From eb5754e47519aae89d238ef214e99d5323f4094a Mon Sep 17 00:00:00 2001 From: Luca Prete Date: Fri, 31 May 2024 09:09:31 +0300 Subject: [PATCH] [FAST] Rename stage 2-networking-d-separate-envs to 2-netwroking-c-separate-envs (#2328) Co-authored-by: Luca Prete --- blueprints/gcve/pc-minimal/README.md | 2 +- .../.gitignore | 0 .../IAM.md | 0 .../README.md | 0 .../data/cidrs.yaml | 0 .../data/dashboards/firewall_insights.json | 0 .../vpc_and_vpc_peering_group_quotas.json | 0 .../data/dashboards/vpn.json | 0 .../data/dns-policy-rules.yaml | 0 .../data/firewall-rules/dev/default-ingress.yaml | 0 .../data/firewall-rules/dev/rules.yaml | 0 .../data/firewall-rules/prod/default-ingress.yaml | 0 .../data/hierarchical-ingress-rules.yaml | 0 .../data/subnets/dev/dev-dataplatform-ew1.yaml | 0 .../data/subnets/dev/dev-default-ew1.yaml | 0 .../data/subnets/dev/dev-gke-nodes-ew1.yaml | 0 .../data/subnets/prod/prod-default-ew1.yaml | 0 .../diagram.png | Bin .../diagram.svg | 0 .../dns-dev.tf | 0 .../dns-prod.tf | 0 .../main.tf | 0 .../monitoring-vpn-onprem.tf | 0 .../monitoring.tf | 0 .../net-dev.tf | 0 .../net-prod.tf | 0 .../outputs.tf | 0 .../regions.tf | 0 .../test-resources.tf | 0 .../variables-fast.tf | 0 .../variables.tf | 0 .../vpn-onprem.tf | 0 fast/stages/README.md | 4 ++-- .../simple.tfvars | 0 .../simple.yaml | 0 .../tftest.yaml | 4 ++-- 36 files changed, 5 insertions(+), 5 deletions(-) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/.gitignore (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/IAM.md (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/README.md (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/cidrs.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/dashboards/firewall_insights.json (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/dashboards/vpc_and_vpc_peering_group_quotas.json (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/dashboards/vpn.json (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/dns-policy-rules.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/firewall-rules/dev/default-ingress.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/firewall-rules/dev/rules.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/firewall-rules/prod/default-ingress.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/hierarchical-ingress-rules.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/subnets/dev/dev-dataplatform-ew1.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/subnets/dev/dev-default-ew1.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/subnets/dev/dev-gke-nodes-ew1.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/data/subnets/prod/prod-default-ew1.yaml (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/diagram.png (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/diagram.svg (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/dns-dev.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/dns-prod.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/main.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/monitoring-vpn-onprem.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/monitoring.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/net-dev.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/net-prod.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/outputs.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/regions.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/test-resources.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/variables-fast.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/variables.tf (100%) rename fast/stages/{2-networking-d-separate-envs => 2-networking-c-separate-envs}/vpn-onprem.tf (100%) rename tests/fast/stages/{s2_networking_d_separate_envs => s2_networking_c_separate_envs}/simple.tfvars (100%) rename tests/fast/stages/{s2_networking_d_separate_envs => s2_networking_c_separate_envs}/simple.yaml (100%) rename tests/fast/stages/{s2_networking_d_separate_envs => s2_networking_c_separate_envs}/tftest.yaml (89%) diff --git a/blueprints/gcve/pc-minimal/README.md b/blueprints/gcve/pc-minimal/README.md index a749b787..955e7ef6 100644 --- a/blueprints/gcve/pc-minimal/README.md +++ b/blueprints/gcve/pc-minimal/README.md @@ -30,7 +30,7 @@ Based on our GCP best practices, a GCVE private cloud relies on user groups to a ### Network -This blueprints expects the user to provision a VPC upfront, either from one of the FAST networking stages (e.g. [Networking