064d86511f
enable_logging variable was not being used
2023-06-14 19:22:04 +02:00
30ae108c89
Ignore Cloud Run system annotations/labels
...
Ignore explicitly:
* metadata.0.annotations["run.googleapis.com/operation-id"],
* template.0.metadata.0.labels["run.googleapis.com/startupProbeType"]
To remove permdiff in terraform plan. Not ignoring all changes in
annotations as it implements some of the functionality and it prevents
detecting drift.
Related: #1435 , #1269
2023-06-13 10:07:04 +02:00
81285065ca
Added module for Secure Web Proxy.
2023-06-13 08:49:58 +02:00
500179f02f
Move net-dedicated-vlan-attachment module to net-vlan-attachment and added support for Partner interconnect
2023-06-12 14:21:01 +02:00
50d8d4b8b8
Add subnets id output, expand net-address outputs
2023-06-12 10:24:30 +02:00
e900e9c951
Make internal/external addresses optional in compute-vm
...
Fixes 1431
2023-06-08 14:00:10 +02:00
d248f799d9
Merge branch 'master' into net-ilb-l7-psc-negs
2023-06-08 12:35:17 +02:00
a7b944aa8e
fix serverless neg example ( #1430 )
2023-06-08 12:05:54 +02:00
ebeace21dd
Added support for PSC negs in net-ilb-l7 module
2023-06-08 11:18:32 +02:00
c024eca320
Add custom tag support to FAST ( #1426 )
...
* initial implementation of custom tags
* depend org policies on tags
* fix test
* integrate default and custom org policy tags
2023-06-07 22:10:27 +00:00
39b27ac25e
Add support for Log Analytics on logging-bucket module and bump provider version ( #1423 )
...
* first commit
* Bump provider versions
* Fix tests
2023-06-07 23:23:28 +02:00
7bd6e5d57b
Small fixes ( #1425 )
...
* fix serverless connector plugin outputs
* add internal and lb to allowed ingress org policy
* add validation condition on cloud run ingress settings
* tfdoc
* plugin tfdoc
* allow disabling googleapis routes with a single instruction in net-vpc
* fix variable def
* fix variable description
* fix cr variable validation
* fix usage of create_googleapis_routes in examples and stages
2023-06-07 17:37:46 +00:00
fedb894f97
Fix NLB module ( #1419 )
...
* net-nlb fixes
* formatting
2023-06-05 19:42:32 +02:00
ea4c00756b
Network Load Balancer module ( #1418 )
...
* wip
* example tests passing
2023-06-05 13:21:40 +02:00
0d6751a5f4
Remove hardcoded description from instance groups created under net-ilb ( #1417 )
2023-06-05 09:35:17 +00:00
c439a66b27
Add notice to net-ilb module on routes ( #1415 )
...
* add support for routes
* boilerplate
* revert and add notice to README
* revert
* revert
* Fix README
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-06-05 09:40:34 +02:00
f2fe406a62
add alloydb module ( #1403 )
...
* add alloydb module
* fix typos
* fix typos
* Add default googleapi route creation to net-vpc
* Reuse existing logic to create default routes
* Update net-vpc README
* Fix modules and blueprints tests
* Rename to `create_googleapis_routes`
* Fix FAST tests
* Fix nva stages tests
* update changelog
* fix typos
* fix version
* rearrange variables
* fix lint
* fix lint
* fix README
* fix README
* fix comments
* fix variables
* fix READMEs
---------
Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Ludo <ludomagno@google.com>
2023-06-04 10:12:32 +00:00
87db60de1f
Add networksecurity to JIT identity list.
2023-06-02 16:11:16 +02:00
884cb8b4bf
Ensure all modules have an `id` output ( #1410 )
...
* net-vpc
* a-d
* complete modules
* fix error
2023-06-02 16:07:22 +02:00
f069562998
Added comment in the dns module, saying that inbound/outbound server policies are set in the net-vpc module ( #1405 )
...
