kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

JSON schema documentation tool (#3070)

Browse Source 
* wip

* wip

* wip

* generate schema docs

* formatting

* typo

* fix details

* fix details

* revert dp change

* tfdoc
This commit is contained in:
Ludovico Magnocavallo
2025-05-06 08:17:46 +02:00
committed by GitHub
parent 41b4cdef68
commit 30b390483e
69 changed files with 3817 additions and 304 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
fast/addons/2-networking-test/schemas/instance.schema.md Normal file
View File

@@ -0,0 +1,26 @@
# Instance
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- ⁺**project_id**: *string*
- ⁺**network_id**: *string*
- ⁺**service_account**: *string*
- ⁺**subnet_id**: *string*
- **image**: *string*
- **metadata**: *object*
*additional properties: String*
- **name**: *string*
- **tags**: *array*
- items: *string*
- **type**: *string*
<br>*default: e2-micro*
- **user_data_file**: *string*
- **zones**: *array*
- items: *string*
## Definitions

18
fast/addons/2-networking-test/schemas/service-account.schema.md Normal file
View File

@@ -0,0 +1,18 @@
# Service Account
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- ⁺**project_id**: *string*
- **display_name**: *string*
- **name**: *string*
- **iam_project_roles**: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
## Definitions

14
fast/stages/0-bootstrap/schemas/custom-role.schema.md Normal file
View File

@@ -0,0 +1,14 @@
# Custom Role
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **name**: *string*
- **includedPermissions**: *array*
- items: *string*
## Definitions

33
fast/stages/0-bootstrap/schemas/org-policies.schema.md Normal file
View File

@@ -0,0 +1,33 @@
# Organization Policies
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
<br>*additional properties: false*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *reference([allow-deny](#refs-allow-deny))*
- **deny**: *reference([allow-deny](#refs-allow-deny))*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parameters**: *string*
## Definitions
- **allow-deny**<a name="refs-allow-deny"></a>: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*

21
fast/stages/0-bootstrap/schemas/org-policy-custom-constraint.schema.md Normal file
View File

@@ -0,0 +1,21 @@
# Organization Policy Custom Constraints
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z-]+\.[a-zA-Z]+$`**: *object*
<br>*additional properties: false*
- **display_name**: *string*
- **description**: *string*
- ⁺**action_type**: *string*
- ⁺**condition**: *string*
- **method_types**: *array*
- items: *string*
- **resource_types**: *array*
- items: *string*
## Definitions

117
fast/stages/1-resman/schemas/fast-stage2.schema.json
View File

@@ -32,6 +32,7 @@
"type": "string"
},
"type": {
"type": "string",
"enum": [
"github",
"gitlab"
@@ -73,66 +74,70 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
"type": "object",
"additionalProperties": false,
"properties": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
}
}
}
}

106
fast/stages/1-resman/schemas/fast-stage2.schema.md Normal file
View File

@@ -0,0 +1,106 @@
# FAST stage 2
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **short_name**: *string*
- **cicd_config**: *object*
<br>*additional properties: false*
- ⁺**identity_provider**: *string*
- ⁺**repository**: *object*
<br>*additional properties: false*
- ⁺**name**: *string*
- **branch**: *string*
- **type**: *string*
<br>*default: github*, *enum: ['github', 'gitlab']*
- **folder_config**: *object*
<br>*additional properties: false*
- ⁺**name**: *string*
- **create_env_folders**: *boolean*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **org_policies**: *object*
<br>*additional properties: false*
- **`^[a-z]+\.`**: *object*
<br>*additional properties: false*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **deny**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parent_id**: *string*
- **tag_bindings**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *string*
- **organization_config**: *object*
<br>*additional properties: false*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **stage3_config**: *object*
<br>*additional properties: false*
- **iam_admin_delegated**: *array*
- items: *object*
<br>*additional properties: false*
- **environment**: *string*
- **principal**: *string*
- **iam_viewer**: *array*
- items: *object*
<br>*additional properties: false*
- **environment**: *string*
- **principal**: *string*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^(?:roles/|[a-z_]+)`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^[a-z]+[a-z-]+$`**: *array*
- items: *string*

117
fast/stages/1-resman/schemas/fast-stage3.schema.json
View File

@@ -12,6 +12,7 @@
"type": "string"
},
"environment": {
"type": "string",
"enum": [
"dev",
"prod"
@@ -42,6 +43,7 @@
"type": "string"
},
"type": {
"type": "string",
"enum": [
"github",
"gitlab"
@@ -91,66 +93,69 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
"type": "object",
"properties": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
}
}
}
}

90
fast/stages/1-resman/schemas/fast-stage3.schema.md Normal file
View File

@@ -0,0 +1,90 @@
# FAST stage 3
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- ⁺**short_name**: *string*
- ⁺**environment**: *string*
<br>*enum: ['dev', 'prod']*
- **cicd_config**: *object*
<br>*additional properties: false*
- ⁺**identity_provider**: *string*
- ⁺**repository**: *object*
<br>*additional properties: false*
- ⁺**name**: *string*
- **branch**: *string*
- **type**: *string*
<br>*default: github*, *enum: ['github', 'gitlab']*
- **folder_config**: *object*
<br>*additional properties: false*
- ⁺**name**: *string*
- **parent_id**: *string*
- **tag_bindings**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **org_policies**: *object*
<br>*additional properties: false*
- **`^[a-z]+\.`**: *object*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **deny**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^(?:roles/|[a-z_]+)`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^[a-z]+[a-z-]+$`**: *array*
- items: *string*

33
fast/stages/1-resman/schemas/org-policies.schema.md Normal file
View File

@@ -0,0 +1,33 @@
# Organization Policies
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
<br>*additional properties: false*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *reference([allow-deny](#refs-allow-deny))*
- **deny**: *reference([allow-deny](#refs-allow-deny))*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parameters**: *string*
## Definitions
- **allow-deny**<a name="refs-allow-deny"></a>: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*

115
fast/stages/1-resman/schemas/top-level-folder.schema.json
View File

@@ -170,66 +170,69 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
"type": "object",
"properties": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
}
}
}
}

110
fast/stages/1-resman/schemas/top-level-folder.schema.md Normal file
View File

@@ -0,0 +1,110 @@
# Folder
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **automation**: *object*
<br>*additional properties: false*
- **environment_name**: *string*
- **sa_impersonation_principals**: *array*
- items: *string*
- **short_name**: *string*
- **contacts**: *object*
<br>*additional properties: false*
- **`@`**: *array*
- items: *string*
- **factories_config**: *object*
<br>*additional properties: false*
- **org_policies**: *string*
- **firewall_policy**: *object*
<br>*additional properties: false*
- ⁺**name**: *string*
- ⁺**policy**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **is_fast_context**: *boolean*
- **logging_data_access**: *object*
<br>*additional properties: false*
- **`^(?:[a-z_-]+)\.googleapis\.com$`**: *object*
<br>*additional properties: false*
- **`^(?:DATA_READ|DATA_WRITE|ADMIN_READ)$`**: *object*
<br>*additional properties: false*
- **exempted_members**: *array*
- items: *string*
- **logging_exclusions**: *object*
*additional properties: String*
- **logging_settings**: *object*
<br>*additional properties: false*
- **disable_default_sink**: *boolean*
- **storage_location**: *string*
- **logging_sinks**: *object*
*additional properties: Object*
- **name**: *string*
- **org_policies**: *object*
<br>*additional properties: false*
- **`^[a-z]+\.`**: *object*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **deny**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parent_id**: *string*
- **tag_bindings**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *string*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^(?:roles/|[a-z_]+)`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^[a-z]+[a-z-]+$`**: *array*
- items: *string*

43
fast/stages/1-vpcsc/schemas/access-level.schema.md Normal file
View File

@@ -0,0 +1,43 @@
# VPC-SC access level
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **combining_function**: *string*
- **conditions**: *array*
- items: *object*
<br>*additional properties: false*
- **device_policy**: *object*
<br>*additional properties: false*
- **allowed_device_management_levels**: *array*
- items: *string*
- **allowed_encryption_statuses**: *array*
- items: *string*
- ⁺**require_admin_approval**: *boolean*
- ⁺**require_corp_owned**: *boolean*
- **require_screen_lock**: *boolean*
- **os_constraints**: *array*
- items: *object*
<br>*additional properties: false*
- **os_type**: *string*
- **minimum_version**: *string*
- **require_verified_chrome_os**: *boolean*
- **ip_subnetworks**: *array*
- items: *string*
- **members**: *array*
- items: *string*
- **negate**: *boolean*
- **regions**: *array*
- items: *string*
- **required_access_levels**: *array*
- items: *string*
- **vpc_subnets**: *object*
<br>*additional properties: false*
- **`^//compute.googleapis.com/projects/[^/]+/global/networks/[^/]+$`**: *array*
- items: *string*
## Definitions

38
fast/stages/1-vpcsc/schemas/egress-policy.schema.md Normal file
View File

@@ -0,0 +1,38 @@
# VPC-SC egress policy
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **title**: *string*
- ⁺**from**: *object*
<br>*additional properties: false*
- **access_levels**: *array*
- items: *string*
- **identity_type**: *string*
<br>*enum: ['IDENTITY_TYPE_UNSPECIFIED', 'ANY_IDENTITY', 'ANY_USER_ACCOUNT', 'ANY_SERVICE_ACCOUNT', '']*
- **identities**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- ⁺**to**: *object*
<br>*additional properties: false*
- **external_resources**: *array*
- items: *string*
- **operations**: *array*
- items: *object*
<br>*additional properties: false*
- **method_selectors**: *array*
- items: *string*
- **permission_selectors**: *array*
- items: *string*
- ⁺**service_name**: *string*
- **resources**: *array*
- items: *string*
- **roles**: *array*
- items: *string*
## Definitions

34
fast/stages/1-vpcsc/schemas/ingress-policy.schema.md Normal file
View File

@@ -0,0 +1,34 @@
# VPC-SC ingress policy
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **title**: *string*
- ⁺**from**: *object*
<br>*additional properties: false*
- **access_levels**: *array*
- items: *string*
- **identity_type**: *string*
<br>*enum: ['IDENTITY_TYPE_UNSPECIFIED', 'ANY_IDENTITY', 'ANY_USER_ACCOUNT', 'ANY_SERVICE_ACCOUNT', '']*
- **identities**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- ⁺**to**: *object*
<br>*additional properties: false*
- **operations**: *array*
- items: *object*
- **method_selectors**: *array*
- items: *string*
- **permission_selectors**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- **roles**: *array*
- items: *string*
## Definitions

45
fast/stages/1-vpcsc/schemas/perimeter.schema.md Normal file
View File

@@ -0,0 +1,45 @@
# perimeters
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **description**: *string*
- **title**: *string*
- **spec**: *object*
<br>*additional properties: false*
- **access_levels**: *array*
- items: *string*
- **egress_policies**: *array*
- items: *string*
- **ingress_policies**: *array*
- items: *string*
- **restricted_services**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- **vpc_accessible_services**: *reference([VpcAccessibleServices](#refs-VpcAccessibleServices))*
- **status**: *object*
<br>*additional properties: false*
- **access_levels**: *array*
- items: *string*
- **egress_policies**: *array*
- items: *string*
- **ingress_policies**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- **restricted_services**: *array*
- items: *string*
- **vpc_accessible_services**: *reference([VpcAccessibleServices](#refs-VpcAccessibleServices))*
- **use_explicit_dry_run_spec**: *boolean*
## Definitions
- **VpcAccessibleServices**<a name="refs-VpcAccessibleServices"></a>: *object*
<br>*additional properties: false*
- ⁺**allowed_services**: *array*
- items: *string*
- **enable_restriction**: *boolean*

