refactor pubsub

5-app-infra/source_repos/service-catalog/modules/pubsub/README.md

@@ -67,11 +67,12 @@ The following table outlines which of the suggested controls for Vertex Generati
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| locked\_regions | Regions that pubsub presistence is locked to | `list(any)` | <pre>[<br>  "us-central1",<br>  "us-east4"<br>]</pre> | no |
+| kms\_keyring | The KMS keyring that will be used when selecting the KMS key, preferably this should be on the same region as the other resources and the same environment.<br>This value can be obtained by running "gcloud kms keyrings list --project=KMS\_PROJECT\_ID --location=REGION." | `string` | n/a | yes |
+| locked\_regions | Regions that Pub/Sub persistence is locked to. | `list(any)` | <pre>[<br>  "us-central1",<br>  "us-east4"<br>]</pre> | no |
 | message\_retention\_duration | Message retention duration. | `string` | `"86400s"` | no |
-| project\_id | Optional Project ID. | `string` | `null` | no |
+| project\_id | Project ID. | `string` | n/a | yes |
 | region | The resource region, one of [us-central1, us-east4]. | `string` | `"us-central1"` | no |
-| topic\_name | Topic name | `string` | n/a | yes |
+| topic\_name | Topic name. | `string` | n/a | yes |
 
 ## Outputs
 

5-app-infra/source_repos/service-catalog/modules/pubsub/data.tf

@@ -18,18 +18,7 @@ data "google_project" "project" {
   project_id = var.project_id
 }
 
-data "google_projects" "kms" {
-  filter = "labels.application_name:env-kms labels.environment:${data.google_project.project.labels.environment} lifecycleState:ACTIVE"
-}
-
-data "google_kms_key_ring" "kms" {
-  name     = local.keyring_name
-  location = var.region
-  project  = data.google_projects.kms.projects.0.project_id
-}
-
 data "google_kms_crypto_key" "key" {
   name     = data.google_project.project.name
-  key_ring = data.google_kms_key_ring.kms.id
+  key_ring = var.kms_keyring
 }
-

5-app-infra/source_repos/service-catalog/modules/pubsub/variables.tf

@@ -16,14 +16,13 @@
 
 variable "project_id" {
   type        = string
-  description = "Optional Project ID."
-  default     = null
+  description = "Project ID."
 }
 
 variable "message_retention_duration" {
+  type        = string
   description = "Message retention duration."
   default     = "86400s"
-  type        = string
 }
 
 variable "region" {
@@ -37,16 +36,23 @@ variable "region" {
 }
 
 variable "topic_name" {
-  description = "Topic name"
   type        = string
+  description = "Topic name."
 }
 
 variable "locked_regions" {
-  description = "Regions that pubsub presistence is locked to"
   type        = list(any)
+  description = "Regions that Pub/Sub persistence is locked to."
   default = [
     "us-central1",
     "us-east4"
   ]
 }
 
+variable "kms_keyring" {
+  type        = string
+  description = <<EOF
+The KMS keyring that will be used when selecting the KMS key, preferably this should be on the same region as the other resources and the same environment.
+This value can be obtained by running "gcloud kms keyrings list --project=KMS_PROJECT_ID --location=REGION."
+EOF
+}