generate terragrunt manifest from terraform module.
Project description
terragrunt-generator
terragrunt-generator provide a way to generate a terragrunt.hcl
file with documented inputs who's coming from variables exposed by terraform module.
The result is easily configurable with a yaml file.
Requirements
- python3.6+
Instalation
$ pip install terragrunt-generator
Usages
Exec
$ terragrunt-generator --help
usage: terragrunt-gernerator [-h] [-V] -u URL [-v VERSION] [-p PATH] [--include | --no-include] [-l LOOKUP]
generate terragrunt.hcl confirugation from terraform module
options:
-h, --help show this help message and exit
-V show program's version number and exit
-u URL, --url URL the module repository url
-v VERSION, --version VERSION
the module version to use
-p PATH, --path PATH define the module path if needed
--include, --no-include
do no rendering the include block
-l LOOKUP, --lookup LOOKUP
define the lookup path
Example
$ terragrunt-generator \
-u https://github.com/terraform-google-modules/terraform-google-project-factory.git \
-v v14.2.1 \
-l 'project'
Results
# terraform-google-modules v14.2.1
# https://github.com/terraform-google-modules/terraform-google-project-factory/tree/v14.2.1/
#
# yaml config
# ```
# project:
# enabled: true
# # org_id - The organization ID.
# org_id:
# # name - The name for the project
# name:
# # billing_account - The ID of the billing account to associate this project with
# billing_account:
# # random_project_id - Adds a suffix of 4 random characters to the `project_id`.
# # random_project_id:
# # domain - The domain name (optional).
# # domain:
# # project_id - The ID to give the project. If not provided, the `name` will be used.
# # project_id:
# # svpc_host_project_id - The ID of the host project which hosts the shared VPC
# # svpc_host_project_id:
# # enable_shared_vpc_host_project - If this project is a shared VPC host project. If true, you must *not* set svpc_host_project_id variable. Default is false.
# # enable_shared_vpc_host_# project:
# # folder_id - The ID of a folder to host this project
# # folder_id:
# # group_name - A group to control the project by being assigned group_role (defaults to project editor)
# # group_name:
# # group_role - The role to give the controlling group (group_name) over the project (defaults to project editor)
# # group_role: "roles/editor"
# # create_project_sa - Whether the default service account for the project shall be created
# # create_project_sa: true
# # project_sa_name - Default service account name for the project.
# # project_sa_name: "project-service-account"
# # sa_role - A role to give the default Service Account for the project (defaults to none)
# # sa_role:
# # activate_apis - The list of apis to activate within the project
# # activate_apis: ["compute.googleapis.com"]
# # activate_api_identities - The list of service identities (Google Managed service account for the API) to force-create for the project (e.g. in order to grant additional roles).
# # APIs in this list will automatically be appended to `activate_apis`.
# # Not including the API in this list will follow the default behaviour for identity creation (which is usually when the first resource using the API is created).
# # Any roles (e.g. service agent role) must be explicitly listed. See https://cloud.google.com/iam/docs/understanding-roles#service-agent-roles-roles for a list of related roles.
# # activate_api_identities:
# # usage_bucket_name - Name of a GCS bucket to store GCE usage reports in (optional)
# # usage_bucket_name:
# # usage_bucket_prefix - Prefix in the GCS bucket to store GCE usage reports in (optional)
# # usage_bucket_prefix:
# # shared_vpc_subnets - List of subnets fully qualified subnet IDs (ie. projects/$project_id/regions/$region/subnetworks/$subnet_id)
# # shared_vpc_subnets:
# # labels - Map of labels for project
# # labels:
# # bucket_project - A project to create a GCS bucket (bucket_name) in, useful for Terraform state (optional)
# # bucket_# project:
# # bucket_name - A name for a GCS bucket to create (in the bucket_project project), useful for Terraform state (optional)
