f19ab4872f
Embed subnet-level IAM in the variables controlling creation of subnets
...
This moves the top-level `iam`, `iam_bindings` and
`iam_bindings_additive` variables into subnet-level attributes. This
change also allows setting permissions to PSC or proxy-only subnets
As part of this change, the factory interface is more aligned with the
rest of the modules using a `factories_config` variable. In the future
we can add a cidrs template similar to the firewall policy module
2023-09-15 00:27:55 +02:00
b3dc91b5cd
Upgrades to `monitoring_config` in `gke-cluster-*`, docs update, and cosmetics fixes to GKE cluster modules ( #1680 )
...
* gke-cluster-standard: upgrade `monitoring_config` to use object style. Add tests.
* gke-cluster-standard: update docs
* gke-cluster-autopilot: move gateway_api_config block (cosmetic change)
* gke-cluster-autopilot: update docs and fix typos
* Update blueprints due to `monitoring_config` changes in `gke-cluster-standard`.
* Update FAST due to `monitoring_config` changes in `gke-cluster-standard`.
* Update docs for affected blueprints and FAST stages
2023-09-14 23:25:57 +01:00
1caf394661
Add example reserving blocks with cluster creation
2023-09-14 13:08:43 +02:00
433a0f0541
Update readmes
2023-09-14 12:57:41 +02:00
94e99fe339
Fix formatting
2023-09-14 12:56:17 +02:00
7516a778ed
Remove useless try()
2023-09-14 12:52:43 +02:00
c1be435b09
Fix range names definition of GKE clusters
...
Fixes #1677
2023-09-14 12:51:43 +02:00
05c0195a06
GKE Autopilot module: add network tags ( #1675 )
...
* gke-cluster-autopilot: add support for network tags
* gke-cluster-autopilot: add validation for network tags
* gke-cluster-autopilot: expand README and fix some typos
* gke-cluster-autopilot: fix Cloud DNS section in README
Removed a reference to Standard clusters and updated the section to include a warning because the new versions of Autopilot clusters can only use Cloud DNS and it is pre-configured by default so the example in the README does not apply to them.
* gke-cluster-autopilot: cosmetic fixes in README
* gke-cluster-autopilot: rollback validation on network tags var
* gke-cluster-autopilot: rollback docs string update for network tags var
* gke-cluster-autopilot: rollback some updates to README
* gke-cluster-autopilot: remove dead code
* gke-cluster-autopilot: add a tftest for network tags
* gke-cluster-autopilot: fix a tftest
2023-09-14 09:34:51 +00:00
819b4aab5c
fixed up nit from PR 1666
2023-09-14 13:15:00 +10:00
66416ac5f1
Merge branch 'master' into luigi-bitonti/pubsub-gcs-feature
2023-09-13 21:23:10 +02:00
4f5852d3a7
Ran fmt
2023-09-13 19:53:05 +02:00
6d4060f0aa
Fixed typo
2023-09-13 15:59:04 +02:00
008abe4ddc
Merge branch 'master' into apigee-module-fix
2023-09-13 15:25:51 +02:00
f5b657df54
Merge branch 'master' into luigi-bitonti/pubsub-gcs-feature
2023-09-13 15:18:45 +02:00
f2fc67d72d
Added possibility to use gcs push endpoint on pubsub subscription
2023-09-13 15:13:13 +02:00
fdb133f1de
Fixed, added back environments to each instance, that way we can also create instances for already existing environments
2023-09-13 14:43:37 +02:00
ced8e498f8
terraform fmt
2023-09-13 16:58:50 +10:00
09e6e8f4d2
created passing test, fixed logic
2023-09-13 16:49:14 +10:00
83221c16a5
Merge branch 'global_managed_proxy_support' of https://github.com/dgulli/cloud-foundation-fabric into global_managed_proxy_support
2023-09-13 14:11:11 +10:00
3d39a3ecf1
fixed up logic.
2023-09-13 14:11:09 +10:00
f5b9f08183
Merge branch 'master' into global_managed_proxy_support
2023-09-13 05:45:52 +02:00
e9801979a4
Merge branch 'master' into net-vlan-attachment-fix
2023-09-12 14:58:16 +02:00
b512650ad2
fix(compute-mig): add correct type optionality for metrics in autosca… ( #1668 )
...
