Update

terraform/modules/compute/main.tf

@@ -1,74 +1,99 @@
-# compute/main.tf
-
 resource "google_compute_instance" "frontend" {
-  name         = "frontend-instance"
-  machine_type = var.instance_type
+  name         = "frontend-${substr(var.zone, -1, 2)}"
+  project      = var.project_id
   zone         = var.zone
+  machine_type = var.instance_type
+  labels       = merge({tier = "frontend"}, var.labels)
 
   boot_disk {
     initialize_params {
       image = "debian-cloud/debian-11"
       size  = 10
+      type  = "pd-standard"
     }
   }
 
   network_interface {
+    network    = var.network
     subnetwork = var.frontend_subnet_id
-    access_config {} # IP publique
+    access_config {}
   }
 
   metadata = {
     enable-oslogin = "TRUE"
+    ssh-keys       = var.ssh_pub_key
   }
 
   tags = ["frontend", "ssh"]
+
+  service_account {
+    email  = var.service_account_email
+    scopes = ["userinfo-email", "compute-ro"]
+  }
 }
 
 resource "google_compute_instance" "backend" {
-  name         = "backend-instance"
-  machine_type = var.instance_type
+  name         = "backend-${substr(var.zone, -1, 2)}"
+  project      = var.project_id
   zone         = var.zone
+  machine_type = var.instance_type
+  labels       = merge({tier = "backend"}, var.labels)
 
   boot_disk {
     initialize_params {
       image = "debian-cloud/debian-11"
       size  = 10
+      type  = "pd-standard"
     }
   }
 
   network_interface {
+    network    = var.network
     subnetwork = var.backend_subnet_id
-    # Pas d'IP publique
   }
 
   metadata = {
     enable-oslogin = "TRUE"
+    ssh-keys       = var.ssh_pub_key
   }
 
   tags = ["backend", "ssh"]
+
+  service_account {
+    email  = var.service_account_email
+    scopes = ["userinfo-email", "compute-ro"]
+  }
 }
 
 resource "google_compute_instance" "database" {
-  name         = "database-instance"
-  machine_type = var.instance_type
+  name         = "database-${substr(var.zone, -1, 2)}"
+  project      = var.project_id
   zone         = var.zone
+  machine_type = var.instance_type
+  labels       = merge({tier = "database"}, var.labels)
 
   boot_disk {
     initialize_params {
       image = "debian-cloud/debian-11"
       size  = 20
+      type  = "pd-standard"
     }
   }
 
   network_interface {
+    network    = var.network
     subnetwork = var.database_subnet_id
-    # Pas d'IP publique
   }
 
   metadata = {
     enable-oslogin = "TRUE"
+    ssh-keys       = var.ssh_pub_key
   }
 
   tags = ["database", "ssh"]
-}
 
+  service_account {
+    email  = var.service_account_email
+    scopes = ["userinfo-email", "compute-ro"]
+  }
+}

terraform/modules/compute/outputs.tf

@@ -1,27 +1,23 @@
-# compute/outputs.tf
-
-# 1. IPs internes de toutes les instances
-output "internal_ips" {
-  description = "IPs internes des instances"
-  value = {
-    frontend = google_compute_instance.frontend.network_interface[0].network_ip
-    backend  = google_compute_instance.backend.network_interface[0].network_ip
-    database = google_compute_instance.database.network_interface[0].network_ip
-  }
+output "frontend_internal_ip" {
+  value = google_compute_instance.frontend.network_interface[0].network_ip
 }
 
-# 2. IP publique du frontend
 output "frontend_public_ip" {
-  description = "IP publique de l'instance frontend"
-  value       = google_compute_instance.frontend.network_interface[0].access_config[0].nat_ip
+  value = google_compute_instance.frontend.network_interface[0].access_config[0].nat_ip
 }
 
-# 3. Noms des instances
-output "instance_names" {
-  description = "Noms des instances"
-  value = {
-    frontend = google_compute_instance.frontend.name
-    backend  = google_compute_instance.backend.name
-    database = google_compute_instance.database.name
-  }
+output "backend_internal_ip" {
+  value = google_compute_instance.backend.network_interface[0].network_ip
 }
+
+output "database_internal_ip" {
+  value = google_compute_instance.database.network_interface[0].network_ip
+}
+
+output "instance_names" {
+  value = [
+    google_compute_instance.frontend.name,
+    google_compute_instance.backend.name,
+    google_compute_instance.database.name,
+  ]
+}

terraform/modules/compute/variables.tf

@@ -1,27 +1,56 @@
-# compute/variables.tf
-
-variable "instance_type" {
-  description = "Type d'instance GCE à utiliser"
+variable "project_id" {
   type        = string
+  description = "GCP project id"
+}
+
+variable "region" {
+  type        = string
+  description = "GCP region"
 }
 
 variable "zone" {
-  description = "Zone dans laquelle déployer les instances"
   type        = string
+  description = "GCP zone (ex: europe-west1-b)"
+}
+
+variable "instance_type" {
+  type        = string
+  description = "Machine type for instances (ex: e2-medium)"
+  default     = "e2-medium"
+}
+
+variable "network" {
+  type        = string
+  description = "VPC network self_link or name"
 }
 
 variable "frontend_subnet_id" {
-  description = "ID du sous-réseau frontend"
   type        = string
+  description = "Frontend subnet self_link"
 }
 
 variable "backend_subnet_id" {
-  description = "ID du sous-réseau backend"
   type        = string
+  description = "Backend subnet self_link"
 }
 
 variable "database_subnet_id" {
-  description = "ID du sous-réseau database"
   type        = string
+  description = "Database subnet self_link"
 }
 
+variable "ssh_pub_key" {
+  type        = string
+  description = "SSH public key to add as metadata for OS Login fallback (optional)"
+  default     = ""
+}
+
+variable "service_account_email" {
+  type        = string
+  description = "Service account email to attach to instances"
+}
+
+variable "labels" {
+  type    = map(string)
+  default = {}
+}