Julio Castillo
4f123ccc74
Extend tfdoc to generate TOCs
2023-07-28 14:18:28 +02:00
Julio Castillo
74c50f95a8
Add output to org module with custom constraint details and depends_on
2023-07-17 18:49:36 +02:00
Ludovico Magnocavallo
551dc581e8
Implement proper support for data access logs in resource manager modules ( #1497 )
...
* organization module
* rename iam_bindings_authoritative to iam_policy, fix tests
* add support for data access logs and iam policy to folder module
* test inventories
* add support for data access logs and iam policy to project module
2023-07-10 08:08:02 +00:00
Ludovico Magnocavallo
d9f7cef1e7
allow using a separate resource for boot disk ( #1496 )
2023-07-07 15:40:13 +00:00
Ludovico Magnocavallo
6fcb010ff2
Add ToCs to resource manager modules ( #1471 )
...
* organization module
* folder
* project module
2023-06-27 09:36:28 +00:00
Alejandro Leal
15ae95df90
Fixing typos
...
- modules/organization/variables.tf
- modules/organization/README.md
- blueprints/data-solutions/shielded-folder/main.tf
2023-06-23 00:14:02 -04:00
Taneli Leppä
81285065ca
Added module for Secure Web Proxy.
2023-06-13 08:49:58 +02:00
Ludovico Magnocavallo
c024eca320
Add custom tag support to FAST ( #1426 )
...
* initial implementation of custom tags
* depend org policies on tags
* fix test
* integrate default and custom org policy tags
2023-06-07 22:10:27 +00:00
lcaggio
39b27ac25e
Add support for Log Analytics on logging-bucket module and bump provider version ( #1423 )
...
* first commit
* Bump provider versions
* Fix tests
2023-06-07 23:23:28 +02:00
Ludovico Magnocavallo
884cb8b4bf
Ensure all modules have an `id` output ( #1410 )
...
* net-vpc
* a-d
* complete modules
* fix error
2023-06-02 16:07:22 +02:00
Fawzi
4722efea40
bump provider versions
2023-04-11 22:18:31 +10:00
Ludovico Magnocavallo
865ef463bb
Support new fields in bigquery module, bump provider versions, unpin local provider ( #1306 )
...
* add support for new attributes to bigquery module
* bump provider versions
2023-04-05 14:22:52 +00:00
Ludovico Magnocavallo
79a6e9b191
pin local provider ( #1256 )
2023-03-16 10:59:06 +00:00
Dan Farmer
52eb83758f
Fix compute-vm:CloudKMS test for provider>=4.54.0
...
* TF provider >= 4.54.0 now returns `rsa_encrypted_key` for
`google_compute_disk.disks["attached-disk"]` (see
hashicorp/terraform-provider-google#4448 )
* Add this field to expected model to fix test assertion failure
* Update required TF provider to 4.55.0 (latest) since the assertion
will now fail with <4.54.0, which do not return `rsa_encrypted_key`
* Updated the whole repo on advice from @ludoo
2023-02-28 15:10:22 +00:00
Julio Castillo
a5e905cb80
Update remaining org policies
2023-02-21 15:49:16 +01:00
Julio Castillo
62834ca83a
Update READMEs
2023-02-21 15:49:16 +01:00
Julio Castillo
6b767c9035
Simplify org policies data model in resman modules.
2023-02-21 15:49:16 +01:00
Julio Castillo
08f2540872
Bump provider version
2023-02-07 15:59:29 +01:00
Ludovico Magnocavallo
5453c585e0
FAST multitenant bootstrap and resource management, rename org-level FAST stages ( #1052 )
...
