From 89714abb2e80afada3b2a2b832900344c8f88d80 Mon Sep 17 00:00:00 2001 From: Nathan Parraga Thiesen Date: Wed, 23 Mar 2022 13:21:13 +0100 Subject: [PATCH 1/8] feat: add support for `folder` and `organization` sinks --- main.tf | 84 ++++++++++++++++++++++++++++++++++++++++++++++++---- variables.tf | 32 +++++++++++++++++++- 2 files changed, 110 insertions(+), 6 deletions(-) diff --git a/main.tf b/main.tf index 0ecc7df..677f9ef 100644 --- a/main.tf +++ b/main.tf @@ -5,15 +5,17 @@ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ resource "google_logging_project_sink" "sink" { - count = var.module_enabled ? 1 : 0 + count = (var.project != null) || (var.folder == null && var.organization == null) ? 1 : 0 + + project = var.project name = var.name destination = var.destination - filter = var.filter - description = var.description - disabled = var.disabled - project = var.project + filter = var.filter + description = var.description + disabled = var.disabled + unique_writer_identity = var.unique_writer_identity dynamic "bigquery_options" { @@ -37,3 +39,75 @@ resource "google_logging_project_sink" "sink" { depends_on = [var.module_depends_on] } + +resource "google_logging_organization_sink" "sink" { + count = var.organization != null ? 1 : 0 + + org_id = var.organization + + name = var.name + destination = var.destination + + filter = var.filter + description = var.description + disabled = var.disabled + + include_children = var.include_org_children + + dynamic "bigquery_options" { + for_each = var.use_partitioned_tables != null ? [1] : [] + + content { + use_partitioned_tables = var.use_partitioned_tables + } + } + + dynamic "exclusions" { + for_each = var.exclusions + iterator = exclusion + + content { + name = exclusion.value.name + filter = exclusion.value.filter + description = try(exclusion.value.description, null) + } + } + + depends_on = [var.module_depends_on] +} + +resource "google_logging_folder_sink" "sink" { + count = var.folder != null ? 1 : 0 + + folder = var.folder + + name = var.name + destination = var.destination + + filter = var.filter + description = var.description + disabled = var.disabled + + include_children = var.include_folder_children + + dynamic "bigquery_options" { + for_each = var.use_partitioned_tables != null ? [1] : [] + + content { + use_partitioned_tables = var.use_partitioned_tables + } + } + + dynamic "exclusions" { + for_each = var.exclusions + iterator = exclusion + + content { + name = exclusion.value.name + filter = exclusion.value.filter + description = try(exclusion.value.description, null) + } + } + + depends_on = [var.module_depends_on] +} diff --git a/variables.tf b/variables.tf index dda067e..00f958e 100644 --- a/variables.tf +++ b/variables.tf @@ -48,9 +48,11 @@ variable "disabled" { default = null } +# PROJECT + variable "project" { type = string - description = "(Optional) The ID of the project to create the sink in. If omitted, the project associated with the provider is used." + description = "(Optional) The ID of the project to create the sink in. If omitted and either `var.organization` or `var.folder` are present, no project logging sink is created. If omitted and both `var.organization` and `var.folder` are omitted, the project associated with the provider is used." default = null } @@ -66,6 +68,34 @@ variable "unique_writer_identity" { default = null } +# ORGANIZATION + +variable "organization" { + type = string + description = "(Optional) The ID of the organization to create the sink in. If omitted, no organization logging sink is created." + default = null +} + +variable "include_org_children" { + type = bool + description = "(Optional) Whether or not to include children organizations in the sink export. If true, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included." + default = null +} + +# FOLDER + +variable "folder" { + type = string + description = "(Optional) The ID of the folder to create the sink in. If omitted, no folder logging sink is created." + default = null +} + +variable "include_folder_children" { + type = bool + description = "(Optional) Whether or not to include children organizations in the sink export. If true, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included." + default = null +} + # TODO: is this a good way for dealing with `bigquery_options` attribute? variable "use_partitioned_tables" { type = bool From 9b1c61ca260c965f6e5ff6203f04c28bdd027177 Mon Sep 17 00:00:00 2001 From: Nathan Parraga Thiesen Date: Wed, 23 Mar 2022 15:34:52 +0100 Subject: [PATCH 2/8] feat: add logic to selectively create sinks based on project, folder and org inputs --- main.tf | 26 ++++++++++++++++---------- outputs.tf | 13 +++++++++++-- variables.tf | 16 ++++++++-------- 3 files changed, 35 insertions(+), 20 deletions(-) diff --git a/main.tf b/main.tf index 677f9ef..4c80e61 100644 --- a/main.tf +++ b/main.tf @@ -4,8 +4,14 @@ # We might add more than one line for additional information # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -resource "google_logging_project_sink" "sink" { - count = (var.project != null) || (var.folder == null && var.organization == null) ? 