diff --git a/fast/addons/2-networking-test/schemas/instance.schema.md b/fast/addons/2-networking-test/schemas/instance.schema.md
new file mode 100644
index 000000000..aa2b44ab5
--- /dev/null
+++ b/fast/addons/2-networking-test/schemas/instance.schema.md
@@ -0,0 +1,26 @@
+# Instance
+
+
+
+## Properties
+
+*additional properties: false*
+
+- ⁺**project_id**: *string*
+- ⁺**network_id**: *string*
+- ⁺**service_account**: *string*
+- ⁺**subnet_id**: *string*
+- **image**: *string*
+- **metadata**: *object*
+ *additional properties: String*
+- **name**: *string*
+- **tags**: *array*
+ - items: *string*
+- **type**: *string*
+
*default: e2-micro*
+- **user_data_file**: *string*
+- **zones**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/fast/addons/2-networking-test/schemas/service-account.schema.md b/fast/addons/2-networking-test/schemas/service-account.schema.md
new file mode 100644
index 000000000..c7c7934ae
--- /dev/null
+++ b/fast/addons/2-networking-test/schemas/service-account.schema.md
@@ -0,0 +1,18 @@
+# Service Account
+
+
+
+## Properties
+
+*additional properties: false*
+
+- ⁺**project_id**: *string*
+- **display_name**: *string*
+- **name**: *string*
+- **iam_project_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/fast/stages/0-bootstrap/schemas/custom-role.schema.md b/fast/stages/0-bootstrap/schemas/custom-role.schema.md
new file mode 100644
index 000000000..4be548bca
--- /dev/null
+++ b/fast/stages/0-bootstrap/schemas/custom-role.schema.md
@@ -0,0 +1,14 @@
+# Custom Role
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **name**: *string*
+- **includedPermissions**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/fast/stages/0-bootstrap/schemas/org-policies.schema.md b/fast/stages/0-bootstrap/schemas/org-policies.schema.md
new file mode 100644
index 000000000..75f6e72d1
--- /dev/null
+++ b/fast/stages/0-bootstrap/schemas/org-policies.schema.md
@@ -0,0 +1,33 @@
+# Organization Policies
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
+
*additional properties: false*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *reference([allow-deny](#refs-allow-deny))*
+ - **deny**: *reference([allow-deny](#refs-allow-deny))*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+ - **parameters**: *string*
+
+## Definitions
+
+- **allow-deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/fast/stages/0-bootstrap/schemas/org-policy-custom-constraint.schema.md b/fast/stages/0-bootstrap/schemas/org-policy-custom-constraint.schema.md
new file mode 100644
index 000000000..d48e106b6
--- /dev/null
+++ b/fast/stages/0-bootstrap/schemas/org-policy-custom-constraint.schema.md
@@ -0,0 +1,21 @@
+# Organization Policy Custom Constraints
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z-]+\.[a-zA-Z]+$`**: *object*
+
*additional properties: false*
+ - **display_name**: *string*
+ - **description**: *string*
+ - ⁺**action_type**: *string*
+ - ⁺**condition**: *string*
+ - **method_types**: *array*
+ - items: *string*
+ - **resource_types**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/fast/stages/1-resman/schemas/fast-stage2.schema.json b/fast/stages/1-resman/schemas/fast-stage2.schema.json
index b65f6652f..be885d934 100644
--- a/fast/stages/1-resman/schemas/fast-stage2.schema.json
+++ b/fast/stages/1-resman/schemas/fast-stage2.schema.json
@@ -32,6 +32,7 @@
"type": "string"
},
"type": {
+ "type": "string",
"enum": [
"github",
"gitlab"
@@ -73,66 +74,70 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
- "inherit_from_parent": {
- "type": "boolean"
- },
- "reset": {
- "type": "boolean"
- },
- "rules": {
- "type": "array",
- "items": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "allow": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "inherit_from_parent": {
+ "type": "boolean"
+ },
+ "reset": {
+ "type": "boolean"
+ },
+ "rules": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "allow": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "deny": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ },
+ "deny": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "enforce": {
- "type": "boolean"
- },
- "condition": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "description": {
- "type": "string"
- },
- "expression": {
- "type": "string"
- },
- "location": {
- "type": "string"
- },
- "title": {
- "type": "string"
+ },
+ "enforce": {
+ "type": "boolean"
+ },
+ "condition": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "description": {
+ "type": "string"
+ },
+ "expression": {
