Initial commit

Signed-off-by: Mauritz Uphoff <mauritz.uphoff@stackit.cloud>
2025-11-12 09:14:50 +01:00 · 2025-11-12 09:14:50 +01:00 · 78b49c4c0c
commit 78b49c4c0c
parent 411a1fea1f
7 changed files with 51 additions and 124 deletions
--- a/00-backend.tf
+++ b/00-backend.tf
@ -1,4 +1,4 @@
-/*Copyright 2025 STACKIT GmbH & Co. KG <maintainer.email@stackit.cloud>
+/*Copyright 2025 STACKIT GmbH & Co. KG <mauritz.uphoff@stackit.cloud>
 Use of this source code is governed by an MIT-style
 license that can be found in the LICENSE file or at
--- a/00-provider.tf
+++ b/00-provider.tf
@ -1,4 +1,4 @@
-/*Copyright 2025 STACKIT GmbH & Co. KG <maintainer.email@stackit.cloud>
+/*Copyright 2025 STACKIT GmbH & Co. KG <mauritz.uphoff@stackit.cloud>
 Use of this source code is governed by an MIT-style
 license that can be found in the LICENSE file or at
@ -9,7 +9,7 @@ terraform {
  required_providers {
    stackit = {
      source  = "stackitcloud/stackit"
-      version = "0.69.0"
+      version = "~>0.69.0"
    }
    random = {
      source  = "hashicorp/random"
@ -21,6 +21,6 @@ terraform {
 provider "stackit" {
  default_region           = var.stackit_region
  service_account_key_path = var.stackit_service_account_key_path
-  experiments              = ["routing-tables", "network"]
+  experiments              = ["routing-tables", "network", "iam"]
  enable_beta_resources    = true
 }
--- a/01-variables.tf
+++ b/01-variables.tf
@ -1,4 +1,4 @@
-/*Copyright 2025 STACKIT GmbH & Co. KG <maintainer.email@stackit.cloud>
+/*Copyright 2025 STACKIT GmbH & Co. KG <mauritz.uphoff@stackit.cloud>
 Use of this source code is governed by an MIT-style
 license that can be found in the LICENSE file or at
@ -14,7 +14,12 @@ variable "stackit_service_account_key_path" {
  default = "keys/sa-key.json"
 }
-variable "stackit_project_id" {
+variable "stackit_org_id" {
  type    = string
-  default = "XXXX-XXXX-XXXX-XXXX"
+  default = "03a34540-3c1a-4794-b2c6-7111ecf824ef"
 }
 variable "owner_email" {
  type    = string
  default = "mauritz.uphoff@stackit.cloud"
 }
--- a/02-example.tf
+++ b/02-example.tf
@ -1,10 +0,0 @@
 /*Copyright 2025 STACKIT GmbH & Co. KG <maintainer.email@stackit.cloud>
 Use of this source code is governed by an MIT-style
 license that can be found in the LICENSE file or at
 https://opensource.org/licenses/MIT.*/
 resource "stackit_network" "example" {
  project_id = var.stackit_project_id
  name       = "example"
 }
--- a/02-folder.tf
+++ b/02-folder.tf
@ -0,0 +1,36 @@
 /*Copyright 2025 STACKIT GmbH & Co. KG <mauritz.uphoff@stackit.cloud>
 Use of this source code is governed by an MIT-style
 license that can be found in the LICENSE file or at
 https://opensource.org/licenses/MIT.*/
 resource "stackit_resourcemanager_folder" "folder_lvl_1" {
  name                = "folder_lvl_1"
  owner_email         = var.owner_email
  parent_container_id = var.stackit_org_id
 }
 resource "stackit_resourcemanager_folder" "folder_lvl_2" {
  name                = "folder_lvl_2"
  owner_email         = var.owner_email
  parent_container_id = stackit_resourcemanager_folder.folder_lvl_1.container_id
 }
 resource "stackit_resourcemanager_project" "proj_folder_1" {
  parent_container_id = stackit_resourcemanager_folder.folder_lvl_1.container_id
  name                = "proj-folder1"
  owner_email         = var.owner_email
 }
 resource "stackit_resourcemanager_project" "proj_folder_2" {
  parent_container_id = stackit_resourcemanager_folder.folder_lvl_2.container_id
  name                = "proj-folder2"
  owner_email         = var.owner_email
 }
 resource "stackit_authorization_project_role_assignment" "editor_folder_1" {
  resource_id = stackit_resourcemanager_project.proj_folder_2.project_id
  role        = "editor"
  subject     = "markus.brunsch@stackit.cloud"
 }
--- a/MAINTAINERS.md
+++ b/MAINTAINERS.md
@ -1,7 +1,7 @@
 # Maintainers
 General maintainers:
-* Foo Bar (foo.bar@stackit.cloud)
+* Mauritz Uphoff (mauritz.uphoff@stackit.cloud)
 This BP is actively maintained. The owner is responsible for reviewing and updating dependencies and functionalities on a monthly basis.
