chore: moving and updating sample_infrastructure terraform, adding sa…

…mples

.gitignore

@@ -5,6 +5,11 @@
 *.tfstate
 *.tfstate.*
 
+# tf plan files
+*.tfplan*
+*.tfplan
+**/.*tfplan*/*
+
 # Crash log files
 crash.log
 

examples/gcp_create_project/main.tf

@@ -0,0 +1,11 @@
+
+module "gcp_service_proj" {
+  source          = "../../modules/gcp_project"
+  org_id          = var.org_id
+  folder_id       = var.folder_id
+  project_id      = var.project_id
+  project_name    = var.project_id
+  billing_account = var.billing_account
+  project_owners  = var.project_owners
+  #project_editors = ["serviceAccount:[email protected]"]
+}

examples/gcp_create_project/project.auto.tfvars

@@ -0,0 +1,5 @@
+org_id          = "649153490387"
+billing_account = "01801F-9A90AB-CAFEC6"
+folder_id       = "831845457119"
+project_id      = "joe-test-proj"
+project_owners  = ["user:[email protected]"]

examples/gcp_create_project/project.auto.tfvars.back

@@ -0,0 +1,5 @@
+billing_account = "value"
+org_id          = "value"
+folder_id       = "value"
+project_id      = "value"
+project_owners  = ["user:<replace_with_user>@observeinc.com"]

examples/gcp_create_project/variables.tf

@@ -0,0 +1,24 @@
+variable "billing_account" {
+  type = string
+}
+
+variable "org_id" {
+  type        = string
+  description = "Org ID from GCP console"
+}
+
+variable "folder_id" {
+  type        = string
+  description = "GCP folder id to deploy service project"
+}
+
+
+variable "project_id" {
+  type        = string
+  description = "GCP project used as a service/collection project"
+}
+
+variable "project_owners" {
+  description = "Add the user emails of of the project owners"
+  type        = list(string)
+}

examples/gcp_observe_collection_for_folder/ephem-proj.auto.tfvars

@@ -0,0 +1,4 @@
+folder_number = "831845457119"
+region        = "us-central1"
+name_format   = "joe-test-%s"
+project_id    = "joe-test-proj"

examples/gcp_observe_collection_for_folder/ephem-proj.auto.tfvars.back

@@ -0,0 +1,4 @@
+folder_number = "12345678900"
+region        = "us-central1"
+name_format   = "service-proj-%s"
+project_id    = "service-proj-391021"

examples/gcp_observe_collection_for_folder/main.tf

@@ -0,0 +1,120 @@
+locals {
+  projects = data.google_projects.my_folder_projects.projects
+}
+
+#######################################################################
+# 
+# The Obseverve GCP Collection that creates the PubSub, Log Sinks,
+# and deploys a GCP Cloud Function used to collect Asset Information
+# 
+#######################################################################
+
+module "observe_gcp_collection" {
+  source   = "../../"
+  name     = var.name
+  resource = "projects/${var.project_id}"
+}
+
+data "google_project" "service_project" {
+  project_id = var.project_id
+}
+
+#####################################################################
+# 
+# Determines all the sibling GCP Projects inside the folder the 
+# service/collection project was deployed
+#
+#####################################################################
+
+data "google_projects" "my_folder_projects" {
+  filter = "parent.id:${data.google_project.service_project.folder_id} lifecycleState:ACTIVE"
+}
+
+###############################################################
+# 
+# This enables all the GCP API Services needed for metrics in
+# each project in the Folder the service/collection
+# Project is deployed.   
+#
+##############################################################
+
+
+module "google_project_service" {
+  for_each = {
+    for index, project in local.projects :
+    project.project_id => project if project.project_id != var.project_id
+  }
+
+  source             = "../../modules/gcp_project_services"
+  project_id         = each.value.project_id
+  services_to_enable = var.metric_services
+}
+
+
+#######################################################################################
+# 
+# This will add all sibling projects that reside in the same 
+# folder as the collection/service project as Metric Montiored Projects.
+# 
+# The result will be: Metrics for all projects flowing through the collection/service
+# project and collected with a single Observe poller.
+# 
+#######################################################################################
+
+resource "google_monitoring_monitored_project" "primary" {
+  for_each = {
+    for index, project in local.projects :
+    project.project_id => project if project.project_id != var.project_id
+  }
+  metrics_scope = var.project_id
+  name          = each.value.project_id
+}
+
+#######################################################################################
+#
+# The following would replace the steps of creating connections to GPC using Observe
+# Pollers inside "Creating the required connections to GCP" 
+# found in https://docs.observeinc.com/en/latest/content/integrations/gcp/gcp.html#id1
+# 
+# The following still requires an Observe Datastream to be created.  The simplest way
+# to accomplish this is by installing the Observe Application for GCP. 
+# 
+# NOTE: YOU NEED TO UNCOMMENT OUT THE Observe PROVIER in versions.tf to use below.
+#
+#######################################################################################
+
+# locals {
+#   workspace  = data.observe_workspace.default
+#   datastream = data.observe_datastream.gcp
+# }
+
+# data "observe_workspace" "default" {
+#   name = "Default"
+# }
+
+# data "observe_datastream" "google" {
+#   workspace = data.observe_workspace.default.oid
+#   name      = "GCP"
+# }
+
+# module "observe_gcp_metrics_poller" {
+#   workspace                        = data.observe_workspace.default
+#   datastream                       = data.observe_datastream.google
+#   source                           = "../../modules/observe_metrics_poller"
+#   project_id                       = var.project_id
+#   name_format                      = "${var.project_id}-poller-%s"
+#   service_account_private_key_json = base64decode(module.observe_gcp_collection.service_account_key.private_key)
+
+#   depends_on = [module.observe_gcp_collection]
+# }
+
+# module "pubsub_poller" {
+#   source                           = "../../modules/observe_pubsub_poller"
+#   workspace                        = local.workspace
+#   datastream                       = local.datastream
+#   name                             = format(var.name_format, "assets-logs")
+#   description                      = "terraform only poller"
+#   project                          = var.project_id
+#   service_account_private_key_json = base64decode(module.observe_gcp_collection.service_account_key.private_key)
+#   subscription                     = module.observe_gcp_collection.subscription.name
+# }

