Resource Packs

Cloud

Example

Flavor

Feature

Dns

Example: dns resource based on GCP Cloud DNS

Configuration

This example configures a dns Resource Definition using GCP Cloud DNS. A workload using the dns resource to create dns records looks like:

containers:
  ...
  app:
    variables:
      PORT: "3000"
resources:
  ...
  dns:
    type: dns
  route:
    type: route
    params:
      host: ${resources.dns.host}
      path: /
      port: 3000

Infrastructure setup 

graph TD;
  subgraph GCP Managed zone
    record["record"]
  end

  subgraph GKE Cluster
    pod[workload pod]
  end
  record --> pod

Orchestrator setup 

graph LR;
  workload_1 --> dns_1["dns_1, resource_type: dns"]
  workload_2 --> dns_2["dns_2, resource_type: dns"]
  workload_2 --> shared.dns_1["shared.dns_1, resource_type: dns"]
  workload_3 --> shared.dns_1["shared.dns_1, resource_type: dns"]

Terraform docs

Requirements

Name Version
terraform >= 1.3.0
google ~> 5.17
humanitec ~> 1.0

Providers

Name Version
google ~> 5.17
humanitec ~> 1.0

Modules

Name Source Version
dns_basic ../../humanitec-resource-defs/dns/basic n/a

Resources

Name Type
google_project_iam_member.humanitec_provisioner resource
google_service_account.humanitec_provisioner resource
google_service_account_key.humanitec_provisioner resource
humanitec_application.example resource
humanitec_resource_account.humanitec_provisioner resource
humanitec_resource_definition_criteria.dns_basic resource

Inputs

Name Description Type Default Required
managed_zone The name of the zone in which this record set will reside. string n/a yes
project GCP project ID string n/a yes
region GCP region string n/a yes
name Name of the example application string "hum-rp-dns-example" no
prefix Prefix of the created resources string "hum-rp-dns-ex-" no
resource_packs_gcp_rev GCP Resource Pack git ref string "refs/heads/main" no
resource_packs_gcp_url GCP Resource Pack git url string "https://github.com/humanitec-architecture/resource-packs-gcp.git" no

main.tf ( view on GitHub ) :

# GCP service account used by Humanitec to provision resources

resource "google_service_account" "humanitec_provisioner" {
  account_id  = var.name
  description = "Account used by Humanitec to provision resources"
}

resource "google_project_iam_member" "humanitec_provisioner" {
  project = var.project
  role    = "roles/owner"
  member  = "serviceAccount:${google_service_account.humanitec_provisioner.email}"
}

resource "google_service_account_key" "humanitec_provisioner" {
  service_account_id = google_service_account.humanitec_provisioner.name
}

resource "humanitec_resource_account" "humanitec_provisioner" {
  id   = var.name
  name = var.name
  type = "gcp"

  credentials = base64decode(google_service_account_key.humanitec_provisioner.private_key)

  depends_on = [
    # Otherwise the account looses permissions before the resources are deleted
    google_project_iam_member.humanitec_provisioner
  ]
}

# Example application and resource definition criteria

resource "humanitec_application" "example" {
  id   = var.name
  name = var.name
}

# cloud dns

module "dns_basic" {
  source = "github.com/humanitec-architecture/resource-packs-gcp?ref=v2024-06-14//humanitec-resource-defs/dns/basic"

  prefix = var.prefix

  resource_packs_gcp_url = var.resource_packs_gcp_url
  resource_packs_gcp_rev = var.resource_packs_gcp_rev
  append_logs_to_error   = true
  driver_account         = humanitec_resource_account.humanitec_provisioner.id

  project = var.project
  region  = var.region

  managed_zone = var.managed_zone
}

resource "humanitec_resource_definition_criteria" "dns_basic" {
  resource_definition_id = module.dns_basic.id
  app_id                 = humanitec_application.example.id
  force_delete           = true
}

providers.tf ( view on GitHub ) :

terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "~> 5.17"
    }
    humanitec = {
      source  = "humanitec/humanitec"
      version = "~> 1.0"
    }
  }

  required_version = ">= 1.3.0"
}

provider "humanitec" {}

provider "google" {
  project = var.project
  region  = var.region

  default_labels = {
    "managed_by" = "terraform"
    "source"     = "github.com/humanitec-architecture/resource-pack-gcp"
  }
}

terraform.tfvars.example ( view on GitHub ) :


# The name of the zone in which this record set will reside.
managed_zone = ""

# Name of the example application
name = "hum-rp-dns-example"

# Prefix of the created resources
prefix = "hum-rp-dns-ex-"

# GCP project ID
project = ""

# GCP region
region = ""

# GCP Resource Pack git ref
resource_packs_gcp_rev = "refs/tags/v2024-06-14"

# GCP Resource Pack git url
resource_packs_gcp_url = "https://github.com/humanitec-architecture/resource-packs-gcp.git"

variables.tf ( view on GitHub ) :

variable "project" {
  description = "GCP project ID"
  type        = string
}

variable "region" {
  description = "GCP region"
  type        = string
}

variable "managed_zone" {
  description = "The name of the zone in which this record set will reside."
  type        = string
}

variable "name" {
  description = "Name of the example application"
  type        = string
  default     = "hum-rp-dns-example"
}

variable "resource_packs_gcp_url" {
  description = "GCP Resource Pack git url"
  type        = string
  default     = "https://github.com/humanitec-architecture/resource-packs-gcp.git"
}

variable "resource_packs_gcp_rev" {
  description = "GCP Resource Pack git ref"
  type        = string
  default     = "refs/tags/v2024-06-14"
}

variable "prefix" {
  description = "Prefix of the created resources"
  type        = string
  default     = "hum-rp-dns-ex-"
}