Simone Ruffilli
887c7e7926
Unify VPN and Peering FAST stages ( #2284 )
...
* Unify VPN and Peering FAST stages
2024-05-16 12:18:32 +03:00
Julio Castillo
3af7e257d2
Add tflint to pipelines ( #2220 )
...
* Fix terraform_deprecated_index
https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_deprecated_index.md
* Fix terraform_deprecated_interpolation
Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_deprecated_interpolation.md
* Fix more indexing
* Remove unused variable
* Enable TFLint for modules
* Add tflint config file
* Fix chdir
* Lint modules
* TFLint fixes
* TFLint
* Fixes binauthz README
* Fixes DNS response policy tests. Restores MIG outputs.
* Fixes other DNS response policy tests.
* Update tests for fast 2-e
* Moar fixed tests
---------
Co-authored-by: Simone Ruffilli <sruffilli@google.com>
2024-04-17 10:23:48 +02:00
Ben Swenka
1b44af595c
Updated diagram to better reflect PSC terminology ( #2208 )
2024-04-09 15:18:43 +00:00
Ludovico Magnocavallo
e051cf42a1
stub READMEs for the removed hub and spoke blueprints ( #2169 )
2024-03-22 06:48:46 +00:00
Julio Castillo
993bef71aa
Introduce mandatory OWNERS file for blueprint maintainership ( #2131 )
...
* Delete deprecated/broken blueprints
* Adding OWNERS to all blueprints
* Fix links
* Update OWNERS
---------
Co-authored-by: javiergp <javiergp@users.noreply.github.com>
2024-03-08 09:40:46 +01:00
Ben Swenka
dcd54246cc
Updated diagram to better reflect code naming. ( #2133 )
...
* Updated diagram to better reflect code naming.
2024-03-06 19:23:36 +00:00
Ludovico Magnocavallo
6941313c7d
Factories refactor ( #1843 )
...
* factories refactor doc
* Adds file schema and filesystem organization
* Update 20231106-factories.md
* move factories out of blueprints and create new factories README
* align factory in billing-account module
* align factory in dataplex-datascan module
* align factory in billing-account module
* align factory in net-firewall-policy module
* align factory in dns-response-policy module
* align factory in net-vpc-firewall module
* align factory in net-vpc module
* align factory variable names in FAST
* remove decentralized firewall blueprint
* bump terraform version
* bump module versions
* update top-level READMEs
* move project factory to modules
* fix variable names and tests
* tfdoc
* remove changelog link
* add project factory to top-level README
* fix cludrun eventarc diff
* fix README
* fix cludrun eventarc diff
---------
Co-authored-by: Simone Ruffilli <sruffilli@google.com>
2024-02-26 10:16:52 +00:00
Wiktor Niesiobędzki
e02d871d58
fix handling default values
2024-02-15 21:57:47 +01:00
Wiktor Niesiobędzki
b1956403d0
Fix missing region
2024-02-15 21:57:47 +01:00
Wiktor Niesiobędzki
19be54a72f
Use Fabric modules when possibile
2024-02-15 21:57:47 +01:00
Ben Swenka
d158aecba1
Clarifying that the default path --> Producer A
2024-02-15 18:27:26 +01:00
Ben Swenka
4513d7de0a
Updated path matchers to be more user friendly, added better test examples in README.md
2024-02-15 18:27:26 +01:00
simonebruzzechesse
d11c380aec
Format python files in blueprints ( #2079 )
...
* format python files in blueprints
* update check on blueprints python code
* update python linter in CI workflow
2024-02-15 09:37:49 +01:00
Ben Swenka
87a350db93
Bswenka/psc glb and armor 2 producers ( #2071 )
...
* Enhanced this blueprint to add a second producer, and modularized the producer.
* Fixed terraform formatting
* Updating README.md with tfdoc
* Fixed test case conditions & module variable passing
2024-02-14 16:40:51 +01:00
Ben Swenka
89779c0d0e
Bswenka/psc glb and armor subnet fix ( #2058 )
...
* Updated ilb-subnetwork issue
* Fixed Terraform formatting issue
* Fixing merge issue
* Fixing merge issue in producer.tf
* Fixed linting issues
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-02-09 10:41:14 +00:00
Wiktor Niesiobędzki
526185fd1f
Remove default region for Cloud Function and Cloud Run ( #2004 )
...
Remove default region for Cloud Function and Cloud Run
2024-01-24 10:23:40 +00:00
Simone Ruffilli
87548f9739
Networking Sandbox Blueprint ( #1939 )
...
