cidr_range = "10.1.2.0/24" + network = google_compute_network.default.id + private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS" + purpose = "PRIVATE" + region = "southamerica-west1" + stack_type = "IPV4_ONLY" +} + +data "google_compute_image" "vmimage" { + provider = google-beta + family = "debian-11" + project = "debian-cloud" +} + +resource "google_compute_instance" "target-vm" { + provider = google-beta + name = "{{index $.Vars "instance_name"}}" + machine_type = "e2-medium" + zone = "southamerica-west1-a" + + boot_disk { + initialize_params { + image = data.google_compute_image.vmimage.self_link + } + } + + network_interface { + network = google_compute_network.default.self_link + subnetwork = google_compute_subnetwork.default.self_link + access_config { + } + } +} + +resource "google_compute_region_security_policy" "policyddosprotection" { + provider = google-beta + region = "southamerica-west1" + name = "tf-test-policyddos%{random_suffix}" + description = "ddos protection security policy to set target instance" + type = "CLOUD_ARMOR_NETWORK" + ddos_protection_config { + ddos_protection = "ADVANCED_PREVIEW" + } +} + +resource "google_compute_network_edge_security_service" "edge_sec_service" { + provider = google-beta + region = "southamerica-west1" + name = "tf-test-edgesec%{random_suffix}" + security_policy = google_compute_region_security_policy.policyddosprotection.self_link +} + +resource "google_compute_region_security_policy" "regionsecuritypolicy" { + provider = google-beta + name = "{{index $.Vars "region_sec_policy"}}" + region = "southamerica-west1" + description = "basic security policy for target instance" + type = "CLOUD_ARMOR_NETWORK" + depends_on = [google_compute_network_edge_security_service.edge_sec_service] +} + +resource "google_compute_target_instance" "{{$.PrimaryResourceId}}" { + provider = google-beta + name = "{{index $.Vars "target_name"}}" + zone = "southamerica-west1-a" + instance = google_compute_instance.target-vm.id + security_policy = google_compute_region_security_policy.regionsecuritypolicy.self_link +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/target_ssl_proxy_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/target_ssl_proxy_basic.tf.tmpl new file mode 100644 index 000000000000..4167a0c8b1bc --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_ssl_proxy_basic.tf.tmpl @@ -0,0 +1,28 @@ +# [START cloudloadbalancing_target_ssl_proxy_basic] +resource "google_compute_target_ssl_proxy" "default" { + name = "{{index $.Vars "target_ssl_proxy_name"}}" + backend_service = google_compute_backend_service.default.id + ssl_certificates = [google_compute_ssl_certificate.default.id] +} + +resource "google_compute_ssl_certificate" "default" { + name = "{{index $.Vars "ssl_certificate_name"}}" + private_key = file("path/to/private.key") + certificate = file("path/to/certificate.crt") +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "backend_service_name"}}" + protocol = "SSL" + health_checks = [google_compute_health_check.default.id] +} + +resource "google_compute_health_check" "default" { + name = "{{index $.Vars "health_check_name"}}" + check_interval_sec = 1 + timeout_sec = 1 + tcp_health_check { + port = "443" + } +} +# [END cloudloadbalancing_target_ssl_proxy_basic] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/target_tcp_proxy_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/target_tcp_proxy_basic.tf.tmpl new file mode 100644 index 000000000000..2c7689ab33c6 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_tcp_proxy_basic.tf.tmpl @@ -0,0 +1,24 @@ +# [START cloudloadbalancing_target_tcp_proxy_basic] +resource "google_compute_target_tcp_proxy" "default" { + name = "{{index $.Vars "target_tcp_proxy_name"}}" + backend_service = google_compute_backend_service.default.id +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "backend_service_name"}}" + protocol = "TCP" + timeout_sec = 10 + + health_checks = [google_compute_health_check.default.id] +} + +resource "google_compute_health_check" "default" { + name = "{{index $.Vars "health_check_name"}}" + timeout_sec = 1 + check_interval_sec = 1 + + tcp_health_check { + port = "443" + } +} +# [END cloudloadbalancing_target_tcp_proxy_basic] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/target_vpn_gateway_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/target_vpn_gateway_basic.tf.tmpl new file mode 100644 index 000000000000..82f4900ec891 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/target_vpn_gateway_basic.tf.tmpl @@ -0,0 +1,58 @@ +resource "google_compute_vpn_gateway" "target_gateway" { + name = "{{index $.Vars "target_vpn_gateway_name"}}" + network = google_compute_network.network1.id +} + +resource "google_compute_network" "network1" { + name = "{{index $.Vars "network_name"}}" +} + +resource "google_compute_address" "vpn_static_ip" { + name = "{{index $.Vars "address_name"}}" +} + +resource "google_compute_forwarding_rule" "fr_esp" { + name = "{{index $.Vars "esp_forwarding_rule_name"}}" + ip_protocol = "ESP" + ip_address = google_compute_address.vpn_static_ip.address + target = google_compute_vpn_gateway.target_gateway.id +} + +resource "google_compute_forwarding_rule" "fr_udp500" { + name = "{{index $.Vars "udp500_forwarding_rule_name"}}" + ip_protocol = "UDP" + port_range = "500" + ip_address = google_compute_address.vpn_static_ip.address + target = google_compute_vpn_gateway.target_gateway.id +} + +resource "google_compute_forwarding_rule" "fr_udp4500" { + name = "{{index $.Vars "udp4500_forwarding_rule_name"}}" + ip_protocol = "UDP" + port_range = "4500" + ip_address = google_compute_address.vpn_static_ip.address + target = google_compute_vpn_gateway.target_gateway.id +} + +resource "google_compute_vpn_tunnel" "tunnel1" { + name = "{{index $.Vars "vpn_tunnel_name"}}" + peer_ip = "15.0.0.120" + shared_secret = "a secret message" + + target_vpn_gateway = google_compute_vpn_gateway.target_gateway.id + + depends_on = [ + google_compute_forwarding_rule.fr_esp, + google_compute_forwarding_rule.fr_udp500, + google_compute_forwarding_rule.fr_udp4500, + ] +} + +resource "google_compute_route" "route1" { + name = "{{index $.Vars "route_name"}}" + network = google_compute_network.network1.name + dest_range = "15.0.0.0/24" + priority = 1000 + + next_hop_vpn_tunnel = google_compute_vpn_tunnel.tunnel1.id +} diff --git a/mmv1/templates/terraform/examples/go/tpu_node_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/tpu_node_basic.tf.tmpl new file mode 100644 index 000000000000..c2d16993c24f --- /dev/null +++ b/mmv1/templates/terraform/examples/go/tpu_node_basic.tf.tmpl @@ -0,0 +1,17 @@ +{{/* + WARNING: cidr_block must not overlap with other existing TPU blocks + Make sure if you change this value that it does not overlap with the + autogenerated examples. +*/}} + +data "google_tpu_tensorflow_versions" "available" { +} + +resource "google_tpu_node" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "node_name"}}" + zone = "us-central1-b" + + accelerator_type = "v3-8" + tensorflow_version = data.google_tpu_tensorflow_versions.available.versions[0] + cidr_block = "10.2.0.0/29" +} diff --git a/mmv1/templates/terraform/examples/go/tpu_node_full.tf.tmpl b/mmv1/templates/terraform/examples/go/tpu_node_full.tf.tmpl new file mode 100644 index 000000000000..d5c856d0b296 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/tpu_node_full.tf.tmpl @@ -0,0 +1,53 @@ +data "google_tpu_tensorflow_versions" "available" { +} + +{{/* + WARNING: cidr_block must not overlap with other existing TPU blocks + Make sure if you change this value that it does not overlap with the + autogenerated examples. +*/}} + +resource "google_tpu_node" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "node_name"}}" + zone = "us-central1-b" + + accelerator_type = "v3-8" + + tensorflow_version = data.google_tpu_tensorflow_versions.available.versions[0] + + description = "Terraform Google Provider test TPU" + use_service_networking = true +{{/* + We previously used a separate network resource here, but TPUs only allow using 50 + different network names, ever. This caused our tests to start failing, so just + use the default network in order to still demonstrate using as many fields as + possible on the resource. +*/}} + network = google_service_networking_connection.private_service_connection.network + + labels = { + foo = "bar" + } + + scheduling_config { + preemptible = true + } +} + +resource "google_compute_network" "network" { + name = "{{index $.Vars "network_name"}}" +} + +resource "google_compute_global_address" "service_range" { + name = "{{index $.Vars "global_address_name"}}" + purpose = "VPC_PEERING" + address_type = "INTERNAL" + prefix_length = 16 + network = google_compute_network.network.id +} + +resource "google_service_networking_connection" "private_service_connection" { + network = google_compute_network.network.id + service = "servicenetworking.googleapis.com" + reserved_peering_ranges = [google_compute_global_address.service_range.name] +} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/tpu_node_full_test.tf.tmpl b/mmv1/templates/terraform/examples/go/tpu_node_full_test.tf.tmpl new file mode 100644 index 000000000000..83c015091e56 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/tpu_node_full_test.tf.tmpl @@ -0,0 +1,42 @@ +{{/* + WARNING: cidr_block must not overlap with other existing TPU blocks + Make sure if you change this value that it does not overlap with the + autogenerated examples. +*/}} + +resource "google_tpu_node" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "node_name"}}" + zone = "us-central1-b" + + accelerator_type = "v3-8" + +{{/* + We previously used