zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,209 Commits 3 Branches 352 Tags 54 MiB
Commit Graph

1741 Commits

Author SHA1 Message Date
Luca Prete 019cca735d
net-lb-ext: add option to set IPv6 subnetwork for IPv6 external fw rules 2023-10-24 13:37:33 +00:00
Luca Prete feef3909db
compute-vm: remove old todo (#1804) 2023-10-24 10:45:53 +00:00
Pierre Formont 43f78194e9
use the repository format in the image_path output (#1803) 
* use the repository format in the image_path output

* use local.format_string instead of var.format
 2023-10-24 10:24:53 +00:00
Julio Castillo b2201f69b7
Fix Internal App LB serverless NEG backend example (#1801) 
* Fix Internal App LB serverless NEG backed example

* Silence linter
 2023-10-24 07:25:43 +00:00
Luca Prete f54b4f88b8
net-address: allow users to optionally specify address names (#1795) 2023-10-23 15:17:06 +00:00
apichick 378960cfc6 Removed unnecessary try statements 2023-10-22 17:50:57 +02:00
Luca Prete a23b3d62ae
net-lb-ext: add support for multiple forwarding rules (IPs) and dual-stack (IPv4/IPv6) 2023-10-21 18:19:18 +02:00
Simone Ruffilli 6d89b88149
versions.tf maintenance + copyright notice bump (#1782) 
* Bump copyright notice to 2023

* Delete versions.tf on blueprints

* Pin provider to major version 5

* Remove comment

* Fix lint

* fix bq-ml blueprint readme

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-20 18:17:47 +02:00
Wiktor Niesiobędzki d07daf966a
End-to-end tests for terraform modules (#1751) 
Add end-to-end tests (apply, plan, destroy) for examples.

When run, `tests/examples_e2e`:
1. Create an environment for tests to run (folder, project vpc network) 
2. For each marked example (with `e2e` tftest directive), run apply, plan, destroy
3. Verify:
* no failure in apply
* empty plan after apply
* no failure during destroy
4. When all tests are done, destroy test environment

More details in `tests/examples_e2e/README.md`
 2023-10-20 09:59:52 +02:00
luigi-bitonti 4e439720aa
Added ProtectedApplication feature to GKE Backup (#1774) 
* Added ProtectedApplication feature to GKE Backup

* Fixed location name and added example

* Modified test module

* Changed test

* Changed test

* Changed test

* Restore old "all_namespaces" logic

* Bug fix

* Ran fmt on README example

* Modified variable structure

* Fix test

* Fix
 2023-10-19 19:54:22 +02:00
Ludovico Magnocavallo 77a4696aa6
Add gcp org policy constraints file to bootstrap stage (#1775) 
* add gcp org policy constraints file to bootstrap

* make the org policy factories more resilient
 2023-10-18 18:21:16 +00:00
Ludovico Magnocavallo 02ccc576f5
fix resource manager tag bindings in compute-vm module (#1771) 2023-10-18 09:24:00 +00:00
Wiktor Niesiobędzki c21fa4558f
Remove incompatible balancing_mode (#1769) 
## net-lb-int
* Fix error on apply of example:
```
Error creating RegionBackendService: googleapi: Error 400: Invalid value for field 'resource.backends[0].balancingMode': 'UTILIZATION'. Balancing mode must be CONNECTION for an INTERNAL backend service., invalid
```
* remove unused `balancing_mode` variable, as only one value is possible anyhow

## net-lb-ext
* update in the `backends` description

## net-lb-proxy-int
* update in the `backends` description

## net-lb-app-int
* added validation of `balancing_mode`
* fixed other validations

## net-lb-app-ext
* added validation of `balancing_mode`
* fixed other validations
* removed validation for `locality_lb_policy` as this variable is not used in this module

Closes: #1767
 2023-10-18 08:11:32 +02:00
Luca Prete 6c48512f7e
[#1764] net-lb-int: add support for dual stack and multiple forwarding rules 2023-10-17 09:30:34 +00:00
Julio Castillo 82f14fd6c0
Make subnets depend on proxy only subnets (#1762) 
* Make subnets depend on proxy only subnets

* Add dependency to subnet_ids too

* Update readme
 2023-10-16 11:39:52 +00:00
jeroenmonteban f464557525
Add autoclass to GCS (#1757) 
* Add autoclass to GCS

* Fix linting

* Make autoclass block dynamic

* Fix syntax

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-16 07:45:10 +00:00
luigi-bitonti 0195ea6bca
Exposed stack_type variable in compute_vm module (#1756) 
* Exposed stack_type variable in compute_vm module

* Updated README.md

* align instance template, fix variable ordering

---------

Co-authored-by: Ludo <ludomagno@google.com>
 2023-10-16 06:28:56 +00:00
Ludovico Magnocavallo 252127bde5
Billing account module (#1743) 
* initial untested draft

* readme and tests

* folder module tfdoc

* remove redundant billing cost manager role in fast stage 0

* fix FAST test
 2023-10-15 15:02:50 +00:00
devuonocar 3949fdc283
Add outputs to BigQuery dataset module (#1752) 
* Add outputs

* Fix checks

* Fix order

* Fix order

* Fix var

* Fix outputs

* Fix README.md
 2023-10-13 17:02:47 +02:00
Ludovico Magnocavallo 85d2b8b093
Fix typo in GKE nodepool taints (#1754) 
* Fix typo in GKE nodepool taints

