# Changelog All notable changes to this project will be documented in this file. ## [Unreleased] - **incompatible change** the `org_id` variable and output in the `vpc-sc` module have been renamed to `organization_id`, the variable now accepts values in `organizations/nnnnnnnn` format - **incompatible change** the `forwarders` variable in the `dns` module has a different type, to support specifying forwarding path - add support for MTU in `net-vpc` module - **incompatible change** access variables have been renamed in the `bigquery-dataset` module - add support for IAM to the `bigquery-dataset` module ## [4.1.0] - 2020-11-16 - **incompatible change** rename prefix for node configuration variables in `gke-nodepool` module [#156] - add support for internally managed service account in `gke-nodepool` module [#156] - made examples in READMEs runnable and testable [#157] - **incompatible change** `iam_additive` is now keyed by role to be more resilient with dynamic values, a new `iam_additive_members` variable has been added for backwards compatibility. - add support for node taints in `gke-nodepool` module - add support for CMEK in `gke-nodepool` module ## [4.0.0] - 2020-11-06 - This is a major refactor adding support for Terraform 0.13 features - **incompatible change** minimum required terraform version is now 0.13.0 - **incompatible change** `folders` module renamed to `folder` - **incompatible change** `iam-service-accounts` module renamed to `iam-service-account` - **incompatible change** all `iam_roles` and `iam_member` variables merged into a single `iam` variable. This change affects most modules - **incompatible change** modules like `folder`, `gcs`, `iam-service-account` now create a single resource. Use for_each at the module level if you need multiple instances - added basic variable validations to some modules ## [3.5.0] - 2020-10-27 - end to end example for scheduled Cloud Asset Inventory export to Bigquery - decouple Cloud Run from Istio in GKE cluster module - depend views on tables in bigquery dataset module - bring back logging options for firewall rules in `net-vpc-firewall` module - removed interpolation-only expressions causing terraform warnings - **incompatible change** simplify alias IP specification in `compute-vm`. We now use a map (alias range name to list of IPs) instead of a list of maps. - allow using alias IPs with `instance_count` in `compute-vm` - add support for virtual displays in `compute-vm` - add examples of alias IPs in `compute-vm` module - fix support for creating disks from images in `compute-vm` - allow creating single-sided peerings in `net-vpc` and `net-vpc-peering` - use service project registration to Shared VPC in GKE example to remove need for two-step apply ## [3.4.0] - 2020-09-24 - add support for logging and better type for the `retention_policies` variable in `gcs` module - **incompatible change** deprecate `bucket_policy_only` in favor of `uniform_bucket_level_access` in `gcs` module - **incompatible change** allow project module to configure itself as both shared VPC service and host project ## [3.3.0] - 2020-09-01 - remove extra readers in `gcs-to-bq-with-dataflow` example (issue: 128) - make VPC creation optional in `net-vpc` module to allow managing a pre-existing VPC - make HA VPN gateway creation optional in `net-vpn-ha` module - add retention_policy in `gcs` module - refactor `net-address` module variables, and add support for internal address `purpose` ## [3.2.0] - 2020-08-29 - **incompatible change** add alias IP support in `cloud-vm` module - add tests for `data-solutions` examples - fix apply errors on dynamic resources in dataflow example - make zone creation optional in `dns` module - new `quota-monitoring` end-to-end example in `cloud-operations` ## [3.1.1] - 2020-08-26 - fix error in `project` module - **incompatible change** make HA VPN Gateway creation optional for `net-vpn-ha` module. Now an existing HA VPN Gateway can be used. Updating to the new version of the module will cause VPN Gateway recreation which can be handled by `terraform state rm/terraform import` operations. ## [3.1.0] - 2020-08-16 - **incompatible change** add support for specifying a different project id in the GKE cluster module; if using the `peering_config` variable, `peering_config.project_id` now needs to be explicitly set, a `null` value will reuse the `project_id` variable for the peering ## [3.0.0] - 2020-08-15 - **incompatible change** the top-level `infrastructure` folder has been renamed to `networking` - add end-to-end example for ILB as next hop - add basic tests for `foundations` and `networking` end-to-end examples - fix Shared VPC end-to-end example and documentation ## [2.8.0] - 2020-08-01 - fine-grained Cloud DNS IAM via Service Directory example - add feed id output dependency on IAM roles in `pubsub` module ## [2.7.1] - 2020-07-24 - fix provider issue in bigquery module ## [2.7.0] - 2020-07-24 - add support for VPC connector and ingress settings to `cloud-function` module - add support for logging to `net-cloudnat` module ## [2.6.0] - 2020-07-19 - **incompatible changes** setting zone in the `compute-vm` module is now done via an optional `zones` variable, that accepts a list of zones - fix optional IAM permissions in folder unit module ## [2.5.0] - 2020-07-10 - new `vpc-sc` module - add support for Shared VPC to the `project` module - fix bug with `compute-vm` address reservations introduced in [2.4.1] ## [2.4.2] - 2020-07-09 - add support for Shielded VM to `compute-vm` ## [2.4.1] - 2020-07-06 - better fix external IP assignment in `compute-vm` ## [2.4.0] - 2020-07-06 - fix external IP assignment in `compute-vm` - new top-level `cloud-operations` example folder - Cloud Asset Inventory end to end example in `cloud-operations` ## [2.3.0] - 2020-07-02 - new 'Cloud Storage to Bigquery with Cloud Dataflow' end to end data solution - **incompatible change** additive IAM bindings are now keyed by identity instead of role, and use a single `iam_additive_bindings` variable, refer to [#103] for details - set `delete_contents_on_destroy` in the foundations examples audit dataset to allow destroying - trap errors raised by the `project` module on destroy ## [2.2.0] - 2020-06-29 - make project creation optional in `project` module to allow managing a pre-existing project - new `cloud-endpoints` module - new `cloud-function` module ## [2.1.0] - 2020-06-22 - **incompatible change** routes in the `net-vpc` module now interpolate the VPC name to ensure uniqueness, upgrading from a previous version will drop and recreate routes - the top-level `docker-images` folder has been moved inside `modules/cloud-config-container/onprem` - `dns_keys` output added to the `dns` module - add `group-config` variable, `groups` and `group_self_links` outputs to `net-ilb` module to allow creating ILBs for externally managed instances - make the IAM bindings depend on the compute instance in the `compute-vm` module ## [2.0.0] - 2020-06-11 - new `data-solutions` section and `cmek-via-centralized-kms` example - **incompatible change** static VPN routes now interpolate the VPN gateway name to enforce uniqueness, upgrading from a previous version will drop and recreate routes ## [1.9.0] - 2020-06-10 - new `bigtable-instance` module - add support for IAM bindings to `compute-vm` module ## [1.8.1] - 2020-06-07 - use `all` instead of specifying protocols in the admin firewall rule of the `net-vpc-firewall` module - add support for encryption keys in `gcs` module - set `next_hop_instance_zone` in `net-vpc` for next hop instance routes to avoid triggering recreation ## [1.8.0] - 2020-06-03 - **incompatible change** the `kms` module has been refactored and will be incompatible with previous state - **incompatible change** robot and default service accounts outputs in the `project` module have been refactored and are now exposed via a single `service_account` output (cf [#82]) - add support for PD CSI driver in GKE module - refactor `iam-service-accounts` module outputs to be more resilient - add option to use private GCR to `cos-generic-metadata` module ## [1.7.0] - 2020-05-30 - add support for disk encryption to the `compute-vm` module - new `datafusion` module - new `container-registry` module - new `artifact-registry` module ## [1.6.0] - 2020-05-20 - add output to `gke-cluster` exposing the cluster's CA certificate - fix `gke-cluster` autoscaling options - add support for Service Directory bound zones to the `dns` module - new `service-directory` module - new `source-repository` module ## [1.5.0] - 2020-05-11 - **incompatible change** the `bigquery` module has been removed and replaced by the new `bigquery-dataset` module - **incompatible change** subnets in the `net-vpc` modules are now passed as a list instead of map, and all related variables for IAM and flow logs use `region/name` instead of `name` keys; it's now possible to have the same subnet name in different regions - replace all references to the removed `resourceviews.googleapis.com` API with `container.googleapis.com` - fix advanced options in `gke-nodepool` module - fix health checks in `compute-mig` and `net-ilb` modules - new `cos-generic-metadata` module in the `cloud-config-container` suite - new `envoy-traffic-director` module in the `cloud-config-container` suite - new `pubsub` module ## [1.4.1] - 2020-05-02 - new `secret-manager` module - fix access in `bigquery` module, this is the last version of this module to support multiple datasets, future versions will be called `bigquery-dataset` ## [1.4.0] - 2020-05-01 - fix DNS module internal zone lookup - fix Cloud NAT module internal router name lookup - re-enable and update outputs for the foundations environments example - add peering route configuration for private clusters to GKE cluster module - **incompatible changes** in the GKE nodepool module - rename `node_config_workload_metadata_config` variable to `workload_metadata_config` - new default for `workload_metadata_config` is `GKE_METADATA_SERVER` - **incompatible change** in the `compute-vm` module - removed support for MIG and the `group_manager` variable - add `compute-mig` and `net-ilb` modules - **incompatible change** in `net-vpc` - a new `name` attribute has been added to the `subnets` variable, allowing to directly set subnet name, to update to the new module add an extra `name = false` attribute to each subnet ## [1.3.0] - 2020-04-08 - add organization policy module - add support for organization policies to folders and project modules ## [1.2.0] - 2020-04-06 - add squid container to the `cloud-config-container` module ## [1.1.0] - 2020-03-27 - rename the `cos-container` suite of modules to `cloud-config-container` - refactor the `onprem-in-a-box` module to only manage the `cloud-config` configuration, and make it part of the `cloud-config-container` suite of modules - update the `onprem-google-access-dns` example to use the refactored `onprem` module - fix the `external_addresses` output in the `compute-vm` module - small tweaks and fixes to the `cloud-config-container` modules ## [1.0.0] - 2020-03-27 - merge development branch with suite of new modules and end-to-end examples [Unreleased]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v4.1.0...HEAD [4.1.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v4.0.0...v4.1.0 [4.0.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v3.5.0...v4.0.0 [3.5.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v3.4.0...v3.5.0 [3.4.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v3.3.0...v3.4.0 [3.3.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v3.2.0...v3.3.0 [3.2.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v3.1.1...v3.2.0 [3.1.1]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v3.1.0...v3.1.1 [3.1.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v3.0.0...v3.1.0 [3.0.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.8.0...v3.0.0 [2.8.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.7.1...v2.8.0 [2.7.1]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.7.0...v2.7.1 [2.7.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.6.0...v2.7.0 [2.6.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.5.0...v2.6.0 [2.5.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.4.2...v2.5.0 [2.4.2]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.4.1...v2.4.2 [2.4.1]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.4.0...v2.4.1 [2.4.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.3.0...v2.4.0 [2.3.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.2.0...v2.3.0 [2.2.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.1.0...v2.2.0 [2.1.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v2.0.0...v2.1.0 [2.0.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.9.0...v2.0.0 [1.9.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.8.1...v1.9.0 [1.8.1]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.8.0...v1.8.1 [1.8.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.7.0...v1.8.0 [1.7.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.6.0...v1.7.0 [1.6.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.5.0...v1.6.0 [1.5.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.4.1...v1.5.0 [1.4.1]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.4.0...v1.4.1 [1.4.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.3.0...v1.4.0 [1.3.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.2...v1.3.0 [1.2.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.1...v1.2 [1.1.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v1.0...v1.1 [1.0.0]: https://github.com/terraform-google-modules/cloud-foundation-fabric/compare/v0.1...v1.0 [#82]: https://github.com/terraform-google-modules/cloud-foundation-fabric/pull/82 [#103]: https://github.com/terraform-google-modules/cloud-foundation-fabric/pull/103 [#156]: https://github.com/terraform-google-modules/cloud-foundation-fabric/pull/156