* rename stages
* remove support for external org billing, rename output files
* resman: make groups optional, align on new billing account variable
* bootstrap: multitenant outputs
* tenant bootstrap stage, untested
* fix folder name
* fix stage 0 output names
* optional creation for tag keys in organization module
* single tenant bootstrap minus tag
* rename output files, add tenant tag key
* fix organization module tag values output
* test skipping creation for tags in organization module
* single tenant bootstrap plan working
* multitenant bootstrap
* tfdoc
* fix check links error messages
* fix links
* tfdoc
* fix links
* rename fast tests, fix bootstrap tests
* multitenant stages have their own folder, simplify stage numbering
* stage renumbering
* wip
* rename tests
* exclude fast providers in fixture
* stage 0 tests
* stage 1 tests
* network stages tests
* stage tests
* tfdoc
* fix links
* tfdoc
* multitenant tests
* remove local files
* stage links command
* fix links script, TODO
* wip
* wip single tenant bootstrap
* working tenant bootstrap
* update gitignore
* remove local files
* tfdoc
* remove local files
* allow tests for tenant bootstrap stage
* tenant bootstrap proxies stage 1 tfvars
* stage 2 and 3 service accounts and IAM in tenant bootstrap
* wip
* wip
* wip
* drop multitenant bootstrap
* tfdoc
* add missing stage 2 SAs, fix org-level IAM condition
* wip
* wip
* optional tag value creation in organization module
* stage 1 working
* linting
* linting
* READMEs
* wip
* Make stage-links script work in old macos bash
* stage links command help
* fix output file names
* diagrams
* fix svg
* stage 0 skeleton and diagram
* test svg
* test svg
* test diagram
* diagram
* readme
* fix stage links script
* stage 0 readme
* README changes
* stage readmes
* fix outputs order
* fix link
* fix tests
* stage 1 test
* skip stage example
* boilerplate
* fix tftest skip
* default bootstrap stage log sinks to log buckets
* add logging to tenant bootstrap
* move iam variables out of tenant config
* fix cicd, reintroduce missing variable
* use optional in stage 1 cicd variable
* rename extras stage
* rename and move identity providers local, use optional for cicd variable
* tfdoc
* add support for wif pool and providers, ci/cd
* tfdoc
* fix links
* better handling of modules repository
* add missing role on logging project
* fix cicd pools in locals, test cicd
* fix workflow extension
* fix module source replacement
* allow tenant bootstrap cicd sa to impersonate resman sa
* tenant workflow templates fix for no providers file
* fix output files, push github workflow template to new repository
* remove try from outpout files
* align stage 1 cicd internals to stage 0
* tfdoc
* tests
* fix tests
* tests
* improve variable descriptions
* use optional in fast features
* actually create tenant log sinks, and allow the resman sa to do it
* test
* tests
* aaaand tests again
* fast features tenant override
* fast features tenant override
* fix wording
* add missing comment
* configure pf service accounts
* add missing comment
* tfdoc
* tests
* IAM docs
* update copyright
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-02-04 15:00:45 +01:00
Wiktor Niesiobędzki
1a657b31d3
Bump beta provider to 4.48
...
This is the first version that supports `gateway_api_config` block
2023-01-29 15:50:24 +01:00
Julio Castillo
065b1471a8
Reorder org policy rules
2023-01-03 16:52:31 +01:00
Israel Herraiz
7df527e1ef
Bump versions EVERYWHERE
2022-12-23 00:06:42 +01:00
Julio Castillo
e700a27079
Enforce terraform fmt in examples
2022-12-18 14:00:19 +01:00
Julio Castillo
513fdfe91a
Make directive for supporting files in examples more explicit
2022-12-18 14:00:19 +01:00
Julio Castillo
b5ca8932dc
Migrate organization to example-based tests
2022-12-18 14:00:19 +01:00
Ludovico Magnocavallo
f3788fcd27
fix tag outputs ( #1012 )
2022-11-25 13:06:31 +00:00
Julio Castillo
e629a997d1
Only set partitioned table when sink type is bigquery
...
