Corpus translates Logos structure into real infrastructure: GCP projects, shared VPC and subnets, DNS zones, Artifact Registry, workload identity pools, and encrypted state buckets.
Corpus embodies the foundational Google Cloud infrastructure. It creates the project scaffolding, networking fabric, and security primitives that all workload environments depend upon. A Corpus deployment is a prerequisite to deploying any workload infrastructure in the platform.
Platform Repositories 🏗️
Corpus
This repository manages GCP projects, shared VPC networking, DNS, Artifact Registry, workload identity federation, audit logging, and encrypted state storage.
What Corpus Manages
Resource Hierarchy and IAM
Creates Google Cloud projects with CIS GCP Benchmark compliance, billing budgets, required APIs, and IAM bindings sourced from Logos team data.
Networking
Manages a shared VPC host project with regional subnets, Cloud NAT, and Cloud DNS managed zones (public with DNSSEC and private).
Workload Identity
Configures workload identity federation so GitHub Actions can authenticate to GCP without service account keys using OIDC.
Audit Logging
Manages centralized audit logging. Google Cloud services write audit logs that record administrative activities and access within your Google Cloud resources.
OpenTofu State Backend
Manages KMS-encrypted Cloud Storage buckets used as the OpenTofu remote state backend for all platform team repositories.
