fix

2024-12-06 15:47:07 +01:00
parent 2fd69bf19f
commit 75e26b2c72
4 changed files with 47 additions and 3 deletions
--- a/tp-cloud/terraform/environments/dev/main.tf
+++ b/tp-cloud/terraform/environments/dev/main.tf
@@ -12,21 +12,21 @@ provider "google" {
  region  = var.region
 }

-
 module "network" {
  source = "../../modules/network"
  
+  # Variables d'entrée
  project_name = var.project_name
  region      = var.region
  
+  # Autres variables spécifiques au module
  cidr_range  = var.cidr_range
-  backend_cidr = var.backend_cidr
  frontend_cidr = var.frontend_cidr
+  backend_cidr = var.backend_cidr
  database_cidr = var.database_cidr
  ssh_source_ranges = var.ssh_source_ranges
 }

-
 module "compute" {
  source = "../../modules/compute"

@@ -35,4 +35,10 @@ module "compute" {
  frontend_subnet_id = module.network.id_subnetwork["frontend"]
  backend_subnet_id = module.network.id_subnetwork["backend"]
  database_subnet_id = module.network.id_subnetwork["database"]
+}
+
+module "iam" {
+  source = "../../modules/iam"
+
+  project_id = var.project_id
 }
--- a/tp-cloud/terraform/modules/iam/main.tf
+++ b/tp-cloud/terraform/modules/iam/main.tf
@@ -0,0 +1,24 @@
+resource "google_service_account" "service_account" {
+  account_id   = "terraform"
+  display_name = "terraform"
+}
+
+resource "google_service_account_key" "service_account" {
+  service_account_id = google_service_account.service_account.name
+  public_key_type    = "TYPE_X509_PEM_FILE"
+}
+
+resource "google_project_iam_binding" "service_account_roles" {
+  project = var.project_id
+  role    = "roles/viewer"
+  members = ["serviceAccount:${google_service_account.service_account.email}"]
+}
+
+data "google_client_openid_userinfo" "me" {
+}
+
+resource "google_os_login_ssh_public_key" "add_my_key" {
+  project = var.project_id
+  user    = data.google_client_openid_userinfo.me.email
+  key     = file("~/.ssh/id_ed25519.pub")
+}
--- a/tp-cloud/terraform/modules/iam/outputs.tf
+++ b/tp-cloud/terraform/modules/iam/outputs.tf
@@ -0,0 +1,10 @@
+output "service_account_email" {
+  description = "Email du compte de service"
+  value       = google_service_account.service_account.email
+}
+
+output "service_account_key" {
+  description = "Clé du compte de service"
+  value       = google_service_account_key.service_account.private_key
+  sensitive   = true
+}
--- a/tp-cloud/terraform/modules/iam/variables.tf
+++ b/tp-cloud/terraform/modules/iam/variables.tf
@@ -0,0 +1,4 @@
+variable "project_id" {
+  description = "ID du projet GCP"
+  type        = string
+}