cloud-foundation-fabric/examples/README.md

# Terraform end-to-end examples for Google Cloud

This section contains **[foundational examples](./foundations/)** that bootstrap the organizational hierarchy and automation prerequisites, **[networking examples](./networking/)** that implement core patterns or features, **[data solutions examples](./data-solutions/)** that demonstrate how to integrate data services in complete scenarios, **[cloud operations examples](./cloud-operations/)** that leverage specific products to meet specific operational needs and **[factories](./factories/)** that implement resource factories for the repetitive creation of specific resources.

Currently available examples:

- **cloud operations** - [Resource tracking and remediation via Cloud Asset feeds](./cloud-operations/asset-inventory-feed-remediation), [Granular Cloud DNS IAM via Service Directory](./cloud-operations/dns-fine-grained-iam), [Granular Cloud DNS IAM for Shared VPC](./cloud-operations/dns-shared-vpc), [Compute Engine quota monitoring](./cloud-operations/quota-monitoring), [Scheduled Cloud Asset Inventory Export to Bigquery](./cloud-operations/scheduled-asset-inventory-export-bq), [Packer image builder](./cloud-operations/packer-image-builder), [On-prem SA key management](./cloud-operations/onprem-sa-key-management)
- **data solutions** - [GCE/GCS CMEK via centralized Cloud KMS](./data-solutions/gcs-to-bq-with-least-privileges/), [Cloud Storage to Bigquery with Cloud Dataflow with least privileges](./data-solutions/gcs-to-bq-with-least-privileges/), [Data Platform Foundations](./data-solutions/data-platform-foundations/)
- **factories** - [The why and the how of resource factories](./factories/README.md)
- **foundations** - [single level hierarchy](./foundations/environments/) (environments), [multiple level hierarchy](./foundations/business-units/) (business units + environments)
- **networking** - [hub and spoke via peering](./networking/hub-and-spoke-peering/), [hub and spoke via VPN](./networking/hub-and-spoke-vpn/), [DNS and Google Private Access for on-premises](./networking/onprem-google-access-dns/), [Shared VPC with GKE support](./networking/shared-vpc-gke/), [ILB as next hop](./networking/ilb-next-hop), [PSC for on-premises Cloud Function invocation](./networking/private-cloud-function-from-onprem/), [decentralized firewall](./networking/decentralized-firewall)
- **third party solutions** - [OpenShift cluster on Shared VPC](./third-party-solutions/openshift)

For more information see the README files in the [foundations](./foundations/), [networking](./networking/), [data solutions](./data-solutions/), [cloud operations](./cloud-operations/) and [factories](./factories/) folders.
Add readme to the examples folder 2022-01-11 01:23:56 -08:00			`# Terraform end-to-end examples for Google Cloud`

Fix typos and update link-checker config 2022-01-11 01:38:14 -08:00			This section contains [foundational examples](./foundations/) that bootstrap the organizational hierarchy and automation prerequisites, [networking examples](./networking/) that implement core patterns or features, [data solutions examples](./data-solutions/) that demonstrate how to integrate data services in complete scenarios, [cloud operations examples](./cloud-operations/) that leverage specific products to meet specific operational needs and [factories](./factories/) that implement resource factories for the repetitive creation of specific resources.
Add readme to the examples folder 2022-01-11 01:23:56 -08:00
			`Currently available examples:`