1 : 0 +locals { + create_project_sink = (var.project != null) || (var.folder == null && var.organization == null) + create_folder_sink = var.folder != null && !local.create_project_sink + create_organization_sink = var.organization != null && !(local.create_folder_sink || local.create_project_sink) +} + +resource "google_logging_project_sink" "project_sink" { + count = local.create_project_sink ? 1 : 0 project = var.project @@ -40,10 +46,10 @@ resource "google_logging_project_sink" "sink" { depends_on = [var.module_depends_on] } -resource "google_logging_organization_sink" "sink" { - count = var.organization != null ? 1 : 0 +resource "google_logging_folder_sink" "folder_sink" { + count = local.create_folder_sink ? 1 : 0 - org_id = var.organization + folder = var.folder name = var.name destination = var.destination @@ -52,7 +58,7 @@ resource "google_logging_organization_sink" "sink" { description = var.description disabled = var.disabled - include_children = var.include_org_children + include_children = var.include_folder_children dynamic "bigquery_options" { for_each = var.use_partitioned_tables != null ? [1] : [] @@ -76,10 +82,10 @@ resource "google_logging_organization_sink" "sink" { depends_on = [var.module_depends_on] } -resource "google_logging_folder_sink" "sink" { - count = var.folder != null ? 1 : 0 +resource "google_logging_organization_sink" "organization_sink" { + count = local.create_organization_sink ? 1 : 0 - folder = var.folder + org_id = var.organization name = var.name destination = var.destination @@ -88,7 +94,7 @@ resource "google_logging_folder_sink" "sink" { description = var.description disabled = var.disabled - include_children = var.include_folder_children + include_children = var.include_org_children dynamic "bigquery_options" { for_each = var.use_partitioned_tables != null ? [1] : [] diff --git a/outputs.tf b/outputs.tf index 940de94..37c5d21 100644 --- a/outputs.tf +++ b/outputs.tf @@ -2,11 +2,20 @@ # OUTPUT CALCULATED VARIABLES (prefer full objects) # ---------------------------------------------------------------------------------------------------------------------- -output "sink" { +output "project_sink" { description = "All attributes of the created `google_logging_project_sink` resource." - value = try(google_logging_project_sink.sink[0], null) + value = try(google_logging_project_sink.project_sink[0], null) } +output "folder_sink" { + description = "All attributes of the created `google_logging_folder_sink` resource." + value = try(google_logging_folder_sink.folder_sink[0], null) +} + +output "organization_sink" { + description = "All attributes of the created `google_logging_organization_sink` resource." + value = try(google_logging_organization_sink.organization_sink[0], null) +} # ---------------------------------------------------------------------------------------------------------------------- # OUTPUT ALL RESOURCES AS FULL OBJECTS diff --git a/variables.tf b/variables.tf index 00f958e..e9725bb 100644 --- a/variables.tf +++ b/variables.tf @@ -68,29 +68,29 @@ variable "unique_writer_identity" { default = null } -# ORGANIZATION +# FOLDER -variable "organization" { +variable "folder" { type = string - description = "(Optional) The ID of the organization to create the sink in. If omitted, no organization logging sink is created." + description = "(Optional) The ID of the folder to create the sink in. If omitted, no folder logging sink is created. If provided along with `var.project`, only the project logging sink is created." default = null } -variable "include_org_children" { +variable "include_folder_children" { type = bool description = "(Optional) Whether or not to include children organizations in the sink export. If true, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included." default = null } -# FOLDER +# ORGANIZATION -variable "folder" { +variable "organization" { type = string - description = "(Optional) The ID of the folder to create the sink in. If omitted, no folder logging sink is created." + description = "(Optional) The ID of the organization to create the sink in. If omitted, no organization logging sink is created. If provided along with `var.project`, only the project