Co-authored-by: Luca Prete <preteluca@gmail.com>
2023-06-02 11:35:25 +02:00
6c11527762
Multiple Updates
...
modules/net-dedicated-vlan-attachment/variables.tf
modules/net-dedicated-vlan-attachment/README.md
CHANGELOG.md
blueprints/networking/ha-vpn-over-interconnect/README.md
2023-05-31 13:26:22 -04:00
fda4daecff
Cosmetic documentation fixes
2023-05-31 13:51:15 +02:00
7f561565e7
HA VPN over Interconnect modules and blueprint ( #1390 )
...
Two new modules, net-ipsec-over-interconnect to establish HA VPN over existing VLAN attachments, and net-dedicated-vlan-attachment to create (optionally encrypted) vlan attachments, as well as the ha-vpn-over-interconnect blueprint that shows how to compose such modules to create a 99.9% encrypted interconnect.
2023-05-31 10:53:38 +00:00
3ac6ceac1e
Add trigger SA for Cloud Run
2023-05-30 17:08:37 +02:00
0888cce3a5
Rename to `create_googleapis_routes`
2023-05-26 16:43:43 +02:00
cecbd2072c
Fix modules and blueprints tests
2023-05-26 16:38:41 +02:00
563b5fa0cb
Update net-vpc README
2023-05-26 12:46:16 +02:00
1e8c58c88e
Reuse existing logic to create default routes
2023-05-26 12:01:38 +02:00
7a91a7e41c
Add default googleapi route creation to net-vpc
2023-05-26 10:55:35 +02:00
e479d9815b
Merge branch 'master' into juliocc-patch-1
2023-05-24 12:46:04 +02:00
aa80109081
allow to configure `stack_type` in the GKE modules ( #1395 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-05-24 10:19:43 +00:00
4aa99ea829
allow setting identities in egress policies ( #1394 )
2023-05-24 12:05:16 +02:00
d22bf2ec6b
Update README.md
2023-05-24 11:34:21 +02:00
fddf8b52bc
Fix sort order
2023-05-22 19:11:33 +02:00
3e67fc00ca
Add default Cloud Build SA to project module
2023-05-22 19:11:33 +02:00
a5bbd09776
Support CMEK encryption in logging-bucket module
...
We have a use case, Local Controls, that requires to configure
CMEK with Logging buckets. This commit adds an optional variable to
configure CMEK in the `logging-bucket` module. By default the Logging
bucket won't use CMEK encryption.
To configure CMEK for Logging buckets it's also required to add the
correct permissions to the bucket service account. For more information
and a Terraform example, see:
https://cloud.google.com/logging/docs/routing/managed-encryption-storage
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/logging_project_bucket_config#example-usage
2023-05-22 15:12:27 +01:00
6a89d71e96
Update to multiple README.md ( #1379 )
...
- blueprints/data-solutions/data-platform-foundations/README.md
- blueprints/factories/project-factory/README.md
- modules/net-ilb-l7/README.md
- modules/project/README.md
2023-05-16 06:11:34 +00:00
0ad21351c0
Merge branch 'master' into master
2023-05-15 14:25:42 -04:00
2cbd85c8e0
Merge branch 'master' into jccb/nat-rules
2023-05-14 15:29:52 +02:00
dd1e5dc463
added the export_public_ip_routes variable in the net-vpc-peering mod… ( #1374 )
...
* added the export_public_ip_routes variable in the net-vpc-peering module to control the google_compute_network_peering resource created
* adding period to the variable description
2023-05-14 15:29:24 +02:00
87cd83f5c0
Several updates
...
Several updates
2023-05-13 23:51:46 -04:00
8e1e761577
Merge branch 'master' into cloud-functions-cpu
2023-05-13 09:45:10 +02:00
4df6c90d12
Made available CPUs configurable in Cloud Functions module
2023-05-12 21:36:22 +02:00
d20a078134
Cloud NAT rules support
2023-05-12 16:20:38 +02:00
20b8002602
feat(net-cloudnat): add config_port_allocation configuration block
2023-05-11 12:20:43 -07:00
b8b6f0dcc2
Add versions.tf to ncc-spoke-ra module
2023-05-09 16:00:13 +02:00
8c7b6b2410
Update README tfdoc
2023-05-05 19:52:41 +02:00
252be12bd4
Update README showing the Shared VPC use case
2023-05-05 19:38:34 +02:00
aec85a20c9
Add support for Shared VPC in Cloud Run
...
