-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
98 lines (78 loc) · 2.91 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
terraform {
# Requiring Providers
# https://www.terraform.io/language/providers/requirements#requiring-providers
required_providers {
# Datadog Provider
# https://registry.terraform.io/providers/DataDog/datadog/latest/docs
datadog = {
source = "datadog/datadog"
}
# Google Cloud Platform Provider
# https://registry.terraform.io/providers/hashicorp/google/latest/docs
google = {
source = "hashicorp/google"
}
}
}
provider "datadog" {
api_key = var.datadog_api_key
app_key = var.datadog_app_key
}
# Datadog Google Cloud Platform Integration Module (osinfra.io)
# https://github.com/osinfra-io/terraform-datadog-google-integration
module "datadog" {
source = "github.com/osinfra-io/terraform-datadog-google-integration?ref=v0.3.0"
count = var.datadog_enable ? 1 : 0
api_key = var.datadog_api_key
is_cspm_enabled = true
is_security_command_center_enabled = true
labels = local.labels
project = module.project.id
}
# Google Project Module (osinfra.io)
# https://github.com/osinfra-io/terraform-google-project
module "project" {
source = "github.com/osinfra-io/terraform-google-project?ref=v0.4.3"
billing_account = var.project_billing_account
cis_2_2_logging_sink_project_id = var.project_cis_2_2_logging_sink_project_id
description = "k8s"
environment = local.env
folder_id = var.project_folder_id
labels = local.labels
monthly_budget_amount = var.project_monthly_budget_amount
prefix = "plt"
services = [
"billingbudgets.googleapis.com",
"certificatemanager.googleapis.com",
"cloudasset.googleapis.com",
"cloudbilling.googleapis.com",
"cloudkms.googleapis.com",
"cloudresourcemanager.googleapis.com",
"compute.googleapis.com",
"container.googleapis.com",
"dns.googleapis.com",
"gkehub.googleapis.com",
"iam.googleapis.com",
"monitoring.googleapis.com",
"multiclusteringress.googleapis.com",
"multiclusterservicediscovery.googleapis.com",
"servicenetworking.googleapis.com",
"serviceusage.googleapis.com",
"trafficdirector.googleapis.com"
]
}
# Google Kubernetes Engine Module (osinfra.io)
# https://github.com/osinfra-io/terraform-google-kubernetes-engine
module "kubernetes_engine" {
source = "github.com/osinfra-io/terraform-google-kubernetes-engine?ref=v0.1.8"
namespaces = var.kubernetes_engine_namespaces
project = module.project.id
}
# Kubernetes Istio Module (osinfra.io)
# https://github.com/osinfra-io/terraform-kubernetes-istio
module "kubernetes_istio" {
source = "github.com/osinfra-io/terraform-kubernetes-istio?ref=v0.1.4"
gateway_dns = var.kubernetes_istio_gateway_dns
labels = local.labels
project = module.project.id
}