the first available version from the + google_tpu_tensorflow_versions data source. However, this started to return a + random set of versions which caused our tests to occasionally fail, so we pin + tensorflow_version to a specific version so that our tests pass reliably. +*/}} + tensorflow_version = "2.10.0" + + description = "Terraform Google Provider test TPU" + use_service_networking = true +{{/* + We previously used a separate network resource here, but TPUs only allow using 50 + different network names, ever. This caused our tests to start failing, so just + use the default network in order to still demonstrate using as many fields as + possible on the resource. +*/}} + network = data.google_compute_network.network.id + + labels = { + foo = "bar" + } + + scheduling_config { + preemptible = true + } +} + +data "google_compute_network" "network" { + name = "{{index $.Vars "network_name"}}" +} diff --git a/mmv1/templates/terraform/examples/go/tpu_v2_vm_basic.tf.tmpl b/mmv1/templates/terraform/examples/go/tpu_v2_vm_basic.tf.tmpl new file mode 100644 index 000000000000..adc56de842de --- /dev/null +++ b/mmv1/templates/terraform/examples/go/tpu_v2_vm_basic.tf.tmpl @@ -0,0 +1,12 @@ +data "google_tpu_v2_runtime_versions" "available" { + provider = google-beta +} + +resource "google_tpu_v2_vm" "{{$.PrimaryResourceId}}" { + provider = google-beta + + name = "{{index $.Vars "vm_name"}}" + zone = "us-central1-c" + + runtime_version = "tpu-vm-tf-2.13.0" +} diff --git a/mmv1/templates/terraform/examples/go/tpu_v2_vm_full.tf.tmpl b/mmv1/templates/terraform/examples/go/tpu_v2_vm_full.tf.tmpl new file mode 100644 index 000000000000..f42f025d71b5 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/tpu_v2_vm_full.tf.tmpl @@ -0,0 +1,103 @@ +data "google_tpu_v2_runtime_versions" "available" { + provider = google-beta +} + +data "google_tpu_v2_accelerator_types" "available" { + provider = google-beta +} + +resource "google_tpu_v2_vm" "{{$.PrimaryResourceId}}" { + provider = google-beta + + name = "{{index $.Vars "vm_name"}}" + zone = "us-central1-c" + description = "Text description of the TPU." + + runtime_version = "tpu-vm-tf-2.13.0" + + accelerator_config { + type = "V2" + topology = "2x2" + } + + cidr_block = "10.0.0.0/29" + + network_config { + can_ip_forward = true + enable_external_ips = true + network = google_compute_network.network.id + subnetwork = google_compute_subnetwork.subnet.id + } + + scheduling_config { + preemptible = true + } + + shielded_instance_config { + enable_secure_boot = true + } + + service_account { + email = google_service_account.sa.email + scope = [ + "https://www.googleapis.com/auth/cloud-platform", + ] + } + + data_disks { + source_disk = google_compute_disk.disk.id + mode = "READ_ONLY" + } + + labels = { + foo = "bar" + } + + metadata = { + foo = "bar" + } + + tags = ["foo"] + + depends_on = [time_sleep.wait_60_seconds] +} + +resource "google_compute_subnetwork" "subnet" { + provider = google-beta + + name = "{{index $.Vars "subnet_name"}}" + ip_cidr_range = "10.0.0.0/16" + region = "us-central1" + network = google_compute_network.network.id +} + +resource "google_compute_network" "network" { + provider = google-beta + + name = "{{index $.Vars "network_name"}}" + auto_create_subnetworks = false +} + +resource "google_service_account" "sa" { + provider = google-beta + + account_id = "{{index $.Vars "sa_id"}}" + display_name = "Test TPU VM" +} + +resource "google_compute_disk" "disk" { + provider = google-beta + + name = "{{index $.Vars "disk_name"}}" + image = "debian-cloud/debian-11" + size = 10 + type = "pd-ssd" + zone = "us-central1-c" +} + +# Wait after service account creation to limit eventual consistency errors. +resource "time_sleep" "wait_60_seconds" { + depends_on = [google_service_account.sa] + + create_duration = "60s" +} diff --git a/mmv1/templates/terraform/examples/go/uptime_check_config_http.tf.tmpl b/mmv1/templates/terraform/examples/go/uptime_check_config_http.tf.tmpl new file mode 100644 index 000000000000..14aa4ae4dea8 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/uptime_check_config_http.tf.tmpl @@ -0,0 +1,39 @@ +resource "google_monitoring_uptime_check_config" "{{$.PrimaryResourceId}}" { + display_name = "{{index $.Vars "display_name"}}" + timeout = "60s" + user_labels = { + example-key = "example-value" + } + + http_check { + path = "some-path" + port = "8010" + request_method = "POST" + content_type = "USER_PROVIDED" + custom_content_type = "application/json" + body = "Zm9vJTI1M0RiYXI=" + ping_config { + pings_count = 1 + } + } + + monitored_resource { + type = "uptime_url" + labels = { + project_id = "{{index $.TestEnvVars "project_id"}}" + host = "192.168.1.1" + } + } + + content_matchers { + content = "\"example\"" + matcher = "MATCHES_JSON_PATH" + json_path_matcher { + json_path = "$.path" + json_matcher = "EXACT_MATCH" + } + } + + checker_type = "STATIC_IP_CHECKERS" +} + diff --git a/mmv1/templates/terraform/examples/go/uptime_check_config_https.tf.tmpl b/mmv1/templates/terraform/examples/go/uptime_check_config_https.tf.tmpl new file mode 100644 index 000000000000..9930df6daef6 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/uptime_check_config_https.tf.tmpl @@ -0,0 +1,28 @@ +resource "google_monitoring_uptime_check_config" "{{$.PrimaryResourceId}}" { + display_name = "{{index $.Vars "display_name"}}" + timeout = "60s" + + http_check { + path = "/some-path" + port = "443" + use_ssl = true + validate_ssl = true + } + + monitored_resource { + type = "uptime_url" + labels = { + project_id = "{{index $.TestEnvVars "project_id"}}" + host = "192.168.1.1" + } + } + + content_matchers { + content = "example" + matcher = "MATCHES_JSON_PATH" + json_path_matcher { + json_path = "$.path" + json_matcher = "REGEX_MATCH" + } + } +} diff --git a/mmv1/templates/terraform/examples/go/uptime_check_config_status_code.tf.tmpl b/mmv1/templates/terraform/examples/go/uptime_check_config_status_code.tf.tmpl new file mode 100644 index 000000000000..3c9a21cfc5b2 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/uptime_check_config_status_code.tf.tmpl @@ -0,0 +1,42 @@ +resource "google_monitoring_uptime_check_config" "{{$.PrimaryResourceId}}" { + display_name = "{{index $.Vars "display_name"}}" + timeout = "60s" + + http_check { + path = "some-path" + port = "8010" + request_method = "POST" + content_type = "URL_ENCODED" + body = "Zm9vJTI1M0RiYXI=" + + accepted_response_status_codes { + status_class = "STATUS_CLASS_2XX" + } + accepted_response_status_codes { + status_value = 301 + } + accepted_response_status_codes { + status_value = 302 + } + } + + monitored_resource { + type = "uptime_url" + labels = { + project_id = "{{index $.TestEnvVars "project_id"}}" + host = "192.168.1.1" + } + } + + content_matchers { + content = "\"example\"" + matcher = "MATCHES_JSON_PATH" + json_path_matcher { + json_path = "$.path" + json_matcher = "EXACT_MATCH" + } + } + + checker_type = "STATIC_IP_CHECKERS" +} + diff --git a/mmv1/templates/terraform/examples/go/uptime_check_config_synthetic_monitor.tf.tmpl b/mmv1/templates/terraform/examples/go/uptime_check_config_synthetic_monitor.tf.tmpl new file mode 100644 index 000000000000..87b1f6703314 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/uptime_check_config_synthetic_monitor.tf.tmpl @@ -0,0 +1,44 @@ +resource "google_storage_bucket" "bucket" { + name = "{{index $.TestEnvVars "project_id"}}-{{index $.Vars "bucket_name"}}" # Every bucket name must be globally unique + location = "US" + uniform_bucket_level_access = true +} + +resource "google_storage_bucket_object" "object" { + name = "function-source.zip" + bucket = google_storage_bucket.bucket.name + source = "{{index $.Vars "zip_path"}}" # Add path to the zipped function source code +} + +resource "google_cloudfunctions2_function" "function" { + name = "{{index $.Vars "function_name"}}" + location = "us-central1" + + build_config { + runtime = "nodejs16" + entry_point = "SyntheticFunction" # Set the entry point + source { + storage_source { + bucket = google_storage_bucket.bucket.name + object = google_storage_bucket_object.object.name + } + } + } + + service_config { + max_instance_count = 1 + available_memory = "256M" + timeout_seconds = 60 + } +} + +resource "google_monitoring_uptime_check_config" "{{$.PrimaryResourceId}}" { + display_name = "{{index $.Vars "display_name"}}" + timeout = "60s" + + synthetic_monitor { + cloud_function_v2 { + name = google_cloudfunctions2_function.function.id + } + } +} diff --git a/mmv1/templates/terraform/examples/go/uptime_check_tcp.tf.tmpl b/mmv1/templates/terraform/examples/go/uptime_check_tcp.tf.tmpl new file mode 100644 index 000000000000..d96e816a9b84 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/uptime_check_tcp.tf.tmpl @@ -0,0 +1,21 @@ +resource "google_monitoring_uptime_check_config" "{{$.PrimaryResourceId}}" { + display_name = "{{index $.Vars "display_name"}}" + timeout = "60s" + + tcp_check { + port = 888 + ping_config { + pings_count = 2 + } + } + + resource_group { + resource_type = "INSTANCE" + group_id = google_monitoring_group.check.name + } +} + +resource "google_monitoring_group" "check" { + display_name = "{{index $.Vars "group_display_name"}}" + filter = "resource.metadata.name=has_substring(\"foo\")" +} diff --git a/mmv1/templates/terraform/examples/go/url_map_bucket_and_service.tf.tmpl b/mmv1/templates/terraform/examples/go/url_map_bucket_and_service.tf.tmpl new file mode 100644 index 000000000000..f8b9d8efdb9a --- /dev/null +++ b/mmv1/templates/terraform/examples/go/url_map_bucket_and_service.tf.tmpl @@ -0,0 +1,76 @@ +# [START cloudloadbalancing_url_map_bucket_and_service] +resource "google_compute_url_map" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + + default_service = google_compute_backend_bucket.static.