From fcbafa6a8cced7a8bdf102ff8c6d40e0e864ef2e Mon Sep 17 00:00:00 2001 From: The Magician Date: Thu, 14 Sep 2023 16:57:07 -0400 Subject: [PATCH] Merge pull request #8945 from GoogleCloudPlatform/main_sync (#530) Signed-off-by: Modular Magician --- biglake_table/backing_file.tf | 15 +++ biglake_table/main.tf | 61 +++++++++ biglake_table/motd | 7 + biglake_table/tutorial.md | 79 +++++++++++ cloudrunv2_job_secret/main.tf | 2 +- cloudrunv2_job_sql/main.tf | 2 +- cloudrunv2_service_secret/main.tf | 2 +- cloudrunv2_service_sql/main.tf | 2 +- container_attached_cluster_full/main.tf | 3 + data_pipeline_pipeline/backing_file.tf | 15 +++ data_pipeline_pipeline/main.tf | 48 +++++++ data_pipeline_pipeline/motd | 7 + data_pipeline_pipeline/tutorial.md | 79 +++++++++++ dataform_repository/main.tf | 2 +- dataform_repository_release_config/main.tf | 2 +- dataform_repository_workflow_config/main.tf | 2 +- dialogflowcx_test_case_full/backing_file.tf | 15 +++ dialogflowcx_test_case_full/main.tf | 125 ++++++++++++++++++ dialogflowcx_test_case_full/motd | 7 + dialogflowcx_test_case_full/tutorial.md | 79 +++++++++++ .../main.tf | 2 +- .../main.tf | 2 +- .../main.tf | 2 +- scheduler_job_http/main.tf | 3 + scheduler_job_paused/main.tf | 3 + secret_version_basic/main.tf | 2 +- .../backing_file.tf | 15 +++ .../main.tf | 18 +++ secret_version_deletion_policy_abandon/motd | 7 + .../tutorial.md | 79 +++++++++++ .../backing_file.tf | 15 +++ .../main.tf | 18 +++ secret_version_deletion_policy_disable/motd | 7 + .../tutorial.md | 79 +++++++++++ secret_with_annotations/main.tf | 2 +- secret_with_automatic_cmek/backing_file.tf | 15 +++ secret_with_automatic_cmek/main.tf | 21 +++ secret_with_automatic_cmek/motd | 7 + secret_with_automatic_cmek/tutorial.md | 79 +++++++++++ .../backing_file.tf | 15 +++ storage_insights_report_config/main.tf | 48 +++++++ storage_insights_report_config/motd | 7 + storage_insights_report_config/tutorial.md | 79 +++++++++++ .../backing_file.tf | 15 +++ .../main.tf | 10 ++ .../motd | 7 + .../tutorial.md | 79 +++++++++++ workstation_basic/main.tf | 4 + 48 files changed, 1182 insertions(+), 12 deletions(-) create mode 100644 biglake_table/backing_file.tf create mode 100644 biglake_table/main.tf create mode 100644 biglake_table/motd create mode 100644 biglake_table/tutorial.md create mode 100644 data_pipeline_pipeline/backing_file.tf create mode 100644 data_pipeline_pipeline/main.tf create mode 100644 data_pipeline_pipeline/motd create mode 100644 data_pipeline_pipeline/tutorial.md create mode 100644 dialogflowcx_test_case_full/backing_file.tf create mode 100644 dialogflowcx_test_case_full/main.tf create mode 100644 dialogflowcx_test_case_full/motd create mode 100644 dialogflowcx_test_case_full/tutorial.md create mode 100644 secret_version_deletion_policy_abandon/backing_file.tf create mode 100644 secret_version_deletion_policy_abandon/main.tf create mode 100644 secret_version_deletion_policy_abandon/motd create mode 100644 secret_version_deletion_policy_abandon/tutorial.md create mode 100644 secret_version_deletion_policy_disable/backing_file.tf create mode 100644 secret_version_deletion_policy_disable/main.tf create mode 100644 secret_version_deletion_policy_disable/motd create mode 100644 secret_version_deletion_policy_disable/tutorial.md create mode 100644 secret_with_automatic_cmek/backing_file.tf create mode 100644 secret_with_automatic_cmek/main.tf create mode 100644 secret_with_automatic_cmek/motd create mode 100644 secret_with_automatic_cmek/tutorial.md create mode 100644 storage_insights_report_config/backing_file.tf create mode 100644 storage_insights_report_config/main.tf create mode 100644 storage_insights_report_config/motd create mode 100644 storage_insights_report_config/tutorial.md create mode 100644 vertex_ai_index_endpoint_with_public_endpoint/backing_file.tf create mode 100644 vertex_ai_index_endpoint_with_public_endpoint/main.tf create mode 100644 vertex_ai_index_endpoint_with_public_endpoint/motd create mode 100644 vertex_ai_index_endpoint_with_public_endpoint/tutorial.md diff --git a/biglake_table/backing_file.tf b/biglake_table/backing_file.tf new file mode 100644 index 00000000..c60b1199 --- /dev/null +++ b/biglake_table/backing_file.tf @@ -0,0 +1,15 @@ +# This file has some scaffolding to make sure that names are unique and that +# a region and zone are selected when you try to create your Terraform resources. + +locals { + name_suffix = "${random_pet.suffix.id}" +} + +resource "random_pet" "suffix" { + length = 2 +} + +provider "google" { + region = "us-central1" + zone = "us-central1-c" +} diff --git a/biglake_table/main.tf b/biglake_table/main.tf new file mode 100644 index 00000000..b1eae166 --- /dev/null +++ b/biglake_table/main.tf @@ -0,0 +1,61 @@ +resource "google_biglake_catalog" "catalog" { + name = "my_catalog-${local.name_suffix}" + location = "US" +} + +resource "google_storage_bucket" "bucket" { + name = "my_bucket-${local.name_suffix}" + location = "US" + force_destroy = true + uniform_bucket_level_access = true +} + +resource "google_storage_bucket_object" "metadata_folder" { + name = "metadata/" + content = " " + bucket = google_storage_bucket.bucket.name +} + + +resource "google_storage_bucket_object" "data_folder" { + name = "data/" + content = " " + bucket = google_storage_bucket.bucket.name +} + +resource "google_biglake_database" "database" { + name = "my_database-${local.name_suffix}" + catalog = google_biglake_catalog.catalog.id + type = "HIVE" + hive_options { + location_uri = "gs://${google_storage_bucket.bucket.name}/${google_storage_bucket_object.metadata_folder.name}" + parameters = { + "owner" = "Alex" + } + } +} + +resource "google_biglake_table" "table" { + name = "my_table-${local.name_suffix}" + database = google_biglake_database.database.id + type = "HIVE" + hive_options { + table_type = "MANAGED_TABLE" + storage_descriptor { + location_uri = "gs://${google_storage_bucket.bucket.name}/${google_storage_bucket_object.data_folder.name}" + input_format = "org.apache.hadoop.mapred.SequenceFileInputFormat" + output_format = "org.apache.hadoop.hive.ql.io.HiveSequenceFileOutputFormat" + } + # Some Example Parameters. + parameters = { + "spark.sql.create.version" = "3.1.3" + "spark.sql.sources.schema.numParts" = "1" + "transient_lastDdlTime" = "1680894197" + "spark.sql.partitionProvider" = "catalog" + "owner" = "John Doe" + "spark.sql.sources.schema.part.0"= "{\"type\":\"struct\",\"fields\":[{\"name\":\"id\",\"type\":\"integer\",\"nullable\":true,\"metadata\":{}},{\"name\":\"name\",\"type\":\"string\",\"nullable\":true,\"metadata\":{}},{\"name\":\"age\",\"type\":\"integer\",\"nullable\":true,\"metadata\":{}}]}" + "spark.sql.sources.provider" = "iceberg" + "provider" = "iceberg" + } + } +} diff --git a/biglake_table/motd b/biglake_table/motd new file mode 100644 index 00000000..45a906e8 --- /dev/null +++ b/biglake_table/motd @@ -0,0 +1,7 @@ +=== + +These examples use real resources that will be billed to the +Google Cloud Platform project you use - so make sure that you +run "terraform destroy" before quitting! + +=== diff --git a/biglake_table/tutorial.md b/biglake_table/tutorial.md new file mode 100644 index 00000000..220b24c1 --- /dev/null +++ b/biglake_table/tutorial.md @@ -0,0 +1,79 @@ +# Biglake Table - Terraform + +## Setup + + + +Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform. + + + +Terraform provisions real GCP resources, so anything you create in this session will be billed against this project. + +## Terraforming! + +Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command +to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up +the project name from the environment variable. + +```bash +export GOOGLE_CLOUD_PROJECT={{project-id}} +``` + +After that, let's get Terraform started. Run the following to pull in the providers. + +```bash +terraform init +``` + +With the providers downloaded and a project set, you're ready to use Terraform. Go ahead! + +```bash +terraform apply +``` + +Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan. + +```bash +yes +``` + + +## Post-Apply + +### Editing your config + +Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed. + +```bash +terraform plan +``` + +So let's make a change! Try editing a number, or appending a value to the name in the editor. Then, +run a 'plan' again. + +```bash +terraform plan +``` + +Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes +at the 'yes' prompt. + +```bash +terraform apply +``` + +```bash +yes +``` + +## Cleanup + +Run the following to remove the resources Terraform provisioned: + +```bash +terraform destroy +``` +```bash +yes +``` diff --git a/cloudrunv2_job_secret/main.tf b/cloudrunv2_job_secret/main.tf index a9ed55bc..74615d2a 100644 --- a/cloudrunv2_job_secret/main.tf +++ b/cloudrunv2_job_secret/main.tf @@ -44,7 +44,7 @@ data "google_project" "project" { resource "google_secret_manager_secret" "secret" { secret_id = "secret-${local.name_suffix}" replication { - automatic = true + auto {} } } diff --git a/cloudrunv2_job_sql/main.tf b/cloudrunv2_job_sql/main.tf index 2070ccf1..fcc88918 100644 --- a/cloudrunv2_job_sql/main.tf +++ b/cloudrunv2_job_sql/main.tf @@ -48,7 +48,7 @@ data "google_project" "project" { resource "google_secret_manager_secret" "secret" { secret_id = "secret-${local.name_suffix}" replication { - automatic = true + auto {} } } diff --git a/cloudrunv2_service_secret/main.tf b/cloudrunv2_service_secret/main.tf index 995bb877..3c391ea1 100644 --- a/cloudrunv2_service_secret/main.tf +++ b/cloudrunv2_service_secret/main.tf @@ -32,7 +32,7 @@ data "google_project" "project" { resource "google_secret_manager_secret" "secret" { secret_id = "secret-1-${local.name_suffix}" replication { - automatic = true + auto {} } } diff --git a/cloudrunv2_service_sql/main.tf b/cloudrunv2_service_sql/main.tf index 2673e21f..7f7b50d0 100644 --- a/cloudrunv2_service_sql/main.tf +++ b/cloudrunv2_service_sql/main.tf @@ -51,7 +51,7 @@ data "google_project" "project" { resource "google_secret_manager_secret" "secret" { secret_id = "secret-1-${local.name_suffix}" replication { - automatic = true + auto {} } } diff --git a/container_attached_cluster_full/main.tf b/container_attached_cluster_full/main.tf index 472f213a..e0a2c3d4 100644 --- a/container_attached_cluster_full/main.tf +++ b/container_attached_cluster_full/main.tf @@ -36,4 +36,7 @@ resource "google_container_attached_cluster" "primary" { enabled = true } } + binary_authorization { + evaluation_mode = "PROJECT_SINGLETON_POLICY_ENFORCE" + } } diff --git a/data_pipeline_pipeline/backing_file.tf b/data_pipeline_pipeline/backing_file.tf new file mode 100644 index 00000000..c60b1199 --- /dev/null +++ b/data_pipeline_pipeline/backing_file.tf @@ -0,0 +1,15 @@ +# This file has some scaffolding to make sure that names are unique and that +# a region and zone are selected when you try to create your Terraform resources. + +locals { + name_suffix = "${random_pet.suffix.id}" +} + +resource "random_pet" "suffix" { + length = 2 +} + +provider "google" { + region = "us-central1" + zone = "us-central1-c" +} diff --git a/data_pipeline_pipeline/main.tf b/data_pipeline_pipeline/main.tf new file mode 100644 index 00000000..ff49f69a --- /dev/null +++ b/data_pipeline_pipeline/main.tf @@ -0,0 +1,48 @@ +resource "google_service_account" "service_account" { + account_id = "my-account-${local.name_suffix}" + display_name = "Service Account" +} + +resource "google_data_pipeline_pipeline" "primary" { + name = "my-pipeline-${local.name_suffix}" + display_name = "my-pipeline" + type = "PIPELINE_TYPE_BATCH" + state = "STATE_ACTIVE" + region = "us-central1" + + workload { + dataflow_launch_template_request { + project_id = "my-project" + gcs_path = "gs://my-bucket/path" + launch_parameters { + job_name = "my-job" + parameters = { + "name" : "wrench" + } + environment { + num_workers = 5 + max_workers = 5 + zone = "us-centra1-a" + service_account_email = google_service_account.service_account.email + network = "default" + temp_location = "gs://my-bucket/tmp_dir" + bypass_temp_dir_validation = false + machine_type = "E2" + additional_user_labels = { + "context" : "test" + } + worker_region = "us-central1" + worker_zone = "us-central1-a" + + enable_streaming_engine = "false" + } + update = false + transform_name_mapping = { "name" : "wrench" } + } + location = "us-central1" + } + } + schedule_info { + schedule = "* */2 * * *" + } +} diff --git a/data_pipeline_pipeline/motd b/data_pipeline_pipeline/motd new file mode 100644 index 00000000..45a906e8 --- /dev/null +++ b/data_pipeline_pipeline/motd @@ -0,0 +1,7 @@ +=== + +These examples use real resources that will be billed to the +Google Cloud Platform project you use - so make sure that you +run "terraform destroy" before quitting! + +=== diff --git a/data_pipeline_pipeline/tutorial.md b/data_pipeline_pipeline/tutorial.md new file mode 100644 index 00000000..aa1e9746 --- /dev/null +++ b/data_pipeline_pipeline/tutorial.md @@ -0,0 +1,79 @@ +# Data Pipeline Pipeline - Terraform + +## Setup + + + +Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform. + + + +Terraform provisions real GCP resources, so anything you create in this session will be billed against this project. + +## Terraforming! + +Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command +to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up +the project name from the environment variable. + +```bash +export GOOGLE_CLOUD_PROJECT={{project-id}} +``` + +After that, let's get Terraform started. Run the following to pull in the providers. + +```bash +terraform init +``` + +With the providers downloaded and a project set, you're ready to use Terraform. Go ahead! + +```bash +terraform apply +``` + +Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan. + +```bash +yes +``` + + +## Post-Apply + +### Editing your config + +Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed. + +```bash +terraform plan +``` + +So let's make a change! Try editing a number, or appending a value to the name in the editor. Then, +run a 'plan' again. + +```bash +terraform plan +``` + +Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes +at the 'yes' prompt. + +```bash +terraform apply +``` + +```bash +yes +``` + +## Cleanup + +Run the following to remove the resources Terraform provisioned: + +```bash +terraform destroy +``` +```bash +yes +``` diff --git a/dataform_repository/main.tf b/dataform_repository/main.tf index 3622c821..4c398fec 100644 --- a/dataform_repository/main.tf +++ b/dataform_repository/main.tf @@ -8,7 +8,7 @@ resource "google_secret_manager_secret" "secret" { secret_id = "secret" replication { - automatic = true + auto {} } } diff --git a/dataform_repository_release_config/main.tf b/dataform_repository_release_config/main.tf index d08b8c43..e04e154a 100644 --- a/dataform_repository_release_config/main.tf +++ b/dataform_repository_release_config/main.tf @@ -8,7 +8,7 @@ resource "google_secret_manager_secret" "secret" { secret_id = "my_secret-${local.name_suffix}" replication { - automatic = true + auto {} } } diff --git a/dataform_repository_workflow_config/main.tf b/dataform_repository_workflow_config/main.tf index ec56eb70..8ee6ea6d 100644 --- a/dataform_repository_workflow_config/main.tf +++ b/dataform_repository_workflow_config/main.tf @@ -8,7 +8,7 @@ resource "google_secret_manager_secret" "secret" { secret_id = "my_secret-${local.name_suffix}" replication { - automatic = true + auto {} } } diff --git a/dialogflowcx_test_case_full/backing_file.tf b/dialogflowcx_test_case_full/backing_file.tf new file mode 100644 index 00000000..c60b1199 --- /dev/null +++ b/dialogflowcx_test_case_full/backing_file.tf @@ -0,0 +1,15 @@ +# This file has some scaffolding to make sure that names are unique and that +# a region and zone are selected when you try to create your Terraform resources. + +locals { + name_suffix = "${random_pet.suffix.id}" +} + +resource "random_pet" "suffix" { + length = 2 +} + +provider "google" { + region = "us-central1" + zone = "us-central1-c" +} diff --git a/dialogflowcx_test_case_full/main.tf b/dialogflowcx_test_case_full/main.tf new file mode 100644 index 00000000..a434303d --- /dev/null +++ b/dialogflowcx_test_case_full/main.tf @@ -0,0 +1,125 @@ +resource "google_dialogflow_cx_agent" "agent" { + display_name = "dialogflowcx-agent-${local.name_suffix}" + location = "global" + default_language_code = "en" + supported_language_codes = ["fr", "de", "es"] + time_zone = "America/New_York" + description = "Example description." + avatar_uri = "https://storage.cloud.google.com/dialogflow-test-host-image/cloud-logo.png" + enable_stackdriver_logging = true + enable_spell_correction = true + speech_to_text_settings { + enable_speech_adaptation = true + } +} + +resource "google_dialogflow_cx_page" "page" { + parent = google_dialogflow_cx_agent.agent.start_flow + display_name = "MyPage" + + transition_routes { + intent = google_dialogflow_cx_intent.intent.id + trigger_fulfillment { + messages { + text { + text = ["Training phrase response"] + } + } + } + } + + event_handlers { + event = "some-event" + trigger_fulfillment { + messages { + text { + text = ["Handling some event"] + } + } + } + } +} + +resource "google_dialogflow_cx_intent" "intent" { + parent = google_dialogflow_cx_agent.agent.id + display_name = "MyIntent" + priority = 1 + training_phrases { + parts { + text = "training phrase" + } + repeat_count = 1 + } +} + +resource "google_dialogflow_cx_test_case" "basic_test_case" { + parent = google_dialogflow_cx_agent.agent.id + display_name = "MyTestCase" + tags = ["#tag1"] + notes = "demonstrates a simple training phrase response" + + test_config { + tracking_parameters = ["some_param"] + page = google_dialogflow_cx_page.page.id + } + + test_case_conversation_turns { + user_input { + input { + language_code = "en" + text { + text = "training phrase" + } + } + injected_parameters = jsonencode({ some_param = "1" }) + is_webhook_enabled = true + enable_sentiment_analysis = true + } + virtual_agent_output { + session_parameters = jsonencode({ some_param = "1" }) + triggered_intent { + name = google_dialogflow_cx_intent.intent.id + } + current_page { + name = google_dialogflow_cx_page.page.id + } + text_responses { + text = ["Training phrase response"] + } + } + } + + test_case_conversation_turns { + user_input { + input { + event { + event = "some-event" + } + } + } + virtual_agent_output { + current_page { + name = google_dialogflow_cx_page.page.id + } + text_responses { + text = ["Handling some event"] + } + } + } + + test_case_conversation_turns { + user_input { + input { + dtmf { + digits = "12" + finish_digit = "3" + } + } + } + virtual_agent_output { + text_responses { + text = ["I didn't get that. Can you say it again?"] + } + } + } +} diff --git a/dialogflowcx_test_case_full/motd b/dialogflowcx_test_case_full/motd new file mode 100644 index 00000000..45a906e8 --- /dev/null +++ b/dialogflowcx_test_case_full/motd @@ -0,0 +1,7 @@ +=== + +These examples use real resources that will be billed to the +Google Cloud Platform project you use - so make sure that you +run "terraform destroy" before quitting! + +=== diff --git a/dialogflowcx_test_case_full/tutorial.md b/dialogflowcx_test_case_full/tutorial.md new file mode 100644 index 00000000..cd696729 --- /dev/null +++ b/dialogflowcx_test_case_full/tutorial.md @@ -0,0 +1,79 @@ +# Dialogflowcx Test Case Full - Terraform + +## Setup + + + +Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform. + + + +Terraform provisions real GCP resources, so anything you create in this session will be billed against this project. + +## Terraforming! + +Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command +to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up +the project name from the environment variable. + +```bash +export GOOGLE_CLOUD_PROJECT={{project-id}} +``` + +After that, let's get Terraform started. Run the following to pull in the providers. + +```bash +terraform init +``` + +With the providers downloaded and a project set, you're ready to use Terraform. Go ahead! + +```bash +terraform apply +``` + +Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan. + +```bash +yes +``` + + +## Post-Apply + +### Editing your config + +Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed. + +```bash +terraform plan +``` + +So let's make a change! Try editing a number, or appending a value to the name in the editor. Then, +run a 'plan' again. + +```bash +terraform plan +``` + +Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes +at the 'yes' prompt. + +```bash +terraform apply +``` + +```bash +yes +``` + +## Cleanup + +Run the following to remove the resources Terraform provisioned: + +```bash +terraform destroy +``` +```bash +yes +``` diff --git a/network_services_edge_cache_keyset_dual_token/main.tf b/network_services_edge_cache_keyset_dual_token/main.tf index 0aa8a8a2..36153cae 100644 --- a/network_services_edge_cache_keyset_dual_token/main.tf +++ b/network_services_edge_cache_keyset_dual_token/main.tf @@ -2,7 +2,7 @@ resource "google_secret_manager_secret" "secret-basic" { secret_id = "secret-name-${local.name_suffix}" replication { - automatic = true + auto {} } } diff --git a/network_services_edge_cache_origin_v4auth/main.tf b/network_services_edge_cache_origin_v4auth/main.tf index de80feeb..77aefcdb 100644 --- a/network_services_edge_cache_origin_v4auth/main.tf +++ b/network_services_edge_cache_origin_v4auth/main.tf @@ -2,7 +2,7 @@ resource "google_secret_manager_secret" "secret-basic" { secret_id = "secret-name-${local.name_suffix}" replication { - automatic = true + auto {} } } diff --git a/network_services_edge_cache_service_dual_token/main.tf b/network_services_edge_cache_service_dual_token/main.tf index c3fbcac5..4da07a68 100644 --- a/network_services_edge_cache_service_dual_token/main.tf +++ b/network_services_edge_cache_service_dual_token/main.tf @@ -2,7 +2,7 @@ resource "google_secret_manager_secret" "secret-basic" { secret_id = "secret-name-${local.name_suffix}" replication { - automatic = true + auto {} } } diff --git a/scheduler_job_http/main.tf b/scheduler_job_http/main.tf index e09f1926..ec9ae4af 100644 --- a/scheduler_job_http/main.tf +++ b/scheduler_job_http/main.tf @@ -13,5 +13,8 @@ resource "google_cloud_scheduler_job" "job" { http_method = "POST" uri = "https://example.com/" body = base64encode("{\"foo\":\"bar\"}") + headers = { + "Content-Type" = "application/json" + } } } diff --git a/scheduler_job_paused/main.tf b/scheduler_job_paused/main.tf index 118514bf..6aea1cc7 100644 --- a/scheduler_job_paused/main.tf +++ b/scheduler_job_paused/main.tf @@ -14,5 +14,8 @@ resource "google_cloud_scheduler_job" "job" { http_method = "POST" uri = "https://example.com/ping" body = base64encode("{\"foo\":\"bar\"}") + headers = { + "Content-Type" = "application/json" + } } } diff --git a/secret_version_basic/main.tf b/secret_version_basic/main.tf index 9a39d93e..0cd90d52 100644 --- a/secret_version_basic/main.tf +++ b/secret_version_basic/main.tf @@ -6,7 +6,7 @@ resource "google_secret_manager_secret" "secret-basic" { } replication { - automatic = true + auto {} } } diff --git a/secret_version_deletion_policy_abandon/backing_file.tf b/secret_version_deletion_policy_abandon/backing_file.tf new file mode 100644 index 00000000..c60b1199 --- /dev/null +++ b/secret_version_deletion_policy_abandon/backing_file.tf @@ -0,0 +1,15 @@ +# This file has some scaffolding to make sure that names are unique and that +# a region and zone are selected when you try to create your Terraform resources. + +locals { + name_suffix = "${random_pet.suffix.id}" +} + +resource "random_pet" "suffix" { + length = 2 +} + +provider "google" { + region = "us-central1" + zone = "us-central1-c" +} diff --git a/secret_version_deletion_policy_abandon/main.tf b/secret_version_deletion_policy_abandon/main.tf new file mode 100644 index 00000000..4688b3e2 --- /dev/null +++ b/secret_version_deletion_policy_abandon/main.tf @@ -0,0 +1,18 @@ +resource "google_secret_manager_secret" "secret-basic" { + secret_id = "secret-version-${local.name_suffix}" + + replication { + user_managed { + replicas { + location = "us-central1" + } + } + } +} + +resource "google_secret_manager_secret_version" "secret-version-deletion-policy" { + secret = google_secret_manager_secret.secret-basic.id + + secret_data = "secret-data-${local.name_suffix}" + deletion_policy = "ABANDON" +} diff --git a/secret_version_deletion_policy_abandon/motd b/secret_version_deletion_policy_abandon/motd new file mode 100644 index 00000000..45a906e8 --- /dev/null +++ b/secret_version_deletion_policy_abandon/motd @@ -0,0 +1,7 @@ +=== + +These examples use real resources that will be billed to the +Google Cloud Platform project you use - so make sure that you +run "terraform destroy" before quitting! + +=== diff --git a/secret_version_deletion_policy_abandon/tutorial.md b/secret_version_deletion_policy_abandon/tutorial.md new file mode 100644 index 00000000..625742a8 --- /dev/null +++ b/secret_version_deletion_policy_abandon/tutorial.md @@ -0,0 +1,79 @@ +# Secret Version Deletion Policy Abandon - Terraform + +## Setup + + + +Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform. + + + +Terraform provisions real GCP resources, so anything you create in this session will be billed against this project. + +## Terraforming! + +Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command +to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up +the project name from the environment variable. + +```bash +export GOOGLE_CLOUD_PROJECT={{project-id}} +``` + +After that, let's get Terraform started. Run the following to pull in