with separated single environment](../../../fast/stages/2-networking-d-separate-envs)) or from an external source. +This blueprints expects the user to provision a VPC upfront, either from one of the FAST networking stages (e.g. [Networking with separated single environment](../../../fast/stages/2-networking-c-separate-envs)) or from an external source. The blueprint can optionally configure the [VMware Engine Network peering](https://cloud.google.com/vmware-engine/docs/networking/peer-vpc-network) on the peer VPC by granting the following permissions on the project that hosts the VPC: - vmwareengine.networkPeerings.create - vmwareengine.networkPeerings.get diff --git a/fast/stages/2-networking-d-separate-envs/.gitignore b/fast/stages/2-networking-c-separate-envs/.gitignore similarity index 100% rename from fast/stages/2-networking-d-separate-envs/.gitignore rename to fast/stages/2-networking-c-separate-envs/.gitignore diff --git a/fast/stages/2-networking-d-separate-envs/IAM.md b/fast/stages/2-networking-c-separate-envs/IAM.md similarity index 100% rename from fast/stages/2-networking-d-separate-envs/IAM.md rename to fast/stages/2-networking-c-separate-envs/IAM.md diff --git a/fast/stages/2-networking-d-separate-envs/README.md b/fast/stages/2-networking-c-separate-envs/README.md similarity index 100% rename from fast/stages/2-networking-d-separate-envs/README.md rename to fast/stages/2-networking-c-separate-envs/README.md diff --git a/fast/stages/2-networking-d-separate-envs/data/cidrs.yaml b/fast/stages/2-networking-c-separate-envs/data/cidrs.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/cidrs.yaml rename to fast/stages/2-networking-c-separate-envs/data/cidrs.yaml diff --git a/fast/stages/2-networking-d-separate-envs/data/dashboards/firewall_insights.json b/fast/stages/2-networking-c-separate-envs/data/dashboards/firewall_insights.json similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/dashboards/firewall_insights.json rename to fast/stages/2-networking-c-separate-envs/data/dashboards/firewall_insights.json diff --git a/fast/stages/2-networking-d-separate-envs/data/dashboards/vpc_and_vpc_peering_group_quotas.json b/fast/stages/2-networking-c-separate-envs/data/dashboards/vpc_and_vpc_peering_group_quotas.json similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/dashboards/vpc_and_vpc_peering_group_quotas.json rename to fast/stages/2-networking-c-separate-envs/data/dashboards/vpc_and_vpc_peering_group_quotas.json diff --git a/fast/stages/2-networking-d-separate-envs/data/dashboards/vpn.json b/fast/stages/2-networking-c-separate-envs/data/dashboards/vpn.json similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/dashboards/vpn.json rename to fast/stages/2-networking-c-separate-envs/data/dashboards/vpn.json diff --git a/fast/stages/2-networking-d-separate-envs/data/dns-policy-rules.yaml b/fast/stages/2-networking-c-separate-envs/data/dns-policy-rules.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/dns-policy-rules.yaml rename to fast/stages/2-networking-c-separate-envs/data/dns-policy-rules.yaml diff --git a/fast/stages/2-networking-d-separate-envs/data/firewall-rules/dev/default-ingress.yaml b/fast/stages/2-networking-c-separate-envs/data/firewall-rules/dev/default-ingress.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/firewall-rules/dev/default-ingress.yaml rename to fast/stages/2-networking-c-separate-envs/data/firewall-rules/dev/default-ingress.yaml diff --git a/fast/stages/2-networking-d-separate-envs/data/firewall-rules/dev/rules.yaml b/fast/stages/2-networking-c-separate-envs/data/firewall-rules/dev/rules.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/firewall-rules/dev/rules.yaml rename to fast/stages/2-networking-c-separate-envs/data/firewall-rules/dev/rules.yaml diff --git a/fast/stages/2-networking-d-separate-envs/data/firewall-rules/prod/default-ingress.yaml b/fast/stages/2-networking-c-separate-envs/data/firewall-rules/prod/default-ingress.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/firewall-rules/prod/default-ingress.yaml rename to fast/stages/2-networking-c-separate-envs/data/firewall-rules/prod/default-ingress.yaml diff --git a/fast/stages/2-networking-d-separate-envs/data/hierarchical-ingress-rules.yaml b/fast/stages/2-networking-c-separate-envs/data/hierarchical-ingress-rules.