Skip to content

Commit

Permalink
New: add examples for data structure and module usage INPRO-358
Browse files Browse the repository at this point in the history
  • Loading branch information
jazzlyn committed May 10, 2021
1 parent ace5516 commit c7011ea
Show file tree
Hide file tree
Showing 9 changed files with 161 additions and 4 deletions.
15 changes: 15 additions & 0 deletions examples/example-gsuite-authentication/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# ---------------------------------------------------------------------------------------------------------------------
# PROVIDE CREDENTIALS TO GSUITE PROVIDER
# Credentials are stored in terraform.tfvars file.
# ---------------------------------------------------------------------------------------------------------------------

provider "gsuite" {
impersonated_user_email = var.impersonated_user_email
credentials = var.credentials
oauth_scopes = [
"https://www.googleapis.com/auth/admin.directory.group",
"https://www.googleapis.com/auth/apps.groups.settings",
"https://www.googleapis.com/auth/admin.directory.user",
"https://www.googleapis.com/auth/admin.directory.userschema",
]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
#impersonated_user_email = "[email protected]"
#credentials = "/path/to/google_credentials.json"
11 changes: 11 additions & 0 deletions examples/example-gsuite-authentication/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
variable "impersonated_user_email" {
type = string
default = null
description = "impersonated user account for GSuite domain-wide delegation"
}

variable "credentials" {
type = string
default = null
description = "links to google credentials for service account"
}
53 changes: 53 additions & 0 deletions examples/example-with-google-buckets/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
# ---------------------------------------------------------------------------------------------------------------------
# MANAGE USERS AND GROUPS IN GOOGLE WORKSPACE
# These templates show an example of how to use the terraform-gsuite-user-group-management module to manage Users and
# Groups in Google Workspace. Google Buckets are used as data source.
# ---------------------------------------------------------------------------------------------------------------------
terraform {
required_providers {
gsuite = {
source = "DeviaVir/gsuite"
version = "0.1.58"
}
google = {
source = "hashicorp/google"
version = "3.66.1"
}
}
}

# ---------------------------------------------------------------------------------------------------------------------
# ADD CREDENTIALS FOR GSUITE PROVIDER
# See example-gsuite-authentication
# ---------------------------------------------------------------------------------------------------------------------


# ---------------------------------------------------------------------------------------------------------------------
# DATA SOURCE FROM GOOGLE BUCKET
# YAML files are stored in Google Buckets with versioning enabled. Each YAML file gets its own reference. For YAML
# example files see example-yaml-files.
# ---------------------------------------------------------------------------------------------------------------------

data "google_storage_bucket_object_content" "groups" {
name = "groups.yaml"
bucket = "example-data"
}

data "google_storage_bucket_object_content" "users" {
name = "users.yaml"
bucket = "example-data"
}

# ---------------------------------------------------------------------------------------------------------------------
# GOOGLE WORKSPACE USER-GROUP MANAGEMENT MODULE
# The original Github Repo is used as source to ensure future updates. The module expects groups and users data.
# ---------------------------------------------------------------------------------------------------------------------

module "gworkspace" {
source = "[email protected]:strg-at/terraform-google-workspace-module.git"
providers = {
gsuite = gsuite
}
groups = yamldecode(data.google_storage_bucket_object_content.groups.content)
users = yamldecode(data.google_storage_bucket_object_content.users.content)
}
43 changes: 43 additions & 0 deletions examples/example-with-local-yaml-files/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
# ---------------------------------------------------------------------------------------------------------------------
# MANAGE USERS AND GROUPS IN GOOGLE WORKSPACE
# These templates show an example of how to use the terraform-gsuite-user-group-management module to manage Users and
# Groups in Google Workspace. Local YAML files are used as data source.
# ---------------------------------------------------------------------------------------------------------------------
terraform {
required_providers {
gsuite = {
source = "DeviaVir/gsuite"
version = "0.1.58"
}
}
}

# ---------------------------------------------------------------------------------------------------------------------
# ADD CREDENTIALS FOR GSUITE PROVIDER
# See example-gsuite-authentication
# ---------------------------------------------------------------------------------------------------------------------


# ---------------------------------------------------------------------------------------------------------------------
# DATA SOURCE FROM LOCAL
# YAML files are stored locally. For YAML example files see example-yaml-files.
# ---------------------------------------------------------------------------------------------------------------------

locals {
groups = yamldecode(file("${path.module}/groups.yaml"))
users = yamldecode(file("${path.module}/users.yaml"))
}

# ---------------------------------------------------------------------------------------------------------------------
# GOOGLE WORKSPACE USER-GROUP MANAGEMENT MODULE
# The original Github Repo is used as source to ensure future updates. The module expects groups and users data.
# ---------------------------------------------------------------------------------------------------------------------

module "gworkspace" {
source = "[email protected]:strg-at/terraform-google-workspace-module.git"
providers = {
gsuite = gsuite
}
groups = local.groups
users = local.users
}
17 changes: 17 additions & 0 deletions examples/example-yaml-files/groups.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# ---------------------------------------------------------------------------------------------------------------------
# GOOGLE GROUP
# ---------------------------------------------------------------------------------------------------------------------

one-group:
email: '[email protected]'
name: 'Example group'

# ---------------------------------------------------------------------------------------------------------------------
# GOOGLE GROUP WITH ANOTHER GROUP AS MEMBER
# ---------------------------------------------------------------------------------------------------------------------

another-group:
email: '[email protected]'
name: 'Another Example group'
groups:
- one-group
16 changes: 16 additions & 0 deletions examples/example-yaml-files/users.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# ---------------------------------------------------------------------------------------------------------------------
# GOOGLE USER WITH GROUP MEMBERSHIPS
# ---------------------------------------------------------------------------------------------------------------------

jane:
family_name: 'Doe'
given_name: 'Jane'
primary_email: '[email protected]'
recovery_email: '[email protected]'
recovery_phone: '+10000'
org_unit_path: /
is_suspended: false
suspension_reason: ''
role:
- group
- another-group
2 changes: 1 addition & 1 deletion main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ module "users" {
providers = {
gsuite = gsuite
}
user = each.value
user = each.value
}

module "users_to_groups" {
Expand Down
6 changes: 3 additions & 3 deletions modules/users_to_groups/users_to_groups.tf
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ terraform {
* Ressource documentation: https://registry.terraform.io/providers/DeviaVir/gsuite/latest/docs/resources/group_member
*/
resource "gsuite_group_member" "member" {
for_each = toset(var.user.roles)
group = var.groups[each.value].email
email = var.user.primary_email
for_each = toset(var.user.roles)
group = var.groups[each.value].email
email = var.user.primary_email
}

0 comments on commit c7011ea

Please sign in to comment.