# # bucket_name:
# # bucket_location - The location for a GCS bucket to create (optional)
# # bucket_location: "US"
# # bucket_versioning - Enable versioning for a GCS bucket to create (optional)
# # bucket_versioning:
# # bucket_labels - A map of key/value label pairs to assign to the bucket (optional)
# # bucket_labels:
# # bucket_force_destroy - Force the deletion of all objects within the GCS bucket when deleting the bucket (optional)
# # bucket_force_destroy:
# # bucket_ula - Enable Uniform Bucket Level Access
# # bucket_ula: true
# # bucket_pap - Enable Public Access Prevention. Possible values are "enforced" or "inherited".
# # bucket_pap: "inherited"
# # auto_create_network - Create the default network
# # auto_create_network:
# # lien - Add a lien on the project to prevent accidental deletion
# # lien:
# # disable_services_on_destroy - Whether project services will be disabled when the resources are destroyed
# # disable_services_on_destroy: true
# # default_service_account - Project default service account setting: can be one of `delete`, `deprivilege`, `disable`, or `keep`.
# # default_service_account: "disable"
# # disable_dependent_services - Whether services that are enabled and which depend on this service should also be disabled when this service is destroyed.
# # disable_dependent_services: true
# # budget_monitoring_notification_channels - A list of monitoring notification channels in the form `[projects/{project_id}/notificationChannels/{channel_id}]`. A maximum of 5 channels are allowed.
# # budget_monitoring_notification_channels:
# # budget_alert_spent_percents - A list of percentages of the budget to alert on when threshold is exceeded
# # budget_alert_spent_percents: [0.5, 0.7, 1.0]
# # budget_alert_spend_basis - The type of basis used to determine if spend has passed the threshold
# # budget_alert_spend_basis: "CURRENT_SPEND"
# # budget_labels - A single label and value pair specifying that usage from only this set of labeled resources should be included in the budget.
# # budget_labels:
# # vpc_service_control_attach_enabled - Whether the project will be attached to a VPC Service Control Perimeter
# # vpc_service_control_attach_enabled:
# # vpc_service_control_sleep_duration - The duration to sleep in seconds before adding the project to a shared VPC after the project is added to the VPC Service Control Perimeter. VPC-SC is eventually consistent.
# # vpc_service_control_sleep_duration: "5s"
# # grant_services_security_admin_role - Whether or not to grant Kubernetes Engine Service Agent the Security Admin role on the host project so it can manage firewall rules
# # grant_services_security_admin_role:
# # grant_network_role - Whether or not to grant networkUser role on the host project/subnets
# # grant_network_role: true
# # consumer_quotas - The quotas configuration you want to override for the project.
# # consumer_quotas:
# # default_network_tier - Default Network Service Tier for resources created in this project. If unset, the value will not be modified. See https://cloud.google.com/network-tiers/docs/using-network-service-tiers and https://cloud.google.com/network-tiers.
# # default_network_tier:
# # essential_contacts - A mapping of users or groups to be assigned as Essential Contacts to the project, specifying a notification category
# # essential_contacts:
# # language_tag - Language code to be used for essential contacts notifications
# # language_tag: "en-US"
# # random_project_id_length - Sets the length of `random_project_id` to the provided length, and uses a `random_string` for a larger collusion domain. Recommended for use with CI.
