* Add IAM at tag level
* Fix README
* Readable variable names.
* Single tag variable.
* Fix README.
* Add Tags nullable condition.
* Update role in the example.
* GKE Hub initial PR commit
* variable management adjust
* comments, fixes and alphabetically ordered variables
* Update README.md
* Update README.md
* Update README.md
* fix test
* resources vs modules
still needs some love
* remove modules usage
* comments, readme update and output
* adjusting outputs and README
* fix README.md
* fix README
* adjusted based on comments
still need some love in the google_gke_hub_feature_membership variables management
* types and variable management
* optionally enable required api
* Update README.md
* reorder locals and use standard formatting
* Don't enable services from modules
* Use self links for member clusters
* Update readme
* members_clusters back to map
@juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too.
* Forcing null feature to false due to a bug in provider
If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow
* Readme update
* Readme.md update
* Update README.md
* bring back tolist, WIP
* Update main.tf
* Readme.md update
* Update README.md
* Update main.tf
* Update main.tf
* Add id and self_links output to gke-cluster
* Use try and make all member feature blocks dynamic/optional
* Change member clusters to map
* Add gke-hub tests
* Address PR comments
* Update gke-hub readme
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* Networking with peering - initial commit
* README and tests
* Linter fixes
* Linter fixes
* Linter fixes
* Update README.md
* split out vpn/peering in separate files so the rest is identical
* fix dns for vpn and peering
* update tfdoc to support multiple outputs/variables files
* add peering variables
* update tfdoc for modules
* make it easier to spot errored docs
* fix doc
* yapf
* fix permadiff in firewall module source ranges
* FAST: Networking: DNS Fixes
* FAST: ability to toggle on-prem vpn creation
* FAST: fix outputs
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* added iot-core module folder
* modified iot core readme file
* added initial version of the IoT Platform terraform files
* añadido detalles en README
* Update README.md
fix markup issue
* Update README.md
modified input/output
* deleted provider from main and module services
* pub_sub topic ids used in the registry instead of creating new ones
* variable extra_telemetry_pub_sub_topic_ids modified as default
* included data platform integration use case in the doc
* devices config moved to yaml file
* included example to create device certificates
* added HCL and #tftest to README. Moved project/region to variables
* solved bug with no optional variables for extra topics or devices yaml
* solved bug with no optional variables for extra topics or devices yaml
* added example to send MQTT telemetry to IoT Platform
* modified doc on Data Platform integration
* included diagram
* added Registry / Device creation default configuration into variables. Deleted exammple devices yaml file. Corrected module source path
* solved comments in PR
* applied terraform fmt
* solved bug in boolean (bool) variable
* updated variables in doc
* updated output variable name
* updated #tftest:skip on examples as using yaml input makes resources number variable
* Update README.md
modified input/output
* pub_sub topic ids used in the registry instead of creating new ones
* variable extra_telemetry_pub_sub_topic_ids modified as default
* included data platform integration use case in the doc
* devices config moved to yaml file
* included example to create device certificates
* added HCL and #tftest to README. Moved project/region to variables
* solved bug with no optional variables for extra topics or devices yaml
* solved bug with no optional variables for extra topics or devices yaml
* added example to send MQTT telemetry to IoT Platform
* modified doc on Data Platform integration
* included diagram
* added Registry / Device creation default configuration into variables. Deleted exammple devices yaml file. Corrected module source path
* solved comments in PR
* applied terraform fmt
* solved bug in boolean (bool) variable
* updated variables in doc
* Updated diagram and documentation for decentralized firewall.
