lcaggio
aa9b1479b7
Data catalog Tag module ( #2060 )
...
* First commit
* Update README
* Add todo
* Fix required_version
2024-02-13 17:24:17 +01:00
Wiktor Niesiobędzki
72183be254
Use less conflicting IP
2024-02-13 07:40:31 +01:00
Ludovico Magnocavallo
71a64487d5
Extend FAST to support different principal types ( #2064 )
...
* add doc draft
* typos
* typo
* typo
* typos
* rewording
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* move iam variables to a separate file
* move billing-account module to iam_principals
* move data-catalog-policy-tag module to iam_principals
* move dataplex-datascan module to iam_principals
* move dataproc module to iam_principals
* move folder module to iam_principals
* copyright
* move organization module to iam_principals
* move project module to iam_principals
* move source-repository module to iam_principals
* update blueprints for iam_principals interface
* FAST bootstrap
* module READMEs fixes
* FAST bootstrap
* FAST networking stages
* FAST security stage
* FAST gke stage
* FAST multitenant bootstrap stage
* FAST multitenant resman stage
* tfdoc
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* fix module test
* Update 0-domainless-iam.md
* Update 0-domainless-iam.md
* Rename iam_principals to iam_by_principals
* Update IAM template to include iam_by_principals
* Update Resman README
* Fix ADR link format
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-02-12 14:35:30 +01:00
lcaggio
50c7d3c0e9
Add Tags in project output. ( #2062 )
2024-02-09 10:42:18 +01:00
Wiktor Niesiobędzki
2c9eb5795b
Bum terraform to version 1.7.0
2024-02-07 17:25:11 +01:00
luigi-bitonti
cb9a9ab373
Added destroy_scheduled_duration variable ( #2053 )
...
* Added destroy_scheduled_duration variable
* Fix doc
* Removed default value
2024-02-07 15:47:49 +00:00
Deepak Kumar
27e503a3ac
fix: auto_provisioning_defaults is not really optional ( #2051 )
...
Due to the disk_type validation for auto provision node pool,
this module always forced to create a GKE standard cluster
with a auto provisioned node pool. This is not desirable if
you manage pools separately like using the `gke-nodepool`.
2024-02-06 07:09:13 +01:00
Harald Haas
dda0250c4c
Fix dnssec_config issue on state off ( #2035 )
2024-02-01 06:53:32 +00:00
Ludovico Magnocavallo
01c7f806ce
Selectively enable logging in FAST and firewall policy module rules ( #2032 )
...
* use logging in firewall policy module examples
* enable logging for selected hierarchical firewall rules
2024-01-31 09:50:35 +01:00
Julio Castillo
da95434308
logging for default ingress rules in FAST ( #2030 )
...
* Add default ingress deny rule with logging to FAST net stages.
Fixes #2024
* Allow firewall factory to omit rules key
* Fix tests
* Fix fast tests
* fix fast tests
2024-01-30 16:53:01 +00:00
shourya116
7b58114d65
Updated the DataQualitySpec for Dataplex Datascan ( #2008 )
...
* Updated the DataQualitySpec for Dataplex Datascan
* Fix linting
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2024-01-30 15:14:49 +00:00
lcaggio
37fc16ab42
Fix tests in README ( #2027 )
2024-01-30 11:04:47 +00:00
Ludovico Magnocavallo
bf93b6fb4e
fix typo in logging sinks interface ( #2015 )
2024-01-28 10:27:28 +01:00
lcaggio
19dc6090fc
Add Tag Template module ( #2013 )
...
* Tag policy module
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2024-01-27 12:30:21 +01:00
Blake Corbitt
9c1afa6261
Issue #2011 - add support for target_resources in hierarchical policy for net-firewall-policy module. ( #2012 )
...
* Issue #2011 - Add support for target_resources in hierarchical firewall policy
* Removing errant character in factory.tf
2024-01-25 17:56:17 +00:00
Amela Spica
1a8400e60e
Fixes and additional support for ssl_mode for CloudSQL module ( #2002 )
...
* added ssl mode, ignore password change and maintenance fix
* validation - ssl mode can be null
* removed ignore password
* readme update
* added moved, shortened ssl_mode desc
* order fix
* fmt
* created ssl variable
* handle exceptions
* removed null from optional
* change ssl from null to empty object
* output ordered alphabetically
* readme update
* default value of require_ssl
2024-01-25 16:29:07 +01:00
Ludovico Magnocavallo
6d9b6403dd
add support for essential contacts to FAST ( #2010 )
2024-01-25 12:20:14 +01:00
Ludovico Magnocavallo
c5416f3af1
Tighten up security of automation project (CSPR-related) ( #2009 )
...
* enforce compute/iam policies on the automation project
* tests
2024-01-24 18:40:36 +00:00
marcjwo
6b4dad01d6
Marcwo/dataform module ( #2001 )
...
* pre PR commit
* added IAM functionality
* clean up of readme
* versions.tf fix
* added separate iam.tf, facilitated existing secret manager module
* corrected optional variable defaults
* adjusted readme to new changes
* adjusted tftest line in readme for changed example
* reverted the module back to a state where it only manages one instance
* minor fix for main readme.md
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-01-24 17:13:21 +01:00
Miro Michalicka
15439c3f5b
Fix named ranges behaviour if cidr_tpl_file variable not provided. ( #2005 )
...
