fix: Fix of the new group structure (#1174)

Author: Samir-Cit

0-bootstrap/outputs.tf

@@ -65,12 +65,12 @@ output "common_config" {
 
 output "required_groups" {
   description = "List of Google Groups created that are required by the Example Foundation steps."
-  value       = var.groups.create_required_groups == true ? module.required_group : tomap(var.groups.required_groups)
+  value       = var.groups.create_required_groups == false ? tomap(var.groups.required_groups) : tomap({ for key, value in module.required_group : key => value.id })
 }
 
 output "optional_groups" {
   description = "List of Google Groups created that are optional to the Example Foundation steps."
-  value       = var.groups.create_optional_groups == true ? module.optional_group : tomap(var.groups.optional_groups)
+  value       = var.groups.create_optional_groups == false ? tomap(var.groups.optional_groups) : tomap({ for key, value in module.optional_group : key => value.id })
 }
 
 /* ----------------------------------------

0-bootstrap/terraform.example.tfvars

@@ -25,13 +25,13 @@ groups = {
   # create_optional_groups = false # Change to true to create the optional_groups
   # billing_project        = "REPLACE_ME"  # Fill to create required or optional groups
   required_groups = {
-    group_org_admins     = "REPLACE_ME" # example "[email protected]"
-    group_billing_admins = "REPLACE_ME" # example "[email protected]"
+    group_org_admins           = "REPLACE_ME" # example "[email protected]"
+    group_billing_admins       = "REPLACE_ME" # example "[email protected]"
+    billing_data_users         = "REPLACE_ME" # example "[email protected]"
+    audit_data_users           = "REPLACE_ME" # example "[email protected]"
+    monitoring_workspace_users = "REPLACE_ME" # example "[email protected]"
   }
   # optional_groups = {
-  #   billing_data_users         = "" #"[email protected]"
-  #   audit_data_users           = "" #"[email protected]"
-  #   monitoring_workspace_users = "" #"[email protected]"
   #   gcp_security_reviewer      = "" #"[email protected]"
   #   gcp_network_viewer         = "" #"[email protected]"
   #   gcp_scc_admin              = "" #"[email protected]"

2-environments/envs/development/README.md

@@ -3,7 +3,6 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| monitoring\_workspace\_users | Google Workspace or Cloud Identity group that have access to Monitoring Workspaces. | `string` | n/a | yes |
 | remote\_state\_bucket | Backend bucket to load Terraform Remote State Data from previous steps. | `string` | n/a | yes |
 | tfc\_org\_name | Name of the TFC organization | `string` | `""` | no |
 

2-environments/envs/development/variables.tf

@@ -14,11 +14,6 @@
  * limitations under the License.
  */
 
-variable "monitoring_workspace_users" {
-  description = "Google Workspace or Cloud Identity group that have access to Monitoring Workspaces."
-  type        = string
-}
-
 variable "remote_state_bucket" {
   description = "Backend bucket to load Terraform Remote State Data from previous steps."
   type        = string

2-environments/envs/non-production/README.md

@@ -3,7 +3,6 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| monitoring\_workspace\_users | Google Workspace or Cloud Identity group that have access to Monitoring Workspaces. | `string` | n/a | yes |
 | remote\_state\_bucket | Backend bucket to load Terraform Remote State Data from previous steps. | `string` | n/a | yes |
 | tfc\_org\_name | Name of the TFC organization | `string` | `""` | no |
 

2-environments/envs/non-production/variables.tf

@@ -14,11 +14,6 @@
  * limitations under the License.
  */
 
-variable "monitoring_workspace_users" {
-  description = "Google Workspace or Cloud Identity group that have access to Monitoring Workspaces."
-  type        = string
-}
-
 variable "remote_state_bucket" {
   description = "Backend bucket to load Terraform Remote State Data from previous steps."
   type        = string

2-environments/envs/production/README.md

@@ -3,7 +3,6 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| monitoring\_workspace\_users | Google Workspace or Cloud Identity group that have access to Monitoring Workspaces. | `string` | n/a | yes |
 | remote\_state\_bucket | Backend bucket to load Terraform Remote State Data from previous steps. | `string` | n/a | yes |
 | tfc\_org\_name | Name of the TFC organization | `string` | `""` | no |
 

2-environments/envs/production/variables.tf

@@ -14,11 +14,6 @@
  * limitations under the License.
  */
 
-variable "monitoring_workspace_users" {
-  description = "Google Workspace or Cloud Identity group that have access to Monitoring Workspaces."
-  type        = string
-}
-
 variable "remote_state_bucket" {
   description = "Backend bucket to load Terraform Remote State Data from previous steps."
   type        = string

test/integration/envs/envs_test.go

@@ -22,6 +22,7 @@ import (
 	"github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/gcloud"
 	"github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/tft"
 	"github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/utils"
+	"github.com/gruntwork-io/terratest/modules/terraform"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/terraform-google-modules/terraform-example-foundation/test/integration/testutils"
@@ -38,11 +39,9 @@ func TestEnvs(t *testing.T) {
 	utils.SetEnv(t, "GOOGLE_IMPERSONATE_SERVICE_ACCOUNT", terraformSA)
 
 	backend_bucket := bootstrap.GetStringOutput("gcs_bucket_tfstate")
-	monitoringWorkspaceUsers := bootstrap.GetTFSetupStringOutput("monitoring_workspace_users")
 
 	vars := map[string]interface{}{
-		"remote_state_bucket":        backend_bucket,
-		"monitoring_workspace_users": monitoringWorkspaceUsers,
+		"remote_state_bucket": backend_bucket,
 	}
 
 	backendConfig := map[string]interface{}{
@@ -87,6 +86,7 @@ func TestEnvs(t *testing.T) {
 					}
 					assert.Subset([]string{envName}, fldrTagValue, fmt.Sprintf("tag value should be %s for %s env folder", envName, envName))
 
+					monitoringWorkspaceUsers := terraform.OutputMap(t, bootstrap.GetTFOptions(), "required_groups")["monitoring_workspace_users"]
 					for _, projectEnvOutput := range []struct {
 						projectOutput string
 						role          string

test/setup/outputs.tf

@@ -44,18 +44,6 @@ output "group_email" {
   value = var.group_email
 }
 
-output "audit_data_users" {
-  value = var.group_email
-}
-
-output "billing_data_users" {
-  value = var.group_email
-}
-
-output "monitoring_workspace_users" {
-  value = var.group_email
-}
-
 output "groups" {
   value = {
     required_groups = {