logging sink is created. If provided along with `var.folder`, the folder logging sink is created instead." default = null } -variable "include_folder_children" { +variable "include_org_children" { type = bool description = "(Optional) Whether or not to include children organizations in the sink export. If true, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included." default = null From d85e9c301d1f942456bdd2fa6ff11b0d807e1c56 Mon Sep 17 00:00:00 2001 From: Nathan Parraga Thiesen Date: Wed, 23 Mar 2022 16:29:21 +0100 Subject: [PATCH 3/8] doc: update documentation --- README.md | 46 ++++++++++++++++++++++++++++++++++++---- README.tfdoc.hcl | 55 ++++++++++++++++++++++++++++++++++++++++++++---- variables.tf | 2 +- 3 files changed, 94 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index a53f4b2..65f9ac5 100644 --- a/README.md +++ b/README.md @@ -47,9 +47,9 @@ Most common usage of the module: ```hcl module "terraform-google-logging-sink" { - source = "git@github.com:mineiros-io/terraform-google-logging-sink.git?ref=v0.0.1" + source = "git@github.com:mineiros-io/terraform-google-logging-sink.git?ref=v0.0.1" - name = "my-pubsub-instance-sink" + name = "my-pubsub-instance-sink" destination = "pubsub.googleapis.com/projects/my-project/topics/instance-activity" } ``` @@ -96,7 +96,9 @@ See [variables.tf] and [examples/] for details and use-cases. The ID of the project to create the sink in. - If omitted, the project associated with the provider is used. + If omitted and either `var.organization` or `var.folder` are present, no project logging sink is created. + + If omitted and both `var.organization` and `var.folder` are omitted, the project associated with the provider is used. - [**`unique_writer_identity`**](#var-unique_writer_identity): *(Optional `bool`)* @@ -106,7 +108,43 @@ See [variables.tf] and [examples/] for details and use-cases. If `true`, then a unique service account is created and used for this sink. If you wish to publish logs across projects or utilize `bigquery_options`, you must set `unique_writer_identity` to true. - Default is `false`. + Default is `null`. + +- [**`folder`**](#var-folder): *(Optional `string`)* + + The ID of the folder to create the sink in. + + If omitted, no folder logging sink is created. + + If provided along with `var.project`, only the project logging sink is created. + + Default is `null`. + +- [**`include_folder_children`**](#var-include_folder_children): *(Optional `bool`)* + + Whether or not to include children folders in the sink export. + + If `true`, logs associated with child folders are also exported; otherwise only logs relating to the provided folder are included. + + Default is `null`. + +- [**`organization`**](#var-organization): *(Optional `string`)* + + The ID of the organization to create the sink in. + + If omitted, no organization logging sink is created. + + If provided along with `var.project`, only the project logging sink is created. + + If provided along with `var.folder`, the folder logging sink is created instead. + + Default is `null`. + +- [**`include_org_children`**](#var-include_org_children): *(Optional `bool`)* + + Whether or not to include children organizations in the sink export. + + If `true`, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included. - [**`use_partitioned_tables`**](#var-use_partitioned_tables): *(Optional `bool`)* diff --git a/README.tfdoc.hcl b/README.tfdoc.hcl index 92dd562..51d4e3a 100644 --- a/README.tfdoc.hcl +++ b/README.tfdoc.hcl @@ -63,9 +63,9 @@ section { ```hcl module "terraform-google-logging-sink" { - source = "git@github.com:mineiros-io/terraform-google-logging-sink.git?ref=v0.0.1" + source = "git@github.com:mineiros-io/terraform-google-logging-sink.git?ref=v0.0.1" - name = "my-pubsub-instance-sink" + name = "my-pubsub-instance-sink" destination = "pubsub.googleapis.com/projects/my-project/topics/instance-activity" } ``` @@ -129,7 +129,9 @@ section { description = <<-END The ID of the project to create the sink in. - If omitted, the project associated with the provider is used. + If omitted and either `var.organization` or `var.folder` are present, no project logging sink is created. + + If omitted and both `var.organization` and `var.folder` are omitted, the project associated with the provider is used. END } @@ -142,7 +144,52 @@ section { If `true`, then a unique service account is created and used for this sink. If you wish to publish logs across projects or utilize `bigquery_options`, you must set `unique_writer_identity` to true. END - default = false + default = null + } + + variable "folder" { + type = string + description = <<-END + The ID of the folder to create