From 559d2e7401b6a431b9638e73f1c112f6ebfbb574 Mon Sep 17 00:00:00 2001 From: Ludo Date: Tue, 23 Jan 2024 12:14:20 +0100 Subject: [PATCH 1/3] Checklist attribution bucket --- fast/stages/0-bootstrap/checklist.tf | 33 + .../0-bootstrap/data/checklist-data.json | 746 ++++++++++++++++++ .../0-bootstrap/data/checklist-org-iam.json | 108 +++ tests/fast/stages/s0_bootstrap/checklist.yaml | 12 +- .../s0_bootstrap/data/checklist-data.json | 58 +- .../s0_bootstrap/data/checklist-org-iam.json | 28 +- tests/fast/stages/s1_resman/checklist.yaml | 96 +-- 7 files changed, 984 insertions(+), 97 deletions(-) create mode 100644 fast/stages/0-bootstrap/data/checklist-data.json create mode 100644 fast/stages/0-bootstrap/data/checklist-org-iam.json diff --git a/fast/stages/0-bootstrap/checklist.tf b/fast/stages/0-bootstrap/checklist.tf index ef7cb3b350..cab821f16c 100644 --- a/fast/stages/0-bootstrap/checklist.tf +++ b/fast/stages/0-bootstrap/checklist.tf @@ -85,6 +85,11 @@ locals { ])) location = try(local._cl_data.logging.sinks[0].destination.location, null) } + uses_checklist = ( + var.factories_config.checklist_data != null + || + var.factories_config.checklist_org_iam != null + ) } check "checklist" { @@ -120,3 +125,31 @@ check "checklist" { error_message = "Checklist org IAM organization id mismatch, file ignored." } } + +# checklist files bucket + +module "automation-tf-checklist-gcs" { + source = "../../../modules/gcs" + count = local.uses_checklist ? 1 : 0 + project_id = module.automation-project.project_id + name = "iac-core-checklist-0" + prefix = local.prefix + location = local.locations.gcs + storage_class = local.gcs_storage_class + versioning = true + depends_on = [module.organization] +} + +resource "google_storage_bucket_object" "checklist_data" { + count = var.factories_config.checklist_data != null ? 1 : 0 + bucket = module.automation-tf-checklist-gcs.0.name + name = "checklist/data.tfvars.json" + source = var.factories_config.checklist_data +} + +resource "google_storage_bucket_object" "checklist_org_iam" { + count = var.factories_config.checklist_org_iam != null ? 1 : 0 + bucket = module.automation-tf-checklist-gcs.0.name + name = "checklist/org-iam.tfvars.json" + source = var.factories_config.checklist_org_iam +} diff --git a/fast/stages/0-bootstrap/data/checklist-data.json b/fast/stages/0-bootstrap/data/checklist-data.json new file mode 100644 index 0000000000..9f45ea784d --- /dev/null +++ b/fast/stages/0-bootstrap/data/checklist-data.json @@ -0,0 +1,746 @@ +{ + "cloud_setup_config": { + "version": "0.1.0", + "organization": { + "id": "656131167402", + "name": "fast-onboarding-0.joonix.net" + }, + "billing_account": {}, + "resource_hierarchy": { + "template": "DIV_TEAM_ENV", + "environments": [ + { + "name": "Production", + "recommendation": "ENV_REC_PROD" + }, + { + "name": "Non-Production", + "recommendation": "ENV_REC_NONPROD" + }, + { + "name": "Development", + "recommendation": "ENV_REC_DEV" + } + ], + "business_units": [ + { + "name": "Department 1", + "teams": [ + { + "name": "Team 1" + }, + { + "name": "Team 2" + }, + { + "name": "Team 3" + }, + { + "name": "Team 4" + } + ] + }, + { + "name": "Department 2", + "teams": [ + { + "name": "Team 1" + }, + { + "name": "Team 2" + }, + { + "name": "Team 3" + }, + { + "name": "Team 4" + } + ] + }, + { + "name": "Department 3", + "teams": [ + { + "name": "Team 1" + }, + { + "name": "Team 2" + }, + { + "name": "Team 3" + }, + { + "name": "Team 4" + } + ] + } + ], + "top_level_teams": [ + { + "name": "Team 1" + }, + { + "name": "Team 2" + }, + { + "name": "Team 3" + } + ] + }, + "folders": [ + { + "reference_id": "Common", + "parent": "ROOT", + "display_name": "Common" + }, + { + "reference_id": "Department 1", + "parent": "ROOT", + "display_name": "Department 1" + }, + { + "reference_id": "Department 1/Team 1", + "parent": "Department 1", + "display_name": "Team 1" + }, + { + "reference_id": "Department 1/Team 1/Production", + "parent": "Department 1/Team 1", + "display_name": "Production" + }, + { + "reference_id": "Department 1/Team 1/Non-Production", + "parent": "Department 1/Team 1", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 1/Team 1/Development", + "parent": "Department 1/Team 1", + "display_name": "Development" + }, + { + "reference_id": "Department 1/Team 2", + "parent": "Department 1", + "display_name": "Team 2" + }, + { + "reference_id": "Department 1/Team 2/Production", + "parent": "Department 1/Team 2", + "display_name": "Production" + }, + { + "reference_id": "Department 1/Team 2/Non-Production", + "parent": "Department 1/Team 2", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 1/Team 2/Development", + "parent": "Department 1/Team 2", + "display_name": "Development" + }, + { + "reference_id": "Department 1/Team 3", + "parent": "Department 1", + "display_name": "Team 3" + }, + { + "reference_id": "Department 1/Team 3/Production", + "parent": "Department 1/Team 3", + "display_name": "Production" + }, + { + "reference_id": "Department 1/Team 3/Non-Production", + "parent": "Department 1/Team 3", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 1/Team 3/Development", + "parent": "Department 1/Team 3", + "display_name": "Development" + }, + { + "reference_id": "Department 1/Team 4", + "parent": "Department 1", + "display_name": "Team 4" + }, + { + "reference_id": "Department 1/Team 4/Production", + "parent": "Department 1/Team 4", + "display_name": "Production" + }, + { + "reference_id": "Department 1/Team 4/Non-Production", + "parent": "Department 1/Team 4", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 1/Team 4/Development", + "parent": "Department 1/Team 4", + "display_name": "Development" + }, + { + "reference_id": "Department 2", + "parent": "ROOT", + "display_name": "Department 