Skip to content

pubsub

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

pubsub

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

Google Cloud Pub/Sub Module

This module allows managing a single Pub/Sub topic, including multiple subscriptions and IAM bindings at the topic and subscriptions levels.

Examples

Simple topic with IAM

module "pubsub" {
  source     = "./modules/pubsub"
  project_id = "my-project"
  name       = "my-topic"
  iam = {
    "roles/pubsub.viewer"     = ["group:foo@example.com"]
    "roles/pubsub.subscriber" = ["user:user1@example.com"]
  }
}
# tftest:modules=1:resources=3

Subscriptions

Subscriptions are defined with the subscriptions variable, allowing optional configuration of per-subscription defaults. Push subscriptions need extra configuration, shown in the following example.

module "pubsub" {
  source     = "./modules/pubsub"
  project_id = "my-project"
  name       = "my-topic"
  subscriptions = {
    test-pull = null
    test-pull-override = {
      labels = { test = "override" }
      options = {
        ack_deadline_seconds       = null
        message_retention_duration = null
        retain_acked_messages      = true
        expiration_policy_ttl      = null
      }
    }
  }
}
# tftest:modules=1:resources=3

Push subscriptions

Push subscriptions need extra configuration in the push_configs variable.

module "pubsub" {
  source     = "./modules/pubsub"
  project_id = "my-project"
  name       = "my-topic"
  subscriptions = {
    test-push = null
  }
  push_configs = {
    test-push = {
      endpoint   = "https://example.com/foo"
      attributes = null
      oidc_token = null
    }
  }
}
# tftest:modules=1:resources=2

Subscriptions with IAM

module "pubsub" {
  source     = "./modules/pubsub"
  project_id = "my-project"
  name       = "my-topic"
  subscriptions = {
    test-1 = null
    test-1 = null
  }
  subscription_iam = {
    test-1 = {
      "roles/pubsub.subscriber" = ["user:user1@ludomagno.net"]
    }
  }
}
# tftest:modules=1:resources=3

Variables

name description type required default
name PubSub topic name. string
project_id Project used for resources. string
dead_letter_configs Per-subscription dead letter policy configuration. map(object({...})) {}
defaults Subscription defaults for options. object({...}) ...
iam IAM bindings for topic in {ROLE => [MEMBERS]} format. map(list(string)) {}
kms_key KMS customer managed encryption key. string null
labels Labels. map(string) {}
push_configs Push subscription configurations. map(object({...})) {}
regions List of regions used to set persistence policy. list(string) []
subscription_iam IAM bindings for subscriptions in {SUBSCRIPTION => {ROLE => [MEMBERS]}} format. map(map(list(string))) {}
subscriptions Topic subscriptions. Also define push configs for push subscriptions. If options is set to null subscription defaults will be used. Labels default to topic labels if set to null. map(object({...})) {}

Outputs

name description sensitive
id Topic id.
subscription_id Subscription ids.
subscriptions Subscription resources.
topic Topic resource.