+ "type": "string"
+ },
+ "location": {
+ "type": "string"
+ },
+ "title": {
+ "type": "string"
+ }
}
}
}
diff --git a/fast/stages/1-resman/schemas/fast-stage2.schema.md b/fast/stages/1-resman/schemas/fast-stage2.schema.md
new file mode 100644
index 000000000..f2cc5861a
--- /dev/null
+++ b/fast/stages/1-resman/schemas/fast-stage2.schema.md
@@ -0,0 +1,106 @@
+# FAST stage 2
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **short_name**: *string*
+- **cicd_config**: *object*
+
*additional properties: false*
+ - ⁺**identity_provider**: *string*
+ - ⁺**repository**: *object*
+
*additional properties: false*
+ - ⁺**name**: *string*
+ - **branch**: *string*
+ - **type**: *string*
+
*default: github*, *enum: ['github', 'gitlab']*
+- **folder_config**: *object*
+
*additional properties: false*
+ - ⁺**name**: *string*
+ - **create_env_folders**: *boolean*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+ - **org_policies**: *object*
+
*additional properties: false*
+ - **`^[a-z]+\.`**: *object*
+
*additional properties: false*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+ - **parent_id**: *string*
+ - **tag_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *string*
+- **organization_config**: *object*
+
*additional properties: false*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+- **stage3_config**: *object*
+
*additional properties: false*
+ - **iam_admin_delegated**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **environment**: *string*
+ - **principal**: *string*
+ - **iam_viewer**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **environment**: *string*
+ - **principal**: *string*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^(?:roles/|[a-z_]+)`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^[a-z]+[a-z-]+$`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/fast/stages/1-resman/schemas/fast-stage3.schema.json b/fast/stages/1-resman/schemas/fast-stage3.schema.json
index cacf854be..c59314739 100644
--- a/fast/stages/1-resman/schemas/fast-stage3.schema.json
+++ b/fast/stages/1-resman/schemas/fast-stage3.schema.json
@@ -12,6 +12,7 @@
"type": "string"
},
"environment": {
+ "type": "string",
"enum": [
"dev",
"prod"
@@ -42,6 +43,7 @@
"type": "string"
},
"type": {
+ "type": "string",
"enum": [
"github",
"gitlab"
@@ -91,66 +93,69 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
- "inherit_from_parent": {
- "type": "boolean"
- },
- "reset": {
- "type": "boolean"
- },
- "rules": {
- "type": "array",
- "items": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "allow": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ "type": "object",
+ "properties": {
+ "inherit_from_parent": {
+ "type": "boolean"
+ },
+ "reset": {
+ "type": "boolean"
+ },
+ "rules": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "allow": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "deny": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ },
+ "deny": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "enforce": {
- "type": "boolean"
- },
- "condition": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "description": {
- "type": "string"
- },
- "expression": {
- "type": "string"
- },
- "location": {
- "type": "string"
- },
- "title": {
- "type": "string"
+ },
+ "enforce": {
+ "type": "boolean"
+ },
+ "condition": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "description": {
+ "type": "string"
+ },
+ "expression": {
+ "type": "string"
+ },
+ "location": {
+ "type": "string"
+ },
+ "title": {
+ "type": "string"
+ }
}
}
}
diff --git a/fast/stages/1-resman/schemas/fast-stage3.schema.md b/fast/stages/1-resman/schemas/fast-stage3.schema.md
new file mode 100644
index 000000000..e5e57c922
--- /dev/null
+++ b/fast/stages/1-resman/schemas/fast-stage3.schema.md
@@ -0,0 +1,90 @@
+# FAST stage 3
+
+
+
+## Properties
+
+*additional properties: false*
+
+- ⁺**short_name**: *string*
+- ⁺**environment**: *string*
+
*enum: ['dev', 'prod']*
+- **cicd_config**: *object*
+
*additional properties: false*
+ - ⁺**identity_provider**: *string*
+ - ⁺**repository**: *object*
+
*additional properties: false*
+ - ⁺**name**: *string*
+ - **branch**: *string*
+ - **type**: *string*
+
*default: github*, *enum: ['github', 'gitlab']*
+- **folder_config**: *object*
+
*additional properties: false*
+ - ⁺**name**: *string*
+ - **parent_id**: *string*
+ - **tag_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+ - **org_policies**: *object*
+
*additional properties: false*