the providers. + +```bash +terraform init +``` + +With the providers downloaded and a project set, you're ready to use Terraform. Go ahead! + +```bash +terraform apply +``` + +Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan. + +```bash +yes +``` + + +## Post-Apply + +### Editing your config + +Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed. + +```bash +terraform plan +``` + +So let's make a change! Try editing a number, or appending a value to the name in the editor. Then, +run a 'plan' again. + +```bash +terraform plan +``` + +Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes +at the 'yes' prompt. + +```bash +terraform apply +``` + +```bash +yes +``` + +## Cleanup + +Run the following to remove the resources Terraform provisioned: + +```bash +terraform destroy +``` +```bash +yes +``` diff --git a/secret_version_deletion_policy_disable/backing_file.tf b/secret_version_deletion_policy_disable/backing_file.tf new file mode 100644 index 00000000..c60b1199 --- /dev/null +++ b/secret_version_deletion_policy_disable/backing_file.tf @@ -0,0 +1,15 @@ +# This file has some scaffolding to make sure that names are unique and that +# a region and zone are selected when you try to create your Terraform resources. + +locals { + name_suffix = "${random_pet.suffix.id}" +} + +resource "random_pet" "suffix" { + length = 2 +} + +provider "google" { + region = "us-central1" + zone = "us-central1-c" +} diff --git a/secret_version_deletion_policy_disable/main.tf b/secret_version_deletion_policy_disable/main.tf new file mode 100644 index 00000000..e6af7c3f --- /dev/null +++ b/secret_version_deletion_policy_disable/main.tf @@ -0,0 +1,18 @@ +resource "google_secret_manager_secret" "secret-basic" { + secret_id = "secret-version-${local.name_suffix}" + + replication { + user_managed { + replicas { + location = "us-central1" + } + } + } +} + +resource "google_secret_manager_secret_version" "secret-version-deletion-policy" { + secret = google_secret_manager_secret.secret-basic.id + + secret_data = "secret-data-${local.name_suffix}" + deletion_policy = "DISABLE" +} diff --git a/secret_version_deletion_policy_disable/motd b/secret_version_deletion_policy_disable/motd new file mode 100644 index 00000000..45a906e8 --- /dev/null +++ b/secret_version_deletion_policy_disable/motd @@ -0,0 +1,7 @@ +=== + +These examples use real resources that will be billed to the +Google Cloud Platform project you use - so make sure that you +run "terraform destroy" before quitting! + +=== diff --git a/secret_version_deletion_policy_disable/tutorial.md b/secret_version_deletion_policy_disable/tutorial.md new file mode 100644 index 00000000..53b403a6 --- /dev/null +++ b/secret_version_deletion_policy_disable/tutorial.md @@ -0,0 +1,79 @@ +# Secret Version Deletion Policy Disable - Terraform + +## Setup + + + +Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform. + + + +Terraform provisions real GCP resources, so anything you create in this session will be billed against this project. + +## Terraforming! + +Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command +to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up +the project name from the environment variable. + +```bash +export GOOGLE_CLOUD_PROJECT={{project-id}} +``` + +After that, let's get Terraform started. Run the following to pull in the providers. + +```bash +terraform init +``` + +With the providers downloaded and a project set, you're ready to use Terraform. Go ahead! + +```bash +terraform apply +``` + +Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan. + +```bash +yes +``` + + +## Post-Apply + +### Editing your config + +Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed. + +```bash +terraform plan +``` + +So let's make a change! Try editing a number, or appending a value to the name in the editor. Then, +run a 'plan' again. + +```bash +terraform plan +``` + +Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes +at the 'yes' prompt. + +```bash +terraform apply +``` + +```bash +yes +``` + +## Cleanup + +Run the following to remove the resources Terraform provisioned: + +```bash +terraform destroy +``` +```bash +yes +``` diff --git a/secret_with_annotations/main.tf b/secret_with_annotations/main.tf index 3ce6eaf2..a73b7d42 100644 --- a/secret_with_annotations/main.tf +++ b/secret_with_annotations/main.tf @@ -14,6 +14,6 @@ resource "google_secret_manager_secret" "secret-with-annotations" { } replication { - automatic = true + auto {} } } diff --git a/secret_with_automatic_cmek/backing_file.tf b/secret_with_automatic_cmek/backing_file.tf new file mode 100644 index 00000000..c60b1199 --- /dev/null +++ b/secret_with_automatic_cmek/backing_file.tf @@ -0,0 +1,15 @@ +# This file has some scaffolding to make sure that names are unique and that +# a region and zone are selected when you try to create your Terraform resources. + +locals { + name_suffix = "${random_pet.suffix.id}" +} + +resource "random_pet" "suffix" { + length = 2 +} + +provider "google" { + region = "us-central1" + zone = "us-central1-c" +} diff --git a/secret_with_automatic_cmek/main.tf b/secret_with_automatic_cmek/main.tf