The modules in this Terraform blueprint show how to implement common architectures aligned with ITAR compliance requirements. The following architectures are available in the modules directory:
See the following documentation for more information on specific requirements for adhering to ITAR on Google Cloud.
See specific usage examples for each of the following architectures in the examples directory:
These sections describe requirements for using this module.
The following dependencies must be available:
- Terraform v0.13
- Terraform Provider for GCP plugin v3.0
Refer to the documentation for individual submodules in the modules directory for specific IAM requirements.
The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.
A project with the following APIs enabled must be used to host the resources of this module:
cloudresourcemanager.googleapis.comiam.googleapis.comcompute.googleapis.comvpcaccess.googleapis.comstorage-component.googleapis.comstorage-api.googleapis.comorgpolicy.googleapis.comserviceusage.googleapis.comdns.googleapis.comcloudkms.googleapis.comdomains.googleapis.comiamcredentials.googleapis.comiap.googleapis.comaccesscontextmanager.googleapis.com
The Project Factory module can be used to provision a project with the necessary APIs enabled.
Refer to the contribution guidelines for information on contributing to this module.
Please see our security disclosure process.