* Fix named ranges behaviour if cidr_tpl_file variable not provided.
* Fix and extend tests.
* fix map syntax
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2024-01-24 11:18:11 +00:00
Wiktor Niesiobędzki
526185fd1f
Remove default region for Cloud Function and Cloud Run ( #2004 )
...
Remove default region for Cloud Function and Cloud Run
2024-01-24 10:23:40 +00:00
Wiktor Niesiobędzki
277777d1c7
Fix DNS E2E test + add one to net-lb-app-int-cross-region ( #1993 )
...
* Fix DNS E2E test + add one to net-lb-app-int-cross-region
* Update README.md
* Fix inventory for tests
* Fix tests
* Fix number of resources
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-01-23 16:34:45 +01:00
luigi-bitonti
0ef7ee4670
Added beta apis feature ( #1999 )
2024-01-23 11:09:22 +00:00
Ludovico Magnocavallo
37dc48bca4
fix factory type for firewall rule ports ( #1996 )
2024-01-21 12:38:24 +01:00
dibaskar-google
4ed738688a
dns reponse policy e2e changes ( #1994 )
...
dns reponse policy e2e changes
2024-01-20 19:47:02 +01:00
Ludovico Magnocavallo
11d7edac64
Add example to FAST GKE stage, streamline GKE Hub module variables and usage ( #1977 )
...
* implement optionals in gke-hub module
* simplify gke hub module call in mc mesh blueprint
* simplify gke hub module call and variables in multitenant blueprint
* gke hub inventory
* provide cluster and fleet examples in stage
2024-01-20 10:06:38 +00:00
Deepak Kumar
d62012cebc
Specify `docker_repository` field for google_cloudfunctions2_function ( #1987 )
...
* fix: allow configuring `docker_repository` for cloud-function2
When docker repository is not specified by default docker repository
`projects/PROJECT_ID/locations/REGION/repositories/gcf-artifacts` is used.
In such a case, terraform plan always generates a difference for `docker_repository`
field as the module passes null value but the tfstate file has the above specified
default value. This fix allows one to prevent unnecessary infrastructure change when
using the default repository as well as any user created repository.
* doc: updated README for cloud-function-v2
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2024-01-20 09:40:26 +00:00
Wiktor Niesiobędzki
09176feaec
Fix typo in example
2024-01-18 19:46:53 +01:00
apichick
228a4a82c3
Fixed README and test for dns module
2024-01-18 19:04:03 +01:00
apichick
4bf394a916
Added health checked targets for geo routing policy in dns module
...
Added health checked targets for geo routing policy in dns module
2024-01-18 16:39:56 +01:00
Tahar JEGHAM
1c99bae649
feat: enable mtls on external application application load balancer ( #1979 )
...
* feat: enable mtls on external application application load balancer
* refactor: move variable inside https_proxy_config block
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-01-17 06:24:54 +00:00
Luca Prete
bc506795f2
compute-vm: add resource manager tags support for instance templates ( #1982 )
2024-01-16 17:40:15 +00:00
apichick
5ba54aeaf7
Added Cross-region internal application load balancer module
2024-01-16 17:54:50 +01:00
Viliam Pucik
5372361b8c
Proper validation of empty string value in identity_type ( #1980 )
2024-01-16 10:28:30 +01:00
Viliam Pucik
19eb247849
Fix identity_type ( #1978 )
...
* Allow empty string for 'identity_type' supported by Google provider and use correct value name for ingress 'identity_type'
* Sanitizing variables as the logical operators in Terraform do not short-circuit.
2024-01-15 20:40:06 +00:00
luigi-bitonti
cec11d2d55
Add support for service_external_ips_config to GKE cluster modules ( #1970 )
...
* Added variable in gke standard and autopilot modules
* Changed variable position
* Added dynamic block
2024-01-12 11:50:53 +01:00
Julio Castillo
46f437fd5d
use provided SA for cloud function v2 trigger ( #1968 )
2024-01-08 16:39:01 +00:00
Jan Toth
d1746b8bd1
Support for ANY_USER_ACCOUNT in module vpc-sc egress rule. ( #1966 )
2024-01-08 14:23:07 +01:00
Wiktor Niesiobędzki
af41e0fe38
Use fixtures in net-lb-ext
2024-01-06 17:09:49 +01:00
Jason Steenblik
e10664984e
Create bigtable service identity with project if api is enabled ( #1958 )
2024-01-06 16:38:08 +01:00
Wiktor Niesiobędzki
39822888ad
Add support for subnetwork for external addresses
...
For IPv6 it is necessary to provide subnetwork when reserving external
address.
2024-01-06 14:02:52 +01:00
Wiktor Niesiobędzki
b92135a56d
Remove null address for PSC
...
null address results in following error:
Error creating GlobalAddress: googleapi: Error 400: Invalid value for field 'resource.address': ''. The field is not a valid IP address or does not match the given prefix length, invalid
2024-01-06 14:02:52 +01:00
Wiktor Niesiobędzki
3470661993
IPv6 address reservation not supported for ILB
...
Error creating Address: googleapi: Error 400: Invalid value for field 'resource.purpose': 'SHARED_LOADBALANCER_VIP'. Shared LoadBalancer VIP IPv6 address reservation is not supported., invalid
2024-01-06 14:02:52 +01:00
Wiktor Niesiobędzki
8afdf66a09
Add end-to-end tests for net-address
2024-01-06 14:02:52 +01:00
Wiktor Niesiobędzki
0e39676c99
Remove tier for internall addresses
...