examples/gcp_observe_collection_for_folder/outputs.tf

@@ -0,0 +1,18 @@
+output "subscription" {
+  description = "The Pub/Sub subscription created by this module."
+  value       = module.observe_gcp_collection.subscription
+}
+
+output "service_account_private_key" {
+  description = "A service account key sent to the pollers for Pub/Sub and Cloud Monitoring"
+  value       = base64decode(module.observe_gcp_collection.service_account_key.private_key)
+  sensitive   = true
+}
+
+output "project_info" {
+  value = data.google_project.service_project
+}
+
+output "projects" {
+  value = data.google_projects.my_folder_projects
+}

examples/gcp_observe_collection_for_folder/provider.tf

@@ -0,0 +1,24 @@
+# locals {
+#   domain     = "observeinc.com"
+#   customer   = "126329491179"
+#   user_email = "[email protected]"
+# }
+
+# provider "aws" {
+#   region = "us-west-2"
+# }
+
+# data "aws_secretsmanager_secret" "secret" {
+#   name = format("tf-password-%s-%s", local.domain, local.customer)
+# }
+
+# data "aws_secretsmanager_secret_version" "secret" {
+#   secret_id = data.aws_secretsmanager_secret.secret.id
+# }
+
+# provider "observe" {
+#   customer      = local.customer
+#   domain        = local.domain
+#   user_email    = local.user_email
+#   user_password = data.aws_secretsmanager_secret_version.secret.secret_string
+# }

examples/gcp_observe_collection_for_folder/variables.tf

@@ -0,0 +1,45 @@
+variable "project_id" {
+  type        = string
+  description = "GCP project to deploy sample env"
+}
+
+variable "folder_number" {
+  type        = string
+  description = "GCP folder number to deploy sample env"
+}
+
+variable "datastream_name" {
+  type        = string
+  description = "GCP datastream"
+  default     = "GCP"
+}
+
+variable "region" {
+  type        = string
+  description = "GCP region to deploy sample env"
+}
+
+variable "name_format" {
+  type        = string
+  description = "Format string to use for infra names."
+}
+
+variable "metric_services" {
+  description = "Default metric service prefixes to poll"
+  type        = list(string)
+  default = [
+    "cloudfunctions.googleapis.com/",
+    "logging.googleapis.com/",
+    "iam.googleapis.com/",
+    "monitoring.googleapis.com/",
+    "pubsub.googleapis.com/",
+    "storage.googleapis.com/",
+    "cloudsql.googleapis.com/",
+    "compute.googleapis.com/",
+    "serviceruntime.googleapis.com/",
+    "loadbalancing.googleapis.com/",
+    "kubernetes.io/",
+    "redis.googleapis.com/",
+    "run.googleapis.com/"
+  ]
+}

examples/gcp_observe_collection_for_folder/versions.tf

@@ -0,0 +1,18 @@
+terraform {
+  required_providers {
+    # observe = {
+    #   source  = "terraform.observeinc.com/observeinc/observe"
+    #   version = "~> 0.13"
+    # }
+    google = {
+      source  = "hashicorp/google"
+      version = "<= 4.67.0"
+    }
+  }
+  required_version = ">= 1.3.0"
+}
+
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}

examples/gcp_project_deploy_infra_and_observe_collection/ephem-proj-collect.auto.tfvars

@@ -0,0 +1,9 @@
+region     = "us-central1"
+project_id = "project-id"
+
+observe = {
+  customer_id           = "126329491179"
+  otel_datastream_token = "ds1J8gzPachy4fscTzSD:csenknPbvhkV8WHdjVxaShMbf5HgBY6B"
+  host_datastream_token = "ds1oYxW0CSmcWk14uwsX:hUIOgRqLbLZcrCYdNSnfnkJP0TyR_F_-"
+  domain                = "observeinc.com"
+}