Terraform code for deploying the compute resources needed to run dragondrop.cloud within your Google Cloud environment.
Cloud architecture diagram of the infrastructure created by this module.
Name | Type | Purpose |
---|---|---|
cloud_concierge_cloud_run_job_name | string | Name of the Cloud Run Job created by the Module which hosts the OSS cloud-concierge container. |
gcs_state_bucket | string | Optional name of the GCS storage bucket used for storing Terraform state backend files read by the cloud-concierge container. |
https_trigger_cloud_run_service_name | string | Name of the Cloud Run Service created by the Module which serves as an HTTPS endpoint. |
project | string | GCP project into which resources should be deployed. |
region | string | GCP region into which resources should be deployed. |
This module defines the compute resources needed to run dragondrop within your own GCP environment.
It defines a Cloud Run Service that can evoke the longer running dragondrop engine living in a provisioned Cloud Run Job.
The url for this Cloud Run Service is output and should be passed to a dragondrop Job definition as that Job's "HTTPS Url".
The Cloud Run Job hosts the cloud-concierge container. All environment variables are set by the dragondrop platform, except for a VCS personal access token stored in Google Secrets manager and an optional Terraform Cloud organization token.
This module creates two IAM roles.
-
"dragondrop HTTPS Trigger Role" which has the minimum permissions needed to evoke only the Cloud Run Job hosting the cloud-concierge container. This role is assigned to a new service account used by the created Cloud Run Service.
-
"cloud-concierge-execution-role" is granted Secret Accessor privileges on only the secrets referenced by the Cloud Run Job as environment variables, read-only access to the cloud environment, and optionally, read-only access to the GCS bucket used for Terraform state management. This role is used by the Cloud Run Job that hosts the cloud-concierge container.
dragondrop.cloud is a provider of IAC automation solutions, of which the flagship is the OSS cloud-concierge container. For more information or to schedule a demo, please visit our website.
A Module is a reusable, best-practices definition for the deployment of cloud infrastructure. A Module is written using Terraform and includes documentation, and examples. It is maintained both by the open source community and companies that provide commercial support.
If you notice a problem or would like some additional functionality, please open a detailed issue describing the problem or open a pull request.
Please see LICENSE for details on this module's license.
Copyright © 2023 dragondrop.cloud, Inc.