# # random_project_id_length:
# # budget_amount - The amount to use for a budget alert
# # budget_amount:
# # budget_display_name - The display name of the budget. If not set defaults to `Budget For <projects[0]|All Projects>`
# # budget_display_name:
# # budget_alert_pubsub_topic - The name of the Cloud Pub/Sub topic where budget related messages will be published, in the form of `projects/{project_id}/topics/{topic_id}`
# # budget_alert_pubsub_topic:
# # budget_calendar_period - Specifies the calendar period for the budget. Possible values are MONTH, QUARTER, YEAR, CALENDAR_PERIOD_UNSPECIFIED, CUSTOM. custom_period_start_date and custom_period_end_date must be set if CUSTOM
# # budget_calendar_period:
# # budget_custom_period_start_date - Specifies the start date (DD-MM-YYYY) for the calendar_period CUSTOM
# # budget_custom_period_start_date:
# # budget_custom_period_end_date - Specifies the end date (DD-MM-YYYY) for the calendar_period CUSTOM
# # budget_custom_period_end_date:
# # vpc_service_control_perimeter_name - The name of a VPC Service Control Perimeter to add the created project to
# # vpc_service_control_perimeter_name:
# ```
#
include {
path = find_in_parent_folders()
}
locals {
source = "github.com/terraform-google-modules/terraform-google-project-factory.git?ref=v14.2.1"
all = merge(
yamldecode(file(find_in_parent_folders("config.yaml"))),
)
}
terraform {
source = lookup(local.all.project, "enabled", true) == true ? local.source : null
}
inputs = merge({
# billing_account - The ID of the billing account to associate this project with - required
billing_account = lookup(local.all.project, "billing_account", "")
# name - The name for the project - required
name = lookup(local.all.project, "name", "")
# org_id - The organization ID. - required
org_id = lookup(local.all.project, "org_id", "")
# activate_api_identities - The list of service identities (Google Managed service account for the API) to force-create for the project (e.g. in order to grant additional roles).
# APIs in this list will automatically be appended to `activate_apis`.
# Not including the API in this list will follow the default behaviour for identity creation (which is usually when the first resource using the API is created).
# Any roles (e.g. service agent role) must be explicitly listed. See https://cloud.google.com/iam/docs/understanding-roles#service-agent-roles-roles for a list of related roles.
activate_api_identities = lookup(local.all.project, "activate_api_identities", [])
# activate_apis - The list of apis to activate within the project
activate_apis = lookup(local.all.project, "activate_apis", ["compute.googleapis.com"])
# auto_create_network - Create the default network
auto_create_network = lookup(local.all.project, "auto_create_network", false)
# bucket_force_destroy - Force the deletion of all objects within the GCS bucket when deleting the bucket (optional)
bucket_force_destroy = lookup(local.all.project, "bucket_force_destroy", false)
# bucket_labels - A map of key/value label pairs to assign to the bucket (optional)
bucket_labels = lookup(local.all.project, "bucket_labels", {})
# bucket_location - The location for a GCS bucket to create (optional)
bucket_location = lookup(local.all.project, "bucket_location", "US")
# bucket_name - A name for a GCS bucket to create (in the bucket_project project), useful for Terraform state (optional)
bucket_name = lookup(local.all.project, "bucket_name", "")
# bucket_pap - Enable Public Access Prevention. Possible values are "enforced" or "inherited".
bucket_pap = lookup(local.all.project, "bucket_pap", "inherited")
# bucket_project - A project to create a GCS bucket (bucket_name) in, useful for Terraform state (optional)
bucket_project = lookup(local.all.project, "bucket_project", "")
# bucket_ula - Enable Uniform Bucket Level Access
bucket_ula = lookup(local.all.project, "bucket_ula", true)
# bucket_versioning - Enable versioning for a GCS bucket to create (optional)
bucket_versioning = lookup(local.all.project, "bucket_versioning", false)
# budget_alert_spend_basis - The type of basis used to determine if spend has passed the threshold
budget_alert_spend_basis = lookup(local.all.project, "budget_alert_spend_basis", "CURRENT_SPEND")
# budget_alert_spent_percents - A list of percentages of the budget to alert on when threshold is exceeded
budget_alert_spent_percents = lookup(local.all.project, "budget_alert_spent_percents", [0.5, 0.7, 1.0])
# budget_labels - A single label and value pair specifying that usage from only this set of labeled resources should be included in the budget.
budget_labels = lookup(local.all.project, "budget_labels", {})
# budget_monitoring_notification_channels - A list of monitoring notification channels in the form `[projects/{project_id}/notificationChannels/{channel_id}]`. A maximum of 5 channels are allowed.