* fix(compute-mig): add correct type optionality for metrics in autoscaler_config
* feat(compute-mig): regenerate readme via tfdoc
* fix(compute-mig): linting
* fix(compute-mig): attempt #2 at fixing linting error
* fix(compute-mig): tfdoc --no-files
2023-09-12 13:58:09 +02:00
0019328bb4
Fix for partner interconnect, the router interface and the BGP peers are automatically created
2023-09-12 13:02:28 +02:00
3479c40735
fixing tests
2023-09-12 15:53:28 +10:00
9498e740dc
Merge branch 'global_managed_proxy_support' of https://github.com/dgulli/cloud-foundation-fabric into global_managed_proxy_support
2023-09-12 15:01:01 +10:00
5f2bc7fa92
refactored to recommended method
2023-09-12 14:58:49 +10:00
1092f181bd
Merge branch 'master' into global_managed_proxy_support
2023-09-12 12:08:56 +10:00
f225b60b0e
fix(compute-mig): add mode property to compute_region_autoscaler ( #1667 )
...
* fix(compute-mig): add mode property to compute_region_autoscaler
* fix(compute-mig): add mode property to zonal mig
2023-09-11 13:25:31 +02:00
db5030e93f
adding test
2023-09-11 21:08:55 +10:00
3208bcd9d5
matched the period
2023-09-11 20:50:18 +10:00
f76d8fcb52
fixed period
2023-09-11 20:48:26 +10:00
dac76a900b
fixed references
2023-09-11 20:47:05 +10:00
adff09aa24
linting error
2023-09-11 20:45:32 +10:00
c1b52b300c
trying to fix linting
2023-09-11 20:41:25 +10:00
7e0827db53
re-ordered variables per lint error
2023-09-11 20:33:08 +10:00
e1aff29d5c
linting again
2023-09-11 20:30:11 +10:00
3cfabb32c5
fixed linter
2023-09-11 20:29:08 +10:00
3c0391db5c
slight change to readme thanks to tfdoc
2023-09-11 20:24:06 +10:00
8c264da200
small commits to add variables, append tests
2023-09-11 20:14:17 +10:00
a18071ed36
updated for global managed proxy
2023-09-11 17:42:34 +10:00
b49984e1b9
added support for global proxy only subnets
2023-09-11 16:56:09 +10:00
ec3b705f53
Change type of `iam_bindings` variable to allow multiple conditional bindings ( #1658 )
...
* modules
* fast
* dns readme
2023-09-08 08:56:31 +02:00
a6230d2b11
Merge branch 'master' into jccb/apigee-fixes
2023-09-07 16:34:45 +02:00
77c1e69666
New phpIPAM serverless third parties solution in blueprints ( #1642 )
...
* Added new phpIPAM serverless third parties solution in blueprints
* added jit to iap.googleapis.com service in project module
* updated tests
2023-09-07 15:30:22 +02:00
3e069ea16a
changed from merge to length-based if statement
2023-09-07 08:26:40 -04:00
b98537689c
add tests and update readme for apigee psc peering
2023-09-07 16:55:16 +05:30
34b37a0dc2
Remove unneeded try
2023-09-07 12:09:42 +02:00
46f4d22c87
Examples and tests
2023-09-07 11:31:40 +02:00
d7dcec3389
Fix error message
2023-09-07 10:52:30 +02:00
0822531b78
Allow creating organizations/instances without VPC Peering
2023-09-07 10:51:43 +02:00
6f5a6aa06d
Allow user to override instance names
2023-09-07 09:05:49 +02:00
3941129a68
still testing
2023-09-06 17:12:31 -04:00
822dfc0110
replaced coalesce with merge
2023-09-06 17:08:39 -04:00
35ff529b9c
swapping coalesce variables for test
2023-09-06 17:02:04 -04:00
b4979fd451
Added coalesce to local variable and to the attachment resource
2023-09-06 16:59:30 -04:00
e64cd90d4c
just trying the old way first
2023-09-06 15:29:25 -04:00
c1c99a0a79
back to coalesce
2023-09-06 14:54:30 -04:00
c32e2763f0
Changed instance loop to a coalescelist function
2023-09-06 14:30:43 -04:00
7ceaf9b513
Added environments back to instances variable
2023-09-06 13:58:41 -04:00
401c3478ea
Fixed copy/paste error from earlier commit
2023-09-06 13:48:38 -04:00
46be7c0c1d
Added original attachment loop block as local for backwards compatibility
2023-09-06 13:25:58 -04:00
a6640e5959
Make net-vpc variables nullable
2023-09-06 09:57:34 +02:00
7acb4966b2
Added optional name value to instances variable and added it to the instance resource
2023-09-05 17:23:45 -04:00
3d4cc7164a
Bump provider version to 4.80.0
2023-09-05 09:48:15 +02:00
9f23d504ec
gke-cluster-autopilot: add monitoring configuration ( #1646 )
...