2" + }, + { + "reference_id": "Department 2/Team 1", + "parent": "Department 2", + "display_name": "Team 1" + }, + { + "reference_id": "Department 2/Team 1/Production", + "parent": "Department 2/Team 1", + "display_name": "Production" + }, + { + "reference_id": "Department 2/Team 1/Non-Production", + "parent": "Department 2/Team 1", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 2/Team 1/Development", + "parent": "Department 2/Team 1", + "display_name": "Development" + }, + { + "reference_id": "Department 2/Team 2", + "parent": "Department 2", + "display_name": "Team 2" + }, + { + "reference_id": "Department 2/Team 2/Production", + "parent": "Department 2/Team 2", + "display_name": "Production" + }, + { + "reference_id": "Department 2/Team 2/Non-Production", + "parent": "Department 2/Team 2", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 2/Team 2/Development", + "parent": "Department 2/Team 2", + "display_name": "Development" + }, + { + "reference_id": "Department 2/Team 3", + "parent": "Department 2", + "display_name": "Team 3" + }, + { + "reference_id": "Department 2/Team 3/Production", + "parent": "Department 2/Team 3", + "display_name": "Production" + }, + { + "reference_id": "Department 2/Team 3/Non-Production", + "parent": "Department 2/Team 3", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 2/Team 3/Development", + "parent": "Department 2/Team 3", + "display_name": "Development" + }, + { + "reference_id": "Department 2/Team 4", + "parent": "Department 2", + "display_name": "Team 4" + }, + { + "reference_id": "Department 2/Team 4/Production", + "parent": "Department 2/Team 4", + "display_name": "Production" + }, + { + "reference_id": "Department 2/Team 4/Non-Production", + "parent": "Department 2/Team 4", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 2/Team 4/Development", + "parent": "Department 2/Team 4", + "display_name": "Development" + }, + { + "reference_id": "Department 3", + "parent": "ROOT", + "display_name": "Department 3" + }, + { + "reference_id": "Department 3/Team 1", + "parent": "Department 3", + "display_name": "Team 1" + }, + { + "reference_id": "Department 3/Team 1/Production", + "parent": "Department 3/Team 1", + "display_name": "Production" + }, + { + "reference_id": "Department 3/Team 1/Non-Production", + "parent": "Department 3/Team 1", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 3/Team 1/Development", + "parent": "Department 3/Team 1", + "display_name": "Development" + }, + { + "reference_id": "Department 3/Team 2", + "parent": "Department 3", + "display_name": "Team 2" + }, + { + "reference_id": "Department 3/Team 2/Production", + "parent": "Department 3/Team 2", + "display_name": "Production" + }, + { + "reference_id": "Department 3/Team 2/Non-Production", + "parent": "Department 3/Team 2", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 3/Team 2/Development", + "parent": "Department 3/Team 2", + "display_name": "Development" + }, + { + "reference_id": "Department 3/Team 3", + "parent": "Department 3", + "display_name": "Team 3" + }, + { + "reference_id": "Department 3/Team 3/Production", + "parent": "Department 3/Team 3", + "display_name": "Production" + }, + { + "reference_id": "Department 3/Team 3/Non-Production", + "parent": "Department 3/Team 3", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 3/Team 3/Development", + "parent": "Department 3/Team 3", + "display_name": "Development" + }, + { + "reference_id": "Department 3/Team 4", + "parent": "Department 3", + "display_name": "Team 4" + }, + { + "reference_id": "Department 3/Team 4/Production", + "parent": "Department 3/Team 4", + "display_name": "Production" + }, + { + "reference_id": "Department 3/Team 4/Non-Production", + "parent": "Department 3/Team 4", + "display_name": "Non-Production" + }, + { + "reference_id": "Department 3/Team 4/Development", + "parent": "Department 3/Team 4", + "display_name": "Development" + } + ], + "projects": [ + { + "id": "vpc-host-prod-us602-dp794", + "name": "vpc-host-prod", + "parent": "Common", + "recommendation": "PROJ_REC_VPC_HOST_PROD" + }, + { + "id": "vpc-host-nonprod-us602-dp794", + "name": "vpc-host-nonprod", + "parent": "Common", + "recommendation": "PROJ_REC_VPC_HOST_NONPROD" + }, + { + "id": "logging-us602-dp794", + "name": "logging", + "parent": "Common", + "recommendation": "PROJ_REC_LOGGING" + }, + { + "id": "monitoring-prod-us602-dp794", + "name": "monitoring-prod", + "parent": "Common", + "recommendation": "PROJ_REC_MONITORING_PROD" + }, + { + "id": "monitoring-nonprod-us602-dp794", + "name": "monitoring-nonprod", + "parent": "Common", + "recommendation": "PROJ_REC_MONITORING_NONPROD" + }, + { + "id": "monitoring-dev-us602-dp794", + "name": "monitoring-dev", + "parent": "Common", + "recommendation": "PROJ_REC_MONITORING_DEV" + } + ], + "logging": { + "sinks": [ + { + "destination": { + "project_id": "logging-us602-dp794", + "name": "fast-onboarding-0.joonix-logging", + "location": "global", + "retention_period_seconds": "2592000" + }, + "role": "SINK_LOG_BUCKET" + } + ] + }, + "access_control": [ + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 1/Team 1/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 1/Team 2/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 1/Team 3/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 1/Team 4/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 2/Team 1/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 2/Team 2/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 2/Team 3/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 2/Team 4/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 3/Team 1/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 3/Team 2/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 3/Team 