Fixes #1749

* fix windows taints
 2023-10-12 12:04:15 +00:00
Ludo 55fc3e226d
Revert "fix windows taints" 
This reverts commit 661b543e08.
 2023-10-12 13:39:42 +02:00
Ludo 661b543e08
fix windows taints 2023-10-12 13:38:37 +02:00
luigi-bitonti 3503e028ae
Module autopilot bug fixes (#1746) 
* Removed unused variables and bug fix

* Ran fmt

* Fix README.md

* Added comments to code
 2023-10-12 12:40:28 +02:00
devuonocar 4f91523a08
Add missing fields to Cloud Storage bucket (#1745) 
* Add new featrures

* Terraform fmt

* Fix README.md

* Delete not allowed validation

* Fix README.md

* Fix README.md

* update var

* update var

* Update var
 2023-10-10 22:40:30 +02:00
Julio Castillo 64d88d90d1
Append "s" to backoff times (#1744) 2023-10-10 13:32:19 +03:00
Julio Castillo 9ab3b49f69
Add PSA peered domains support to `net-vpc` (#1741) 
* Add PSA peered domains support to `net-vpc`

* Fix tests
 2023-10-06 15:31:32 +00:00
Julio Castillo ef290c1c8d
Enforce mandatory types in all variables (#1737) 2023-10-06 09:44:33 +00:00
luigi-bitonti bb76878d0d
Added FQDN Network Policy feature on GKE Cluster (#1732) 
* Added FQDN Network Policy feature on GKE Cluster

* Fix README.md. Added validation into variable.

* README.md updated

---------

Co-authored-by: Bitonti, Luigi <luigi.bitonti@nttdata.com>
 2023-10-06 10:05:54 +02:00
Julio Castillo dfc5023e0b
Make deletion protection consistent across all modules (#1735) 
* Expose deletion_protection in GKE modules

* Make deletion protection consistent across all modules

* Add deletion_protection option to blueprints

* Fix blueprints tests

* Fix types

* Update READMEs

* Fix dp readme

* Fix cmek blueprint default deletion_protection

* Fix blueprints tests
 2023-10-05 17:31:07 +02:00
devuonocar 7503bceaed
Add materialized views for bigquery (#1726) 
* add field and partition filter to time_partitioning for bq table

* add materialized view

* set optional fields for table

* Fix README.md

* Update README.md

* Fix README.md

* Replace explicit dependencies with implicit ones

* Fix indexes

* Update table_id(s) values

* Try to fix tests

* Update tests

* Restore explicit dependencies

* Update README.md

* Update README.md

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-10-04 12:25:56 +00:00
Luca Prete 20dd3df27c
Support multiple protocols (L3_DEFAULT) through net-ilb-int 2023-10-04 08:30:11 +00:00
Ludovico Magnocavallo 45673f5468
Update iam.tf 2023-10-04 08:19:31 +02:00
apichick e7c31cb83a
Merge branch 'master' into gcs-iam 2023-10-04 08:15:00 +02:00
Miren Esnaola c10eb72a8f Changes in IAM to GCS module 2023-10-04 08:13:45 +02:00
Julio Castillo 4b15605711
Fix dnssec keys lookup (#1728) 
* Fix dnssec keys lookup

* Fix DNS examples

* Fix FAST and blueprints resource counts
 2023-10-03 21:37:21 +02:00
Ludovico Magnocavallo 789328ff5a
Bump provider versions to v5.0.0 (#1724) 
* bump provider versions to 5.0.0

* fix cloud run, logging and vpc-sc

* Fix secret manager

* fix gke nodepool

* fix gke multitenant stage and blueprint

* Moving alloydb module to experimental.

* Add project to bare resources in examples

* tfdoc

* fix svpc blueprint test

* Revert "fix svpc blueprint test"

This reverts commit 14f02659098070136e64ead600580dd52c23c339.

* Fix GKE peering project

* Disable tests in alloydb module

* Bring back secret ids in secret manager tests

* Remove duplicate key

* last push

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-03 12:15:36 +00:00
devuonocar 4d3b0508cc
Add storage billing model (#1723) 
* Add storage billing model

* Fix README.md
 2023-10-02 19:37:40 +02:00
Ludovico Magnocavallo 046575b7c6
GLB HTTP to HTTPS redirect example (#1719) 2023-10-02 10:10:24 +00:00
apichick 0ecd223038
Merge branch 'master' into apigee-module-fix-try 2023-09-29 17:01:01 +02:00
Miren Esnaola 60906b66d8 Fixed problem with try in apigee module 2023-09-29 16:46:34 +02:00
devuonocar 1aa5e3a6dc
Add retry policy for subscriptions (#1716) 
* Add retry policy for subscriptions

* Update vars name

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2023-09-29 14:46:26 +00:00
Miren Esnaola 3d2285a5ab Fixed problem with try in apigee module 2023-09-29 16:33:21 +02:00
luigi-bitonti be5d9b8fe0
Add bug fix in bucket local variable (#1709) 
Fix bucket name reference in Cloud Functions if bucket is created and prefix is used.
 2023-09-28 10:17:53 +00:00
Wiktor Niesiobędzki 1c2f0c6b14 Tests for secrets for CF 2023-09-26 11:22:35 +02:00
Luigi Bitonti 15b7215f61 Add bug fix to allow to use Secret Manager secrets to mount files in Cloud Function 2023-09-25 14:51:00 +02:00
Ludo d78616b6c3
add support for default nodepool sa in GKE cluster module 2023-09-22 10:15:22 +02:00
Jason Steenblik 79b0dc9751
Add deletion_protection_enabled attribute to cloudsql-instance to enable the GCP native deletion protection flag (#1696) 2023-09-20 15:09:38 +02:00
Ludo c4c851c1dc
remove duplicate variable members 2023-09-20 10:53:44 +02:00
Ludovico Magnocavallo 9345901598
Merge branch 'master' into instance-attachment-bc 2023-09-20 10:22:48 +02:00
Julio Castillo d7857f26e9
Merge branch 'master' into eddern/fix-apigee-addons-config 2023-09-19 21:15:56 +02:00
eddern 36d030f61b simplify values assertion 2023-09-19 19:28:22 +02:00
Ludovico Magnocavallo df5daab6cc
Allow using no service account in compute-vm (#1692) 
* module and tests

