* add locals for additive and authoritative org iam roles
* first shot at IAM and logging location
* tfdoc
* use locals for locations
* fix file parsing, resman stubs
* initial resman implementation
* remove unneeded code
* fix data file
* replace dumb yamldecode
* fix wrong type in organization additive bindings try
* simplify logging local
* Use check asserts for version and org id
* Checks on checklist for resman
* refactor checks, ignore checklist files on wrong org id
* stage 0 tests
* fix checklist checks
* stage 1 tests
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
null address results in following error:
Error creating GlobalAddress: googleapi: Error 400: Invalid value for field 'resource.address': ''. The field is not a valid IP address or does not match the given prefix length, invalid
Error creating Address: googleapi: Error 400: Invalid value for field 'resource.purpose': 'SHARED_LOADBALANCER_VIP'. Shared LoadBalancer VIP IPv6 address reservation is not supported., invalid
Endpoints in Service Directory can be *associated* with a
VPC. In this case, they can be used by supported Google
Cloud products to send requests directly to resources inside
a VPC. This feature is called Private Network Access.
The `google_service_directory_endpoint` resource supports
this configuration with a new argument `network`.
Unfortunately, this argument has an unusual format: it
is similar to a standard VPC ID, but instead of the project ID,
it expects the project number.
* Allow terraform fixtures for examples
* Allow defining multiple fixtures, and named fixtures under tests/fixtures/
* Enable e2e for wiktorn
* Fix prepare_files call for e2e
* Move fixture to separate file, fix test
* Revert shallow-copying symlinks, performane penalty - 20%
* Update tfdoc.py to list used fixtures
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
This PR changes variable region's default value in example tests to real region value.
Some of the modules parse the region name to decide whether to create regional or zonal resources.
* Update shared vpc config for project factory and project module for more granular Shared VPC configuration
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* improve project factory example
* light refactor of project modules shared vpc internals and docs
* add support for subnet-level grants on host project
Use of TF_VAR variables modified results of `tests/examples` and
required setting different environment to run `tests/examples` and
`tests/examples_e2e` tests. No both can be run using the same
environment.
* Run tests requiring uniqueness on org level serially (organization tags, firewall policies)
* make gcs bucket name globally unique
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>