gcp storage

src/files_gcp.go

@@ -4,5 +4,8 @@ import (
 	_ "embed" // required for embed
 )
 
-//go:embed mapping/gcp/resource/google_compute_instance.json
+//go:embed mapping/gcp/resource/compute/google_compute_instance.json
 var googleComputeInstance []byte
+
+//go:embed mapping/gcp/resource/storage/google_storage_bucket.json
+var googleStorageBucket []byte

src/gcp.go

@@ -20,6 +20,7 @@ func GetGCPPermissions(result ResourceV2) []string {
 func GetGCPResourcePermissions(result ResourceV2) []string {
 	TFLookup := map[string]interface{}{
 		"google_compute_instance": googleComputeInstance,
+		"google_storage_bucket":   googleStorageBucket,
 	}
 
 	var Permissions []string

src/gcp_policy.go

@@ -2,7 +2,7 @@ package pike
 
 import (
 	"bytes"
-	_ "embed" //required for embed
+	_ "embed" // required for embed
 	"strings"
 	"text/template"
 )

src/mapping/gcp/resource/storage/google_storage_bucket.json

@@ -0,0 +1,19 @@
+[
+  {
+    "apply": [
+      "storage.buckets.create",
+      "storage.buckets.get",
+      "storage.buckets.delete"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "storage.buckets.delete"
+    ],
+    "modify": [
+      "storage.buckets.update"
+    ],
+    "plan": []
+  }
+]

src/mapping/gcp/resource/template.json

@@ -0,0 +1,11 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]

terraform/gcp/backup/google_storage_bucket.tf

@@ -0,0 +1,21 @@
+resource "google_storage_bucket" "static-site" {
+  name                        = "pike-image-store-com"
+  location                    = "EU"
+  force_destroy               = true
+  storage_class               = "STANDARD"
+  uniform_bucket_level_access = true
+  labels = {
+    pike = "permissions"
+  }
+
+  #  website {
+  #    main_page_suffix = "index.html"
+  #    not_found_page   = "404.html"
+  #  }
+  #  cors {
+  #    origin          = ["http://image-store.com"]
+  #    method          = ["GET", "HEAD", "PUT", "POST", "DELETE"]
+  #    response_header = ["*"]
+  #    max_age_seconds = 3600
+  #  }
+}

terraform/gcp/role/google_project_iam_custom_role.tf

@@ -4,15 +4,10 @@ resource "google_project_iam_custom_role" "pike" {
   title       = "pike terraform user"
   description = "A user with least privileges"
   permissions = [
-    "compute.zones.get",
-    "compute.instances.create",
-    "compute.instances.get",
-    "compute.disks.create",
-    "compute.disks.create",
-    "compute.subnetworks.use",
-    "compute.subnetworks.useExternalIp",
-    "compute.instances.setMetadata",
-    "compute.instances.delete",
-    "compute.instances.setTags"
+    "storage.buckets.create",
+    "storage.buckets.get",
+    "storage.buckets.delete",
+
+    "storage.buckets.update"
   ]
 }

todo_gcp.md

@@ -0,0 +1,71 @@
+# GCP
+
+ data.google_compute_image not implemented
+ data.google_compute_image not implemented
+ data.google_compute_image not implemented
+ data.google_compute_network not implemented
+ data.google_compute_network not implemented
+ data.google_compute_network not implemented
+ data.google_compute_subnetwork not implemented
+ data.google_compute_zones not implemented
+ data.google_iam_policy not implemented
+ data.google_iam_role not implemented
+ data.google_project not implemented
+ data.google_project not implemented
+ data.google_project not implemented
+ data.google_service_account not implemented
+
+ google_app_engine_standard_app_version not implemented
+ google_bigquery_dataset not implemented
+ google_bigquery_job not implemented
+ google_bigquery_table not implemented
+ google_cloudfunctions_function not implemented
+ google_compute_address not implemented
+ google_compute_address not implemented
+ google_compute_firewall not implemented
+ google_compute_firewall not implemented
+ google_compute_firewall not implemented
+ google_compute_firewall not implemented
+ google_compute_global_address not implemented
+ google_compute_instance_template not implemented
+ google_compute_instance_template not implemented
+ google_compute_network not implemented
+ google_compute_project_metadata_item not implemented
+ google_compute_region_instance_group_manager not implemented
+ google_compute_subnetwork not implemented
+ google_container_cluster not implemented
+ google_container_node_pool not implemented
+ google_kms_crypto_key not implemented
+ google_kms_key_ring not implemented
+ google_project_iam_binding not implemented
+ google_project_iam_binding not implemented
+ google_project_iam_binding not implemented
+ google_project_iam_binding not implemented
+ google_project_iam_binding not implemented
+ google_project_iam_binding not implemented
+ google_project_iam_member not implemented
+ google_project_service not implemented
+ google_project_service not implemented
+ google_project_service not implemented
+ google_project_service not implemented
+ google_project_service not implemented
+ google_project_service not implemented
+ google_project_service not implemented
+ google_project_service not implemented
+ google_service_account not implemented
+ google_service_account not implemented
+ google_service_account_iam_policy not implemented
+ google_service_account_key not implemented
+ google_service_networking_connection not implemented
+ google_sql_database not implemented
+ google_sql_database_instance not implemented
+ google_sql_user not implemented
+ google_storage_bucket_acl not implemented
+ google_storage_bucket_acl not implemented
+ google_storage_bucket_iam_binding not implemented
+ google_storage_bucket_object not implemented
+ google_storage_bucket_object not implemented
+ google_storage_bucket_object not implemented
+ google_storage_bucket_object not implemented
+ google_storage_bucket_object not implemented
+ google_storage_bucket_object not implemented