* align blueprints

* tfdoc

* remove stale variables

* fix blueprint

* variable description
 2023-09-19 16:56:51 +00:00
eddern 9a893114b9 flip return of conditional expression 2023-09-19 18:42:29 +02:00
John Inama b9a8b534e4 updating docs 2023-09-18 15:12:25 -04:00
John Inama 8469c86e63 reversing instance attachment names 2023-09-18 13:02:09 -04:00
John Inama 10b9c9e2a6 resolving merge: 
:
 2023-09-18 12:18:20 -04:00
Ludovico Magnocavallo 96c28e605b
fix repd disk attachment in compute-vm module (#1688) 2023-09-18 13:02:28 +00:00
Julio Castillo 7e7981a1b5 Add IAM variables template to ADR 2023-09-17 10:50:03 +02:00
Julio Castillo 415bc14d7b Update Pub/Sub readme 2023-09-17 00:21:36 +02:00
Julio Castillo 9d61c6e26d Update IAM for pubsub topics and subscriptions 2023-09-17 00:21:36 +02:00
Julio Castillo 45203fe86c Make kms iam non-nullable 2023-09-17 00:21:36 +02:00
Julio Castillo 9c878dc9cf Fix tests for new KMS IAM interface 2023-09-17 00:21:36 +02:00
Julio Castillo da883bab8c Update kms module key-level IAM 2023-09-17 00:21:36 +02:00
John Inama 39264f5edd I think it's all back 2023-09-15 16:59:13 -04:00
John Inama b285deca96 Putting it back how it was and flipping the attachment name 2023-09-15 16:48:13 -04:00
Ludovico Magnocavallo bd7b9b4dd1
Merge branch 'master' into jccb/fix-subnet-iam-bindings 2023-09-15 14:31:28 +02:00
Julio Castillo 616c6fbc48 Fix subnet iam_bindings to use arbitrary keys 2023-09-15 14:30:27 +02:00
Oliver Frolovs 6eb862a775
GKE cluster modules: add optional kube state metrics (#1682) 
* `gke-cluster-standard`: add optional kube state metrics
* `gke-cluster-autopilot`: add optional kube state metrics

* FAST: add kube state metrics support for GKE
* blueprints/gke: add kube state metrics support

* Bump up the provider version to `v4.82.0`
 2023-09-15 12:18:45 +01:00
Julio Castillo f3be29cbc9 Fix tests 2023-09-15 00:27:55 +02:00
Julio Castillo f19ab4872f Embed subnet-level IAM in the variables controlling creation of subnets 
This moves the top-level `iam`, `iam_bindings` and
`iam_bindings_additive` variables into subnet-level attributes. This
change also allows setting permissions to PSC or proxy-only subnets

As part of this change, the factory interface is more aligned with the
rest of the modules using a `factories_config` variable. In the future
we can add a cidrs template similar to the firewall policy module
 2023-09-15 00:27:55 +02:00
Oliver Frolovs b3dc91b5cd
Upgrades to `monitoring_config` in `gke-cluster-*`, docs update, and cosmetics fixes to GKE cluster modules (#1680) 
* gke-cluster-standard: upgrade `monitoring_config` to use object style. Add tests.
* gke-cluster-standard: update docs

* gke-cluster-autopilot: move gateway_api_config block (cosmetic change)
* gke-cluster-autopilot: update docs and fix typos

* Update blueprints due to `monitoring_config` changes in `gke-cluster-standard`.
* Update FAST due to `monitoring_config` changes in `gke-cluster-standard`.
* Update docs for affected blueprints and FAST stages
 2023-09-14 23:25:57 +01:00
Julio Castillo 1caf394661 Add example reserving blocks with cluster creation 2023-09-14 13:08:43 +02:00
Julio Castillo 433a0f0541 Update readmes 2023-09-14 12:57:41 +02:00
Julio Castillo 94e99fe339 Fix formatting 2023-09-14 12:56:17 +02:00
Julio Castillo 7516a778ed Remove useless try() 2023-09-14 12:52:43 +02:00
Julio Castillo c1be435b09 Fix range names definition of GKE clusters 
Fixes #1677
 2023-09-14 12:51:43 +02:00
Oliver Frolovs 05c0195a06
GKE Autopilot module: add network tags (#1675) 
* gke-cluster-autopilot: add support for network tags

* gke-cluster-autopilot: add validation for network tags

* gke-cluster-autopilot: expand README and fix some typos

* gke-cluster-autopilot: fix Cloud DNS section in README

Removed a reference to Standard clusters and updated the section to include a warning because the new versions of Autopilot clusters can only use Cloud DNS and it is pre-configured by default so the example in the README does not apply to them.