Fixes 990
2022-11-22 15:48:48 +01:00
Julio Castillo
d41dc678e6
Fix organization module
2022-11-21 13:17:55 +01:00
Julio Castillo
2cd74823b1
Generate files based on readme contents
2022-11-18 17:48:52 +01:00
Julio Castillo
b2510ea4cf
Fix org policies factories
2022-11-18 17:48:52 +01:00
Julio Castillo
5cfa1062cc
Ensure inline README file match fixture files
2022-11-18 17:48:52 +01:00
Julio Castillo
7be3288cc7
Add tests for factory examples
2022-11-18 17:48:52 +01:00
Luca Prete
4124ef41fc
Add network tags support to the organization module ( #979 )
2022-11-18 15:56:28 +01:00
Julio Castillo
c83a7de076
Remove as_logging_destination
2022-11-12 19:24:41 +01:00
Julio Castillo
8fe19ad7c2
Rename bigquery_use_partitioned_table
2022-11-12 11:30:34 +01:00
Julio Castillo
486d398c7d
Update logging sink to tf1.3 in resman modules
2022-11-11 19:22:05 +01:00
Aleksandr Averbukh
1419a04147
Update module readme
2022-11-08 18:17:05 +01:00
Aleksandr Averbukh
aae6ab132c
Add tests for org policy custom constraints
2022-11-08 18:13:49 +01:00
Aleksandr Averbukh
3562c52520
Add support for org policy custom constraints
2022-11-08 09:34:38 +01:00
Julio Castillo
4b278a1533
Update variable description
2022-11-03 12:35:50 +01:00
Julio Castillo
5b1873775a
Fix internal links
2022-11-03 12:14:47 +01:00
Julio Castillo
f64c43e893
Add org policy factory example
2022-11-03 12:12:50 +01:00
Julio Castillo
3e18575fad
Add factory support for new org policies
2022-11-03 11:41:53 +01:00
Julio Castillo
38e761c3a8
Add test that ensures the implementation of org policies is consistent
2022-11-02 10:41:38 +01:00
Ludovico Magnocavallo
8c51a2a386
Enable org policy service and add README notice to modules ( #936 )
...
* enable org policy service and add README notice to modules
* fix tests
2022-11-01 14:25:07 +01:00
Julio Castillo
b6c40dcdb3
Update readmes
2022-10-28 17:49:44 +02:00
Julio Castillo
b56b57b974
Fix more copy/past badness
2022-10-28 17:49:44 +02:00
Julio Castillo
c714952f39
Fix tests
2022-10-28 17:49:44 +02:00
Julio Castillo
ad420138ad
Fix readme examples
2022-10-28 17:49:44 +02:00
Julio Castillo
f44f4a74dc
Fix module tests
2022-10-28 17:49:44 +02:00
Julio Castillo
b23d07b0c6
Update project/folder/module to use new org policies API and tf1.3 optionals.
2022-10-28 17:49:44 +02:00
Julio Castillo
1a3bb25917
Update provider version (needed for dns logging support).
2022-10-25 12:15:02 +02:00
Ludovico Magnocavallo
e8056577ce
Refactor GKE nodepool and blueprints ( #875 )
...
* first shot, untested
* example tests working
* module tests
* work on gke blueprints
* multitenant fleet doc examples
* fix gke hub doc examples
* blueprint tests
* move master range to vpc config
* fast stage 3 gke test
* tfdoc
* bump provider versions
* and bump provider again to latest
2022-10-12 12:59:36 +02:00
Natalia Strelkova
5dbc61cb8c
temporary revert to Terraform 1.3.1 to support Cloud Shell
2022-10-10 09:19:55 +00:00
Ludovico Magnocavallo
a0171b2c49
Bump terraform required version ( #864 )
...
* bump terraform required version
* fix test
* debug test
* debug test
* disable test
* fix CI file, bump terraform action version
2022-10-07 12:51:56 +02:00
Julio Castillo
ac835b6d50
Update terraform version
2022-09-28 11:28:05 +02:00
Julio Castillo
269894e92b
Update all internal links examples -> blueprints
2022-09-09 16:39:01 +02:00
Julio Castillo
a866182161
Test documentation examples in the examples/ folder
2022-09-06 17:46:09 +02:00
Simone Ruffilli
a29faa7f8c
instance_termination_action must be set for compute-vm spot instances ( #778 )
...