the sink in. + + If omitted, no folder logging sink is created. + + If provided along with `var.project`, only the project logging sink is created. + END + default = null + } + + variable "include_folder_children" { + type = bool + description = <<-END + Whether or not to include children folders in the sink export. + + If `true`, logs associated with child folders are also exported; otherwise only logs relating to the provided folder are included. + END + default = null + } + + variable "organization" { + type = string + description = <<-END + The ID of the organization to create the sink in. + + If omitted, no organization logging sink is created. + + If provided along with `var.project`, only the project logging sink is created. + + If provided along with `var.folder`, the folder logging sink is created instead. + END + default = null + } + + variable "include_org_children" { + type = bool + description = <<-END + Whether or not to include children organizations in the sink export. + + If `true`, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included. + END } # TODO: remove if we decide to go with `var.use_partitioned_tables` instead diff --git a/variables.tf b/variables.tf index e9725bb..7477a3b 100644 --- a/variables.tf +++ b/variables.tf @@ -78,7 +78,7 @@ variable "folder" { variable "include_folder_children" { type = bool - description = "(Optional) Whether or not to include children organizations in the sink export. If true, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included." + description = "(Optional) Whether or not to include children folders in the sink export. If true, logs associated with child projects are also exported; otherwise only logs relating to the provided folder are included." default = null } From 3529fb7304f030ea43953470d4395ead5966da30 Mon Sep 17 00:00:00 2001 From: Nathan Thiesen Date: Thu, 24 Mar 2022 11:09:48 +0100 Subject: [PATCH 4/8] feat: generalize `include_children` to work with folders and organizations Co-authored-by: Marius Tolzmann --- main.tf | 4 ++-- variables.tf | 42 ++++++++++++++++++------------------------ 2 files changed, 20 insertions(+), 26 deletions(-) diff --git a/main.tf b/main.tf index 4c80e61..377cd32 100644 --- a/main.tf +++ b/main.tf @@ -5,9 +5,9 @@ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ locals { - create_project_sink = (var.project != null) || (var.folder == null && var.organization == null) + create_project_sink = var.folder == null && var.organization == null create_folder_sink = var.folder != null && !local.create_project_sink - create_organization_sink = var.organization != null && !(local.create_folder_sink || local.create_project_sink) + create_organization_sink = var.organization != null && var.folder == null && var.project == null } resource "google_logging_project_sink" "project_sink" { diff --git a/variables.tf b/variables.tf index 7477a3b..4dfdf29 100644 --- a/variables.tf +++ b/variables.tf @@ -68,31 +68,9 @@ variable "unique_writer_identity" { default = null } -# FOLDER - -variable "folder" { - type = string - description = "(Optional) The ID of the folder to create the sink in. If omitted, no folder logging sink is created. If provided along with `var.project`, only the project logging sink is created." - default = null -} - -variable "include_folder_children" { - type = bool - description = "(Optional) Whether or not to include children folders in the sink export. If true, logs associated with child projects are also exported; otherwise only logs relating to the provided folder are included." - default = null -} - -# ORGANIZATION - -variable "organization" { - type = string - description = "(Optional) The ID of the organization to create the sink in. If omitted, no organization logging sink is created. If provided along with `var.project`, only the project logging sink is created. If provided along with `var.folder`, the folder logging sink is created instead." - default = null -} - -variable "include_org_children" { +variable "include_children" { type = bool - description = "(Optional) Whether or not to include children organizations in the sink export. If true, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included." + description = "(Optional) Whether or not to include child projects in the sink export. If true, logs associated with child projects are also exported; otherwise only logs relating to the provided folder or organization are included." default = null } @@ -131,6 +109,22 @@ variable "exclusions" { default = [] } +# FOLDER + +variable "folder" { + type = string + description = "(Optional) The ID of the folder to create the sink in. Ignored if `var.project` is also