* gke-cluster-autopilot: cosmetic fixes in README

* gke-cluster-autopilot: rollback validation on network tags var

* gke-cluster-autopilot: rollback docs string update for network tags var

* gke-cluster-autopilot: rollback some updates to README

* gke-cluster-autopilot: remove dead code

* gke-cluster-autopilot: add a tftest for network tags

* gke-cluster-autopilot: fix a tftest
 2023-09-14 09:34:51 +00:00
Dave Gulli 819b4aab5c fixed up nit from PR 1666 2023-09-14 13:15:00 +10:00
Julio Castillo 66416ac5f1
Merge branch 'master' into luigi-bitonti/pubsub-gcs-feature 2023-09-13 21:23:10 +02:00
Luigi Bitonti 4f5852d3a7 Ran fmt 2023-09-13 19:53:05 +02:00
Luigi Bitonti 6d4060f0aa Fixed typo 2023-09-13 15:59:04 +02:00
apichick 008abe4ddc
Merge branch 'master' into apigee-module-fix 2023-09-13 15:25:51 +02:00
luigi-bitonti f5b657df54
Merge branch 'master' into luigi-bitonti/pubsub-gcs-feature 2023-09-13 15:18:45 +02:00
Luigi Bitonti f2fc67d72d Added possibility to use gcs push endpoint on pubsub subscription 2023-09-13 15:13:13 +02:00
Miren Esnaola fdb133f1de Fixed, added back environments to each instance, that way we can also create instances for already existing environments 2023-09-13 14:43:37 +02:00
Dave Gulli ced8e498f8 terraform fmt 2023-09-13 16:58:50 +10:00
Dave Gulli 09e6e8f4d2 created passing test, fixed logic 2023-09-13 16:49:14 +10:00
Dave Gulli 83221c16a5 Merge branch 'global_managed_proxy_support' of https://github.com/dgulli/cloud-foundation-fabric into global_managed_proxy_support 2023-09-13 14:11:11 +10:00
Dave Gulli 3d39a3ecf1 fixed up logic. 2023-09-13 14:11:09 +10:00
Ludovico Magnocavallo f5b9f08183
Merge branch 'master' into global_managed_proxy_support 2023-09-13 05:45:52 +02:00
apichick e9801979a4
Merge branch 'master' into net-vlan-attachment-fix 2023-09-12 14:58:16 +02:00
Arpit Sharma b512650ad2
fix(compute-mig): add correct type optionality for metrics in autosca… (#1668) 
* fix(compute-mig): add correct type optionality for metrics in autoscaler_config

* feat(compute-mig): regenerate readme via tfdoc

* fix(compute-mig): linting

* fix(compute-mig): attempt #2 at fixing linting error

* fix(compute-mig): tfdoc --no-files
 2023-09-12 13:58:09 +02:00
Miren Esnaola 0019328bb4 Fix for partner interconnect, the router interface and the BGP peers are automatically created 2023-09-12 13:02:28 +02:00
Dave Gulli 3479c40735 fixing tests 2023-09-12 15:53:28 +10:00
Dave Gulli 9498e740dc Merge branch 'global_managed_proxy_support' of https://github.com/dgulli/cloud-foundation-fabric into global_managed_proxy_support 2023-09-12 15:01:01 +10:00
Dave Gulli 5f2bc7fa92 refactored to recommended method 2023-09-12 14:58:49 +10:00
David Gulli 1092f181bd
Merge branch 'master' into global_managed_proxy_support 2023-09-12 12:08:56 +10:00
Arpit Sharma f225b60b0e
fix(compute-mig): add mode property to compute_region_autoscaler (#1667) 
* fix(compute-mig): add mode property to compute_region_autoscaler

* fix(compute-mig): add mode property to zonal mig
 2023-09-11 13:25:31 +02:00
Dave Gulli db5030e93f adding test 2023-09-11 21:08:55 +10:00
Dave Gulli 3208bcd9d5 matched the period 2023-09-11 20:50:18 +10:00
Dave Gulli f76d8fcb52 fixed period 2023-09-11 20:48:26 +10:00
Dave Gulli dac76a900b fixed references 2023-09-11 20:47:05 +10:00
Dave Gulli adff09aa24 linting error 2023-09-11 20:45:32 +10:00
Dave Gulli c1b52b300c trying to fix linting 2023-09-11 20:41:25 +10:00
Dave Gulli 7e0827db53 re-ordered variables per lint error 2023-09-11 20:33:08 +10:00
Dave Gulli e1aff29d5c linting again 2023-09-11 20:30:11 +10:00
Dave Gulli 3cfabb32c5 fixed linter 2023-09-11 20:29:08 +10:00
Dave Gulli 3c0391db5c slight change to readme thanks to tfdoc 2023-09-11 20:24:06 +10:00
Dave Gulli 8c264da200 small commits to add variables, append tests 2023-09-11 20:14:17 +10:00
Dave Gulli a18071ed36 updated for global managed proxy 2023-09-11 17:42:34 +10:00
Dave Gulli b49984e1b9 added support for global proxy only subnets 2023-09-11 16:56:09 +10:00
Ludovico Magnocavallo ec3b705f53
Change type of `iam_bindings` variable to allow multiple conditional bindings (#1658) 
* modules