3/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 3/Team 4/Non-Production" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 1/Team 1/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 1/Team 2/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 1/Team 3/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 1/Team 4/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 2/Team 1/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 2/Team 2/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 2/Team 3/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 2/Team 4/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 3/Team 1/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 3/Team 2/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 3/Team 3/Development" + } + }, + { + "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "group_id": "DEVELOPERS", + "role": [ + "roles/compute.instanceAdmin.v1", + "roles/container.admin" + ], + "resource": { + "type": "FOLDER", + "id": "Department 3/Team 4/Development" + } + }, + { + "principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net", + "group_id": "LOGGING_VIEWERS", + "role": [ + "roles/logging.viewer", + "roles/logging.privateLogViewer", + "roles/bigquery.dataViewer", + "roles/owner" + ], + "resource": { + "type": "ORGANIZATION", + "id": "656131167402" + } + }, + { + "principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net", + "group_id": "LOGGING_VIEWERS", + "role": [ + "roles/logging.viewer", + "roles/logging.privateLogViewer", + "roles/bigquery.dataViewer", + "roles/owner" + ], + "resource": { + "type": "PROJECT", + "id": "vpc-host-prod-us602-dp794" + } + }, + { + "principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net", + "group_id": "LOGGING_VIEWERS", + "role": [ + "roles/logging.viewer", + "roles/logging.privateLogViewer", + "roles/bigquery.dataViewer" + ], + "resource": { + "type": "PROJECT", + "id": "logging-us602-dp794" + } + }, + { + "principal": "group:gcp-security-admins@fast-onboarding-0.joonix.net", + "group_id": "SECURITY_ADMINS", + "role": [ + "roles/bigquery.dataViewer" + ], + "resource": { + "type": "PROJECT", + "id": "logging-us602-dp794" + } + } + ] + } +} \ No newline at end of file diff --git a/fast/stages/0-bootstrap/data/checklist-org-iam.json b/fast/stages/0-bootstrap/data/checklist-org-iam.json new file mode 100644 index 0000000000..46209a171d --- /dev/null +++ b/fast/stages/0-bootstrap/data/checklist-org-iam.json @@ -0,0 +1,108 @@ +{ + "cloud_setup_org_iam": { + "version": "0.1.0", + "organization": { + "id": "656131167402", + "name": "fast-onboarding-0.joonix.net" + }, + "iam_bindings": [ + { + "principal": "group:gcp-organization-admins@fast-onboarding-0.joonix.net", + "group_id": "ORG_ADMINS", + "role": [ + "roles/storage.objectAdmin", + "roles/resourcemanager.folderAdmin", + "roles/resourcemanager.projectCreator", + "roles/billing.user", + "roles/iam.organizationRoleAdmin", + "roles/orgpolicy.policyAdmin", + "roles/securitycenter.admin", + "roles/cloudsupport.admin" + ], + "resource": { + "type": "ORGANIZATION", + "id": "656131167402" + } + }, + { + "principal": "group:gcp-billing-admins@fast-onboarding-0.joonix.net", + "group_id": "BILLING_ADMINS", + "role": [ + "roles/billing.admin", + "roles/billing.creator", + "roles/resourcemanager.organizationViewer" + ], + "resource": { + "type": "ORGANIZATION", + "id": "656131167402" + } + }, + { + "principal": "group:gcp-network-admins@fast-onboarding-0.joonix.net", + "group_id": "NETWORK_ADMINS", + "role": [ + "roles/compute.networkAdmin", + "roles/compute.xpnAdmin", + "roles/compute.securityAdmin", + "roles/resourcemanager.folderViewer" + ], + "resource": { + "type": "ORGANIZATION", + "id": "656131167402" + } + }, + { + "principal": "group:gcp-logging-admins@fast-onboarding-0.joonix.net", + "group_id": "LOGGING_ADMINS", + "role": [ + "roles/logging.admin" + ], + "resource": { + "type": "ORGANIZATION", + "id": "656131167402" + } + }, + { + "principal": "group:gcp-monitoring-admins@fast-onboarding-0.joonix.net", + "group_id": "MONITORING_ADMINS", + "role": [ + "roles/monitoring.admin" + ], + "resource": { + "type": "ORGANIZATION", + "id": "656131167402" + } + }, + { + "principal": "group:gcp-security-admins@fast-onboarding-0.joonix.net", + "group_id": "SECURITY_ADMINS", + "role": [ + "roles/orgpolicy.policyAdmin", + "roles/iam.securityReviewer", + "roles/iam.organizationRoleViewer", + "roles/securitycenter.admin", + "roles/resourcemanager.folderIamAdmin", + "roles/logging.privateLogViewer", + "roles/logging.configWriter", + "roles/container.viewer", + "roles/compute.viewer" + ], + "resource": { + "type": "ORGANIZATION", + "id": "656131167402" + } + }, + { + "principal": "group:gcp-devops@fast-onboarding-0.joonix.net", + "group_id": "DEVOPS", + "role": [ + "roles/resourcemanager.folderViewer" + ], + "resource": { + "type": "ORGANIZATION", + "id": "656131167402" + } + } + ] + } +} \ No newline at end of file diff --git a/tests/fast/stages/s0_bootstrap/checklist.yaml b/tests/fast/stages/s0_bootstrap/checklist.yaml index cce88a5d28..b276927c2c 100644 --- a/tests/fast/stages/s0_bootstrap/checklist.yaml +++ b/tests/fast/stages/s0_bootstrap/checklist.yaml @@ -305,9 +305,9 @@ values: member: group:gcp-security-admins@fast.example.com org_id: '123456789012' role: roles/logging.privateLogViewer - ? module.organization.google_organization_iam_member.bindings["roles/monitoring.admin-group:gcp-monitoring-admins@fast-onboarding-0.joonix.net"] + ? module.organization.google_organization_iam_member.bindings["roles/monitoring.admin-group:gcp-monitoring-admins@fast.example.com"] : condition: [] - member: group:gcp-monitoring-admins@fast-onboarding-0.joonix.net + member: group:gcp-monitoring-admins@fast.example.com org_id: '123456789012' role: roles/monitoring.admin ? module.organization.google_organization_iam_member.bindings["roles/orgpolicy.policyAdmin-group:gcp-organization-admins@fast.example.com"] @@ -372,12 +372,12 @@ counts: google_project_service_identity: 3 google_service_account: 4 google_service_account_iam_binding: 2 - google_storage_bucket: 3 + google_storage_bucket: 4 google_storage_bucket_iam_binding: 2 google_storage_bucket_iam_member: 4 - google_storage_bucket_object: 7 + google_storage_bucket_object: 9 google_storage_project_service_account: 3 google_tags_tag_key: 1 google_tags_tag_value: 1 - modules: 15 - resources: 174 + modules: 16 + resources: 177 diff --git a/tests/fast/stages/s0_bootstrap/data/checklist-data.json b/tests/fast/stages/s0_bootstrap/data/checklist-data.json index 3195a0733f..c9ba8aa4a9 100644 --- a/tests/fast/stages/s0_bootstrap/data/checklist-data.json +++ b/tests/fast/stages/s0_bootstrap/data/checklist-data.json @@ -402,7 +402,7 @@ }, "access_control": [ { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -414,7 +414,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -426,7 +426,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -438,7 +438,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -450,7 +450,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -462,7 +462,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -474,7 +474,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -486,7 +486,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -498,7 +498,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -510,7 +510,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -522,7 +522,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -534,7 +534,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -546,7 +546,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -558,7 +558,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -570,7 +570,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -582,7 +582,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -594,7 +594,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -606,7 +606,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -618,7 +618,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -630,7 +630,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -642,7 +642,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -654,7 +654,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -666,7 +666,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -678,7 +678,7 @@ } }, { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-developers@fast.example.com", "group_id": "DEVELOPERS", "role": [ "roles/compute.instanceAdmin.v1", @@ -690,7 +690,7 @@ } }, { - "principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-logging-viewers@fast.example.com", "group_id": "LOGGING_VIEWERS", "role": [ "roles/logging.viewer", @@ -700,11 +700,11 @@ ], "resource": { "type": "ORGANIZATION", - "id": "656131167402" + "id": "123456789012" } }, { - "principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-logging-viewers@fast.example.com", "group_id": "LOGGING_VIEWERS", "role": [ "roles/logging.viewer", @@ -718,7 +718,7 @@ } }, { - "principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net", + "principal": "group:gcp-logging-viewers@fast.example.com", "group_id": "LOGGING_VIEWERS", "role": [ "roles/logging.viewer", @@ -731,7 +731,7 @@ } }, { - "principal": "group:gcp-security-admins@fast-onboarding-0.joonix.net", + "principal": "group:gcp-security-admins@fast.example.com", "group_id": "SECURITY_ADMINS", "role": [ "roles/bigquery.dataViewer" diff --git a/tests/fast/stages/s0_bootstrap/data/checklist-org-iam.json b/tests/fast/stages/s0_bootstrap/data/checklist-org-iam.json index e405563513..8e7ba89829 100644 --- a/tests/fast/stages/s0_bootstrap/data/checklist-org-iam.json +++ b/tests/fast/stages/s0_bootstrap/data/checklist-org-iam.json @@ -7,7 +7,7 @@ }, "iam_bindings": [ { - "principal": "group:gcp-organization-admins@fast-onboarding-0.joonix.net", + "principal": "group:gcp-organization-admins@fast.example.com", "group_id": "ORG_ADMINS", "role": [ "roles/storage.objectAdmin", @@ -21,11 +21,11 @@ ], "resource": { "type": "ORGANIZATION", - "id": "656131167402" + "id": "123456789012" } }, { - "principal": "group:gcp-billing-admins@fast-onboarding-0.joonix.net", + "principal": "group:gcp-billing-admins@fast.example.com", "group_id": "BILLING_ADMINS", "role": [ "roles/billing.admin", @@ -34,11 +34,11 @@ ], "resource": { "type": "ORGANIZATION", - "id": "656131167402" + "id": "123456789012" } }, { - "principal": "group:gcp-network-admins@fast-onboarding-0.joonix.net", + "principal": "group:gcp-network-admins@fast.example.com", "group_id": "NETWORK_ADMINS", "role": [ "roles/compute.networkAdmin", @@ -48,33 +48,33 @@ ], "resource": { "type": "ORGANIZATION", - "id": "656131167402" + "id": "123456789012" } }, { - "principal": "group:gcp-logging-admins@fast-onboarding-0.joonix.net", + "principal": "group:gcp-logging-admins@fast.example.com", "group_id": "LOGGING_ADMINS", "role": [ "roles/logging.admin" ], "resource": { "type": "ORGANIZATION", - "id": "656131167402" + "id": "123456789012" } }, { - "principal": "group:gcp-monitoring-admins@fast-onboarding-0.joonix.net", + "principal": "group:gcp-monitoring-admins@fast.example.com", "group_id": "MONITORING_ADMINS", "role": [ "roles/monitoring.admin" ], "resource": { "type": "ORGANIZATION", - "id": "656131167402" + "id": "123456789012" } }, { - "principal": "group:gcp-security-admins@fast-onboarding-0.joonix.net", + "principal": "group:gcp-security-admins@fast.example.com", "group_id": "SECURITY_ADMINS", "role": [ "roles/orgpolicy.policyAdmin", @@ -89,18 +89,18 @@ ], "resource": { "type": "ORGANIZATION", - "id": "656131167402" + "id": "123456789012" } }, { - "principal": "group:gcp-devops@fast-onboarding-0.joonix.net", + "principal": "group:gcp-devops@fast.example.com", "group_id": "DEVOPS", "role": [ "roles/resourcemanager.folderViewer" ], "resource": { "type": "ORGANIZATION", - "id": "656131167402" + "id": "123456789012" } } ] diff --git a/tests/fast/stages/s1_resman/checklist.yaml b/tests/fast/stages/s1_resman/checklist.yaml index efb36ef29b..7deb24f439 100644 --- a/tests/fast/stages/s1_resman/checklist.yaml +++ b/tests/fast/stages/s1_resman/checklist.yaml @@ -71,12 +71,12 @@ values: ? module.checklist-folder-3["Department 1/Team 1/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 1/Team 1/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 1/Team 1/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -84,12 +84,12 @@ values: ? module.checklist-folder-3["Department 1/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 1/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 1/Team 1/Production"].google_folder.folder[0]: display_name: Production @@ -100,12 +100,12 @@ values: ? module.checklist-folder-3["Department 1/Team 2/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 1/Team 2/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 1/Team 2/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -113,12 +113,12 @@ values: ? module.checklist-folder-3["Department 1/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 1/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 1/Team 2/Production"].google_folder.folder[0]: display_name: Production @@ -129,12 +129,12 @@ values: ? module.checklist-folder-3["Department 1/Team 3/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 1/Team 3/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 1/Team 3/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -142,12 +142,12 @@ values: ? module.checklist-folder-3["Department 1/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 1/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 1/Team 3/Production"].google_folder.folder[0]: display_name: Production @@ -158,12 +158,12 @@ values: ? module.checklist-folder-3["Department 1/Team 4/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 1/Team 4/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 1/Team 4/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -171,12 +171,12 @@ values: ? module.checklist-folder-3["Department 1/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 1/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 1/Team 4/Production"].google_folder.folder[0]: display_name: Production @@ -187,12 +187,12 @@ values: ? module.checklist-folder-3["Department 2/Team 1/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 2/Team 1/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 2/Team 1/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -200,12 +200,12 @@ values: ? module.checklist-folder-3["Department 2/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 2/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 2/Team 1/Production"].google_folder.folder[0]: display_name: Production @@ -216,12 +216,12 @@ values: ? module.checklist-folder-3["Department 2/Team 2/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 2/Team 2/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 2/Team 2/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -229,12 +229,12 @@ values: ? module.checklist-folder-3["Department 2/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 2/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 2/Team 2/Production"].google_folder.folder[0]: display_name: Production @@ -245,12 +245,12 @@ values: ? module.checklist-folder-3["Department 2/Team 3/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 2/Team 3/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 2/Team 3/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -258,12 +258,12 @@ values: ? module.checklist-folder-3["Department 2/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 2/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 2/Team 3/Production"].google_folder.folder[0]: display_name: Production @@ -274,12 +274,12 @@ values: ? module.checklist-folder-3["Department 2/Team 4/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 2/Team 4/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 2/Team 4/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -287,12 +287,12 @@ values: ? module.checklist-folder-3["Department 2/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 2/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 2/Team 4/Production"].google_folder.folder[0]: display_name: Production @@ -303,12 +303,12 @@ values: ? module.checklist-folder-3["Department 3/Team 1/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 3/Team 1/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 3/Team 1/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -316,12 +316,12 @@ values: ? module.checklist-folder-3["Department 3/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 3/Team 1/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 3/Team 1/Production"].google_folder.folder[0]: display_name: Production @@ -332,12 +332,12 @@ values: ? module.checklist-folder-3["Department 3/Team 2/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 3/Team 2/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 3/Team 2/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -345,12 +345,12 @@ values: ? module.checklist-folder-3["Department 3/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 3/Team 2/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 3/Team 2/Production"].google_folder.folder[0]: display_name: Production @@ -361,12 +361,12 @@ values: ? module.checklist-folder-3["Department 3/Team 3/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 3/Team 