Alejandro Leal
0ad21351c0
Merge branch 'master' into master
2023-05-15 14:25:42 -04:00
Natalia Strelkova
c4ec4868c2
Merge branch 'master' into fast-home-path-fix
2023-05-15 13:16:55 +02:00
Natalia Strelkova
f5b10fa3da
Fixed home path
2023-05-15 12:55:43 +02:00
Alex Ostapenko
7861ea74b8
fixed permissions for security stage SA ( #1376 )
...
it should be able to use automation project
as a quota project, hence it needs `serviceusage.serviceUsageConsumer`
role
2023-05-15 10:20:33 +00:00
Alejandro Leal
87cd83f5c0
Several updates
...
Several updates
2023-05-13 23:51:46 -04:00
Fawzi
ac349332c4
fix routes priority typo
2023-05-09 21:28:56 +10:00
Jack P
491b52f023
update variables files for gke nodepool taints ( #1358 )
...
* update variables files for gke node config taints to allow passing of node objects
* forgot to run terraform fmt..
* update module docs
2023-05-05 19:42:00 +02:00
Ludovico Magnocavallo
efb0ebe689
Switch FAST networking stages to network policies for Google domains ( #1352 )
...
* peering stage implementation
* vpn stage implementation
* tfdoc
* tests
* add most supported google domains
* align all net stages
* add support for factory to DNS response policy module
* use dns policy factory in network stages
* boilerplate
2023-05-04 07:38:40 +02:00
Ludovico Magnocavallo
75cc2f3d7a
FAST: shorten stage 3 prefixes, enforce prefix length in stage 3s ( #1346 )
...
* shorten stage 3 prefixes, enforce prefix length in stage 3s
* tfdoc
* tfdoc
2023-05-03 07:39:41 +02:00
Julio Castillo
6f06ca5781
Fix readmes
2023-04-27 12:46:52 +02:00
Julio Castillo
016a4e08ae
fix fast tftest directives
2023-04-21 17:51:20 +02:00
Dazbo
56261101c3
Allow longer org pfx plus tenant pfx ( #1318 )
...
Thanks!!!
2023-04-12 01:36:37 +02:00
derailed-dash
6917343a33
Fixed type in readme for FAST stages
2023-04-08 19:35:21 +01:00
Luca Prete
a9cba47ce8
Add FAST stage 2-networking-e-nva-bgp (NVA+NCC)
...
Co-authored-by: Luca Prete <lucaprete@google.com>
Co-authored-by: Simone Bruzzechesse <bruzzechesse@google.com>
Co-authored-by: Simone Ruffilli <sruffilli@google.com>
2023-04-04 20:41:04 +02:00
Geoff Cardamone
11b4fee5b5
Update Provider and Terraform variables section ( #1284 )
...
Updating readme so that the provider and terraform variables section is identical to the documentation in the other stages.
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-03-28 14:18:44 +00:00
Ludovico Magnocavallo
3d41d01efc
FAST plugin system ( #1266 )
...
* plugin folder, gitignore, serverless connector example
* add support to fast plugin variables and outputs to tfdoc
* rename folder, READMEs
* add variable description
* show diffs
* check documentation, use multiple files
* debug check doc
* try a different glob
* debug tfdoc names
* more debug
* and even more debug
* fix gitignore
* fix links
* support extra files in tests
* fix fixture, switch stage 2 peering to new tests
* tfdoc
* Allow globs in extra files
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-03-24 12:28:32 +00:00
simonebruzzechesse
c4c4688adc
Small fixes to FAST Networking stage with NVAs ( #1273 )
...
* fix issue with test-resources and internet connectivity from spokes
* terraform fmt
* removed reference to startup-script in README.md
2023-03-23 09:57:01 +01:00
Ludovico Magnocavallo
5edc931bf9
add missing secret to spoke tunnels ( #1265 )
2023-03-17 20:52:40 +01:00
Ludovico Magnocavallo
5fb17cb3ac
Widen scope for prod project factory SA to dev ( #1263 )
...
* restrict storage role on outputs bucket for stage SAs
* grant prod project factory SA authority over prod and dev org policies
* network stages delegated grants on dev to prod pf SA
* security grants to prod pf SA on dev
* tfdoc
* tests
2023-03-17 16:24:55 +00:00
Ludo
367f4b6670
remove debug output
2023-03-17 15:35:18 +01:00
Ludovico Magnocavallo
2794cb6f24
Fix #1139 ( #1249 )
2023-03-15 11:43:43 +01:00
Natalia Strelkova
fe7725e7d0
formatting
2023-03-14 14:48:04 +00:00
Natalia Strelkova
8bf3e11f34
location and storage class added to GKE GCS buckets
2023-03-14 15:43:55 +01:00
Ludovico Magnocavallo
112d9a8d9c
Allow using existing boot disk in compute-vm module ( #1241 )
...