Error creating Address: googleapi: Error 400: Invalid value for field 'resource.networkTier': 'STANDARD'. An address with type INTERNAL cannot have a network tier., invalid
2024-01-06 14:02:52 +01:00
Wiktor Niesiobędzki
2a66fcab2e
Fix HTTP to HTTPS example
2024-01-06 12:05:53 +01:00
Wiktor Niesiobędzki
05dd4b89b6
Enable E2E tests for net-lb-app-ext-regional
...
HTTP to HTTPS needs work, now fails with:
Error: Error creating ForwardingRule: googleapi: Error 400: Invalid value for field 'resource.IPAddress': '34.160.52.156'. Invalid IP address specified., invalid
with module.ralb-test-0-redirect.google_compute_forwarding_rule.default,
on fabric/modules/net-lb-app-ext-regional/main.tf line 32, in resource "google_compute_forwarding_rule" "default":
32: resource "google_compute_forwarding_rule" "default" {
2024-01-06 12:05:53 +01:00
Wiktor Niesiobędzki
a6e377fad2
Rename compute-mig-bc.tf to compute-vm-group-bc.tf
2024-01-06 12:05:53 +01:00
Julio Castillo
4e6d65b466
Update README.md
2024-01-05 17:30:34 +01:00
Julio Castillo
8beb621e07
New module for external regional application load balancer ( #1892 )
...
* Initial version of regional external application load balancer.
* Fix tests
* Remove unsupported features in regional app lbs
* update readme with fixtures
* Add ssl-certificate fixture
* Switch examples to regions b c
* Remove redundant NEG examples
* Update README
* Update versions.tf
* Add missing boilerplate
2024-01-05 16:59:27 +01:00
Stefano Tribioli
0ca3203e52
Capitalize Private Network Access
2024-01-05 15:05:32 +00:00
Stefano Tribioli
a4def10c19
Add PNA support to Service Directory module
...
Endpoints in Service Directory can be *associated* with a
VPC. In this case, they can be used by supported Google
Cloud products to send requests directly to resources inside
a VPC. This feature is called Private Network Access.
The `google_service_directory_endpoint` resource supports
this configuration with a new argument `network`.
Unfortunately, this argument has an unusual format: it
is similar to a standard VPC ID, but instead of the project ID,
it expects the project number.
2024-01-05 15:05:32 +00:00
Julio Castillo
c13a192755
Use zones b and c for MIG fixture ( #1961 )
2024-01-05 15:02:12 +00:00
Julio Castillo
cc079e3a32
net-lb-app-ext example fixes ( #1959 )
...
* Fix typos
* Small fixes net-lb-app-ext examples
2024-01-05 13:38:30 +00:00
Andy Bubune Amewuda
3edacd0aba
Add e2e test for net_lb_app_ext module
2024-01-05 10:02:23 +01:00
Jason Steenblik
22e9e9e950
Support CMEK encryption on Bigtable instances. ( #1956 )
2024-01-05 09:29:36 +01:00
Julio Castillo
fde7b76036
Allow per-module terraform fixtures ( #1914 )
...
* Allow terraform fixtures for examples
* Allow defining multiple fixtures, and named fixtures under tests/fixtures/
* Enable e2e for wiktorn
* Fix prepare_files call for e2e
* Move fixture to separate file, fix test
* Revert shallow-copying symlinks, performane penalty - 20%
* Update tfdoc.py to list used fixtures
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
2023-12-29 09:43:44 +00:00
Julio Diez
9a7c600b6f
Merge branch 'master' into 1849-implement-cloud-run-module-version-2
2023-12-26 11:52:42 +01:00
Julio Diez
81814c3e4e
Links to the new module in READMEs
2023-12-26 11:52:13 +01:00
Wiktor Niesiobędzki
a5ce58ea22
tfdoc
2023-12-25 08:42:22 +00:00
Wiktor Niesiobędzki
a2a767a027
Doc fixes
2023-12-25 08:39:52 +00:00
dibaskar-google
969111f0cf
dns e2e tests ( #1944 )
2023-12-23 10:29:32 +00:00
Julio Diez
3b7724053b
Merge branch 'master' into 1849-implement-cloud-run-module-version-2
2023-12-22 11:45:56 +01:00
Luca Prete
44b1115b9f
Fix GCVE network policy ( #1948 )
...
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-12-22 10:29:43 +00:00
Luca Prete
06b2a97291
GCVE: add network policy configuration
2023-12-22 10:02:12 +00:00
Julio Diez
fd451c3451
Align with default versions file
2023-12-22 11:01:41 +01:00
Julio Diez
f784f47528
Merge branch 'master' into 1849-implement-cloud-run-module-version-2
2023-12-21 22:11:20 +01:00
Julio Diez
d08541159d
Update README
2023-12-21 22:09:47 +01:00
Luca Prete
df5c02aa1e
Minor fix to GCVE module readme ( #1946 )
...
Co-authored-by: Luca Prete <lucaprete@google.com>
Co-authored-by: Simone Ruffilli <sruffilli@google.com>
2023-12-21 18:29:30 +01:00
Luca Prete
c4123044b7
Use new resources in GCVE module, bump up provider versions ( #1941 )
2023-12-21 13:23:38 +00:00
Wiktor Niesiobędzki
110fd798a7
Fix always succeding test ( #1937 )
...