49
fast/stages/2-networking-a-simple/schemas/firewall-policy-rules.schema.md Normal file
View File

@@ -0,0 +1,49 @@
# Firewall Rules
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
## Definitions
- **rule**<a name="refs-rule"></a>: *object*
<br>*additional properties: false*
- ⁺**priority**: *number*
- **action**: *string*
<br>*enum: ['allow', 'deny', 'goto_next', 'apply_security_profile_group']*
- **description**: *string*
- **disabled**: *boolean*
- **enable_logging**: *boolean*
- **security_profile_group**: *string*
- **target_resources**: *array*
- items: *string*
- **target_service_accounts**: *array*
- items: *string*
- **target_tags**: *array*
- items: *string*
- **tls_inspect**: *boolean*
- **match**: *object*
<br>*additional properties: false*
- **address_groups**: *array*
- items: *string*
- **fqdns**: *array*
- items: *string*
- **region_codes**: *array*
- items: *string*
- **threat_intelligences**: *array*
- items: *string*
- **destination_ranges**: *array*
- items: *string*
- **source_ranges**: *array*
- items: *string*
- **source_tags**: *array*
- items: *string*
- **layer4_configs**: *array*
- items: *object*
<br>*additional properties: false*
- **protocol**: *string*
- **ports**: *array*

41
fast/stages/2-networking-a-simple/schemas/firewall-rules.schema.md Normal file
View File

@@ -0,0 +1,41 @@
# Firewall Rules
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **egress**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
- **ingress**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
## Definitions
- **rule**<a name="refs-rule"></a>: *object*
<br>*additional properties: false*
- **deny**: *boolean*
- **description**: *string*
- **destination_ranges**: *array*
- items: *string*
- **disabled**: *boolean*
- **enable_logging**: *object*
<br>*additional properties: false*
- **include_metadata**: *boolean*
- **priority**: *number*
- **source_ranges**: *array*
- items: *string*
- **sources**: *array*
- items: *string*
- **targets**: *array*
- items: *string*
- **use_service_accounts**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **protocol**: *string*
- **ports**: *array*
- items: *number*

64
fast/stages/2-networking-a-simple/schemas/subnet.schema.md Normal file
View File

@@ -0,0 +1,64 @@
# Subnet
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **active**: *boolean*
- **description**: *string*
- **enable_private_access**: *boolean*
- **allow_subnet_cidr_routes_overlap**: *boolean*
- **flow_logs_config**: *object*
<br>*additional properties: false*
- **aggregation_interval**: *string*
- **filter_expression**: *string*
- **flow_sampling**: *number*
- **metadata**: *string*
- **metadata_fields**: *array*
- items: *string*
- **global**: *boolean*
- ⁺**ip_cidr_range**: *string*
- **ipv6**: *object*
<br>*additional properties: false*
- **access_type**: *string*
- **name**: *string*
- ⁺**region**: *string*
- **psc**: *boolean*
- **proxy_only**: *boolean*
- **secondary_ip_ranges**: *object*
*additional properties: String*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*

49
fast/stages/2-networking-b-nva/schemas/firewall-policy-rules.schema.md Normal file
View File

@@ -0,0 +1,49 @@
# Firewall Rules
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
## Definitions
- **rule**<a name="refs-rule"></a>: *object*
<br>*additional properties: false*
- ⁺**priority**: *number*
- **action**: *string*
<br>*enum: ['allow', 'deny', 'goto_next', 'apply_security_profile_group']*
- **description**: *string*
- **disabled**: *boolean*
- **enable_logging**: *boolean*
- **security_profile_group**: *string*
- **target_resources**: *array*
- items: *string*
- **target_service_accounts**: *array*
- items: *string*
- **target_tags**: *array*
- items: *string*
- **tls_inspect**: *boolean*
- **match**: *object*
<br>*additional properties: false*
- **address_groups**: *array*
- items: *string*
- **fqdns**: *array*
- items: *string*
- **region_codes**: *array*
- items: *string*
- **threat_intelligences**: *array*
- items: *string*
- **destination_ranges**: *array*
- items: *string*
- **source_ranges**: *array*
- items: *string*
- **source_tags**: *array*
- items: *string*
- **layer4_configs**: *array*
- items: *object*
<br>*additional properties: false*
- **protocol**: *string*
- **ports**: *array*

41
fast/stages/2-networking-b-nva/schemas/firewall-rules.schema.md Normal file
View File

@@ -0,0 +1,41 @@
# Firewall Rules
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **egress**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
- **ingress**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
## Definitions
- **rule**<a name="refs-rule"></a>: *object*
<br>*additional properties: false*
- **deny**: *boolean*
- **description**: *string*
- **destination_ranges**: *array*
- items: *string*
- **disabled**: *boolean*
- **enable_logging**: *object*
<br>*additional properties: false*
- **include_metadata**: *boolean*
- **priority**: *number*
- **source_ranges**: *array*
- items: *string*
- **sources**: *array*
- items: *string*
- **targets**: *array*
- items: *string*
- **use_service_accounts**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **protocol**: *string*
- **ports**: *array*
- items: *number*

64
fast/stages/2-networking-b-nva/schemas/subnet.schema.md Normal file
View File

@@ -0,0 +1,64 @@
# Subnet
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **active**: *boolean*
- **description**: *string*
- **enable_private_access**: *boolean*
- **allow_subnet_cidr_routes_overlap**: *boolean*
- **flow_logs_config**: *object*
<br>*additional properties: false*
- **aggregation_interval**: *string*
- **filter_expression**: *string*
- **flow_sampling**: *number*
- **metadata**: *string*
- **metadata_fields**: *array*
- items: *string*
- **global**: *boolean*
- ⁺**ip_cidr_range**: *string*
- **ipv6**: *object*
<br>*additional properties: false*
- **access_type**: *string*
- **name**: *string*
- ⁺**region**: *string*
- **psc**: *boolean*
- **proxy_only**: *boolean*
- **secondary_ip_ranges**: *object*
*additional properties: String*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*

49
fast/stages/2-networking-c-separate-envs/schemas/firewall-policy-rules.schema.md Normal file
View File

@@ -0,0 +1,49 @@
# Firewall Rules
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
## Definitions
- **rule**<a name="refs-rule"></a>: *object*
<br>*additional properties: false*
- ⁺**priority**: *number*
- **action**: *string*
<br>*enum: ['allow', 'deny', 'goto_next', 'apply_security_profile_group']*
- **description**: *string*
- **disabled**: *boolean*
- **enable_logging**: *boolean*
- **security_profile_group**: *string*
- **target_resources**: *array*
- items: *string*
- **target_service_accounts**: *array*
- items: *string*
- **target_tags**: *array*
- items: *string*
- **tls_inspect**: *boolean*
- **match**: *object*
<br>*additional properties: false*
- **address_groups**: *array*
- items: *string*
- **fqdns**: *array*
- items: *string*
- **region_codes**: *array*
- items: *string*
- **threat_intelligences**: *array*
- items: *string*
- **destination_ranges**: *array*
- items: *string*
- **source_ranges**: *array*
- items: *string*
- **source_tags**: *array*
- items: *string*
- **layer4_configs**: *array*
- items: *object*
<br>*additional properties: false*
- **protocol**: *string*
- **ports**: *array*

41
fast/stages/2-networking-c-separate-envs/schemas/firewall-rules.schema.md Normal file
View File

@@ -0,0 +1,41 @@
# Firewall Rules
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **egress**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
- **ingress**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
## Definitions
- **rule**<a name="refs-rule"></a>: *object*
<br>*additional properties: false*
- **deny**: *boolean*
- **description**: *string*
- **destination_ranges**: *array*
- items: *string*
- **disabled**: *boolean*
- **enable_logging**: *object*
<br>*additional properties: false*
- **include_metadata**: *boolean*
- **priority**: *number*
- **source_ranges**: *array*
- items: *string*
- **sources**: *array*
- items: *string*
- **targets**: *array*
- items: *string*
- **use_service_accounts**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **protocol**: *string*
- **ports**: *array*
- items: *number*

64
fast/stages/2-networking-c-separate-envs/schemas/subnet.schema.md Normal file
View File

@@ -0,0 +1,64 @@
# Subnet
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **active**: *boolean*
- **description**: *string*
- **enable_private_access**: *boolean*
- **allow_subnet_cidr_routes_overlap**: *boolean*
- **flow_logs_config**: *object*
<br>*additional properties: false*
- **aggregation_interval**: *string*
- **filter_expression**: *string*
- **flow_sampling**: *number*
- **metadata**: *string*
- **metadata_fields**: *array*
- items: *string*
- **global**: *boolean*
- ⁺**ip_cidr_range**: *string*
- **ipv6**: *object*
<br>*additional properties: false*
- **access_type**: *string*
- **name**: *string*
- ⁺**region**: *string*
- **psc**: *boolean*
- **proxy_only**: *boolean*
- **secondary_ip_ranges**: *object*
*additional properties: String*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*

62
fast/stages/2-project-factory/schemas/budget.schema.md Normal file
View File

@@ -0,0 +1,62 @@
# Budget
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- ⁺**amount**: *object*
<br>*additional properties: false*
- **currency_code**: *string*
- **nanos**: *number*
- **units**: *number*
- **use_last_period**: *boolean*
- **display_name**: *string*
- **filter**: *object*
<br>*additional properties: false*
- **credit_types_treatment**: *object*
<br>*additional properties: false*
- **exclude_all**: *boolean*
- **include_specified**: *array*
- items: *string*
- **label**: *object*
<br>*additional properties: false*
- **key**: *string*
- **value**: *string*
- **period**: *object*
<br>*additional properties: false*
- **calendar**: *string*
- **custom**: *object*
<br>*additional properties: false*
- **start_date**: *reference([date](#refs-date))*
- **end_date**: *reference([date](#refs-date))*
- **projects**: *array*
- items: *string*
- **resource_ancestors**: *array*
- items: *string*
- **services**: *array*
- items: *string*
- **subaccounts**: *array*
- items: *string*
- **threshold_rules**: *array*
- items: *object*
<br>*additional properties: false*
- ⁺**percent**: *number*
- **forecasted_spend**: *boolean*
- **update_rules**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **disable_default_iam_recipients**: *boolean*
- **monitoring_notification_channels**: *array*
- items: *string*
- **pubsub_topic**: *string*
## Definitions
- **date**<a name="refs-date"></a>: *object*
<br>*additional properties: false*
- **day**: *number*
- **month**: *number*
- **year**: *number*

76
fast/stages/2-project-factory/schemas/folder.schema.md Normal file
View File

@@ -0,0 +1,76 @@
# Folder
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **name**: *string*
- **org_policies**: *object*
<br>*additional properties: false*
- **`^[a-z]+\.`**: *object*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **deny**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parent**: *string*
- **tag_bindings**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *string*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
- items: *string*

199
fast/stages/2-project-factory/schemas/project.schema.md Normal file
View File

