Ludovico Magnocavallo
5453c585e0
FAST multitenant bootstrap and resource management, rename org-level FAST stages ( #1052 )
...
* rename stages
* remove support for external org billing, rename output files
* resman: make groups optional, align on new billing account variable
* bootstrap: multitenant outputs
* tenant bootstrap stage, untested
* fix folder name
* fix stage 0 output names
* optional creation for tag keys in organization module
* single tenant bootstrap minus tag
* rename output files, add tenant tag key
* fix organization module tag values output
* test skipping creation for tags in organization module
* single tenant bootstrap plan working
* multitenant bootstrap
* tfdoc
* fix check links error messages
* fix links
* tfdoc
* fix links
* rename fast tests, fix bootstrap tests
* multitenant stages have their own folder, simplify stage numbering
* stage renumbering
* wip
* rename tests
* exclude fast providers in fixture
* stage 0 tests
* stage 1 tests
* network stages tests
* stage tests
* tfdoc
* fix links
* tfdoc
* multitenant tests
* remove local files
* stage links command
* fix links script, TODO
* wip
* wip single tenant bootstrap
* working tenant bootstrap
* update gitignore
* remove local files
* tfdoc
* remove local files
* allow tests for tenant bootstrap stage
* tenant bootstrap proxies stage 1 tfvars
* stage 2 and 3 service accounts and IAM in tenant bootstrap
* wip
* wip
* wip
* drop multitenant bootstrap
* tfdoc
* add missing stage 2 SAs, fix org-level IAM condition
* wip
* wip
* optional tag value creation in organization module
* stage 1 working
* linting
* linting
* READMEs
* wip
* Make stage-links script work in old macos bash
* stage links command help
* fix output file names
* diagrams
* fix svg
* stage 0 skeleton and diagram
* test svg
* test svg
* test diagram
* diagram
* readme
* fix stage links script
* stage 0 readme
* README changes
* stage readmes
* fix outputs order
* fix link
* fix tests
* stage 1 test
* skip stage example
* boilerplate
* fix tftest skip
* default bootstrap stage log sinks to log buckets
* add logging to tenant bootstrap
* move iam variables out of tenant config
* fix cicd, reintroduce missing variable
* use optional in stage 1 cicd variable
* rename extras stage
* rename and move identity providers local, use optional for cicd variable
* tfdoc
* add support for wif pool and providers, ci/cd
* tfdoc
* fix links
* better handling of modules repository
* add missing role on logging project
* fix cicd pools in locals, test cicd
* fix workflow extension
* fix module source replacement
* allow tenant bootstrap cicd sa to impersonate resman sa
* tenant workflow templates fix for no providers file
* fix output files, push github workflow template to new repository
* remove try from outpout files
* align stage 1 cicd internals to stage 0
* tfdoc
* tests
* fix tests
* tests
* improve variable descriptions
* use optional in fast features
* actually create tenant log sinks, and allow the resman sa to do it
* test
* tests
* aaaand tests again
* fast features tenant override
* fast features tenant override
* fix wording
* add missing comment
* configure pf service accounts
* add missing comment
* tfdoc
* tests
* IAM docs
* update copyright
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-02-04 15:00:45 +01:00
Julio Castillo
e700a27079
Enforce terraform fmt in examples
2022-12-18 14:00:19 +01:00
Julio Castillo
513fdfe91a
Make directive for supporting files in examples more explicit
2022-12-18 14:00:19 +01:00
Julio Castillo
b5ca8932dc
Migrate organization to example-based tests
2022-12-18 14:00:19 +01:00
Ludovico Magnocavallo
f3788fcd27
fix tag outputs ( #1012 )
2022-11-25 13:06:31 +00:00
Julio Castillo
d41dc678e6
Fix organization module
2022-11-21 13:17:55 +01:00
Julio Castillo
2cd74823b1
Generate files based on readme contents
2022-11-18 17:48:52 +01:00
Julio Castillo
5cfa1062cc
Ensure inline README file match fixture files
2022-11-18 17:48:52 +01:00
Julio Castillo
7be3288cc7
Add tests for factory examples
2022-11-18 17:48:52 +01:00
Luca Prete
4124ef41fc
Add network tags support to the organization module ( #979 )
2022-11-18 15:56:28 +01:00
Julio Castillo
c83a7de076
Remove as_logging_destination
2022-11-12 19:24:41 +01:00
Julio Castillo
8fe19ad7c2
Rename bigquery_use_partitioned_table
2022-11-12 11:30:34 +01:00
Julio Castillo
486d398c7d
Update logging sink to tf1.3 in resman modules
2022-11-11 19:22:05 +01:00
Aleksandr Averbukh
1419a04147
Update module readme
2022-11-08 18:17:05 +01:00
Aleksandr Averbukh
3562c52520
Add support for org policy custom constraints
2022-11-08 09:34:38 +01:00
Julio Castillo
4b278a1533
Update variable description
2022-11-03 12:35:50 +01:00
Julio Castillo
5b1873775a
Fix internal links
2022-11-03 12:14:47 +01:00
Julio Castillo
f64c43e893
Add org policy factory example
2022-11-03 12:12:50 +01:00
Julio Castillo
3e18575fad
Add factory support for new org policies
2022-11-03 11:41:53 +01:00
Ludovico Magnocavallo
8c51a2a386
Enable org policy service and add README notice to modules ( #936 )
...
