Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
# Google Cloud Folder Module
2021-04-11 05:48:16 -07:00
This module allows the creation and management of folders, including support for IAM bindings, organization policies, and hierarchical firewall rules.
Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
2020-04-08 05:54:49 -07:00
## Examples
### IAM bindings
Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
```hcl
module "folder" {
2020-10-20 06:41:03 -07:00
source = "./modules/folder"
Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
parent = "organizations/1234567890"
2020-10-20 06:41:03 -07:00
name = "Folder name"
2021-04-11 05:48:16 -07:00
group_iam = {
2021-10-12 01:45:14 -07:00
"cloud-owners@example.org" = [
"roles/owner",
"roles/resourcemanager.projectCreator"
]
2021-04-11 05:48:16 -07:00
}
2020-11-04 07:49:19 -08:00
iam = {
2021-04-11 05:48:16 -07:00
"roles/owner" = ["user:one@example.com"]
Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
}
}
2021-04-11 05:48:16 -07:00
# tftest:modules=1:resources=3
Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
```
2020-04-08 05:54:49 -07:00
### Organization policies
```hcl
module "folder" {
2020-10-20 06:41:03 -07:00
source = "./modules/folder"
2020-04-08 05:54:49 -07:00
parent = "organizations/1234567890"
2020-10-20 06:41:03 -07:00
name = "Folder name"
2020-04-08 05:54:49 -07:00
policy_boolean = {
"constraints/compute.disableGuestAttributesAccess" = true
"constraints/compute.skipDefaultNetworkCreation" = true
}
policy_list = {
"constraints/compute.trustedImageProjects" = {
inherit_from_parent = null
suggested_value = null
status = true
values = ["projects/my-project"]
}
}
}
2020-11-07 01:28:33 -08:00
# tftest:modules=1:resources=4
2020-04-08 05:54:49 -07:00
```
2021-12-22 01:46:27 -08:00
### Firewall policy factory
2022-01-10 12:41:22 -08:00
In the same way as for the [organization ](../organization ) module, the in-built factory allows you to define a single policy, using one file for rules, and an optional file for CIDR range substitution variables. Remember that non-absolute paths are relative to the root module (the folder where you run `terraform` ).
2021-12-22 01:46:27 -08:00
```hcl
module "folder" {
source = "./modules/folder"
parent = "organizations/1234567890"
name = "Folder name"
firewall_policy_factory = {
2021-12-31 03:20:42 -08:00
cidr_file = "data/cidrs.yaml"
2021-12-22 01:46:27 -08:00
policy_name = null
rules_file = "data/rules.yaml"
}
2021-12-31 03:20:42 -08:00
firewall_policy_attachments = {
factory-policy = module.folder.firewall_policy_id["factory"]
}
2021-12-22 01:46:27 -08:00
}
# tftest:skip
```
```yaml
# cidrs.yaml
rfc1918:
- 10.0.0.0/8
2021-12-31 03:20:42 -08:00
- 172.16.0.0/12
2021-12-22 01:46:27 -08:00
- 192.168.0.0/16
```
```yaml
# rules.yaml
allow-admins:
description: Access from the admin subnet to all subnets
direction: INGRESS
action: allow
priority: 1000
ranges:
- $rfc1918
ports:
all: []
target_resources: null
enable_logging: false
allow-ssh-from-iap:
description: Enable SSH from IAP
direction: INGRESS
action: allow
priority: 1002
ranges:
- 35.235.240.0/20
ports:
tcp: ["22"]
target_resources: null
enable_logging: false
```
2020-12-04 23:31:35 -08:00
### Logging Sinks
```hcl
module "gcs" {
source = "./modules/gcs"
project_id = "my-project"
name = "gcs_sink"
force_destroy = true
}
module "dataset" {
source = "./modules/bigquery-dataset"
project_id = "my-project"
id = "bq_sink"
}
module "pubsub" {
source = "./modules/pubsub"
project_id = "my-project"
name = "pubsub_sink"
}
2021-03-03 05:19:08 -08:00
module "bucket" {
source = "./modules/logging-bucket"
parent_type = "project"
parent = "my-project"
id = "bucket"
}
2020-12-04 23:31:35 -08:00
module "folder-sink" {
source = "./modules/folder"
parent = "folders/657104291943"
name = "my-folder"
logging_sinks = {
warnings = {
2020-12-06 08:55:01 -08:00
type = "gcs"
destination = module.gcs.name
filter = "severity=WARNING"
iam = false
include_children = true
2021-03-03 05:19:08 -08:00
exclusions = {}
2020-12-04 23:31:35 -08:00
}
info = {
