From 9701c194d13adc412945f2d49fe15bba5c8c5367 Mon Sep 17 00:00:00 2001
From: Mauritz Uphoff <mauritz.uphoff@stackit.cloud>
Date: Wed, 12 Nov 2025 09:14:50 +0100
Subject: [PATCH] Initial commit

---
 00-backend.tf   |   2 +-
 00-provider.tf  |   4 +-
 01-variables.tf |   9 +++-
 02-folder.tf    |  36 ++++++++++++++++
 MAINTAINERS.md  |   2 +-
 README.md       | 108 +-----------------------------------------------
 6 files changed, 49 insertions(+), 112 deletions(-)
 create mode 100644 02-folder.tf

diff --git a/00-backend.tf b/00-backend.tf
index 831a30b..f63276d 100644
--- a/00-backend.tf
+++ b/00-backend.tf
@@ -1,4 +1,4 @@
-/*Copyright 2025 STACKIT GmbH & Co. KG <maintainer.email@stackit.cloud>
+/*Copyright 2025 STACKIT GmbH & Co. KG <mauritz.uphoff@stackit.cloud>
 
 Use of this source code is governed by an MIT-style
 license that can be found in the LICENSE file or at
diff --git a/00-provider.tf b/00-provider.tf
index b3ba6c7..a9af718 100644
--- a/00-provider.tf
+++ b/00-provider.tf
@@ -9,7 +9,7 @@ terraform {
   required_providers {
     stackit = {
       source  = "stackitcloud/stackit"
-      version = "0.69.0"
+      version = "~>0.69.0"
     }
     random = {
       source  = "hashicorp/random"
@@ -21,6 +21,6 @@ terraform {
 provider "stackit" {
   default_region           = var.stackit_region
   service_account_key_path = var.stackit_service_account_key_path
-  experiments              = ["routing-tables", "network"]
+  experiments              = ["routing-tables", "network", "iam"]
   enable_beta_resources    = true
 }
\ No newline at end of file
diff --git a/01-variables.tf b/01-variables.tf
index 9f83777..6b635e6 100644
--- a/01-variables.tf
+++ b/01-variables.tf
@@ -14,7 +14,12 @@ variable "stackit_service_account_key_path" {
   default = "keys/sa-key.json"
 }
 
-variable "stackit_project_id" {
+variable "stackit_org_id" {
   type    = string
-  default = "XXXX-XXXX-XXXX-XXXX"
+  default = "03a34540-3c1a-4794-b2c6-7111ecf824ef"
+}
+
+variable "owner_email" {
+  type    = string
+  default = "mauritz.uphoff@stackit.cloud"
 }
\ No newline at end of file
diff --git a/02-folder.tf b/02-folder.tf
new file mode 100644
index 0000000..59540dc
--- /dev/null
+++ b/02-folder.tf
@@ -0,0 +1,36 @@
+/*Copyright 2025 STACKIT GmbH & Co. KG <maintainer.email@stackit.cloud>
+
+Use of this source code is governed by an MIT-style
+license that can be found in the LICENSE file or at
+https://opensource.org/licenses/MIT.*/
+
+resource "stackit_resourcemanager_folder" "folder_lvl_1" {
+  name                = "folder_lvl_1"
+  owner_email         = var.owner_email
+  parent_container_id = var.stackit_org_id
+}
+
+resource "stackit_resourcemanager_folder" "folder_lvl_2" {
+  name                = "folder_lvl_2"
+  owner_email         = var.owner_email
+  parent_container_id = stackit_resourcemanager_folder.folder_lvl_1.container_id
+}
+
+resource "stackit_resourcemanager_project" "proj_folder_1" {
+  parent_container_id = stackit_resourcemanager_folder.folder_lvl_1.container_id
+  name                = "proj-folder1"
+  owner_email         = var.owner_email
+}
+
+resource "stackit_resourcemanager_project" "proj_folder_2" {
+  parent_container_id = stackit_resourcemanager_folder.folder_lvl_2.container_id
+  name                = "proj-folder2"
+  owner_email         = var.owner_email
+}
+
+
+resource "stackit_authorization_project_role_assignment" "editor_folder_1" {
+  resource_id = stackit_resourcemanager_project.proj_folder_2.project_id
+  role        = "editor"
+  subject     = "markus.brunsch@stackit.cloud"
+}
\ No newline at end of file
diff --git a/MAINTAINERS.md b/MAINTAINERS.md
index 199ed2d..d8adce9 100644
--- a/MAINTAINERS.md
+++ b/MAINTAINERS.md
@@ -1,7 +1,7 @@
 # Maintainers
 
