This example demonstrates how to use the repository-function submodule and the event-project-log-entry submodule to configure a system which responds to Compute VM creation events by labelling them with the principal email address of the account responsible for causing the events.
To provision this example, populate terraform.tfvars
with the required variables and run the following commands within
this directory:
terraform init
to initialize the directoryterraform plan
to generate the execution planterraform apply
to apply the execution planterraform destroy
to destroy the infrastructure
Name | Description | Type | Default | Required |
---|---|---|---|---|
project_id | The ID of the project to which resources will be applied. | string |
n/a | yes |
region | The region in which resources will be applied. | string |
n/a | yes |
subnetwork | The name or self_link of the subnetwork to create compute instance in. | string |
"default" |
no |
zone | The zone in which resources will be applied. | string |
n/a | yes |
Name | Description |
---|---|
compute_instance_name | The name of the unlabelled Compute instance. |
project_id | The ID of the project to which resources are applied. |
zone | The zone in which resources are applied. |
The following sections describe the requirements which must be met in order to invoke this module. The repository-function submodule requirements and the event-project-log-entry submodule requirements must also be met.
The following software dependencies must be installed on the system from which this module will be invoked:
- Terraform v0.12
The Service Account which will be used to invoke this module must have the following IAM roles:
- Compute Instance Admin (v1):
roles/compute.instanceAdmin.v1
- Source Repository Admin:
roles/source.admin
The project against which this module will be invoked must have the following APIs enabled:
- Cloud Source Repositories API:
sourcerepo.googleapis.com
- Compute Engine API:
compute.googleapis.com