terradart_google

Ships 380 curated resource factories + 1 data source (381 catalog entries)

The full per-service breakdown lives in the repo README — What ships. Discover factories programmatically via package:terradart_google/catalog.dart (terradartCatalog).

How resources are built

Factory wrappers under lib/src/<service>/ are emitted by terradart wrap from curated overrides in terradart_codegen. They are committed so consumers depend on terradart_google without running codegen.

CI verifies determinism via terradart wrap --check. For any other google_* resource, open an issue to request curation.

Runtime primitives (Stack, TfArg, writeTo) live in terradart_core.

Installation

dependencies:
  terradart_core: ^0.22.x
  terradart_google: ^0.22.x

Usage example

import 'package:terradart_core/terradart_core.dart';
import 'package:terradart_google/provider.dart';
import 'package:terradart_google/storage.dart';

final class AssetsStack extends Stack {
  AssetsStack({required String projectId})
      : super(providers: [
          GoogleProvider(project: projectId, region: 'asia-northeast1'),
        ]) {
    add(GoogleStorageBucket(
      localName: 'assets',
      name: TfArg.literal('my-app-assets-prod'),
      storageClass: TfArg.literal(BucketStorageClass.standard),
    ));
  }
}

See examples/ and the pubsub quickstart for AppExport / boundary patterns.

