1# Copyright 2022 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: core.cnrm.cloud.google.com/v1alpha1
16kind: ServiceMapping
17metadata:
18 name: storage.cnrm.cloud.google.com
19 namespace: cnrm-system
20spec:
21 name: Storage
22 version: v1beta1
23 serviceHostName: "storage.googleapis.com"
24 resources:
25 - name: google_storage_bucket
26 kind: StorageBucket
27 iamConfig:
28 policyName: google_storage_bucket_iam_policy
29 policyMemberName: google_storage_bucket_iam_member
30 referenceField:
31 name: bucket
32 type: name
33 supportsConditions: true
34 metadataMapping:
35 name: name
36 labels: labels
37 resourceID:
38 targetField: name
39 idTemplate: "{{name}}"
40 # odd resource where the project is 'optional', needs more thought -- also not supported by gcloud (yet), problem applies to all Storage resources
41 idTemplateCanBeUsedToMatchResourceName: false
42 resourceAvailableInAssetInventory: true
43 resourceReferences:
44 - tfField: encryption.default_kms_key_name
45 key: kmsKeyRef
46 gvk:
47 kind: KMSCryptoKey
48 version: v1beta1
49 group: kms.cnrm.cloud.google.com
50 targetField: self_link
51 directives:
52 - force_destroy
53 containers:
54 - type: project
55 tfField: project
56 - name: google_storage_bucket_access_control
57 kind: StorageBucketAccessControl
58 idTemplate: "{{bucket}}/{{entity}}"
59 # odd resource where the project is 'optional', needs more thought -- also not supported by gcloud (yet), problem applies to all Storage resources
60 idTemplateCanBeUsedToMatchResourceName: false
61 resourceAvailableInAssetInventory: false
62 resourceReferences:
63 - key: bucketRef
64 tfField: bucket
65 parent: true
66 description: |-
67 Reference to the bucket.
68 gvk:
69 kind: StorageBucket
70 version: v1beta1
71 group: storage.cnrm.cloud.google.com
72 - name: google_storage_default_object_access_control
73 kind: StorageDefaultObjectAccessControl
74 idTemplate: "{{bucket}}/{{entity}}"
75 # odd resource where the project is 'optional', needs more thought -- also not supported by gcloud (yet), problem applies to all Storage resources
76 idTemplateCanBeUsedToMatchResourceName: false
77 resourceAvailableInAssetInventory: false
78 resourceReferences:
79 - key: bucketRef
80 tfField: bucket
81 parent: true
82 description: |-
83 Reference to the bucket.
84 gvk:
85 kind: StorageBucket
86 version: v1beta1
87 group: storage.cnrm.cloud.google.com
88 - name: google_storage_notification
89 kind: StorageNotification
90 serverGeneratedIDField: "notification_id"
91 resourceID:
92 targetField: notification_id
93 idTemplate: "{{bucket}}/notificationConfigs/{{notification_id}}"
94 # odd resource where the project is 'optional', needs more thought -- also not supported by gcloud (yet), problem applies to all Storage resources
95 idTemplateCanBeUsedToMatchResourceName: false
96 resourceAvailableInAssetInventory: false
97 resourceReferences:
98 - key: bucketRef
99 tfField: bucket
100 parent: true
101 gvk:
102 kind: StorageBucket
103 version: v1beta1
104 group: storage.cnrm.cloud.google.com
105 - key: topicRef
106 tfField: topic
107 valueTemplate: "projects/{{project}}/topics/{{value}}"
108 gvk:
109 kind: PubSubTopic
110 version: v1beta1
111 group: pubsub.cnrm.cloud.google.com
View as plain text