new file mode 100644 index 00000000..4aa33437 --- /dev/null +++ b/secret_with_automatic_cmek/main.tf @@ -0,0 +1,21 @@ +data "google_project" "project" {} + +resource "google_kms_crypto_key_iam_member" "kms-secret-binding" { + crypto_key_id = "kms-key-${local.name_suffix}" + role = "roles/cloudkms.cryptoKeyEncrypterDecrypter" + member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-secretmanager.iam.gserviceaccount.com" +} + +resource "google_secret_manager_secret" "secret-with-automatic-cmek" { + secret_id = "secret-${local.name_suffix}" + + replication { + auto { + customer_managed_encryption { + kms_key_name = "kms-key-${local.name_suffix}" + } + } + } + + depends_on = [ google_kms_crypto_key_iam_member.kms-secret-binding ] +} diff --git a/secret_with_automatic_cmek/motd b/secret_with_automatic_cmek/motd new file mode 100644 index 00000000..45a906e8 --- /dev/null +++ b/secret_with_automatic_cmek/motd @@ -0,0 +1,7 @@ +=== + +These examples use real resources that will be billed to the +Google Cloud Platform project you use - so make sure that you +run "terraform destroy" before quitting! + +=== diff --git a/secret_with_automatic_cmek/tutorial.md b/secret_with_automatic_cmek/tutorial.md new file mode 100644 index 00000000..9a987267 --- /dev/null +++ b/secret_with_automatic_cmek/tutorial.md @@ -0,0 +1,79 @@ +# Secret With Automatic Cmek - Terraform + +## Setup + + + +Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform. + + + +Terraform provisions real GCP resources, so anything you create in this session will be billed against this project. + +## Terraforming! + +Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command +to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up +the project name from the environment variable. + +```bash +export GOOGLE_CLOUD_PROJECT={{project-id}} +``` + +After that, let's get Terraform started. Run the following to pull in the providers. + +```bash +terraform init +``` + +With the providers downloaded and a project set, you're ready to use Terraform. Go ahead! + +```bash +terraform apply +``` + +Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan. + +```bash +yes +``` + + +## Post-Apply + +### Editing your config + +Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed. + +```bash +terraform plan +``` + +So let's make a change! Try editing a number, or appending a value to the name in the editor. Then, +run a 'plan' again. + +```bash +terraform plan +``` + +Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes +at the 'yes' prompt. + +```bash +terraform apply +``` + +```bash +yes +``` + +## Cleanup + +Run the following to remove the resources Terraform provisioned: + +```bash +terraform destroy +``` +```bash +yes +``` diff --git a/storage_insights_report_config/backing_file.tf b/storage_insights_report_config/backing_file.tf new file mode 100644 index 00000000..c60b1199 --- /dev/null +++ b/storage_insights_report_config/backing_file.tf @@ -0,0 +1,15 @@ +# This file has some scaffolding to make sure that names are unique and that +# a region and zone are selected when you try to create your Terraform resources. + +locals { + name_suffix = "${random_pet.suffix.id}" +} + +resource "random_pet" "suffix" { + length = 2 +} + +provider "google" { + region = "us-central1" + zone = "us-central1-c" +} diff --git a/storage_insights_report_config/main.tf b/storage_insights_report_config/main.tf new file mode 100644 index 00000000..2d63b19e --- /dev/null +++ b/storage_insights_report_config/main.tf @@ -0,0 +1,48 @@ +data "google_project" "project" { +} + +resource "google_storage_insights_report_config" "config" { + display_name = "Test Report Config" + location = "us-central1" + frequency_options { + frequency = "WEEKLY" + start_date { + day = 15 + month = 3 + year = 2050 + } + end_date { + day = 15 + month = 4 + year = 2050 + } + } + csv_options { + record_separator = "\n" + delimiter = "," + header_required = false + } + object_metadata_report_options { + metadata_fields = ["bucket", "name", "project"] + storage_filters { + bucket = google_storage_bucket.report_bucket.name + } + storage_destination_options { + bucket = google_storage_bucket.report_bucket.name + destination_path = "test-insights-reports" + } + } +} + +resource "google_storage_bucket" "report_bucket" { + name = "my-bucket-${local.name_suffix}" + location = "us-central1" + force_destroy = true + uniform_bucket_level_access = true +} + +resource "google_storage_bucket_iam_member" "admin" { + bucket = google_storage_bucket.report_bucket.name + role = "roles/storage.admin" + member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-storageinsights.iam.gserviceaccount.com" +} diff --git a/storage_insights_report_config/motd b/storage_insights_report_config/motd new file mode 100644 index 00000000..45a906e8 --- /dev/null +++ b/storage_insights_report_config/motd @@ -0,0 +1,7 @@ +=== + +These examples use real resources that will be billed to the +Google Cloud Platform project you use - so make sure that you +run "terraform destroy" before quitting! + +=== diff --git a/storage_insights_report_config/tutorial.md b/storage_insights_report_config/tutorial.md