93361d7f3d
* wip * wip * wip * wip * wip * discovery * single discovery * page token * batch requests * remove plugin name * streamline * streamline * dynamic routes * dynamic routes * forwarding rules and addresses * batch requests * metrics * notes * notes * streamline * fixes, dump * streamline * remove globals * wip metrics * subnet time series * networks per project plugin * firewall rules timeseries * use names in metric labels * firewall policies timeseries * wip * instances per network timeseries * routes timeseries * custom quota * simpler quota, network peering timeseries * peering timeseries * timeseries names * wip descriptors * metric descriptors * fixes * wip * Use partial for all cf init functions * Add requirements.txt * fix org key mismatch * Fix folder short cli name * Fix instance_networks when iterable is empty * more readability and fixing some strings * replace() -> removeprefix and remove unneeded quoting * setdefault in init()s * Fix next hop type * Remove unneeded fstring * create descriptors * create descriptors log * rename descriptor requests function * non-working metrics implementation (duplicate timeseries batched) * timeseries * fixes * write timseries * fix timeseries plugins * start documenting code * docstrings and comments * docstrings comments and small fixes * rename cf to src * discover nodes instead of just projects * discovery node can be a folder or org * cf entrypoint and fixes * cf deployment * remove old paths * cloud function deploy readme * diagrams * resource ids in example * discovery tool readme * top-level README * Some documentation fixes * Add secondary ranges * Update README.md * add legend to scope diagram * improve description of discovery configuration variable * add comment in example for custom quotas file * rename op_project to monitoring_project * dashboard metric rename wip * Update discover-cai-compute.py * deploy sample dashboard Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Aurélien Legrand <aurelien.legrand01@gmail.com> |
||
---|---|---|
.. | ||
cloud-operations | ||
data-solutions | ||
factories | ||
gke | ||
networking | ||
serverless | ||
third-party-solutions | ||
README.md |
README.md
Terraform end-to-end blueprints for Google Cloud
This section provides networking blueprints that implement core patterns or features, data solutions blueprints that demonstrate how to integrate data services in complete scenarios, cloud operations blueprints that leverage specific products to meet specific operational needs, GKE and Serverless blueprints, and factories that implement resource factories for the repetitive creation of specific resources.
Currently available blueprints:
- cloud operations - Active Directory Federation Services, Cloud Asset Inventory feeds for resource change tracking and remediation, Fine-grained Cloud DNS IAM via Service Directory, Cloud DNS & Shared VPC design, Delegated Role Grants, Networking Dashboard, Managing on-prem service account keys by uploading public keys, Compute Image builder with Hashicorp Packer, Packer example, Compute Engine quota monitoring, Scheduled Cloud Asset Inventory Export to Bigquery, Configuring workload identity federation for Terraform Cloud/Enterprise workflow, TCP healthcheck and restart for unmanaged GCE instances, Migrate for Compute Engine (v5) blueprints, Configuring workload identity federation to access Google Cloud resources from apps running on Azure
- data solutions - GCE and GCS CMEK via centralized Cloud KMS, Cloud Composer version 2 private instance, supporting Shared VPC and external CMEK key, Cloud SQL instance with multi-region read replicas, Data Platform, Spinning up a foundation data pipeline on Google Cloud using Cloud Storage, Dataflow and BigQuery, #SQL Server Always On Groups blueprint, Data Playground
- factories - The why and the how of Resource Factories, Google Cloud Identity Group Factory, Google Cloud BQ Factory, Google Cloud VPC Firewall Factory, Minimal Project Factory
- GKE - Binary Authorization Pipeline Blueprint, Storage API, Multi-cluster mesh on GKE (fleet API), GKE Multitenant Blueprint, Shared VPC with GKE support
- networking - Decentralized firewall management, Decentralized firewall validator, Network filtering with Squid, Network filtering with Squid with isolated VPCs using Private Service Connect, HTTP Load Balancer with Cloud Armor, Hub and Spoke via VPN, Hub and Spoke via VPC Peering, Internal Load Balancer as Next Hop, On-prem DNS and Google Private Access, Calling a private Cloud Function from On-premises, Hybrid connectivity to on-premise services through PSC, PSC Producer, PSC Consumer, Shared VPC with optional GKE cluster
- serverless - Creating multi-region deployments for API Gateway
- third party solutions - OpenShift on GCP user-provisioned infrastructure, Wordpress deployment on Cloud Run
For more information see the individual README files in each section.