525fc91d5c
Fixes/improvements to F5 HA blueprint ( #1882 )
...
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-11-23 16:15:47 +01:00
642f65b841
F5 blueprint ( #1787 )
...
---------
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-11-22 19:48:13 +01:00
9ff67fdaf0
Add DLP Service Agent role
2023-11-20 15:34:27 +01:00
543ea6e7f3
Fix/dlpagent ( #1868 )
...
Create DLP Service Account on service activation.
2023-11-20 14:11:01 +01:00
1f344b65e6
Net dash cfv2 ( #1859 )
...
* Handling SQL IP address issue
* reverting one change
* Improving this fix based on wiktor's feedback
* formatting
* Adding supporting for Cloud Function v2 (60 minutes timeout vs 9 minutes timeout)
* Removing useless comment
* formatting
* updating inputs/outputs documentation
* feedback from Julio
* formatting
* python formatting
* formatting
* formatting
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-11-16 14:45:44 +00:00
63f1dfb6de
end-to-end tests for Vertex blueprint
2023-11-15 11:04:12 +00:00
1c2f1c7b0d
Sql user features ( #1856 )
...
* added user type feature
* fix readme
* fix comment
* fix blueprint cloudsql users value + minor fix
* readme fix
* variables fix
* local var fix
* fix for in local var
* fix on readme
* fix intentations var in readme
* fix blueprint user quote
---------
Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
2023-11-13 10:27:14 +01:00
d07f8fd33d
Added CMEK for Secret auto managed ( #1739 )
...
Allow to specify custom KMS keys for Secret Manager secrets
2023-11-10 16:45:47 +01:00
82c74e4ab6
Dataproc module bug fix ( #1848 )
...
* bug fix
* bug fix
* fix dinamic for_each
---------
Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
2023-11-09 15:48:29 +00:00
03937f2b6e
Support multilevel data and allow overriding project id in project factory ( #1851 )
2023-11-09 08:29:46 +00:00
521b9c7ef2
Update README.md
2023-11-02 13:40:31 +01:00
c536e27945
Use CR IAM binding instead of IAM policy
2023-11-02 13:40:31 +01:00
8e76e5ee05
Group default URLs output
2023-11-02 13:40:31 +01:00
14cca9d1b5
Rename to ip_configs to follow same naming
2023-11-02 13:40:31 +01:00
21d997c00a
Refactor into image_configs variable
2023-11-02 13:40:31 +01:00
fd74562a41
Refactor into project_configs variable
2023-11-02 13:40:31 +01:00
2664161c24
Simplify #1836 fix, Avoid map-related casting errors in project factory
2023-11-02 09:12:38 +00:00
de0325b3a3
Avoid map-related casting errors in project factory ( #1836 )
...
* try to repro pf example error
* repro
* repro
* pf fix
* remove extra file
* FAST stage
2023-11-02 08:24:50 +01:00
a0ae43fc6f
[Minimal Data Platform] Fix Landing and curated IAM ( #1832 )
...
* Fix IAM on Minimal DP
* fix
2023-11-01 17:53:06 +01:00
d9589f56a1
Handling SQL IP address issue ( #1825 )
...
* Handling SQL IP address issue
* reverting one change
* Improving this fix based on wiktor's feedback
* formatting
2023-10-31 16:20:28 +01:00
28e5c4e2da
[net-address] enable ipv6 ( #1821 )
...
---------
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-10-31 16:20:28 +01:00
0ac7bc838f
Update README tests and tfdoc
2023-10-31 16:20:27 +01:00
2fb387bd8b
Simplify ip_ranges structure
2023-10-31 16:20:27 +01:00
4d388f0bc4
Add prefix to project names
2023-10-31 16:20:27 +01:00
d0d6a5cef4
Adapt projects structures
2023-10-31 16:20:27 +01:00
992cc902c6
Remove tester source code and point user to external repo
2023-10-31 16:20:27 +01:00
68dea5530a
Handling SQL IP address issue ( #1825 )
...
