* Instance.ip_range cannot take Support CIDR
Current docs are incorrect. It is not possible to specify the Support range.
See https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#Instance
> ipRange
> string
> Optional. IP range represents the customer-provided CIDR block of length 22 that will be used for the Apigee instance creation. This optional range, if provided, should be freely available as part of larger named range the customer has allocated to the Service Networking peering. If this is not provided, Apigee will automatically request for any available /22 CIDR block from Service Networking. The customer should use this CIDR block for configuring their firewall needs to allow traffic from Apigee. Input format: "a.b.c.d/22", Output format: a.b.c.d/22, e.f.g.h/28"
* tfdoc
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* feat: add support to a public access to cloudsql-instance
* doc: update cloudsql-instance doc changing the ipv4_enabled parameter description
* test: fix assertion test to ipv4_enabled
* add id to outputs
* initial cloud build implementation for stage 0
* comments
* stage 0
* stage 1, untested
* add support for IAM and CB triggers to source repository module
* refactor stage 0 to use sourcerepo module
* refactor stage 1 to use sourcerepo module
* file descriptions
* fix gitlab pipeline
* fix IAM in examples
* WIP
* fix service identities IAM example
* design principles
* toc anchors
* fix ordering
* style guide
* checks
* example tests
* tests and tools
* fix project example test
* address typos
* address comments
* address last comments
* Update variables.tf
When backup is not enabled, if location is set to a null value (i.e."EU"), each time you do `terraform apply` it will detect a configuration change (+ location = "EU"). Setting this variable to null fixes the issue.
* Update README.md
* Use uniform access on Cloud Functions buckets.
* Add ALLOW_INTERNAL_AND_GCLB as allowed ingress_settings.
* Enable versiniong if there is lifecycle rule
* Remove only non-current version of objects
* Update README
Some variables that no longer exist. Table format is broken for view/table access.
* Remove floating role
* Fix README.md
* Fix tfdoc
* Fix tfdoc
Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: lcaggio <lorenzo.caggioni@gmail.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Add IAM at tag level
* Fix README
* Readable variable names.
* Single tag variable.
* Fix README.
* Add Tags nullable condition.
* Update role in the example.
* GKE Hub initial PR commit
* variable management adjust
* comments, fixes and alphabetically ordered variables
* Update README.md
* Update README.md
* Update README.md
* fix test
* resources vs modules
still needs some love
* remove modules usage
* comments, readme update and output
* adjusting outputs and README
* fix README.md
* fix README
* adjusted based on comments
still need some love in the google_gke_hub_feature_membership variables management
* types and variable management
* optionally enable required api
* Update README.md
* reorder locals and use standard formatting
* Don't enable services from modules
* Use self links for member clusters
* Update readme
* members_clusters back to map
@juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too.
* Forcing null feature to false due to a bug in provider
If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow
* Readme update
* Readme.md update
* Update README.md
* bring back tolist, WIP
* Update main.tf
* Readme.md update
* Update README.md
* Update main.tf
* Update main.tf
* Add id and self_links output to gke-cluster
* Use try and make all member feature blocks dynamic/optional
* Change member clusters to map
* Add gke-hub tests
* Address PR comments
* Update gke-hub readme
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* Networking with peering - initial commit
* README and tests
* Linter fixes
* Linter fixes
* Linter fixes
* Update README.md
* split out vpn/peering in separate files so the rest is identical
* fix dns for vpn and peering
* update tfdoc to support multiple outputs/variables files
* add peering variables
* update tfdoc for modules
* make it easier to spot errored docs
* fix doc
* yapf
* fix permadiff in firewall module source ranges
* FAST: Networking: DNS Fixes
* FAST: ability to toggle on-prem vpn creation
* FAST: fix outputs
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* added iot-core module folder
* modified iot core readme file
* added initial version of the IoT Platform terraform files
* añadido detalles en README
* Update README.md
fix markup issue
* Update README.md
modified input/output
* deleted provider from main and module services
* pub_sub topic ids used in the registry instead of creating new ones
* variable extra_telemetry_pub_sub_topic_ids modified as default
* included data platform integration use case in the doc
* devices config moved to yaml file
* included example to create device certificates
* added HCL and #tftest to README. Moved project/region to variables
* solved bug with no optional variables for extra topics or devices yaml
* solved bug with no optional variables for extra topics or devices yaml
* added example to send MQTT telemetry to IoT Platform
* modified doc on Data Platform integration
* included diagram
* added Registry / Device creation default configuration into variables. Deleted exammple devices yaml file. Corrected module source path
* solved comments in PR
* applied terraform fmt
* solved bug in boolean (bool) variable
* updated variables in doc
* updated output variable name
* updated #tftest:skip on examples as using yaml input makes resources number variable
* Update README.md
modified input/output
* pub_sub topic ids used in the registry instead of creating new ones
* variable extra_telemetry_pub_sub_topic_ids modified as default
* included data platform integration use case in the doc
* devices config moved to yaml file
* included example to create device certificates
* added HCL and #tftest to README. Moved project/region to variables
* solved bug with no optional variables for extra topics or devices yaml
* solved bug with no optional variables for extra topics or devices yaml
* added example to send MQTT telemetry to IoT Platform
* modified doc on Data Platform integration
* included diagram
* added Registry / Device creation default configuration into variables. Deleted exammple devices yaml file. Corrected module source path
* solved comments in PR
* applied terraform fmt
* solved bug in boolean (bool) variable
* updated variables in doc
* Updated diagram and documentation for decentralized firewall.