* Bumped providers version
* Adds ability to control instance_termination_action for SpotVMs
2022-08-20 18:37:17 +02:00
Ludovico Magnocavallo
b20ab65756
GKE hub module refactor ( #760 )
...
GKE hub module refactor
Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com>
Co-authored-by: Miren Esnaola <mirene@google.com>
2022-07-29 08:39:25 +02:00
Julio Castillo
07b00c34fe
Bump providers versions and pin versions for tests
2022-06-28 10:20:40 +02:00
Julio Castillo
0bf1880431
Fix FAST audit logs when using pubsub as destination
...
This commit also splits each organization-level logging sink of type
`logging` to a separate logging bucket.
2022-06-10 12:25:26 +02:00
Ludovico Magnocavallo
ab646f38ed
Bump provider versions to >= 4.17.0, terraform to >= 1.1.0 ( #634 )
...
* bump provider versions to >= 4.17.0, terraform to >= 1.1.0
* bump teraform version in lint check, edit CHANGELOG
2022-04-17 13:55:40 +02:00
Ludovico Magnocavallo
0b5ed8b7ef
Add support for resource management tags and tag bindings ( #552 )
...
* organization module
* folder module
* project module
* fix project binding
* use id instead of name for references
* kms module
* compute-vm
* fix compute-vm
2022-02-20 11:14:18 +01:00
Julio Castillo
52c4b608c2
Rename tf files to use dashes
2022-02-04 08:45:49 +01:00
Simone Ruffilli
abb6b50a46
Add periods at the end of each description field where missing ( #478 )
2022-01-31 10:45:34 +01:00
Julio Castillo
e2abd772f2
Update resman modules ( #475 )
...
* Make logging sinks in different resources use the same API
* Split resman modules in multiple files. Add nullables where applicable
2022-01-29 19:35:33 +01:00
Julio Castillo
eb0ab2c1ec
Split organization module in files, add nullables
2022-01-29 10:55:47 +01:00
Julio Castillo
cf423998f0
Align tftest syntax with tdoc
...
This commit changes the token separator for inline examples from a
semicolon to a space
2022-01-28 21:34:15 +01:00
Ludovico Magnocavallo
1cc59a368d
Update README.md
2022-01-28 08:53:21 +01:00
apichick
6dbb7fc6b2
removed boolean flag used to authorize the sink writer identity on the destination
2022-01-27 17:44:27 +01:00
Julio Castillo
31f625f149
Link vars and outputs from README
2022-01-22 14:15:16 +01:00
apichick
5ac828dd85
replaced firewall_policy_attachments with firewall_policy_association in example
2022-01-19 20:55:55 +01:00
Julio Castillo
2728c4aac1
Fix all internal links
2022-01-11 11:53:19 +01:00
Simone Ruffilli
ee25965c89
Copyright bump ( #410 )
2022-01-01 15:52:31 +01:00
Julio Castillo
d4adcaced0
Fix typo.
2021-12-31 13:20:21 +01:00
Julio Castillo
f78902aee8
Update hierarchical firewall resource
...
This replaces all the `google_compute_organization_security_*`
resources with the newer `google_compute_firewall_*` resources.
2021-12-31 13:06:35 +01:00
Simone Ruffilli
640a5fe39c
Org/Folder: Allow for policy association when using rule factory ( #405 )
...
* Org/Folder: Allow for policy association when using rule factory
* Fix linting issue
2021-12-31 12:20:42 +01:00
Ludovico Magnocavallo
2bc5f7d33c
update tfdoc ( #404 )
2021-12-30 10:56:19 +01:00
Ludovico Magnocavallo
197e7cbe19
Fix ignore changes for hfw rules ( #401 )
...
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes #339
* fix ignore changes in org and folder module
2021-12-22 11:00:44 +01:00
Ludovico Magnocavallo
e2f5b96f4a
Ludo hfw fixes ( #400 )
...
