The modules in this Terraform blueprint show how to implement common architectures aligned with ITAR compliance requirements. The following architectures are available in the modules directory:
See the following documentation for more information on specific requirements for adhering to ITAR on Google Cloud.
See specific usage examples for each of the following architectures in the examples directory:
These sections describe requirements for using this module.
The following dependencies must be available:
Refer to the documentation for individual submodules in the modules directory for specific IAM requirements.
The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.
A project with the following APIs enabled must be used to host the resources of this module:
cloudresourcemanager.googleapis.com
iam.googleapis.com
compute.googleapis.com
vpcaccess.googleapis.com
storage-component.googleapis.com
storage-api.googleapis.com
orgpolicy.googleapis.com
serviceusage.googleapis.com
dns.googleapis.com
cloudkms.googleapis.com
domains.googleapis.com
iamcredentials.googleapis.com
iap.googleapis.com
accesscontextmanager.googleapis.com
The Project Factory module can be used to provision a project with the necessary APIs enabled.
Refer to the contribution guidelines for information on contributing to this module.
Please see our security disclosure process.