zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,110 Commits 3 Branches 352 Tags 59 MiB
Commit Graph

114 Commits

Author SHA1 Message Date
Wiktor Niesiobędzki 526185fd1f
Remove default region for Cloud Function and Cloud Run (#2004) 
Remove default region for Cloud Function and Cloud Run
 2024-01-24 10:23:40 +00:00
Simone Ruffilli 87548f9739
Networking Sandbox Blueprint (#1939) 
This blueprint creates a networking playground showing a number of different VPC connectivity options:

Hub and spoke via HA VPN
Hub and spoke via VPC peering
Interconnecting two networks via a network virtual appliance (aka NVA)
On top of that, this blueprint implements Policy Based Routing (aka PBR) to show how to force all traffic within a VPC to be funneled through an internal network passthrough load balancer, to implement an Intrusion Prevention System (IPS). PBR is enabled in the hub VPC, matching all traffic originating from within that VPC.
 2023-12-21 17:50:38 +01:00
Simone Ruffilli 0255c80e90
Move squid to __need_fixing (#1936) 
* Moved `modules/cloud-config-container/squid` to __need_fixing
* Moved `blueprints/networking/filtering-proxy{,-psc}` to __need_fixing
 2023-12-19 14:27:37 +00:00
Simone Ruffilli 4decc641bb
Stop wrapping yamldecode with try() (#1812) 2023-10-25 16:16:05 +02:00
Simone Ruffilli 6d89b88149
versions.tf maintenance + copyright notice bump (#1782) 
* Bump copyright notice to 2023

* Delete versions.tf on blueprints

* Pin provider to major version 5

* Remove comment

* Fix lint

* fix bq-ml blueprint readme

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-20 18:17:47 +02:00
Luca Prete 6c48512f7e
[#1764] net-lb-int: add support for dual stack and multiple forwarding rules 2023-10-17 09:30:34 +00:00
Julio Castillo dfc5023e0b
Make deletion protection consistent across all modules (#1735) 
* Expose deletion_protection in GKE modules

* Make deletion protection consistent across all modules

* Add deletion_protection option to blueprints

* Fix blueprints tests

* Fix types

* Update READMEs

* Fix dp readme

* Fix cmek blueprint default deletion_protection

* Fix blueprints tests
 2023-10-05 17:31:07 +02:00
Julio Castillo 4b15605711
Fix dnssec keys lookup (#1728) 
* Fix dnssec keys lookup

* Fix DNS examples

* Fix FAST and blueprints resource counts
 2023-10-03 21:37:21 +02:00
Ludovico Magnocavallo 789328ff5a
Bump provider versions to v5.0.0 (#1724) 
* bump provider versions to 5.0.0

* fix cloud run, logging and vpc-sc

* Fix secret manager

* fix gke nodepool

* fix gke multitenant stage and blueprint

* Moving alloydb module to experimental.

* Add project to bare resources in examples

* tfdoc

* fix svpc blueprint test

* Revert "fix svpc blueprint test"

This reverts commit 14f02659098070136e64ead600580dd52c23c339.

* Fix GKE peering project

* Disable tests in alloydb module

* Bring back secret ids in secret manager tests

* Remove duplicate key

* last push

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-03 12:15:36 +00:00
Ludovico Magnocavallo df5daab6cc
Allow using no service account in compute-vm (#1692) 
* module and tests

* align blueprints

* tfdoc

* remove stale variables

* fix blueprint

* variable description
 2023-09-19 16:56:51 +00:00
Oliver Frolovs 6eb862a775
GKE cluster modules: add optional kube state metrics (#1682) 
* `gke-cluster-standard`: add optional kube state metrics
* `gke-cluster-autopilot`: add optional kube state metrics

* FAST: add kube state metrics support for GKE
* blueprints/gke: add kube state metrics support

* Bump up the provider version to `v4.82.0`
 2023-09-15 12:18:45 +01:00
Julio Castillo f3be29cbc9 Fix tests 2023-09-15 00:27:55 +02:00
Julio Castillo 3d4cc7164a Bump provider version to 4.80.0 2023-09-05 09:48:15 +02:00
Ludovico Magnocavallo 819894d2ba
IAM interface refactor (#1595) 
* IAM modules refactor proposal