* fast

* dns readme
 2023-09-08 08:56:31 +02:00
Julio Castillo a6230d2b11
Merge branch 'master' into jccb/apigee-fixes 2023-09-07 16:34:45 +02:00
simonebruzzechesse 77c1e69666
New phpIPAM serverless third parties solution in blueprints (#1642) 
* Added new phpIPAM serverless third parties solution in blueprints
* added jit to iap.googleapis.com service in project module
* updated tests
 2023-09-07 15:30:22 +02:00
John Inama 3e069ea16a changed from merge to length-based if statement 2023-09-07 08:26:40 -04:00
g-greatdevaks b98537689c add tests and update readme for apigee psc peering 2023-09-07 16:55:16 +05:30
Julio Castillo 34b37a0dc2 Remove unneeded try 2023-09-07 12:09:42 +02:00
Julio Castillo 46f4d22c87 Examples and tests 2023-09-07 11:31:40 +02:00
Julio Castillo d7dcec3389 Fix error message 2023-09-07 10:52:30 +02:00
Julio Castillo 0822531b78 Allow creating organizations/instances without VPC Peering 2023-09-07 10:51:43 +02:00
Julio Castillo 6f5a6aa06d Allow user to override instance names 2023-09-07 09:05:49 +02:00
John Inama 3941129a68 still testing 2023-09-06 17:12:31 -04:00
John Inama 822dfc0110 replaced coalesce with merge 2023-09-06 17:08:39 -04:00
John Inama 35ff529b9c swapping coalesce variables for test 2023-09-06 17:02:04 -04:00
John Inama b4979fd451 Added coalesce to local variable and to the attachment resource 2023-09-06 16:59:30 -04:00
John Inama e64cd90d4c just trying the old way first 2023-09-06 15:29:25 -04:00
John Inama c1c99a0a79 back to coalesce 2023-09-06 14:54:30 -04:00
John Inama c32e2763f0 Changed instance loop to a coalescelist function 2023-09-06 14:30:43 -04:00
John Inama 7ceaf9b513 Added environments back to instances variable 2023-09-06 13:58:41 -04:00
John Inama 401c3478ea Fixed copy/paste error from earlier commit 2023-09-06 13:48:38 -04:00
John Inama 46be7c0c1d Added original attachment loop block as local for backwards compatibility 2023-09-06 13:25:58 -04:00
Julio Castillo a6640e5959 Make net-vpc variables nullable 2023-09-06 09:57:34 +02:00
John Inama 7acb4966b2 Added optional name value to instances variable and added it to the instance resource 2023-09-05 17:23:45 -04:00
Julio Castillo 3d4cc7164a Bump provider version to 4.80.0 2023-09-05 09:48:15 +02:00
Oliver Frolovs 9f23d504ec
gke-cluster-autopilot: add monitoring configuration (#1646) 
* gke-cluster-autopilot: add monitoring configuration block (monitoring_config)
 2023-09-04 16:43:59 +01:00
Oliver Frolovs 42ebbccad9
gke-cluster-autopilot: validation for release_channel (#1645) 2023-09-03 00:37:49 +00:00
Oliver Frolovs 988fd2ee05
gke-cluster-standard: change logging configuration (#1638) 
* Update logging configuration of this module to use object interface in harmony with `gke-cluster-autopilot` module.
* Update blueprints that use this module.
* Add "WORKLOADS" log source to logging configuration of the blueprints where the README files say so.
* Update FAST stage 3 because it uses this module.
 2023-08-31 12:49:15 +01:00
Oliver Frolovs 80e85ad343
gke-cluster-autopilot: add logging configuration (#1625) 
Although one cannot disable Cloud Logging and Cloud Monitoring integration in GKE Autopilot clusters, one has some flexibility over which control plane components' logs should be ingested. This commit adds a new variable and a block to the cluster resource to facilitate that.

* gke-cluster-autopilot: update logging configuration and add an example to module README
 2023-08-31 12:06:57 +01:00
Zachary b784e85c60 Regenerated cloud run README tables with tfdoc.py 
Updated documentation with tfdoc.py
 2023-08-30 12:16:21 +01:00
Zachary a4dfd7f201 fixed grcp to grpc typo in cloud run module 2023-08-30 11:04:10 +01:00
LudovicEmo c558d9b753
Vpc sc allow null for identity type (#1632) 
* vpc-sc : allow null for identity_type

* cloudsql-instance : fmt

* vpc-sc: tfdoc

* modules/vpc-sc: update the test result for the identity_type field

* cloudsql-instance: remove empty line
 2023-08-29 04:28:57 +02:00
Luca Prete 9d0fd744a8
Do not set default ASN number (#1633) 2023-08-28 15:06:31 +00:00
Julio Castillo 9eb768357e Switch to count 2023-08-28 16:00:48 +02:00
Julio Castillo 04721a35ef Allow single hfw policy association in folder and organization modules 2023-08-28 16:00:48 +02:00
Luca Prete ce96ac31e7
[Fix] Add explicit dependency between CR peers and NCC RA spoke creation (#1630) 2023-08-28 15:50:46 +02:00
Carlo Maria Valla befbd190a3
Cloud SQL activation policy selectable (#1613) 
* Update main.tf

