cloud-foundation-fabric
SKILL.md
Cloud Foundation Fabric (CFF)
Overview
Cloud Foundation Fabric is a comprehensive suite of Terraform modules and end-to-end blueprints designed for Google Cloud Platform (GCP). It provides:
- Modules: A library of composable, production-ready Terraform modules (e.g.,
project,net-vpc,gke-cluster) - FAST: An opinionated, stage-based landing zone toolkit for bootstrapping enterprise-grade GCP organizations
Repository: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric
Latest Version: v53.0.0 (as of February 2025)
Module Usage Pattern
ALWAYS pin modules to a tagged release to ensure stability:
module "project" {
source = "github.com/GoogleCloudPlatform/cloud-foundation-fabric//modules/project?ref=v53.0.0"
name = "my-project"
# ... other configuration
}
Version Reference
| Version | Release Date | Status |
|---|---|---|
| v53.0.0 | 2025-02-12 | Latest |
| v52.1.0 | 2025-02-12 | Stable |
| v52.0.0 | 2025-01-31 | Stable |
Quick Examples
Project with APIs and IAM
module "project" {
source = "github.com/GoogleCloudPlatform/cloud-foundation-fabric//modules/project?ref=v53.0.0"
name = "my-application"
parent = "folders/1234567890"
services = [
"compute.googleapis.com",
"container.googleapis.com",
"logging.googleapis.com",
]
iam = {
"roles/viewer" = ["group:developers@example.com"]
"roles/editor" = ["serviceAccount:ci-cd@my-project.iam.gserviceaccount.com"]
}
}
VPC with Subnets
module "vpc" {
source = "github.com/GoogleCloudPlatform/cloud-foundation-fabric//modules/net-vpc?ref=v53.0.0"
project_id = module.project.project_id
name = "production-vpc"
subnets = [
{
name = "subnet-1"
region = "us-central1"
ip_cidr_range = "10.0.0.0/24"
},
{
name = "subnet-2"
region = "europe-west1"
ip_cidr_range = "10.0.1.0/24"
}
]
}
GKE Autopilot Cluster
module "gke" {
source = "github.com/GoogleCloudPlatform/cloud-foundation-fabric//modules/gke-cluster-autopilot?ref=v53.0.0"
project_id = module.project.project_id
name = "main-cluster"
location = "us-central1"
vpc_config = {
network = module.vpc.self_link
subnetwork = module.vpc.subnet_self_links["us-central1/subnet-1"]
}
}
Reference Documentation
For detailed information, see the following reference guides:
- Module Catalog - Complete list of all CFF modules organized by category
- Design Principles - The Zen of Fabric, common interfaces, and naming conventions
- Factory Patterns - Configuration-driven resource creation using YAML
- Cursed Knowledge - Edge cases, gotchas, and advanced patterns
- Configuration - Tool setup, environment variables, and provider configuration
Common Patterns
IAM Interface
Most modules support consistent IAM patterns:
iam = {
"roles/viewer" = ["user:user@example.com"]
"roles/editor" = ["group:group@example.com"]
}
No Random Suffixes
Use explicit prefix instead of random suffixes:
module "project" {
source = "github.com/GoogleCloudPlatform/cloud-foundation-fabric//modules/project?ref=v53.0.0"
name = "application"
prefix = "prod" # Creates: prod-application
}
Key Files
| File | Purpose |
|---|---|
| CURSED_KNOWLEDGE.md | Edge cases and gotchas |
| FACTORIES.md | Factory patterns documentation |
| CONTRIBUTING.md | Development guidelines |
| GEMINI.md | AI assistant context |
| CHANGELOG.md | Release history |
External References
- Repository: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric
- Modules: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/tree/master/modules
- FAST Documentation: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/tree/master/fast
- Blueprints: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/tree/master/blueprints
Weekly Installs
2
Repository
benjaminwestern…r-skillsFirst Seen
4 days ago
Security Audits
Installed on
amp2
cline2
opencode2
cursor2
kimi-cli2
codex2