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/hierarchical-ingress-rules.yaml rename to fast/stages/2-networking-c-separate-envs/data/hierarchical-ingress-rules.yaml diff --git a/fast/stages/2-networking-d-separate-envs/data/subnets/dev/dev-dataplatform-ew1.yaml b/fast/stages/2-networking-c-separate-envs/data/subnets/dev/dev-dataplatform-ew1.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/subnets/dev/dev-dataplatform-ew1.yaml rename to fast/stages/2-networking-c-separate-envs/data/subnets/dev/dev-dataplatform-ew1.yaml diff --git a/fast/stages/2-networking-d-separate-envs/data/subnets/dev/dev-default-ew1.yaml b/fast/stages/2-networking-c-separate-envs/data/subnets/dev/dev-default-ew1.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/subnets/dev/dev-default-ew1.yaml rename to fast/stages/2-networking-c-separate-envs/data/subnets/dev/dev-default-ew1.yaml diff --git a/fast/stages/2-networking-d-separate-envs/data/subnets/dev/dev-gke-nodes-ew1.yaml b/fast/stages/2-networking-c-separate-envs/data/subnets/dev/dev-gke-nodes-ew1.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/subnets/dev/dev-gke-nodes-ew1.yaml rename to fast/stages/2-networking-c-separate-envs/data/subnets/dev/dev-gke-nodes-ew1.yaml diff --git a/fast/stages/2-networking-d-separate-envs/data/subnets/prod/prod-default-ew1.yaml b/fast/stages/2-networking-c-separate-envs/data/subnets/prod/prod-default-ew1.yaml similarity index 100% rename from fast/stages/2-networking-d-separate-envs/data/subnets/prod/prod-default-ew1.yaml rename to fast/stages/2-networking-c-separate-envs/data/subnets/prod/prod-default-ew1.yaml diff --git a/fast/stages/2-networking-d-separate-envs/diagram.png b/fast/stages/2-networking-c-separate-envs/diagram.png similarity index 100% rename from fast/stages/2-networking-d-separate-envs/diagram.png rename to fast/stages/2-networking-c-separate-envs/diagram.png diff --git a/fast/stages/2-networking-d-separate-envs/diagram.svg b/fast/stages/2-networking-c-separate-envs/diagram.svg similarity index 100% rename from fast/stages/2-networking-d-separate-envs/diagram.svg rename to fast/stages/2-networking-c-separate-envs/diagram.svg diff --git a/fast/stages/2-networking-d-separate-envs/dns-dev.tf b/fast/stages/2-networking-c-separate-envs/dns-dev.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/dns-dev.tf rename to fast/stages/2-networking-c-separate-envs/dns-dev.tf diff --git a/fast/stages/2-networking-d-separate-envs/dns-prod.tf b/fast/stages/2-networking-c-separate-envs/dns-prod.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/dns-prod.tf rename to fast/stages/2-networking-c-separate-envs/dns-prod.tf diff --git a/fast/stages/2-networking-d-separate-envs/main.tf b/fast/stages/2-networking-c-separate-envs/main.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/main.tf rename to fast/stages/2-networking-c-separate-envs/main.tf diff --git a/fast/stages/2-networking-d-separate-envs/monitoring-vpn-onprem.tf b/fast/stages/2-networking-c-separate-envs/monitoring-vpn-onprem.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/monitoring-vpn-onprem.tf rename to fast/stages/2-networking-c-separate-envs/monitoring-vpn-onprem.tf diff --git a/fast/stages/2-networking-d-separate-envs/monitoring.tf b/fast/stages/2-networking-c-separate-envs/monitoring.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/monitoring.tf rename to fast/stages/2-networking-c-separate-envs/monitoring.tf diff --git a/fast/stages/2-networking-d-separate-envs/net-dev.tf b/fast/stages/2-networking-c-separate-envs/net-dev.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/net-dev.tf rename to fast/stages/2-networking-c-separate-envs/net-dev.tf diff --git a/fast/stages/2-networking-d-separate-envs/net-prod.tf b/fast/stages/2-networking-c-separate-envs/net-prod.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/net-prod.tf rename to fast/stages/2-networking-c-separate-envs/net-prod.tf diff --git a/fast/stages/2-networking-d-separate-envs/outputs.tf b/fast/stages/2-networking-c-separate-envs/outputs.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/outputs.tf rename to fast/stages/2-networking-c-separate-envs/outputs.tf diff --git a/fast/stages/2-networking-d-separate-envs/regions.tf b/fast/stages/2-networking-c-separate-envs/regions.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/regions.tf rename to fast/stages/2-networking-c-separate-envs/regions.tf diff --git a/fast/stages/2-networking-d-separate-envs/test-resources.tf b/fast/stages/2-networking-c-separate-envs/test-resources.