3/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 3/Team 3/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -374,12 +374,12 @@ values: ? module.checklist-folder-3["Department 3/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 3/Team 3/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 3/Team 3/Production"].google_folder.folder[0]: display_name: Production @@ -390,12 +390,12 @@ values: ? module.checklist-folder-3["Department 3/Team 4/Development"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 3/Team 4/Development"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 3/Team 4/Non-Production"].google_folder.folder[0]: display_name: Non-Production @@ -403,12 +403,12 @@ values: ? module.checklist-folder-3["Department 3/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/compute.instanceAdmin.v1"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/compute.instanceAdmin.v1 ? module.checklist-folder-3["Department 3/Team 4/Non-Production"].google_folder_iam_binding.authoritative["roles/container.admin"] : condition: [] members: - - group:gcp-developers@fast-onboarding-0.joonix.net + - group:gcp-developers@fast.example.com role: roles/container.admin module.checklist-folder-3["Department 3/Team 4/Production"].google_folder.folder[0]: display_name: Production From 906d96925938e1224e37a952c5c408305c590938 Mon Sep 17 00:00:00 2001 From: Ludo Date: Tue, 23 Jan 2024 12:15:33 +0100 Subject: [PATCH 2/3] remove data files --- .../0-bootstrap/data/checklist-data.json | 746 ------------------ .../0-bootstrap/data/checklist-org-iam.json | 108 --- 2 files changed, 854 deletions(-) delete mode 100644 fast/stages/0-bootstrap/data/checklist-data.json delete mode 100644 fast/stages/0-bootstrap/data/checklist-org-iam.json diff --git a/fast/stages/0-bootstrap/data/checklist-data.json b/fast/stages/0-bootstrap/data/checklist-data.json deleted file mode 100644 index 9f45ea784d..0000000000 --- a/fast/stages/0-bootstrap/data/checklist-data.json +++ /dev/null @@ -1,746 +0,0 @@ -{ - "cloud_setup_config": { - "version": "0.1.0", - "organization": { - "id": "656131167402", - "name": "fast-onboarding-0.joonix.net" - }, - "billing_account": {}, - "resource_hierarchy": { - "template": "DIV_TEAM_ENV", - "environments": [ - { - "name": "Production", - "recommendation": "ENV_REC_PROD" - }, - { - "name": "Non-Production", - "recommendation": "ENV_REC_NONPROD" - }, - { - "name": "Development", - "recommendation": "ENV_REC_DEV" - } - ], - "business_units": [ - { - "name": "Department 1", - "teams": [ - { - "name": "Team 1" - }, - { - "name": "Team 2" - }, - { - "name": "Team 3" - }, - { - "name": "Team 4" - } - ] - }, - { - "name": "Department 2", - "teams": [ - { - "name": "Team 1" - }, - { - "name": "Team 2" - }, - { - "name": "Team 3" - }, - { - "name": "Team 4" - } - ] - }, - { - "name": "Department 3", - "teams": [ - { - "name": "Team 1" - }, - { - "name": "Team 2" - }, - { - "name": "Team 3" - }, - { - "name": "Team 4" - } - ] - } - ], - "top_level_teams": [ - { - "name": "Team 1" - }, - { - "name": "Team 2" - }, - { - "name": "Team 3" - } - ] - }, - "folders": [ - { - "reference_id": "Common", - "parent": "ROOT", - "display_name": "Common" - }, - { - "reference_id": "Department 1", - "parent": "ROOT", - "display_name": "Department 1" - }, - { - "reference_id": "Department 1/Team 1", - "parent": "Department 1", - "display_name": "Team 1" - }, - { - "reference_id": "Department 1/Team 1/Production", - "parent": "Department 1/Team 1", - "display_name": "Production" - }, - { - "reference_id": "Department 1/Team 1/Non-Production", - "parent": "Department 1/Team 1", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 1/Team 1/Development", - "parent": "Department 1/Team 1", - "display_name": "Development" - }, - { - "reference_id": "Department 1/Team 2", - "parent": "Department 1", - "display_name": "Team 2" - }, - { - "reference_id": "Department 1/Team 2/Production", - "parent": "Department 1/Team 2", - "display_name": "Production" - }, - { - "reference_id": "Department 1/Team 2/Non-Production", - "parent": "Department 1/Team 2", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 1/Team 2/Development", - "parent": "Department 1/Team 2", - "display_name": "Development" - }, - { - "reference_id": "Department 1/Team 3", - "parent": "Department 1", - "display_name": "Team 3" - }, - { - "reference_id": "Department 1/Team 3/Production", - "parent": "Department 1/Team 3", - "display_name": "Production" - }, - { - "reference_id": "Department 1/Team 3/Non-Production", - "parent": "Department 1/Team 3", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 1/Team 3/Development", - "parent": "Department 1/Team 3", - "display_name": "Development" - }, - { - "reference_id": "Department 1/Team 4", - "parent": "Department 1", - "display_name": "Team 4" - }, - { - "reference_id": "Department 1/Team 4/Production", - "parent": "Department 1/Team 4", - "display_name": "Production" - }, - { - "reference_id": "Department 1/Team 4/Non-Production", - "parent": "Department 1/Team 4", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 1/Team 4/Development", - "parent": "Department 1/Team 4", - "display_name": "Development" - }, - { - "reference_id": "Department 2", - "parent": "ROOT", - "display_name": "Department 2" - }, - { - "reference_id": "Department 2/Team 1", - "parent": "Department 2", - "display_name": "Team 1" - }, - { - "reference_id": "Department 2/Team 1/Production", - "parent": "Department 2/Team 1", - "display_name": "Production" - }, - { - "reference_id": "Department 2/Team 1/Non-Production", - "parent": "Department 2/Team 1", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 2/Team 1/Development", - "parent": "Department 2/Team 1", - "display_name": "Development" - }, - { - "reference_id": "Department 2/Team 