Co-authored-by: Julio Castillo <jccb@google.com>
2023-12-21 11:01:08 +00:00
Julio Diez
a04f59852f
Merge branch 'master' into 1849-implement-cloud-run-module-version-2
2023-12-20 18:17:15 +01:00
Simone Ruffilli
0255c80e90
Move squid to __need_fixing ( #1936 )
...
* Moved `modules/cloud-config-container/squid` to __need_fixing
* Moved `blueprints/networking/filtering-proxy{,-psc}` to __need_fixing
2023-12-19 14:27:37 +00:00
Wiktor Niesiobędzki
0d486fb34e
E2E tests fixes
2023-12-19 11:01:03 +01:00
Julio Castillo
01bd0b7b01
Add project-scoped secure tags ( #1933 )
2023-12-18 18:24:05 +01:00
Julio Castillo
b6e0557bbb
Simplify organization tags.tf locals ( #1932 )
...
* Simplify organization tags.tf locals
* Fix boilerplate
* Override github provider version for tests
2023-12-18 16:09:22 +00:00
Simone Ruffilli
c5da6b99c3
Fixes typo in README.md
2023-12-18 15:40:16 +01:00
Julio Diez
88b91cdaee
Move VPC connector management to specific files
2023-12-18 11:53:28 +01:00
Julio Diez
4c9243017c
Rename attribute secret.secret to secret.name
2023-12-18 11:42:57 +01:00
Julio Diez
bc4f89d9dc
Remove 'traffic' variable, the module is not intended to manage rollouts
2023-12-18 11:39:28 +01:00
simonebruzzechesse
c50b732c79
Allow granting network user role on host project from project module and factory ( #1930 )
...
* Update shared vpc config for project factory and project module for more granular Shared VPC configuration
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-12-15 14:39:21 +01:00
Simone Ruffilli
db31c1b8aa
Fixes example in cloud-config-container/squid
2023-12-15 12:31:08 +01:00
Julio Diez
c599717856
Refactor the interface
2023-12-14 08:44:51 +01:00
Ludovico Magnocavallo
537237edd6
Fix health check autocreation and id output in passthrough LB modules ( #1928 )
...
* fix health check autocreation and id output
* fix health check exclusion
2023-12-13 23:39:55 +00:00
Simone Ruffilli
ca3c86cb5c
Add support for policy based routes to net-vpc ( #1926 )
...
* Add support for PBR to net-vpc
2023-12-13 15:19:40 +00:00
Thomas Colomb
201ff284f6
gke-cluster-standard : Support upgrade_settings for node auto provisioner ( #1905 )
...
* gke-cluster-standard : Support upgrade_settings for node auto provisionner
* implement suggestions
* tfdoc
---------
Co-authored-by: Ludo <ludomagno@google.com>
2023-12-12 19:17:51 +00:00
luigi-bitonti
ef4095f000
Removed deprecated variable and added labels ( #1923 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-12-12 18:32:48 +00:00
Simone Ruffilli
f293847077
can_ip_forward in simple-nva examples ( #1922 )
2023-12-12 13:09:58 +00:00
Wiktor Niesiobędzki
c24d023c23
Sync tf version to version used by tests
2023-12-12 09:43:09 +01:00
Ludovico Magnocavallo
b65c57bcc2
bump tf version ( #1920 )
2023-12-12 09:19:46 +01:00
Ludovico Magnocavallo
e2c526c6a2
Merge branch 'master' into 1849-implement-cloud-run-module-version-2
2023-12-12 07:26:56 +01:00
luigi-bitonti
6cb3eb5390
Added missing parameters in kubelet and linux node conf ( #1918 )
2023-12-11 20:05:23 +01:00
Francesco Pavan
d2d62b71e2
Added the possibility to configure maintenance window and deny maintenance period in Cloud SQL module module ( #1917 )
...
* added maintenance window configuration to cloud sql
* Formatted code + generated readme
* Fixed readme errors (missing dots at the end of variables' description)
* Fixed typos + regenerated docs
* Added correct readme
* Collapsed "deny_maintenance_period" and "maintenance_window" variables into a single variable called "maintenance_config"
* Added input validation + some minor fixes
* Add trigger configuration for Composer (#1916 )
* Added update_track variable validation
* Formatted variables + regenerated readme
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-12-11 16:59:00 +00:00
Ludovico Magnocavallo
bba814c091
Custom role factories for organization and project modules ( #1912 )
...
* backport custom role factories
* backport from fast ci/cd branch
* indent
* tfdoc
* fix module tests
2023-12-11 14:16:39 +00:00
dibaskar-google
c65e242685
net_lb_ext module e2e and example testing changes ( #1909 )
...
E2E tests for net_lb_ext
2023-12-08 10:04:07 +01:00
Wiktor Niesiobędzki
84a15c4d77
README fixes for #1907
2023-12-07 09:51:48 +00:00
Thomas Colomb
e4c55bc4c9
gke-cluster-standard : Set optional shielded_instance_config block in cluster_autoscaling.auto_provisioning_defaults ( #1906 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2023-12-07 09:37:13 +00:00
Ludovico Magnocavallo
f548b65b1c
Add support for subnet-level service network user grants to project module, improve docs ( #1907 )
...