@@ -0,0 +1,199 @@
# Project
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **automation**: *object*
<br>*additional properties: false*
- ⁺**project**: *string*
- **bucket**: *reference([bucket](#refs-bucket))*
- **service_accounts**: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *object*
<br>*additional properties: false*
- **description**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_billing_roles**: *reference([iam_billing_roles](#refs-iam_billing_roles))*
- **iam_folder_roles**: *reference([iam_folder_roles](#refs-iam_folder_roles))*
- **iam_organization_roles**: *reference([iam_organization_roles](#refs-iam_organization_roles))*
- **iam_project_roles**: *reference([iam_project_roles](#refs-iam_project_roles))*
- **iam_sa_roles**: *reference([iam_sa_roles](#refs-iam_sa_roles))*
- **iam_storage_roles**: *reference([iam_storage_roles](#refs-iam_storage_roles))*
- **billing_account**: *string*
- **billing_budgets**: *array*
- items: *string*
- **buckets**: *reference([buckets](#refs-buckets))*
- **contacts**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **deletion_policy**: *string*
<br>*enum: ['PREVENT', 'DELETE', 'ABANDON']*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **labels**: *object*
- **metric_scopes**: *array*
- items: *string*
- **name**: *string*
- **org_policies**: *object*
<br>*additional properties: false*
- **`^[a-z]+\.`**: *object*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **deny**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parent**: *string*
- **prefix**: *string*
- **project_reuse**: *object*
<br>*additional properties: false*
- **use_data_source**: *boolean*
- **project_attributes**: *object*
- ⁺**name**: *string*
- ⁺**number**: *number*
- **services_enabled**: *array*
- items: *string*
- **service_accounts**: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *object*
<br>*additional properties: false*
- **display_name**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_self_roles**: *array*
- items: *string*
- **iam_project_roles**: *reference([iam_project_roles](#refs-iam_project_roles))*
- **service_encryption_key_ids**: *object*
<br>*additional properties: false*
- **`^[a-z-]+\.googleapis\.com$`**: *array*
- items: *string*
- **services**: *array*
- items: *string*
- **shared_vpc_host_config**: *object*
<br>*additional properties: false*
- ⁺**enabled**: *boolean*
- **service_projects**: *array*
- items: *string*
- **shared_vpc_service_config**: *object*
<br>*additional properties: false*
- ⁺**host_project**: *string*
- **network_users**: *array*
- items: *string*
- **service_agent_iam**: *object*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **service_agent_subnet_iam**: *object*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **service_iam_grants**: *array*
- items: *string*
- **network_subnet_users**: *object*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **tag_bindings**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *string*
- **tags**: *object*
*additional properties: Object*
- **vpc_sc**: *object*
- ⁺**perimeter_name**: *string*
- **perimeter_bridges**: *array*
- items: *string*
- **is_dry_run**: *boolean*
## Definitions
- **bucket**<a name="refs-bucket"></a>: *object*
<br>*additional properties: false*
- **description**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **labels**: *object*
*additional properties: String*
- **location**: *string*
- **prefix**: *string*
- **storage_class**: *string*
- **uniform_bucket_level_access**: *boolean*
- **versioning**: *boolean*
- **buckets**<a name="refs-buckets"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *reference([bucket](#refs-bucket))*
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
- items: *string*
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_folder_roles**<a name="refs-iam_folder_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_organization_roles**<a name="refs-iam_organization_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_project_roles**<a name="refs-iam_project_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_sa_roles**<a name="refs-iam_sa_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_storage_roles**<a name="refs-iam_storage_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*

20
fast/stages/3-data-platform-dev/README.md
View File

@@ -229,25 +229,25 @@ The following table lists the available substitutions.
| name | description | type | required | default | producer |
|---|---|:---:|:---:|:---:|:---:|
| [automation](variables-fast.tf#L17) | Automation resources created by the bootstrap stage. | <code title="object&#40;&#123;&#10; outputs_bucket &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ | | <code>0-bootstrap</code> |
| [billing_account](variables-fast.tf#L25) | Billing account id. If billing account is not part of the same org set `is_org_level` to false. | <code title="object&#40;&#123;&#10; id &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ | | <code>0-bootstrap</code> |
| [environments](variables-fast.tf#L33) | Environment names. | <code title="object&#40;&#123;&#10; dev &#61; object&#40;&#123;&#10; name &#61; string&#10; short_name &#61; string&#10; &#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ | | <code>1-resman</code> |
| [prefix](variables-fast.tf#L68) | Prefix used for resources that need unique names. Use a maximum of 9 chars for organizations, and 11 chars for tenants. | <code>string</code> | ✓ | | <code>0-bootstrap</code> |
| [billing_account](variables-fast.tf#L26) | Billing account id. If billing account is not part of the same org set `is_org_level` to false. | <code title="object&#40;&#123;&#10; id &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ | | <code>0-bootstrap</code> |
| [environments](variables-fast.tf#L34) | Environment names. | <code title="object&#40;&#123;&#10; dev &#61; object&#40;&#123;&#10; name &#61; string&#10; short_name &#61; string&#10; &#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ | | <code>1-resman</code> |
| [prefix](variables-fast.tf#L69) | Prefix used for resources that need unique names. Use a maximum of 9 chars for organizations, and 11 chars for tenants. | <code>string</code> | ✓ | | <code>0-bootstrap</code> |
| [aspect_types](variables.tf#L17) | Aspect templates. Merged with those defined via the factory. | <code title="map&#40;object&#40;&#123;&#10; description &#61; optional&#40;string&#41;&#10; display_name &#61; optional&#40;string&#41;&#10; labels &#61; optional&#40;map&#40;string&#41;, &#123;&#125;&#41;&#10; metadata_template &#61; optional&#40;string&#41;&#10; iam &#61; optional&#40;map&#40;list&#40;string&#41;&#41;, &#123;&#125;&#41;&#10; iam_bindings &#61; optional&#40;map&#40;object&#40;&#123;&#10; members &#61; list&#40;string&#41;&#10; role &#61; string&#10; condition &#61; optional&#40;object&#40;&#123;&#10; expression &#61; string&#10; title &#61; string&#10; description &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#41;, &#123;&#125;&#41;&#10; iam_bindings_additive &#61; optional&#40;map&#40;object&#40;&#123;&#10; member &#61; string&#10; role &#61; string&#10; condition &#61; optional&#40;object&#40;&#123;&#10; expression &#61; string&#10; title &#61; string&#10; description &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> | |
| [central_project_config](variables.tf#L48) | Configuration for the top-level central project. | <code title="object&#40;&#123;&#10; iam &#61; optional&#40;map&#40;list&#40;string&#41;&#41;, &#123;&#125;&#41;&#10; iam_bindings &#61; optional&#40;map&#40;object&#40;&#123;&#10; members &#61; list&#40;string&#41;&#10; role &#61; string&#10; condition &#61; optional&#40;object&#40;&#123;&#10; expression &#61; string&#10; title &#61; string&#10; description &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#41;, &#123;&#125;&#41;&#10; iam_bindings_additive &#61; optional&#40;map&#40;object&#40;&#123;&#10; member &#61; string&#10; role &#61; string&#10; condition &#61; optional&#40;object&#40;&#123;&#10; expression &#61; string&#10; title &#61; string&#10; description &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#41;, &#123;&#125;&#41;&#10; iam_by_principals &#61; optional&#40;map&#40;list&#40;string&#41;&#41;, &#123;&#125;&#41;&#10; services &#61; optional&#40;list&#40;string&#41;, &#91;&#10; &#34;bigquery.googleapis.com&#34;,&#10; &#34;datacatalog.googleapis.com&#34;,&#10; &#34;logging.googleapis.com&#34;,&#10; &#34;monitoring.googleapis.com&#34;&#10; &#93;&#41;&#10; short_name &#61; optional&#40;string, &#34;central-0&#34;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> | |
| [encryption_keys](variables.tf#L84) | Default encryption keys for services, in service => { region => key id } format. Overridable on a per-object basis. | <code title="object&#40;&#123;&#10; bigquery &#61; optional&#40;map&#40;string&#41;, &#123;&#125;&#41;&#10; composer &#61; optional&#40;map&#40;string&#41;, &#123;&#125;&#41;&#10; storage &#61; optional&#40;map&#40;string&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> | |
| [exposure_config](variables.tf#L95) | Data exposure configuration. | <code title="object&#40;&#123;&#10; tag_name &#61; optional&#40;string, &#34;exposure&#47;allow&#34;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> | |
| [factories_config](variables.tf#L113) | Configuration for the resource factories. | <code title="object&#40;&#123;&#10; aspect_types &#61; optional&#40;string, &#34;data&#47;aspect-types&#34;&#41;&#10; data_domains &#61; optional&#40;string, &#34;data&#47;data-domains&#34;&#41;&#10; context &#61; optional&#40;object&#40;&#123;&#10; iam_principals &#61; optional&#40;map&#40;string&#41;, &#123;&#125;&#41;&#10; kms_keys &#61; optional&#40;map&#40;string&#41;, &#123;&#125;&#41;&#10; tag_values &#61; optional&#40;map&#40;string&#41;, &#123;&#125;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> | |
| [folder_ids](variables-fast.tf#L44) | Folder name => id mappings. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>1-resman</code> |
| [host_project_ids](variables-fast.tf#L52) | Shared VPC host project name => id mappings. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>2-networking</code> |
| [kms_keys](variables-fast.tf#L60) | KMS key ids. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>2-security</code> |
| [folder_ids](variables-fast.tf#L45) | Folder name => id mappings. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>1-resman</code> |
| [host_project_ids](variables-fast.tf#L53) | Shared VPC host project name => id mappings. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>2-networking</code> |
| [kms_keys](variables-fast.tf#L61) | KMS key ids. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>2-security</code> |
| [location](variables.tf#L128) | Default location used when no location is specified. | <code>string</code> | | <code>&#34;europe-west1&#34;</code> | |
| [outputs_location](variables.tf#L135) | Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable. | <code>string</code> | | <code>null</code> | |
| [regions](variables-fast.tf#L78) | Region mappings. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>2-networking</code> |
| [regions](variables-fast.tf#L79) | Region mappings. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>2-networking</code> |
| [secure_tags](variables.tf#L141) | Resource manager tags created in the central project. | <code title="map&#40;object&#40;&#123;&#10; description &#61; optional&#40;string, &#34;Managed by the Terraform project module.&#34;&#41;&#10; iam &#61; optional&#40;map&#40;list&#40;string&#41;&#41;, &#123;&#125;&#41;&#10; values &#61; optional&#40;map&#40;object&#40;&#123;&#10; description &#61; optional&#40;string, &#34;Managed by the Terraform project module.&#34;&#41;&#10; iam &#61; optional&#40;map&#40;list&#40;string&#41;&#41;, &#123;&#125;&#41;&#10; id &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> | |
| [stage_config](variables.tf#L162) | Stage configuration used to find environment and resource ids, and to generate names. | <code title="object&#40;&#123;&#10; environment &#61; string&#10; name &#61; string&#10; short_name &#61; optional&#40;string, &#34;dp&#34;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; environment &#61; &#34;dev&#34;&#10; name &#61; &#34;data-platform-dev&#34;&#10;&#125;">&#123;&#8230;&#125;</code> | |
| [subnet_self_links](variables-fast.tf#L86) | Subnet VPC name => { name => self link } mappings. | <code>map&#40;map&#40;string&#41;&#41;</code> | | <code>&#123;&#125;</code> | <code>2-networking</code> |
| [tag_values](variables-fast.tf#L94) | FAST-managed resource manager tag values. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>1-resman</code> |
| [vpc_self_links](variables-fast.tf#L102) | Shared VPC name => self link mappings. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>2-networking</code> |
| [subnet_self_links](variables-fast.tf#L87) | Subnet VPC name => { name => self link } mappings. | <code>map&#40;map&#40;string&#41;&#41;</code> | | <code>&#123;&#125;</code> | <code>2-networking</code> |
| [tag_values](variables-fast.tf#L95) | FAST-managed resource manager tag values. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>1-resman</code> |
| [vpc_self_links](variables-fast.tf#L103) | Shared VPC name => self link mappings. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>2-networking</code> |
## Outputs