* policy

* subheading

* Update 20230816-iam-refactor.md

* log Julio's +1

* data-catalog-policy-tag

* dataproc

* dataproc

* folder

* folder

* folder

* folder

* project

* better filtering in test examples

* project

* folder

* folder

* organization

* fix variable descriptions

* kms

* net-vpc

* dataplex-datascan

* modules/iam-service-account

* modules/source-repository/

* blueprints/cloud-operations/vm-migration/

* blueprints/third-party-solutions/wordpress

* dataplex-datascan

* blueprints/cloud-operations/workload-identity-federation

* blueprints/data-solutions/cloudsql-multiregion/

* blueprints/data-solutions/composer-2

* Update 20230816-iam-refactor.md

* Update 20230816-iam-refactor.md

* capture discussion in architectural doc

* update variable names and refactor proposal

* project

* blueprints first round

* folder

* organization

* data-catalog-policy-tag

* re-enable folder inventory

* project module style fix

* dataproc

* source-repository

* source-repository tests

* dataplex-datascan

* dataplex-datascan tests

* net-vpc

* net-vpc test examples

* iam-service-account

* iam-service-account test examples

* kms

* boilerplate

* tfdoc

* fix module tests

* more blueprint fixes

* fix typo in data blueprints

* incomplete refactor of data platform foundations

* tfdoc

* data platform foundation

* refactor data platform foundation iam locals

* remove redundant example test

* shielded folder fix

* fix typo

* project factory

* project factory outputs

* tfdoc

* test workflow: less verbose tests, fix tf version

* re-enable -vv, shorter traceback, fix action version

* ignore github extension warning, re-enable action version

* fast bootstrap IAM, untested

* bootstrap stage IAM fixes

* stage 0 tests

* fast stage 1

* tenant stage 1

* minor changes to fast stage 0 and 1

* fast security stage

* fast mt stage 0

* fast mt stage 0

* fast pf
 2023-08-20 09:44:20 +02:00
Eunan Hardy dd3a298892 Moved allow_net_admin to enable_features flag. Bumped provider version to 4.76 2023-08-07 14:27:20 +01:00
Miren Esnaola fa34499767 Removed unused attribute in variable of ha-vpn-over-blueprint blueprint 2023-08-02 13:02:17 +02:00
Ludovico Magnocavallo b524aa137c
Peering module refactor (#1547) 
* refactor net-vpc-peering module

* hub and spoke peering blueprint

* fast stages

* boilerplate

* fast tfdoc

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2023-07-29 21:33:57 +02:00
Miren Esnaola cacb0c02e2 Refactoring of dns module 2023-07-19 12:57:44 +02:00
Ludovico Magnocavallo d9f7cef1e7
allow using a separate resource for boot disk (#1496) 2023-07-07 15:40:13 +00:00
Ludovico Magnocavallo 638841c8d1
Rename network load balancer modules (#1466) 
* update LB modules to new names

* update LB modules names

* update test paths
 2023-06-26 07:50:10 +00:00
Wiktor Niesiobędzki 4b6552a6f6 Update README 2023-06-26 09:22:08 +02:00
Wiktor Niesiobędzki 173a00d795 Use EAD per enum https://cloud.google.com/compute/docs/reference/rest/v1/interconnectAttachments#InterconnectAttachment.FIELDS.edge_availability_domain 2023-06-26 09:22:08 +02:00
Wiktor Niesiobędzki 8a6555c581 Add preliminary support for partner interconnect 2023-06-26 09:22:08 +02:00
Ludovico Magnocavallo bd3296bc46
Split Cloud Function module in separate v1 and v2 modules (#1450) 
* split v1

* v2

* blueprints

* remove _http
 2023-06-19 12:50:36 +02:00
bluPhy 26e5662e84 Some fixes 2023-06-16 00:01:07 +00:00
Taneli Leppä 81285065ca Added module for Secure Web Proxy. 2023-06-13 08:49:58 +02:00
apichick 9db280bc28
Merge branch 'master' into net-vlan-attachment 2023-06-13 08:20:26 +02:00
Julio Castillo fca74c2258 Fix test 2023-06-12 21:35:35 +02:00
Julio Castillo bd9aa1514e Fix linting errors 2023-06-12 21:25:15 +02:00
Miren Esnaola 500179f02f Move net-dedicated-vlan-attachment module to net-vlan-attachment and added support for Partner interconnect 2023-06-12 14:21:01 +02:00
mark1000 7bdb69f8f8
Add newline to bottom of main.tf 2023-06-08 11:12:01 -07:00
Mark Schlagenhauf 359b30c141 Updating hub-and-spoke peering blueprint to use HA VPN. 2023-06-07 22:53:45 +00:00
lcaggio 39b27ac25e
Add support for Log Analytics on logging-bucket module and bump provider version (#1423) 
* first commit