* improve project factory example
* light refactor of project modules shared vpc internals and docs
* add support for subnet-level grants on host project
2023-12-07 09:07:48 +00:00
Thomas Colomb
b92389066e
gke-cluster-standard : Add possibility to enable image streaming feature at cluster level ( #1904 )
2023-12-07 06:36:21 +01:00
Luca Prete
fa7664434b
Enable sole tenancy (`node_affinities`) on compute_vm ( #1903 )
2023-12-05 18:05:23 +01:00
Luca Prete
7916cd2081
Add IPv6 to HA VPN module + test inventories ( #1901 )
...
---------
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-12-04 23:38:41 +01:00
Julio Diez
4c80442f53
First version of Cloud Run module v2
2023-12-04 20:20:46 +01:00
Wiktor Niesiobędzki
d9f9410ae5
Use unique names for logging buckets in examples
...
Logging bucket name can be reused only after 7 days (when it is actually
deleted). When different tests reuse the same name, the ones that are
executed as 2nd and later will fail with message:
```
Error updating Logging Bucket Config [...]: googleapi: Error 400: Buckets
must be in an ACTIVE state to be modified
```
As their actual state is:
```
lifecycleState: DELETE_REQUESTED
```
2023-12-03 10:03:22 +00:00
Thangaraju R
e2d170c1a6
e2e tests for net-vpc-firewall module ( #1896 )
...
e2e tests for net-vpc-firewall module
2023-12-01 13:50:56 +01:00
Ludovico Magnocavallo
42fa742528
Add support for firewall tags to compute-vm module ( #1895 )
...
* add support for firewall tags to compute-vm module
* add support for firewall tags to compute-vm module
2023-12-01 11:27:37 +00:00
Thomas Colomb
3a2484843c
artifact-registry: Support cleanup policies ( #1891 )
2023-12-01 10:33:02 +00:00
Thangaraju R
da5371b391
e2e test fix for iam-service-account module ( #1894 )
2023-12-01 09:23:37 +01:00
Thangaraju Rajasekaran
224b98c786
removed prefix and updated net-vpc shared-vpc for e2e test
2023-11-30 14:03:49 +00:00
Thangaraju Rajasekaran
d9cd46d8a7
fixed e2e test for shared-vpc and subnet-iam
2023-11-30 14:03:49 +00:00
Thangaraju Rajasekaran
0af5e31ca3
E2E tests for net-vpc module
2023-11-30 14:03:49 +00:00
luigi-bitonti
b5cd2d8088
Updated bigquery module ( #1861 )
2023-11-30 14:33:50 +01:00
apichick
66bd9d5160
Added workstation-cluster module
2023-11-30 07:02:28 +01:00
luigi-bitonti
98accdb3ad
Added PSC support to CloudSQL Module ( #1874 )
...
* Added Feature
* Added PSC to CloudSQL module
* Added psc to read replica
* Changed variables
* Updated README
* Ran fmt
* Removed old variables
* Fix README
* Fixed blueprints
* Fix README
* Fixed output
* Added more outputs and bug fixes
* Changed variable structure
* Bug fix
* Added PSC example.
2023-11-24 15:47:45 +01:00
apichick
27c3d9424a
Fixed envoy file, it has extra character
2023-11-24 10:34:51 +01:00
Wiktor Niesiobędzki
55f308cbea
Fix failing E2E tests for folders ( #1884 )
...
* Run tests requiring uniqueness on org level serially (organization tags, firewall policies)
* make gcs bucket name globally unique
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-11-24 08:09:13 +00:00
Ludovico Magnocavallo
637926fb68
Support boot disk KMS key in GKE cluster modules ( #1881 )
...
* gke cluster standard
* tfdoc
* gke cluster autopilot
* fix autopilot tags test
2023-11-23 11:52:13 +00:00
Julio Castillo
7baa1f98d4
Output all neg ids in app lbs ( #1879 )
...
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-11-23 08:41:31 +01:00
flaprimo
2997bdeee5
Fix permissions assignments ( #1878 )
...
Fix permission assignments to cloud init configuration.
Otherwise you obtain error:
$ sudo cloud-init schema --system
Invalid cloud-config /var/lib/cloud/instances/XXX/cloud-config.txt
Error: Cloud config schema errors: write_files.0.permissions: 420 is not of type 'string', write_files.1.permissions: 420 is not of type 'string'
Error: Invalid cloud-config schema: user-data
2023-11-22 13:16:25 +01:00
dibaskar-google
2d70bb8db2
E2E tests for folder module ( #1876 )
...
E2E tests for folder module
2023-11-22 10:25:11 +01:00
Francesco Spinelli
ad98b839bb
added missing sql parameters ( #1869 )
...
* added missing sql parameters
* fix variables order
---------
Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
2023-11-20 22:27:59 +01:00
ddaluka
543ea6e7f3
Fix/dlpagent ( #1868 )
...
Create DLP Service Account on service activation.
2023-11-20 14:11:01 +01:00
Wiktor Niesiobędzki
9577ac5c36
Disable EventArc E2E test
...
The test fails with:
Error: Error creating Trigger: googleapi: Error 400: Invalid resource state for "": Permission denied while using the Eventarc Service Agent. If you recently started to use Eventarc, it may take a few minutes before all necessary permissions are propagated to the Service Agent. Otherwise, verify that it has Eventarc Service Agent role.