45
fast/stages/3-data-platform-dev/schemas/aspect-type.schema.md Normal file
View File

@@ -0,0 +1,45 @@
# Dataplex Aspect Type
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **description**: *string*
- **display_name**: *string*
- **labels**: *object*
- **metadata_template**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*

1
fast/stages/3-data-platform-dev/schemas/data-domain.schema.json
View File

@@ -14,6 +14,7 @@
"type": "string"
},
"automation": {
"type": "object",
"additionalProperties": false,
"properties": {
"location": {

122
fast/stages/3-data-platform-dev/schemas/data-domain.schema.md Normal file
View File

@@ -0,0 +1,122 @@
# Data Domain
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- ⁺**name**: *string*
- **short_name**: *string*
- **automation**: *object*
<br>*additional properties: false*
- **location**: *string*
- **impersonation_principals**: *array*
- items: *string*
- **deploy_config**: *object*
<br>*additional properties: false*
- **composer**: *object*
<br>*additional properties: false*
- **encryption_key**: *string*
- **environment_size**: *string*
<br>*default: ENVIRONMENT_SIZE_SMALL*, *enum: ['ENVIRONMENT_SIZE_SMALL', 'ENVIRONMENT_SIZE_MEDIUM', 'ENVIRONMENT_SIZE_LARGE']*
- ⁺**node_config**: *object*
<br>*additional properties: false*
- **service_account**: *string*
- ⁺**network**: *string*
- ⁺**subnetwork**: *string*
- **private_builds**: *boolean*
- **private_environment**: *boolean*
- **region**: *string*
- **workloads_config**: *object*
<br>*additional properties: false*
- **dag_processor**: *reference([composer_workload](#refs-composer_workload))*
- **triggerer**: *reference([composer_workload](#refs-composer_workload))*
- **scheduler**: *reference([composer_workload](#refs-composer_workload))*
- **web_server**: *reference([composer_workload](#refs-composer_workload))*
- **worker**: *object*
<br>*additional properties: false*
- **cpu**: *number*
- **memory_gb**: *number*
- **storage_gb**: *number*
- **min_count**: *integer*
- **max_count**: *integer*
- **folder_config**: *object*
<br>*additional properties: false*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **project_config**: *object*
<br>*additional properties: false*
- **name**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **services**: *array*
- items: *string*
- **shared_vpc_service_config**: *object*
<br>*additional properties: false*
- ⁺**host_project**: *string*
- **network_users**: *array*
- items: *string*
- **service_agent_iam**: *object*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **service_iam_grants**: *array*
- items: *string*
- **service_accounts**: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *object*
<br>*additional properties: false*
- **description**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_storage_roles**: *reference([iam_storage_roles](#refs-iam_storage_roles))*
- **name**: *string*
## Definitions
- **composer_workload**<a name="refs-composer_workload"></a>: *object*
<br>*additional properties: false*
- **cpu**: *number*
- **memory_gb**: *number*
- **storage_gb**: *number*
- **count**: *integer*
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^(?:roles/|[a-z_]+)`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^[a-z]+[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_storage_roles**<a name="refs-iam_storage_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*

3
fast/stages/3-data-platform-dev/schemas/data-product.schema.json
View File

@@ -5,6 +5,7 @@
"additionalProperties": false,
"properties": {
"automation": {
"type": "object",
"additionalProperties": false,
"properties": {
"location": {
@@ -28,6 +29,7 @@
"additionalProperties": false,
"properties": {
"datasets": {
"type": "object",
"patternProperties": {
"^[a-z][a-z0-9_]+$": {
"type": "object",
@@ -53,6 +55,7 @@
"additionalProperties": false,
"properties": {
"buckets": {
"type": "object",
"patternProperties": {
"^[a-z][a-z0-9-]+$": {
"type": "object",

97
fast/stages/3-data-platform-dev/schemas/data-product.schema.md Normal file
View File

@@ -0,0 +1,97 @@
# Data Product
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **automation**: *object*
<br>*additional properties: false*
- **location**: *string*
- **impersonation_principals**: *array*
- items: *string*
- **exposure_layer**: *object*
<br>*additional properties: false*
- **bigquery**: *object*
<br>*additional properties: false*
- **datasets**: *object*
- **`^[a-z][a-z0-9_]+$`**: *object*
<br>*additional properties: false*
- **encryption_key**: *string*
- **location**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **storage**: *object*
<br>*additional properties: false*
- **buckets**: *object*
- **`^[a-z][a-z0-9-]+$`**: *object*
<br>*additional properties: false*
- **encryption_key**: *string*
- **location**: *string*
- **storage_class**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **service_accounts**: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *object*
<br>*additional properties: false*
- **description**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_storage_roles**: *reference([iam_storage_roles](#refs-iam_storage_roles))*
- **name**: *string*
- **services**: *array*
- items: *string*
- **shared_vpc_service_config**: *object*
<br>*additional properties: false*
- ⁺**host_project**: *string*
- **network_users**: *array*
- items: *string*
- **service_agent_iam**: *object*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **service_iam_grants**: *array*
- items: *string*
- **short_name**: *string*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^(?:roles/|[a-z_]+)`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^[a-z]+[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_storage_roles**<a name="refs-iam_storage_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*

1
fast/stages/3-data-platform-dev/variables-fast.tf
View File

@@ -22,6 +22,7 @@ variable "automation" {
})
nullable = false
}
variable "billing_account" {
# tfdoc:variable:source 0-bootstrap
description = "Billing account id. If billing account is not part of the same org set `is_org_level` to false."

2
modules/billing-account/schemas/budget.schema.json
View File

@@ -1,6 +1,6 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Project",
"title": "Budget",
"type": "object",
"additionalProperties": false,
"required": [

62
modules/billing-account/schemas/budget.schema.md Normal file
View File

@@ -0,0 +1,62 @@
# Budget
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- ⁺**amount**: *object*
<br>*additional properties: false*
- **currency_code**: *string*
- **nanos**: *number*
- **units**: *number*
- **use_last_period**: *boolean*
- **display_name**: *string*
- **filter**: *object*
<br>*additional properties: false*
- **credit_types_treatment**: *object*
<br>*additional properties: false*
- **exclude_all**: *boolean*
- **include_specified**: *array*
- items: *string*
- **label**: *object*
<br>*additional properties: false*
- **key**: *string*
- **value**: *string*
- **period**: *object*
<br>*additional properties: false*
- **calendar**: *string*
- **custom**: *object*
<br>*additional properties: false*
- **start_date**: *reference([date](#refs-date))*
- **end_date**: *reference([date](#refs-date))*
- **projects**: *array*
- items: *string*
- **resource_ancestors**: *array*
- items: *string*
- **services**: *array*
- items: *string*
- **subaccounts**: *array*
- items: *string*
- **threshold_rules**: *array*
- items: *object*
<br>*additional properties: false*
- ⁺**percent**: *number*
- **forecasted_spend**: *boolean*
- **update_rules**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **disable_default_iam_recipients**: *boolean*
- **monitoring_notification_channels**: *array*
- items: *string*
- **pubsub_topic**: *string*
## Definitions
- **date**<a name="refs-date"></a>: *object*
<br>*additional properties: false*
- **day**: *number*
- **month**: *number*
- **year**: *number*

1
modules/data-catalog-tag-template/schemas/tag-template.schema.json
View File

@@ -37,6 +37,7 @@
"additionalProperties": false,
"properties": {
"primitive_type": {
"type": "string",
"enum": [
"DOUBLE",
"STRING",

60
modules/data-catalog-tag-template/schemas/tag-template.schema.md Normal file
View File

@@ -0,0 +1,60 @@
# Data Catalog Tag Template
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **display_name**: *string*
- **force_delete**: *boolean*
- **region**: *string*
- **fields**: *object*
<br>*additional properties: false*
- **display_name**: *string*
- **description**: *string*
- **is_required**: *boolean*
- **order**: *number*
- **type**: *object*
<br>*additional properties: false*
- **primitive_type**: *string*
<br>*enum: ['DOUBLE', 'STRING', 'BOOL', 'TIMESTAMP']*
- **enum_type_values**: *array*
- items: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
- items: *string*

45
modules/dataplex-aspect-types/schemas/aspect-type.schema.md Normal file
View File

@@ -0,0 +1,45 @@
# Dataplex Aspect Type
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **description**: *string*
- **display_name**: *string*
- **labels**: *object*
- **metadata_template**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*

33
modules/folder/schemas/org-policies.schema.md Normal file
View File

@@ -0,0 +1,33 @@
# Organization Policies
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
<br>*additional properties: false*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *reference([allow-deny](#refs-allow-deny))*
- **deny**: *reference([allow-deny](#refs-allow-deny))*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parameters**: *string*
## Definitions
- **allow-deny**<a name="refs-allow-deny"></a>: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*

1
modules/net-firewall-policy/schemas/firewall-policy-rules.schema.json
View File

@@ -20,6 +20,7 @@
"type": "number"
},
"action": {
"type": "string",
"enum": [
"allow",
"deny",

49
modules/net-firewall-policy/schemas/firewall-policy-rules.schema.md Normal file
View File

@@ -0,0 +1,49 @@
# Firewall Rules
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
## Definitions
- **rule**<a name="refs-rule"></a>: *object*
<br>*additional properties: false*
- ⁺**priority**: *number*
- **action**: *string*
<br>*enum: ['allow', 'deny', 'goto_next', 'apply_security_profile_group']*
- **description**: *string*
- **disabled**: *boolean*
- **enable_logging**: *boolean*
- **security_profile_group**: *string*
- **target_resources**: *array*
- items: *string*
- **target_service_accounts**: *array*
- items: *string*
- **target_tags**: *array*
- items: *string*
- **tls_inspect**: *boolean*
- **match**: *object*
<br>*additional properties: false*
- **address_groups**: *array*
- items: *string*
- **fqdns**: *array*
- items: *string*
- **region_codes**: *array*
- items: *string*
- **threat_intelligences**: *array*
- items: *string*
- **destination_ranges**: *array*
- items: *string*
- **source_ranges**: *array*
- items: *string*
- **source_tags**: *array*
- items: *string*
- **layer4_configs**: *array*
- items: *object*
<br>*additional properties: false*
- **protocol**: *string*
- **ports**: *array*

24
modules/net-swp/schemas/policy-rule.schema.md Normal file
View File

@@ -0,0 +1,24 @@
# Policy rule
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- ⁺**priority**: *integer*
- **allow**: *boolean*
- **description**: *string*
- **enabled**: *boolean*
- **application_matcher**: *string*
- **session_matcher**: *string*
- **tls_inspect**: *boolean*
- **matcher_args**: *object*
<br>*additional properties: false*
- **application**: *array*
- items: *string*
- **session**: *array*
- items: *string*
## Definitions

14
modules/net-swp/schemas/url-list.schema.md Normal file
View File

@@ -0,0 +1,14 @@
# URL list
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **description**: *string*
- **values**: *array*
- items: *string*
## Definitions

