Miren Esnaola
064d86511f
enable_logging variable was not being used
2023-06-14 19:22:04 +02:00
Wiktor Niesiobędzki
30ae108c89
Ignore Cloud Run system annotations/labels
...
Ignore explicitly:
* metadata.0.annotations["run.googleapis.com/operation-id"],
* template.0.metadata.0.labels["run.googleapis.com/startupProbeType"]
To remove permdiff in terraform plan. Not ignoring all changes in
annotations as it implements some of the functionality and it prevents
detecting drift.
Related: #1435 , #1269
2023-06-13 10:07:04 +02:00
Taneli Leppä
81285065ca
Added module for Secure Web Proxy.
2023-06-13 08:49:58 +02:00
Miren Esnaola
500179f02f
Move net-dedicated-vlan-attachment module to net-vlan-attachment and added support for Partner interconnect
2023-06-12 14:21:01 +02:00
Julio Castillo
50d8d4b8b8
Add subnets id output, expand net-address outputs
2023-06-12 10:24:30 +02:00
Julio Castillo
e900e9c951
Make internal/external addresses optional in compute-vm
...
Fixes 1431
2023-06-08 14:00:10 +02:00
apichick
d248f799d9
Merge branch 'master' into net-ilb-l7-psc-negs
2023-06-08 12:35:17 +02:00
Ludovico Magnocavallo
a7b944aa8e
fix serverless neg example ( #1430 )
2023-06-08 12:05:54 +02:00
Miren Esnaola
ebeace21dd
Added support for PSC negs in net-ilb-l7 module
2023-06-08 11:18:32 +02:00
Ludovico Magnocavallo
c024eca320
Add custom tag support to FAST ( #1426 )
...
* initial implementation of custom tags
* depend org policies on tags
* fix test
* integrate default and custom org policy tags
2023-06-07 22:10:27 +00:00
lcaggio
39b27ac25e
Add support for Log Analytics on logging-bucket module and bump provider version ( #1423 )
...
* first commit
* Bump provider versions
* Fix tests
2023-06-07 23:23:28 +02:00
Ludovico Magnocavallo
7bd6e5d57b
Small fixes ( #1425 )
...
* fix serverless connector plugin outputs
* add internal and lb to allowed ingress org policy
* add validation condition on cloud run ingress settings
* tfdoc
* plugin tfdoc
* allow disabling googleapis routes with a single instruction in net-vpc
* fix variable def
* fix variable description
* fix cr variable validation
* fix usage of create_googleapis_routes in examples and stages
2023-06-07 17:37:46 +00:00
Ludovico Magnocavallo
fedb894f97
Fix NLB module ( #1419 )
...
* net-nlb fixes
* formatting
2023-06-05 19:42:32 +02:00
Ludovico Magnocavallo
ea4c00756b
Network Load Balancer module ( #1418 )
...
* wip
* example tests passing
2023-06-05 13:21:40 +02:00
Luca Prete
0d6751a5f4
Remove hardcoded description from instance groups created under net-ilb ( #1417 )
2023-06-05 09:35:17 +00:00
Ludovico Magnocavallo
c439a66b27
Add notice to net-ilb module on routes ( #1415 )
...
* add support for routes
* boilerplate
* revert and add notice to README
* revert
* revert
* Fix README
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-06-05 09:40:34 +02:00
Prabha Arya
f2fe406a62
add alloydb module ( #1403 )
...
* add alloydb module
* fix typos
* fix typos
* Add default googleapi route creation to net-vpc
* Reuse existing logic to create default routes
* Update net-vpc README
* Fix modules and blueprints tests
* Rename to `create_googleapis_routes`
* Fix FAST tests
* Fix nva stages tests
* update changelog
* fix typos
* fix version
* rearrange variables
* fix lint
* fix lint
* fix README
* fix README
* fix comments
* fix variables
* fix READMEs
---------
Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Ludo <ludomagno@google.com>
2023-06-04 10:12:32 +00:00
Taneli Leppä
87db60de1f
Add networksecurity to JIT identity list.
2023-06-02 16:11:16 +02:00
Ludovico Magnocavallo
884cb8b4bf
Ensure all modules have an `id` output ( #1410 )
...
* net-vpc
* a-d
* complete modules
* fix error
2023-06-02 16:07:22 +02:00
apichick
f069562998
Added comment in the dns module, saying that inbound/outbound server policies are set in the net-vpc module ( #1405 )
...