2020-12-06 08:55:01 -08:00
type = "bigquery"
destination = module.dataset.id
filter = "severity=INFO"
iam = false
include_children = true
2021-03-03 05:19:08 -08:00
exclusions = {}
2020-12-04 23:31:35 -08:00
}
notice = {
2020-12-06 08:55:01 -08:00
type = "pubsub"
destination = module.pubsub.id
filter = "severity=NOTICE"
iam = true
include_children = true
2021-03-03 05:19:08 -08:00
exclusions = {}
}
debug = {
type = "logging"
destination = module.bucket.id
filter = "severity=DEBUG"
iam = true
include_children = true
exclusions = {
no-compute = "logName:compute"
}
2020-12-04 23:31:35 -08:00
}
}
logging_exclusions = {
no-gce-instances = "resource.type=gce_instance"
}
}
2021-03-31 01:45:35 -07:00
# tftest:modules=5:resources=12
2020-12-04 23:31:35 -08:00
```
2020-11-23 09:45:18 -08:00
### Hierarchical firewall policies
```hcl
module "folder1" {
source = "./modules/folder"
parent = var.organization_id
name = "policy-container"
firewall_policies = {
iap-policy = {
allow-iap-ssh = {
2021-12-31 03:36:14 -08:00
description = "Always allow ssh from IAP"
direction = "INGRESS"
action = "allow"
priority = 100
ranges = ["35.235.240.0/20"]
ports = { tcp = ["22"] }
2020-11-23 09:45:18 -08:00
target_service_accounts = null
target_resources = null
logging = false
}
}
}
2021-12-31 03:36:14 -08:00
firewall_policy_association = {
iap-policy = "iap-policy"
2020-11-23 09:45:18 -08:00
}
}
module "folder2" {
source = "./modules/folder"
parent = var.organization_id
name = "hf2"
2021-12-31 03:36:14 -08:00
firewall_policy_association = {
2020-11-23 09:45:18 -08:00
iap-policy = module.folder1.firewall_policy_id["iap-policy"]
}
}
# tftest:modules=2:resources=6
```
2021-12-30 01:56:19 -08:00
2021-12-31 03:20:42 -08:00
Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
<!-- BEGIN TFDOC -->
2021-12-20 23:51:51 -08:00
Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
## Variables
| name | description | type | required | default |
2021-12-20 23:51:51 -08:00
|---|---|:---:|:---:|:---:|
| contacts | List of essential contacts for this resource. Must be in the form EMAIL -> [NOTIFICATION_TYPES]. Valid notification types are ALL, SUSPENSION, SECURITY, TECHNICAL, BILLING, LEGAL, PRODUCT_UPDATES | < code > map( list( string) ) < / code > | | < code > { } < / code > |
| firewall_policies | Hierarchical firewall policies created in this folder. | < code title = "map(map(object({ action = string description = string direction = string logging = bool ports = map(list(string)) priority = number ranges = list(string) target_resources = list(string) target_service_accounts = list(string) })))" > map( map( object( { … } ) ) ) < / code > | | < code > { } < / code > |
2021-12-31 03:36:14 -08:00
| firewall_policy_association | The hierarchical firewall policy to associate to this folder. Must be either a key in the `firewall_policies` map or the id of a policy defined somewhere else. | < code > map( string) </ code > | | < code > {} </ code > |
2021-12-20 23:51:51 -08:00
| firewall_policy_factory | Configuration for the firewall policy factory. | < code title = "object({ cidr_file = string policy_name = string rules_file = string })" > object( { … } ) < / code > | | < code > null< / code > |
| folder_create | Create folder. When set to false, uses id to reference an existing folder. | < code > bool< / code > | | < code > true< / code > |
| group_iam | Authoritative IAM binding for organization groups, in {GROUP_EMAIL => [ROLES]} format. Group emails need to be static. Can be used in combination with the `iam` variable. | < code > map( list( string)) </ code > | | < code > {} </ code > |
| iam | IAM bindings in {ROLE => [MEMBERS]} format. | < code > map( list( string) ) < / code > | | < code > { } < / code > |
| id | Folder ID in case you use folder_create=false | < code > string< / code > | | < code > null< / code > |
| logging_exclusions | Logging exclusions for this folder in the form {NAME -> FILTER}. | < code > map( string) < / code > | | < code > { } < / code > |