12
modules/net-vpc-factory/schemas/network-project.schema.json
View File

@@ -1302,19 +1302,13 @@
"type": "string"
},
"exclude_export_ranges": {
"type": [
"array",
"null"
],
"type": "array",
"items": {
"type": "string"
}
},
"include_export_ranges": {
"type": [
"array",
"null"
],
"type": "array",
"items": {
"type": "string"
}
@@ -1506,4 +1500,4 @@
}
}
}
}
}

460
modules/net-vpc-factory/schemas/network-project.schema.md Normal file
View File

@@ -0,0 +1,460 @@
# Network Project Configuration (Single)
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **project_config**: *reference([projectConfig](#refs-projectConfig))*
- **ncc_hub_config**: *reference([nccHubConfig](#refs-nccHubConfig))*
- **vpc_config**: *reference([vpcConfigMap](#refs-vpcConfigMap))*
## Definitions
- **projectConfig**<a name="refs-projectConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**name**: *string*
- **prefix**: *string*
- **parent**: *string*
- **project_reuse**: *object*
<br>*additional properties: false*
- **use_data_source**: *boolean*
- **project_attributes**: *object*
- ⁺**name**: *string*
- ⁺**number**: *number*
- **services_enabled**: *array*
- items: *string*
- **billing_account**: *string*
- **deletion_policy**: *string*
<br>*enum: ['DELETE', 'ABANDON']*
- **default_service_account**: *string*
<br>*enum: ['deprovision', 'disable', 'keep']*
- **auto_create_network**: *boolean*
- **project_create**: *boolean*
- **shared_vpc_host_config**: *object*
<br>*additional properties: false*
- ⁺**enabled**: *boolean*
- **service_projects**: *array*
- items: *string*
- **services**: *array*
- items: *string*
- **org_policies**: *reference([orgPolicies](#refs-orgPolicies))*
- **metric_scopes**: *array*
- items: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iamBindings](#refs-iamBindings))*
- **iam_bindings_additive**: *reference([iamBindingsAdditive](#refs-iamBindingsAdditive))*
- **iam_by_principals**: *reference([iamByPrincipals](#refs-iamByPrincipals))*
- **iam_by_principals_additive**: *reference([iamByPrincipals](#refs-iamByPrincipals))*
- **nccHubConfig**<a name="refs-nccHubConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**name**: *string*
- **description**: *string*
- **preset_topology**: *string*
<br>*enum: ['MESH', 'STAR', 'PLANETARY']*
- **export_psc**: *boolean*
- **groups**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9_-]+$`**: *reference([nccGroup](#refs-nccGroup))*
- **nccGroup**<a name="refs-nccGroup"></a>: *object*
<br>*additional properties: false*
- **labels**: *reference([stringMap](#refs-stringMap))*
- **description**: *string*
- **auto_accept**: *array*
- items: *string*
- **vpcConfigMap**<a name="refs-vpcConfigMap"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *reference([vpcConfigEntry](#refs-vpcConfigEntry))*
- **vpcConfigEntry**<a name="refs-vpcConfigEntry"></a>: *object*
<br>*additional properties: false*
- **auto_create_subnetworks**: *boolean*
- **create_googleapis_routes**: *object*
<br>*additional properties: false*
- **private**: *boolean*
- **private-6**: *boolean*
- **restricted**: *boolean*
- **restricted-6**: *boolean*
- **delete_default_routes_on_create**: *boolean*
- **description**: *string*
- **dns_policy**: *object*
<br>*additional properties: false*
- **inbound**: *boolean*
- **logging**: *boolean*
- **outbound**: *object*
<br>*additional properties: false*
- **private_ns**: *array*
- items: *string*
- **public_ns**: *array*
- items: *string*
- **dns_zones**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([dnsZone](#refs-dnsZone))*
- **firewall_policy_enforcement_order**: *string*
<br>*enum: ['AFTER_CLASSIC_FIREWALL', 'BEFORE_CLASSIC_FIREWALL']*
- **ipv6_config**: *object*
<br>*additional properties: false*
- **enable_ula_internal**: *boolean*
- **internal_range**: *string*
- **mtu**: *number*
- **nat_config**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([natConfig](#refs-natConfig))*
- **network_attachments**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([networkAttachment](#refs-networkAttachment))*
- **policy_based_routes**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([policyBasedRoute](#refs-policyBasedRoute))*
- **psa_config**: *array*
- items: *reference([psaConfig](#refs-psaConfig))*
- **routers**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([routerConfig](#refs-routerConfig))*
- **routes**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([routeConfig](#refs-routeConfig))*
- **routing_mode**: *string*
<br>*enum: ['GLOBAL', 'REGIONAL']*
- **subnets_factory_config**: *object*
<br>*additional properties: false*
- **context**: *object*
<br>*additional properties: false*
- **regions**: *reference([stringMap](#refs-stringMap))*
- **subnets_folder**: *string*
- **firewall_factory_config**: *object*
<br>*additional properties: false*
- **cidr_tpl_file**: *string*
- **rules_folder**: *string*
- **vpn_config**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([vpnConfig](#refs-vpnConfig))*
- **peering_config**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([peeringConfig](#refs-peeringConfig))*
- **ncc_config**: *reference([vpcNccConfig](#refs-vpcNccConfig))*
- **dnsZone**<a name="refs-dnsZone"></a>: *object*
<br>*additional properties: false*
- **force_destroy**: *boolean*
- **description**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **zone_config**: *reference([dnsZoneConfig](#refs-dnsZoneConfig))*
- **recordsets**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9_. -]+$`**: *reference([dnsRecordSet](#refs-dnsRecordSet))*
- **dnsZoneConfig**<a name="refs-dnsZoneConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**domain**: *string*
- **forwarding**: *object*
<br>*additional properties: false*
- **forwarders**: *reference([stringMap](#refs-stringMap))*
- **client_networks**: *array*
- items: *string*
- **peering**: *object*
<br>*additional properties: false*
- **client_networks**: *array*
- items: *string*
- ⁺**peer_network**: *string*
- **public**: *object*
<br>*additional properties: false*
- **dnssec_config**: *reference([dnssecConfig](#refs-dnssecConfig))*
- **enable_logging**: *boolean*
- **private**: *object*
<br>*additional properties: false*
- **client_networks**: *array*
- items: *string*
- **service_directory_namespace**: *string*
- **dnssecConfig**<a name="refs-dnssecConfig"></a>: *object*
<br>*additional properties: false*
- **non_existence**: *string*
<br>*enum: ['nsec', 'nsec3']*
- ⁺**state**: *string*
<br>*enum: ['on', 'off', 'transfer']*
- **key_signing_key**: *reference([dnsKeySpec](#refs-dnsKeySpec))*
- **zone_signing_key**: *reference([dnsKeySpec](#refs-dnsKeySpec))*
- **dnsKeySpec**<a name="refs-dnsKeySpec"></a>: *object*
<br>*additional properties: false*
- ⁺**algorithm**: *string*
<br>*enum: ['rsasha1', 'rsasha256', 'rsasha512', 'ecdsap256sha256', 'ecdsap384sha384']*
- ⁺**key_length**: *number*
- **dnsRecordSet**<a name="refs-dnsRecordSet"></a>: *object*
<br>*additional properties: false*
- **ttl**: *number*
- **records**: *array*
- items: *string*
- **geo_routing**: *array*
- items: *reference([dnsGeoRoutingRule](#refs-dnsGeoRoutingRule))*
- **wrr_routing**: *array*
- items: *reference([dnsWrrRoutingRule](#refs-dnsWrrRoutingRule))*
- **dnsGeoRoutingRule**<a name="refs-dnsGeoRoutingRule"></a>: *object*
<br>*additional properties: false*
- ⁺**location**: *string*
- **records**: *array*
- items: *string*
- **health_checked_targets**: *array*
- items: *reference([dnsHealthCheckedTarget](#refs-dnsHealthCheckedTarget))*
- **dnsHealthCheckedTarget**<a name="refs-dnsHealthCheckedTarget"></a>: *object*
<br>*additional properties: false*
- ⁺**load_balancer_type**: *string*
- ⁺**ip_address**: *string*
- ⁺**port**: *string*
- ⁺**ip_protocol**: *string*
- ⁺**network_url**: *string*
- ⁺**project**: *string*
- **region**: *string*
- **dnsWrrRoutingRule**<a name="refs-dnsWrrRoutingRule"></a>: *object*
<br>*additional properties: false*
- ⁺**weight**: *number*
- ⁺**records**: *array*
- items: *string*
- **natConfig**<a name="refs-natConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**region**: *string*
- **router_create**: *boolean*
- **router_name**: *string*
- **router_network**: *string*
- **router_asn**: *number*
- **type**: *string*
<br>*enum: ['PUBLIC', 'PRIVATE']*
- **addresses**: *array*
- items: *string*
- **endpoint_types**: *array*
- items: *string*
<br>*enum: ['ENDPOINT_TYPE_VM', 'ENDPOINT_TYPE_SWG', 'ENDPOINT_TYPE_MANAGED_PROXY_LB']*
- **logging_filter**: *string*
<br>*enum: ['ERRORS_ONLY', 'TRANSLATIONS_ONLY', 'ALL']*
- **config_port_allocation**: *object*
<br>*additional properties: false*
- **enable_endpoint_independent_mapping**: *boolean*
- **enable_dynamic_port_allocation**: *boolean*
- **min_ports_per_vm**: *number*
- **max_ports_per_vm**: *number*
- **config_source_subnetworks**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **primary_ranges_only**: *boolean*
- **subnetworks**: *array*
- items: *reference([natSourceSubnetwork](#refs-natSourceSubnetwork))*
- **config_timeouts**: *object*
<br>*additional properties: false*
- **icmp**: *number*
- **tcp_established**: *number*
- **tcp_time_wait**: *number*
- **tcp_transitory**: *number*
- **udp**: *number*
- **rules**: *array*
- items: *reference([natRule](#refs-natRule))*
- **natSourceSubnetwork**<a name="refs-natSourceSubnetwork"></a>: *object*
<br>*additional properties: false*
- ⁺**self_link**: *string*
- **all_ranges**: *boolean*
- **primary_range**: *boolean*
- **secondary_ranges**: *array*
- items: *string*
- **natRule**<a name="refs-natRule"></a>: *object*
<br>*additional properties: false*
- **description**: *string*
- ⁺**match**: *string*
- **source_ips**: *array*
- items: *string*
- **source_ranges**: *array*
- items: *string*
- **networkAttachment**<a name="refs-networkAttachment"></a>: *object*
<br>*additional properties: false*
- ⁺**subnet**: *string*
- **automatic_connection**: *boolean*
- **description**: *string*
- **producer_accept_lists**: *array*
- items: *string*
- **producer_reject_lists**: *array*
- items: *string*
- **policyBasedRoute**<a name="refs-policyBasedRoute"></a>: *object*
<br>*additional properties: false*
- **description**: *string*
- **labels**: *reference([stringMap](#refs-stringMap))*
- **priority**: *number*
- **next_hop_ilb_ip**: *string*
- **use_default_routing**: *boolean*
- **filter**: *object*
<br>*additional properties: false*
- **ip_protocol**: *string*
- **dest_range**: *string*
- **src_range**: *string*
- **target**: *object*
<br>*additional properties: false*
- **interconnect_attachment**: *string*
- **tags**: *array*
- items: *string*
- **psaConfig**<a name="refs-psaConfig"></a>: *object*
<br>*additional properties: false*
- **deletion_policy**: *string*
<br>*enum: ['delete', 'abandon']*
- **ranges**: *reference([stringMap](#refs-stringMap))*
- **export_routes**: *boolean*
- **import_routes**: *boolean*
- **peered_domains**: *array*
- items: *string*
- **range_prefix**: *string*
- **service_producer**: *string*
- **routerConfig**<a name="refs-routerConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**region**: *string*
- **asn**: *number*
- **custom_advertise**: *reference([customAdvertiseConfig](#refs-customAdvertiseConfig))*
- **keepalive**: *number*
- **name**: *string*
- **routeConfig**<a name="refs-routeConfig"></a>: *object*
<br>*additional properties: false*
- **description**: *string*
- ⁺**dest_range**: *string*
- ⁺**next_hop_type**: *string*
- ⁺**next_hop**: *string*
- **priority**: *number*
- **tags**: *array*
- items: *string*
- **vpnConfig**<a name="refs-vpnConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**region**: *string*
- **ncc_spoke_config**: *object*
<br>*additional properties: false*
- **hub**: *string*
- **description**: *string*
- **labels**: *reference([stringMap](#refs-stringMap))*
- ⁺**peer_gateways**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([peerGateway](#refs-peerGateway))*
- **router_config**: *reference([vpnRouterConfig](#refs-vpnRouterConfig))*
- **stack_type**: *string*
<br>*enum: ['IPV4_ONLY', 'IPV4_IPV6']*
- ⁺**tunnels**: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *reference([vpnTunnel](#refs-vpnTunnel))*
- **peerGateway**<a name="refs-peerGateway"></a>: *object*
<br>*additional properties: false*
- **external**: *reference([externalPeerGateway](#refs-externalPeerGateway))*
- **gcp**: *string*
- **externalPeerGateway**<a name="refs-externalPeerGateway"></a>: *object*
<br>*additional properties: false*
- ⁺**redundancy_type**: *string*
<br>*enum: ['SINGLE_IP_INTERNALLY_REDUNDANT', 'TWO_IPS_REDUNDANCY', 'FOUR_IPS_REDUNDANCY']*
- ⁺**interfaces**: *array*
- items: *string*
- **description**: *string*
- **name**: *string*
- **vpnRouterConfig**<a name="refs-vpnRouterConfig"></a>: *object*
<br>*additional properties: false*
- **asn**: *number*
- **create**: *boolean*
- **custom_advertise**: *reference([customAdvertiseConfig](#refs-customAdvertiseConfig))*
- **keepalive**: *number*
- **name**: *string*
- **override_name**: *string*
- **vpnTunnel**<a name="refs-vpnTunnel"></a>: *object*
<br>*additional properties: false*
- **bgp_peer**: *reference([bgpPeerConfig](#refs-bgpPeerConfig))*
- ⁺**bgp_session_range**: *string*
- **ike_version**: *number*
<br>*enum: [1, 2]*
- **name**: *string*
- **peer_external_gateway_interface**: *number*
- **peer_router_interface_name**: *string*
- **peer_gateway**: *string*
- **router**: *string*
- **shared_secret**: *string*
- ⁺**vpn_gateway_interface**: *number*
- **bgpPeerConfig**<a name="refs-bgpPeerConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**address**: *string*
- ⁺**asn**: *number*
- **route_priority**: *number*
- **custom_advertise**: *reference([customAdvertiseConfig](#refs-customAdvertiseConfig))*
- **md5_authentication_key**: *object*
<br>*additional properties: false*
- ⁺**name**: *string*
- **key**: *string*
- **ipv6**: *object*
<br>*additional properties: false*
- **nexthop_address**: *string*
- **peer_nexthop_address**: *string*
- **name**: *string*
- **customAdvertiseConfig**<a name="refs-customAdvertiseConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**all_subnets**: *boolean*
- **ip_ranges**: *reference([stringMap](#refs-stringMap))*
- **peeringConfig**<a name="refs-peeringConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**peer_network**: *string*
- **routes_config**: *object*
<br>*additional properties: false*
- **export**: *boolean*
- **import**: *boolean*
- **public_export**: *boolean*
- **public_import**: *boolean*
- **stack_type**: *string*
<br>*enum: ['IPV4_ONLY', 'IPV4_IPV6']*
- **vpcNccConfig**<a name="refs-vpcNccConfig"></a>: *object*
<br>*additional properties: false*
- ⁺**hub**: *string*
- **description**: *string*
- **labels**: *reference([stringMap](#refs-stringMap))*
- **group**: *string*
- **exclude_export_ranges**: *array*
- items: *string*
- **include_export_ranges**: *array*
- items: *string*
- **stringMap**<a name="refs-stringMap"></a>: *object*
*additional properties: String*
- **condition**<a name="refs-condition"></a>: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **principalPattern**<a name="refs-principalPattern"></a>: *string*
- **rolePattern**<a name="refs-rolePattern"></a>: *string*
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *reference([principalPattern](#refs-principalPattern))*
- **iamBindings**<a name="refs-iamBindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- ⁺**members**: *array*
- items: *reference([principalPattern](#refs-principalPattern))*
- **role**: *reference([rolePattern](#refs-rolePattern))*
- **condition**: *reference([condition](#refs-condition))*
- **iamBindingsAdditive**<a name="refs-iamBindingsAdditive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *reference([principalPattern](#refs-principalPattern))*
- **role**: *reference([rolePattern](#refs-rolePattern))*
- **condition**: *reference([condition](#refs-condition))*
- **iamByPrincipals**<a name="refs-iamByPrincipals"></a>: *object*
<br>*additional properties: false*
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
- items: *reference([rolePattern](#refs-rolePattern))*
- **orgPolicies**<a name="refs-orgPolicies"></a>: *object*
<br>*additional properties: false*
- **`^[a-z]+\.`**: *reference([orgPolicyConfig](#refs-orgPolicyConfig))*
- **orgPolicyConfig**<a name="refs-orgPolicyConfig"></a>: *object*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *reference([orgPolicyRule](#refs-orgPolicyRule))*
- **orgPolicyRule**<a name="refs-orgPolicyRule"></a>: *object*
<br>*additional properties: false*
- **allow**: *reference([orgPolicyRuleAllowDeny](#refs-orgPolicyRuleAllowDeny))*
- **deny**: *reference([orgPolicyRuleAllowDeny](#refs-orgPolicyRuleAllowDeny))*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **orgPolicyRuleAllowDeny**<a name="refs-orgPolicyRuleAllowDeny"></a>: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*