new file mode 100644 index 00000000..6231607e --- /dev/null +++ b/storage_insights_report_config/tutorial.md @@ -0,0 +1,79 @@ +# Storage Insights Report Config - Terraform + +## Setup + + + +Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform. + + + +Terraform provisions real GCP resources, so anything you create in this session will be billed against this project. + +## Terraforming! + +Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command +to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up +the project name from the environment variable. + +```bash +export GOOGLE_CLOUD_PROJECT={{project-id}} +``` + +After that, let's get Terraform started. Run the following to pull in the providers. + +```bash +terraform init +``` + +With the providers downloaded and a project set, you're ready to use Terraform. Go ahead! + +```bash +terraform apply +``` + +Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan. + +```bash +yes +``` + + +## Post-Apply + +### Editing your config + +Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed. + +```bash +terraform plan +``` + +So let's make a change! Try editing a number, or appending a value to the name in the editor. Then, +run a 'plan' again. + +```bash +terraform plan +``` + +Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes +at the 'yes' prompt. + +```bash +terraform apply +``` + +```bash +yes +``` + +## Cleanup + +Run the following to remove the resources Terraform provisioned: + +```bash +terraform destroy +``` +```bash +yes +``` diff --git a/vertex_ai_index_endpoint_with_public_endpoint/backing_file.tf b/vertex_ai_index_endpoint_with_public_endpoint/backing_file.tf new file mode 100644 index 00000000..c60b1199 --- /dev/null +++ b/vertex_ai_index_endpoint_with_public_endpoint/backing_file.tf @@ -0,0 +1,15 @@ +# This file has some scaffolding to make sure that names are unique and that +# a region and zone are selected when you try to create your Terraform resources. + +locals { + name_suffix = "${random_pet.suffix.id}" +} + +resource "random_pet" "suffix" { + length = 2 +} + +provider "google" { + region = "us-central1" + zone = "us-central1-c" +} diff --git a/vertex_ai_index_endpoint_with_public_endpoint/main.tf b/vertex_ai_index_endpoint_with_public_endpoint/main.tf new file mode 100644 index 00000000..963ae8c8 --- /dev/null +++ b/vertex_ai_index_endpoint_with_public_endpoint/main.tf @@ -0,0 +1,10 @@ +resource "google_vertex_ai_index_endpoint" "index_endpoint" { + display_name = "sample-endpoint" + description = "A sample vertex endpoint with an public endpoint" + region = "us-central1" + labels = { + label-one = "value-one" + } + + public_endpoint_enabled = true +} diff --git a/vertex_ai_index_endpoint_with_public_endpoint/motd b/vertex_ai_index_endpoint_with_public_endpoint/motd new file mode 100644 index 00000000..45a906e8 --- /dev/null +++ b/vertex_ai_index_endpoint_with_public_endpoint/motd @@ -0,0 +1,7 @@ +=== + +These examples use real resources that will be billed to the +Google Cloud Platform project you use - so make sure that you +run "terraform destroy" before quitting! + +=== diff --git a/vertex_ai_index_endpoint_with_public_endpoint/tutorial.md b/vertex_ai_index_endpoint_with_public_endpoint/tutorial.md new file mode 100644 index 00000000..fe4cee3e --- /dev/null +++ b/vertex_ai_index_endpoint_with_public_endpoint/tutorial.md @@ -0,0 +1,79 @@ +# Vertex Ai Index Endpoint With Public Endpoint - Terraform + +## Setup + + + +Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform. + + + +Terraform provisions real GCP resources, so anything you create in this session will be billed against this project. + +## Terraforming! + +Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command +to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up +the project name from the environment variable. + +```bash +export GOOGLE_CLOUD_PROJECT={{project-id}} +``` + +After that, let's get Terraform started. Run the following to pull in the providers. + +```bash +terraform init +``` + +With the providers downloaded and a project set, you're ready to use Terraform. Go ahead! + +```bash +terraform apply +``` + +Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan. + +```bash +yes +``` + + +## Post-Apply + +### Editing your config + +Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed. + +```bash +terraform plan +``` + +So let's make a change! Try editing a number, or appending a value to the name in the editor. Then, +run a 'plan' again. + +```bash +terraform plan +``` + +Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes +at the 'yes' prompt. + +```bash +terraform apply +``` + +```bash +yes +``` + +## Cleanup + +Run the following to remove the resources Terraform provisioned: + +```bash +terraform destroy +``` +```bash +yes +``` diff --git a/workstation_basic/main.tf b/workstation_basic/main.tf index 015ad82f..b12cc40b 100644 --- a/workstation_basic/main.tf +++ b/workstation_basic/main.tf @@ -54,6 +54,10 @@ resource "google_workstations_workstation" "default" { "label" = "key" } + env = { + name = "foo" + } + annotations = { label-one = "value-one" }