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/test-resources.tf rename to fast/stages/2-networking-c-separate-envs/test-resources.tf diff --git a/fast/stages/2-networking-d-separate-envs/variables-fast.tf b/fast/stages/2-networking-c-separate-envs/variables-fast.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/variables-fast.tf rename to fast/stages/2-networking-c-separate-envs/variables-fast.tf diff --git a/fast/stages/2-networking-d-separate-envs/variables.tf b/fast/stages/2-networking-c-separate-envs/variables.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/variables.tf rename to fast/stages/2-networking-c-separate-envs/variables.tf diff --git a/fast/stages/2-networking-d-separate-envs/vpn-onprem.tf b/fast/stages/2-networking-c-separate-envs/vpn-onprem.tf similarity index 100% rename from fast/stages/2-networking-d-separate-envs/vpn-onprem.tf rename to fast/stages/2-networking-c-separate-envs/vpn-onprem.tf diff --git a/fast/stages/README.md b/fast/stages/README.md index 82a52d94..933039c7 100644 --- a/fast/stages/README.md +++ b/fast/stages/README.md @@ -37,8 +37,8 @@ Implemented as an [add-on stage 1](./1-tenant-factory/), with optional FAST comp - [Security](2-security/README.md) Manages centralized security configurations in a separate stage, and is typically owned by the security team. This stage implements VPC Security Controls via separate perimeters for environments and central services, and creates projects to host centralized KMS keys used by the whole organization. It's meant to be easily extended to include other security-related resources which are required, like Secret Manager.\ Exports: KMS key ids -- Networking ([Peering/VPN](2-networking-a-simple/README.md)/[NVA (w/ optional BGP support)](2-networking-b-nva/README.md)/[Separate environments](2-networking-d-separate-envs/README.md)) - Manages centralized network resources in a separate stage, and is typically owned by the networking team. This stage implements a hub-and-spoke design, and includes connectivity via VPN to on-premises, and YAML-based factories for firewall rules (hierarchical and VPC-level) and subnets. It's currently available in four flavors: [spokes connected via VPC peering/VPN](2-networking-a-simple/README.md), [spokes connected via appliances (w/ optional BGP support)](2-networking-b-nva/README.md) and [separated network environments](2-networking-d-separate-envs/README.md).\ +- Networking ([Peering/VPN](2-networking-a-simple/README.md)/[NVA (w/ optional BGP support)](2-networking-b-nva/README.md)/[Separate environments](2-networking-c-separate-envs/README.md)) + Manages centralized network resources in a separate stage, and is typically owned by the networking team. This stage implements a hub-and-spoke design, and includes connectivity via VPN to on-premises, and YAML-based factories for firewall rules (hierarchical and VPC-level) and subnets. It's currently available in four flavors: [spokes connected via VPC peering/VPN](2-networking-a-simple/README.md), [spokes connected via appliances (w/ optional BGP support)](2-networking-b-nva/README.md) and [separated network environments](2-networking-c-separate-envs/README.md).\ Exports: host project ids and numbers, vpc self links ## Environment-level resources (3) diff --git a/tests/fast/stages/s2_networking_d_separate_envs/simple.tfvars b/tests/fast/stages/s2_networking_c_separate_envs/simple.tfvars similarity index 100% rename from tests/fast/stages/s2_networking_d_separate_envs/simple.tfvars rename to tests/fast/stages/s2_networking_c_separate_envs/simple.tfvars diff --git a/tests/fast/stages/s2_networking_d_separate_envs/simple.yaml b/tests/fast/stages/s2_networking_c_separate_envs/simple.yaml similarity index 100% rename from tests/fast/stages/s2_networking_d_separate_envs/simple.yaml rename to tests/fast/stages/s2_networking_c_separate_envs/simple.yaml diff --git a/tests/fast/stages/s2_networking_d_separate_envs/tftest.yaml b/tests/fast/stages/s2_networking_c_separate_envs/tftest.yaml similarity index 89% rename from tests/fast/stages/s2_networking_d_separate_envs/tftest.yaml rename to tests/fast/stages/s2_networking_c_separate_envs/tftest.yaml index 591f0bc1..573cd834 100644 --- a/tests/fast/stages/s2_networking_d_separate_envs/tftest.yaml +++ b/tests/fast/stages/s2_networking_c_separate_envs/tftest.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google LLC +# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -module: fast/stages/2-networking-d-separate-envs +module: fast/stages/2-networking-c-separate-envs tests: simple: