From df787c6802a25684353a27fdfc5e1a3cf1433694 Mon Sep 17 00:00:00 2001
From: Ben Huston <bbhuston@users.noreply.github.com>
Date: Mon, 6 Mar 2023 10:58:11 +0900
Subject: [PATCH] Remove all Org Policy artifacts of PR #76 (#106)

* Remove all Org Policy artifacts PR #76

* Rebased on main

* Correct HCL codestyle
---
 README.md                              |  1 -
 infrastructure/org-policies.tf         | 69 --------------------------
 infrastructure/providers.tf            |  1 -
 infrastructure/terraform.tfvars.sample |  2 -
 infrastructure/variables.tf            |  7 ---
 platform/agones/skaffold.yaml          |  0
 6 files changed, 80 deletions(-)
 delete mode 100644 infrastructure/org-policies.tf
 mode change 100755 => 100644 platform/agones/skaffold.yaml

diff --git a/README.md b/README.md
index 34ad0e1..ad746eb 100644
--- a/README.md
+++ b/README.md
@@ -44,7 +44,6 @@ gcloud config set project ${PROJECT_ID}
 and then authenticate to generate [Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials) that can be leveraged by Terraform
 ```shell
 gcloud auth application-default login
-gcloud auth application-default set-quota-project ${PROJECT_ID}
 ```
 
 Clone this directory locally and, we'll also set an environment variable to it's root directory, for easy navigation:
diff --git a/infrastructure/org-policies.tf b/infrastructure/org-policies.tf
deleted file mode 100644
index c3ed946..0000000
--- a/infrastructure/org-policies.tf
+++ /dev/null
@@ -1,69 +0,0 @@
-# Optionally apply these Org Policies, as specified in terraform.tfvars file
-
-module "gcp_org_policy_v2_requireShieldedVm" {
-  source  = "terraform-google-modules/org-policy/google//modules/org_policy_v2"
-  version = "~> 5.2.0"
-
-  count          = var.apply_org_policies == true ? 1 : 0
-  policy_root    = "project"
-  policy_root_id = var.project
-  rules = [{
-    enforcement = false
-    allow       = []
-    deny        = []
-    conditions  = []
-  }]
-  constraint  = "compute.requireShieldedVm"
-  policy_type = "boolean"
-}
-
-module "gcp_org_policy_v2_disableServiceAccountKeyCreation" {
-  source  = "terraform-google-modules/org-policy/google//modules/org_policy_v2"
-  version = "~> 5.2.0"
-
-  count          = var.apply_org_policies == true ? 1 : 0
-  policy_root    = "project"
-  policy_root_id = var.project
-  rules = [{
-    enforcement = false
-    allow       = []
-    deny        = []
-    conditions  = []
-  }]
-  constraint  = "iam.disableServiceAccountKeyCreation"
-  policy_type = "boolean"
-}
-
-module "gcp_org_policy_v2_vmCanIpForward" {
-  source  = "terraform-google-modules/org-policy/google//modules/org_policy_v2"
-  version = "~> 5.2.0"
-
-  count          = var.apply_org_policies == true ? 1 : 0
-  policy_root    = "project"
-  policy_root_id = var.project
-  rules = [{
-    enforcement = false
-    allow       = []
-    deny        = []
-    conditions  = []
-  }]
-  constraint  = "compute.vmCanIpForward"
-  policy_type = "list"
-}
-
-module "gcp_org_policy_v2_vmExternalIpAccess" {
-  source  = "terraform-google-modules/org-policy/google//modules/org_policy_v2"
-  version = "~> 5.2.0"
-
-  count          = var.apply_org_policies == true ? 1 : 0
-  policy_root    = "project"
-  policy_root_id = var.project
-  rules = [{
-    enforcement = false
-    allow       = []
-    deny        = []
-    conditions  = []
-  }]
-  constraint  = "compute.vmExternalIpAccess"
-  policy_type = "list"
-}
diff --git a/infrastructure/providers.tf b/infrastructure/providers.tf
index 838553d..19ef39a 100644
--- a/infrastructure/providers.tf
+++ b/infrastructure/providers.tf
@@ -14,7 +14,6 @@
 
 provider "google" {
   project               = var.project
-  user_project_override = true
 }
 
 data "google_client_config" "provider" {}
diff --git a/infrastructure/terraform.tfvars.sample b/infrastructure/terraform.tfvars.sample
index 7b488b5..57b6d00 100644
--- a/infrastructure/terraform.tfvars.sample
+++ b/infrastructure/terraform.tfvars.sample
@@ -17,7 +17,6 @@
 
 project            = "PROJECT_ID"
 resource_env_label = "demo-global-game"
-apply_org_policies = false
 
 # Cloud Deploy Configuration
 platform_directory = "../platform" # Relative to Terraform directory
@@ -88,7 +87,6 @@ gcp_project_services = [
   "servicenetworking.googleapis.com",
   "servicecontrol.googleapis.com",
   "run.googleapis.com",
-  "orgpolicy.googleapis.com",
   "redis.googleapis.com",
   "run.googleapis.com",
   "iap.googleapis.com"
diff --git a/infrastructure/variables.tf b/infrastructure/variables.tf
index 41c14e9..d913948 100644
--- a/infrastructure/variables.tf
+++ b/infrastructure/variables.tf
@@ -12,13 +12,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-### Organziation Variables ###
-
-variable "apply_org_policies" {
-  type        = bool
-  description = "Boolean used to determine whether GCP Org Policies are applied"
-}
-
 ### Project Variables ###
 
 variable "project" {
diff --git a/platform/agones/skaffold.yaml b/platform/agones/skaffold.yaml
old mode 100755
new mode 100644