Co-authored-by: Luca Prete <preteluca@gmail.com>
2023-06-02 11:35:25 +02:00
Alejandro Leal
6c11527762
Multiple Updates
...
modules/net-dedicated-vlan-attachment/variables.tf
modules/net-dedicated-vlan-attachment/README.md
CHANGELOG.md
blueprints/networking/ha-vpn-over-interconnect/README.md
2023-05-31 13:26:22 -04:00
Simone Ruffilli
fda4daecff
Cosmetic documentation fixes
2023-05-31 13:51:15 +02:00
Simone Ruffilli
7f561565e7
HA VPN over Interconnect modules and blueprint ( #1390 )
...
Two new modules, net-ipsec-over-interconnect to establish HA VPN over existing VLAN attachments, and net-dedicated-vlan-attachment to create (optionally encrypted) vlan attachments, as well as the ha-vpn-over-interconnect blueprint that shows how to compose such modules to create a 99.9% encrypted interconnect.
2023-05-31 10:53:38 +00:00
Wiktor Niesiobędzki
3ac6ceac1e
Add trigger SA for Cloud Run
2023-05-30 17:08:37 +02:00
Julio Castillo
0888cce3a5
Rename to `create_googleapis_routes`
2023-05-26 16:43:43 +02:00
Julio Castillo
cecbd2072c
Fix modules and blueprints tests
2023-05-26 16:38:41 +02:00
Julio Castillo
563b5fa0cb
Update net-vpc README
2023-05-26 12:46:16 +02:00
Julio Castillo
1e8c58c88e
Reuse existing logic to create default routes
2023-05-26 12:01:38 +02:00
Julio Castillo
7a91a7e41c
Add default googleapi route creation to net-vpc
2023-05-26 10:55:35 +02:00
Julio Castillo
e479d9815b
Merge branch 'master' into juliocc-patch-1
2023-05-24 12:46:04 +02:00
Benoît Sauvère
aa80109081
allow to configure `stack_type` in the GKE modules ( #1395 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-05-24 10:19:43 +00:00
Ludovico Magnocavallo
4aa99ea829
allow setting identities in egress policies ( #1394 )
2023-05-24 12:05:16 +02:00
Julio Castillo
d22bf2ec6b
Update README.md
2023-05-24 11:34:21 +02:00
Julio Castillo
fddf8b52bc
Fix sort order
2023-05-22 19:11:33 +02:00
Julio Castillo
3e67fc00ca
Add default Cloud Build SA to project module
2023-05-22 19:11:33 +02:00
Ana Fernandez del Alamo
a5bbd09776
Support CMEK encryption in logging-bucket module
...
We have a use case, Local Controls, that requires to configure
CMEK with Logging buckets. This commit adds an optional variable to
configure CMEK in the `logging-bucket` module. By default the Logging
bucket won't use CMEK encryption.
To configure CMEK for Logging buckets it's also required to add the
correct permissions to the bucket service account. For more information
and a Terraform example, see:
https://cloud.google.com/logging/docs/routing/managed-encryption-storage
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/logging_project_bucket_config#example-usage
2023-05-22 15:12:27 +01:00
Alejandro Leal
6a89d71e96
Update to multiple README.md ( #1379 )
...
- blueprints/data-solutions/data-platform-foundations/README.md
- blueprints/factories/project-factory/README.md
- modules/net-ilb-l7/README.md
- modules/project/README.md
2023-05-16 06:11:34 +00:00
Alejandro Leal
0ad21351c0
Merge branch 'master' into master
2023-05-15 14:25:42 -04:00
Ludovico Magnocavallo
2cbd85c8e0
Merge branch 'master' into jccb/nat-rules
2023-05-14 15:29:52 +02:00
Manuel Aller
dd1e5dc463
added the export_public_ip_routes variable in the net-vpc-peering mod… ( #1374 )
...
* added the export_public_ip_routes variable in the net-vpc-peering module to control the google_compute_network_peering resource created
* adding period to the variable description
2023-05-14 15:29:24 +02:00
Alejandro Leal
87cd83f5c0
Several updates
...
