zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/modules
History
lcaggio 7f40aba4cd
Support Cloud KMS on Compute-VM module + Fixes (#79) 
* * Add support to KMS disk encryption (boot and attached)
 * Fix Instance Group Example

* Fix

* * Fix image boot disk
 * Add example with disk encryption

* Fix Title

* Improve logic

* Fix Readme
Fix viariable description

* Update README.md

* update README variables/outputs table

* add change to CHANGELOG

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 		2020-05-30 08:57:21 +02:00
..
__experimental/cloud-function-scheduled add support for environment vars in experimental cf module 2020-05-04 07:48:37 +02:00
artifact-registry Add Artifact Registry module (#81) 2020-05-26 12:03:15 +02:00
bigquery-dataset Update README.md 2020-05-29 08:25:51 +02:00
cloud-config-container Use flat source insted of submodule in envoy cos module (#72) 2020-05-11 16:54:32 +02:00
compute-mig Fix health checks in net-ilb and compute-mig modules (#69) 2020-05-07 07:37:15 +02:00
compute-vm Support Cloud KMS on Compute-VM module + Fixes (#79) 2020-05-30 08:57:21 +02:00
container-registry Add Container Registry module (#80) 2020-05-26 07:18:33 +02:00
datafusion First commit for Data Fusion module (#77) 2020-05-22 12:30:24 +02:00
dns add support for service directory zones to dns module 2020-05-12 13:35:13 +02:00
folders Fix another typo in GCS README 2020-05-26 12:11:27 +02:00
folders-unit Refactor the onprem module (#55) 2020-04-06 16:27:13 +02:00
gcs add TODO to gcs module 2020-05-10 11:58:55 +02:00
gke-cluster Add cluster CA certificate as output for gke-cluster 2020-05-12 19:17:46 +02:00
gke-nodepool Fix gke-nodepool advanced options 2020-05-07 20:28:37 +02:00
iam-service-accounts Merge development branch (#44) 2020-04-03 14:06:48 +02:00
kms Merge development branch (#44) 2020-04-03 14:06:48 +02:00
logging-sinks Merge development branch (#44) 2020-04-03 14:06:48 +02:00
net-address Merge development branch (#44) 2020-04-03 14:06:48 +02:00
net-cloudnat fix Cloud NAT module internal router name lookup 2020-04-22 15:47:33 +02:00
net-ilb Fix health checks in net-ilb and compute-mig modules (#69) 2020-05-07 07:37:15 +02:00
net-vpc subnets with the same name in different regions (#67) 2020-05-04 08:25:53 +02:00
net-vpc-firewall Merge development branch (#44) 2020-04-03 14:06:48 +02:00
net-vpc-peering Merge development branch (#44) 2020-04-03 14:06:48 +02:00
net-vpn-dynamic Merge development branch (#44) 2020-04-03 14:06:48 +02:00
net-vpn-ha adds project_id to external gateway (#74) 2020-05-12 18:13:06 +02:00
net-vpn-static Merge development branch (#44) 2020-04-03 14:06:48 +02:00
organization Update organization/versions.tf copyright 2020-04-08 10:23:23 +02:00
project switch project service from resourceviews to container in examples 2020-05-07 21:36:37 +02:00
pubsub Update README.md 2020-05-29 08:08:09 +02:00
secret-manager use a map for secret versions in secret-manager module 2020-05-02 09:34:53 +02:00
service-directory Update README.md 2020-05-13 07:54:46 +02:00
source-repository Source repository module (#76) 2020-05-14 20:48:29 +02:00
README.md Update README.md 2020-05-26 12:10:02 +02:00

README.md

Terraform modules suite for Google Cloud

The modules collected in this folder are designed as a suite: they are meant to be composed together, and are designed to be forked and modified where use of third party code and sources is not allowed.

Modules try to stay close to the low level provider resources they encapsulate, and they all share a similar interface that combines management of one resource or set or resources, and the corresponding IAM bindings.

Authoritative IAM bindings are primarily used (e.g. google_storage_bucket_iam_binding for GCS buckets) so that each module is authoritative for specific roles on the resources it manages, and can neutralize or reconcile IAM changes made elsewhere.

Specific modules also offer support for non-authoritative bindings (e.g. google_storage_bucket_iam_member for service accounts), to allow granular permission management on resources that they don't manage directly.

Foundational modules

Networking modules

Compute/Container

Data

Development

Security