* gke-cluster-autopilot: add monitoring configuration block (monitoring_config)
2023-09-04 16:43:59 +01:00
42ebbccad9
gke-cluster-autopilot: validation for release_channel ( #1645 )
2023-09-03 00:37:49 +00:00
988fd2ee05
gke-cluster-standard: change logging configuration ( #1638 )
...
* Update logging configuration of this module to use object interface in harmony with `gke-cluster-autopilot` module.
* Update blueprints that use this module.
* Add "WORKLOADS" log source to logging configuration of the blueprints where the README files say so.
* Update FAST stage 3 because it uses this module.
2023-08-31 12:49:15 +01:00
80e85ad343
gke-cluster-autopilot: add logging configuration ( #1625 )
...
Although one cannot disable Cloud Logging and Cloud Monitoring integration in GKE Autopilot clusters, one has some flexibility over which control plane components' logs should be ingested. This commit adds a new variable and a block to the cluster resource to facilitate that.
* gke-cluster-autopilot: update logging configuration and add an example to module README
2023-08-31 12:06:57 +01:00
b784e85c60
Regenerated cloud run README tables with tfdoc.py
...
Updated documentation with tfdoc.py
2023-08-30 12:16:21 +01:00
a4dfd7f201
fixed grcp to grpc typo in cloud run module
2023-08-30 11:04:10 +01:00
c558d9b753
Vpc sc allow null for identity type ( #1632 )
...
* vpc-sc : allow null for identity_type
* cloudsql-instance : fmt
* vpc-sc: tfdoc
* modules/vpc-sc: update the test result for the identity_type field
* cloudsql-instance: remove empty line
2023-08-29 04:28:57 +02:00
9d0fd744a8
Do not set default ASN number ( #1633 )
2023-08-28 15:06:31 +00:00
9eb768357e
Switch to count
2023-08-28 16:00:48 +02:00
04721a35ef
Allow single hfw policy association in folder and organization modules
2023-08-28 16:00:48 +02:00
ce96ac31e7
[Fix] Add explicit dependency between CR peers and NCC RA spoke creation ( #1630 )
2023-08-28 15:50:46 +02:00
befbd190a3
Cloud SQL activation policy selectable ( #1613 )
...
* Update main.tf
added activation policy
* Update variables.tf
added activation_policy variable defaulted as ALWAYS for non regression
* corrections requested by @juliocc
* Regeneration of README.md on cloudsql-instance mod
* terraform fmt changes
* bug correctionand activation_policy on replicas
* activation_policy description change and README.md
* Bug correction
2023-08-25 12:12:08 +02:00
44c1cec041
Fix tests
2023-08-24 20:09:23 +02:00
25aa29e463
Merge remote-tracking branch 'origin/master' into billabongrob/add-nat
2023-08-24 19:52:06 +02:00
9188603365
Update key name
2023-08-24 19:46:39 +02:00
d50355b01a
Only create nat IP when requested
2023-08-24 19:42:20 +02:00
67c2597bcc
Fix output order
2023-08-24 19:38:44 +02:00
add1ac2dcc
Update README
2023-08-24 19:36:42 +02:00
57d5e05d69
Merge branch 'master' into richard/nfw-policy-remove-match-var-validation
2023-08-24 19:29:13 +02:00
bff5e46460
Fix apigee instance nat
2023-08-24 19:27:34 +02:00
3fdf0dfe99
Make apigee variables non-nullable
2023-08-24 18:15:15 +02:00
6c33d34c28
Adding support for NAT in Apigee
2023-08-24 09:36:15 -05:00
10aeb6615a
readme update
2023-08-24 20:01:47 +10:00
d36c53bbae
Update README.md
2023-08-24 11:29:03 +02:00
35aae372b2
remove existing validation
2023-08-24 19:06:43 +10:00
2f4b141d7a
switch default behaviour for ingress
2023-08-23 21:17:47 +10:00
def012d32e
customisable rule action
2023-08-23 21:08:23 +10:00
18af929331
add name to factory rules
2023-08-23 20:58:07 +10:00
4885b8a7f9
objects non-nullable
2023-08-22 09:40:50 -06:00
9a0f9f607f
objects output
2023-08-22 09:35:39 -06:00
2f3d29395f
remove validation
2023-08-22 09:09:37 -06:00
95a0c76b18
Merge branch 'master' into ehorning/support-gcs-object-upload
2023-08-22 09:48:32 +02:00
ff8eef6a6f
use cloud run bindings for cf v2 invoker role, refactor iam handling in cf v2 and cloud run ( #1609 )
2023-08-22 07:23:49 +00:00
33d51dbee4
Merge branch 'master' into ehorning/support-gcs-object-upload
2023-08-21 16:36:35 -06:00
6f1f6f5085
add additional parameters
2023-08-21 16:35:47 -06:00
49a4550b5d
Merge branch 'master' into elia-gcve
2023-08-21 08:44:37 +02:00
0d17af7967
Update 20230816-iam-refactor.md
2023-08-21 07:11:24 +02:00
e7eeed12f8
Update 20230816-iam-refactor.md
2023-08-21 07:10:29 +02:00
63b0480499
Update 20230816-iam-refactor.md
2023-08-21 07:09:54 +02:00
e43be5b387
Update README.md
2023-08-21 07:01:06 +02:00
5cb4accbd0
Merge branch 'master' into elia-gcve
2023-08-20 10:19:14 +02:00
819894d2ba
IAM interface refactor ( #1595 )
...
