💵 Monthly estimates based on Infracost baseline costs.
This repository builds the Terraform backend for state management. Terraform uses persisted state data to keep track of the resources it manages. Most non-trivial Terraform configurations use a backend to store state remotely. This lets multiple people access the state data and work together on that collection of infrastructure resources. This repository aligns with our Google Cloud landing zone platform design. A landing zone should be a prerequisite to deploying enterprise workloads in a cloud environment.
- Documentation: docs.osinfra.io
- Service Interfaces: github.com
Our focus is on the core fundamental practice of platform engineering, Infrastructure as Code.
Open Source Infrastructure (as Code) is a development model for infrastructure that focuses on open collaboration and applying relative lessons learned from software development practices that organizations can use internally at scale. - Open Source Infrastructure (as Code)
To avoid slowing down stream-aligned teams, we want to open up the possibility for contributions. The Open Source Infrastructure (as Code) model allows team members external to the platform team to contribute with only a slight increase in cognitive load. This section is for developers who want to contribute to this repository, describing the tools used, the skills, and the knowledge required, along with Terraform documentation.
See the documentation for setting up a development environment here.
Links to documentation and other resources required to develop and iterate in this repository successfully.
| Name | Version |
|---|---|
| 6.3.0 | |
| random | 3.6.3 |
| Name | Source | Version |
|---|---|---|
| datadog | github.com/osinfra-io/terraform-datadog-google-integration | v0.3.0 |
| project | github.com/osinfra-io/terraform-google-project | v0.4.0 |
| terraform_state_storage_bucket | github.com/osinfra-io/terraform-google-storage-bucket | v0.2.0 |
| Name | Type |
|---|---|
| google_cloud_identity_group_membership.github_actions | resource |
| google_service_account.github_actions | resource |
| google_service_account_iam_member.github_actions | resource |
| google_storage_bucket_iam_member.github_actions | resource |
| random_id.bucket | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| billing_account | The alphanumeric ID of the billing account this project belongs to | string |
"01C550-A2C86B-B8F16B" |
no |
| billing_users_group_id | The numeric ID of the billing users group | string |
"03dy6vkm4a7ag9g" |
no |
| cis_2_2_logging_sink_project_id | The CIS 2.2 logging sink benchmark project ID | string |
n/a | yes |
| datadog_api_key | Datadog API key | string |
n/a | yes |
| datadog_app_key | Datadog APP key | string |
n/a | yes |
| enable_datadog | Enable Datadog integration | bool |
false |
no |
| environment | The environment suffix for example: sb (Sandbox), nonprod (Non-Production), prod (Production) |
string |
"sb" |
no |
| folder_id | The numeric ID of the folder this project should be created under. Only one of org_id or folder_id may be specified |
string |
n/a | yes |
| workload_identity_pool_name | The workload identity pool name | string |
n/a | yes |
| Name | Description |
|---|---|
| github_actions_service_account_emails | The GitHub Actions service account emails |
| project_id | The project ID |
| project_number | The project number |
| terraform_state_storage_buckets | The Terraform state bucket names |