Why are values for org_id and folder_id mutually exclusive?

[sbadakhc]

What is the rational for making org_id and folder_id mutually exclusive. I think it makes sense to have both and also perhaps have the option to provision multiple folders?

module.seed_project.module.project-factory.google_project.main: Modifying... [id=projects/cft-seed-5e02]

Error: 'org_id' and 'folder_id' cannot be both set.

  on .terraform/modules/seed_project/terraform-google-project-factory-7.1.0/modules/core_project_factory/main.tf line 96, in resource "google_project" "main":
  96: resource "google_project" "main" {

[rjerrems]

Hi @sbadakhc - can you please elaborate a little on the folder structure you are trying to create so I can better understand the problem? Can you share the value you are using for folder_id ?

[sbadakhc]

HI @rjerrems - Sure. I have a use case that entails creating an organisation with multiple folders which map to business operations like sales, marketing, technology etc. These departments have their own infrastructure and resources but likely to be accessible to each other via a shared vpc. I'm pretty much just following the docs here https://cloud.google.com/resource-manager/docs/creating-managing-folders. I would like the ability to boot strap a org with multiple folders or have a way of adding folders once I have one department setup. Thanks for your assistance. I would be happy to provide more details. Also is there a slack channel available to discuss these issues in real-time?

[rjerrems]

Hi @sbadakhc - we don't have a live channel available unfortunately. Can you share the code snippet you are running which is producing this error?

[sbadakhc]

Ah think I got my wires crossed. Does it make sense to have a folder factory module to accomplish this?

My thinking is that assuming a green field site and some hand cranking to ensure the following prerequisites are met I should be able to run the various modules in succession to provision my environment.

Prerequisites

1. create free gmail account
2. purchase domain name using free account from google domains
3. from google domains "Get a custom email address" via "Get G suite"
4. create a custom email and make the account the super admin user
5. create the required group admin accounts
6. add the gsuite super user to the groups
7. login to gcp and create the organisation

These are the manual steps I have thus far taken. I then want to run the various modules to begin populating my org.

1. Run org factory and have it call the other various module to create a folder, project, shared vpc etc based on an opinionated deployment I can tear down and customise.

Does this make sense?

Thanks, Sal.

[rjerrems]

Yeah that makes sense. If you are looking for a module to help manage folders, this might prove useful for you:

https://github.com/terraform-google-modules/terraform-google-folders

Although it is worth noting that creating folders is usually quite straight forward, if you are not doing anything else on top of that (IAM etc). As an example, this creates on parent folder and three child folders:

https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/1-org/folders.tf

Hope this helps

[sbadakhc]

@rjerrems thanks. I'll take a look as advised. With regards to the process outlined above, is it inline with what you attempting here?