* Fixed error with VPC connector. Count was referring to resource attributes that weren't known until after the configuration was applied
* Added Cloud Foundation Fabric logos. (#363)
* Create README.md
* Add logo to readme file
* exclusions for audit in locals in logging_sinks.audit-logs now
* style fix (whitespaces)
* Added dynamic block for dns_cache_config
* Fixed boolean variable condition
* Adding Apigee Environments as output for apigee-organization module
* small var conditional fix
* Added GKE pubsub notifications
* Default creation false
* Updated variable default value
* removed extra lines
* defaulted to false and conditional output
* depend log sinks from IAM roles, fixes#371
* Update README.md
* [#374] Add taint when Windows node pools are created to match the one GKE implicitly adds
* Update README.md
Fixes out of date link on the module usage example
* Update README.md - fixed broken link
* Added subnet id and self_link to outputs (#377)
Adjusted module outputs so that it's easier to consume them when using the factory in a larger codebase.
* net-vpc module: added subnet mini-factory
* Update README.md
* Code cleanup
* Adds support for IAM per-subnet IAM bindings via factory
* Gracefully handle a null secondary_ip_range
* Updated README.md. Added tests.
* Added license boilerplate to subnet yaml data in tests
* Update README.md
* Update README.md
* Removed dead code
* net-vpc-firewall mini rules-factory
* Paying tributes to the linting gods
* Fixed small bug on locals
* Tests for net-vpc-firewall module
* Update CHANGELOG.md
* refactor locals (#382)
* Add support for partitioned tables on Organization sinks (#380)
* Add support for partioned tables on Organization sinks
* Update changelog
* Fix lint
* Fix lint
* Use simple bool instead of block
* fix README
* Fix Readme
* Rename variable
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Improve PSN support in net-vpc module (#384)
* improve PSN support
* fix variable order
* fix example test
* fix cloudsql example
* Update CHANGELOG.md
* Update CHANGELOG.md
* Update CHANGELOG.md
* Remove location from local.prefix
* Organization module refactor, in-module firewall policy factory for organization and folder (#385)
* move iam and logging to separate files, minimal refactoring
* update README
* fix example
* factory
* tfdoc
* boilerplate
* remove data_folder variable
* tfdoc
* fix default factory name
* add firewall policy to folder module
* add factory example
* Update CHANGELOG.md
* Fix VPC-SC module, add example (#387)
* Update CONTRIBUTING.md
Suggest change of wording related to `terraform format`: should be done from the top, recursively, and after `pytest` step, because fixtures are also going to be checked for linting during PR.
* Add target_node and minor fixes (#389)
* Add separate BQ tables per asset type
* Add missing BQ location
* Add missing CF region
* Change Scheduler job to non-generic
* Add target_node, pass tests
* Do tfdoc.py
* Do terraform fmt
* Do terraform fmt -recursive for tests' fixtures
* Fix typo in test's variables
* Added support for Stateful Managed Instance Groups (#367)
* First iteration updates
* All tests passing
* Updated README and var descriptions
* Updated README
* Updated example README
* Consolidated stateful vars
* consolidated stateful vars
* Updated README
* Requested changes to try
* Fixed README examples and try
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* SA key uploading and credentials json generation with terraform.
* Fix typo in the SA module readme
* TF fmt
* Update iam-sa docs
* Finalize onprem-sa-ket-mgmt example
* Add basic test for onprem-sa-mgmt example
* Refactoring
* Reorder variables
* Rewording, fix typos
* Bump tftest version
Bump tftest version to 1.6.1 and ensure test runners can update
providers if needed and available.
* Add bq_table_overwrite handling
* Add optional BQ table as a file export config
* Add getattr() to retrieve attribute from format
* Add roles/bigquery.jobUser for CF
* Update test_plan and README
* Change README, add diagram ( gcpdraw a6e4ec4f-7d6c-4796-b63e-ee4ce7b1792f )
* Change README to two diagrams
* Add count to toggle optional modules
* Change README
* Resolve order of variables test
* Linux sysctls configuration and Kubelet config (#388)
* Linux sysctls configuration and Kubelet config
* Fix terraform linting issues
* Updated README.md
* Updated Kubelet config object type
* Update readme
Co-authored-by: Sergio Tejón <stejon@freepik.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* net-address: Added support for PSA ranges
* Update outputs.tf
* Fixes typo
* Resolved merge conflict
* Update CHANGELOG.md
* Add metric scopes support (#397)
* Add metric scopes support
* Fix typo
* new tfdoc block in README
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* fix tfdoc replacement (#398)
* Update CHANGELOG.md
* Ludo hfw fixes (#400)
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes#339
* Update CHANGELOG.md
* Fix ignore changes for hfw rules (#401)
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes#339
* fix ignore changes in org and folder module
* Update CHANGELOG.md
* update documentation check
* backport tfdoc and check doc fixes
* Re-run pydoc
* Redo pydoc + local linting checks
* update tfdoc (#404)
* Org/Folder: Allow for policy association when using rule factory (#405)
* Org/Folder: Allow for policy association when using rule factory
* Fix linting issue
* Update hierarchical firewall resource
This replaces all the `google_compute_organization_security_*`
resources with the newer `google_compute_firewall_*` resources.