 General maintainers:
-* Foo Bar (foo.bar@stackit.cloud)
+* Mauritz Uphoff (mauritz.uphoff@stackit.cloud)
 
 This BP is actively maintained. The owner is responsible for reviewing and updating dependencies and functionalities on a monthly basis.
 For questions, issues, or feature requests, please email general maintainers.
diff --git a/README.md b/README.md
index 0e793a1..5922bbe 100644
--- a/README.md
+++ b/README.md
@@ -1,112 +1,8 @@
-# [Name of the Best Practice Template]
+# Terraform Nested Folder
 
 ## Overview
 
-This repository provides a standardized template to solve [specific problem or use case]. It is designed to ensure quality, maintainability, and security for [mention the technology, e.g., Terraform module, CI/CD pipeline, etc.] on **STACKIT**.
-
-The main goal of this Best Practice (BP) is to [briefly describe the primary benefit, e.g., "deploy a secure and cost-effective Kubernetes cluster on STACKIT"].
-
-## License Header
-
-```console
-/*
-Copyright 2025 STACKIT GmbH & Co. KG <maintainer.email@stackit.cloud>
-
-Use of this source code is governed by an MIT-style
-license that can be found in the LICENSE file or at
-https://opensource.org/licenses/MIT.
-*/
-```
-
-## Setup Git GPG Key
-
-1. Generate GPG Key
-```console
-gpg --full-generate-key
-```
-
-1. Configure Git to use the Key
-```console
-git config --global user.signingkey <GPG KEY ID>
-git config --global commit.gpgsign true
-```
-
-1. Read GPG Key and add it to STACKIT Git
-```console
-gpg --armor --export <GPG KEY ID>
-```
-
-Copy the Public Key block and add it into your Profile settings on the STACKIT Git instance.
-https://docs.codeberg.org/security/gpg-key/
-https://gist.github.com/troyfontaine/18c9146295168ee9ca2b30c00bd1b41e
-
-
-## Prerequisites
-
-Before using this template, ensure you have the following:
-
-* **Tools**:
-    * [Tool Name, e.g., Terraform] version `x.y.z` or higher
-    * [Tool Name, e.g., Git]
-* **Access & Permissions**:
-    * [Required access, e.g., Project Member permissions on a STACKIT project]
-    * STACKIT provider credentials configured
-
-## How to Use
-
-Follow these steps to implement the template:
-
-1.  **Clone the repository:**
-    ```bash
-    git clone [repository-url]
-    cd [repository-name]
-    ```
-
-2.  **Configure the variables:**
-    * Create a `terraform.tfvars` file or set environment variables as described in the **Configuration** section below.
-
-3.  **Initialize and apply:**
-    ```bash
-    terraform init
-    terraform plan
-    terraform apply
-    ```
-
-4.  **Verify the deployment:**
-    * [Provide a simple command or step to check if the deployment was successful].
-
-## Configuration
-
-The following variables can be configured.
-
-| Variable Name | Description                                 | Type     | Default Value | Required |
-|---------------|---------------------------------------------|----------|---------------|----------|
-| `project_id`  | The STACKIT project ID.                     | `string` | `null`        | Yes      |
-| `region`      | The region where resources will be created. | `string` | `eu01`        | No       |
-| `...`         | ...                                         | `...`    | `...`         | ...      |
-
-## Testing
-
-This repository includes automated and manual testing procedures to ensure quality.
-
-### Automated Tests
-
-* **Validation**: `terraform validate` is automatically executed on every commit via the CI/CD pipeline.
-* **Security Scans**: A secret check is performed on every push to the repository.
-
-### Manual Tests
-
-The following aspects should be tested manually after deployment:
-
-* [Manual Test Case 1, e.g., "Verify connectivity to the database instance."]
-* [Manual Test Case 2, e.g., "Check permissions for the created service account."]
-
-
-### Dependencies
-
-This template relies on the following pinned versions:
-
-* **Provider [Provider Name, e.g., STACKIT]**: `~> 0.69.0`
+This repository demonstrates code to generate nested folders within a project.
 
 ## Changelog