2", - "parent": "Department 2", - "display_name": "Team 2" - }, - { - "reference_id": "Department 2/Team 2/Production", - "parent": "Department 2/Team 2", - "display_name": "Production" - }, - { - "reference_id": "Department 2/Team 2/Non-Production", - "parent": "Department 2/Team 2", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 2/Team 2/Development", - "parent": "Department 2/Team 2", - "display_name": "Development" - }, - { - "reference_id": "Department 2/Team 3", - "parent": "Department 2", - "display_name": "Team 3" - }, - { - "reference_id": "Department 2/Team 3/Production", - "parent": "Department 2/Team 3", - "display_name": "Production" - }, - { - "reference_id": "Department 2/Team 3/Non-Production", - "parent": "Department 2/Team 3", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 2/Team 3/Development", - "parent": "Department 2/Team 3", - "display_name": "Development" - }, - { - "reference_id": "Department 2/Team 4", - "parent": "Department 2", - "display_name": "Team 4" - }, - { - "reference_id": "Department 2/Team 4/Production", - "parent": "Department 2/Team 4", - "display_name": "Production" - }, - { - "reference_id": "Department 2/Team 4/Non-Production", - "parent": "Department 2/Team 4", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 2/Team 4/Development", - "parent": "Department 2/Team 4", - "display_name": "Development" - }, - { - "reference_id": "Department 3", - "parent": "ROOT", - "display_name": "Department 3" - }, - { - "reference_id": "Department 3/Team 1", - "parent": "Department 3", - "display_name": "Team 1" - }, - { - "reference_id": "Department 3/Team 1/Production", - "parent": "Department 3/Team 1", - "display_name": "Production" - }, - { - "reference_id": "Department 3/Team 1/Non-Production", - "parent": "Department 3/Team 1", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 3/Team 1/Development", - "parent": "Department 3/Team 1", - "display_name": "Development" - }, - { - "reference_id": "Department 3/Team 2", - "parent": "Department 3", - "display_name": "Team 2" - }, - { - "reference_id": "Department 3/Team 2/Production", - "parent": "Department 3/Team 2", - "display_name": "Production" - }, - { - "reference_id": "Department 3/Team 2/Non-Production", - "parent": "Department 3/Team 2", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 3/Team 2/Development", - "parent": "Department 3/Team 2", - "display_name": "Development" - }, - { - "reference_id": "Department 3/Team 3", - "parent": "Department 3", - "display_name": "Team 3" - }, - { - "reference_id": "Department 3/Team 3/Production", - "parent": "Department 3/Team 3", - "display_name": "Production" - }, - { - "reference_id": "Department 3/Team 3/Non-Production", - "parent": "Department 3/Team 3", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 3/Team 3/Development", - "parent": "Department 3/Team 3", - "display_name": "Development" - }, - { - "reference_id": "Department 3/Team 4", - "parent": "Department 3", - "display_name": "Team 4" - }, - { - "reference_id": "Department 3/Team 4/Production", - "parent": "Department 3/Team 4", - "display_name": "Production" - }, - { - "reference_id": "Department 3/Team 4/Non-Production", - "parent": "Department 3/Team 4", - "display_name": "Non-Production" - }, - { - "reference_id": "Department 3/Team 4/Development", - "parent": "Department 3/Team 4", - "display_name": "Development" - } - ], - "projects": [ - { - "id": "vpc-host-prod-us602-dp794", - "name": "vpc-host-prod", - "parent": "Common", - "recommendation": "PROJ_REC_VPC_HOST_PROD" - }, - { - "id": "vpc-host-nonprod-us602-dp794", - "name": "vpc-host-nonprod", - "parent": "Common", - "recommendation": "PROJ_REC_VPC_HOST_NONPROD" - }, - { - "id": "logging-us602-dp794", - "name": "logging", - "parent": "Common", - "recommendation": "PROJ_REC_LOGGING" - }, - { - "id": "monitoring-prod-us602-dp794", - "name": "monitoring-prod", - "parent": "Common", - "recommendation": "PROJ_REC_MONITORING_PROD" - }, - { - "id": "monitoring-nonprod-us602-dp794", - "name": "monitoring-nonprod", - "parent": "Common", - "recommendation": "PROJ_REC_MONITORING_NONPROD" - }, - { - "id": "monitoring-dev-us602-dp794", - "name": "monitoring-dev", - "parent": "Common", - "recommendation": "PROJ_REC_MONITORING_DEV" - } - ], - "logging": { - "sinks": [ - { - "destination": { - "project_id": "logging-us602-dp794", - "name": "fast-onboarding-0.joonix-logging", - "location": "global", - "retention_period_seconds": "2592000" - }, - "role": "SINK_LOG_BUCKET" - } - ] - }, - "access_control": [ - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 1/Team 1/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 1/Team 2/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 1/Team 3/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 1/Team 4/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 2/Team 1/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 2/Team 2/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 2/Team 3/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 2/Team 4/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 3/Team 1/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 3/Team 2/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 3/Team 3/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 3/Team 4/Non-Production" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 1/Team 1/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 1/Team 2/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 1/Team 3/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 1/Team 4/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 2/Team 1/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 2/Team 2/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 2/Team 