* Handling SQL IP address issue
* reverting one change
* Improving this fix based on wiktor's feedback
* formatting
2023-10-30 17:26:06 +01:00
7c6726e79b
[net-address] enable ipv6 ( #1821 )
...
---------
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-10-28 15:36:30 +02:00
acca97c831
License boilerplate
2023-10-27 11:33:50 +02:00
499cea3f35
Merge branch 'master' into jd/serverless-program
2023-10-27 11:17:30 +02:00
35c2a8e656
Add README content
2023-10-27 11:13:43 +02:00
ef115989dd
Fix formatting
2023-10-27 11:09:49 +02:00
877c7f4d98
Split resources in files for clarity
2023-10-27 10:47:32 +02:00
30d7126b83
Allow specifying arbitrary project roles for service accounts in project factory ( #1814 )
...
* allow specifying arbitrary project roles for service accounts in project factory
* tfdoc
2023-10-26 14:09:03 +00:00
0c86fe2774
Merge branch 'master' into jd/serverless-program
2023-10-26 09:32:42 +02:00
e80e292d7d
Use new version of vpc-network-tester
...
The code is a fork from the original at GoogleCloudPlatform, from:
https://github.com/willypalacin/vpc-network-tester/tree/main
2023-10-25 20:19:08 +02:00
09556aeb0e
Adapt naming to 'services'
2023-10-25 20:11:47 +02:00
4decc641bb
Stop wrapping yamldecode with try() ( #1812 )
2023-10-25 16:16:05 +02:00
e10aabdc22
Updating network dashboard: fixing Cloud SQL problem, fixing 1 metric… ( #1806 )
...
* Updating network dashboard: fixing Cloud SQL problem, fixing 1 metric issue in the dashboard, pausing for monitoring quota issues, if monitored folders and projects are empty, every project under the discovery root node will be monitored.
* formatting
* time optimization
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-10-25 10:37:25 +00:00
1ed48b556f
make extended shared vpc attributes optional in pf ( #1796 )
2023-10-23 13:45:48 +00:00
6d89b88149
versions.tf maintenance + copyright notice bump ( #1782 )
...
* Bump copyright notice to 2023
* Delete versions.tf on blueprints
* Pin provider to major version 5
* Remove comment
* Fix lint
* fix bq-ml blueprint readme
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-20 18:17:47 +02:00
6c48512f7e
[ #1764 ] net-lb-int: add support for dual stack and multiple forwarding rules
2023-10-17 09:30:34 +00:00
8ff40c2716
Fix Direct VPC Egress configuration
2023-10-16 19:16:35 +02:00
b30dfb050d
Cloud Run service using Direct VPC Egress
2023-10-16 18:06:23 +02:00
095c7bd59c
Fix subnet main var name
2023-10-16 12:21:32 +02:00
6d47ff9ed5
Output custom domain URL
2023-10-15 21:55:30 +02:00
4d5e676906
Use case with CR server in service project and an internal ALB
...
For now, using a VPC access connector. It will be replaced by
Direct VPC Egress
2023-10-15 21:42:54 +02:00
c8b75a77f8
Output server URL
2023-10-15 21:06:22 +02:00
447bc7fa0c
Use built vpc-network-tester as client image
2023-10-15 21:04:16 +02:00
72d74966d3
Add container image to use by the CR service client.
...
The code corresponds to vpc-network-tester, from:
https://github.com/GoogleCloudPlatform/vpc-network-tester/tree/main
I copied the code in the blueprint, and added resources to create a
repository in Artifact Registry and build and submit the image.
2023-10-15 20:12:56 +02:00
e4902a4dd4
Two CR services talking, initial commit
2023-10-15 13:20:02 +02:00
ca4d9af2e5
Bump golang.org/x/net ( #1748 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.7.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.7.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-12 05:41:40 +00:00
888e930464
Bump golang.org/x/net ( #1747 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.7.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.7.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-12 07:21:10 +02:00
dfc5023e0b
Make deletion protection consistent across all modules ( #1735 )
...