* Fixed error with VPC connector. Count was referring to resource attributes that weren't known until after the configuration was applied
* Added Cloud Foundation Fabric logos. (#363)
* Create README.md
* Add logo to readme file
* exclusions for audit in locals in logging_sinks.audit-logs now
* style fix (whitespaces)
* Added dynamic block for dns_cache_config
* Fixed boolean variable condition
* Adding Apigee Environments as output for apigee-organization module
* small var conditional fix
* Added GKE pubsub notifications
* Default creation false
* Updated variable default value
* removed extra lines
* defaulted to false and conditional output
* depend log sinks from IAM roles, fixes#371
* Update README.md
* [#374] Add taint when Windows node pools are created to match the one GKE implicitly adds
* Update README.md
Fixes out of date link on the module usage example
* Update README.md - fixed broken link
* Added subnet id and self_link to outputs (#377)
Adjusted module outputs so that it's easier to consume them when using the factory in a larger codebase.
* net-vpc module: added subnet mini-factory
* Update README.md
* Code cleanup
* Adds support for IAM per-subnet IAM bindings via factory
* Gracefully handle a null secondary_ip_range
* Updated README.md. Added tests.
* Added license boilerplate to subnet yaml data in tests
* Update README.md
* Update README.md
* Removed dead code
* net-vpc-firewall mini rules-factory
* Paying tributes to the linting gods
* Fixed small bug on locals
* Tests for net-vpc-firewall module
* Update CHANGELOG.md
* refactor locals (#382)
* Add support for partitioned tables on Organization sinks (#380)
* Add support for partioned tables on Organization sinks
* Update changelog
* Fix lint
* Fix lint
* Use simple bool instead of block
* fix README
* Fix Readme
* Rename variable
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Improve PSN support in net-vpc module (#384)
* improve PSN support
* fix variable order
* fix example test
* fix cloudsql example
* Update CHANGELOG.md
* Update CHANGELOG.md
* Update CHANGELOG.md
* Remove location from local.prefix
* Organization module refactor, in-module firewall policy factory for organization and folder (#385)
* move iam and logging to separate files, minimal refactoring
* update README
* fix example
* factory
* tfdoc
* boilerplate
* remove data_folder variable
* tfdoc
* fix default factory name
* add firewall policy to folder module
* add factory example
* Update CHANGELOG.md
* Fix VPC-SC module, add example (#387)
* Update CONTRIBUTING.md
Suggest change of wording related to `terraform format`: should be done from the top, recursively, and after `pytest` step, because fixtures are also going to be checked for linting during PR.
* Add target_node and minor fixes (#389)
* Add separate BQ tables per asset type
* Add missing BQ location
* Add missing CF region
* Change Scheduler job to non-generic
* Add target_node, pass tests
* Do tfdoc.py
* Do terraform fmt
* Do terraform fmt -recursive for tests' fixtures
* Fix typo in test's variables
* Added support for Stateful Managed Instance Groups (#367)
* First iteration updates
* All tests passing
* Updated README and var descriptions
* Updated README
* Updated example README
* Consolidated stateful vars
* consolidated stateful vars
* Updated README
* Requested changes to try
* Fixed README examples and try
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* SA key uploading and credentials json generation with terraform.
* Fix typo in the SA module readme
* TF fmt
* Update iam-sa docs
* Finalize onprem-sa-ket-mgmt example
* Add basic test for onprem-sa-mgmt example
* Refactoring
* Reorder variables
* Rewording, fix typos
* Bump tftest version
Bump tftest version to 1.6.1 and ensure test runners can update
providers if needed and available.