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "mysite" + } + + host_rule { + hosts = ["myothersite.com"] + path_matcher = "otherpaths" + } + + path_matcher { + name = "mysite" + default_service = google_compute_backend_bucket.static.id + + path_rule { + paths = ["/home"] + service = google_compute_backend_bucket.static.id + } + + path_rule { + paths = ["/login"] + service = google_compute_backend_service.login.id + } + + path_rule { + paths = ["/static"] + service = google_compute_backend_bucket.static.id + } + } + + path_matcher { + name = "otherpaths" + default_service = google_compute_backend_bucket.static.id + } + + test { + service = google_compute_backend_bucket.static.id + host = "example.com" + path = "/home" + } +} + +resource "google_compute_backend_service" "login" { + name = "{{index $.Vars "login_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + name = "{{index $.Vars "http_health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} + +resource "google_compute_backend_bucket" "static" { + name = "{{index $.Vars "backend_bucket_name"}}" + bucket_name = google_storage_bucket.static.name + enable_cdn = true +} + +resource "google_storage_bucket" "static" { + name = "{{index $.Vars "storage_bucket_name"}}" + location = "US" +} +# [END cloudloadbalancing_url_map_bucket_and_service] diff --git a/mmv1/templates/terraform/examples/go/url_map_header_based_routing.tf.tmpl b/mmv1/templates/terraform/examples/go/url_map_header_based_routing.tf.tmpl new file mode 100644 index 000000000000..432b692d479d --- /dev/null +++ b/mmv1/templates/terraform/examples/go/url_map_header_based_routing.tf.tmpl @@ -0,0 +1,76 @@ +# [START trafficdirector_url_map_header_based_routing] +resource "google_compute_url_map" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "url_map_name"}}" + description = "header-based routing example" + default_service = google_compute_backend_service.default.id + + host_rule { + hosts = ["*"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.default.id + + route_rules { + priority = 1 + service = google_compute_backend_service.service-a.id + match_rules { + prefix_match = "/" + ignore_case = true + header_matches { + header_name = "abtest" + exact_match = "a" + } + } + } + route_rules { + priority = 2 + service = google_compute_backend_service.service-b.id + match_rules { + ignore_case = true + prefix_match = "/" + header_matches { + header_name = "abtest" + exact_match = "b" + } + } + } + } +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "default_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_backend_service" "service-a" { + name = "{{index $.Vars "service_a_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_backend_service" "service-b" { + name = "{{index $.Vars "service_b_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + name = "{{index $.Vars "health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} +# [END trafficdirector_url_map_header_based_routing] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/url_map_parameter_based_routing.tf.tmpl b/mmv1/templates/terraform/examples/go/url_map_parameter_based_routing.tf.tmpl new file mode 100644 index 000000000000..02d79ef69565 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/url_map_parameter_based_routing.tf.tmpl @@ -0,0 +1,76 @@ +# [START trafficdirector_url_map_parameter_based_routing] +resource "google_compute_url_map" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "url_map_name"}}" + description = "parameter-based routing example" + default_service = google_compute_backend_service.default.id + + host_rule { + hosts = ["*"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.default.id + + route_rules { + priority = 1 + service = google_compute_backend_service.service-a.id + match_rules { + prefix_match = "/" + ignore_case = true + query_parameter_matches { + name = "abtest" + exact_match = "a" + } + } + } + route_rules { + priority = 2 + service = google_compute_backend_service.service-b.id + match_rules { + ignore_case = true + prefix_match = "/" + query_parameter_matches { + name = "abtest" + exact_match = "b" + } + } + } + } +} + +resource "google_compute_backend_service" "default" { + name = "{{index $.Vars "default_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_backend_service" "service-a" { + name = "{{index $.Vars "service_a_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_backend_service" "service-b" { + name = "{{index $.Vars "service_b_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + name = "{{index $.Vars "health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} +# [END trafficdirector_url_map_parameter_based_routing] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/url_map_path_template_match.tf.tmpl b/mmv1/templates/terraform/examples/go/url_map_path_template_match.tf.tmpl new file mode 100644 index 000000000000..17dc901c7517 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/url_map_path_template_match.tf.tmpl @@ -0,0 +1,77 @@ +# [START cloudloadbalancing_url_map_path_template_match] +resource "google_compute_url_map" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + + default_service = google_compute_backend_bucket.static.