This blueprint creates a networking playground showing a number of different VPC connectivity options:
Hub and spoke via HA VPN
Hub and spoke via VPC peering
Interconnecting two networks via a network virtual appliance (aka NVA)
On top of that, this blueprint implements Policy Based Routing (aka PBR) to show how to force all traffic within a VPC to be funneled through an internal network passthrough load balancer, to implement an Intrusion Prevention System (IPS). PBR is enabled in the hub VPC, matching all traffic originating from within that VPC.
2023-12-21 17:50:38 +01:00
Simone Ruffilli
0255c80e90
Move squid to __need_fixing ( #1936 )
...
* Moved `modules/cloud-config-container/squid` to __need_fixing
* Moved `blueprints/networking/filtering-proxy{,-psc}` to __need_fixing
2023-12-19 14:27:37 +00:00
Simone Ruffilli
4decc641bb
Stop wrapping yamldecode with try() ( #1812 )
2023-10-25 16:16:05 +02:00
Simone Ruffilli
6d89b88149
versions.tf maintenance + copyright notice bump ( #1782 )
...
* Bump copyright notice to 2023
* Delete versions.tf on blueprints
* Pin provider to major version 5
* Remove comment
* Fix lint
* fix bq-ml blueprint readme
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-20 18:17:47 +02:00
Luca Prete
6c48512f7e
[ #1764 ] net-lb-int: add support for dual stack and multiple forwarding rules
2023-10-17 09:30:34 +00:00
Julio Castillo
dfc5023e0b
Make deletion protection consistent across all modules ( #1735 )
...
* Expose deletion_protection in GKE modules
* Make deletion protection consistent across all modules
* Add deletion_protection option to blueprints
* Fix blueprints tests
* Fix types
* Update READMEs
* Fix dp readme
* Fix cmek blueprint default deletion_protection
* Fix blueprints tests
2023-10-05 17:31:07 +02:00
Julio Castillo
4b15605711
Fix dnssec keys lookup ( #1728 )
...
* Fix dnssec keys lookup
* Fix DNS examples
* Fix FAST and blueprints resource counts
2023-10-03 21:37:21 +02:00
Ludovico Magnocavallo
789328ff5a
Bump provider versions to v5.0.0 ( #1724 )
...
* bump provider versions to 5.0.0
* fix cloud run, logging and vpc-sc
* Fix secret manager
* fix gke nodepool
* fix gke multitenant stage and blueprint
* Moving alloydb module to experimental.
* Add project to bare resources in examples
* tfdoc
* fix svpc blueprint test
* Revert "fix svpc blueprint test"
This reverts commit 14f02659098070136e64ead600580dd52c23c339.
* Fix GKE peering project
* Disable tests in alloydb module
* Bring back secret ids in secret manager tests
* Remove duplicate key
* last push
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-03 12:15:36 +00:00
Ludovico Magnocavallo
df5daab6cc
Allow using no service account in compute-vm ( #1692 )
...
* module and tests
* align blueprints
* tfdoc
* remove stale variables
* fix blueprint
* variable description
2023-09-19 16:56:51 +00:00
Oliver Frolovs
6eb862a775
GKE cluster modules: add optional kube state metrics ( #1682 )
...
* `gke-cluster-standard`: add optional kube state metrics
* `gke-cluster-autopilot`: add optional kube state metrics
* FAST: add kube state metrics support for GKE
* blueprints/gke: add kube state metrics support
* Bump up the provider version to `v4.82.0`
2023-09-15 12:18:45 +01:00
Julio Castillo
f3be29cbc9
Fix tests
2023-09-15 00:27:55 +02:00
Julio Castillo
3d4cc7164a
Bump provider version to 4.80.0
2023-09-05 09:48:15 +02:00
Ludovico Magnocavallo
819894d2ba
IAM interface refactor ( #1595 )
...