Several updates
2023-05-13 23:51:46 -04:00
Julio Castillo
8e1e761577
Merge branch 'master' into cloud-functions-cpu
2023-05-13 09:45:10 +02:00
Miren Esnaola
4df6c90d12
Made available CPUs configurable in Cloud Functions module
2023-05-12 21:36:22 +02:00
Julio Castillo
d20a078134
Cloud NAT rules support
2023-05-12 16:20:38 +02:00
Jay Schwerberg
20b8002602
feat(net-cloudnat): add config_port_allocation configuration block
2023-05-11 12:20:43 -07:00
Julio Castillo
b8b6f0dcc2
Add versions.tf to ncc-spoke-ra module
2023-05-09 16:00:13 +02:00
Julio Diez
8c7b6b2410
Update README tfdoc
2023-05-05 19:52:41 +02:00
Julio Diez
252be12bd4
Update README showing the Shared VPC use case
2023-05-05 19:38:34 +02:00
Julio Diez
aec85a20c9
Add support for Shared VPC in Cloud Run
...
A VPC access connector in a Shared VPC needs to specify the subnet
and subnet project (the host project).
2023-05-05 18:15:19 +02:00
Prabha Arya
c344606ae5
Add module link to README ( #1357 )
...
* Add dataplex module
* fix dataplex test
* resolve comments
* python test removed
* Change variable desc
* refactor variables
* fix typos
* fix assets & zones resources
* fix linting error
* fix tests
* fix typo
* add module link in README
---------
Co-authored-by: lcaggio <lorenzo.caggioni@gmail.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-05-05 08:10:09 +00:00
Toby Archer
e333b6ffa2
Change serve_while_stale type to a number ( #1329 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-05-05 07:41:12 +00:00
Prabha Arya
23299f7bd7
Add cloud dataplex module ( #1308 )
...
* Add dataplex module
* fix dataplex test
* resolve comments
* python test removed
* Change variable desc
* refactor variables
* fix typos
* fix assets & zones resources
* fix linting error
* fix tests
* fix typo
2023-05-05 09:26:46 +02:00
Ludovico Magnocavallo
efb0ebe689
Switch FAST networking stages to network policies for Google domains ( #1352 )
...
* peering stage implementation
* vpn stage implementation
* tfdoc
* tests
* add most supported google domains
* align all net stages
* add support for factory to DNS response policy module
* use dns policy factory in network stages
* boilerplate
2023-05-04 07:38:40 +02:00
Brent Walker
5763eb53d4
Enhance GKE Backup Configuration Support ( #1349 )
...
* Add more support for backup configuration
* Update docs
* Remove redundant lookups
2023-05-02 14:59:12 +00:00
Ludovico Magnocavallo
98c8643886
ignore entire node config in standard cluster ( #1348 )
2023-05-02 15:23:02 +02:00
Bob Idle
94589efc34
Fix external documentation links ( #1347 )
2023-05-02 05:26:58 +00:00
Julio Castillo
8e55374717
Merge branch 'master' into lcaggio/vertex-01
2023-04-24 20:33:03 +02:00
Julio Castillo
df7cf3d278
Migrate compute-mig tests
2023-04-21 17:51:20 +02:00
Julio Castillo
eab9053e16
Migrate billing-budget tests
2023-04-21 17:51:20 +02:00
Julio Castillo
1649787905
Migrate kms tests
2023-04-21 17:51:20 +02:00
Julio Castillo
1c7f8f5907
Migrate bigquery-dataset tests
2023-04-21 17:51:20 +02:00
Julio Castillo
230a1034ec
Migrate net-address tests
2023-04-21 17:51:19 +02:00
Julio Castillo
924230eb12
Migrate gke-hub tests
2023-04-21 17:51:19 +02:00
Avinash Jha
e881537f87
Separating GKE Standard and Autopilot Modules ( #1330 )
...
* separating GKE Standard and Autopilot Modules
* Changes for Updating the terraform and provide versions
* Changes for Autopilot Readme
* Changes for Autopilot Variable
* Changes for Autopilot Readme
* Changes for Autopilot Readme
* Changes for Blueprint
* Changes for Blueprint ReadMe
* Changes for gke-standard-cluster dependency
* Changes for gke-standard-cluster in gke-fleet
* Changes for gke-standard-cluster in cluster-mesh-gke-fleet-api
* python formatting
* python formatting
* python formatting
* GKE module naming convention
* Readme Changes
* test module
* Removing comment code from Autopilot
2023-04-21 12:08:13 +00:00
lcaggio
15a4dcdd71
Merge branch 'master' into lcaggio/vertex-01
2023-04-19 11:51:53 +02:00
bjohnrl
e24b993550
Add lifecycle for create certificate before destroy
2023-04-19 09:24:35 +01:00
lcaggio
edf67fc5d0
First commit
2023-04-18 17:32:15 +02:00
bjohnrl
5807c03d88
Certifiate
2023-04-18 13:15:02 +01:00
jamesmao-xyz
e1ebfeecad
Fix the tf error: Inconsistent conditional result types
...