| logging_sinks | Logging sinks to create for this folder. | < code title = "map(object({ destination = string type = string filter = string iam = bool include_children = bool exclusions = map(string) }))" > map( object( { … } ) ) < / code > | | < code > { } < / code > |
| name | Folder name. | < code > string< / code > | | < code > null< / code > |
| parent | Parent in folders/folder_id or organizations/org_id format. | < code > string< / code > | | < code > null< / code > |
| policy_boolean | Map of boolean org policies and enforcement value, set value to null for policy restore. | < code > map( bool) < / code > | | < code > { } < / code > |
| policy_list | Map of list org policies, status is true for allow, false for deny, null for restore. Values can only be used for allow or deny. | < code title = "map(object({ inherit_from_parent = bool suggested_value = string status = bool values = list(string) }))" > map( object( { … } ) ) < / code > | | < code > { } < / code > |
Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
## Outputs
| name | description | sensitive |
|---|---|:---:|
2020-11-23 09:45:18 -08:00
| firewall_policies | Map of firewall policy resources created in this folder. | |
| firewall_policy_id | Map of firewall policy ids created in this folder. | |
2020-10-20 06:41:03 -07:00
| folder | Folder resource. | |
| id | Folder id. | |
| name | Folder name. | |
2021-03-31 01:45:35 -07:00
| sink_writer_identities | Writer identities created for each sink. | |
2021-12-20 23:51:51 -08:00
Merge development branch (#44)
* VPN-HA module initial commit
* Added readme for net-vpn-ha module
* Update readme, add simple description
* Merge new modules list and environments foundation example (#30)
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* gke-cluster
* net-vpc module and tests
* add TODO to net-vpc module
* add minimal README files with input/output variables to gke and net-vpc modules
* BigQuery Module (#24)
* Bigquery Module
* Added README file
* Added type hints
* GCS module
* net vpc module: improve secondary range outputs
* net vpc module: add serve project registration
* project module
* move bigquery module to not-ready folder
* folders module
* rename project module's iam variables
* slight tweak to folder module outputs
* gcs module
* simplify net-vpc module variables
* fix module tests configurations, fix net-vpc module tests
* add pydoc utility
* add/update module READMEs
* add/update module READMEs
* add/update module READMEs
* improve variable type summary generation in tfdoc
* tfdoc: add support for replacing doc in README.md files
* improve module READMEs
* net-vpc-firewall module
* add support for sensitive output attribute in tfdoc
* remove empty function from tfdoc
* render variable type as code in tfdoc
* update module READMEs
* net address module
* net cloudnat module
* remove redundant variable from net-cloudnat module
* vpc module: add support for peering, use network name as subnet name prefix
* net-vpn-static module
* net-vpn-static module README
* net-vpn-static module README
* tfdoc: fix error on undeclared variable type
* dns module
* set version for all modules
* kms module (untested)
* change kms key self links output to map, fix gcs and kms iam variable descriptions
* fix kms module
* update kms module readme
* simplify local iam pairs in modules
* service accounts module (unfinished)
* work on service accounts module
* project module: add gcr service account
* project module: update outputs in README
* first working version of the iam service accounts module
* iam service accounts module: extra checks in locals
* modules/net-cloudnat: reorder variables
* modules/net-vpn-dynamic: initial import (untested)
* modules/net-vpn-dynamic: first working version
* modules/net-vpn-dynamic: add outputs for auto-created router
* modules/net-vpn-dynamic: update README
* modules/net-[vpn,cloudnat]: clean up variable,s remove prefix
* modules/net-vpn-dynamic: add advertisement configuration to tunnel bgp peer, refactor variables
* tfdoc: add tooltips for variable types and defaults
* modules: update README variables and outputs
