riera/but3-iac
1
0
Fork 0
forked from pierront/but3-iac
Code Pull Requests Activity

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Browse Source
This commit is contained in:
Damien RIERA
2025-12-04 09:36:49 +00:00
parent dfc1b447fa
commit 68151b6d18
7 changed files with 224 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
terraform/environments/dev/.terraform/modules/modules.json
View File

@@ -1 +1 @@
{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"compute","Source":"../../modules/compute","Dir":"../../modules/compute"},{"Key":"network","Source":"../../modules/network","Dir":"../../modules/network"}]} {"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"compute","Source":"../../modules/compute","Dir":"../../modules/compute"},{"Key":"iam","Source":"../../modules/iam","Dir":"../../modules/iam"},{"Key":"network","Source":"../../modules/network","Dir":"../../modules/network"}]}

6
terraform/environments/dev/main.tf
View File

@@ -31,3 +31,9 @@ module "compute" {
backend_subnet_id = module.network.subnet_ids.backend backend_subnet_id = module.network.subnet_ids.backend
database_subnet_id = module.network.subnet_ids.database database_subnet_id = module.network.subnet_ids.database
} }
module "iam" {
source = "../../modules/iam"
project_id = var.project_id
}

148
terraform/environments/dev/terraform.tfstate
View File

File diff suppressed because one or more lines are too long

47
terraform/environments/dev/terraform.tfstate.backup
View File

@@ -1,7 +1,7 @@
{ {
"version": 4, "version": 4,
"terraform_version": "1.14.1", "terraform_version": "1.14.1",
"serial": 14, "serial": 17,
"lineage": "68d76a72-f70d-5e6d-87bb-d6ad17acf000", "lineage": "68d76a72-f70d-5e6d-87bb-d6ad17acf000",
"outputs": {}, "outputs": {},
"resources": [ "resources": [
@@ -31,7 +31,7 @@
"labels": {}, "labels": {},
"provisioned_iops": 0, "provisioned_iops": 0,
"provisioned_throughput": 0, "provisioned_throughput": 0,
"resource_manager_tags": null, "resource_manager_tags": {},
"resource_policies": [], "resource_policies": [],
"size": 10, "size": 10,
"storage_pool": "", "storage_pool": "",
@@ -62,7 +62,7 @@
"instance_id": "6004704392758752624", "instance_id": "6004704392758752624",
"key_revocation_action_type": "", "key_revocation_action_type": "",
"label_fingerprint": "vezUS-42LLM=", "label_fingerprint": "vezUS-42LLM=",
"labels": null, "labels": {},
"machine_type": "e2-small", "machine_type": "e2-small",
"metadata": { "metadata": {
"enable-oslogin": "TRUE" "enable-oslogin": "TRUE"
@@ -93,7 +93,7 @@
"params": [], "params": [],
"project": "iutsf-478713", "project": "iutsf-478713",
"reservation_affinity": [], "reservation_affinity": [],
"resource_policies": null, "resource_policies": [],
"scheduling": [ "scheduling": [
{ {
"automatic_restart": true, "automatic_restart": true,
@@ -185,7 +185,7 @@
"labels": {}, "labels": {},
"provisioned_iops": 0, "provisioned_iops": 0,
"provisioned_throughput": 0, "provisioned_throughput": 0,
"resource_manager_tags": null, "resource_manager_tags": {},
"resource_policies": [], "resource_policies": [],
"size": 20, "size": 20,
"storage_pool": "", "storage_pool": "",
@@ -216,7 +216,7 @@
"instance_id": "6512542133291644272", "instance_id": "6512542133291644272",
"key_revocation_action_type": "", "key_revocation_action_type": "",
"label_fingerprint": "vezUS-42LLM=", "label_fingerprint": "vezUS-42LLM=",
"labels": null, "labels": {},
"machine_type": "e2-small", "machine_type": "e2-small",
"metadata": { "metadata": {
"enable-oslogin": "TRUE" "enable-oslogin": "TRUE"
@@ -247,7 +247,7 @@
"params": [], "params": [],
"project": "iutsf-478713", "project": "iutsf-478713",
"reservation_affinity": [], "reservation_affinity": [],
"resource_policies": null, "resource_policies": [],
"scheduling": [ "scheduling": [
{ {
"automatic_restart": true, "automatic_restart": true,
@@ -339,7 +339,7 @@
"labels": {}, "labels": {},
"provisioned_iops": 0, "provisioned_iops": 0,
"provisioned_throughput": 0, "provisioned_throughput": 0,
"resource_manager_tags": null, "resource_manager_tags": {},
"resource_policies": [], "resource_policies": [],
"size": 10, "size": 10,
"storage_pool": "", "storage_pool": "",
@@ -370,7 +370,7 @@
"instance_id": "2127744316395550064", "instance_id": "2127744316395550064",
"key_revocation_action_type": "", "key_revocation_action_type": "",
"label_fingerprint": "vezUS-42LLM=", "label_fingerprint": "vezUS-42LLM=",
"labels": null, "labels": {},
"machine_type": "e2-small", "machine_type": "e2-small",
"metadata": { "metadata": {