budget_monitoring_notification_channels = lookup(local.all.project, "budget_monitoring_notification_channels", [])
# consumer_quotas - The quotas configuration you want to override for the project.
consumer_quotas = lookup(local.all.project, "consumer_quotas", [])
# create_project_sa - Whether the default service account for the project shall be created
create_project_sa = lookup(local.all.project, "create_project_sa", true)
# default_network_tier - Default Network Service Tier for resources created in this project. If unset, the value will not be modified. See https://cloud.google.com/network-tiers/docs/using-network-service-tiers and https://cloud.google.com/network-tiers.
default_network_tier = lookup(local.all.project, "default_network_tier", "")
# default_service_account - Project default service account setting: can be one of `delete`, `deprivilege`, `disable`, or `keep`.
default_service_account = lookup(local.all.project, "default_service_account", "disable")
# disable_dependent_services - Whether services that are enabled and which depend on this service should also be disabled when this service is destroyed.
disable_dependent_services = lookup(local.all.project, "disable_dependent_services", true)
# disable_services_on_destroy - Whether project services will be disabled when the resources are destroyed
disable_services_on_destroy = lookup(local.all.project, "disable_services_on_destroy", true)
# domain - The domain name (optional).
domain = lookup(local.all.project, "domain", "")
# enable_shared_vpc_host_project - If this project is a shared VPC host project. If true, you must *not* set svpc_host_project_id variable. Default is false.
enable_shared_vpc_host_project = lookup(local.all.project, "enable_shared_vpc_host_project", false)
# essential_contacts - A mapping of users or groups to be assigned as Essential Contacts to the project, specifying a notification category
essential_contacts = lookup(local.all.project, "essential_contacts", {})
# folder_id - The ID of a folder to host this project
folder_id = lookup(local.all.project, "folder_id", "")
# grant_network_role - Whether or not to grant networkUser role on the host project/subnets
grant_network_role = lookup(local.all.project, "grant_network_role", true)
# grant_services_security_admin_role - Whether or not to grant Kubernetes Engine Service Agent the Security Admin role on the host project so it can manage firewall rules
grant_services_security_admin_role = lookup(local.all.project, "grant_services_security_admin_role", false)
# group_name - A group to control the project by being assigned group_role (defaults to project editor)
group_name = lookup(local.all.project, "group_name", "")
# group_role - The role to give the controlling group (group_name) over the project (defaults to project editor)
group_role = lookup(local.all.project, "group_role", "roles/editor")
# labels - Map of labels for project
labels = lookup(local.all.project, "labels", {})
# language_tag - Language code to be used for essential contacts notifications
language_tag = lookup(local.all.project, "language_tag", "en-US")
# lien - Add a lien on the project to prevent accidental deletion
lien = lookup(local.all.project, "lien", false)
# project_id - The ID to give the project. If not provided, the `name` will be used.
project_id = lookup(local.all.project, "project_id", "")
# project_sa_name - Default service account name for the project.
project_sa_name = lookup(local.all.project, "project_sa_name", "project-service-account")
# random_project_id - Adds a suffix of 4 random characters to the `project_id`.
random_project_id = lookup(local.all.project, "random_project_id", false)
# sa_role - A role to give the default Service Account for the project (defaults to none)
sa_role = lookup(local.all.project, "sa_role", "")
# shared_vpc_subnets - List of subnets fully qualified subnet IDs (ie. projects/$project_id/regions/$region/subnetworks/$subnet_id)
shared_vpc_subnets = lookup(local.all.project, "shared_vpc_subnets", [])
# svpc_host_project_id - The ID of the host project which hosts the shared VPC
svpc_host_project_id = lookup(local.all.project, "svpc_host_project_id", "")
# usage_bucket_name - Name of a GCS bucket to store GCE usage reports in (optional)
usage_bucket_name = lookup(local.all.project, "usage_bucket_name", "")
# usage_bucket_prefix - Prefix in the GCS bucket to store GCE usage reports in (optional)
usage_bucket_prefix = lookup(local.all.project, "usage_bucket_prefix", "")
# vpc_service_control_attach_enabled - Whether the project will be attached to a VPC Service Control Perimeter
vpc_service_control_attach_enabled = lookup(local.all.project, "vpc_service_control_attach_enabled", false)
# vpc_service_control_sleep_duration - The duration to sleep in seconds before adding the project to a shared VPC after the project is added to the VPC Service Control Perimeter. VPC-SC is eventually consistent.