Libraries

access_context_manager: Access Context Manager: VPC Service Controls access policies, levels, service perimeters, and access-policy IAM members.
alloydb: AlloyDB — Postgres-compatible managed database clusters and instances.
apigee: Apigee: runtime data collectors and analytics datastores.
apikeys: API Keys: restrict Google Cloud API access by key.
app: App Engine — application registration, standard/flexible versions, firewall rules, URL dispatch, domain mapping, and service traffic/network settings.
artifact_registry: Artifact Registry: container / package repository, per-repository IAM.
biglake: BigLake Metastore — Hive-compatible catalogs, databases, and tables. Nested hive_options config is passed as a structured map.
bigquery: BigQuery datasets, tables, jobs, routines, transfers, reservations, capacity commitments, external connections, and per-resource IAM bindings.
bigtable: Cloud Bigtable — instances, tables, app profiles, GC policies, views.
binary_authorization: Binary Authorization: project policy, attestors, and attestor IAM members.
catalog: Static catalog of all curated terradart_google factories.
certificate_manager: Certificate Manager — DNS authorization, managed/self-managed certificates, and certificate maps for HTTPS load balancers.
chronicle: Chronicle (Google SecOps): detections, playbooks, custom lists, and dashboards.
cloud_build: Cloud Build CI/CD: trigger, private worker pool, v2 SCM connection + repository.
cloud_functions: Cloud Functions Gen 2 — serverless function execution with build + deploy from source.
cloud_run: Cloud Run v2 services + jobs.
cloud_scheduler: Cloud Scheduler cron jobs.
cloud_sql: Cloud SQL — managed relational databases (MySQL / PostgreSQL / SQL Server).
cloud_tasks: Cloud Tasks queues + per-queue IAM bindings.
clouddeploy: Cloud Deploy — continuous-delivery pipelines, targets, and custom target types. Nested config blocks (serial pipeline stages, deployment targets, custom actions) are passed as structured maps.
compute: Compute Engine resources: instances, addresses, firewalls, networks, subnetworks.
config: Infrastructure Manager (Config API): Terraform blueprint deployments.
contact: Contact Center AI Insights and related contact APIs.
container: Google Kubernetes Engine (GKE) — clusters, node pools, and GKE Hub.
data: Read-only data sources (no terraform apply side effects).
dataplex: Dataplex: governed data products, Universal Catalog metadata (entry groups / entry types / aspect types), and their IAM adjuncts.
dialogflow: Dialogflow CX: telephony and conversation resources.
discovery_engine: Vertex AI Search (Discovery Engine): data stores, search engines, IAM.
dns: Cloud DNS managed zones (public, private, peering, forwarding).
document_ai: Document AI — document processors (OCR / form parser / etc.) for extracting structured data from documents.
essential_contacts: Essential Contacts — register people/teams to receive Google Cloud notifications (technical, security, billing, …) for a project, folder, or organization.
eventarc: Eventarc — channels, triggers, pipelines, message buses, and API sources for routing CloudEvents to Cloud Run, Cloud Functions, Workflows, GKE, and HTTP endpoints.
filestore: Cloud Filestore — managed NFS instances, backups, and snapshots.
firebase_app_check: Firebase App Check — request attestation for Firebase services (reCAPTCHA Enterprise / Play Integrity / App Attest / Device Check providers + service-level enforcement + debug tokens + resource policies).
firebase_app_hosting: Firebase App Hosting — Cloud Run-backed successor to classic Firebase Hosting. Backends, build artifacts, custom domains, traffic split.
firebase_data_connect: Firebase Data Connect — serverless GraphQL backend backed by Cloud SQL.
firebase_remote_config: Firebase Remote Config — project-level dynamic configuration templates (parameters + parameter groups + conditions).
firestore: Cloud Firestore — Native and Datastore mode databases + composite index management.
gemini: Gemini for Google Cloud (Gemini Code Assist) — project/location settings: enablement, logging, and release channel.
gke_backup: GKE Backup — backup/restore plans, channels, and plan-scoped IAM.
healthcare: Cloud Healthcare — datasets and modality stores (DICOM, consent) plus the dataset *_iam_member adjunct.
iam: IAM service accounts + Workload Identity Federation pools. Per-resource IAM members live alongside their owning service barrel (e.g. pubsub.dart exports GooglePubsubTopicIamMember).
iap: Identity-Aware Proxy (IAP) IAM for App Engine and external HTTPS load balancer backend services.
kms: Cloud KMS key rings and crypto keys.
license_manager: License Manager: third-party software license configurations for Compute Engine.
logging: Cloud Logging: log-based metrics and sinks routed to BigQuery / Pub/Sub / Storage / Logging-bucket destinations.
memcache: Memorystore for Memcached — managed Memcached instances.
migration: Migration Center: sources, discovery clients, import jobs, and reports.
monitoring: Cloud Monitoring: alert policies, notification channels, uptime probes, dashboards, custom metric descriptors, and SLO service objects.
network: Network Connectivity transports, Network Security ULL mirroring, address groups, and URL lists.
observability: Cloud Observability — trace scopes that group projects' trace data for unified querying.
oracle: Oracle Database@Google Cloud — Autonomous Database, Base DB, Exadata, ODB, GoldenGate.
os_config: OS Config: VM Manager OS policy assignments and patch deployments.
parameter_manager: Parameter Manager — store and version application configuration parameters (global and regional), the non-secret sibling of Secret Manager.
privateca: Private CA (Certificate Authority Service) — CA pools for managed certificate issuance via Certificate Manager.
project: Project services (enabling individual GCP APIs on a project).
provider: Provider block factory and version constants for hashicorp/google.
pubsub: Pub/Sub topics, subscriptions, schemas, and per-resource IAM bindings.
recaptcha: reCAPTCHA Enterprise keys for web, Android, and iOS clients.
redis: Memorystore for Redis — managed Redis instances.
secret_manager: Secret Manager secrets, versions, and per-secret IAM bindings.
service_directory: Service Directory — managed service registry: namespaces, services, endpoints, and the *_iam_member adjuncts for namespace/service access.
service_networking: Service Networking — VPC peering between user networks and Google service VPCs, plus Serverless VPC Access connectors for Cloud Run / Functions / App Engine egress into a consumer VPC.
spanner: Cloud Spanner — horizontally scalable relational databases.
storage: Cloud Storage buckets, bucket objects, and Pub/Sub object-change notifications.
tags: Resource Manager Tags — tag keys, tag values, resource bindings, and the *_iam_member adjuncts that grant access on individual tag keys/values.
terradart_google: terradart_google — curated GCP factory wrappers for terradart.
time: hashicorp/time utilities — propagation waits used by Apis.enable.
vertex_ai: Vertex AI — feature store feature groups (backed by a BigQuery source), managed datasets, experiment Tensorboards, and GenAI cache config. Nested config blocks (e.g. encryption_spec) are passed as structured maps.
workflows: Workflows — serverless orchestration: define a Workflows workflow from inline YAML/JSON source.

terradart_google

How resources are built

Installation

Usage example

Libraries

terradart_google package