* tfdoc: improve variable default rendering
* modules: update README variables and outputs
* modules/net-vpc: minimal output refactoring
* modules/vm-cos: initial import, base resources working, no outputs
* modules/vm-cos: add variable descriptions
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* tfdoc: fix parsing in type and default blocks
* modules/vm-cos: fix README
* modules/compute-vm: initial working import (not fully tested)
* modules/vm-cos: move to not-ready
* tfdoc: fix variable defaults formatting
* modules: update README files with tfdoc fixes
* modules: add initial examples
* gke-nodepool: initial import, untested
* gke nodepool: add README, fix location variable, set node count default to 1
* gke cluster: fix private cluster variables
* gke nodepool: fix README title
* gke cluster: add output for cluster location
* gke nodepool: add missing variables for project id and cluster name, remove default from location variable, fix gke version assignment
* gke nodepool: update README
* net-cloudnat: fix router name when creating default router
* fix variables used for address and router optional creation
* vpn dynamic: fix README
* modules/net-vpn-dynamic: fix router name output
* modules/compute-vm: remove unused variable
* modules/compute-vm-cos-coredns: initial import
* Update foundations modules versions (#26)
* update foundations modules versions
* update Terraform version to v0.12.19 in CI test configuration
* backport tfdoc from Ludo's branch (#27)
* Update docs using tfdoc format (#28)
* update README files
* set all types on variables
* foundations/environments: move log filter to a variable, use org for xpn by default
* foundations/environments: do not use liens by default
* modules/ntp-vpc: better shared_vpc_host variable description
* modules/logging-sinks: initial version
* modules/logging-sinks: streamline options in sinks variable
* modules/compute-vm-cos-coredns: add support for additional files
* modules/folders: rename from 'folder'
* modules/logging-sinks: fix circular dependencies and improve variables
* modules/project: remove extra variable
* modules/bigquery: new module with dataset support only
* foundations/environments: refactor using local modules
* modules/bigquery: better variables, README description and example
* modules: fix a few READMEs
Co-authored-by: Julio Castillo <juliocc@gmail.com>
* modules/net-vpc: README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc: tweak README description and examples
* modules/net-vpc-firewall: change tag-based rule default ranges, improve README examples and description
* modules/compute-vm: README changes
* modules/compute-vm: use an object for the service account variable, update README
* modules/compute-vm: update README variables table
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add TODO list to README
* modules/compute-vm: add outputs for service account
* modules/net-cloudnat: README
* modules/net-cloudnat: README
* modules/net-cloudnat: add router_create variable
* modules/compute-vm: simplify service account variables
* modules/net-vpn-dynamic: fix README example, use local secret for both empty string and null
* modules/net-vpn-dynamic: improve README example
* modules/gke-cluster: minimal README tweaks
* modules/kms: fix ephemeral keys resource name
* modules/iam-service-accounts: add storage roles
* modules/gke-nodepool: fix node default scopes
* New project variable to prevent deletion of default network (#32)
* New project variable to prevent deletion of default network
This is a workaround to fix
terraform-google-modules/cloud-foundation-fabric#31 while the GCP
terraform provider is fixed
* Add TODOs to remove workarounds in the project module
* Fix Cloud Build files
* modules/gke-nodepool: add monitoring scope to defaults
* modules/iam-service-accounts: add support for IAM bindings onthe service accounts
* playground module in sandbox, remove not ready modules
* Fix ci configurations in development branch (#33)
* try fixing ci confgurations
* add exclusion match to ci boilerplate check