* Fix typo.
* Update CHANGELOG.md
* Typo fix
* New vpc-sc module implementation (#406)
* first implementation
* minimal output
* split service perimeters in regular and bridge
* tests and fixes
* new vpc-sc implementation
* remove providers file used for testing
* remove provider used during development
* Update CHANGELOG.md
* Update CHANGELOG.md
* Update README.md
* fix cases where bridge perimeter status resources are null (#408)
* Update CHANGELOG.md
* Copyright bump (#410)
* remove lifecycle block from vpc sc perimeters (#412)
* Update CHANGELOG.md
* Update CHANGELOG.md
* Interpolate access levels by key in vpc sc module (#414)
* interpolate access levels by key
* fix access level reference
* fix num resources in last README test
* Update CHANGELOG.md
* fix ingress policies in vpc sc module
* disable device policy support in vpc-sc module
* depend bridge from regular perimeters in vpc sc module
* Update CONTRIBUTING.md
* add versions to vpc-sc module
* Update CONTRIBUTING.md
* updated output variable name
* updated #tftest:skip on examples as using yaml input makes resources number variable
* changed pub_sub to pubsub
* unified protocol input variable
* changed extra_telemetry_pubsub_topic_ids variable type to: map
* solved issue in README.md
* grouped device configuration variables
* device config is now done individually per each device in the yaml file
* changes on device config yaml processing: 1 single yaml directory, use try() while parsing, example identation corrected
* updated headers to 2022
* removed get-pip.py
* Add ip_range variable for apigee-x-instance module
* Add variable definition and validation for ip_range
* Update the validation rule for ip_range variable
* Updated modules README to include details around module versioning and how to best use the modules
* Update README.md
Co-authored-by: apichick <apichick@google.com>
Co-authored-by: Ludovico Magnocavallo <ludo@qix.it>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* add support for in-doc tfdoc options overrides
* clean up project module
* add file description tags
* only output module and resource columns in tfdoc file table if they exist
* update fast READMEs
* fix check docs
* Support services that require crypto/decrypt role on robot service accounts
* delete test and upload refactored implementation
* fix duplicate key on dependent services, add tests
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* first implementation
* minimal output
* split service perimeters in regular and bridge
* tests and fixes
* new vpc-sc implementation
* remove providers file used for testing
* remove provider used during development
* First iteration updates
* All tests passing
* Updated README and var descriptions
* Updated README
* Updated example README
* Consolidated stateful vars
* consolidated stateful vars
* Updated README
* Requested changes to try
* Fixed README examples and try
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Added GCS notification support
* fixed notification output indices
* merged vars and added more conditional validation
* Terraform linting
* Added sa_email serviceAccount variable
* Fixed bool check and use try in notification var
* Fixed typo source path example block
* Fixed assert number tftest gcs example
- Ensure all variables and outputs are sorted
- Ensure all variables and outputs have a description
- Add data-solutions/data-platform-foundations to linter
Fix all modules to follow these new conventions.
* refactor module and fix tests
* account for wildcard records
* account for empty recordset names
* align tests
* align networking end to end examples
* fix behaviour with wildcard and empty names
* Update main.tf
* fix dumb online edit :)
* Updated README.md for net-vpc module
Added a recommendation to avoid setting up shared vpcs using the module for prod usage.
