6c258e6562
Fix description
2023-12-29 12:09:16 +01:00
1eea077460
Add service account email to outputs to manage its permissions
2023-12-29 12:09:16 +01:00
724dfda09c
Provider doesn't set defaults on config
...
Can't provide just one size (like `web_server` or `triggerrer`) because
of no defaults are taken:
module.composer.google_composer_environment.env: Modifying... [id=***]
╷
│ Error: googleapi: Error 400: Found 6 problems:
│ 1) You have to specify Scheduler CPUs not lower than 0.5.
│ 2) You have to specify number of schedulers larger than 0.
│ 3) You have to specify Web Server CPUs not lower than 0.5.
│ 4) You have to specify Worker CPUs not lower than 0.5.
│ 5) You have to specify minimum number of workers larger than 0.
│ 6) Triggerer memory must be between 1.00GB and 6.50GB for given vCpu
So provide the defaults as set workloads_config == null
2023-12-29 12:09:16 +01:00
87548f9739
Networking Sandbox Blueprint ( #1939 )
...
This blueprint creates a networking playground showing a number of different VPC connectivity options:
Hub and spoke via HA VPN
Hub and spoke via VPC peering
Interconnecting two networks via a network virtual appliance (aka NVA)
On top of that, this blueprint implements Policy Based Routing (aka PBR) to show how to force all traffic within a VPC to be funneled through an internal network passthrough load balancer, to implement an Intrusion Prevention System (IPS). PBR is enabled in the hub VPC, matching all traffic originating from within that VPC.
2023-12-21 17:50:38 +01:00
717f7ecad1
Blueprints naming convention update ( #1942 )
...
* update network-dashboard and quota-monitoring naming convention
2023-12-21 17:02:25 +01:00
0255c80e90
Move squid to __need_fixing ( #1936 )
...
* Moved `modules/cloud-config-container/squid` to __need_fixing
* Moved `blueprints/networking/filtering-proxy{,-psc}` to __need_fixing
2023-12-19 14:27:37 +00:00
21562eefbe
don't fail quota fetch on deleted project ( #1931 )
2023-12-15 20:20:49 +01:00
c50b732c79
Allow granting network user role on host project from project module and factory ( #1930 )
...
* Update shared vpc config for project factory and project module for more granular Shared VPC configuration
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-12-15 14:39:21 +01:00
1dc6965694
Update quota monitor blueprint to support project discovery ( #1924 )
...
* fist test
* dev complete
* update tf with permissions, enabled APIs and discovery root management
* updated readme
* moved projects discovery to a separate method
* reviewed Mauri's changes
* add missing lines from last change
* - fixed discovery page size to 100
- removed last_asset_page_reached var from discover_projects
- added cast to list for projects var in _main, to make the script work both using CLI and pub/sub
* fixed discovery_root default value to work when no value is passed
* fixed tfdoc
* fixed tftest resources #
---------
Co-authored-by: Ludo <ludomagno@google.com>
2023-12-12 19:17:01 +01:00
bba814c091
Custom role factories for organization and project modules ( #1912 )
...
* backport custom role factories
* backport from fast ci/cd branch
* indent
* tfdoc
* fix module tests
2023-12-11 14:16:39 +00:00
886734e1e9
Add trigger configuration for Composer ( #1916 )
2023-12-11 12:54:49 +01:00
f548b65b1c
Add support for subnet-level service network user grants to project module, improve docs ( #1907 )
...
* improve project factory example
* light refactor of project modules shared vpc internals and docs
* add support for subnet-level grants on host project
2023-12-07 09:07:48 +00:00
66bd9d5160
Added workstation-cluster module
2023-11-30 07:02:28 +01:00
bb58469292
Fixes to F5 blueprint docs ( #1886 )
...
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-11-24 19:45:38 +01:00
98accdb3ad
Added PSC support to CloudSQL Module ( #1874 )
...
* Added Feature
* Added PSC to CloudSQL module
* Added psc to read replica
* Changed variables
* Updated README
* Ran fmt
* Removed old variables
* Fix README
* Fixed blueprints
* Fix README
* Fixed output
* Added more outputs and bug fixes
* Changed variable structure
* Bug fix
* Added PSC example.
2023-11-24 15:47:45 +01:00
56fcb4f88a
F5 deployment blueprint ( #1883 )
...
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-11-24 14:02:34 +01:00
525fc91d5c
Fixes/improvements to F5 HA blueprint ( #1882 )
...
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-11-23 16:15:47 +01:00
642f65b841
F5 blueprint ( #1787 )
...
---------
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-11-22 19:48:13 +01:00
9ff67fdaf0
Add DLP Service Agent role
2023-11-20 15:34:27 +01:00
543ea6e7f3
Fix/dlpagent ( #1868 )
...
Create DLP Service Account on service activation.
2023-11-20 14:11:01 +01:00
1f344b65e6
Net dash cfv2 ( #1859 )
...
* Handling SQL IP address issue
* reverting one change
* Improving this fix based on wiktor's feedback
* formatting
* Adding supporting for Cloud Function v2 (60 minutes timeout vs 9 minutes timeout)
* Removing useless comment
* formatting
* updating inputs/outputs documentation
* feedback from Julio
* formatting
* python formatting
* formatting
* formatting
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-11-16 14:45:44 +00:00
63f1dfb6de
end-to-end tests for Vertex blueprint
2023-11-15 11:04:12 +00:00
1c2f1c7b0d
Sql user features ( #1856 )
...
* added user type feature
* fix readme
* fix comment
* fix blueprint cloudsql users value + minor fix
* readme fix
* variables fix
* local var fix
* fix for in local var
* fix on readme
* fix intentations var in readme
* fix blueprint user quote
---------
Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
2023-11-13 10:27:14 +01:00
d07f8fd33d
Added CMEK for Secret auto managed ( #1739 )
...