"enable-oslogin": "TRUE" "enable-oslogin": "TRUE"
@@ -407,7 +407,7 @@
"params": [], "params": [],
"project": "iutsf-478713", "project": "iutsf-478713",
"reservation_affinity": [], "reservation_affinity": [],
"resource_policies": null, "resource_policies": [],
"scheduling": [ "scheduling": [
{ {
"automatic_restart": true, "automatic_restart": true,
@@ -505,12 +505,12 @@
"priority": 1000, "priority": 1000,
"project": "iutsf-478713", "project": "iutsf-478713",
"self_link": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/firewalls/iutsf-fw-backend-database-3306", "self_link": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/firewalls/iutsf-fw-backend-database-3306",
"source_ranges": null, "source_ranges": [],
"source_service_accounts": null, "source_service_accounts": [],
"source_tags": [ "source_tags": [
"backend" "backend"
], ],
"target_service_accounts": null, "target_service_accounts": [],
"target_tags": [ "target_tags": [
"database" "database"
], ],
@@ -561,9 +561,9 @@
"source_ranges": [ "source_ranges": [
"0.0.0.0/0" "0.0.0.0/0"
], ],
"source_service_accounts": null, "source_service_accounts": [],
"source_tags": null, "source_tags": [],
"target_service_accounts": null, "target_service_accounts": [],
"target_tags": [ "target_tags": [
"frontend" "frontend"
], ],
@@ -610,12 +610,12 @@
"priority": 1000, "priority": 1000,
"project": "iutsf-478713", "project": "iutsf-478713",
"self_link": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/firewalls/iutsf-fw-frontend-backend-8000", "self_link": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/firewalls/iutsf-fw-frontend-backend-8000",
"source_ranges": null, "source_ranges": [],
"source_service_accounts": null, "source_service_accounts": [],
"source_tags": [ "source_tags": [
"frontend" "frontend"
], ],
"target_service_accounts": null, "target_service_accounts": [],
"target_tags": [ "target_tags": [
"backend" "backend"
], ],
@@ -658,12 +658,12 @@
"id": "projects/iutsf-478713/global/firewalls/iutsf-478713-fw-ssh-all", "id": "projects/iutsf-478713/global/firewalls/iutsf-478713-fw-ssh-all",
"log_config": [], "log_config": [],
"name": "iutsf-478713-fw-ssh-all", "name": "iutsf-478713-fw-ssh-all",
"network": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/networks/iutsf-478713-vpc", "network": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/networks/iutsf-vpc",
"priority": 1000, "priority": 1000,
"project": "iutsf-478713", "project": "iutsf-478713",
"self_link": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/firewalls/iutsf-478713-fw-ssh-all", "self_link": "https://www.googleapis.com/compute/v1/projects/iutsf-478713/global/firewalls/iutsf-478713-fw-ssh-all",
"source_ranges": [ "source_ranges": [
"34.78.156.163/32" "35.195.166.234/32"
], ],
"source_service_accounts": [], "source_service_accounts": [],
"source_tags": [], "source_tags": [],
@@ -673,7 +673,10 @@
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"identity_schema_version": 0, "identity_schema_version": 0,
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9" "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9",
"dependencies": [
"module.network.google_compute_network.vpc"
]
} }
] ]
}, },

31
terraform/modules/iam/main.tf
View File

@@ -0,0 +1,31 @@
# Compte de service Terraform
resource "google_service_account" "terraform" {
account_id = "terraform"
display_name = "Terraform Service Account"
project = var.project_id
}
# Clé du compte de service
resource "google_service_account_key" "terraform_key" {
service_account_id = google_service_account.terraform.name
}
# IAM Roles
resource "google_project_iam_member" "compute_admin" {
project = var.project_id
role = "roles/compute.admin"
member = "serviceAccount:${google_service_account.terraform.email}"
}
resource "google_project_iam_member" "network_admin" {
project = var.project_id
role = "roles/compute.networkAdmin"
member = "serviceAccount:${google_service_account.terraform.email}"
}
resource "google_project_iam_member" "editor" {
project = var.project_id
role = "roles/editor"
member = "serviceAccount:${google_service_account.terraform.email}"
}

9
terraform/modules/iam/outputs.tf
View File

@@ -0,0 +1,9 @@
output "service_account_email" {
value = google_service_account.terraform.email
}
output "service_account_key" {
value = google_service_account_key.terraform_key.private_key
sensitive = true
}

5
terraform/modules/iam/variables.tf
View File

@@ -0,0 +1,5 @@
variable "project_id" {
description = "ID du projet GCP"
type = string
}