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "mysite" + } + + path_matcher { + name = "mysite" + default_service = google_compute_backend_bucket.static.id + + route_rules { + match_rules { + path_template_match = "/xyzwebservices/v2/xyz/users/{username=*}/carts/{cartid=**}" + } + service = google_compute_backend_service.cart-backend.id + priority = 1 + route_action { + url_rewrite { + path_template_rewrite = "/{username}-{cartid}/" + } + } + } + + route_rules { + match_rules { + path_template_match = "/xyzwebservices/v2/xyz/users/*/accountinfo/*" + } + service = google_compute_backend_service.user-backend.id + priority = 2 + } + } +} + +resource "google_compute_backend_service" "cart-backend" { + name = "{{index $.Vars "cart_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + load_balancing_scheme = "EXTERNAL_MANAGED" + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_backend_service" "user-backend" { + name = "{{index $.Vars "user_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + load_balancing_scheme = "EXTERNAL_MANAGED" + + health_checks = [google_compute_http_health_check.default.id] +} + +resource "google_compute_http_health_check" "default" { + name = "{{index $.Vars "http_health_check_name"}}" + request_path = "/" + check_interval_sec = 1 + timeout_sec = 1 +} + +resource "google_compute_backend_bucket" "static" { + name = "{{index $.Vars "backend_bucket_name"}}" + bucket_name = google_storage_bucket.static.name + enable_cdn = true +} + +resource "google_storage_bucket" "static" { + name = "{{index $.Vars "storage_bucket_name"}}" + location = "US" +} +# [END cloudloadbalancing_url_map_path_template_match] diff --git a/mmv1/templates/terraform/examples/go/url_map_traffic_director_path.tf.tmpl b/mmv1/templates/terraform/examples/go/url_map_traffic_director_path.tf.tmpl new file mode 100644 index 000000000000..72e92f8fb516 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/url_map_traffic_director_path.tf.tmpl @@ -0,0 +1,105 @@ +# [START trafficdirector_url_map_traffic_director_path] +resource "google_compute_url_map" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + default_service = google_compute_backend_service.home.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.home.id + + path_rule { + paths = ["/home"] + route_action { + cors_policy { + allow_credentials = true + allow_headers = ["Allowed content"] + allow_methods = ["GET"] + allow_origin_regexes = ["abc.*"] + allow_origins = ["Allowed origin"] + expose_headers = ["Exposed header"] + max_age = 30 + disabled = false + } + fault_injection_policy { + abort { + http_status = 234 + percentage = 5.6 + } + delay { + fixed_delay { + seconds = 0 + nanos = 50000 + } + percentage = 7.8 + } + } + request_mirror_policy { + backend_service = google_compute_backend_service.home.id + } + retry_policy { + num_retries = 4 + per_try_timeout { + seconds = 30 + } + retry_conditions = ["5xx", "deadline-exceeded"] + } + timeout { + seconds = 20 + nanos = 750000000 + } + url_rewrite { + host_rewrite = "dev.example.com" + path_prefix_rewrite = "/v1/api/" + } + weighted_backend_services { + backend_service = google_compute_backend_service.home.id + weight = 400 + header_action { + request_headers_to_remove = ["RemoveMe"] + request_headers_to_add { + header_name = "AddMe" + header_value = "MyValue" + replace = true + } + response_headers_to_remove = ["RemoveMe"] + response_headers_to_add { + header_name = "AddMe" + header_value = "MyValue" + replace = false + } + } + } + } + } + } + + test { + service = google_compute_backend_service.home.id + host = "hi.com" + path = "/home" + } +} + +resource "google_compute_backend_service" "home" { + name = "{{index $.Vars "home_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_health_check.default.id] + load_balancing_scheme = "INTERNAL_SELF_MANAGED" +} + +resource "google_compute_health_check" "default" { + name = "{{index $.Vars "health_check_name"}}" + http_health_check { + port = 80 + } +} +# [END trafficdirector_url_map_traffic_director_path] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/url_map_traffic_director_path_partial.tf.tmpl b/mmv1/templates/terraform/examples/go/url_map_traffic_director_path_partial.tf.tmpl new file mode 100644 index 000000000000..ad2340dc3cc3 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/url_map_traffic_director_path_partial.tf.tmpl @@ -0,0 +1,75 @@ +# [START trafficdirector_url_map_traffic_director_path_partial] +resource "google_compute_url_map" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + default_service = google_compute_backend_service.home.