2ee8f57769
FAST: add example of custom org policy condition to bootstrap README ( #1718 )
...
* add oslogin constraint condition example to bootstrap
* add oslogin constraint condition example to bootstrap
* add oslogin constraint condition example to bootstrap
2023-09-30 10:22:56 +02:00
9082bbcc48
Fix indentation in FAST hierarchical firewall rules ( #1715 )
...
Fixes #1712
2023-09-29 13:37:41 +00:00
e4a25d7c99
Fix tenant folder tag ( #1711 )
2023-09-28 23:48:14 +02:00
b2d27b5f12
Update bootstrap and destroy roles
2023-09-28 11:41:56 +02:00
30772d921c
Update README.md
2023-09-28 10:59:54 +02:00
fcc1aa87c4
fix latest commit
2023-09-28 10:58:31 +02:00
76b4605326
add missing roles for initial bootstrap
2023-09-28 10:57:46 +02:00
fb08e1b01e
Only apply org policies when bootstrap user is not set ( #1707 )
...
* only apply org policies when bootstrap user is not set
* Add Org Policy Admin to bootstrap roles
* Fix cleanup doc
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-09-27 23:24:40 +02:00
22186ff884
Update README.md
...
Changed aopproach to approach
2023-09-27 13:59:19 +02:00
1dfa72cadf
Define and adopt standard IP ranges for FAST networking ( #1697 )
...
* Define and adopt standard IP ranges for FAST networking
This PR documents and adopts a consistent IP address plan for FAST
networking stages
Fixes #1644
* Fix documented aggregated ranges for FAST
* Fix tests
* Fix ip ranges in documentation
* Fix NVA stages README
2023-09-21 14:27:53 +00:00
f628cdbc06
FAST: move organization policies to stage 0 ( #1698 )
...
* design doc
* Update 0-org-policies.md
* moved org policies to stage 0, wip
* stage0
* stage 0
* export tag keys and values from stage 0
* rename factory variable
* change org policy outputs
* stage 1
* Update 0-org-policies.md
* make org policy variable not nullable, README changes
* use optionals for tag names
* better factory variable name
* README changes
* ADR
2023-09-21 14:03:21 +00:00
82fcd5a7d3
rename FAST globals output file ( #1695 )
2023-09-20 10:36:06 +02:00
ad14a7d415
Update READMEs
2023-09-17 00:21:36 +02:00
960e015b42
Fix FAST tests
2023-09-17 00:21:36 +02:00
121598dbea
Move FAST security delegated admins to iam_bindings_additive
2023-09-17 00:21:36 +02:00
9c878dc9cf
Fix tests for new KMS IAM interface
2023-09-17 00:21:36 +02:00
d3d77d17fb
fix psa routing variable in FAST net stages ( #1685 )
2023-09-16 10:31:02 +02:00
6eb862a775
GKE cluster modules: add optional kube state metrics ( #1682 )
...
* `gke-cluster-standard`: add optional kube state metrics
* `gke-cluster-autopilot`: add optional kube state metrics
* FAST: add kube state metrics support for GKE
* blueprints/gke: add kube state metrics support
* Bump up the provider version to `v4.82.0`
2023-09-15 12:18:45 +01:00
f3be29cbc9
Fix tests
2023-09-15 00:27:55 +02:00
b3dc91b5cd
Upgrades to `monitoring_config` in `gke-cluster-*`, docs update, and cosmetics fixes to GKE cluster modules ( #1680 )
...
* gke-cluster-standard: upgrade `monitoring_config` to use object style. Add tests.
* gke-cluster-standard: update docs
* gke-cluster-autopilot: move gateway_api_config block (cosmetic change)
* gke-cluster-autopilot: update docs and fix typos
* Update blueprints due to `monitoring_config` changes in `gke-cluster-standard`.
* Update FAST due to `monitoring_config` changes in `gke-cluster-standard`.
* Update docs for affected blueprints and FAST stages
2023-09-14 23:25:57 +01:00
8d7772761c
Fix FAST readmes
2023-09-14 13:10:16 +02:00
c1be435b09
Fix range names definition of GKE clusters
...
Fixes #1677
2023-09-14 12:51:43 +02:00
949e98d375
Increase size of pod range for default GKE subnets in FAST
...
Related to the issues reported in #1644
2023-09-11 10:28:42 +02:00
3915a016c9
Align pf stage sample data to new format ( #1664 )
...
* align pf stage sample data to new format
* boilerplate
2023-09-09 10:04:19 +02:00
fcefadbd8e
[ #1661 ] Make FAST stage 1 resman tf destroy more reliable
...
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-09-08 10:09:31 +00:00
e14789ecb0
link project factory documentation from FAST stage ( #1659 )
2023-09-08 07:14:16 +00:00
ec3b705f53
Change type of `iam_bindings` variable to allow multiple conditional bindings ( #1658 )
...
* modules
* fast
* dns readme
2023-09-08 08:56:31 +02:00
12e78af055
Fix project factory blueprint and fast stage ( #1654 )
2023-09-07 12:48:39 +00:00
988fd2ee05
gke-cluster-standard: change logging configuration ( #1638 )
...
* Update logging configuration of this module to use object interface in harmony with `gke-cluster-autopilot` module.
* Update blueprints that use this module.
* Add "WORKLOADS" log source to logging configuration of the blueprints where the README files say so.
* Update FAST stage 3 because it uses this module.
2023-08-31 12:49:15 +01:00
804e7c961e
Silence FAST tests warnings
...
