This repository contains Terraform modules and example configurations to deploy the Web Application and API Protection (WAAP) solution on Google Cloud.
Refer to the JuiceShop Example for a functional example deployment of the WAAP solution.
These sections describe requirements for using this module.
The following dependencies must be available:
- Terraform v0.13
- Terraform Provider for GCP plugin v3.53
A service account with the following roles must be used to provision the resources of this module:
- Editor
roles/editor - reCAPTCHA Enterprise Admin:
roles/recaptchaenterprise.admin - Artifact Registry Admin:
roles/artifactregistry.admin
The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.
A project with the following APIs enabled must be used to host the resources of this module:
- Apigee API:
apigee.googleapis.com - Artifact Registry API:
artifactregistry.googleapis.com - Cloud Build API:
cloudbuild.googleapis.com - Cloud KMS API:
cloudkms.googleapis.com - Cloud Resource Manager API:
cloudresourcemanager.googleapis.com - Compute API:
compute.googleapis.com - Data Loss Prevention API:
dlp.googleapis.com - Identity and Access Management API:
iam.googleapis.com - Cloud Monitoring API:
monitoring.googleapis.com - reCAPTCHA Enterprise API:
recaptchaenterprise.googleapis.com - Service Networking API:
servicenetworking.googleapis.com - Service Usage API:
serviceusage.googleapis.com
The Project Factory module can be used to provision a project with the necessary APIs enabled. See this example for properly configuring project factory to enable these APIs.
Refer to the contribution guidelines for information on contributing to this module.
Please see our security disclosure process.