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.home.id + + path_rule { + paths = ["/home"] + route_action { + cors_policy { + allow_credentials = true + allow_headers = ["Allowed content"] + allow_methods = ["GET"] + allow_origin_regexes = ["abc.*"] + allow_origins = ["Allowed origin"] + expose_headers = ["Exposed header"] + max_age = 30 + disabled = false + } + weighted_backend_services { + backend_service = google_compute_backend_service.home.id + weight = 400 + header_action { + request_headers_to_remove = ["RemoveMe"] + request_headers_to_add { + header_name = "AddMe" + header_value = "MyValue" + replace = true + } + response_headers_to_remove = ["RemoveMe"] + response_headers_to_add { + header_name = "AddMe" + header_value = "MyValue" + replace = false + } + } + } + } + } + } + + test { + service = google_compute_backend_service.home.id + host = "hi.com" + path = "/home" + } +} + +resource "google_compute_backend_service" "home" { + name = "{{index $.Vars "home_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_health_check.default.id] + load_balancing_scheme = "INTERNAL_SELF_MANAGED" +} + +resource "google_compute_health_check" "default" { + name = "{{index $.Vars "health_check_name"}}" + http_health_check { + port = 80 + } +} + +# [END trafficdirector_url_map_traffic_director_path_partial] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/url_map_traffic_director_route.tf.tmpl b/mmv1/templates/terraform/examples/go/url_map_traffic_director_route.tf.tmpl new file mode 100644 index 000000000000..a711552980c2 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/url_map_traffic_director_route.tf.tmpl @@ -0,0 +1,85 @@ +# [START trafficdirector_url_map_traffic_director_route] +resource "google_compute_url_map" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + default_service = google_compute_backend_service.home.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.home.id + + route_rules { + priority = 1 + header_action { + request_headers_to_remove = ["RemoveMe2"] + request_headers_to_add { + header_name = "AddSomethingElse" + header_value = "MyOtherValue" + replace = true + } + response_headers_to_remove = ["RemoveMe3"] + response_headers_to_add { + header_name = "AddMe" + header_value = "MyValue" + replace = false + } + } + match_rules { + full_path_match = "a full path" + header_matches { + header_name = "someheader" + exact_match = "match this exactly" + invert_match = true + } + ignore_case = true + metadata_filters { + filter_match_criteria = "MATCH_ANY" + filter_labels { + name = "PLANET" + value = "MARS" + } + } + query_parameter_matches { + name = "a query parameter" + present_match = true + } + } + url_redirect { + host_redirect = "A host" + https_redirect = false + path_redirect = "some/path" + redirect_response_code = "TEMPORARY_REDIRECT" + strip_query = true + } + } + } + + test { + service = google_compute_backend_service.home.id + host = "hi.com" + path = "/home" + } +} + +resource "google_compute_backend_service" "home" { + name = "{{index $.Vars "home_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_health_check.default.id] + load_balancing_scheme = "INTERNAL_SELF_MANAGED" +} + +resource "google_compute_health_check" "default" { + name = "{{index $.Vars "health_check_name"}}" + http_health_check { + port = 80 + } +} +# [END trafficdirector_url_map_traffic_director_route] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/url_map_traffic_director_route_partial.tf.tmpl b/mmv1/templates/terraform/examples/go/url_map_traffic_director_route_partial.tf.tmpl new file mode 100644 index 000000000000..c50a260f71ab --- /dev/null +++ b/mmv1/templates/terraform/examples/go/url_map_traffic_director_route_partial.tf.tmpl @@ -0,0 +1,56 @@ +# [START trafficdirector_url_map_traffic_director_route_partial] +resource "google_compute_url_map" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "url_map_name"}}" + description = "a description" + default_service = google_compute_backend_service.home.id + + host_rule { + hosts = ["mysite.com"] + path_matcher = "allpaths" + } + + path_matcher { + name = "allpaths" + default_service = google_compute_backend_service.home.id + + route_rules { + priority = 1 + match_rules { + prefix_match = "/someprefix" + header_matches { + header_name = "someheader" + exact_match = "match this exactly" + invert_match = true + } + } + url_redirect { + path_redirect = "some/path" + redirect_response_code = "TEMPORARY_REDIRECT" + } + } + } + + test { + service = google_compute_backend_service.home.id + host = "hi.com" + path = "/home" + } +} + +resource "google_compute_backend_service" "home" { + name = "{{index $.Vars "home_backend_service_name"}}" + port_name = "http" + protocol = "HTTP" + timeout_sec = 10 + + health_checks = [google_compute_health_check.default.id] + load_balancing_scheme = "INTERNAL_SELF_MANAGED" +} + +resource "google_compute_health_check" "default" { + name = "{{index $.Vars "health_check_name"}}" + http_health_check { + port = 80 + } +} +# [END trafficdirector_url_map_traffic_director_route_partial] \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/go/vertex_ai_dataset.tf.tmpl b/mmv1/templates/terraform/examples/go/vertex_ai_dataset.tf.tmpl new file mode 100644 index 000000000000..04704bc3c682 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/vertex_ai_dataset.tf.tmpl @@ -0,0 +1,9 @@ +resource "google_vertex_ai_dataset" "dataset" { + display_name = "{{index $.Vars "display_name"}}" + metadata_schema_uri = "gs://google-cloud-aiplatform/schema/dataset/metadata/image_1.0.0.yaml" + region = "us-central1" + + labels = { + env = "test" + } +} diff --git a/mmv1/templates/terraform/examples/go/vertex_ai_deployment_resource_pool.tf.tmpl b/mmv1/templates/terraform/examples/go/vertex_ai_deployment_resource_pool.tf.tmpl new file mode 100644 index 000000000000..7fc79e48fb8c --- /dev/null +++ b/mmv1/templates/terraform/examples/go/vertex_ai_deployment_resource_pool.tf.tmpl @@ -0,0 +1,19 @@ +resource "google_vertex_ai_deployment_resource_pool" "{{$.PrimaryResourceId}}" { + region = "us-central1" + name = "{{index $.Vars "deployment_resource_pool_id"}}" + dedicated_resources { + machine_spec { + machine_type = "n1-standard-4" + accelerator_type = "NVIDIA_TESLA_K80" + accelerator_count = 1 + } + + min_replica_count = 1 + max_replica_count = 2 + + autoscaling_metric_specs { + metric_name = "aiplatform.googleapis.com/prediction/online/accelerator/duty_cycle" + target = 60 + } + } +} diff --git a/mmv1/templates/terraform/examples/go/vertex_ai_endpoint_network.tf.tmpl b/mmv1/templates/terraform/examples/go/vertex_ai_endpoint_network.tf.tmpl new file mode 100644 index 000000000000..2f380f11cc81 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/vertex_ai_endpoint_network.tf.tmpl @@ -0,0 +1,43 @@ +resource "google_vertex_ai_endpoint" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "endpoint_name"}}" + display_name = "sample-endpoint" + description = "A sample vertex endpoint" + location = "us-central1" + region = "us-central1" + labels = { + label-one = "value-one" + } + network = "projects/${data.google_project.project.number}/global/networks/${google_compute_network.vertex_network.name}" + encryption_spec { + kms_key_name = "{{index $.Vars "kms_key_name"}}" + } + depends_on = [ + google_service_networking_connection.vertex_vpc_connection + ] +} + +resource "google_service_networking_connection" "vertex_vpc_connection" { + network = google_compute_network.vertex_network.id + service = "servicenetworking.googleapis.com" + reserved_peering_ranges = [google_compute_global_address.vertex_range.name] +} + +resource "google_compute_global_address" "vertex_range" { + name = "{{index $.Vars "address_name"}}" + purpose = "VPC_PEERING" + address_type = "INTERNAL" + prefix_length = 24 + network = google_compute_network.vertex_network.id +} + +resource "google_compute_network" "vertex_network" { + name = "{{index $.Vars "network_name"}}" +} + +resource "google_kms_crypto_key_iam_member" "crypto_key" { + crypto_key_id = "{{index $.Vars "kms_key_name"}}" + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-aiplatform.iam.gserviceaccount.com" +} + +data "google_project" "project" {} diff --git a/mmv1/templates/terraform/examples/go/vertex_ai_feature_group.tf.tmpl b/mmv1/templates/terraform/examples/go/vertex_ai_feature_group.tf.tmpl new file mode 100644 index 000000000000..09b281489881 --- /dev/null +++ b/mmv1/templates/terraform/examples/go/vertex_ai_feature_group.tf.tmpl @@ -0,0 +1,43 @@ + resource "google_vertex_ai_feature_group" "{{$.PrimaryResourceId}}" { + name = "{{index $.Vars "feature_group_name"}}" + description = "A sample feature group" + region = "us-central1" + labels = { + label-one = "value-one" + } + big_query { + big_query_source { + # The source table must have a column named 'feature_timestamp' of type TIMESTAMP. + input_uri = "bq://${google_bigquery_table.sample_table.project}.${google_bigquery_table.sample_table.dataset_id}.${google_bigquery_table.sample_table.table_id}" + } + entity_id_columns = ["feature_id"] + } +} + +resource "google_bigquery_dataset" "sample_dataset" { + dataset_id = "{{index $.Vars "job_id"}}_dataset" + friendly_name = "test" + description = "This is a test description" + location = "US" +} + +resource "google_bigquery_table" "sample_table" { + deletion_protection = false + dataset_id = google_bigquery_dataset.sample_dataset.dataset_id + table_id = "{{index $.Vars "job_id"}}_table" + + schema = <