41
modules/net-vpc-firewall/schemas/firewall-rules.schema.md Normal file
View File

@@ -0,0 +1,41 @@
# Firewall Rules
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **egress**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
- **ingress**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
## Definitions
- **rule**<a name="refs-rule"></a>: *object*
<br>*additional properties: false*
- **deny**: *boolean*
- **description**: *string*
- **destination_ranges**: *array*
- items: *string*
- **disabled**: *boolean*
- **enable_logging**: *object*
<br>*additional properties: false*
- **include_metadata**: *boolean*
- **priority**: *number*
- **source_ranges**: *array*
- items: *string*
- **sources**: *array*
- items: *string*
- **targets**: *array*
- items: *string*
- **use_service_accounts**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **protocol**: *string*
- **ports**: *array*
- items: *number*

64
modules/net-vpc/schemas/subnet.schema.md Normal file
View File

@@ -0,0 +1,64 @@
# Subnet
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **active**: *boolean*
- **description**: *string*
- **enable_private_access**: *boolean*
- **allow_subnet_cidr_routes_overlap**: *boolean*
- **flow_logs_config**: *object*
<br>*additional properties: false*
- **aggregation_interval**: *string*
- **filter_expression**: *string*
- **flow_sampling**: *number*
- **metadata**: *string*
- **metadata_fields**: *array*
- items: *string*
- **global**: *boolean*
- ⁺**ip_cidr_range**: *string*
- **ipv6**: *object*
<br>*additional properties: false*
- **access_type**: *string*
- **name**: *string*
- ⁺**region**: *string*
- **psc**: *boolean*
- **proxy_only**: *boolean*
- **secondary_ip_ranges**: *object*
*additional properties: String*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*

14
modules/organization/schemas/custom-role.schema.md Normal file
View File

@@ -0,0 +1,14 @@
# Custom Role
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **name**: *string*
- **includedPermissions**: *array*
- items: *string*
## Definitions

33
modules/organization/schemas/org-policies.schema.md Normal file
View File

@@ -0,0 +1,33 @@
# Organization Policies
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
<br>*additional properties: false*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *reference([allow-deny](#refs-allow-deny))*
- **deny**: *reference([allow-deny](#refs-allow-deny))*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parameters**: *string*
## Definitions
- **allow-deny**<a name="refs-allow-deny"></a>: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*

21
modules/organization/schemas/org-policy-custom-constraint.schema.md Normal file
View File

@@ -0,0 +1,21 @@
# Organization Policy Custom Constraints
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z-]+\.[a-zA-Z]+$`**: *object*
<br>*additional properties: false*
- **display_name**: *string*
- **description**: *string*
- ⁺**action_type**: *string*
- ⁺**condition**: *string*
- **method_types**: *array*
- items: *string*
- **resource_types**: *array*
- items: *string*
## Definitions

62
modules/project-factory/schemas/budget.schema.md Normal file
View File

@@ -0,0 +1,62 @@
# Budget
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- ⁺**amount**: *object*
<br>*additional properties: false*
- **currency_code**: *string*
- **nanos**: *number*
- **units**: *number*
- **use_last_period**: *boolean*
- **display_name**: *string*
- **filter**: *object*
<br>*additional properties: false*
- **credit_types_treatment**: *object*
<br>*additional properties: false*
- **exclude_all**: *boolean*
- **include_specified**: *array*
- items: *string*
- **label**: *object*
<br>*additional properties: false*
- **key**: *string*
- **value**: *string*
- **period**: *object*
<br>*additional properties: false*
- **calendar**: *string*
- **custom**: *object*
<br>*additional properties: false*
- **start_date**: *reference([date](#refs-date))*
- **end_date**: *reference([date](#refs-date))*
- **projects**: *array*
- items: *string*
- **resource_ancestors**: *array*
- items: *string*
- **services**: *array*
- items: *string*
- **subaccounts**: *array*
- items: *string*
- **threshold_rules**: *array*
- items: *object*
<br>*additional properties: false*
- ⁺**percent**: *number*
- **forecasted_spend**: *boolean*
- **update_rules**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **disable_default_iam_recipients**: *boolean*
- **monitoring_notification_channels**: *array*
- items: *string*
- **pubsub_topic**: *string*
## Definitions
- **date**<a name="refs-date"></a>: *object*
<br>*additional properties: false*
- **day**: *number*
- **month**: *number*
- **year**: *number*

115
modules/project-factory/schemas/folder.schema.json
View File

@@ -24,66 +24,69 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
"type": "object",
"properties": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
}
}
}
}

76
modules/project-factory/schemas/folder.schema.md Normal file
View File

@@ -0,0 +1,76 @@
# Folder
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **name**: *string*
- **org_policies**: *object*
<br>*additional properties: false*
- **`^[a-z]+\.`**: *object*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **deny**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parent**: *string*
- **tag_bindings**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *string*
## Definitions
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
- items: *string*