A VPC access connector in a Shared VPC needs to specify the subnet
and subnet project (the host project).
2023-05-05 18:15:19 +02:00
c344606ae5
Add module link to README ( #1357 )
...
* Add dataplex module
* fix dataplex test
* resolve comments
* python test removed
* Change variable desc
* refactor variables
* fix typos
* fix assets & zones resources
* fix linting error
* fix tests
* fix typo
* add module link in README
---------
Co-authored-by: lcaggio <lorenzo.caggioni@gmail.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-05-05 08:10:09 +00:00
e333b6ffa2
Change serve_while_stale type to a number ( #1329 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-05-05 07:41:12 +00:00
23299f7bd7
Add cloud dataplex module ( #1308 )
...
* Add dataplex module
* fix dataplex test
* resolve comments
* python test removed
* Change variable desc
* refactor variables
* fix typos
* fix assets & zones resources
* fix linting error
* fix tests
* fix typo
2023-05-05 09:26:46 +02:00
efb0ebe689
Switch FAST networking stages to network policies for Google domains ( #1352 )
...
* peering stage implementation
* vpn stage implementation
* tfdoc
* tests
* add most supported google domains
* align all net stages
* add support for factory to DNS response policy module
* use dns policy factory in network stages
* boilerplate
2023-05-04 07:38:40 +02:00
5763eb53d4
Enhance GKE Backup Configuration Support ( #1349 )
...
* Add more support for backup configuration
* Update docs
* Remove redundant lookups
2023-05-02 14:59:12 +00:00
98c8643886
ignore entire node config in standard cluster ( #1348 )
2023-05-02 15:23:02 +02:00
94589efc34
Fix external documentation links ( #1347 )
2023-05-02 05:26:58 +00:00
8e55374717
Merge branch 'master' into lcaggio/vertex-01
2023-04-24 20:33:03 +02:00
df7cf3d278
Migrate compute-mig tests
2023-04-21 17:51:20 +02:00
eab9053e16
Migrate billing-budget tests
2023-04-21 17:51:20 +02:00
1649787905
Migrate kms tests
2023-04-21 17:51:20 +02:00
1c7f8f5907
Migrate bigquery-dataset tests
2023-04-21 17:51:20 +02:00
230a1034ec
Migrate net-address tests
2023-04-21 17:51:19 +02:00
924230eb12
Migrate gke-hub tests
2023-04-21 17:51:19 +02:00
e881537f87
Separating GKE Standard and Autopilot Modules ( #1330 )
...
* separating GKE Standard and Autopilot Modules
* Changes for Updating the terraform and provide versions
* Changes for Autopilot Readme
* Changes for Autopilot Variable
* Changes for Autopilot Readme
* Changes for Autopilot Readme
* Changes for Blueprint
* Changes for Blueprint ReadMe
* Changes for gke-standard-cluster dependency
* Changes for gke-standard-cluster in gke-fleet
* Changes for gke-standard-cluster in cluster-mesh-gke-fleet-api
* python formatting
* python formatting
* python formatting
* GKE module naming convention
* Readme Changes
* test module
* Removing comment code from Autopilot
2023-04-21 12:08:13 +00:00
15a4dcdd71
Merge branch 'master' into lcaggio/vertex-01
2023-04-19 11:51:53 +02:00
e24b993550
Add lifecycle for create certificate before destroy
2023-04-19 09:24:35 +01:00
edf67fc5d0
First commit
2023-04-18 17:32:15 +02:00
5807c03d88
Certifiate
2023-04-18 13:15:02 +01:00
e1ebfeecad
Fix the tf error: Inconsistent conditional result types
...
The conditional statement, with tomap({}) will cause the following error under terraform 1.4.5
Error: Inconsistent conditional result types
│
│ on ../../../modules/net-vpc/subnets.tf line 20, in locals:
│ 20: _factory_data = var.data_folder == null ? tomap({}) : {
│ 21: for f in fileset(var.data_folder, "**/*.yaml") :
│ 22: trimsuffix(basename(f), ".yaml") => yamldecode(file("${var.data_folder}/${f}"))
│ 23: }
│ ├────────────────
│ │ var.data_folder is "data/subnets/common"
│
│ The false result value has the wrong type: element types must all match for conversion to map.