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes #339
2021-12-22 10:46:27 +01:00
Ludovico Magnocavallo
1ac3fe4460
New tfdoc version ( #396 )
...
* update tfdoc
* rewrite check docs, refactor tfdoc replace, regenerate modules READMEs
* remove dead code from check docs
* do not fail on missing variable files in check docs
* fix typos
2021-12-21 08:51:51 +01:00
Ludovico Magnocavallo
174de3a087
Organization module refactor, in-module firewall policy factory for organization and folder ( #385 )
...
* move iam and logging to separate files, minimal refactoring
* update README
* fix example
* factory
* tfdoc
* boilerplate
* remove data_folder variable
* tfdoc
* fix default factory name
* add firewall policy to folder module
* add factory example
2021-12-13 08:41:02 +01:00
lcaggio
546385d3ee
Add support for partitioned tables on Organization sinks ( #380 )
...
* Add support for partioned tables on Organization sinks
* Update changelog
* Fix lint
* Fix lint
* Use simple bool instead of block
* fix README
* Fix Readme
* Rename variable
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2021-12-09 09:55:47 +01:00
Ludovico Magnocavallo
357f6d5939
depend log sinks from IAM roles, fixes #371
2021-12-01 12:08:04 +01:00
Ludovico Magnocavallo
f6775aca1b
Use the same versions file everywhere, pin to tf 1.0+ provider 4.0+ ( #355 )
...
* add default versions file, remove old providers and versions
* use default versions file everywhere
* fix kms module
* re-add provider configuration for data platform step 2
* update kms module outputs sorting
* update kms documentation
* fix data solutions tests
* fix GKE workload identity attribute name
* work around firewall provider issue in datafusion example
2021-11-03 15:05:43 +01:00
Ludovico Magnocavallo
dcb1e32097
update test params after README fix
2021-10-14 20:15:31 +02:00
Ludovico Magnocavallo
0f22bce9e2
Update README.md
2021-10-12 09:40:10 +02:00
Julio Castillo
1d13e3e624
Add more validations to linter
...
- Ensure all variables and outputs are sorted
- Ensure all variables and outputs have a description
- Add data-solutions/data-platform-foundations to linter
Fix all modules to follow these new conventions.
2021-10-08 18:26:04 +02:00
Julio Castillo
a1152003c6
Output role information from organization module
2021-09-13 17:36:21 +02:00
Ludovico Magnocavallo
f8413cc98e
Add support for group-based IAM to resource management modules ( #229 )
...
* group_iam support for organization
* group_iam support for folder
* fix typo in variable description
* add group_iam to project module
* update project module README
2021-04-11 14:48:16 +02:00
Julio Castillo
7ca2e60399
Fix tests
2021-03-31 10:45:35 +02:00
Julio Castillo
94b1a439ee
Fix IAM bindings for logging sinks
...
- Move to non-authoritative bindings to allow multiple sinks to write to
the same destination
- Allow automatically adding logging bucket IAM bindings
2021-03-31 09:59:28 +02:00
Julio Castillo
f5fb28b4b2
Merge pull request #203 from terraform-google-modules/jccb/log-buckets
...
Support for Cloud Logging buckets
2021-03-05 08:43:38 +01:00
Ludovico Magnocavallo
86b88e0634
fix modules version constraints ( #206 )
2021-03-05 08:41:59 +01:00
Ludovico Magnocavallo
605ec7c4d1
depend org module resources for policy etc from IAM bindings ( #204 )
2021-03-05 08:19:39 +01:00
Julio Castillo
ad68fc4dfa
Support for cloud logging buckets
2021-03-03 14:23:59 +01:00
Julio Castillo
2d9d81e061
Add support for essential contacts
2021-02-24 18:34:17 +01:00
Julio Castillo
1e11c670f5
Update copyright to 2021
2021-02-15 09:38:10 +01:00
Roberto Jung Drebes
177a4d7f2c
update README.md for org module with new parameters
2020-12-10 09:36:32 +00:00