* Bump provider versions

* Fix tests
 2023-06-07 23:23:28 +02:00
Alejandro Leal 6c11527762 Multiple Updates 
modules/net-dedicated-vlan-attachment/variables.tf
modules/net-dedicated-vlan-attachment/README.md
CHANGELOG.md
blueprints/networking/ha-vpn-over-interconnect/README.md
 2023-05-31 13:26:22 -04:00
Simone Ruffilli 7f561565e7
HA VPN over Interconnect modules and blueprint (#1390) 
Two new modules, net-ipsec-over-interconnect to establish HA VPN over existing VLAN attachments, and net-dedicated-vlan-attachment to create (optionally encrypted) vlan attachments, as well as the ha-vpn-over-interconnect blueprint that shows how to compose such modules to create a 99.9% encrypted interconnect.
 2023-05-31 10:53:38 +00:00
Julio Castillo cecbd2072c Fix modules and blueprints tests 2023-05-26 16:38:41 +02:00
Ana Fernandez del Alamo 4129eb11ae Firewall Validator fix target_service_accounts ref 
The Firewall Validator schema configuration contains a field
`target_service_account`. This should be updated to
`target_service_accounts` to match the `google_compute_firewall`
Terraform resource argument:

https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall#target_service_accounts
 2023-05-22 15:28:48 +01:00
Alejandro Leal 87cd83f5c0 Several updates 
Several updates
 2023-05-13 23:51:46 -04:00
Jay Schwerberg 20b8002602
feat(net-cloudnat): add config_port_allocation configuration block 2023-05-11 12:20:43 -07:00
Bob Idle 94589efc34
Fix external documentation links (#1347) 2023-05-02 05:26:58 +00:00
Avinash Jha e881537f87
Separating GKE Standard and Autopilot Modules (#1330) 
* separating GKE Standard and Autopilot Modules

* Changes for Updating the terraform and provide versions

* Changes for Autopilot Readme

* Changes for Autopilot Variable

* Changes for Autopilot Readme

* Changes for Autopilot Readme

* Changes for Blueprint

* Changes for Blueprint ReadMe

* Changes for gke-standard-cluster dependency

* Changes for gke-standard-cluster in gke-fleet

* Changes for gke-standard-cluster in cluster-mesh-gke-fleet-api

* python formatting

* python formatting

* python formatting

* GKE module naming convention

* Readme Changes

* test module

* Removing comment code from Autopilot
 2023-04-21 12:08:13 +00:00
Fawzi 4722efea40 bump provider versions 2023-04-11 22:18:31 +10:00
Ludovico Magnocavallo 865ef463bb
Support new fields in bigquery module, bump provider versions, unpin local provider (#1306) 
* add support for new attributes to bigquery module

* bump provider versions
 2023-04-05 14:22:52 +00:00
Miren Esnaola 21fa6d1f13 Fixes related to boot_disk in compute-vm module 2023-03-16 15:58:39 +01:00
Ludovico Magnocavallo 79a6e9b191
pin local provider (#1256) 2023-03-16 10:59:06 +00:00
Ludovico Magnocavallo 112d9a8d9c
Allow using existing boot disk in compute-vm module (#1241) 
* allow using existing boot disk in compute-vm module

* allow setting initialize params to null

* tests

* fast

* blueprints
 2023-03-12 10:53:59 +01:00
Luca Prete a5fd32edcb
Blueprint: GLB hybrid NEG internal 2023-03-02 09:53:07 +01:00
Dan Farmer 52eb83758f Fix compute-vm:CloudKMS test for provider>=4.54.0 
* TF provider >= 4.54.0 now returns `rsa_encrypted_key` for
  `google_compute_disk.disks["attached-disk"]` (see
  hashicorp/terraform-provider-google#4448)
* Add this field to expected model to fix test assertion failure
* Update required TF provider to 4.55.0 (latest) since the assertion
  will now fail with <4.54.0, which do not return `rsa_encrypted_key`
  * Updated the whole repo on advice from @ludoo
 2023-02-28 15:10:22 +00:00
Ludovico Magnocavallo 6320c53baf
Allow multiple peer gateways in vpn ha module (#1184) 
* allow multiple peer gateways in vpn ha module

* align blueprints

* fast
 2023-02-27 10:18:59 +00:00
Julio Castillo e1e33a499d Fix decentralized firewall test 2023-02-25 19:26:11 +01:00