* IAM modules refactor proposal
* policy
* subheading
* Update 20230816-iam-refactor.md
* log Julio's +1
* data-catalog-policy-tag
* dataproc
* dataproc
* folder
* folder
* folder
* folder
* project
* better filtering in test examples
* project
* folder
* folder
* organization
* fix variable descriptions
* kms
* net-vpc
* dataplex-datascan
* modules/iam-service-account
* modules/source-repository/
* blueprints/cloud-operations/vm-migration/
* blueprints/third-party-solutions/wordpress
* dataplex-datascan
* blueprints/cloud-operations/workload-identity-federation
* blueprints/data-solutions/cloudsql-multiregion/
* blueprints/data-solutions/composer-2
* Update 20230816-iam-refactor.md
* Update 20230816-iam-refactor.md
* capture discussion in architectural doc
* update variable names and refactor proposal
* project
* blueprints first round
* folder
* organization
* data-catalog-policy-tag
* re-enable folder inventory
* project module style fix
* dataproc
* source-repository
* source-repository tests
* dataplex-datascan
* dataplex-datascan tests
* net-vpc
* net-vpc test examples
* iam-service-account
* iam-service-account test examples
* kms
* boilerplate
* tfdoc
* fix module tests
* more blueprint fixes
* fix typo in data blueprints
* incomplete refactor of data platform foundations
* tfdoc
* data platform foundation
* refactor data platform foundation iam locals
* remove redundant example test
* shielded folder fix
* fix typo
* project factory
* project factory outputs
* tfdoc
* test workflow: less verbose tests, fix tf version
* re-enable -vv, shorter traceback, fix action version
* ignore github extension warning, re-enable action version
* fast bootstrap IAM, untested
* bootstrap stage IAM fixes
* stage 0 tests
* fast stage 1
* tenant stage 1
* minor changes to fast stage 0 and 1
* fast security stage
* fast mt stage 0
* fast mt stage 0
* fast pf
2023-08-20 09:44:20 +02:00
3a8071d93c
Merge branch 'master' into elia-gcve
2023-08-20 08:18:53 +02:00
126d75a311
fixed typo
2023-08-18 17:01:12 +02:00
103443dc30
fixed typo
2023-08-18 16:57:35 +02:00
1b93197b87
fixed typo
2023-08-18 16:56:21 +02:00
c4ada40275
fixed typo
2023-08-18 16:52:58 +02:00
bf26580b9d
fixed variables order
2023-08-18 15:52:56 +02:00
9452a14ac7
output cleanup
2023-08-18 15:49:20 +02:00
81b567684b
outputs cleaup
2023-08-18 15:41:06 +02:00
87e82244af
fixed tests
2023-08-18 15:38:35 +02:00
e1e3826f6d
fix(cloud-run): move cpu boost annotation to revision
2023-08-18 13:53:00 +01:00
d568408331
fixed variable name and regex
2023-08-18 11:20:27 +02:00
476d6eaf30
Update variables.tf
2023-08-18 10:07:23 +02:00
dc78ad3493
Update outputs.tf
2023-08-18 10:06:32 +02:00
ea0de3adbb
Fixing some typos
2023-08-18 05:51:00 +00:00
574c7548d8
feat(cloud-run): add startup cpu boost option
2023-08-17 14:43:27 -07:00
6a5739bf91
gcve net requirements link
2023-08-17 12:25:33 +02:00
c6f5d47c66
fixed variable name
2023-08-17 12:19:47 +02:00
739bbf1aef
fixed variable name
2023-08-17 12:11:42 +02:00
3feaad0c1c
fixed variable name
2023-08-17 12:10:44 +02:00
0e2ee8bceb
fixed typo
2023-08-17 12:05:44 +02:00
1e54ddd710
Merge branch 'elia-gcve' of github.com:GoogleCloudPlatform/cloud-foundation-fabric into elia-gcve
2023-08-17 09:39:50 +02:00
e927bf3858
Fixed typo
2023-08-17 09:37:48 +02:00
a7fd3e2616
fixed file name
2023-08-17 09:25:44 +02:00
def2f476d1
Add support for conditions to `iam_members` module variables ( #1594 )
...
