* GKE Hub initial PR commit
* variable management adjust
* comments, fixes and alphabetically ordered variables
* Update README.md
* Update README.md
* Update README.md
* fix test
* resources vs modules
still needs some love
* remove modules usage
* comments, readme update and output
* adjusting outputs and README
* fix README.md
* fix README
* adjusted based on comments
still need some love in the google_gke_hub_feature_membership variables management
* types and variable management
* optionally enable required api
* Update README.md
* reorder locals and use standard formatting
* Don't enable services from modules
* Use self links for member clusters
* Update readme
* members_clusters back to map
@juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too.
* Forcing null feature to false due to a bug in provider
If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow
* Readme update
* Readme.md update
* Update README.md
* bring back tolist, WIP
* Update main.tf
* Readme.md update
* Update README.md
* Update main.tf
* Update main.tf
* Add id and self_links output to gke-cluster
* Use try and make all member feature blocks dynamic/optional
* Change member clusters to map
* Add gke-hub tests
* Address PR comments
* Update gke-hub readme
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* Networking with peering - initial commit
* README and tests
* Linter fixes
* Linter fixes
* Linter fixes
* Update README.md
* split out vpn/peering in separate files so the rest is identical
* fix dns for vpn and peering
* update tfdoc to support multiple outputs/variables files
* add peering variables
* update tfdoc for modules
* make it easier to spot errored docs
* fix doc
* yapf
* fix permadiff in firewall module source ranges
* FAST: Networking: DNS Fixes
* FAST: ability to toggle on-prem vpn creation
* FAST: fix outputs
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* added iot-core module folder
* modified iot core readme file
* added initial version of the IoT Platform terraform files
* añadido detalles en README
* Update README.md
fix markup issue
* Update README.md
modified input/output
* deleted provider from main and module services
* pub_sub topic ids used in the registry instead of creating new ones
* variable extra_telemetry_pub_sub_topic_ids modified as default
* included data platform integration use case in the doc
* devices config moved to yaml file
* included example to create device certificates
* added HCL and #tftest to README. Moved project/region to variables
* solved bug with no optional variables for extra topics or devices yaml
* solved bug with no optional variables for extra topics or devices yaml
* added example to send MQTT telemetry to IoT Platform
* modified doc on Data Platform integration
* included diagram
* added Registry / Device creation default configuration into variables. Deleted exammple devices yaml file. Corrected module source path
* solved comments in PR
* applied terraform fmt
* solved bug in boolean (bool) variable
* updated variables in doc
* updated output variable name
* updated #tftest:skip on examples as using yaml input makes resources number variable
* Update README.md
modified input/output
* pub_sub topic ids used in the registry instead of creating new ones
* variable extra_telemetry_pub_sub_topic_ids modified as default
* included data platform integration use case in the doc
* devices config moved to yaml file
* included example to create device certificates
* added HCL and #tftest to README. Moved project/region to variables
* solved bug with no optional variables for extra topics or devices yaml
* solved bug with no optional variables for extra topics or devices yaml
* added example to send MQTT telemetry to IoT Platform
* modified doc on Data Platform integration
* included diagram
* added Registry / Device creation default configuration into variables. Deleted exammple devices yaml file. Corrected module source path
* solved comments in PR
* applied terraform fmt
* solved bug in boolean (bool) variable
* updated variables in doc
* Updated diagram and documentation for decentralized firewall.
* Fixed error with VPC connector. Count was referring to resource attributes that weren't known until after the configuration was applied
* Added Cloud Foundation Fabric logos. (#363)
* Create README.md
* Add logo to readme file
* exclusions for audit in locals in logging_sinks.audit-logs now
* style fix (whitespaces)
* Added dynamic block for dns_cache_config
* Fixed boolean variable condition
* Adding Apigee Environments as output for apigee-organization module
* small var conditional fix
* Added GKE pubsub notifications
* Default creation false
* Updated variable default value
* removed extra lines
* defaulted to false and conditional output
* depend log sinks from IAM roles, fixes#371
* Update README.md
* [#374] Add taint when Windows node pools are created to match the one GKE implicitly adds
* Update README.md
Fixes out of date link on the module usage example
* Update README.md - fixed broken link
* Added subnet id and self_link to outputs (#377)
Adjusted module outputs so that it's easier to consume them when using the factory in a larger codebase.
* net-vpc module: added subnet mini-factory
* Update README.md
* Code cleanup
* Adds support for IAM per-subnet IAM bindings via factory
* Gracefully handle a null secondary_ip_range
* Updated README.md. Added tests.
* Added license boilerplate to subnet yaml data in tests
* Update README.md
* Update README.md
* Removed dead code
* net-vpc-firewall mini rules-factory
* Paying tributes to the linting gods
* Fixed small bug on locals
* Tests for net-vpc-firewall module
* Update CHANGELOG.md
* refactor locals (#382)
* Add support for partitioned tables on Organization sinks (#380)
* Add support for partioned tables on Organization sinks
* Update changelog
* Fix lint
* Fix lint
* Use simple bool instead of block
* fix README
* Fix Readme
* Rename variable
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Improve PSN support in net-vpc module (#384)
* improve PSN support
* fix variable order
* fix example test
* fix cloudsql example
* Update CHANGELOG.md
* Update CHANGELOG.md
* Update CHANGELOG.md
* Remove location from local.prefix
* Organization module refactor, in-module firewall policy factory for organization and folder (#385)
* move iam and logging to separate files, minimal refactoring
* update README
* fix example
* factory
* tfdoc
* boilerplate
* remove data_folder variable
* tfdoc
* fix default factory name
* add firewall policy to folder module
* add factory example
* Update CHANGELOG.md
* Fix VPC-SC module, add example (#387)
* Update CONTRIBUTING.md
Suggest change of wording related to `terraform format`: should be done from the top, recursively, and after `pytest` step, because fixtures are also going to be checked for linting during PR.