* Add bq_table_overwrite handling
* Add optional BQ table as a file export config
* Add getattr() to retrieve attribute from format
* Add roles/bigquery.jobUser for CF
* Update test_plan and README
* Change README, add diagram ( gcpdraw a6e4ec4f-7d6c-4796-b63e-ee4ce7b1792f )
* Change README to two diagrams
* Add count to toggle optional modules
* Change README
* Resolve order of variables test
* Linux sysctls configuration and Kubelet config (#388)
* Linux sysctls configuration and Kubelet config
* Fix terraform linting issues
* Updated README.md
* Updated Kubelet config object type
* Update readme
Co-authored-by: Sergio Tejón <stejon@freepik.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* net-address: Added support for PSA ranges
* Update outputs.tf
* Fixes typo
* Resolved merge conflict
* Update CHANGELOG.md
* Add metric scopes support (#397)
* Add metric scopes support
* Fix typo
* new tfdoc block in README
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* fix tfdoc replacement (#398)
* Update CHANGELOG.md
* Ludo hfw fixes (#400)
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes#339
* Update CHANGELOG.md
* Fix ignore changes for hfw rules (#401)
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes#339
* fix ignore changes in org and folder module
* Update CHANGELOG.md
* update documentation check
* backport tfdoc and check doc fixes
* Re-run pydoc
* Redo pydoc + local linting checks
* update tfdoc (#404)
* Org/Folder: Allow for policy association when using rule factory (#405)
* Org/Folder: Allow for policy association when using rule factory
* Fix linting issue
* Update hierarchical firewall resource
This replaces all the `google_compute_organization_security_*`
resources with the newer `google_compute_firewall_*` resources.
* Fix typo.
* Update CHANGELOG.md
* Typo fix
* New vpc-sc module implementation (#406)
* first implementation
* minimal output
* split service perimeters in regular and bridge
* tests and fixes
* new vpc-sc implementation
* remove providers file used for testing
* remove provider used during development
* Update CHANGELOG.md
* Update CHANGELOG.md
* Update README.md
* fix cases where bridge perimeter status resources are null (#408)
* Update CHANGELOG.md
* Copyright bump (#410)
* remove lifecycle block from vpc sc perimeters (#412)
* Update CHANGELOG.md
* Update CHANGELOG.md
* Interpolate access levels by key in vpc sc module (#414)
* interpolate access levels by key
* fix access level reference
* fix num resources in last README test
* Update CHANGELOG.md
* fix ingress policies in vpc sc module
* disable device policy support in vpc-sc module
* depend bridge from regular perimeters in vpc sc module
* Update CONTRIBUTING.md
* add versions to vpc-sc module
* Update CONTRIBUTING.md
* updated output variable name
* updated #tftest:skip on examples as using yaml input makes resources number variable
* changed pub_sub to pubsub
* unified protocol input variable
* changed extra_telemetry_pubsub_topic_ids variable type to: map
* solved issue in README.md
* grouped device configuration variables
* device config is now done individually per each device in the yaml file
* changes on device config yaml processing: 1 single yaml directory, use try() while parsing, example identation corrected
* updated headers to 2022
* removed get-pip.py
* Add ip_range variable for apigee-x-instance module
* Add variable definition and validation for ip_range
* Update the validation rule for ip_range variable
* Updated modules README to include details around module versioning and how to best use the modules
* Update README.md
Co-authored-by: apichick <apichick@google.com>
Co-authored-by: Ludovico Magnocavallo <ludo@qix.it>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* add support for in-doc tfdoc options overrides
* clean up project module
* add file description tags
* only output module and resource columns in tfdoc file table if they exist
* update fast READMEs
* fix check docs
* Support services that require crypto/decrypt role on robot service accounts
* delete test and upload refactored implementation
* fix duplicate key on dependent services, add tests
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* first implementation
* minimal output
* split service perimeters in regular and bridge
* tests and fixes
* new vpc-sc implementation
* remove providers file used for testing
* remove provider used during development
Taneli Leppä
Simone Ruffilli
ddaluka
cmalpe
Ludovico Magnocavallo
Julio Castillo
Krzysiek Mucha
Natalia Strelkova
lcaggio
Arindam Sirohia
Roberto Jung Drebes
Alex Lo
Alef Reis
Daniel Marzini
Miren Esnaola
Seth Moon
Aleksandr Averbukh
Abhishek Patil
psabhishekgoogle
Daniel Strebel
Simone Ruffilli
flaprimo
next-davidduquehernandez
javiergp
Luca Prete
Wiktor Niesiobędzki
Luca Prete
John Tracy
Andrea Gandolfi
apichick
Antonio Lopez
Daniel Marzini
Saurabh Shivgunde
Caio Tavares
yuryninog