* allow using existing boot disk in compute-vm module
* allow setting initialize params to null
* tests
* fast
* blueprints
2023-03-12 10:53:59 +01:00
Ludovico Magnocavallo
6e70b4216f
add missing attribute to FAST onprem VPN examples ( #1237 )
2023-03-10 14:58:33 +00:00
Ludovico Magnocavallo
be06554bba
Simplify VPN implementation in FAST networking stages ( #1228 )
...
* peering stage
* fix link, toc
* vpn stage
* fix link
* nva stage
* fix examples and test
* separate envs stage
* tfdoc
2023-03-09 17:57:44 +01:00
Julio Castillo
38808b37c0
Manage billing.creator role authoritatively in FAST bootstrap.
...
By default new orgs grant billing.creator and
resourcemanager.projectCreator to the whole domain[1]. This PR makes
FAST remove the former binding during the bootstrap (the latter is
already managed by FAST).
Fixes #1220
[1] https://cloud.google.com/resource-manager/docs/default-access-control
2023-03-07 17:52:00 +01:00
Natalia Strelkova
1f8e4cf1bf
FAQ on installing Fast on a non-empty org
2023-03-07 15:45:38 +01:00
Justin M
4eff309685
Update subnet sample yaml files to use subnet_secondary_ranges ( #1203 )
...
* Replaces 'secondary_ip_range:' with 'secondary_ip_ranges:' in samples
* Replaces 'secondary_ip_range:' with 'secondary_ip_ranges:' in tests/
* reverts previous commit- files in tests/ don't need to be changed
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-03-05 19:37:23 +01:00
Ludovico Magnocavallo
8fc9549c58
add support for proxy and psc subnets to module factory ( #1211 )
2023-03-05 17:08:43 +01:00
Ludovico Magnocavallo
96e829bdf3
Billing exclusion support for FAST mt resman ( #1209 )
...
* fix files resource parsing in tfdoc
* fix tfdoc generated output
* billing exclusion support in mt bootstrap
2023-03-03 16:23:36 +00:00
Ludovico Magnocavallo
2217abe5f0
Allow preventing creation of billing IAM roles in FAST, add instructions on delayed billing association ( #1207 )
...
* stage 0
* resman and networking stages
* tfdoc
* security stage
2023-03-03 09:24:41 +01:00
Ludovico Magnocavallo
6320c53baf
Allow multiple peer gateways in vpn ha module ( #1184 )
...
* allow multiple peer gateways in vpn ha module
* align blueprints
* fast
2023-02-27 10:18:59 +00:00
lcaggio
47855cb682
Merge branch 'master' into lcaggio/dp-projectcreate
2023-02-23 11:54:48 +01:00
Wiktor Niesiobędzki
ad0840656b
Add documentation about referring modules stored on CSR
2023-02-22 10:02:54 +01:00
lcaggio
ac75cbe71a
Fix lint.
2023-02-22 01:38:44 +01:00
lcaggio
2108b4650d
Fix Tests, rely on iam additive.
2023-02-22 01:36:01 +01:00
Julio Castillo
a5e905cb80
Update remaining org policies
2023-02-21 15:49:16 +01:00
Julio Castillo
d3bcf625f9
Update yaml org policies
2023-02-21 15:49:16 +01:00
lcaggio
2564c9b06a
Fix README
2023-02-20 01:17:08 +01:00
lcaggio
970b8ff255
Fix DP Fast variables.
2023-02-20 01:16:22 +01:00
lcaggio
63a81a9b9b
Fix Fast test
2023-02-20 01:12:19 +01:00
lcaggio
f4c1fa6c20
Fix tests.
2023-02-20 00:56:32 +01:00
Ludovico Magnocavallo
36a7347744
FAST stage docs cleanup ( #1145 )
...
* top-level and stage 0
* stage 1
* net peering
* networking
* networking
* security
* gke, dp
* checks
2023-02-15 05:42:14 +00:00
Julio Castillo
742b5bab62
Fix tfvars sample for fast bootstrap stage
2023-02-14 11:29:19 +02:00
Ludovico Magnocavallo
8708f490ce
Allow configuring regions from tfvars in FAST networking stages ( #1137 )
...
* configurable regions
* vpn, tests
* tfdoc
* separate envs
* nva
* test resources
* add new custom role for tenant network service accounts
* allow setting firewall policy name in networking stages
* fix stage links script
* set custom role to tenant networking service account
* rename tenant stage 1 provider files
* remove extra file
* fix peering and vpn
* tfdoc
* fix variable order
* tests
2023-02-08 09:59:43 +01:00
simonebruzzechesse
779c635682
Merged old bgp_peer_config parameter into bgp_peer aligning with newer version of tunnels variable available in the net-vpn-ha module ( #1133 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-02-07 22:58:28 +00:00
Ludovico Magnocavallo
2471e25c2c
post PR message on init or validate failure ( #1135 )
2023-02-07 10:04:03 +01:00
Ludovico Magnocavallo
9b8de3e415
fix stage links, fix stage 1 output file names ( #1134 )
2023-02-06 20:51:26 +01:00
Natalia Strelkova
803c9c3163
Merge branch 'master' into fast-networking-nva-no-peering-files
2023-02-04 16:12:35 +01:00