Retryig after 5 minutes fixes that, but thats not an option for
automated tests.
2023-11-18 10:36:30 +00:00
Wiktor Niesiobędzki
950ad088e9
Remove perma-diff when using VPC connector
...
+ fix trigger service account
2023-11-18 10:09:03 +00:00
Wiktor Niesiobędzki
35c58eb5c1
Fix non-empty plan after apply when using VPC connector
2023-11-18 10:00:25 +00:00
Wiktor Niesiobędzki
28b8edced5
Add end-to-end tests to Cloud Run
2023-11-18 10:00:25 +00:00
Wiktor Niesiobędzki
a635534a33
Fix IAM grants for KMS
2023-11-15 09:33:03 +00:00
Wiktor Niesiobędzki
1fbd018f5f
E2E tests for GCS
2023-11-15 09:33:03 +00:00
Wiktor Niesiobędzki
03bf0b15b3
Organization module end-to-end tests ( #1860 )
...
* added tag serial to mark tests to be run serially
* always run tests using loadgroup distribution to make use of serial tag
* added end-to-end tests for organization, not adding to custom constraints as the name has to be unique
* fixed granting custom roles created in the same module call
2023-11-14 18:54:59 +01:00
Francesco Spinelli
1c2f1c7b0d
Sql user features ( #1856 )
...
* added user type feature
* fix readme
* fix comment
* fix blueprint cloudsql users value + minor fix
* readme fix
* variables fix
* local var fix
* fix for in local var
* fix on readme
* fix intentations var in readme
* fix blueprint user quote
---------
Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
2023-11-13 10:27:14 +01:00
apichick
c79af78c48
Removed options that are not applicable to this load balancer
2023-11-12 20:21:06 +01:00
luigi-bitonti
d07f8fd33d
Added CMEK for Secret auto managed ( #1739 )
...
Allow to specify custom KMS keys for Secret Manager secrets
2023-11-10 16:45:47 +01:00
Tone
0f446e89d4
Extend `cluster_autoscaling` fields in gke-cluster-standard ( #1845 )
...
* feat(gke-cluster-standard): Add feature to setup `cluster_autoscaling`
* feat(gke-cluster-standard): Add GPUs setup feature for `cluster_autoscaling`
* feat(gke-cluster-standard): Add validation for `autoscaling_profile` and `disk_type` to ensure only valid values are specified
* feat(gke-cluster-standard): Fix validation condition for `cluster_autoscaling`
2023-11-10 12:39:50 +01:00
Francesco Spinelli
82c74e4ab6
Dataproc module bug fix ( #1848 )
...
* bug fix
* bug fix
* fix dinamic for_each
---------
Co-authored-by: Francesco Spinelli <francesco.spinelli@nttdata.com>
2023-11-09 15:48:29 +00:00
Artur Pacan
fca89b57ed
Fix validation and dynamic block for optional gpu_driver
2023-11-08 11:49:15 +00:00
Ludovico Magnocavallo
c7bef582e8
add support for IAM to vpc sc module ( #1846 )
2023-11-08 11:27:44 +01:00
Ludovico Magnocavallo
9068bd7729
Update README.md
2023-11-08 09:20:16 +01:00
apichick
0f91a964da
Added back sink iam flag as module users might not have access to the sink destination and the role might need to be granted somewhere else
2023-11-07 08:11:23 +01:00
Teodelas
0f502a8cfb
Fix modules to support new Apigee X environment types ( #1841 )
...
* Update main.tf
* Update variables.tf
* Update main.tf
Updated environment members to be alphabetical order
* fixed linting and terraform fmt
* removed venv
* removed venv directory
---------
Co-authored-by: Teo De Las Heras <teodlh@google.com>
2023-11-06 09:56:03 +01:00
Wiktor Niesiobędzki
ecaa253594
Merge branch 'master' into wiktorn-provider-5.4.0
2023-11-04 08:31:56 +01:00
Wiktor Niesiobędzki
fe485414e6
Add end-to-end tests for project module ( #1823 )
...
* Add end-to-end tests for project module
* Add inventory to data tests
* Add files to end-to-end test cases
* Review fixes - use named groups
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-11-03 18:04:19 +01:00
Wiktor Niesiobędzki
b40ad91629
Bump provider version to 5.4.0
2023-11-03 17:02:00 +00:00
apichick
3648ca0da1
Merge branch 'master' into envoy-sni-dyn-fwd-proxy
2023-11-03 08:22:37 +01:00
apichick
3191dbb769
Added envoy as SNI dynamic forward proxy to cloud-config-container
2023-11-03 08:21:20 +01:00
apichick
26248ba5f5
Added create_before_destroy = true for self-managed certificates
2023-11-02 13:52:46 +01:00
cmalpe
1031076569
added validation for stack_type
2023-11-01 09:18:49 +00:00
cmalpe
f1972550fe
fixed linting for variables file
2023-11-01 08:02:36 +00:00
cmalpe
17707da60a
added stack_type field
2023-11-01 07:58:09 +00:00
alealr
8d06afcdb8
Updating wording
2023-10-31 14:35:27 +00:00
devuonocar
103388bcc9
Update default value
2023-10-31 10:47:28 +01:00
devuonocar
e52af05504
Update README.md
2023-10-30 18:34:55 +01:00
devuonocar
96c1342d55
Add public_access_prevention
2023-10-30 18:23:33 +01:00
cmalpe
b8bb000073
Merge branch 'master' into cmalpe/kms-import-job
2023-10-30 20:32:50 +05:30
Ludovico Magnocavallo
671f06a3a4
Billing budget factory ( #1822 )
...
