google_project/locals.tf (36 lines of code) (raw):

locals { project_name = "${var.project_name}-${var.realm}" display_name = coalesce(var.display_name, local.project_name) project_generated_id = "${format("%.25s", "moz-fx-${local.project_name}")}-${random_id.project.hex}" project_id = coalesce(var.project_id, local.project_generated_id) app_code = coalesce(var.app_code, var.project_name) component_code = coalesce(var.component_code, "${local.app_code}-uncat") default_project_labels = { app = var.project_name app_code = local.app_code component_code = local.component_code cost_center = var.cost_center program_code = var.program_code program_name = var.program_name realm = var.realm risk_level = var.risk_level } all_project_labels = merge(local.default_project_labels, var.extra_project_labels) default_project_services = [ "cloudasset.googleapis.com", "cloudbilling.googleapis.com", "compute.googleapis.com", "container.googleapis.com", "dns.googleapis.com", "iamcredentials.googleapis.com", "logging.googleapis.com", "monitoring.googleapis.com", "servicehealth.googleapis.com", "servicenetworking.googleapis.com", "stackdriver.googleapis.com", "privilegedaccessmanager.googleapis.com" ] all_project_services = setunion(local.default_project_services, var.project_services) default_data_access_logs = ["iam.googleapis.com", "secretmanager.googleapis.com", "sts.googleapis.com", "privilegedaccessmanager.googleapis.com"] data_access_logs_filter = join("\n", toset([for v in concat(local.default_data_access_logs, var.additional_data_access_logs) : "AND NOT protoPayload.serviceName=\"${v}\""])) }