added activation policy

* Update variables.tf

added activation_policy variable defaulted as ALWAYS for non regression

* corrections requested by @juliocc

* Regeneration of README.md on cloudsql-instance mod

* terraform fmt changes

* bug correctionand activation_policy on replicas

* activation_policy description change and README.md

* Bug correction
 2023-08-25 12:12:08 +02:00
Julio Castillo 44c1cec041 Fix tests 2023-08-24 20:09:23 +02:00
Julio Castillo 25aa29e463 Merge remote-tracking branch 'origin/master' into billabongrob/add-nat 2023-08-24 19:52:06 +02:00
Julio Castillo 9188603365 Update key name 2023-08-24 19:46:39 +02:00
Julio Castillo d50355b01a Only create nat IP when requested 2023-08-24 19:42:20 +02:00
Julio Castillo 67c2597bcc Fix output order 2023-08-24 19:38:44 +02:00
Julio Castillo add1ac2dcc Update README 2023-08-24 19:36:42 +02:00
Julio Castillo 57d5e05d69
Merge branch 'master' into richard/nfw-policy-remove-match-var-validation 2023-08-24 19:29:13 +02:00
Julio Castillo bff5e46460 Fix apigee instance nat 2023-08-24 19:27:34 +02:00
Julio Castillo 3fdf0dfe99 Make apigee variables non-nullable 2023-08-24 18:15:15 +02:00
Rob Heckel 6c33d34c28 Adding support for NAT in Apigee 2023-08-24 09:36:15 -05:00
Richard Olson 10aeb6615a readme update 2023-08-24 20:01:47 +10:00
Julio Castillo d36c53bbae
Update README.md 2023-08-24 11:29:03 +02:00
Richard Olson 35aae372b2 remove existing validation 2023-08-24 19:06:43 +10:00
Richard Olson 2f4b141d7a switch default behaviour for ingress 2023-08-23 21:17:47 +10:00
Richard Olson def012d32e customisable rule action 2023-08-23 21:08:23 +10:00
Richard Olson 18af929331 add name to factory rules 2023-08-23 20:58:07 +10:00
Erin Horning 4885b8a7f9 objects non-nullable 2023-08-22 09:40:50 -06:00
Erin Horning 9a0f9f607f objects output 2023-08-22 09:35:39 -06:00
Erin Horning 2f3d29395f remove validation 2023-08-22 09:09:37 -06:00
Ludovico Magnocavallo 95a0c76b18
Merge branch 'master' into ehorning/support-gcs-object-upload 2023-08-22 09:48:32 +02:00
Ludovico Magnocavallo ff8eef6a6f
use cloud run bindings for cf v2 invoker role, refactor iam handling in cf v2 and cloud run (#1609) 2023-08-22 07:23:49 +00:00
Erin Horning 33d51dbee4
Merge branch 'master' into ehorning/support-gcs-object-upload 2023-08-21 16:36:35 -06:00
Erin Horning 6f1f6f5085 add additional parameters 2023-08-21 16:35:47 -06:00
Julio Castillo 49a4550b5d
Merge branch 'master' into elia-gcve 2023-08-21 08:44:37 +02:00
Ludovico Magnocavallo 0d17af7967
Update 20230816-iam-refactor.md 2023-08-21 07:11:24 +02:00
Ludovico Magnocavallo e7eeed12f8
Update 20230816-iam-refactor.md 2023-08-21 07:10:29 +02:00
Ludovico Magnocavallo 63b0480499
Update 20230816-iam-refactor.md 2023-08-21 07:09:54 +02:00
Ludovico Magnocavallo e43be5b387
Update README.md 2023-08-21 07:01:06 +02:00
Ludovico Magnocavallo 5cb4accbd0
Merge branch 'master' into elia-gcve 2023-08-20 10:19:14 +02:00
Ludovico Magnocavallo 819894d2ba
IAM interface refactor (#1595) 
* IAM modules refactor proposal