* billing budget factory
* review comment changes
2023-10-29 11:24:52 +01:00
Luca Prete
7c6726e79b
[net-address] enable ipv6 ( #1821 )
...
---------
Co-authored-by: Luca Prete <lucaprete@google.com>
2023-10-28 15:36:30 +02:00
Ludovico Magnocavallo
b29987bb61
Merge branch 'master' into cmalpe/kms-import-job
2023-10-28 01:29:28 +02:00
apichick
022b9f5060
Added iam_bindings and iam_bindings_additive to apigee module
2023-10-27 18:22:07 +02:00
Wiktor Niesiobędzki
5b17c11d01
Merge branch 'master' into fix/ai-models-support
2023-10-27 10:22:47 +02:00
cmalpe
af339aad15
corrected readme linting
2023-10-27 07:22:59 +00:00
cmalpe
b0e5231f50
Merge branch 'master' into cmalpe/kms-import-job
2023-10-27 07:21:36 +00:00
cmalpe
9a3ac13687
corrected linting and test example
2023-10-27 06:52:55 +00:00
Ewa Wojtach
98dde0c57f
review comments
2023-10-27 08:38:37 +02:00
Chaitanya Malpe
8a76b10161
added test for import job
2023-10-27 11:53:35 +05:30
Ludovico Magnocavallo
d0b1ced280
fix logic for default source range in firewall ingress rules ( #1815 )
2023-10-26 15:25:36 +00:00
cmalpe
5d8ff92471
added linting changes for readme file
2023-10-26 15:02:59 +00:00
Chaitanya Malpe
d9e09bb9c3
removed unneeded variable
2023-10-26 20:23:06 +05:30
cmalpe
c83b6c229f
added tfdoc changes
2023-10-26 14:05:39 +00:00
Chaitanya Malpe
c2380a88fa
added import job support for kms module
2023-10-26 18:12:58 +05:30
Ewa Wojtach
6fc960ea0b
empty gpu sharing config fix
2023-10-26 07:23:13 +02:00
Simone Ruffilli
4decc641bb
Stop wrapping yamldecode with try() ( #1812 )
2023-10-25 16:16:05 +02:00
Ewa Wojtach
33ce0e1db5
AI models support ( #1750 )
...
* nodepool config
* added gpu driver configuration
* documentation update
* regenerated docs
* review comments
* review comments
* blocks structure
* documentation update
* test fix and doc update
* review comments
* doc
* Extend inventory
* Update README
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-25 09:42:36 +00:00
mwarm2
e28f7c3237
Fix Apigee add-ons configuration ( #1798 )
...
* Revert "Merge pull request #1694 from eddern/eddern/fix-apigee-addons-config"
This reverts commit ec7a7a9605
, reversing
changes made to df5daab6cc
.
* Flip for_each ternary: use true to enable an add-on
When a given add-on's variable is set to true, do instantiate the block.
---------
Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-10-25 07:37:45 +00:00
Ludovico Magnocavallo
1b3a4d627b
allow setting enable_private_nodes in gke nodepool pod range ( #1808 )
2023-10-24 17:34:04 +00:00
Luca Prete
019cca735d
net-lb-ext: add option to set IPv6 subnetwork for IPv6 external fw rules
2023-10-24 13:37:33 +00:00
Luca Prete
feef3909db
compute-vm: remove old todo ( #1804 )
2023-10-24 10:45:53 +00:00
Pierre Formont
43f78194e9
use the repository format in the image_path output ( #1803 )
...
* use the repository format in the image_path output
* use local.format_string instead of var.format
2023-10-24 10:24:53 +00:00
Julio Castillo
b2201f69b7
Fix Internal App LB serverless NEG backend example ( #1801 )
...
* Fix Internal App LB serverless NEG backed example
* Silence linter
2023-10-24 07:25:43 +00:00
Luca Prete
f54b4f88b8
net-address: allow users to optionally specify address names ( #1795 )
2023-10-23 15:17:06 +00:00
apichick
378960cfc6
Removed unnecessary try statements
2023-10-22 17:50:57 +02:00
Luca Prete
a23b3d62ae
net-lb-ext: add support for multiple forwarding rules (IPs) and dual-stack (IPv4/IPv6)
2023-10-21 18:19:18 +02:00
Simone Ruffilli
6d89b88149
versions.tf maintenance + copyright notice bump ( #1782 )
...
* Bump copyright notice to 2023
* Delete versions.tf on blueprints
* Pin provider to major version 5
* Remove comment
* Fix lint
* fix bq-ml blueprint readme
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-20 18:17:47 +02:00
Wiktor Niesiobędzki
d07daf966a
End-to-end tests for terraform modules ( #1751 )
...
Add end-to-end tests (apply, plan, destroy) for examples.
