Ludovico Magnocavallo
71a64487d5
Extend FAST to support different principal types ( #2064 )
...
* add doc draft
* typos
* typo
* typo
* typos
* rewording
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* move iam variables to a separate file
* move billing-account module to iam_principals
* move data-catalog-policy-tag module to iam_principals
* move dataplex-datascan module to iam_principals
* move dataproc module to iam_principals
* move folder module to iam_principals
* copyright
* move organization module to iam_principals
* move project module to iam_principals
* move source-repository module to iam_principals
* update blueprints for iam_principals interface
* FAST bootstrap
* module READMEs fixes
* FAST bootstrap
* FAST networking stages
* FAST security stage
* FAST gke stage
* FAST multitenant bootstrap stage
* FAST multitenant resman stage
* tfdoc
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* fix module test
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Rename iam_principals to iam_by_principals
* Update IAM template to include iam_by_principals
* Update Resman README
* Fix ADR link format
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-02-12 14:35:30 +01:00
Wiktor Niesiobędzki
2c9eb5795b
Bum terraform to version 1.7.0
2024-02-07 17:25:11 +01:00
Ludovico Magnocavallo
bf93b6fb4e
fix typo in logging sinks interface ( #2015 )
2024-01-28 10:27:28 +01:00
Ludovico Magnocavallo
6d9b6403dd
add support for essential contacts to FAST ( #2010 )
2024-01-25 12:20:14 +01:00
Luca Prete
bc506795f2
compute-vm: add resource manager tags support for instance templates ( #1982 )
2024-01-16 17:40:15 +00:00
Luca Prete
c4123044b7
Use new resources in GCVE module, bump up provider versions ( #1941 )
2023-12-21 13:23:38 +00:00
Julio Castillo
b6e0557bbb
Simplify organization tags.tf locals ( #1932 )
...
* Simplify organization tags.tf locals
* Fix boilerplate
* Override github provider version for tests
2023-12-18 16:09:22 +00:00
Wiktor Niesiobędzki
c24d023c23
Sync tf version to version used by tests
2023-12-12 09:43:09 +01:00
Ludovico Magnocavallo
b65c57bcc2
bump tf version ( #1920 )
2023-12-12 09:19:46 +01:00
Ludovico Magnocavallo
bba814c091
Custom role factories for organization and project modules ( #1912 )
...
* backport custom role factories
* backport from fast ci/cd branch
* indent
* tfdoc
* fix module tests
2023-12-11 14:16:39 +00:00
Wiktor Niesiobędzki
d9f9410ae5
Use unique names for logging buckets in examples
...
Logging bucket name can be reused only after 7 days (when it is actually
deleted). When different tests reuse the same name, the ones that are
executed as 2nd and later will fail with message:
```
Error updating Logging Bucket Config [...]: googleapi: Error 400: Buckets
must be in an ACTIVE state to be modified
```
As their actual state is:
```
lifecycleState: DELETE_REQUESTED
```
2023-12-03 10:03:22 +00:00
apichick
66bd9d5160
Added workstation-cluster module
2023-11-30 07:02:28 +01:00
Wiktor Niesiobędzki
55f308cbea
Fix failing E2E tests for folders ( #1884 )
...
* Run tests requiring uniqueness on org level serially (organization tags, firewall policies)
* make gcs bucket name globally unique
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-11-24 08:09:13 +00:00
dibaskar-google
2d70bb8db2
E2E tests for folder module ( #1876 )
...
E2E tests for folder module
2023-11-22 10:25:11 +01:00
apichick
0f91a964da
Added back sink iam flag as module users might not have access to the sink destination and the role might need to be granted somewhere else
2023-11-07 08:11:23 +01:00
Wiktor Niesiobędzki
b40ad91629
Bump provider version to 5.4.0
2023-11-03 17:02:00 +00:00
Simone Ruffilli
4decc641bb
Stop wrapping yamldecode with try() ( #1812 )
2023-10-25 16:16:05 +02:00
Simone Ruffilli
6d89b88149
versions.tf maintenance + copyright notice bump ( #1782 )
...
* Bump copyright notice to 2023
* Delete versions.tf on blueprints
* Pin provider to major version 5
* Remove comment
* Fix lint
* fix bq-ml blueprint readme
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-20 18:17:47 +02:00
Ludovico Magnocavallo
77a4696aa6
Add gcp org policy constraints file to bootstrap stage ( #1775 )
...
* add gcp org policy constraints file to bootstrap
* make the org policy factories more resilient
2023-10-18 18:21:16 +00:00
Ludovico Magnocavallo
252127bde5
Billing account module ( #1743 )
...
* initial untested draft
* readme and tests
* folder module tfdoc
* remove redundant billing cost manager role in fast stage 0
* fix FAST test
2023-10-15 15:02:50 +00:00
Ludovico Magnocavallo
789328ff5a
Bump provider versions to v5.0.0 ( #1724 )
...
* bump provider versions to 5.0.0
* fix cloud run, logging and vpc-sc
* Fix secret manager
* fix gke nodepool
* fix gke multitenant stage and blueprint
* Moving alloydb module to experimental.
* Add project to bare resources in examples
* tfdoc
* fix svpc blueprint test
* Revert "fix svpc blueprint test"
This reverts commit 14f02659098070136e64ead600580dd52c23c339.
* Fix GKE peering project
* Disable tests in alloydb module
* Bring back secret ids in secret manager tests
* Remove duplicate key
* last push
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-03 12:15:36 +00:00
Oliver Frolovs
6eb862a775
GKE cluster modules: add optional kube state metrics ( #1682 )
...
* `gke-cluster-standard`: add optional kube state metrics
* `gke-cluster-autopilot`: add optional kube state metrics
* FAST: add kube state metrics support for GKE
* blueprints/gke: add kube state metrics support
* Bump up the provider version to `v4.82.0`
2023-09-15 12:18:45 +01:00
Ludovico Magnocavallo
ec3b705f53
Change type of `iam_bindings` variable to allow multiple conditional bindings ( #1658 )
...
* modules
* fast
* dns readme
2023-09-08 08:56:31 +02:00
Julio Castillo
3d4cc7164a
Bump provider version to 4.80.0
2023-09-05 09:48:15 +02:00
Julio Castillo
9eb768357e
Switch to count
2023-08-28 16:00:48 +02:00
Julio Castillo
04721a35ef
Allow single hfw policy association in folder and organization modules
2023-08-28 16:00:48 +02:00
Ludovico Magnocavallo
819894d2ba
IAM interface refactor ( #1595 )
...
* IAM modules refactor proposal
* policy
* subheading
* Update 20230816-iam-refactor.md
* log Julio's +1
* data-catalog-policy-tag
* dataproc
* dataproc
* folder
* folder
* folder
* folder
* project
* better filtering in test examples
* project
* folder
* folder
* organization
* fix variable descriptions
* kms
* net-vpc
* dataplex-datascan
* modules/iam-service-account
* modules/source-repository/
* blueprints/cloud-operations/vm-migration/
* blueprints/third-party-solutions/wordpress
* dataplex-datascan
* blueprints/cloud-operations/workload-identity-federation
* blueprints/data-solutions/cloudsql-multiregion/
* blueprints/data-solutions/composer-2
* Update 20230816-iam-refactor.md
* Update 20230816-iam-refactor.md
* capture discussion in architectural doc
* update variable names and refactor proposal
* project
* blueprints first round
* folder
* organization
* data-catalog-policy-tag
* re-enable folder inventory
* project module style fix
* dataproc
* source-repository
* source-repository tests
* dataplex-datascan
* dataplex-datascan tests
* net-vpc
* net-vpc test examples
* iam-service-account
* iam-service-account test examples
* kms
* boilerplate
* tfdoc
* fix module tests
* more blueprint fixes
* fix typo in data blueprints
* incomplete refactor of data platform foundations
* tfdoc
* data platform foundation
* refactor data platform foundation iam locals
* remove redundant example test
* shielded folder fix
* fix typo
* project factory
* project factory outputs
* tfdoc
* test workflow: less verbose tests, fix tf version
* re-enable -vv, shorter traceback, fix action version
* ignore github extension warning, re-enable action version
* fast bootstrap IAM, untested
* bootstrap stage IAM fixes
* stage 0 tests
* fast stage 1
* tenant stage 1
* minor changes to fast stage 0 and 1
* fast security stage
* fast mt stage 0
* fast mt stage 0
* fast pf
2023-08-20 09:44:20 +02:00
Ludovico Magnocavallo
def2f476d1
Add support for conditions to `iam_members` module variables ( #1594 )
...
