From 2c6a297c9be62a3882cb213cdc02ee639d01f45e Mon Sep 17 00:00:00 2001 From: Vallat Date: Fri, 6 Dec 2024 16:05:50 +0100 Subject: [PATCH] IAM --- modules/compute/outputs.tf | 0 modules/iam/main.tf | 0 modules/iam/outputs.tf | 0 modules/iam/variables.tf | 0 .../environments}/dev/main.tf | 5 ++-- .../environments}/dev/outputs.tf | 0 .../environments}/dev/variables.tf | 0 .../modules}/compute/main.tf | 0 terraform/modules/compute/outputs.tf | 18 ++++++++++++++ .../modules}/compute/variables.tf | 0 terraform/modules/iam/main.tf | 24 +++++++++++++++++++ terraform/modules/iam/outputs.tf | 10 ++++++++ terraform/modules/iam/variables.tf | 5 ++++ .../modules}/network/main.tf | 0 .../modules}/network/outputs.tf | 0 .../modules}/network/variables.tf | 0 16 files changed, 59 insertions(+), 3 deletions(-) delete mode 100644 modules/compute/outputs.tf delete mode 100644 modules/iam/main.tf delete mode 100644 modules/iam/outputs.tf delete mode 100644 modules/iam/variables.tf rename {environments => terraform/environments}/dev/main.tf (96%) rename {environments => terraform/environments}/dev/outputs.tf (100%) rename {environments => terraform/environments}/dev/variables.tf (100%) rename {modules => terraform/modules}/compute/main.tf (100%) create mode 100644 terraform/modules/compute/outputs.tf rename {modules => terraform/modules}/compute/variables.tf (100%) create mode 100644 terraform/modules/iam/main.tf create mode 100644 terraform/modules/iam/outputs.tf create mode 100644 terraform/modules/iam/variables.tf rename {modules => terraform/modules}/network/main.tf (100%) rename {modules => terraform/modules}/network/outputs.tf (100%) rename {modules => terraform/modules}/network/variables.tf (100%) diff --git a/modules/compute/outputs.tf b/modules/compute/outputs.tf deleted file mode 100644 index e69de29..0000000 diff --git a/modules/iam/main.tf b/modules/iam/main.tf deleted file mode 100644 index e69de29..0000000 diff --git a/modules/iam/outputs.tf b/modules/iam/outputs.tf deleted file mode 100644 index e69de29..0000000 diff --git a/modules/iam/variables.tf b/modules/iam/variables.tf deleted file mode 100644 index e69de29..0000000 diff --git a/environments/dev/main.tf b/terraform/environments/dev/main.tf similarity index 96% rename from environments/dev/main.tf rename to terraform/environments/dev/main.tf index cc345aa..7476070 100644 --- a/environments/dev/main.tf +++ b/terraform/environments/dev/main.tf @@ -38,14 +38,13 @@ module "compute" { zone = var.zone instance_type = var.instance_type } -/* + module "iam" { source = "../../modules/iam" # Variables d'entrée - # Autres variables spécifiques au module + project_id = var.project_id } -*/ \ No newline at end of file diff --git a/environments/dev/outputs.tf b/terraform/environments/dev/outputs.tf similarity index 100% rename from environments/dev/outputs.tf rename to terraform/environments/dev/outputs.tf diff --git a/environments/dev/variables.tf b/terraform/environments/dev/variables.tf similarity index 100% rename from environments/dev/variables.tf rename to terraform/environments/dev/variables.tf diff --git a/modules/compute/main.tf b/terraform/modules/compute/main.tf similarity index 100% rename from modules/compute/main.tf rename to terraform/modules/compute/main.tf diff --git a/terraform/modules/compute/outputs.tf b/terraform/modules/compute/outputs.tf new file mode 100644 index 0000000..756f171 --- /dev/null +++ b/terraform/modules/compute/outputs.tf @@ -0,0 +1,18 @@ +output "Intern"{ + value = { + ip_front = google_compute_instance.vm-front.network_interface[0].network_ip, + ip_back = google_compute_instance.vm-back.network_interface[0].network_ip, + ip_db = google_compute_instance.vm-database.network_interface[0].network_ip + } +} + +output "frontend_public_ip" { + value = google_compute_instance.vm-front.network_interface[0].access_config[0].nat_ip +} +output "name"{ + value = { + name_frontend = google_compute_instance.vm-front.name + name_backend = google_compute_instance.vm-back.name + name_database = google_compute_instance.vm-database.name + } +} \ No newline at end of file diff --git a/modules/compute/variables.tf b/terraform/modules/compute/variables.tf similarity index 100% rename from modules/compute/variables.tf rename to terraform/modules/compute/variables.tf diff --git a/terraform/modules/iam/main.tf b/terraform/modules/iam/main.tf new file mode 100644 index 0000000..993825e --- /dev/null +++ b/terraform/modules/iam/main.tf @@ -0,0 +1,24 @@ +resource "google_service_account" "service_account" { + account_id = "terraform" + display_name = "terraform" +} + +resource "google_service_account_key" "service_account" { + service_account_id = google_service_account.service_account.name + public_key_type = "TYPE_X509_PEM_FILE" +} + +resource "google_project_iam_binding" "service_account_roles" { + project = var.project_id + role = "roles/viewer" + members = ["serviceAccount:${google_service_account.service_account.email}"] +} + +data "google_client_openid_userinfo" "me" { +} + +resource "google_os_login_ssh_public_key" "add_my_key" { + project = var.project_id + user = data.google_client_openid_userinfo.me.email + key = file("~/.ssh/id_ed25519.pub") +} diff --git a/terraform/modules/iam/outputs.tf b/terraform/modules/iam/outputs.tf new file mode 100644 index 0000000..121bb03 --- /dev/null +++ b/terraform/modules/iam/outputs.tf @@ -0,0 +1,10 @@ +output "service_account_email" { + description = "Email du compte de service" + value = google_service_account.service_account.email +} + +output "service_account_key" { + description = "Clé du compte de service" + value = google_service_account_key.service_account.private_key + sensitive = true +} \ No newline at end of file diff --git a/terraform/modules/iam/variables.tf b/terraform/modules/iam/variables.tf new file mode 100644 index 0000000..c76c7b1 --- /dev/null +++ b/terraform/modules/iam/variables.tf @@ -0,0 +1,5 @@ +# modules/iam/variables.tf +variable "project_id" { + description = "ID du projet GCP" + type = string +} \ No newline at end of file diff --git a/modules/network/main.tf b/terraform/modules/network/main.tf similarity index 100% rename from modules/network/main.tf rename to terraform/modules/network/main.tf diff --git a/modules/network/outputs.tf b/terraform/modules/network/outputs.tf similarity index 100% rename from modules/network/outputs.tf rename to terraform/modules/network/outputs.tf diff --git a/modules/network/variables.tf b/terraform/modules/network/variables.tf similarity index 100% rename from modules/network/variables.tf rename to terraform/modules/network/variables.tf