Skip to content

Add Terraform configuration and IAM management scripts for GCP project #35701

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add Terraform configuration and IAM management scripts for GCP project #35701

wants to merge 3 commits into from
+1,064 −0

Conversation

ksobrenat32
Copy link
Contributor

The idea is to setup the users and permissions for the GCP project using Terraform, allowing for easier management and automation of the infrastructure. This commit includes the following files:

  • infra/.terraform.lock.hcl: Lock file for Terraform dependencies.
  • infra/README.md: Documentation for the Terraform setup.
  • infra/config.auto.tfvars: Configuration variables for the Terraform project.
  • infra/generate.py: Python script to generate user configurations based on current users. This should be ran before migration to ensure having the latest roles version.
  • infra/main.tf: Main Terraform configuration file for the GCP project.
  • infra/requirements.txt: Python dependencies for the generate.py script.
  • infra/users.tf: Terraform configuration for managing GCP users.

Related as part 1 of the PR # #35107
Next steps are:

  • Create the gcp bucket to store terraform state and initialize it.
  • Add GA workflow to run when users.yml suffers changes to update the gcp roles
  • implement custom roles.

@ksobrenat32
Add Terraform configuration and IAM management scripts for GCP project
1790042 
The idea is to setup the users and permissions for the GCP project using
Terraform, allowing for easier management and automation of the infrastructure.
This commit includes the following files:
- `infra/.terraform.lock.hcl`: Lock file for Terraform dependencies.
- `infra/README.md`: Documentation for the Terraform setup.
- `infra/config.auto.tfvars`: Configuration variables for the Terraform project.
- `infra/generate.py`: Python script to generate user configurations based on current users.
- `infra/main.tf`: Main Terraform configuration file for the GCP project.
- `infra/requirements.txt`: Python dependencies for the `generate.py` script.
- `infra/users.tf`: Terraform configuration for managing GCP users.
@gemini-code-assist Gemini Code Assist
Copy link
Contributor

Important

Installation incomplete: to start using Gemini Code Assist, please ask the organization owner(s) to visit the Gemini Code Assist Admin Console and sign the Terms of Services.

@ksobrenat32 ksobrenat32 mentioned this pull request Jul 25, 2025
Open
@ksobrenat32
Copy link
Contributor Author

This is being tested on a personal GCP project with the ID testing-me-460223, feel free to review the permissions over here

I have added the following emails as project owners:

@github-actions GitHub Actions
Copy link
Contributor

Assigning reviewers:

R: @shunping added as fallback since no labels match configuration

Note: If you would like to opt out of this review, comment assign to next reviewer.

Available commands:

  • stop reviewer notifications - opt out of the automated review tooling
  • remind me after tests pass - tag the comment author after tests pass
  • waiting on author - shift the attention set back to the author (any comment or push by the author will return the attention set to the reviewers)

The PR bot will only process comments in the main thread (not review comments).

@github-actions github-actions bot added build and removed build labels Jul 26, 2025
@shunping
Copy link
Collaborator

shunping commented Jul 28, 2025
edited
Loading

I don't have context of this. @damccorm could you please help find a reviewer for this PR?

damccorm
damccorm reviewed Jul 29, 2025
View reviewed changes
Copy link
Contributor

@damccorm damccorm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks - I'll defer to @pabloem but this seems like a good starting point to me and I'm comfortable moving forward here

@pabloem
Copy link
Member

pabloem commented Jul 29, 2025

thanks @damccorm - LGTM pending Danny's comment.

@github-actions github-actions bot added build and removed build labels Jul 29, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@damccorm damccorm damccorm left review comments

Assignees
No one assigned
Labels
Next Action: Reviewers
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ksobrenat32 @shunping @pabloem @damccorm