vpc_service_control_sleep_duration = lookup(local.all.project, "vpc_service_control_sleep_duration", "5s")
},
# budget_alert_pubsub_topic - The name of the Cloud Pub/Sub topic where budget related messages will be published, in the form of `projects/{project_id}/topics/{topic_id}`
(lookup(local.all.project, "budget_alert_pubsub_topic", null) == null ? {} : { budget_alert_pubsub_topic = lookup(local.all.project, "budget_alert_pubsub_topic") }),
# budget_amount - The amount to use for a budget alert
(lookup(local.all.project, "budget_amount", null) == null ? {} : { budget_amount = lookup(local.all.project, "budget_amount") }),
# budget_calendar_period - Specifies the calendar period for the budget. Possible values are MONTH, QUARTER, YEAR, CALENDAR_PERIOD_UNSPECIFIED, CUSTOM. custom_period_start_date and custom_period_end_date must be set if CUSTOM
(lookup(local.all.project, "budget_calendar_period", null) == null ? {} : { budget_calendar_period = lookup(local.all.project, "budget_calendar_period") }),
# budget_custom_period_end_date - Specifies the end date (DD-MM-YYYY) for the calendar_period CUSTOM
(lookup(local.all.project, "budget_custom_period_end_date", null) == null ? {} : { budget_custom_period_end_date = lookup(local.all.project, "budget_custom_period_end_date") }),
# budget_custom_period_start_date - Specifies the start date (DD-MM-YYYY) for the calendar_period CUSTOM
(lookup(local.all.project, "budget_custom_period_start_date", null) == null ? {} : { budget_custom_period_start_date = lookup(local.all.project, "budget_custom_period_start_date") }),
# budget_display_name - The display name of the budget. If not set defaults to `Budget For <projects[0]|All Projects>`
(lookup(local.all.project, "budget_display_name", null) == null ? {} : { budget_display_name = lookup(local.all.project, "budget_display_name") }),
# random_project_id_length - Sets the length of `random_project_id` to the provided length, and uses a `random_string` for a larger collusion domain. Recommended for use with CI.
(lookup(local.all.project, "random_project_id_length", null) == null ? {} : { random_project_id_length = lookup(local.all.project, "random_project_id_length") }),
# vpc_service_control_perimeter_name - The name of a VPC Service Control Perimeter to add the created project to
(lookup(local.all.project, "vpc_service_control_perimeter_name", null) == null ? {} : { vpc_service_control_perimeter_name = lookup(local.all.project, "vpc_service_control_perimeter_name") })
)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
terragrunt-generator-0.7.5.tar.gz
(28.3 kB
view hashes)
Built Distribution
Close
Hashes for terragrunt-generator-0.7.5.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 249c7ad1342b3cf439a951f6c104abc61a53df7db3ee30040de7f5aa0ab7a6e6 |
|
MD5 | 400a2cc0df459b5a4a5056ae1f1593a4 |
|
BLAKE2b-256 | 196c69cdb0094507ae30308690edd9520b0c3ae93b1b0e93e2d2e8a7b90b48ce |
Close
Hashes for terragrunt_generator-0.7.5-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6f9b064c117aa776433ea87f88256ab20c6fc0ab8d6353319faa5f812e4a9b69 |
|
MD5 | 0cde24ca24d6a5dc4fa5f3e6e7d2cc1c |
|
BLAKE2b-256 | cdd5b0a63082ec6ba5e651ddf0752f7c22be4ace2de6e7028552209fdd61308f |