+ - **`^[a-z]+\.`**: *object*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^(?:roles/|[a-z_]+)`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^[a-z]+[a-z-]+$`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/fast/stages/1-resman/schemas/org-policies.schema.md b/fast/stages/1-resman/schemas/org-policies.schema.md
new file mode 100644
index 000000000..75f6e72d1
--- /dev/null
+++ b/fast/stages/1-resman/schemas/org-policies.schema.md
@@ -0,0 +1,33 @@
+# Organization Policies
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
+
*additional properties: false*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *reference([allow-deny](#refs-allow-deny))*
+ - **deny**: *reference([allow-deny](#refs-allow-deny))*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+ - **parameters**: *string*
+
+## Definitions
+
+- **allow-deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/fast/stages/1-resman/schemas/top-level-folder.schema.json b/fast/stages/1-resman/schemas/top-level-folder.schema.json
index a0cbc957d..377cfa355 100644
--- a/fast/stages/1-resman/schemas/top-level-folder.schema.json
+++ b/fast/stages/1-resman/schemas/top-level-folder.schema.json
@@ -170,66 +170,69 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
- "inherit_from_parent": {
- "type": "boolean"
- },
- "reset": {
- "type": "boolean"
- },
- "rules": {
- "type": "array",
- "items": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "allow": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ "type": "object",
+ "properties": {
+ "inherit_from_parent": {
+ "type": "boolean"
+ },
+ "reset": {
+ "type": "boolean"
+ },
+ "rules": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "allow": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "deny": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ },
+ "deny": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "enforce": {
- "type": "boolean"
- },
- "condition": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "description": {
- "type": "string"
- },
- "expression": {
- "type": "string"
- },
- "location": {
- "type": "string"
- },
- "title": {
- "type": "string"
+ },
+ "enforce": {
+ "type": "boolean"
+ },
+ "condition": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "description": {
+ "type": "string"
+ },
+ "expression": {
+ "type": "string"
+ },
+ "location": {
+ "type": "string"
+ },
+ "title": {
+ "type": "string"
+ }
}
}
}
diff --git a/fast/stages/1-resman/schemas/top-level-folder.schema.md b/fast/stages/1-resman/schemas/top-level-folder.schema.md
new file mode 100644
index 000000000..5a85e6cf6
--- /dev/null
+++ b/fast/stages/1-resman/schemas/top-level-folder.schema.md
@@ -0,0 +1,110 @@
+# Folder
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **automation**: *object*
+
*additional properties: false*
+ - **environment_name**: *string*
+ - **sa_impersonation_principals**: *array*
+ - items: *string*
+ - **short_name**: *string*
+- **contacts**: *object*
+
*additional properties: false*
+ - **`@`**: *array*
+ - items: *string*
+- **factories_config**: *object*
+
*additional properties: false*
+ - **org_policies**: *string*
+- **firewall_policy**: *object*
+
*additional properties: false*
+ - ⁺**name**: *string*
+ - ⁺**policy**: *string*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+- **is_fast_context**: *boolean*
+- **logging_data_access**: *object*
+
*additional properties: false*
+ - **`^(?:[a-z_-]+)\.googleapis\.com$`**: *object*
+
*additional properties: false*
+ - **`^(?:DATA_READ|DATA_WRITE|ADMIN_READ)$`**: *object*
+
*additional properties: false*
+ - **exempted_members**: *array*
+ - items: *string*
+- **logging_exclusions**: *object*
+ *additional properties: String*
+- **logging_settings**: *object*
+
*additional properties: false*
+ - **disable_default_sink**: *boolean*
+ - **storage_location**: *string*
+- **logging_sinks**: *object*
+ *additional properties: Object*
+- **name**: *string*
+- **org_policies**: *object*
+
*additional properties: false*
+ - **`^[a-z]+\.`**: *object*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+- **parent_id**: *string*
+- **tag_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *string*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^(?:roles/|[a-z_]+)`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^[a-z]+[a-z-]+$`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/fast/stages/1-vpcsc/schemas/access-level.schema.md b/fast/stages/1-vpcsc/schemas/access-level.schema.md
new file mode 100644
index 000000000..052c0b1a5
--- /dev/null
+++ b/fast/stages/1-vpcsc/schemas/access-level.schema.md