The conditional statement, with tomap({}) will cause the following error under terraform 1.4.5
Error: Inconsistent conditional result types
│
│ on ../../../modules/net-vpc/subnets.tf line 20, in locals:
│ 20: _factory_data = var.data_folder == null ? tomap({}) : {
│ 21: for f in fileset(var.data_folder, "**/*.yaml") :
│ 22: trimsuffix(basename(f), ".yaml") => yamldecode(file("${var.data_folder}/${f}"))
│ 23: }
│ ├────────────────
│ │ var.data_folder is "data/subnets/common"
│
│ The false result value has the wrong type: element types must all match for conversion to map.
2023-04-18 19:54:37 +10:00
lcaggio
306b38295e
Add CMEK support
2023-04-17 23:32:13 +02:00
Julio Castillo
e8ff5080b9
Fix linting
2023-04-17 09:17:54 +02:00
Julio Castillo
4770cb06fd
Migrate cloudsql-instance examples
2023-04-17 09:17:54 +02:00
Julio Castillo
461f7780c2
Migrate bigtable-instance tests
2023-04-17 09:17:54 +02:00
Julio Castillo
5f82938739
Migrate cloud-identity-group tests
2023-04-17 09:17:54 +02:00
Julio Castillo
771dd02b18
Migrate logging-bucket tests
2023-04-17 09:17:54 +02:00
Julio Castillo
0150e97e51
Migrate endpoints tests
2023-04-17 09:17:54 +02:00
Julio Castillo
01b9921f5c
Migrate PubSub tests
2023-04-17 09:17:54 +02:00
Julio Castillo
1927b138d6
Migrate secret-manager tests
2023-04-17 09:17:54 +02:00
Julio Castillo
a2bffc7302
Migrate service-directory tests
2023-04-17 09:17:54 +02:00
Julio Castillo
ed49f3db39
Migrate source repository tests
2023-04-17 09:17:54 +02:00
Julio Castillo
f5e1717319
Migrate VPC-SC tests to examples
2023-04-17 09:17:54 +02:00
Julio Castillo
2d4bd5a244
Remove net-interconnect-attachment-direct
2023-04-14 11:01:54 +02:00
Julio Castillo
eca0a9583e
Add inventories to net-vpc-firewall tests
2023-04-12 14:04:58 +02:00
ajlopezn
063c5061c8
lowercase text
2023-04-12 08:25:33 +00:00
ajlopezn
df789db9bd
updated spaces
2023-04-11 21:59:36 +00:00
Antonio Lopez
b4156eff41
Merge branch 'GoogleCloudPlatform:master' into ajln-firewall
2023-04-11 22:58:22 +02:00
Fawzi
3673dc2774
Merge branch 'master' into fawzihmouda/firewall-enforcement-order
2023-04-11 23:44:56 +10:00
Fawzi
ebf93a66ad
add new test to README
2023-04-11 23:38:16 +10:00
Fawzi
4722efea40
bump provider versions
2023-04-11 22:18:31 +10:00
Fawzi
3c4254fc1f
update firewall_policy_enforcement_order variable
2023-04-11 22:08:41 +10:00
ajlopezn
6db1a5f5d3
updated variables doc
2023-04-11 11:39:47 +00:00
ajlopezn
d150f03b41
included link to the tf resource bug in a comment
2023-04-11 11:30:12 +00:00
ajlopezn
4e426a990a
correct naming in source destination egress fw rule
2023-04-11 10:48:56 +00:00
ajlopezn
6f1e531af0
added example for source&destination ranges usage in fw rules
2023-04-11 10:45:45 +00:00
ajlopezn
b809b315f6
added example for source&destination ranges usage in fw rules
2023-04-11 10:43:32 +00:00
Antonio Lopez
660da5b585
Merge branch 'GoogleCloudPlatform:master' into ajln-firewall
2023-04-11 12:24:06 +02:00
ajlopezn
4ccf9f9361
included an empty list as default in the ingress_rules.destination_ranges variable
2023-04-11 10:22:08 +00:00
Mikhail Filipchuk
33e8b42842
Use labels var in cloud-run module ( #1310 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-04-11 03:06:13 +00:00
ajlopezn
adb88d8a87
allow destination_range variable in ingress rules and source_range in egress rules
2023-04-10 14:00:55 +00:00
ajlopezn
18f1e8ebb1
added source and destination ranges to both ingress and egress fw rules
2023-04-10 10:47:51 +00:00