A Terramate module used to generate Terraform modules for Google Cloud IAM for different services on Google Cloud Services (GCP).
This module is part of our Infrastructure as Code (IaC) framework that enables our users and customers to easily deploy and manage reusable, secure, and production-grade cloud infrastructure.
- google_cloud_run_v2_job_iam
- google_cloud_run_v2_service_iam
- google_dns_managed_zone_iam
- google_artifact_registry_repository_iam
- google_cloud_run_service_iam
- google_cloud_tasks_queue_iam
- Create a new Terramate stack under
modules/{provider}Example:terramate create --no-generate modules/google/google_storage_bucket_iamThe stack folder name must match the Terraform resource name with the_iamsuffix attached to it. - Edit the file
stack.tm.hclto match the following template:
stack {
name = "google_storage_bucket_iam"
description = "Google Storage Bucket IAM Terraform Module"
id = "randomly_generated_do_not_edit"
}
globals {
is_regional = true
region_attribute = "location"
resource_parent = {
variable = "bucket" # Refer to the terraform provider documentation to get this attribute
resource_name = "google_storage_bucket"
description = "Name of Storage Bucket resource the IAM is applied to"
}
documentation = {
service_name = "Google Storage Bucket"
google_docs_url = "https://cloud.google.com/storage/docs/access-control/iam-roles"
provider_docs_url = "https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam"
example_role = "storage.admin"
}
}- Generate code:
terramate fmtterramate generatepre-commit run -a(this command may need to be run twice, validate once all output is green)