* project
* data-catalog-policy-tag
* dataproc
* folder
* iam-service-account
* kms
* net-vpc
* organization
* source-repository
* dataplex-datascan
2023-08-15 16:28:23 +02:00
Ludovico Magnocavallo
adf2621727
Add new `iam_members` variable to IAM additive module interfaces ( #1589 )
...
* resource management modules
* data catalog policy
* dataproc
* service account
* kms
* net-vpc
* source repository
* dataplex datascan
* service account module variable order
2023-08-14 09:54:50 +00:00
Ludovico Magnocavallo
79373721df
Remove firewall policy management from resource management modules ( #1581 )
...
* rename firewall policy module, fix outputs
* add TOC to firewall policy module
* don't depend policy on parent id
* remove firewall policy from resource management modules
* remove factory conditionals
* fast net a and b
* fast stages
* fast tfdoc
* fast tfdoc
* remove unused test
* fix shielded folder blueprint
* fix shielded folder blueprint
2023-08-09 11:23:07 +00:00
Eunan Hardy
dd3a298892
Moved allow_net_admin to enable_features flag. Bumped provider version to 4.76
2023-08-07 14:27:20 +01:00
Julio Castillo
1fdec356e2
Update large TOCs
2023-07-28 15:43:51 +02:00
Ludovico Magnocavallo
551dc581e8
Implement proper support for data access logs in resource manager modules ( #1497 )
...
* organization module
* rename iam_bindings_authoritative to iam_policy, fix tests
* add support for data access logs and iam policy to folder module
* test inventories
* add support for data access logs and iam policy to project module
2023-07-10 08:08:02 +00:00
Ludovico Magnocavallo
d9f7cef1e7
allow using a separate resource for boot disk ( #1496 )
2023-07-07 15:40:13 +00:00
Ludovico Magnocavallo
6fcb010ff2
Add ToCs to resource manager modules ( #1471 )
...
* organization module
* folder
* project module
2023-06-27 09:36:28 +00:00
Taneli Leppä
81285065ca
Added module for Secure Web Proxy.
2023-06-13 08:49:58 +02:00
lcaggio
39b27ac25e
Add support for Log Analytics on logging-bucket module and bump provider version ( #1423 )
...
* first commit
* Bump provider versions
* Fix tests
2023-06-07 23:23:28 +02:00
Ludovico Magnocavallo
884cb8b4bf
Ensure all modules have an `id` output ( #1410 )
...
* net-vpc
* a-d
* complete modules
* fix error
2023-06-02 16:07:22 +02:00
Fawzi
4722efea40
bump provider versions
2023-04-11 22:18:31 +10:00
Ludovico Magnocavallo
865ef463bb
Support new fields in bigquery module, bump provider versions, unpin local provider ( #1306 )
...
* add support for new attributes to bigquery module
* bump provider versions
2023-04-05 14:22:52 +00:00
Ludovico Magnocavallo
79a6e9b191
pin local provider ( #1256 )
2023-03-16 10:59:06 +00:00
Dan Farmer
52eb83758f
Fix compute-vm:CloudKMS test for provider>=4.54.0
...
* TF provider >= 4.54.0 now returns `rsa_encrypted_key` for
`google_compute_disk.disks["attached-disk"]` (see
hashicorp/terraform-provider-google#4448 )
* Add this field to expected model to fix test assertion failure
* Update required TF provider to 4.55.0 (latest) since the assertion
will now fail with <4.54.0, which do not return `rsa_encrypted_key`
* Updated the whole repo on advice from @ludoo
2023-02-28 15:10:22 +00:00
Julio Castillo
a5e905cb80
Update remaining org policies
2023-02-21 15:49:16 +01:00
Julio Castillo
62834ca83a
Update READMEs
2023-02-21 15:49:16 +01:00
Julio Castillo
6b767c9035
Simplify org policies data model in resman modules.
2023-02-21 15:49:16 +01:00
Julio Castillo
08f2540872
Bump provider version
2023-02-07 15:59:29 +01:00
Wiktor Niesiobędzki
1a657b31d3
Bump beta provider to 4.48
...
This is the first version that supports `gateway_api_config` block
2023-01-29 15:50:24 +01:00
Julio Castillo
c8bfe892a6
Update folder tests
2023-01-03 16:52:31 +01:00
Julio Castillo
065b1471a8
Reorder org policy rules
2023-01-03 16:52:31 +01:00
Israel Herraiz
7df527e1ef
Bump versions EVERYWHERE
2022-12-23 00:06:42 +01:00