 For questions, issues, or feature requests, please email general maintainers.
--- a/README.md
+++ b/README.md
@ -1,112 +1,8 @@
-# [Name of the Best Practice Template]
+# Terraform Nested Folder
 ## Overview
-This repository provides a standardized template to solve [specific problem or use case]. It is designed to ensure quality, maintainability, and security for [mention the technology, e.g., Terraform module, CI/CD pipeline, etc.] on **STACKIT**.
+This repository demonstrates how to create projects within nested folders.
 The main goal of this Best Practice (BP) is to [briefly describe the primary benefit, e.g., "deploy a secure and cost-effective Kubernetes cluster on STACKIT"].
 ## License Header
 ```console
 /*
 Copyright 2025 STACKIT GmbH & Co. KG <maintainer.email@stackit.cloud>
 Use of this source code is governed by an MIT-style
 license that can be found in the LICENSE file or at
 https://opensource.org/licenses/MIT.
 */
 ```
 ## Setup Git GPG Key
 1. Generate GPG Key
 ```console
 gpg --full-generate-key
 ```
 1. Configure Git to use the Key
 ```console
 git config --global user.signingkey <GPG KEY ID>
 git config --global commit.gpgsign true
 ```
 1. Read GPG Key and add it to STACKIT Git
 ```console
 gpg --armor --export <GPG KEY ID>
 ```
 Copy the Public Key block and add it into your Profile settings on the STACKIT Git instance.
 https://docs.codeberg.org/security/gpg-key/
 https://gist.github.com/troyfontaine/18c9146295168ee9ca2b30c00bd1b41e
 ## Prerequisites
 Before using this template, ensure you have the following:
 * **Tools**:
    * [Tool Name, e.g., Terraform] version `x.y.z` or higher
    * [Tool Name, e.g., Git]
 * **Access & Permissions**:
    * [Required access, e.g., Project Member permissions on a STACKIT project]
    * STACKIT provider credentials configured
 ## How to Use
 Follow these steps to implement the template:
 1.  **Clone the repository:**
    ```bash
    git clone [repository-url]
    cd [repository-name]
    ```
 2.  **Configure the variables:**
    * Create a `terraform.tfvars` file or set environment variables as described in the **Configuration** section below.
 3.  **Initialize and apply:**
    ```bash
    terraform init
    terraform plan
    terraform apply
    ```
 4.  **Verify the deployment:**
    * [Provide a simple command or step to check if the deployment was successful].
 ## Configuration
 The following variables can be configured.
 | Variable Name | Description                                 | Type     | Default Value | Required |
 |---------------|---------------------------------------------|----------|---------------|----------|
 | `project_id`  | The STACKIT project ID.                     | `string` | `null`        | Yes      |
 | `region`      | The region where resources will be created. | `string` | `eu01`        | No       |
 | `...`         | ...                                         | `...`    | `...`         | ...      |
 ## Testing
 This repository includes automated and manual testing procedures to ensure quality.
 ### Automated Tests
 * **Validation**: `terraform validate` is automatically executed on every commit via the CI/CD pipeline.
 * **Security Scans**: A secret check is performed on every push to the repository.
 ### Manual Tests
 The following aspects should be tested manually after deployment:
 * [Manual Test Case 1, e.g., "Verify connectivity to the database instance."]
 * [Manual Test Case 2, e.g., "Check permissions for the created service account."]
 ### Dependencies
 This template relies on the following pinned versions:
 * **Provider [Provider Name, e.g., STACKIT]**: `~> 0.69.0`
 ## Changelog