Resource Factory update (#430) * Resource Factory update * Pleasing the linting gods * Poking the linting gods Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> 2022-01-13 23:30:06 -08:00			- cloud operations - [Resource tracking and remediation via Cloud Asset feeds](./cloud-operations/asset-inventory-feed-remediation), [Granular Cloud DNS IAM via Service Directory](./cloud-operations/dns-fine-grained-iam), [Granular Cloud DNS IAM for Shared VPC](./cloud-operations/dns-shared-vpc), [Compute Engine quota monitoring](./cloud-operations/quota-monitoring), [Scheduled Cloud Asset Inventory Export to Bigquery](./cloud-operations/scheduled-asset-inventory-export-bq), [Packer image builder](./cloud-operations/packer-image-builder), [On-prem SA key management](./cloud-operations/onprem-sa-key-management)
Add Data Platform to FAST (#510) * Import Fast from dev repository. > > Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Simone Ruffilli <sruffilli@google.com> * Import Fast from dev repository. > > Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Simone Ruffilli <sruffilli@google.com> * merge tools changes * Import Fast from dev repository. > > Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Simone Ruffilli <sruffilli@google.com> * add bolierplate to validate_schema Co-authored-by: Julio Castillo <juliocc@users.noreply.github.com> * stage 02-security * Import Fast from dev repository. Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Simone Ruffilli <sruffilli@google.com> * Copy FAST top level README * Copy FAST top level README * TODO list * TODO list * fix linting action to account for fast * remove providers file * add missing boilerplate * update factory README * align examples tfdoc * fast readmes tfdoc * disable markdown link check * really disable markdown link check * update TODO * switch to local module refs in stage0 * replace module refs in 02-sec * Import Fast from dev repository. > > Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Simone Ruffilli <sruffilli@google.com> * merge tools changes * Import Fast from dev repository. > > Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Simone Ruffilli <sruffilli@google.com> * add bolierplate to validate_schema Co-authored-by: Julio Castillo <juliocc@users.noreply.github.com> * Import Fast from dev repository. > > Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Simone Ruffilli <sruffilli@google.com> * stage 02-security * Import Fast from dev repository. Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Simone Ruffilli <sruffilli@google.com> * Copy FAST top level README * Copy FAST top level README * TODO list * TODO list * fix linting action to account for fast * remove providers file * add missing boilerplate * update factory README * align examples tfdoc * fast readmes tfdoc * disable markdown link check * really disable markdown link check * update TODO * switch to local module refs in stage0 * replace module refs in 02-sec * Move first draft to fast branch * Fix roles and variables. Add e2e DAG example! * Fix example * Fix KMS * First draft: README * Update README * Add DLP, update README * Update Readme * README * Add todos * Merge master * Merge master * Merge master * Fix and test KMS, Fix and test existing prj (it works also with single prj), Update README * Fix READM and Demo * add on TF files * Remove block comments * simplify service_encryption_keys logic * fix README * Fix TODOs * fix tfdoc description * fix demo README * fix sample files * rename tf files * Fix outputs file name, fix README, remove dependeces on composer resource * Add test. * Fix README. * Initial README update * README review * Fix issues & readme * Fix README * Fix README * Fix test error * Fix test error * Add datacatalog * Fix test, for real? :-) * fix readme * support policy_boolean * split Cloud NAT flag * Fix README. * Fix Shared VPC, first try :-) * Fix tests and resource name * fix tests * fix tests * README refactor * Fix secondary range logic * First commit * Replace existing data platform * Fix secondary range logic * Fix README * Replace DP example tests with the new one. * Fix test module location. * Fix test module location, for real. * Support DataPlatform project in VPC-SC * Fix VPC-SC * Add TODO, VPC-SC * Possible improvement to handle VPC-SC perimeter projects with folder as variable * Add TODO * Fix module path * Initial fix for KMS * Add PubSub encryption * Fix secondary range logic * First commit * Support DataPlatform project in VPC-SC * Fix VPC-SC * Add TODO, VPC-SC * Possible improvement to handle VPC-SC perimeter projects with folder as variable * Add TODO * Fix module path * Initial fix for KMS * Update READMEs * Update README * Fix composer roles and README. * Fix test. * Fixes. * Add DLP documentation link. * Temp commit with errors * Refactor variables * Fix secondary range logic * First commit * Support DataPlatform project in VPC-SC * Fix VPC-SC * Add TODO, VPC-SC * Possible improvement to handle VPC-SC perimeter projects with folder as variable * Add TODO * Fix module path * Initial fix for KMS * rebase * rebase * rebase * Rebase * rebase * Update READMEs * Fixes. * Fix new variables * Fix misconfiguration and tests. * Fix secondary range logic * First commit * Support DataPlatform project in VPC-SC * Fix VPC-SC * Add TODO, VPC-SC * Possible improvement to handle VPC-SC perimeter projects with folder as variable * Add TODO * Fix module path * Initial fix for KMS * rebase * rebase * rebase * Rebase * rebase * Update READMEs * Fixes. * Rebase - Fix secondary range logic * Rebase - First commit * Support DataPlatform project in VPC-SC * Fix VPC-SC * Possible improvement to handle VPC-SC perimeter projects with folder as variable * Initial fix for KMS * Fix secondary range logic * First commit * Support DataPlatform project in VPC-SC * Fix VPC-SC * Fix module path * Initial fix for KMS * Update READMEs * Fixes. * Fix new variables * Revert VPC-SC logic * Fix variable typos * README fixes * Fix Project Name logic * Fix Linting * READEME * update READEME * update READEME * update README * mandatory project creation, refactor * formatting * add TODO for service accounts descriptive name * use project module to assign shared vpc roles * Fix shared-vpc-project module * Fix vpc name and tests * README * update to newer version Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Simone Ruffilli <sruffilli@google.com> Co-authored-by: Julio Castillo <juliocc@users.noreply.github.com> Co-authored-by: Julio Castillo <jccb@google.com> 2022-02-11 08:32:16 -08:00			`- data solutions - [GCE/GCS CMEK via centralized Cloud KMS](./data-solutions/gcs-to-bq-with-least-privileges/), [Cloud Storage to Bigquery with Cloud Dataflow with least privileges](./data-solutions/gcs-to-bq-with-least-privileges/), [Data Platform Foundations](./data-solutions/data-platform-foundations/)`
Resource Factory update (#430) * Resource Factory update * Pleasing the linting gods * Poking the linting gods Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> 2022-01-13 23:30:06 -08:00			`- factories - [The why and the how of resource factories](./factories/README.md)`
Add readme to the examples folder 2022-01-11 01:23:56 -08:00			`- foundations - [single level hierarchy](./foundations/environments/) (environments), [multiple level hierarchy](./foundations/business-units/) (business units + environments)`
			`- networking - [hub and spoke via peering](./networking/hub-and-spoke-peering/), [hub and spoke via VPN](./networking/hub-and-spoke-vpn/), [DNS and Google Private Access for on-premises](./networking/onprem-google-access-dns/), [Shared VPC with GKE support](./networking/shared-vpc-gke/), [ILB as next hop](./networking/ilb-next-hop), [PSC for on-premises Cloud Function invocation](./networking/private-cloud-function-from-onprem/), [decentralized firewall](./networking/decentralized-firewall)`
			`- third party solutions - [OpenShift cluster on Shared VPC](./third-party-solutions/openshift)`

			`For more information see the README files in the [foundations](./foundations/), [networking](./networking/), [data solutions](./data-solutions/), [cloud operations](./cloud-operations/) and [factories](./factories/) folders.`