3/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 2/Team 4/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 3/Team 1/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 3/Team 2/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 3/Team 3/Development" - } - }, - { - "principal": "group:gcp-developers@fast-onboarding-0.joonix.net", - "group_id": "DEVELOPERS", - "role": [ - "roles/compute.instanceAdmin.v1", - "roles/container.admin" - ], - "resource": { - "type": "FOLDER", - "id": "Department 3/Team 4/Development" - } - }, - { - "principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net", - "group_id": "LOGGING_VIEWERS", - "role": [ - "roles/logging.viewer", - "roles/logging.privateLogViewer", - "roles/bigquery.dataViewer", - "roles/owner" - ], - "resource": { - "type": "ORGANIZATION", - "id": "656131167402" - } - }, - { - "principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net", - "group_id": "LOGGING_VIEWERS", - "role": [ - "roles/logging.viewer", - "roles/logging.privateLogViewer", - "roles/bigquery.dataViewer", - "roles/owner" - ], - "resource": { - "type": "PROJECT", - "id": "vpc-host-prod-us602-dp794" - } - }, - { - "principal": "group:gcp-logging-viewers@fast-onboarding-0.joonix.net", - "group_id": "LOGGING_VIEWERS", - "role": [ - "roles/logging.viewer", - "roles/logging.privateLogViewer", - "roles/bigquery.dataViewer" - ], - "resource": { - "type": "PROJECT", - "id": "logging-us602-dp794" - } - }, - { - "principal": "group:gcp-security-admins@fast-onboarding-0.joonix.net", - "group_id": "SECURITY_ADMINS", - "role": [ - "roles/bigquery.dataViewer" - ], - "resource": { - "type": "PROJECT", - "id": "logging-us602-dp794" - } - } - ] - } -} \ No newline at end of file diff --git a/fast/stages/0-bootstrap/data/checklist-org-iam.json b/fast/stages/0-bootstrap/data/checklist-org-iam.json deleted file mode 100644 index 46209a171d..0000000000 --- a/fast/stages/0-bootstrap/data/checklist-org-iam.json +++ /dev/null @@ -1,108 +0,0 @@ -{ - "cloud_setup_org_iam": { - "version": "0.1.0", - "organization": { - "id": "656131167402", - "name": "fast-onboarding-0.joonix.net" - }, - "iam_bindings": [ - { - "principal": "group:gcp-organization-admins@fast-onboarding-0.joonix.net", - "group_id": "ORG_ADMINS", - "role": [ - "roles/storage.objectAdmin", - "roles/resourcemanager.folderAdmin", - "roles/resourcemanager.projectCreator", - "roles/billing.user", - "roles/iam.organizationRoleAdmin", - "roles/orgpolicy.policyAdmin", - "roles/securitycenter.admin", - "roles/cloudsupport.admin" - ], - "resource": { - "type": "ORGANIZATION", - "id": "656131167402" - } - }, - { - "principal": "group:gcp-billing-admins@fast-onboarding-0.joonix.net", - "group_id": "BILLING_ADMINS", - "role": [ - "roles/billing.admin", - "roles/billing.creator", - "roles/resourcemanager.organizationViewer" - ], - "resource": { - "type": "ORGANIZATION", - "id": "656131167402" - } - }, - { - "principal": "group:gcp-network-admins@fast-onboarding-0.joonix.net", - "group_id": "NETWORK_ADMINS", - "role": [ - "roles/compute.networkAdmin", - "roles/compute.xpnAdmin", - "roles/compute.securityAdmin", - "roles/resourcemanager.folderViewer" - ], - "resource": { - "type": "ORGANIZATION", - "id": "656131167402" - } - }, - { - "principal": "group:gcp-logging-admins@fast-onboarding-0.joonix.net", - "group_id": "LOGGING_ADMINS", - "role": [ - "roles/logging.admin" - ], - "resource": { - "type": "ORGANIZATION", - "id": "656131167402" - } - }, - { - "principal": "group:gcp-monitoring-admins@fast-onboarding-0.joonix.net", - "group_id": "MONITORING_ADMINS", - "role": [ - "roles/monitoring.admin" - ], - "resource": { - "type": "ORGANIZATION", - "id": "656131167402" - } - }, - { - "principal": "group:gcp-security-admins@fast-onboarding-0.joonix.net", - "group_id": "SECURITY_ADMINS", - "role": [ - "roles/orgpolicy.policyAdmin", - "roles/iam.securityReviewer", - "roles/iam.organizationRoleViewer", - "roles/securitycenter.admin", - "roles/resourcemanager.folderIamAdmin", - "roles/logging.privateLogViewer", - "roles/logging.configWriter", - "roles/container.viewer", - "roles/compute.viewer" - ], - "resource": { - "type": "ORGANIZATION", - "id": "656131167402" - } - }, - { - "principal": "group:gcp-devops@fast-onboarding-0.joonix.net", - "group_id": "DEVOPS", - "role": [ - "roles/resourcemanager.folderViewer" - ], - "resource": { - "type": "ORGANIZATION", - "id": "656131167402" - } - } - ] - } -} \ No newline at end of file From 5abd8913c3abd2ae676e0b3f33ccc59566b25a09 Mon Sep 17 00:00:00 2001 From: Ludo Date: Tue, 23 Jan 2024 12:16:58 +0100 Subject: [PATCH 3/3] tfdoc --- fast/stages/0-bootstrap/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fast/stages/0-bootstrap/README.md b/fast/stages/0-bootstrap/README.md index bd2dbc166f..5f021bcae1 100644 --- a/fast/stages/0-bootstrap/README.md +++ b/fast/stages/0-bootstrap/README.md @@ -578,7 +578,7 @@ The `fast_features` variable consists of 4 toggles: |---|---|---|---| | [automation.tf](./automation.tf) | Automation project and resources. | gcs · iam-service-account · project | | | [billing.tf](./billing.tf) | Billing export project and dataset. | bigquery-dataset · project | google_billing_account_iam_member | -| [checklist.tf](./checklist.tf) | None | | | +| [checklist.tf](./checklist.tf) | None | gcs | google_storage_bucket_object | | [cicd.tf](./cicd.tf) | Workload Identity Federation configurations for CI/CD. | iam-service-account · source-repository | | | [identity-providers.tf](./identity-providers.tf) | Workload Identity Federation provider definitions. | | google_iam_workload_identity_pool · google_iam_workload_identity_pool_provider | | [log-export.tf](./log-export.tf) | Audit log project and sink. | bigquery-dataset · gcs · logging-bucket · project · pubsub | |