123
modules/project-factory/schemas/project.schema.json
View File

@@ -87,7 +87,11 @@
},
"deletion_policy": {
"type": "string",
"enum": ["PREVENT", "DELETE", "ABANDON"]
"enum": [
"PREVENT",
"DELETE",
"ABANDON"
]
},
"iam": {
"$ref": "#/$defs/iam"
@@ -118,66 +122,69 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
"type": "object",
"properties": {
"inherit_from_parent": {
"type": "boolean"
},
"reset": {
"type": "boolean"
},
"rules": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"allow": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
},
"deny": {
"type": "object",
"additionalProperties": false,
"properties": {
"all": {
"type": "boolean"
},
"values": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
},
"enforce": {
"type": "boolean"
},
"condition": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"expression": {
"type": "string"
},
"location": {
"type": "string"
},
"title": {
"type": "string"
}
}
}
}
@@ -655,4 +662,4 @@
}
}
}
}
}

199
modules/project-factory/schemas/project.schema.md Normal file
View File

@@ -0,0 +1,199 @@
# Project
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **automation**: *object*
<br>*additional properties: false*
- ⁺**project**: *string*
- **bucket**: *reference([bucket](#refs-bucket))*
- **service_accounts**: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *object*
<br>*additional properties: false*
- **description**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_billing_roles**: *reference([iam_billing_roles](#refs-iam_billing_roles))*
- **iam_folder_roles**: *reference([iam_folder_roles](#refs-iam_folder_roles))*
- **iam_organization_roles**: *reference([iam_organization_roles](#refs-iam_organization_roles))*
- **iam_project_roles**: *reference([iam_project_roles](#refs-iam_project_roles))*
- **iam_sa_roles**: *reference([iam_sa_roles](#refs-iam_sa_roles))*
- **iam_storage_roles**: *reference([iam_storage_roles](#refs-iam_storage_roles))*
- **billing_account**: *string*
- **billing_budgets**: *array*
- items: *string*
- **buckets**: *reference([buckets](#refs-buckets))*
- **contacts**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **deletion_policy**: *string*
<br>*enum: ['PREVENT', 'DELETE', 'ABANDON']*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
- **labels**: *object*
- **metric_scopes**: *array*
- items: *string*
- **name**: *string*
- **org_policies**: *object*
<br>*additional properties: false*
- **`^[a-z]+\.`**: *object*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **deny**: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parent**: *string*
- **prefix**: *string*
- **project_reuse**: *object*
<br>*additional properties: false*
- **use_data_source**: *boolean*
- **project_attributes**: *object*
- ⁺**name**: *string*
- ⁺**number**: *number*
- **services_enabled**: *array*
- items: *string*
- **service_accounts**: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *object*
<br>*additional properties: false*
- **display_name**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_self_roles**: *array*
- items: *string*
- **iam_project_roles**: *reference([iam_project_roles](#refs-iam_project_roles))*
- **service_encryption_key_ids**: *object*
<br>*additional properties: false*
- **`^[a-z-]+\.googleapis\.com$`**: *array*
- items: *string*
- **services**: *array*
- items: *string*
- **shared_vpc_host_config**: *object*
<br>*additional properties: false*
- ⁺**enabled**: *boolean*
- **service_projects**: *array*
- items: *string*
- **shared_vpc_service_config**: *object*
<br>*additional properties: false*
- ⁺**host_project**: *string*
- **network_users**: *array*
- items: *string*
- **service_agent_iam**: *object*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **service_agent_subnet_iam**: *object*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **service_iam_grants**: *array*
- items: *string*
- **network_subnet_users**: *object*
- **`^[a-z0-9_-]+$`**: *array*
- items: *string*
- **tag_bindings**: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *string*
- **tags**: *object*
*additional properties: Object*
- **vpc_sc**: *object*
- ⁺**perimeter_name**: *string*
- **perimeter_bridges**: *array*
- items: *string*
- **is_dry_run**: *boolean*
## Definitions
- **bucket**<a name="refs-bucket"></a>: *object*
<br>*additional properties: false*
- **description**: *string*
- **iam**: *reference([iam](#refs-iam))*
- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
- **labels**: *object*
*additional properties: String*
- **location**: *string*
- **prefix**: *string*
- **storage_class**: *string*
- **uniform_bucket_level_access**: *boolean*
- **versioning**: *boolean*
- **buckets**<a name="refs-buckets"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *reference([bucket](#refs-bucket))*
- **iam**<a name="refs-iam"></a>: *object*
<br>*additional properties: false*
- **`^roles/`**: *array*
- items: *string*
- **iam_bindings**<a name="refs-iam_bindings"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **members**: *array*
- items: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_bindings_additive**<a name="refs-iam_bindings_additive"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9_-]+$`**: *object*
<br>*additional properties: false*
- **member**: *string*
- **role**: *string*
- **condition**: *object*
<br>*additional properties: false*
- ⁺**expression**: *string*
- ⁺**title**: *string*
- **description**: *string*
- **iam_by_principals**<a name="refs-iam_by_principals"></a>: *object*
<br>*additional properties: false*
- **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
- items: *string*
- **iam_billing_roles**<a name="refs-iam_billing_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_folder_roles**<a name="refs-iam_folder_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_organization_roles**<a name="refs-iam_organization_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_project_roles**<a name="refs-iam_project_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_sa_roles**<a name="refs-iam_sa_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*
- **iam_storage_roles**<a name="refs-iam_storage_roles"></a>: *object*
<br>*additional properties: false*
- **`^[a-z0-9-]+$`**: *array*
- items: *string*

14
modules/project/schemas/custom-role.schema.md Normal file
View File

@@ -0,0 +1,14 @@
# Custom Role
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **name**: *string*
- **includedPermissions**: *array*
- items: *string*
## Definitions

166
modules/project/schemas/observability.schema.md Normal file
View File

@@ -0,0 +1,166 @@
# Observability Schema
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **alerts**: *reference([alerts](#refs-alerts))*
- **logging_metrics**: *reference([logging_metrics](#refs-logging_metrics))*
- **notification_channels**: *reference([notification_channels](#refs-notification_channels))*
## Definitions
- **alerts**<a name="refs-alerts"></a>: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *object*
<br>*additional properties: false*
- ⁺**combiner**: *string*
- **display_name**: *string*
- **enabled**: *boolean*
- **notification_channels**: *array*
- items: *string*
- **severity**: *string*
- **user_labels**: *object*
*additional properties: String*
- **alert_strategy**: *object*
<br>*additional properties: false*
- **auto_close**: *string*
- **notification_prompts**: *string*
- **notification_rate_limit**: *object*
<br>*additional properties: false*
- **period**: *string*
- **notification_channel_strategy**: *object*
<br>*additional properties: false*
- **notification_channel_names**: *array*
- items: *string*
- **renotify_interval**: *string*
- **conditions**: *array*
- items: *reference([condition](#refs-condition))*
- **documentation**: *object*
<br>*additional properties: false*
- **content**: *string*
- **mime_type**: *string*
- **subject**: *string*
- **links**: *array*
- items: *object*
<br>*additional properties: false*
- **display_name**: *string*
- **url**: *string*
- **logging_metrics**<a name="refs-logging_metrics"></a>: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *object*
<br>*additional properties: false*
- ⁺**filter**: *string*
- **bucket_name**: *string*
- **description**: *string*
- **disabled**: *boolean*
- **label_extractors**: *object*
*additional properties: String*
- **value_extractor**: *string*
- **bucket_options**: *object*
<br>*additional properties: false*
- **explicit_buckets**: *object*
<br>*additional properties: false*
- **bounds**: *array*
- items: *number*
- **exponential_buckets**: *object*
<br>*additional properties: false*
- **num_finite_buckets**: *number*
- **growth_factor**: *number*
- **scale**: *number*
- **linear_buckets**: *object*
<br>*additional properties: false*
- **num_finite_buckets**: *number*
- **width**: *number*
- **offset**: *number*
- **metric_descriptor**: *object*
<br>*additional properties: false*
- ⁺**metric_kind**: *string*
- ⁺**value_type**: *string*
- **display_name**: *string*
- **unit**: *string*
- **labels**: *array*
- items: *object*
<br>*additional properties: false*
- ⁺**key**: *string*
- **description**: *string*
- **value_type**: *string*
- **notification_channels**<a name="refs-notification_channels"></a>: *object*
<br>*additional properties: false*
- **`^[a-zA-Z0-9-]+$`**: *object*
<br>*additional properties: false*
- ⁺**type**: *string*
- **description**: *string*
- **display_name**: *string*
- **enabled**: *boolean*
- **labels**: *object*
*additional properties: String*
- **user_labels**: *object*
*additional properties: String*
- **sensitive_labels**: *object*
<br>*additional properties: false*
- **auth_token**: *string*
- **password**: *string*
- **service_key**: *string*
- **condition**<a name="refs-condition"></a>: *object*
<br>*additional properties: false*
- ⁺**display_name**: *string*
- **condition_absent**: *reference([absent_condition](#refs-absent_condition))*
- **condition_matched_log**: *reference([matched_log_condition](#refs-matched_log_condition))*
- **condition_monitoring_query_language**: *reference([monitoring_query_condition](#refs-monitoring_query_condition))*
- **condition_prometheus_query_language**: *reference([prometheus_query_condition](#refs-prometheus_query_condition))*
- **condition_threshold**: *reference([threshold_condition](#refs-threshold_condition))*
- **absent_condition**<a name="refs-absent_condition"></a>: *object*
<br>*additional properties: false*
- ⁺**duration**: *string*
- **filter**: *string*
- **aggregations**: *reference([aggregations](#refs-aggregations))*
- **trigger**: *reference([trigger](#refs-trigger))*
- **matched_log_condition**<a name="refs-matched_log_condition"></a>: *object*
<br>*additional properties: false*
- ⁺**filter**: *string*
- **label_extractors**: *object*
*additional properties: String*
- **monitoring_query_condition**<a name="refs-monitoring_query_condition"></a>: *object*
<br>*additional properties: false*
- ⁺**duration**: *string*
- ⁺**query**: *string*
- **evaluation_missing_data**: *string*
- **trigger**: *reference([trigger](#refs-trigger))*
- **prometheus_query_condition**<a name="refs-prometheus_query_condition"></a>: *object*
<br>*additional properties: false*
- ⁺**query**: *string*
- **alert_rule**: *string*
- **disable_metric_validation**: *boolean*
- **duration**: *string*
- **evaluation_interval**: *string*
- **labels**: *object*
*additional properties: String*
- **rule_group**: *string*
- **threshold_condition**<a name="refs-threshold_condition"></a>: *object*
<br>*additional properties: false*
- ⁺**comparison**: *string*
- ⁺**duration**: *string*
- **denominator_filter**: *string*
- **evaluation_missing_data**: *string*
- **filter**: *string*
- **threshold_value**: *number*
- **aggregations**: *reference([aggregations](#refs-aggregations))*
- **denominator_aggregations**: *reference([aggregations](#refs-aggregations))*
- **forecast_options**: *object*
<br>*additional properties: false*
- **forecast_horizon**: *string*
- **trigger**: *reference([trigger](#refs-trigger))*
- **aggregations**<a name="refs-aggregations"></a>: *object*
<br>*additional properties: false*
- **per_series_aligner**: *string*
- **group_by_fields**: *array*
- items: *string*
- **cross_series_reducer**: *string*
- **alignment_period**: *string*
- **trigger**<a name="refs-trigger"></a>: *object*
<br>*additional properties: false*
- **count**: *number*
- **percent**: *number*

