Merge branch 'terraform-google-modules:main' into main

Author: Green369-1

cloud_sql/mysql_instance_iam_db_auth/main.tf

@@ -0,0 +1,86 @@
+/**
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+# [START cloud_sql_mysql_instance_iam_db_auth]
+# [START cloud_sql_mysql_instance_iam_db_auth_create_instance]
+# [START cloud_sql_mysql_instance_iam_db_auth_add_users]
+resource "google_sql_database_instance" "default" {
+  name             = "mysql-db-auth-instance-name-test"
+  region           = "us-west4"
+  database_version = "MYSQL_8_0"
+  settings {
+    tier = "db-f1-micro"
+    database_flags {
+      name  = "cloudsql_iam_authentication"
+      value = "on"
+    }
+  }
+  # set `deletion_protection` to true, will ensure that one cannot accidentally
+  # delete this instance by use of Terraform whereas
+  # `deletion_protection_enabled` flag protects this instance at the GCP level.
+  deletion_protection = false
+}
+# [END cloud_sql_mysql_instance_iam_db_auth_create_instance]
+
+# Specify the email address of the IAM user to add to the instance
+# This resource does not create a new IAM user account; this account must
+# already exist
+
+resource "google_sql_user" "iam_user" {
+  name     = "[email protected]"
+  instance = google_sql_database_instance.default.name
+  type     = "CLOUD_IAM_USER"
+}
+
+# Create a new IAM service account
+
+resource "google_service_account" "default" {
+  account_id   = "cloud-sql-mysql-sa"
+  display_name = "Cloud SQL for MySQL Service Account"
+}
+
+# Specify the email address of the IAM service account to add to the instance
+
+resource "google_sql_user" "iam_service_account_user" {
+  name     = google_service_account.default.email
+  instance = google_sql_database_instance.default.name
+  type     = "CLOUD_IAM_SERVICE_ACCOUNT"
+}
+# [END cloud_sql_mysql_instance_iam_db_auth_add_users]
+
+# [START cloud_sql_mysql_instance_iam_db_grant_roles]
+data "google_project" "project" {
+}
+
+resource "google_project_iam_binding" "cloud_sql_user" {
+  project = data.google_project.project.project_id
+  role    = "roles/cloudsql.instanceUser"
+  members = [
+    "user:[email protected]",
+    "serviceAccount:${google_service_account.default.email}"
+  ]
+}
+
+resource "google_project_iam_binding" "cloud_sql_client" {
+  project = data.google_project.project.project_id
+  role    = "roles/cloudsql.client"
+  members = [
+    "user:[email protected]",
+    "serviceAccount:${google_service_account.default.email}"
+  ]
+}
+# [END cloud_sql_mysql_instance_iam_db_grant_roles]
+# [END cloud_sql_mysql_instance_iam_db_auth]

cloud_sql/mysql_instance_iam_db_auth/test.yaml

@@ -0,0 +1,20 @@
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintTest
+metadata:
+  name: mysql_instance_iam_db_auth
+spec:
+  skip: true