When run, `tests/examples_e2e`:
1. Create an environment for tests to run (folder, project vpc network)
2. For each marked example (with `e2e` tftest directive), run apply, plan, destroy
3. Verify:
* no failure in apply
* empty plan after apply
* no failure during destroy
4. When all tests are done, destroy test environment
More details in `tests/examples_e2e/README.md`
2023-10-20 09:59:52 +02:00
luigi-bitonti
4e439720aa
Added ProtectedApplication feature to GKE Backup ( #1774 )
...
* Added ProtectedApplication feature to GKE Backup
* Fixed location name and added example
* Modified test module
* Changed test
* Changed test
* Changed test
* Restore old "all_namespaces" logic
* Bug fix
* Ran fmt on README example
* Modified variable structure
* Fix test
* Fix
2023-10-19 19:54:22 +02:00
Ludovico Magnocavallo
77a4696aa6
Add gcp org policy constraints file to bootstrap stage ( #1775 )
...
* add gcp org policy constraints file to bootstrap
* make the org policy factories more resilient
2023-10-18 18:21:16 +00:00
Ludovico Magnocavallo
02ccc576f5
fix resource manager tag bindings in compute-vm module ( #1771 )
2023-10-18 09:24:00 +00:00
Wiktor Niesiobędzki
c21fa4558f
Remove incompatible balancing_mode ( #1769 )
...
## net-lb-int
* Fix error on apply of example:
```
Error creating RegionBackendService: googleapi: Error 400: Invalid value for field 'resource.backends[0].balancingMode': 'UTILIZATION'. Balancing mode must be CONNECTION for an INTERNAL backend service., invalid
```
* remove unused `balancing_mode` variable, as only one value is possible anyhow
## net-lb-ext
* update in the `backends` description
## net-lb-proxy-int
* update in the `backends` description
## net-lb-app-int
* added validation of `balancing_mode`
* fixed other validations
## net-lb-app-ext
* added validation of `balancing_mode`
* fixed other validations
* removed validation for `locality_lb_policy` as this variable is not used in this module
Closes : #1767
2023-10-18 08:11:32 +02:00
Luca Prete
6c48512f7e
[ #1764 ] net-lb-int: add support for dual stack and multiple forwarding rules
2023-10-17 09:30:34 +00:00
Julio Castillo
82f14fd6c0
Make subnets depend on proxy only subnets ( #1762 )
...
* Make subnets depend on proxy only subnets
* Add dependency to subnet_ids too
* Update readme
2023-10-16 11:39:52 +00:00
jeroenmonteban
f464557525
Add autoclass to GCS ( #1757 )
...
* Add autoclass to GCS
* Fix linting
* Make autoclass block dynamic
* Fix syntax
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2023-10-16 07:45:10 +00:00
luigi-bitonti
0195ea6bca
Exposed stack_type variable in compute_vm module ( #1756 )
...
* Exposed stack_type variable in compute_vm module
* Updated README.md
* align instance template, fix variable ordering
---------
Co-authored-by: Ludo <ludomagno@google.com>
2023-10-16 06:28:56 +00:00
Ludovico Magnocavallo
252127bde5
Billing account module ( #1743 )
...
* initial untested draft
* readme and tests
* folder module tfdoc
* remove redundant billing cost manager role in fast stage 0
* fix FAST test
2023-10-15 15:02:50 +00:00
devuonocar
3949fdc283
Add outputs to BigQuery dataset module ( #1752 )
...
* Add outputs
* Fix checks
* Fix order
* Fix order
* Fix var
* Fix outputs
* Fix README.md
2023-10-13 17:02:47 +02:00
Ludovico Magnocavallo
85d2b8b093
Fix typo in GKE nodepool taints ( #1754 )
...
* Fix typo in GKE nodepool taints
Fixes #1749
* fix windows taints
2023-10-12 12:04:15 +00:00
Ludo
55fc3e226d
Revert "fix windows taints"
...
This reverts commit 661b543e08
.
2023-10-12 13:39:42 +02:00
Ludo
661b543e08
fix windows taints
2023-10-12 13:38:37 +02:00
luigi-bitonti
3503e028ae
Module autopilot bug fixes ( #1746 )
...
* Removed unused variables and bug fix
* Ran fmt
* Fix README.md
* Added comments to code
2023-10-12 12:40:28 +02:00
devuonocar
4f91523a08
Add missing fields to Cloud Storage bucket ( #1745 )
...
* Add new featrures
* Terraform fmt
* Fix README.md
* Delete not allowed validation
* Fix README.md
* Fix README.md
* update var
* update var
* Update var
2023-10-10 22:40:30 +02:00
Julio Castillo
64d88d90d1
Append "s" to backoff times ( #1744 )
2023-10-10 13:32:19 +03:00
Julio Castillo
9ab3b49f69
Add PSA peered domains support to `net-vpc` ( #1741 )
...
* Add PSA peered domains support to `net-vpc`
* Fix tests
2023-10-06 15:31:32 +00:00
Julio Castillo
ef290c1c8d
Enforce mandatory types in all variables ( #1737 )
2023-10-06 09:44:33 +00:00
luigi-bitonti
bb76878d0d
Added FQDN Network Policy feature on GKE Cluster ( #1732 )
...
* Added FQDN Network Policy feature on GKE Cluster
* Fix README.md. Added validation into variable.
* README.md updated
---------
Co-authored-by: Bitonti, Luigi <luigi.bitonti@nttdata.com>
2023-10-06 10:05:54 +02:00