* policy

* subheading

* Update 20230816-iam-refactor.md

* log Julio's +1

* data-catalog-policy-tag

* dataproc

* dataproc

* folder

* folder

* folder

* folder

* project

* better filtering in test examples

* project

* folder

* folder

* organization

* fix variable descriptions

* kms

* net-vpc

* dataplex-datascan

* modules/iam-service-account

* modules/source-repository/

* blueprints/cloud-operations/vm-migration/

* blueprints/third-party-solutions/wordpress

* dataplex-datascan

* blueprints/cloud-operations/workload-identity-federation

* blueprints/data-solutions/cloudsql-multiregion/

* blueprints/data-solutions/composer-2

* Update 20230816-iam-refactor.md

* Update 20230816-iam-refactor.md

* capture discussion in architectural doc

* update variable names and refactor proposal

* project

* blueprints first round

* folder

* organization

* data-catalog-policy-tag

* re-enable folder inventory

* project module style fix

* dataproc

* source-repository

* source-repository tests

* dataplex-datascan

* dataplex-datascan tests

* net-vpc

* net-vpc test examples

* iam-service-account

* iam-service-account test examples

* kms

* boilerplate

* tfdoc

* fix module tests

* more blueprint fixes

* fix typo in data blueprints

* incomplete refactor of data platform foundations

* tfdoc

* data platform foundation

* refactor data platform foundation iam locals

* remove redundant example test

* shielded folder fix

* fix typo

* project factory

* project factory outputs

* tfdoc

* test workflow: less verbose tests, fix tf version

* re-enable -vv, shorter traceback, fix action version

* ignore github extension warning, re-enable action version

* fast bootstrap IAM, untested

* bootstrap stage IAM fixes

* stage 0 tests

* fast stage 1

* tenant stage 1

* minor changes to fast stage 0 and 1

* fast security stage

* fast mt stage 0

* fast mt stage 0

* fast pf
 2023-08-20 09:44:20 +02:00
Ludovico Magnocavallo 3a8071d93c
Merge branch 'master' into elia-gcve 2023-08-20 08:18:53 +02:00
eliamaldini 126d75a311 fixed typo 2023-08-18 17:01:12 +02:00
eliamaldini 103443dc30 fixed typo 2023-08-18 16:57:35 +02:00
eliamaldini 1b93197b87 fixed typo 2023-08-18 16:56:21 +02:00
eliamaldini c4ada40275 fixed typo 2023-08-18 16:52:58 +02:00
eliamaldini bf26580b9d fixed variables order 2023-08-18 15:52:56 +02:00
eliamaldini 9452a14ac7 output cleanup 2023-08-18 15:49:20 +02:00
eliamaldini 81b567684b outputs cleaup 2023-08-18 15:41:06 +02:00
eliamaldini 87e82244af fixed tests 2023-08-18 15:38:35 +02:00
Michael e1e3826f6d
fix(cloud-run): move cpu boost annotation to revision 2023-08-18 13:53:00 +01:00
eliamaldini d568408331 fixed variable name and regex 2023-08-18 11:20:27 +02:00
Julio Castillo 476d6eaf30
Update variables.tf 2023-08-18 10:07:23 +02:00
Julio Castillo dc78ad3493
Update outputs.tf 2023-08-18 10:06:32 +02:00
Alejandro Leal ea0de3adbb Fixing some typos 2023-08-18 05:51:00 +00:00
Jay Schwerberg 574c7548d8
feat(cloud-run): add startup cpu boost option 2023-08-17 14:43:27 -07:00
eliamaldini 6a5739bf91 gcve net requirements link 2023-08-17 12:25:33 +02:00
eliamaldini c6f5d47c66 fixed variable name 2023-08-17 12:19:47 +02:00
eliamaldini 739bbf1aef fixed variable name 2023-08-17 12:11:42 +02:00
eliamaldini 3feaad0c1c fixed variable name 2023-08-17 12:10:44 +02:00
eliamaldini 0e2ee8bceb fixed typo 2023-08-17 12:05:44 +02:00
eliamaldini 1e54ddd710 Merge branch 'elia-gcve' of github.com:GoogleCloudPlatform/cloud-foundation-fabric into elia-gcve 2023-08-17 09:39:50 +02:00
eliamaldini e927bf3858 Fixed typo 2023-08-17 09:37:48 +02:00
eliamaldini a7fd3e2616 fixed file name 2023-08-17 09:25:44 +02:00
Ludovico Magnocavallo def2f476d1
Add support for conditions to `iam_members` module variables (#1594) 
* project

* data-catalog-policy-tag

* dataproc

* folder

* iam-service-account

* kms

* net-vpc

* organization

* source-repository

* dataplex-datascan
 2023-08-15 16:28:23 +02:00
Ludovico Magnocavallo acc191c58e
Merge branch 'master' into elia-gcve 2023-08-15 09:41:00 +02:00
eliamaldini 6fee2a9eb3 Merge branch 'elia-gcve' of github.com:GoogleCloudPlatform/cloud-foundation-fabric into elia-gcve 2023-08-14 14:46:16 +02:00
eliamaldini f3d5dd8e34 Added link to GCVE module 2023-08-14 14:41:33 +02:00
erabusi b6b660f4f3
feat: 🎸 (modules/cloudsql-instance):add project_id for ssl cert (#1591) 2023-08-14 12:40:25 +02:00
Ludovico Magnocavallo 5689aacac2
Merge branch 'master' into elia-gcve 2023-08-14 11:56:47 +02:00
Ludovico Magnocavallo adf2621727
Add new `iam_members` variable to IAM additive module interfaces (#1589) 
* resource management modules

* data catalog policy

* dataproc

* service account

* kms

* net-vpc

* source repository

* dataplex datascan

* service account module variable order
 2023-08-14 09:54:50 +00:00
eliamaldini a509756f1b GCVE module first release 2023-08-14 11:48:27 +02:00
erabusi f9509ad6b7
feat: 🎸 (modules/cloudsql-instance): enable require_ssl cert support (#1588) 2023-08-14 11:37:03 +02:00
Ludovico Magnocavallo 841459a059
Fix factory rules key in net firewall policy module (#1587) 
* fix factory rules key in net firewall policy

* fix test
 2023-08-14 07:52:36 +02:00
Erin Horning 10faf82b8d linting 2023-08-11 11:20:06 -06:00
Erin Horning 2fa6369ba0 Merge branch 'master' of https://github.com/GoogleCloudPlatform/cloud-foundation-fabric into ehorning/support-gcs-object-upload 2023-08-11 11:19:21 -06:00
Sam Bentley b1679ad21a
Fix: Instance level stateful disk config (#1578) 
* update doco

* fix bug in TF code

* change instance name in README to fix test

* revert disk name

* Update stateful.yaml

* fix examples and tests

---------

Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-08-11 15:25:17 +00:00
Erin Horning df1fded669 add support for object upload to gcs module 2023-08-10 21:43:53 -06:00
Mikhail Filipchuk 78095063f7
feat(modules/cloud-run): add gen2 exec env support (#1582) 2023-08-09 23:04:16 +02:00
Ludovico Magnocavallo 79373721df
Remove firewall policy management from resource management modules (#1581) 
* rename firewall policy module, fix outputs