* project
* data-catalog-policy-tag
* dataproc
* folder
* iam-service-account
* kms
* net-vpc
* organization
* source-repository
* dataplex-datascan
2023-08-15 16:28:23 +02:00
acc191c58e
Merge branch 'master' into elia-gcve
2023-08-15 09:41:00 +02:00
6fee2a9eb3
Merge branch 'elia-gcve' of github.com:GoogleCloudPlatform/cloud-foundation-fabric into elia-gcve
2023-08-14 14:46:16 +02:00
f3d5dd8e34
Added link to GCVE module
2023-08-14 14:41:33 +02:00
b6b660f4f3
feat: 🎸 (modules/cloudsql-instance):add project_id for ssl cert ( #1591 )
2023-08-14 12:40:25 +02:00
5689aacac2
Merge branch 'master' into elia-gcve
2023-08-14 11:56:47 +02:00
adf2621727
Add new `iam_members` variable to IAM additive module interfaces ( #1589 )
...
* resource management modules
* data catalog policy
* dataproc
* service account
* kms
* net-vpc
* source repository
* dataplex datascan
* service account module variable order
2023-08-14 09:54:50 +00:00
a509756f1b
GCVE module first release
2023-08-14 11:48:27 +02:00
f9509ad6b7
feat: 🎸 (modules/cloudsql-instance): enable require_ssl cert support ( #1588 )
2023-08-14 11:37:03 +02:00
841459a059
Fix factory rules key in net firewall policy module ( #1587 )
...
* fix factory rules key in net firewall policy
* fix test
2023-08-14 07:52:36 +02:00
10faf82b8d
linting
2023-08-11 11:20:06 -06:00
2fa6369ba0
Merge branch 'master' of https://github.com/GoogleCloudPlatform/cloud-foundation-fabric into ehorning/support-gcs-object-upload
2023-08-11 11:19:21 -06:00
b1679ad21a
Fix: Instance level stateful disk config ( #1578 )
...
* update doco
* fix bug in TF code
* change instance name in README to fix test
* revert disk name
* Update stateful.yaml
* fix examples and tests
---------
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-08-11 15:25:17 +00:00
df1fded669
add support for object upload to gcs module
2023-08-10 21:43:53 -06:00
78095063f7
feat(modules/cloud-run): add gen2 exec env support ( #1582 )
2023-08-09 23:04:16 +02:00
79373721df
Remove firewall policy management from resource management modules ( #1581 )
...
* rename firewall policy module, fix outputs
* add TOC to firewall policy module
* don't depend policy on parent id
* remove firewall policy from resource management modules
* remove factory conditionals
* fast net a and b
* fast stages
* fast tfdoc
* fast tfdoc
* remove unused test
* fix shielded folder blueprint
* fix shielded folder blueprint
2023-08-09 11:23:07 +00:00
6a13742e3c
Apigee addons
2023-08-09 08:12:06 +02:00
80ada0e8dd
Refactor firewall policy module ( #1576 )
...
* refactor module interface
* hierarchical attachment and example
* hierarchical rules and TODO
* split rules resources
* additional fields
* keep using a single resource for rules
* factory
* factory test
* boilerplate
* Prefix ingress and egress rule ids
* Tests for other firewall policy types
* Fix rule id and names
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-08-08 16:57:59 +00:00
9ec38581d7
Update README.md
2023-08-07 14:33:54 +01:00
dd3a298892
Moved allow_net_admin to enable_features flag. Bumped provider version to 4.76
2023-08-07 14:27:20 +01:00
Julio Castillo
Oliver Frolovs
Dave Gulli
Luigi Bitonti
apichick
luigi-bitonti
Ludovico Magnocavallo
Arpit Sharma
simonebruzzechesse
John Inama
g-greatdevaks
Zachary
LudovicEmo
Luca Prete
Carlo Maria Valla
Rob Heckel
Richard Olson
Erin Horning
Erin Horning
eliamaldini
Michael
Alejandro Leal
Jay Schwerberg
erabusi
Sam Bentley
Eunan Hardy