- Fix pytest PytestUnraisableExceptionWarning
- Remove incorrect print
- Use tfvars for some examples in READMEs
2023-08-28 18:40:41 +02:00
c63884d52e
Remove unused ASN numbers in CloudNAT to avoid FAST provider errors
2023-08-28 15:32:30 +00:00
b88e4c6f6e
Fix syntax error in FAST nva
2023-08-28 16:28:01 +02:00
b701d55b1f
Fix tests
2023-08-28 16:00:48 +02:00
5e9829373c
Fix FAST hfw policies
2023-08-28 16:00:48 +02:00
4c64c15871
Revert "Remove unused ASN numbers from CloudNAT to avoid provider errors" ( #1626 )
...
This reverts commit 311bed8e83
2023-08-28 09:33:52 +02:00
1adfb9fb32
Fix role name for delegated grants in FAST bootstrap
...
Fixes issue behind #1621
2023-08-24 19:13:42 +02:00
50a449965f
Fix: align stage-2-e-nva-bgp to the latest APIs
2023-08-23 13:34:11 +02:00
8ca60881f1
Fix: use existing variable to optionally name fw policies ( #1610 )
2023-08-22 08:55:56 +02:00
819894d2ba
IAM interface refactor ( #1595 )
...
* IAM modules refactor proposal
* policy
* subheading
* Update 20230816-iam-refactor.md
* log Julio's +1
* data-catalog-policy-tag
* dataproc
* dataproc
* folder
* folder
* folder
* folder
* project
* better filtering in test examples
* project
* folder
* folder
* organization
* fix variable descriptions
* kms
* net-vpc
* dataplex-datascan
* modules/iam-service-account
* modules/source-repository/
* blueprints/cloud-operations/vm-migration/
* blueprints/third-party-solutions/wordpress
* dataplex-datascan
* blueprints/cloud-operations/workload-identity-federation
* blueprints/data-solutions/cloudsql-multiregion/
* blueprints/data-solutions/composer-2
* Update 20230816-iam-refactor.md
* Update 20230816-iam-refactor.md
* capture discussion in architectural doc
* update variable names and refactor proposal
* project
* blueprints first round
* folder
* organization
* data-catalog-policy-tag
* re-enable folder inventory
* project module style fix
* dataproc
* source-repository
* source-repository tests
* dataplex-datascan
* dataplex-datascan tests
* net-vpc
* net-vpc test examples
* iam-service-account
* iam-service-account test examples
* kms
* boilerplate
* tfdoc
* fix module tests
* more blueprint fixes
* fix typo in data blueprints
* incomplete refactor of data platform foundations
* tfdoc
* data platform foundation
* refactor data platform foundation iam locals
* remove redundant example test
* shielded folder fix
* fix typo
* project factory
* project factory outputs
* tfdoc
* test workflow: less verbose tests, fix tf version
* re-enable -vv, shorter traceback, fix action version
* ignore github extension warning, re-enable action version
* fast bootstrap IAM, untested
* bootstrap stage IAM fixes
* stage 0 tests
* fast stage 1
* tenant stage 1
* minor changes to fast stage 0 and 1
* fast security stage
* fast mt stage 0
* fast mt stage 0
* fast pf
2023-08-20 09:44:20 +02:00
6eeba5e599
[Data Platform] Update README.md ( #1601 )
...
Fix hardcoded path in readme.
2023-08-18 18:27:43 +02:00
ea0de3adbb
Fixing some typos
2023-08-18 05:51:00 +00:00
dcb3c32761
fix null object exception in bootstrap output when using cloudsource repos ( #1597 )
2023-08-17 09:03:23 +00:00
2423fd40c1
Fix FAST CI/CD for Gitlab ( #1593 )
...
* fix cicd (multitenant untested)
* tfdoc
* rename allowed_audiences to audiences, align multitenant
2023-08-15 12:59:31 +02:00
c5a77ebfe3
fix module path for teams cicd ( #1583 )
2023-08-09 21:41:56 +00:00
9600047a32
Enable team CI/CD impersonation ( #1579 )
2023-08-09 08:46:24 -04:00
79373721df
Remove firewall policy management from resource management modules ( #1581 )
...
* rename firewall policy module, fix outputs
* add TOC to firewall policy module
* don't depend policy on parent id
* remove firewall policy from resource management modules
* remove factory conditionals
* fast net a and b
* fast stages
* fast tfdoc
* fast tfdoc
* remove unused test
* fix shielded folder blueprint
* fix shielded folder blueprint
2023-08-09 11:23:07 +00:00
9c75aa469c
More module descriptions ( #1572 )
...
* bigquery dataset
* data catalog policy tag
* net-address
* fix data catalog callers
* bigquery dataset views
* fix data catalog callers
* logging bucket
* net vpn ha
2023-08-06 09:25:45 +00:00
311bed8e83
Remove unused ASN numbers from CloudNAT to avoid provider errors
2023-08-04 08:02:11 +00:00
47daeaafe1
Update FAST CI/CD workflows so it can work with ID_TOKEN and Gitlab 15+
2023-08-03 16:09:45 +00:00
b524aa137c
Peering module refactor ( #1547 )
...
* refactor net-vpc-peering module
* hub and spoke peering blueprint
* fast stages
* boilerplate
* fast tfdoc
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-07-29 21:33:57 +02:00
Ludovico Magnocavallo
Julio Castillo
lcaggio
giterinhub
Oliver Frolovs
Luca Prete
Alejandro Leal
Stefan Moser
Matt