* IAM modules refactor proposal
* policy
* subheading
* Update 20230816-iam-refactor.md
* log Julio's +1
* data-catalog-policy-tag
* dataproc
* dataproc
* folder
* folder
* folder
* folder
* project
* better filtering in test examples
* project
* folder
* folder
* organization
* fix variable descriptions
* kms
* net-vpc
* dataplex-datascan
* modules/iam-service-account
* modules/source-repository/
* blueprints/cloud-operations/vm-migration/
* blueprints/third-party-solutions/wordpress
* dataplex-datascan
* blueprints/cloud-operations/workload-identity-federation
* blueprints/data-solutions/cloudsql-multiregion/
* blueprints/data-solutions/composer-2
* Update 20230816-iam-refactor.md
* Update 20230816-iam-refactor.md
* capture discussion in architectural doc
* update variable names and refactor proposal
* project
* blueprints first round
* folder
* organization
* data-catalog-policy-tag
* re-enable folder inventory
* project module style fix
* dataproc
* source-repository
* source-repository tests
* dataplex-datascan
* dataplex-datascan tests
* net-vpc
* net-vpc test examples
* iam-service-account
* iam-service-account test examples
* kms
* boilerplate
* tfdoc
* fix module tests
* more blueprint fixes
* fix typo in data blueprints
* incomplete refactor of data platform foundations
* tfdoc
* data platform foundation
* refactor data platform foundation iam locals
* remove redundant example test
* shielded folder fix
* fix typo
* project factory
* project factory outputs
* tfdoc
* test workflow: less verbose tests, fix tf version
* re-enable -vv, shorter traceback, fix action version
* ignore github extension warning, re-enable action version
* fast bootstrap IAM, untested
* bootstrap stage IAM fixes
* stage 0 tests
* fast stage 1
* tenant stage 1
* minor changes to fast stage 0 and 1
* fast security stage
* fast mt stage 0
* fast mt stage 0
* fast pf
2023-08-20 09:44:20 +02:00
Eunan Hardy
dd3a298892
Moved allow_net_admin to enable_features flag. Bumped provider version to 4.76
2023-08-07 14:27:20 +01:00
Miren Esnaola
fa34499767
Removed unused attribute in variable of ha-vpn-over-blueprint blueprint
2023-08-02 13:02:17 +02:00
Ludovico Magnocavallo
b524aa137c
Peering module refactor ( #1547 )
...
* refactor net-vpc-peering module
* hub and spoke peering blueprint
* fast stages
* boilerplate
* fast tfdoc
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-07-29 21:33:57 +02:00
Miren Esnaola
cacb0c02e2
Refactoring of dns module
2023-07-19 12:57:44 +02:00
Ludovico Magnocavallo
d9f7cef1e7
allow using a separate resource for boot disk ( #1496 )
2023-07-07 15:40:13 +00:00
Ludovico Magnocavallo
638841c8d1
Rename network load balancer modules ( #1466 )
...
* update LB modules to new names
* update LB modules names
* update test paths
2023-06-26 07:50:10 +00:00
Wiktor Niesiobędzki
4b6552a6f6
Update README
2023-06-26 09:22:08 +02:00
Wiktor Niesiobędzki
173a00d795
Use EAD per enum https://cloud.google.com/compute/docs/reference/rest/v1/interconnectAttachments#InterconnectAttachment.FIELDS.edge_availability_domain
2023-06-26 09:22:08 +02:00
Wiktor Niesiobędzki
8a6555c581
Add preliminary support for partner interconnect
2023-06-26 09:22:08 +02:00
Ludovico Magnocavallo
bd3296bc46
Split Cloud Function module in separate v1 and v2 modules ( #1450 )
...
* split v1
* v2
* blueprints
* remove _http
2023-06-19 12:50:36 +02:00
bluPhy
26e5662e84
Some fixes
2023-06-16 00:01:07 +00:00
Taneli Leppä
81285065ca
Added module for Secure Web Proxy.
2023-06-13 08:49:58 +02:00
apichick
9db280bc28
Merge branch 'master' into net-vlan-attachment
2023-06-13 08:20:26 +02:00
Julio Castillo
fca74c2258
Fix test
2023-06-12 21:35:35 +02:00
Julio Castillo
bd9aa1514e
Fix linting errors
2023-06-12 21:25:15 +02:00
Miren Esnaola
500179f02f
Move net-dedicated-vlan-attachment module to net-vlan-attachment and added support for Partner interconnect
2023-06-12 14:21:01 +02:00
mark1000
7bdb69f8f8
Add newline to bottom of main.tf
2023-06-08 11:12:01 -07:00
Mark Schlagenhauf
359b30c141
Updating hub-and-spoke peering blueprint to use HA VPN.
2023-06-07 22:53:45 +00:00
lcaggio
39b27ac25e
Add support for Log Analytics on logging-bucket module and bump provider version ( #1423 )
...
* first commit
* Bump provider versions
* Fix tests
2023-06-07 23:23:28 +02:00
Alejandro Leal
6c11527762
Multiple Updates
...
modules/net-dedicated-vlan-attachment/variables.tf
modules/net-dedicated-vlan-attachment/README.md
CHANGELOG.md
blueprints/networking/ha-vpn-over-interconnect/README.md
2023-05-31 13:26:22 -04:00
Simone Ruffilli
7f561565e7
HA VPN over Interconnect modules and blueprint ( #1390 )
...
Two new modules, net-ipsec-over-interconnect to establish HA VPN over existing VLAN attachments, and net-dedicated-vlan-attachment to create (optionally encrypted) vlan attachments, as well as the ha-vpn-over-interconnect blueprint that shows how to compose such modules to create a 99.9% encrypted interconnect.
2023-05-31 10:53:38 +00:00