* enable org policy service and add README notice to modules
* fix tests
2022-11-01 14:25:07 +01:00
Julio Castillo
b6c40dcdb3
Update readmes
2022-10-28 17:49:44 +02:00
Julio Castillo
c714952f39
Fix tests
2022-10-28 17:49:44 +02:00
Julio Castillo
ad420138ad
Fix readme examples
2022-10-28 17:49:44 +02:00
Julio Castillo
b23d07b0c6
Update project/folder/module to use new org policies API and tf1.3 optionals.
2022-10-28 17:49:44 +02:00
Julio Castillo
269894e92b
Update all internal links examples -> blueprints
2022-09-09 16:39:01 +02:00
Julio Castillo
a866182161
Test documentation examples in the examples/ folder
2022-09-06 17:46:09 +02:00
Julio Castillo
0bf1880431
Fix FAST audit logs when using pubsub as destination
...
This commit also splits each organization-level logging sink of type
`logging` to a separate logging bucket.
2022-06-10 12:25:26 +02:00
Ludovico Magnocavallo
0b5ed8b7ef
Add support for resource management tags and tag bindings ( #552 )
...
* organization module
* folder module
* project module
* fix project binding
* use id instead of name for references
* kms module
* compute-vm
* fix compute-vm
2022-02-20 11:14:18 +01:00
Julio Castillo
52c4b608c2
Rename tf files to use dashes
2022-02-04 08:45:49 +01:00
Simone Ruffilli
abb6b50a46
Add periods at the end of each description field where missing ( #478 )
2022-01-31 10:45:34 +01:00
Julio Castillo
e2abd772f2
Update resman modules ( #475 )
...
* Make logging sinks in different resources use the same API
* Split resman modules in multiple files. Add nullables where applicable
2022-01-29 19:35:33 +01:00
Julio Castillo
eb0ab2c1ec
Split organization module in files, add nullables
2022-01-29 10:55:47 +01:00
Julio Castillo
cf423998f0
Align tftest syntax with tdoc
...
This commit changes the token separator for inline examples from a
semicolon to a space
2022-01-28 21:34:15 +01:00
Ludovico Magnocavallo
1cc59a368d
Update README.md
2022-01-28 08:53:21 +01:00
apichick
6dbb7fc6b2
removed boolean flag used to authorize the sink writer identity on the destination
2022-01-27 17:44:27 +01:00
Julio Castillo
31f625f149
Link vars and outputs from README
2022-01-22 14:15:16 +01:00
apichick
5ac828dd85
replaced firewall_policy_attachments with firewall_policy_association in example
2022-01-19 20:55:55 +01:00
Julio Castillo
2728c4aac1
Fix all internal links
2022-01-11 11:53:19 +01:00
Julio Castillo
d4adcaced0
Fix typo.
2021-12-31 13:20:21 +01:00
Julio Castillo
f78902aee8
Update hierarchical firewall resource
...
This replaces all the `google_compute_organization_security_*`
resources with the newer `google_compute_firewall_*` resources.
2021-12-31 13:06:35 +01:00
Simone Ruffilli
640a5fe39c
Org/Folder: Allow for policy association when using rule factory ( #405 )
...
* Org/Folder: Allow for policy association when using rule factory
* Fix linting issue
2021-12-31 12:20:42 +01:00
Ludovico Magnocavallo
2bc5f7d33c
update tfdoc ( #404 )
2021-12-30 10:56:19 +01:00
Ludovico Magnocavallo
1ac3fe4460
New tfdoc version ( #396 )
...
* update tfdoc
* rewrite check docs, refactor tfdoc replace, regenerate modules READMEs
* remove dead code from check docs
* do not fail on missing variable files in check docs
* fix typos
2021-12-21 08:51:51 +01:00
Ludovico Magnocavallo
174de3a087
Organization module refactor, in-module firewall policy factory for organization and folder ( #385 )
...
* move iam and logging to separate files, minimal refactoring
* update README
* fix example
* factory
* tfdoc
* boilerplate
* remove data_folder variable
* tfdoc
* fix default factory name
* add firewall policy to folder module
* add factory example
2021-12-13 08:41:02 +01:00
lcaggio
546385d3ee
Add support for partitioned tables on Organization sinks ( #380 )
...
* Add support for partioned tables on Organization sinks
* Update changelog
* Fix lint
* Fix lint
* Use simple bool instead of block
* fix README
* Fix Readme
* Rename variable
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2021-12-09 09:55:47 +01:00
Ludovico Magnocavallo
dcb1e32097
update test params after README fix
2021-10-14 20:15:31 +02:00
Ludovico Magnocavallo
0f22bce9e2
Update README.md
2021-10-12 09:40:10 +02:00
Julio Castillo
a1152003c6
Output role information from organization module
2021-09-13 17:36:21 +02:00
Ludovico Magnocavallo
f8413cc98e
Add support for group-based IAM to resource management modules ( #229 )
...
* group_iam support for organization
* group_iam support for folder
* fix typo in variable description
* add group_iam to project module
* update project module README
2021-04-11 14:48:16 +02:00
Julio Castillo
7ca2e60399
Fix tests
2021-03-31 10:45:35 +02:00