* Update README.md
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
- Upgrade to latest terraform version (1.0.4)
- Remove tflint from linting pipeline (was not doing anything)
- Add terraform fmt check to linting pipeline
- Pass all code through terraform fmt
Generate the service account output statically based on the service
account name and parent project. This allows, among other things, to use
service accounts as map keys (e.g. to be used in the `iam` argument in
other modules).
* Add support for lifecycle_rule in gcs module (#288)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* fix docs
* rename unrelated interconnect module tests
* fix doc example test
Co-authored-by: iury <1934268+IuryAlves@users.noreply.github.com>
* add new variable for flexibility between project id & name
* remove random feature & use new variable
* remove project_id variable & use local descriptive name variable
* fix bad project_id output & avoid confusing name
* update readme
* Update main.tf
Co-authored-by: slaheddine_bejaoui.ext <slaheddine_bejaoui.ext@orange.com>
Co-authored-by: Ludovico Magnocavallo <ludo@qix.it>
* Add Asset Inventory API to project module
* Create feed from terraform in CAI example
* Fix tests
* sort services
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Dataplane V2 integration
* Moving enable_dataplane_v2 outside addons
* Fixing enable_dataplane_v2 position and default value
* Fix README with default value
* Removing enable_dataplane_v2 from addons
* Adding standalone Dataplane V2 Example
* Added a dynamic CORS block for gcs module. Changed main.tf and variables.tf
* Updated the README for the CORS block
* Ran tfdoc for /modules/gcs/README.md
Co-authored-by: Chinmay Dorlikar <chinmay.dorlikar@quantiphi.com>
* group_iam support for organization
* group_iam support for folder
* fix typo in variable description
* add group_iam to project module
* update project module README
* Add VPC-SC support for Regions, device policy and access policy dependency.
* fix compute mig module test
* Fixes
* Fix example
* Add VPC-SC support in the project module.
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Add VPC-SC support for Regions, device policy and access policy dependency.
* fix compute mig module test
* Fixes
* Fix example
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* New Cloud Identity module
* Add tests to cloud-identity-group module
* Fix boilerplate
* Fix outputs
* Remove support for creating managers and admins
* Update cloud-identity-group README
* Small fix to cloud-identity-group README
* initial untested support for repd in compute-vm
* fix repd reference in instance disks
* add support for snapshot source, change disk variable
* fix attach existing disk to instance
* fix examples, add documentation on disk sources
* fix attaching disk for instance templates, add examples
* fix data e2e examples
* update vars table in README
* remove sensitive attribute from VPN modules key output
* fix type error in service account example
* update CI Terraform version
* update VPN modules docs
* require version in compute mig module
* require version in compute mig module for scaling_schedules
* update compute mig test, move provider version requirement in fixture
* Add sink support to folder module
* Make folder creation optional.
* Add logging sinks to the organization module
* Add logging sink support to project module
* Update readme
* Adding node taints on gke nodepool. Automatic transformation via local variables from list(string) to the map google provider expects.
* Fixing readme with tfdoc.py
Ludovico Magnocavallo
apichick
Daniel Marzini
Luca Prete
lcaggio
Aleksandr Averbukh
Julio Castillo
Andrea Gandolfi
Simone Ruffilli
John Tracy
apichick
Antonio Lopez
Daniel Marzini
Saurabh Shivgunde
Caio Tavares
Simone Ruffilli
Roberto Jung Drebes
yuryninog
sergiotejon
Stenio Ferreira
lcaggio
Yury Nino
caiotavaresdito
Daniel Strebel
Andras Gyomrey
Christopher Avila
Taneli Leppä
Julio Castillo
Noah Dungey
vanessabodard-voi
sly92
dsiviglia
Chinmay Dorlikar
Aurélien Legrand
Roberto Jung Drebes
Andras Gyömrey
nikever
Samuele Chiocca