cloud_sql/postgres_instance_iam_db_auth/main.tf

@@ -0,0 +1,91 @@
+/**
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+# [START cloud_sql_postgres_instance_iam_db_auth]
+# [START cloud_sql_postgres_instance_iam_db_auth_create_instance]
+# [START cloud_sql_postgres_instance_iam_db_auth_add_users]
+resource "google_sql_database_instance" "default" {
+  name             = "postgres-db-auth-instance-name-test"
+  region           = "us-west4"
+  database_version = "POSTGRES_14"
+  settings {
+    tier = "db-custom-2-7680"
+    database_flags {
+      name  = "cloudsql.iam_authentication"
+      value = "on"
+    }
+  }
+  # set `deletion_protection` to true, will ensure that one cannot accidentally
+  # delete this instance by use of Terraform whereas
+  # `deletion_protection_enabled` flag protects this instance at the GCP level.
+  deletion_protection = false
+}
+# [END cloud_sql_postgres_instance_iam_db_auth_create_instance]
+
+# Specify the email address of the IAM user to add to the instance
+# This resource does not create a new IAM user account; this account must
+# already exist
+
+resource "google_sql_user" "iam_user" {
+  name     = "[email protected]"
+  instance = google_sql_database_instance.default.name
+  type     = "CLOUD_IAM_USER"
+}
+
+# Specify the email address of the IAM service account to add to the instance
+# This resource does not create a new IAM service account; this service account
+# must already exist
+
+# Create a new IAM service account
+
+resource "google_service_account" "default" {
+  account_id   = "cloud-sql-postgres-sa"
+  display_name = "Cloud SQL for Postgres Service Account"
+}
+
+resource "google_sql_user" "iam_service_account_user" {
+  # Note: for PostgreSQL only, Google Cloud requires that you omit the
+  # ".gserviceaccount.com" suffix
+  # from the service account email due to length limits on database usernames.
+  name     = trimsuffix(google_service_account.default.email, ".gserviceaccount.com")
+  instance = google_sql_database_instance.default.name
+  type     = "CLOUD_IAM_SERVICE_ACCOUNT"
+}
+# [END cloud_sql_postgres_instance_iam_db_auth_add_users]
+
+# [START cloud_sql_postgres_instance_iam_db_grant_roles]
+data "google_project" "project" {
+}
+
+resource "google_project_iam_binding" "cloud_sql_user" {
+  project = data.google_project.project.project_id
+  role    = "roles/cloudsql.instanceUser"
+  members = [
+    "user:[email protected]",
+    "serviceAccount:${google_service_account.default.email}"
+  ]
+}
+
+resource "google_project_iam_binding" "cloud_sql_client" {
+  project = data.google_project.project.project_id
+  role    = "roles/cloudsql.client"
+  members = [
+    "user:[email protected]",
+    "serviceAccount:${google_service_account.default.email}"
+  ]
+}
+# [END cloud_sql_postgres_instance_iam_db_grant_roles]
+# [END cloud_sql_postgres_instance_iam_db_auth]

cloud_sql/postgres_instance_iam_db_auth/test.yaml

@@ -0,0 +1,20 @@
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintTest
+metadata:
+  name: postgres_instance_iam_db_auth
+spec:
+  skip: true

vertex_ai/workbench/main.tf

@@ -1,5 +1,5 @@
 /**
- * Copyright 2023 Google LLC
+ * Copyright 2024 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

vertex_ai/workbench_create_metadata/main.tf

@@ -0,0 +1,34 @@
+/**
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+# [START aiplatform_workbench_create_metadata]
+resource "google_workbench_instance" "default" {
+  name     = "workbench-instance-example"
+  location = "us-central1-a"
+
+  gce_setup {
+    machine_type = "n1-standard-1"
+    vm_image {
+      project = "deeplearning-platform-release"
+      family  = "tf-latest-gpu"
+    }
+    metadata = {
+      key = "value"
+    }
+  }
+}
+# [END aiplatform_workbench_create_metadata]

vertex_ai/workbench_dataproc/main.tf

@@ -0,0 +1,34 @@
+/**
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+# [START aiplatform_workbench_create_dataproc]
+resource "google_workbench_instance" "default" {
+  name     = "workbench-instance-example"
+  location = "us-central1-a"
+
+  gce_setup {
+    machine_type = "n1-standard-1"
+    vm_image {
+      project = "deeplearning-platform-release"
+      family  = "tf-latest-gpu"
+    }
+    metadata = {
+      disable-mixer = "false"
+    }
+  }
+}
+# [END aiplatform_workbench_create_dataproc]

vertex_ai/workbench_idle_shutdown/main.tf

@@ -0,0 +1,34 @@
+/**
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+# [START aiplatform_workbench_create_idle_shutdown]
+resource "google_workbench_instance" "default" {
+  name     = "workbench-instance-example"
+  location = "us-central1-a"
+
+  gce_setup {
+    machine_type = "n1-standard-1"
+    vm_image {
+      project = "deeplearning-platform-release"
+      family  = "tf-latest-gpu"
+    }
+    metadata = {
+      idle-timeout-seconds = "10800"
+    }
+  }
+}
+# [END aiplatform_workbench_create_idle_shutdown]

vertex_ai/workbench_remove_metadata/main.tf

@@ -0,0 +1,33 @@
+/**
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+# [START aiplatform_workbench_deleted_metadata]
+resource "google_workbench_instance" "default" {
+  name     = "workbench-instance-example"
+  location = "us-central1-a"
+
+  gce_setup {
+    machine_type = "n1-standard-1"
+    vm_image {
+      project = "deeplearning-platform-release"
+      family  = "tf-latest-gpu"
+    }
+    metadata = {
+    }
+  }
+}
+# [END aiplatform_workbench_deleted_metadata]