* Add target_node and minor fixes (#389)
* Add separate BQ tables per asset type
* Add missing BQ location
* Add missing CF region
* Change Scheduler job to non-generic
* Add target_node, pass tests
* Do tfdoc.py
* Do terraform fmt
* Do terraform fmt -recursive for tests' fixtures
* Fix typo in test's variables
* Added support for Stateful Managed Instance Groups (#367)
* First iteration updates
* All tests passing
* Updated README and var descriptions
* Updated README
* Updated example README
* Consolidated stateful vars
* consolidated stateful vars
* Updated README
* Requested changes to try
* Fixed README examples and try
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* SA key uploading and credentials json generation with terraform.
* Fix typo in the SA module readme
* TF fmt
* Update iam-sa docs
* Finalize onprem-sa-ket-mgmt example
* Add basic test for onprem-sa-mgmt example
* Refactoring
* Reorder variables
* Rewording, fix typos
* Bump tftest version
Bump tftest version to 1.6.1 and ensure test runners can update
providers if needed and available.
* Add bq_table_overwrite handling
* Add optional BQ table as a file export config
* Add getattr() to retrieve attribute from format
* Add roles/bigquery.jobUser for CF
* Update test_plan and README
* Change README, add diagram ( gcpdraw a6e4ec4f-7d6c-4796-b63e-ee4ce7b1792f )
* Change README to two diagrams
* Add count to toggle optional modules
* Change README
* Resolve order of variables test
* Linux sysctls configuration and Kubelet config (#388)
* Linux sysctls configuration and Kubelet config
* Fix terraform linting issues
* Updated README.md
* Updated Kubelet config object type
* Update readme
Co-authored-by: Sergio Tejón <stejon@freepik.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* net-address: Added support for PSA ranges
* Update outputs.tf
* Fixes typo
* Resolved merge conflict
* Update CHANGELOG.md
* Add metric scopes support (#397)
* Add metric scopes support
* Fix typo
* new tfdoc block in README
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* fix tfdoc replacement (#398)
* Update CHANGELOG.md
* Ludo hfw fixes (#400)
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes#339
* Update CHANGELOG.md
* Fix ignore changes for hfw rules (#401)
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes#339
* fix ignore changes in org and folder module
* Update CHANGELOG.md
* update documentation check
* backport tfdoc and check doc fixes
* Re-run pydoc
* Redo pydoc + local linting checks
* update tfdoc (#404)
* Org/Folder: Allow for policy association when using rule factory (#405)
* Org/Folder: Allow for policy association when using rule factory
* Fix linting issue
* Update hierarchical firewall resource
This replaces all the `google_compute_organization_security_*`
resources with the newer `google_compute_firewall_*` resources.
* Fix typo.
* Update CHANGELOG.md
* Typo fix
* New vpc-sc module implementation (#406)
* first implementation
* minimal output
* split service perimeters in regular and bridge
* tests and fixes
* new vpc-sc implementation
* remove providers file used for testing
* remove provider used during development
* Update CHANGELOG.md
* Update CHANGELOG.md
* Update README.md
* fix cases where bridge perimeter status resources are null (#408)
* Update CHANGELOG.md
* Copyright bump (#410)
* remove lifecycle block from vpc sc perimeters (#412)
* Update CHANGELOG.md
* Update CHANGELOG.md
* Interpolate access levels by key in vpc sc module (#414)
* interpolate access levels by key
* fix access level reference
* fix num resources in last README test
* Update CHANGELOG.md
* fix ingress policies in vpc sc module
* disable device policy support in vpc-sc module
* depend bridge from regular perimeters in vpc sc module
* Update CONTRIBUTING.md
* add versions to vpc-sc module
* Update CONTRIBUTING.md
* updated output variable name
* updated #tftest:skip on examples as using yaml input makes resources number variable
* changed pub_sub to pubsub
* unified protocol input variable
* changed extra_telemetry_pubsub_topic_ids variable type to: map
* solved issue in README.md
* grouped device configuration variables
* device config is now done individually per each device in the yaml file
* changes on device config yaml processing: 1 single yaml directory, use try() while parsing, example identation corrected
* updated headers to 2022
* removed get-pip.py
* Add ip_range variable for apigee-x-instance module
* Add variable definition and validation for ip_range
* Update the validation rule for ip_range variable
* Updated modules README to include details around module versioning and how to best use the modules
* Update README.md
Co-authored-by: apichick <apichick@google.com>
Co-authored-by: Ludovico Magnocavallo <ludo@qix.it>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* add support for in-doc tfdoc options overrides
* clean up project module
* add file description tags
* only output module and resource columns in tfdoc file table if they exist
* update fast READMEs
* fix check docs
* Support services that require crypto/decrypt role on robot service accounts
* delete test and upload refactored implementation
* fix duplicate key on dependent services, add tests
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Julio Castillo
Daniel Marzini
Simone Ruffilli
John Tracy
apichick
Ludovico Magnocavallo
lcaggio
Antonio Lopez
Daniel Marzini
Saurabh Shivgunde
apichick
Caio Tavares
Simone Ruffilli
Luca Prete