* add TOC to firewall policy module

* don't depend policy on parent id

* remove firewall policy from resource management modules

* remove factory conditionals

* fast net a and b

* fast stages

* fast tfdoc

* fast tfdoc

* remove unused test

* fix shielded folder blueprint

* fix shielded folder blueprint
 2023-08-09 11:23:07 +00:00
Miren Esnaola 6a13742e3c Apigee addons 2023-08-09 08:12:06 +02:00
Ludovico Magnocavallo 80ada0e8dd
Refactor firewall policy module (#1576) 
* refactor module interface

* hierarchical attachment and example

* hierarchical rules and TODO

* split rules resources

* additional fields

* keep using a single resource for rules

* factory

* factory test

* boilerplate

* Prefix ingress and egress rule ids

* Tests for other firewall policy types

* Fix rule id and names

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2023-08-08 16:57:59 +00:00
Eunan Hardy 9ec38581d7 Update README.md 2023-08-07 14:33:54 +01:00
Eunan Hardy dd3a298892 Moved allow_net_admin to enable_features flag. Bumped provider version to 4.76 2023-08-07 14:27:20 +01:00
Eunan Hardy 69ea9dd3be Linting with terraform fmt 2023-08-07 12:46:54 +01:00
Eunan Hardy 10e3184451 Expose allow_net_admin feature in gke-cluster-autopilot 2023-08-07 12:44:59 +01:00
Ludovico Magnocavallo 9c75aa469c
More module descriptions (#1572) 
* bigquery dataset

* data catalog policy tag

* net-address

* fix data catalog callers

* bigquery dataset views

* fix data catalog callers

* logging bucket

* net vpn ha
 2023-08-06 09:25:45 +00:00
Ludovico Magnocavallo 83d2976949
add support for cost management to GKE module (#1569) 2023-08-05 11:46:52 +00:00
Ludovico Magnocavallo aecba0bbd0
Add support for ipv6 to net-vpc module (#1568) 
* add support for ipv6

* fix test
 2023-08-05 13:07:26 +02:00
Julio Castillo ce510583bf Fix default routes 2023-08-04 18:24:41 +02:00
Julio Castillo bbe778e095 Allow custom route descriptions in net-vpc module 
Related: #1491
 2023-08-04 14:13:03 +02:00
Julio Castillo 702c428da4 Update Readme 2023-08-04 13:06:59 +02:00
Daniel Strebel a0bd0d4414
Merge branch 'master' into feature/apigee-add-retention 2023-08-03 14:28:40 +02:00
Miren Esnaola fe0a9ed138 Fixed error of inconsistent conditional result types when evaluating local peer_gateway variable 2023-08-02 23:22:26 +02:00
Daniel Strebel 0906ddb8df feat(apigee): add retention variable 2023-08-02 15:13:43 +02:00
Miren Esnaola 22b661fe93 Removed unused attribute in peer_gateway_config variable 2023-08-02 15:07:05 +02:00
Thinh Ha 43e73aba9a
add dataplex datascan base module (#1545) 2023-08-02 11:16:32 +00:00
Miren Esnaola 3b7e62990c Added IPSEC_INTERCONNECT addresses to net-address module 2023-08-02 12:12:14 +02:00
Natalia Strelkova 4bb51a42ce renaming net-vpc-swp to net-swp 2023-08-01 16:23:12 +02:00
Natalia Strelkova 7acd9f624e coalesce instead of ternary operator 2023-08-01 15:07:37 +02:00
Natalia Strelkova f09d32a703 Merge branch 'master' into net-vpc-swp-optional-description 2023-08-01 13:05:04 +02:00
Natalia Strelkova bcf191ab5a description: only one main variable 2023-08-01 13:04:47 +02:00
Natalia Strelkova 915f09461e optional description for the gateway security policy - separately 2023-08-01 10:27:26 +02:00
Julio Castillo bd0fe1f928 Fix tests 2023-07-31 18:04:07 +02:00
Julio Castillo 3df98c8feb Fix permadiff in artifact-registry 2023-07-31 18:04:07 +02:00
apichick 75bd7d7c2d
Merge branch 'master' into net-lb-proxy-int 2023-07-31 17:43:07 +02:00
Miren Esnaola 63ac5710ac Added module for Regional Internal Proxy Load Balancer 2023-07-31 17:21:57 +02:00
Miren Esnaola 51bc31ae21 Fix in IAM bindings of cloud function v2 module 2023-07-31 12:39:08 +02:00
apichick 09c9e291a0
Merge branch 'master' into net-lb-hc-fix 2023-07-31 11:55:47 +02:00
Ludovico Magnocavallo fe3e8a3941
Add image path output to ar module (#1552) 
* Add image path output to ar module

* tfdoc
 2023-07-31 09:34:01 +00:00
Miren Esnaola f49515495c Fix in validation of healthchecks variable 2023-07-31 10:23:32 +02:00
Miren Esnaola 47a9947b18 Fix in validation of healthchecks variable 2023-07-31 10:01:35 +02:00
Ludovico Magnocavallo b524aa137c
Peering module refactor (#1547) 
* refactor net-vpc-peering module

* hub and spoke peering blueprint

* fast stages

* boilerplate

* fast tfdoc

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2023-07-29 21:33:57 +02:00
Wiktor Niesiobędzki 4998f1d376
Grant IAM rights to service identities in host project (#1542) 
* [module/project] Grant IAM rights to service identities based on used services in host project
* [blueprints/factories/project-factory] enable granting IAM permissions in host VPC for service identities directly or by specifying services in use
 2023-07-29 20:07:21 +02:00
Thinh Ha 0415cf64f1
rename cloud-dataplex to dataplex (#1546) 2023-07-29 14:31:18 +02:00