Allow to specify custom KMS keys for Secret Manager secrets
2023-11-10 16:45:47 +01:00
82c74e4ab6
Dataproc module bug fix ( #1848 )
...
* bug fix
* bug fix
* fix dinamic for_each
---------
Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
2023-11-09 15:48:29 +00:00
03937f2b6e
Support multilevel data and allow overriding project id in project factory ( #1851 )
2023-11-09 08:29:46 +00:00
2664161c24
Simplify #1836 fix, Avoid map-related casting errors in project factory
2023-11-02 09:12:38 +00:00
de0325b3a3
Avoid map-related casting errors in project factory ( #1836 )
...
* try to repro pf example error
* repro
* repro
* pf fix
* remove extra file
* FAST stage
2023-11-02 08:24:50 +01:00
a0ae43fc6f
[Minimal Data Platform] Fix Landing and curated IAM ( #1832 )
...
* Fix IAM on Minimal DP
* fix
2023-11-01 17:53:06 +01:00
68dea5530a
Handling SQL IP address issue ( #1825 )
...
* Handling SQL IP address issue
* reverting one change
* Improving this fix based on wiktor's feedback
* formatting
2023-10-30 17:26:06 +01:00
7c6726e79b
[net-address] enable ipv6 ( #1821 )
...
---------
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-10-28 15:36:30 +02:00
30d7126b83
Allow specifying arbitrary project roles for service accounts in project factory ( #1814 )
...
* allow specifying arbitrary project roles for service accounts in project factory
* tfdoc
2023-10-26 14:09:03 +00:00
4decc641bb
Stop wrapping yamldecode with try() ( #1812 )
2023-10-25 16:16:05 +02:00
e10aabdc22
Updating network dashboard: fixing Cloud SQL problem, fixing 1 metric… ( #1806 )
...
* Updating network dashboard: fixing Cloud SQL problem, fixing 1 metric issue in the dashboard, pausing for monitoring quota issues, if monitored folders and projects are empty, every project under the discovery root node will be monitored.
* formatting
* time optimization
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-10-25 10:37:25 +00:00
1ed48b556f
make extended shared vpc attributes optional in pf ( #1796 )
2023-10-23 13:45:48 +00:00
6d89b88149
versions.tf maintenance + copyright notice bump ( #1782 )
...
* Bump copyright notice to 2023
* Delete versions.tf on blueprints
* Pin provider to major version 5
* Remove comment
* Fix lint
* fix bq-ml blueprint readme
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-20 18:17:47 +02:00
6c48512f7e
[ #1764 ] net-lb-int: add support for dual stack and multiple forwarding rules
2023-10-17 09:30:34 +00:00
ca4d9af2e5
Bump golang.org/x/net ( #1748 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.7.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.7.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-12 05:41:40 +00:00
888e930464
Bump golang.org/x/net ( #1747 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.7.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.7.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-12 07:21:10 +02:00
dfc5023e0b
Make deletion protection consistent across all modules ( #1735 )
...
* Expose deletion_protection in GKE modules
* Make deletion protection consistent across all modules
* Add deletion_protection option to blueprints
* Fix blueprints tests
* Fix types
* Update READMEs
* Fix dp readme
* Fix cmek blueprint default deletion_protection
* Fix blueprints tests
2023-10-05 17:31:07 +02:00
de883957fe
Minimal Data Platform - Fix ( #1730 )
...
* Fix
* Fix README
* Fix data platform minimal tests
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-04 12:15:51 +02:00
6889f02954
Fix data platform roles ( #1725 )
...
* Fix Data Platform roles
* Fix README
* Fix blueprint tests
* Update cleanup dp steps
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-10-04 07:31:40 +02:00
4b15605711
Fix dnssec keys lookup ( #1728 )
...
* Fix dnssec keys lookup
* Fix DNS examples
* Fix FAST and blueprints resource counts
2023-10-03 21:37:21 +02:00
789328ff5a
Bump provider versions to v5.0.0 ( #1724 )
...
* bump provider versions to 5.0.0
* fix cloud run, logging and vpc-sc
* Fix secret manager
* fix gke nodepool
* fix gke multitenant stage and blueprint
* Moving alloydb module to experimental.
* Add project to bare resources in examples
* tfdoc
* fix svpc blueprint test
* Revert "fix svpc blueprint test"
This reverts commit 14f02659098070136e64ead600580dd52c23c339.
* Fix GKE peering project
* Disable tests in alloydb module
* Bring back secret ids in secret manager tests
* Remove duplicate key
* last push
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-03 12:15:36 +00:00
aa5d883deb
add support for org policies to project factory ( #1722 )
2023-10-02 14:13:56 +00:00
df5daab6cc
Allow using no service account in compute-vm ( #1692 )
...
* module and tests
* align blueprints
* tfdoc
* remove stale variables
* fix blueprint
* variable description
2023-09-19 16:56:51 +00:00
3618c9ebdd
Fix blueprints using pubsub
2023-09-17 00:21:57 +02:00
ad14a7d415
Update READMEs
2023-09-17 00:21:36 +02:00
9c878dc9cf
Fix tests for new KMS IAM interface
2023-09-17 00:21:36 +02:00
da883bab8c
Update kms module key-level IAM
2023-09-17 00:21:36 +02:00
Wiktor Niesiobędzki
Simone Ruffilli
simonebruzzechesse
Ludovico Magnocavallo
maunope
apichick
Luca Prete
luigi-bitonti
ddaluka
Aurélien Legrand
Francesco Spinelli
lcaggio
dependabot[bot]
Julio Castillo