Skip to content

ottogroup/pantheon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

68 Commits
scripts
scripts
 
 
terraform/modules
terraform/modules
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
Readme.md
Readme.md
 
 

Repository files navigation

Pantheon terraform modules

This repository contains the following terraform modules

Amazon Web Services (AWS)

  • aws-policies: Provides required access policies

Module aws-policies usage

module "pantheon_access_policies" {
    source                      = "github.com/ottogroup/pantheon//terraform/modules/aws-policies?ref=v1.1.20"
    pantheon_service_account_id = "100020003000400050006"
    pantheon_role_name          = "pantheon-security-audit"
}

Google Cloud Platform

  • gcp-log-export: Provides log-export on folder or organization level
  • gcp-org: Provides resources on organization level, e.g. custom roles
  • gcp-permission: Provides IAM bindings on folder or organization level
  • gcp-billing: Provides IAM bindings for the billing account

Example

Module gcp-log-export usage

On folder level

module "pantheon_gcp_folder_log_export" {
    source = "github.com/ottogroup/pantheon//terraform/modules/gcp-log-export?ref=v1.1.20"
    destination_uri = "pubsub.googleapis.com/projects/<PROJECT_ID>/topics/<TOPIC_NAME>"
    parent_resource_type = "folder"
    parent_resource_id = "123456789"
    pantheon_service_account = "<SA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com"
}

On organization level

module "pantheon_gcp_org_log_export" {
    source = "github.com/ottogroup/pantheon//terraform/modules/gcp-log-export?ref=v1.1.20"
    destination_uri = "pubsub.googleapis.com/projects/<PROJECT_ID>/topics/<TOPIC_NAME>"
    parent_resource_type = "organization"
    parent_resource_id = "123456789"
    pantheon_service_account = "<SA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com"
}

Module gcp-org usage

module "pantheon_gcp_org" {
    source = "github.com/ottogroup/pantheon//terraform/modules/gcp-org?ref=v1.1.20"
    org_id = "123456789"
}

Module gcp-permission usage

On folder level

module "pantheon_gcp_permission" {
    source = "github.com/ottogroup/pantheon//terraform/modules/gcp-permission?ref=v1.1.20"
    pantheon_engine_role_id = module.pantheon_gcp_org.output.pantheon_engine_role_id
    folder_ids = ["123456789", "987654321"]
    pantheon_service_account = "<SA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com"
}

On org level

module "pantheon_gcp_permission" {
    source = "github.com/ottogroup/pantheon//terraform/modules/gcp-permission?ref=v1.1.20"
    pantheon_engine_role_id = module.pantheon_gcp_org.pantheon_engine_role_id
    org_id = "123456789"
    pantheon_service_account = "<SA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com"
}

Module gcp-billing usage

module "pantheon_gcp_billing" {
    source = "github.com/ottogroup/pantheon//terraform/modules/gcp-billing?ref=v1.1.20"
    billing_account_id = "00AA00-000AAA-00AA0A"
    pantheon_service_account = "<SA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com"
}

Versioning

This repo uses SemVer based git tags for versioning which can be used to select terraform module revision [1].

Links

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

4 stars

Watchers

5 watching

Forks

1 fork
Report repository

Releases 17

v1.1.26 Latest
Nov 27, 2024
+ 16 releases

Packages

No packages published

Contributors 6

Languages