* Expose deletion_protection in GKE modules
* Make deletion protection consistent across all modules
* Add deletion_protection option to blueprints
* Fix blueprints tests
* Fix types
* Update READMEs
* Fix dp readme
* Fix cmek blueprint default deletion_protection
* Fix blueprints tests
2023-10-05 17:31:07 +02:00
de883957fe
Minimal Data Platform - Fix ( #1730 )
...
* Fix
* Fix README
* Fix data platform minimal tests
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-04 12:15:51 +02:00
6889f02954
Fix data platform roles ( #1725 )
...
* Fix Data Platform roles
* Fix README
* Fix blueprint tests
* Update cleanup dp steps
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-10-04 07:31:40 +02:00
4b15605711
Fix dnssec keys lookup ( #1728 )
...
* Fix dnssec keys lookup
* Fix DNS examples
* Fix FAST and blueprints resource counts
2023-10-03 21:37:21 +02:00
789328ff5a
Bump provider versions to v5.0.0 ( #1724 )
...
* bump provider versions to 5.0.0
* fix cloud run, logging and vpc-sc
* Fix secret manager
* fix gke nodepool
* fix gke multitenant stage and blueprint
* Moving alloydb module to experimental.
* Add project to bare resources in examples
* tfdoc
* fix svpc blueprint test
* Revert "fix svpc blueprint test"
This reverts commit 14f02659098070136e64ead600580dd52c23c339.
* Fix GKE peering project
* Disable tests in alloydb module
* Bring back secret ids in secret manager tests
* Remove duplicate key
* last push
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-03 12:15:36 +00:00
aa5d883deb
add support for org policies to project factory ( #1722 )
2023-10-02 14:13:56 +00:00
df5daab6cc
Allow using no service account in compute-vm ( #1692 )
...
* module and tests
* align blueprints
* tfdoc
* remove stale variables
* fix blueprint
* variable description
2023-09-19 16:56:51 +00:00
3618c9ebdd
Fix blueprints using pubsub
2023-09-17 00:21:57 +02:00
ad14a7d415
Update READMEs
2023-09-17 00:21:36 +02:00
9c878dc9cf
Fix tests for new KMS IAM interface
2023-09-17 00:21:36 +02:00
da883bab8c
Update kms module key-level IAM
2023-09-17 00:21:36 +02:00
6eb862a775
GKE cluster modules: add optional kube state metrics ( #1682 )
...
* `gke-cluster-standard`: add optional kube state metrics
* `gke-cluster-autopilot`: add optional kube state metrics
* FAST: add kube state metrics support for GKE
* blueprints/gke: add kube state metrics support
* Bump up the provider version to `v4.82.0`
2023-09-15 12:18:45 +01:00
f3be29cbc9
Fix tests
2023-09-15 00:27:55 +02:00
b3dc91b5cd
Upgrades to `monitoring_config` in `gke-cluster-*`, docs update, and cosmetics fixes to GKE cluster modules ( #1680 )
...
* gke-cluster-standard: upgrade `monitoring_config` to use object style. Add tests.
* gke-cluster-standard: update docs
* gke-cluster-autopilot: move gateway_api_config block (cosmetic change)
* gke-cluster-autopilot: update docs and fix typos
* Update blueprints due to `monitoring_config` changes in `gke-cluster-standard`.
* Update FAST due to `monitoring_config` changes in `gke-cluster-standard`.
* Update docs for affected blueprints and FAST stages
2023-09-14 23:25:57 +01:00
79723f9ce1
Add lineage on Minimal Data Platform blueprint ( #1679 )
...
Add lineage on Minimal Data Platform blueprint
2023-09-14 17:52:19 +02:00
c1be435b09
Fix range names definition of GKE clusters
...
Fixes #1677
2023-09-14 12:51:43 +02:00
fdb133f1de
Fixed, added back environments to each instance, that way we can also create instances for already existing environments
2023-09-13 14:43:37 +02:00
e141b86f79
merge labels from data_merges in project factory ( #1662 )
...
