4.5 KiB
Executable File
layout | page_title | sidebar_current | description |
---|---|---|---|
Google: google_project | docs-google-project-x | Allows management of a Google Cloud Platform project. |
google_project
Allows creation and management of a Google Cloud Platform project.
Projects created with this resource must be associated with an Organization. See the Organization documentation for more details.
The service account used to run Terraform when creating a google_project
resource must have roles/resourcemanager.projectCreator
. See the
Access Control for Organizations Using IAM
doc for more information.
Note that prior to 0.8.5, google_project
functioned like a data source,
meaning any project referenced by it had to be created and managed outside
Terraform. As of 0.8.5, google_project
functions like any other Terraform
resource, with Terraform creating and managing the project. To replicate the old
behavior, either:
- Use the project ID directly in whatever is referencing the project, using the
google_project_iam_policy
to replace the old
policy_data
property. - Use the import functionality to import your pre-existing project into Terraform, where it can be referenced and used just like always, keeping in mind that Terraform will attempt to undo any changes made outside Terraform.
~> It's important to note that any project resources that were added to your Terraform config prior to 0.8.5 will continue to function as they always have, and will not be managed by Terraform. Only newly added projects are affected.
Example Usage
resource "google_project" "my_project" {
name = "My Project"
project_id = "your-project-id"
org_id = "1234567"
}
To create a project under a specific folder
resource "google_project" "my_project-in-a-folder" {
name = "My Project"
project_id = "your-project-id"
folder_id = "${google_folder.department1.name}"
}
resource "google_folder" "department1" {
display_name = "Department 1"
parent = "organizations/1234567"
}
Argument Reference
The following arguments are supported:
-
name
- (Required) The display name of the project. -
project_id
- (Required) The project ID. Changing this forces a new project to be created. -
org_id
- (Optional) The numeric ID of the organization this project belongs to. Changing this forces a new project to be created. Only one oforg_id
orfolder_id
may be specified. If theorg_id
is specified then the project is created at the top level. Changing this forces the project to be migrated to the newly specified organization. -
folder_id
- (Optional) The numeric ID of the folder this project should be created under. Only one oforg_id
orfolder_id
may be specified. If thefolder_id
is specified, then the project is created under the specified folder. Changing this forces the project to be migrated to the newly specified folder. -
billing_account
- (Optional) The alphanumeric ID of the billing account this project belongs to. The user or service account performing this operation with Terraform must have Billing Account Administrator privileges (roles/billing.admin
) in the organization. See Google Cloud Billing API Access Control for more details. -
skip_delete
- (Optional) If true, the Terraform resource can be deleted without deleting the Project via the Google API. -
policy_data
- (Deprecated) The IAM policy associated with the project. This argument is no longer supported, and will be removed in a future version of Terraform. It should be replaced with agoogle_project_iam_policy
resource. -
labels
- (Optional) A set of key/value label pairs to assign to the project.
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
-
number
- The numeric identifier of the project. -
policy_etag
- (Deprecated) The etag of the project's IAM policy, used to determine if the IAM policy has changed. Please usegoogle_project_iam_policy
'setag
property instead; future versions of Terraform will remove thepolicy_etag
attribute
Import
Projects can be imported using the project_id
, e.g.
$ terraform import google_project.my_project your-project-id