Google Cloud Scheduled Function#
This module allows Terraform to manage Google Cloud Scheduled Functions for the Censys Cloud Connector.
Prerequisites#
Setup#
Ensure you are in the root directory of the project.
Source your environment variables.
source .env
Install the dependencies.
poetry install
Ensure your
providers.yml
file contains your cloud provider credentials.If you have not already done so, you can create a
providers.yml
file by running the following command:poetry run censys-cc config
Change the working directory to the
google-scheduled-function
directory with the following command:cd ./terraform/google-scheduled-function
Copy
terraform.tfvars.example
toterraform.tfvars
and update the values to match your environment.cp terraform.tfvars.example terraform.tfvars
Initialize the project with the following command:
terraform init
To see what resources will be created or updated, run the following command:
terraform plan -var-file terraform.tfvars -out=censys-tfplan -input=false
To create or update the resources, run the following command:
terraform apply -input=false censys-tfplan
Cleanup#
To clean up the resources created by this module, run the following command:
terraform destroy -var-file terraform.tfvars
Requirements#
Name |
Version |
---|---|
terraform |
>= 0.13 |
>= 3.53, < 5.0 |
Providers#
Name |
Version |
---|---|
archive |
2.2.0 |
external |
2.2.2 |
4.17.0 |
|
local |
2.2.2 |
null |
3.1.1 |
random |
3.1.2 |
Modules#
Name |
Source |
Version |
---|---|---|
pubsub_topic |
terraform-google-modules/pubsub/google |
~> 1.0 |
Resources#
Name |
Type |
---|---|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
data source |
|
data source |
|
data source |
|
data source |
Inputs#
Name |
Description |
Type |
Default |
Required |
---|---|---|---|---|
bucket_force_destroy |
When deleting the GCS bucket containing the cloud function, delete all objects in the bucket first. |
|
|
no |
bucket_labels |
A set of key/value label pairs to assign to the bucket. |
|
|
no |
bucket_name |
The name to apply to the bucket. Will default to a string of |
|
|
no |
censys_api_key |
The Censys ASM API key |
|
n/a |
yes |
create_bucket |
Whether to create a new bucket or use an existing one. If false, |
|
|
no |
files_to_exclude_in_source_dir |
Specify files to ignore when reading the source_dir |
|
[ |
no |
function_available_memory_mb |
The amount of memory in megabytes allotted for the function to use. |
|
|
no |
function_description |
The description of the function. |
|
|
no |
function_labels |
A set of key/value label pairs to assign to the function. |
|
|
no |
function_name |
The name to apply to the function. Will default to a string of |
|
|
no |
function_source_dir |
The directory containing the source code for the function. |
|
|
no |
function_timeout_s |
The amount of time in seconds allotted for the execution of the function. (Can be up to 540 seconds) |
|
|
no |
gcp_service_list |
The list of apis necessary for the project |
|
[ |
no |
job_description |
Addition text to describe the job |
|
|
no |
job_name |
The name of the scheduled job to run |
|
|
no |
job_schedule |
The cron schedule for triggering the cloud function |
|
|
no |
logging_level |
The logging level |
|
|
no |
message_data |
The data to send in the topic message. |
|
|
no |
project_id |
The project ID to host the cloud function in |
|
n/a |
yes |
providers_config |
The path to the providers config file |
|
|
no |
region |
The region the project is in |
|
|
no |
scheduler_job |
An existing Cloud Scheduler job instance |
|
|
no |
secrets_dir |
The path to the secrets directory |
|
|
no |
time_zone |
The timezone to use in scheduler |
|
|
no |
topic_name |
Name of pubsub topic connecting the scheduled job and the function |
|
|
no |
vpc_connector |
The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects//locations//connectors/*. |
|
|
no |
vpc_connector_egress_settings |
The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value. |
|
|
no |
Outputs#
Name |
Description |
---|---|
api_secret_version |
The secret version of the API key |
bucket_name |
The name of the bucket created |
function_name |
The name of the function created |
function_region |
The region the function is in |
job_name |
The name of the scheduled job to run |
project_id |
The project ID |
providers_secrets_versions |
The secret versions of the providers config |
topic_name |
The name of the topic created |