33
modules/project/schemas/org-policies.schema.md Normal file
View File

@@ -0,0 +1,33 @@
# Organization Policies
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
<br>*additional properties: false*
- **inherit_from_parent**: *boolean*
- **reset**: *boolean*
- **rules**: *array*
- items: *object*
<br>*additional properties: false*
- **allow**: *reference([allow-deny](#refs-allow-deny))*
- **deny**: *reference([allow-deny](#refs-allow-deny))*
- **enforce**: *boolean*
- **condition**: *object*
<br>*additional properties: false*
- **description**: *string*
- **expression**: *string*
- **location**: *string*
- **title**: *string*
- **parameters**: *string*
## Definitions
- **allow-deny**<a name="refs-allow-deny"></a>: *object*
<br>*additional properties: false*
- **all**: *boolean*
- **values**: *array*
- items: *string*

1
modules/project/schemas/quotas.schema.json
View File

@@ -41,6 +41,7 @@
}
},
"ignore_safety_checks": {
"type": "string",
"enum": [
"QUOTA_DECREASE_BELOW_USAGE",
"QUOTA_DECREASE_PERCENTAGE_TOO_HIGH",

24
modules/project/schemas/quotas.schema.md Normal file
View File

@@ -0,0 +1,24 @@
# Organization Policies
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **`^[a-zA-Z0-9_-]+$`**: *object*
<br>*additional properties: false*
- ⁺**service**: *string*
- ⁺**quota_id**: *string*
- ⁺**preferred_value**: *number*
- **dimensions**: *object*
*additional properties: String*
- **justification**: *string*
- **contact_email**: *string*
- **annotations**: *object*
*additional properties: String*
- **ignore_safety_checks**: *string*
<br>*enum: ['QUOTA_DECREASE_BELOW_USAGE', 'QUOTA_DECREASE_PERCENTAGE_TOO_HIGH', 'QUOTA_SAFETY_CHECK_UNSPECIFIED']*
## Definitions

43
modules/vpc-sc/schemas/access-level.schema.md Normal file
View File

@@ -0,0 +1,43 @@
# VPC-SC access level
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **combining_function**: *string*
- **conditions**: *array*
- items: *object*
<br>*additional properties: false*
- **device_policy**: *object*
<br>*additional properties: false*
- **allowed_device_management_levels**: *array*
- items: *string*
- **allowed_encryption_statuses**: *array*
- items: *string*
- ⁺**require_admin_approval**: *boolean*
- ⁺**require_corp_owned**: *boolean*
- **require_screen_lock**: *boolean*
- **os_constraints**: *array*
- items: *object*
<br>*additional properties: false*
- **os_type**: *string*
- **minimum_version**: *string*
- **require_verified_chrome_os**: *boolean*
- **ip_subnetworks**: *array*
- items: *string*
- **members**: *array*
- items: *string*
- **negate**: *boolean*
- **regions**: *array*
- items: *string*
- **required_access_levels**: *array*
- items: *string*
- **vpc_subnets**: *object*
<br>*additional properties: false*
- **`^//compute.googleapis.com/projects/[^/]+/global/networks/[^/]+$`**: *array*
- items: *string*
## Definitions

3
modules/vpc-sc/schemas/egress-policy.schema.json
View File

@@ -22,6 +22,7 @@
}
},
"identity_type": {
"type": "string",
"enum": [
"IDENTITY_TYPE_UNSPECIFIED",
"ANY_IDENTITY",
@@ -97,4 +98,4 @@
}
}
}
}
}

38
modules/vpc-sc/schemas/egress-policy.schema.md Normal file
View File

@@ -0,0 +1,38 @@
# VPC-SC egress policy
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **title**: *string*
- ⁺**from**: *object*
<br>*additional properties: false*
- **access_levels**: *array*
- items: *string*
- **identity_type**: *string*
<br>*enum: ['IDENTITY_TYPE_UNSPECIFIED', 'ANY_IDENTITY', 'ANY_USER_ACCOUNT', 'ANY_SERVICE_ACCOUNT', '']*
- **identities**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- ⁺**to**: *object*
<br>*additional properties: false*
- **external_resources**: *array*
- items: *string*
- **operations**: *array*
- items: *object*
<br>*additional properties: false*
- **method_selectors**: *array*
- items: *string*
- **permission_selectors**: *array*
- items: *string*
- ⁺**service_name**: *string*
- **resources**: *array*
- items: *string*
- **roles**: *array*
- items: *string*
## Definitions

3
modules/vpc-sc/schemas/ingress-policy.schema.json
View File

@@ -22,6 +22,7 @@
}
},
"identity_type": {
"type": "string",
"enum": [
"IDENTITY_TYPE_UNSPECIFIED",
"ANY_IDENTITY",
@@ -89,4 +90,4 @@
}
}
}
}
}

34
modules/vpc-sc/schemas/ingress-policy.schema.md Normal file
View File

@@ -0,0 +1,34 @@
# VPC-SC ingress policy
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **title**: *string*
- ⁺**from**: *object*
<br>*additional properties: false*
- **access_levels**: *array*
- items: *string*
- **identity_type**: *string*
<br>*enum: ['IDENTITY_TYPE_UNSPECIFIED', 'ANY_IDENTITY', 'ANY_USER_ACCOUNT', 'ANY_SERVICE_ACCOUNT', '']*
- **identities**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- ⁺**to**: *object*
<br>*additional properties: false*
- **operations**: *array*
- items: *object*
- **method_selectors**: *array*
- items: *string*
- **permission_selectors**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- **roles**: *array*
- items: *string*
## Definitions

45
modules/vpc-sc/schemas/perimeters.schema.md Normal file
View File

@@ -0,0 +1,45 @@
# perimeters
<!-- markdownlint-disable MD036 -->
## Properties
*additional properties: false*
- **description**: *string*
- **title**: *string*
- **spec**: *object*
<br>*additional properties: false*
- **access_levels**: *array*
- items: *string*
- **egress_policies**: *array*
- items: *string*
- **ingress_policies**: *array*
- items: *string*
- **restricted_services**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- **vpc_accessible_services**: *reference([VpcAccessibleServices](#refs-VpcAccessibleServices))*
- **status**: *object*
<br>*additional properties: false*
- **access_levels**: *array*
- items: *string*
- **egress_policies**: *array*
- items: *string*
- **ingress_policies**: *array*
- items: *string*
- **resources**: *array*
- items: *string*
- **restricted_services**: *array*
- items: *string*
- **vpc_accessible_services**: *reference([VpcAccessibleServices](#refs-VpcAccessibleServices))*
- **use_explicit_dry_run_spec**: *boolean*
## Definitions
- **VpcAccessibleServices**<a name="refs-VpcAccessibleServices"></a>: *object*
<br>*additional properties: false*
- ⁺**allowed_services**: *array*
- items: *string*
- **enable_restriction**: *boolean*

158
tools/schema_docs.py Executable file
View File

@@ -0,0 +1,158 @@
#!/usr/bin/env python3
# Copyright 2025 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import click
import collections
import logging
import json
from pathlib import Path
DOC = '\n\n'.join(
('# {title}', '<!-- markdownlint-disable MD036 -->', '## Properties',
'{properties}', '## Definitions', '{definitions}'))
Array = collections.namedtuple('Array', 'name items default', defaults=[None])
Boolean = collections.namedtuple('Boolean', 'name default')
Integer = collections.namedtuple('Integer', 'name default enum')
Number = collections.namedtuple('Number', 'name default enum')
Object = collections.namedtuple(
'Object', 'name required additional pattern properties defs')
Reference = collections.namedtuple('Reference', 'name to')
String = collections.namedtuple('String', 'name default enum')
def parse_node(node, name=None):
logging.debug(f'parse {name} type {node.get("type")}')
name = name or node.get('title')
el_type = node.get('type')
match el_type:
case 'array':
items = node.get('items')
items = parse_node(items, 'items') if items else None
el = Array(name, items, node.get('default'))
case 'boolean':
el = Boolean(name, node.get('default'))
case 'object':
additional = node.get('additionalProperties')
if isinstance(additional, dict):
additional = parse_node(additional)
el = Object(name, node.get('required', []), additional, [], [], [])
properties = node.get('properties')
if properties:
for k in properties:
el.properties.append(parse_node(properties[k], k))
pattern = node.get('patternProperties')
if pattern:
for k, v in pattern.items():
el.pattern.append(parse_node(v, k))
defs = node.get('$defs')
if defs:
for k, v in defs.items():
el.defs.append(parse_node(v, k))
case 'integer':
el = Integer(name, node.get('default'), node.get('enum'))
case 'number':
el = Number(name, node.get('default'), node.get('enum'))
case 'string':
el = String(name, node.get('default'), node.get('enum'))
case _:
ref = node.get('$ref')
if ref:
el = Reference(name, ref.split('/')[-1])
else:
raise ValueError(f'{name} {el_type}')
# logging.debug(f'return {el}')
return el
def render_node(el, level=0, required=False, f_name=lambda f: f'**{f}**'):
buffer = []
defs_buffer = []
indent = ''
t = el.__class__.__name__.lower()
r = '' if required else ''
if level > 0:
indent = ' ' * (level - 1)
buffer.append(f'{indent}- {r}{f_name(el.name)}: *{t}*')
match t:
case 'object':
if el.additional == False:
if level == 0:
buffer.append(f'*additional properties: false*\n')
else:
buffer.append(f'{indent} <br>*additional properties: false*')
elif el.additional:
buffer.append(
f'{indent} *additional properties: {el.additional.__class__.__name__}*'
)
if el.properties:
for p in el.properties:
buffer.append(render_node(p, level + 1, p.name in el.required))
if el.pattern:
for p in el.pattern:
buffer.append(render_node(p, level + 1,
f_name=lambda n: f'**`{n}`**'))
if level == 0 and el.defs:
for p in el.defs:
defs_buffer.append(
render_node(p, 1,
f_name=lambda n: f'**{n}**<a name="refs-{n}"></a>'))
case 'array':
if el.items:
buffer.append(render_node(el.items, level + 1, f_name=str))
case 'reference':
buffer[-1] = (
f'{indent}- {f_name(el.name)}: *reference([{el.to}](#refs-{el.to}))*')
case 'integer' | 'number' | 'string':
details = []
if el.default:
details.append(f'*default: {el.default}*')
if el.enum:
details.append(f'*enum: {el.enum}*')
if details:
buffer.append(f'{indent} <br>{", ".join(details)}')
if level == 0:
return '\n'.join(buffer), '\n'.join(defs_buffer)
return '\n'.join(buffer)
@click.command()
@click.argument('paths', type=str, nargs=-1)
def main(paths=None):
paths = paths or ['.']
for p in paths:
logging.debug(f'path {p}')
p = Path(p)
schemas = [p] if p.is_file() else list(p.glob('**/*.schema.json'))
for f in schemas:
logging.info(f'schema {f}')
try:
schema = json.load(f.open())
except json.JSONDecodeError as e:
raise SystemExit(f'error decoding file {f}: {e.args[0]}')
tree = parse_node(schema)
props, defs = render_node(tree)
doc = DOC.format(title=schema.get('title'), properties=props,
definitions=defs or '')
f_doc = f.with_suffix('.md')
f_doc.write_text(doc)
logging.info(f'doc {f}')
if __name__ == '__main__':
logging.basicConfig(level=logging.DEBUG)
main()