* merge labels from data_merges in project factory
* fix project factory test for labels
2023-09-08 10:27:46 +00:00
0e7cfc8b29
add AIRFLOW_VAR_ prefix to environment variables in data-platform blueprints ( #1651 )
...
* add AIRFLOW_VAR_ prefix to env vars in minimal blueprint
* update DAGs for env vars in minimal blueprint
* add AIRFLOW_VAR_ prefix to env vars in foundation blueprint
* update DAGs for env vars in foundation blueprint
* apply tf linting
---------
Co-authored-by: lcaggio <lorenzo.caggioni@gmail.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-09-08 07:38:28 +00:00
77c1e69666
New phpIPAM serverless third parties solution in blueprints ( #1642 )
...
* Added new phpIPAM serverless third parties solution in blueprints
* added jit to iap.googleapis.com service in project module
* updated tests
2023-09-07 15:30:22 +02:00
12e78af055
Fix project factory blueprint and fast stage ( #1654 )
2023-09-07 12:48:39 +00:00
3d4cc7164a
Bump provider version to 4.80.0
2023-09-05 09:48:15 +02:00
988fd2ee05
gke-cluster-standard: change logging configuration ( #1638 )
...
* Update logging configuration of this module to use object interface in harmony with `gke-cluster-autopilot` module.
* Update blueprints that use this module.
* Add "WORKLOADS" log source to logging configuration of the blueprints where the README files say so.
* Update FAST stage 3 because it uses this module.
2023-08-31 12:49:15 +01:00
b3e1e8e1ba
Delete blueprints/serverless/api-gateway directory
2023-08-29 11:48:13 +02:00
a7ec00acba
Delete API Gateway from serverless' README
2023-08-29 11:45:15 +02:00
6ce8fd6942
Delete API Gateway from blueprint's README
2023-08-29 11:40:31 +02:00
44c1cec041
Fix tests
2023-08-24 20:09:23 +02:00
91f71fef68
trap requests timeout error ( #1607 )
2023-08-21 18:37:54 +02:00
819894d2ba
IAM interface refactor ( #1595 )
...
* IAM modules refactor proposal
* policy
* subheading
* Update 20230816-iam-refactor.md
* log Julio's +1
* data-catalog-policy-tag
* dataproc
* dataproc
* folder
* folder
* folder
* folder
* project
* better filtering in test examples
* project
* folder
* folder
* organization
* fix variable descriptions
* kms
* net-vpc
* dataplex-datascan
* modules/iam-service-account
* modules/source-repository/
* blueprints/cloud-operations/vm-migration/
* blueprints/third-party-solutions/wordpress
* dataplex-datascan
* blueprints/cloud-operations/workload-identity-federation
* blueprints/data-solutions/cloudsql-multiregion/
* blueprints/data-solutions/composer-2
* Update 20230816-iam-refactor.md
* Update 20230816-iam-refactor.md
* capture discussion in architectural doc
* update variable names and refactor proposal
* project
* blueprints first round
* folder
* organization
* data-catalog-policy-tag
* re-enable folder inventory
* project module style fix
* dataproc
* source-repository
* source-repository tests
* dataplex-datascan
* dataplex-datascan tests
* net-vpc
* net-vpc test examples
* iam-service-account
* iam-service-account test examples
* kms
* boilerplate
* tfdoc
* fix module tests
* more blueprint fixes
* fix typo in data blueprints
* incomplete refactor of data platform foundations
* tfdoc
* data platform foundation
* refactor data platform foundation iam locals
* remove redundant example test
* shielded folder fix
* fix typo
* project factory
* project factory outputs
* tfdoc
* test workflow: less verbose tests, fix tf version
* re-enable -vv, shorter traceback, fix action version
* ignore github extension warning, re-enable action version
* fast bootstrap IAM, untested
* bootstrap stage IAM fixes
* stage 0 tests
* fast stage 1
* tenant stage 1
* minor changes to fast stage 0 and 1
* fast security stage
* fast mt stage 0
* fast mt stage 0
* fast pf
2023-08-20 09:44:20 +02:00
ea0de3adbb
Fixing some typos
2023-08-18 05:51:00 +00:00
79373721df
Remove firewall policy management from resource management modules ( #1581 )
...