* add skip boilerplate comment to compute-vm-cos-coredns template fragment
* modules/gke-cluster: fix boilerplate in outputs
* Simplify tests, re-enable CI
* add instance group support to compute-vm, start tests refactoring
* modules/compute-vm: group fixes, tests
* modules/compute-vm: minimal test beautification
* simplify top-level pytest fixture
* modules/dns: tests and minor tweaks
* fix missing boilerplate in tests
* re-add requirements file to tests folder
* re-enable tests in ci build configuration
* Folder module tests and fixes (#38)
* folder tests wip
* modules/folders: tests and tweaks
* update folders and compute-vm README files
* modules/gcs: tests and minor tweaks
* Create README.md
* Update README.md
* Update README.md
* Update README.md
* Added docker image for strongSwan
* Add support for routes and tests to net-vpc module (#39)
* modules/net-vpc: add routes (untested)
* initial tests
* modules/net-vpc: add test for flow logs
* modules/net-vpc: split tests into two separate files
* modules/net-vpc: routes test
* modules/net-vpc: test routes
* Add support for Terraform plugin cache in ci test build file (#40)
* add Terraform plugin caching to test ci build configuration
* fix mkdir in test build configuration
* trigger test check
* Refactor dynamic vpn configuration for on-prem-in-a-box module
* Fix dynamic vpn for onprem-in-a-box module
* Migrate Shared VPC example to local modules (#41)
* wip
* wip
* validated, untested
* modules/compute-vm: make service account email in locals resilient to destroy
* modules/project: make project id output depend on iam roles
* fixes
* shared-vpc tweaks
* update diagram
* update README input output tables
* modules/compute-vm: add service account IAM email output
* move GKE service account roles at the project level, add GCE service account roles
* update diagram and README
* modules/project: add extra output for IAM-dependent project id
* update modules READMEs
* minor tweaks
* modules/compute-vm: fix service account output
* remove static address from NAT
* fix container service agent binding dependency
* rename shared vpc
* Update README.md
* Update README.md
* Add static vpn gw to on-prem-in-a-box module
* Refactor hub and spoke to use new modules (#42)
* modules/compute-vm: saner defaults for service account scopes
* hub and spoke refactor, docs still missing
* complete hub and spoke
* Update README.md
* Add toolbox docker container, fix gw routing to the internet
* Add DNS Hybrid connectivity parameters
* Fix onprem dns zone for the static vpn configuration
* Added readme.md for on-prem module
* Add new line at the end of the files
* Add boilerplate for cloudbuild config files
* fix boilerplate in strongswan shell script
* Update README.md
* include missing file to fix merge conflict
* remove missing file to fix merge conflict
* include missing file to fix merge conflict (again)
* remove content from spurious file used to avoid merge conflicts
* Add net-vpc-peering module
* Initial commit for hub-and-spoke-peering infrastructure example
* Fix typos in infrastructure/ READMEs
* remove stale file
* use larger resolution version of hub and spoke diagram
* Update README.md
* Update hub-and-spoke-peerings example to use internal modules
* Add initial project tests (#46)
* modules/project: make prefix optional
* initial project module tests
* modules/project: use null for unset parent
* modules/dns: backport PR6 from the CFT dns module
* Add testing resources including on-prem-in-a-box to hub-and-spoke-peerings example
* Fix firewall rules to allow connectivity, switch to custom route advertisement for onprem -> spokes connectivity
* Move locals out of main.tf
* remove ssh tag from compute-vm variable default
* Add ssh tag to the test vms
* Update README.md
* Update README.md
* Update README.md
* Hub and spoke peering changes (#48)
* rename hub-and-spoke-vpn
* add ssh tag to shared-vpc-gke instance
* rename and rework hub and spoke peering
* fix test requirements
* align hub and spoke peering with module contents
* diagram