2023-04-18 19:54:37 +10:00
306b38295e
Add CMEK support
2023-04-17 23:32:13 +02:00
e8ff5080b9
Fix linting
2023-04-17 09:17:54 +02:00
4770cb06fd
Migrate cloudsql-instance examples
2023-04-17 09:17:54 +02:00
461f7780c2
Migrate bigtable-instance tests
2023-04-17 09:17:54 +02:00
5f82938739
Migrate cloud-identity-group tests
2023-04-17 09:17:54 +02:00
771dd02b18
Migrate logging-bucket tests
2023-04-17 09:17:54 +02:00
0150e97e51
Migrate endpoints tests
2023-04-17 09:17:54 +02:00
01b9921f5c
Migrate PubSub tests
2023-04-17 09:17:54 +02:00
1927b138d6
Migrate secret-manager tests
2023-04-17 09:17:54 +02:00
a2bffc7302
Migrate service-directory tests
2023-04-17 09:17:54 +02:00
ed49f3db39
Migrate source repository tests
2023-04-17 09:17:54 +02:00
f5e1717319
Migrate VPC-SC tests to examples
2023-04-17 09:17:54 +02:00
2d4bd5a244
Remove net-interconnect-attachment-direct
2023-04-14 11:01:54 +02:00
eca0a9583e
Add inventories to net-vpc-firewall tests
2023-04-12 14:04:58 +02:00
063c5061c8
lowercase text
2023-04-12 08:25:33 +00:00
df789db9bd
updated spaces
2023-04-11 21:59:36 +00:00
b4156eff41
Merge branch 'GoogleCloudPlatform:master' into ajln-firewall
2023-04-11 22:58:22 +02:00
3673dc2774
Merge branch 'master' into fawzihmouda/firewall-enforcement-order
2023-04-11 23:44:56 +10:00
ebf93a66ad
add new test to README
2023-04-11 23:38:16 +10:00
4722efea40
bump provider versions
2023-04-11 22:18:31 +10:00
3c4254fc1f
update firewall_policy_enforcement_order variable
2023-04-11 22:08:41 +10:00
6db1a5f5d3
updated variables doc
2023-04-11 11:39:47 +00:00
d150f03b41
included link to the tf resource bug in a comment
2023-04-11 11:30:12 +00:00
4e426a990a
correct naming in source destination egress fw rule
2023-04-11 10:48:56 +00:00
6f1e531af0
added example for source&destination ranges usage in fw rules
2023-04-11 10:45:45 +00:00
b809b315f6
added example for source&destination ranges usage in fw rules
2023-04-11 10:43:32 +00:00
660da5b585
Merge branch 'GoogleCloudPlatform:master' into ajln-firewall
2023-04-11 12:24:06 +02:00
4ccf9f9361
included an empty list as default in the ingress_rules.destination_ranges variable
2023-04-11 10:22:08 +00:00
33e8b42842
Use labels var in cloud-run module ( #1310 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-04-11 03:06:13 +00:00
adb88d8a87
allow destination_range variable in ingress rules and source_range in egress rules
2023-04-10 14:00:55 +00:00
18f1e8ebb1
added source and destination ranges to both ingress and egress fw rules
2023-04-10 10:47:51 +00:00
Miren Esnaola
Wiktor Niesiobędzki
Taneli Leppä
Julio Castillo
Ludovico Magnocavallo
lcaggio
Luca Prete
Prabha Arya
Alejandro Leal
Simone Ruffilli
Benoît Sauvère
Ana Fernandez del Alamo
Manuel Aller
Jay Schwerberg
Julio Diez
Toby Archer
Brent Walker
Bob Idle
Avinash Jha
bjohnrl
bjohnrl
jamesmao-xyz
ajlopezn
Antonio Lopez
Fawzi
Mikhail Filipchuk