* rename firewall policy module, fix outputs
* add TOC to firewall policy module
* don't depend policy on parent id
* remove firewall policy from resource management modules
* remove factory conditionals
* fast net a and b
* fast stages
* fast tfdoc
* fast tfdoc
* remove unused test
* fix shielded folder blueprint
* fix shielded folder blueprint
2023-08-09 11:23:07 +00:00
6a13742e3c
Apigee addons
2023-08-09 08:12:06 +02:00
dd3a298892
Moved allow_net_admin to enable_features flag. Bumped provider version to 4.76
2023-08-07 14:27:20 +01:00
182ce27143
Add information about required groups
2023-08-06 20:27:59 +02:00
9c75aa469c
More module descriptions ( #1572 )
...
* bigquery dataset
* data catalog policy tag
* net-address
* fix data catalog callers
* bigquery dataset views
* fix data catalog callers
* logging bucket
* net vpn ha
2023-08-06 09:25:45 +00:00
fa34499767
Removed unused attribute in variable of ha-vpn-over-blueprint blueprint
2023-08-02 13:02:17 +02:00
a2eddd0be0
Fixed Cloud Build default bucket name and vpc/subnet names ( #1548 )
2023-07-31 12:52:36 +02:00
b524aa137c
Peering module refactor ( #1547 )
...
* refactor net-vpc-peering module
* hub and spoke peering blueprint
* fast stages
* boilerplate
* fast tfdoc
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-07-29 21:33:57 +02:00
4998f1d376
Grant IAM rights to service identities in host project ( #1542 )
...
* [module/project] Grant IAM rights to service identities based on used services in host project
* [blueprints/factories/project-factory] enable granting IAM permissions in host VPC for service identities directly or by specifying services in use
2023-07-29 20:07:21 +02:00
5a534edf5c
update and refactor artifact registry module ( #1536 )
2023-07-28 09:54:36 +00:00
009c6d0f93
Make demo pipeline append into BQ tables ( #1533 )
2023-07-27 11:38:00 -04:00
cacb0c02e2
Refactoring of dns module
2023-07-19 12:57:44 +02:00
69028a801e
Bump semver in /blueprints/serverless/api-gateway/function ( #1504 )
...
Bumps [semver](https://github.com/npm/node-semver ) from 5.7.1 to 5.7.2.
- [Release notes](https://github.com/npm/node-semver/releases )
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md )
- [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2 )
---
updated-dependencies:
- dependency-name: semver
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-13 08:05:52 +02:00
b79261dfa5
Fix in nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg blueprint
2023-07-11 11:46:53 +02:00
0b224a7f55
Return only bucket name of composer, not full url to dags folder
2023-07-10 11:20:51 +02:00
d9f7cef1e7
allow using a separate resource for boot disk ( #1496 )
2023-07-07 15:40:13 +00:00
0bc6dffce0
Fix and improve quota monitor blueprint ( #1488 )
...
* quota monitoring blueprint fixes
* wip
* wip
* quota
* improvements
* improve variables
* refactor http code
* fix http post
* improve logging
* fix project creation, improve readme
* fix test
* Update main.py
* remove unneeded constant
* exit with http error message instead of json when failing to decode api response
* actually do what previous commit wanted :)
* nits
2023-07-03 09:23:49 +02:00
Luca Prete
Wiktor Niesiobędzki
ddaluka
Aurélien Legrand
Francesco Spinelli
luigi-bitonti
Ludovico Magnocavallo
Julio Diez
lcaggio
Simone Ruffilli
dependabot[bot]
Julio Castillo
Oliver Frolovs
Miren Esnaola
Pierre Formont
Pierre Formont
simonebruzzechesse
Alejandro Leal
Eunan Hardy
javiergp
Daniel De Leo