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* minimal fixes to onprem examples variable files
* onprem example stub, missing DNS zones and private.googleapis records onprem
* add missing boilerplate
* Update README.md
* Update README.md
* infra/onprem: add test instance and minimal outputs
* add DNS modules and resource
* infra/onprem: diagram and initial README
* minor changes to onprem module and example (#49)
* update toolbox image
* infra/onprem: add zone for private access, add metadata domain to onprem dns
* infra/onprem: onnprem service account, add testing procedure in README
* Update README.md
* infra/onprem: remove extra variable
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* infra/onprem: rename forwarder address variable
* Update README:
Added explicit --tunnel-through-iap for gcloud compute ssh commands
* Update top-level and section READMEs (#50)
* top-level README WIP
* rewrite top-level README
* change top-level README title
* remove initial quote in top-level README
* Update README.md
* Update README.md
* Update README.md
* foundations README
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add experimental scheduled cloud function module
* scheduled cloud function module: allow disabling schedule
* business-units foundation example (#52)
* Added folder-units module.
* Business units example update (WIP)
* Update all BU modules to internal ones
* Refactoring business-units example, add billing and org IAM handling
* update projects tests for new iam additive naming
* update project README for new iam additive naming
* streamline bu example and module (#53)
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* align net-vpn-ha interface with the other vpn modules
* update module README files
* Update README.md
* Update README.md
* Create CHANGELOG.md
* Refactor COS module to be generic (#51)
* Create generic COS module and update CoreDNS module to use it
* Update compute-vm-cos README
* Fix COS README
* Update COS example
* Skip boilerplate check for COS file template
* Make COS module more generic and provide preset configurations
* Update COS module documentation
* tfdoc: add support for multiple variables files
* compute-vm: split boot disk in separate variable file for cos module support
* Streamline cos modules (#54)
* tfdoc: fix bug in last commit
* compute-vm: add support for user-data
* compute-vm: restore noncos variable split
* remove compute-vm-cos-coredns
* compute-vm: revert to original state
* cos-container/coredns
* fix variables mess
* cos/coredns fixes
* cos/mysql
* remove stale compute-vm-cos module
* add test instance to cos modules
* tfdoc: add support for multiple output files
* cos: add initial READMEs
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* add test apply fixture
* cos-coredns: tested
* Update README.md
* Fix typo
* cos-coredns: refactor README
* Update README.md
* test yaml validity in cos modules tests
* cos mysql tests
* cos mysql: refactor and test (disk tests missing)
* onprem: fix Coredns
* cos mysql: additional disk working
* cos modules: fix instance disks for no instance
* update some modules READMEs
* update some modules READMEs
* Update README.md
* Update README.md
* add simple tests for foundations/environments
* change default for org id in foundations/environments to avoid errors when none is specified
* fix null/empty organization id in foundations/environments
* fix errors when destroying on empty state in foundations/environments
* fundations/bu: fix errors when destroying with empty state
* modules/gcs: make outputs resilient on destroy with empty state
* modules/folders: make outputs resilient on destroy with empty state
* switch organization_id variable to long form in foundations/bu and modules/folders-unit
* Update README.md
* infra/shared-vpc: remove duplicate tag attribute from bastion
Co-authored-by: Aleksandr Averbukh <averbukh@google.com>
Co-authored-by: Julio Castillo <juliocc@gmail.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2020-04-03 05:06:48 -07:00
<!-- END TFDOC -->
2021-12-30 01:56:19 -08:00
2021-12-31 03:20:42 -08:00