mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-21 09:15:57 +00:00

Manoj Srivastava c1d0e716d9 Folder support: Assign/Reassign a google project to a folder. (#438 )

+ Make the org_id optional when creating a project. Closes #131
+ Mark org_id as computed to allow for GCP automatically assigning the org.
+ Add an acceptance test for project creation without an organization.
+ Skip TestAccGoogleProject_createWithoutOrg if GOOGLE_ORG is set.
+ Add a folder_id to the google_project resource, optionally
  specifying the ID of the GCP folder in which the GCP project should
  live.
+ Document how one can provision a project into a folder, and added a
  sample configuration to create a project into an existing folder.
* Skip test without org if service account is used
* Support folders/* or id only for the folder id field

2017-09-22 13:03:08 -05:00

5.6 KiB

Executable File

Raw Blame History

layout	page_title	sidebar_current	description
google	Google: google_project	docs-google-project-x	Allows management of a Google Cloud Platform project.

google_project

Allows creation and management of a Google Cloud Platform project.

Projects created with this resource must be associated with an Organization. See the Organization documentation for more details.

The service account used to run Terraform when creating a google_project resource must have roles/resourcemanager.projectCreator. See the Access Control for Organizations Using IAM doc for more information.

Note that prior to 0.8.5, google_project functioned like a data source, meaning any project referenced by it had to be created and managed outside Terraform. As of 0.8.5, google_project functions like any other Terraform resource, with Terraform creating and managing the project. To replicate the old behavior, either:

Use the project ID directly in whatever is referencing the project, using the google_project_iam_policy to replace the old policy_data property.
Use the import functionality to import your pre-existing project into Terraform, where it can be referenced and used just like always, keeping in mind that Terraform will attempt to undo any changes made outside Terraform.

~> It's important to note that any project resources that were added to your Terraform config prior to 0.8.5 will continue to function as they always have, and will not be managed by Terraform. Only newly added projects are affected.

Example Usage

resource "google_project" "my_project" {
  project_id = "your-project-id"
  org_id     = "1234567"
}

To create a project under a specific folder

resource "google_project" "my_project-in-a-folder" {
  project_id = "your-project-id"
  folder_id  = "${google_folder.department1.name}"
}

resource "google_folder" "department1" {
  display_name = "Department 1"
  parent     = "organizations/1234567"
}

Argument Reference

The following arguments are supported:

project_id - (Optional) The project ID. Changing this forces a new project to be created. If this attribute is not set, id must be set. As id is deprecated, consider this attribute required. If you are using project_id and creating a new project, the name attribute is also required.
id - (Deprecated) The project ID. This attribute has unexpected behaviour and probably does not work as users would expect; it has been deprecated, and will be removed in future versions of Terraform. The project_id attribute should be used instead. See below for more information about its behaviour.
org_id - (Optional) The numeric ID of the organization this project belongs to. Changing this forces a new project to be created. Only one of org_id or folder_id may be specified. If the org_id is specified then the project is created at the top level. Changing this forces the project to be migrated to the newly specified organization.
folder_id - (Optional) The numeric ID of the folder this project should be created under. Only one of org_id or folder_id may be specified. If the folder_id is specified, then the project is created under the specified folder. Changing this forces the project to be migrated to the newly specified folder.
billing_account - (Optional) The alphanumeric ID of the billing account this project belongs to. The user or service account performing this operation with Terraform must have Billing Account Administrator privileges (roles/billing.admin) in the organization. See Google Cloud Billing API Access Control for more details.
name - (Required) The display name of the project.
skip_delete - (Optional) If true, the Terraform resource can be deleted without deleting the Project via the Google API.
policy_data - (Deprecated) The IAM policy associated with the project. This argument is no longer supported, and will be removed in a future version of Terraform. It should be replaced with a google_project_iam_policy resource.
labels - (Optional) A set of key/value label pairs to assign to the project.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

number - The numeric identifier of the project.
policy_etag - (Deprecated) The etag of the project's IAM policy, used to determine if the IAM policy has changed. Please use google_project_iam_policy's etag property instead; future versions of Terraform will remove the policy_etag attribute

ID Field

In versions of Terraform prior to 0.8.5, google_project resources used an id field in config files to specify the project ID. Unfortunately, due to limitations in Terraform, this field always looked empty to Terraform. Terraform fell back on using the project the Google Cloud provider is configured with. If you're using the id field in your configurations, know that it is being ignored, and its value will always be seen as the ID of the project being used to authenticate Terraform's requests. You should move to the project_id field as soon as possible.

Import

Projects can be imported using the project_id, e.g.

$ terraform import google_project.my_project your-project-id

5.6 KiB Executable File Raw Blame History