set." + default = null +} + + +# ORGANIZATION + +variable "organization" { + type = string + description = "(Optional) The ID of the organization to create the sink in. Ignored if `var.project` or `var.folder` are also set." + default = null +} # ---------------------------------------------------------------------------------------------------------------------- # MODULE CONFIGURATION PARAMETERS From 7f7fa4954d3336c1f548c96847fdf6f55fda6341 Mon Sep 17 00:00:00 2001 From: Nathan Parraga Thiesen Date: Thu, 24 Mar 2022 11:56:44 +0100 Subject: [PATCH 5/8] doc: update docs --- README.md | 66 +++++++++++++++----------------- README.tfdoc.hcl | 98 +++++++++++++++++++----------------------------- 2 files changed, 68 insertions(+), 96 deletions(-) diff --git a/README.md b/README.md index 65f9ac5..e3ea63d 100644 --- a/README.md +++ b/README.md @@ -110,42 +110,6 @@ See [variables.tf] and [examples/] for details and use-cases. Default is `null`. -- [**`folder`**](#var-folder): *(Optional `string`)* - - The ID of the folder to create the sink in. - - If omitted, no folder logging sink is created. - - If provided along with `var.project`, only the project logging sink is created. - - Default is `null`. - -- [**`include_folder_children`**](#var-include_folder_children): *(Optional `bool`)* - - Whether or not to include children folders in the sink export. - - If `true`, logs associated with child folders are also exported; otherwise only logs relating to the provided folder are included. - - Default is `null`. - -- [**`organization`**](#var-organization): *(Optional `string`)* - - The ID of the organization to create the sink in. - - If omitted, no organization logging sink is created. - - If provided along with `var.project`, only the project logging sink is created. - - If provided along with `var.folder`, the folder logging sink is created instead. - - Default is `null`. - -- [**`include_org_children`**](#var-include_org_children): *(Optional `bool`)* - - Whether or not to include children organizations in the sink export. - - If `true`, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included. - - [**`use_partitioned_tables`**](#var-use_partitioned_tables): *(Optional `bool`)* Whether to use [BigQuery's partition tables](https://cloud.google.com/bigquery/docs/partitioned-tables). @@ -186,6 +150,36 @@ See [variables.tf] and [examples/] for details and use-cases. If set to `true`, then this exclusion is disabled and it does not exclude any log entries. +- [**`folder`**](#var-folder): *(Optional `string`)* + + The ID of the folder to create the sink in. + + If omitted, no folder logging sink is created. + + If provided along with `var.project`, only the project logging sink is created. + + Default is `null`. + +- [**`organization`**](#var-organization): *(Optional `string`)* + + The ID of the organization to create the sink in. + + If omitted, no organization logging sink is created. + + If provided along with `var.project`, only the project logging sink is created. + + If provided along with `var.folder`, the folder logging sink is created instead. + + Default is `null`. + +- [**`include_children`**](#var-include_children): *(Optional `bool`)* + + Whether or not to include child projects in the sink export. + + If `true`, logs associated with child projects are also exported; otherwise only logs relating to the provided folder or organization are included. + + Default is `null`. + ### Module Configuration - [**`module_enabled`**](#var-module_enabled): *(Optional `bool`)* diff --git a/README.tfdoc.hcl b/README.tfdoc.hcl index 51d4e3a..7104a93 100644 --- a/README.tfdoc.hcl +++ b/README.tfdoc.hcl @@ -147,66 +147,6 @@ section { default = null } - variable "folder" { - type = string - description = <<-END - The ID of the folder to create the sink in. - - If omitted, no folder logging sink is created. - - If provided along with `var.project`, only the project logging sink is created. - END - default = null - } - - variable "include_folder_children" { - type = bool - description = <<-END - Whether or not to include children folders in the sink export. - - If `true`, logs associated with child folders are also exported; otherwise only logs relating to the provided folder are included. - END - default = null - } - - variable "organization" { - type = string - description = <<-END - The ID of the organization to create the sink in. - - If omitted, no organization logging sink is created. - - If provided along with `var.project`, only the project logging sink is created. - - If provided along with `var.folder`, the folder logging sink is created instead. - END - default = null - } - - variable "include_org_children" { - type = bool - description = <<-END - Whether or not to include children organizations in the sink export. - - If `true`, logs associated with child projects are also exported; otherwise only logs relating to the provided organization are included. - END - } - - # TODO: remove if we decide to go with `var.use_partitioned_tables` instead - # variable "bigquery_options" { - # type = object(option) - # description = "Options that affect sinks exporting data to BigQuery." - - # attribute "use_partitioned_tables" { - # required = true - # type = bool - # description = <<-END - # Whether to use [BigQuery's partition tables](https://cloud.google.com/bigquery/docs/partitioned-tables). - - # By default, Logging creates dated tables based on the log entries' timestamps, e.g. syslog_20170523. With partitioned tables the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables) has to be used instead. In both cases, tables are sharded based on UTC timezone. - # END - # } - # } variable "use_partitioned_tables" { type = bool description = <<-END @@ -256,6 +196,44 @@ section { } } } + + variable "folder" { + type = string + description = <<-END + The ID of the folder to create the sink in. + + If omitted, no folder logging sink is created. + + If provided along with `var.project`, only the project logging sink is created. + END + default = null + } + + variable "organization" { + type = string + description = <<-END + The ID of the organization to create the sink in. + + If omitted, no organization logging sink is created. + + If provided along with `var.project`, only the project logging sink is created. + + If provided along with `var.folder`, the folder logging sink is created instead. + END + default = null + } + + + + variable "include_children" { + type = bool + description = <<-END + Whether or not to include child projects in the sink export. + + If `true`, logs associated with child projects are also exported; otherwise only logs relating to the provided folder or organization are included. + END + default = null + } } # section { From c95da401ee3f9b4826ba0c3b83d787fcb8e65ede Mon Sep 17 00:00:00 2001 From: Nathan Parraga Thiesen Date: Thu, 24 Mar 2022 12:10:21 +0100 Subject: [PATCH 6/8] fix: add correct reference to `var.include_children` --- main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index 377cd32..ac3442f 100644 --- a/main.tf +++ b/main.tf @@ -58,7 +58,7 @@ resource "google_logging_folder_sink" "folder_sink" { description = var.description disabled = var.disabled - include_children = var.include_folder_children + include_children = var.include_children dynamic "bigquery_options" { for_each = var.use_partitioned_tables != null ? [1] : [] @@ -94,7 +94,7 @@ resource "google_logging_organization_sink" "organization_sink" { description = var.description disabled = var.disabled - include_children = var.include_org_children + include_children = var.include_children dynamic "bigquery_options" { for_each = var.use_partitioned_tables != null ? [1] : [] From 718a1a4b53b5133cd11b94e6107893c059b38fde Mon Sep 17 00:00:00 2001 From: Nathan Thiesen Date: Thu, 24 Mar 2022 16:36:34 +0100 Subject: [PATCH 7/8] Update main.tf Co-authored-by: Marius Tolzmann --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index ac3442f..5dd94ef 100644 --- a/main.tf +++ b/main.tf @@ -6,7 +6,7 @@ locals { create_project_sink = var.folder == null && var.organization == null - create_folder_sink = var.folder != null && !local.create_project_sink + create_folder_sink = var.folder != null && var.organization == null && var.project == null create_organization_sink = var.organization != null && var.folder == null && var.project == null } From 1fc9cf836ae72edff34adc5f6779556ca261c712 Mon Sep 17 00:00:00 2001 From: Marius Tolzmann Date: Thu, 24 Mar 2022 20:26:51 +0100 Subject: [PATCH 8/8] fix: logic to create sinks --- main.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/main.tf b/main.tf index 5dd94ef..244418e 100644 --- a/main.tf +++ b/main.tf @@ -5,9 +5,9 @@ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ locals { - create_project_sink = var.folder == null && var.organization == null - create_folder_sink = var.folder != null && var.organization == null && var.project == null - create_organization_sink = var.organization != null && var.folder == null && var.project == null + create_project_sink = var.project != null || (var.folder == null && var.organization == null) + create_folder_sink = var.project == null && var.folder != null + create_organization_sink = var.project == null && var.folder == null && var.organization != null } resource "google_logging_project_sink" "project_sink" {