@@ -0,0 +1,43 @@
+# VPC-SC access level
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **combining_function**: *string*
+- **conditions**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **device_policy**: *object*
+
*additional properties: false*
+ - **allowed_device_management_levels**: *array*
+ - items: *string*
+ - **allowed_encryption_statuses**: *array*
+ - items: *string*
+ - ⁺**require_admin_approval**: *boolean*
+ - ⁺**require_corp_owned**: *boolean*
+ - **require_screen_lock**: *boolean*
+ - **os_constraints**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **os_type**: *string*
+ - **minimum_version**: *string*
+ - **require_verified_chrome_os**: *boolean*
+ - **ip_subnetworks**: *array*
+ - items: *string*
+ - **members**: *array*
+ - items: *string*
+ - **negate**: *boolean*
+ - **regions**: *array*
+ - items: *string*
+ - **required_access_levels**: *array*
+ - items: *string*
+ - **vpc_subnets**: *object*
+
*additional properties: false*
+ - **`^//compute.googleapis.com/projects/[^/]+/global/networks/[^/]+$`**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/fast/stages/1-vpcsc/schemas/egress-policy.schema.md b/fast/stages/1-vpcsc/schemas/egress-policy.schema.md
new file mode 100644
index 000000000..69f2585dc
--- /dev/null
+++ b/fast/stages/1-vpcsc/schemas/egress-policy.schema.md
@@ -0,0 +1,38 @@
+# VPC-SC egress policy
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **title**: *string*
+- ⁺**from**: *object*
+
*additional properties: false*
+ - **access_levels**: *array*
+ - items: *string*
+ - **identity_type**: *string*
+
*enum: ['IDENTITY_TYPE_UNSPECIFIED', 'ANY_IDENTITY', 'ANY_USER_ACCOUNT', 'ANY_SERVICE_ACCOUNT', '']*
+ - **identities**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+- ⁺**to**: *object*
+
*additional properties: false*
+ - **external_resources**: *array*
+ - items: *string*
+ - **operations**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **method_selectors**: *array*
+ - items: *string*
+ - **permission_selectors**: *array*
+ - items: *string*
+ - ⁺**service_name**: *string*
+ - **resources**: *array*
+ - items: *string*
+ - **roles**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/fast/stages/1-vpcsc/schemas/ingress-policy.schema.md b/fast/stages/1-vpcsc/schemas/ingress-policy.schema.md
new file mode 100644
index 000000000..c1208bf8c
--- /dev/null
+++ b/fast/stages/1-vpcsc/schemas/ingress-policy.schema.md
@@ -0,0 +1,34 @@
+# VPC-SC ingress policy
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **title**: *string*
+- ⁺**from**: *object*
+
*additional properties: false*
+ - **access_levels**: *array*
+ - items: *string*
+ - **identity_type**: *string*
+
*enum: ['IDENTITY_TYPE_UNSPECIFIED', 'ANY_IDENTITY', 'ANY_USER_ACCOUNT', 'ANY_SERVICE_ACCOUNT', '']*
+ - **identities**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+- ⁺**to**: *object*
+
*additional properties: false*
+ - **operations**: *array*
+ - items: *object*
+ - **method_selectors**: *array*
+ - items: *string*
+ - **permission_selectors**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+ - **roles**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/fast/stages/1-vpcsc/schemas/perimeter.schema.md b/fast/stages/1-vpcsc/schemas/perimeter.schema.md
new file mode 100644
index 000000000..cd6a5f8de
--- /dev/null
+++ b/fast/stages/1-vpcsc/schemas/perimeter.schema.md
@@ -0,0 +1,45 @@
+# perimeters
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **description**: *string*
+- **title**: *string*
+- **spec**: *object*
+
*additional properties: false*
+ - **access_levels**: *array*
+ - items: *string*
+ - **egress_policies**: *array*
+ - items: *string*
+ - **ingress_policies**: *array*
+ - items: *string*
+ - **restricted_services**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+ - **vpc_accessible_services**: *reference([VpcAccessibleServices](#refs-VpcAccessibleServices))*
+- **status**: *object*
+
*additional properties: false*
+ - **access_levels**: *array*
+ - items: *string*
+ - **egress_policies**: *array*
+ - items: *string*
+ - **ingress_policies**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+ - **restricted_services**: *array*
+ - items: *string*
+ - **vpc_accessible_services**: *reference([VpcAccessibleServices](#refs-VpcAccessibleServices))*
+- **use_explicit_dry_run_spec**: *boolean*
+
+## Definitions
+
+- **VpcAccessibleServices**: *object*
+
*additional properties: false*
+ - ⁺**allowed_services**: *array*
+ - items: *string*
+ - **enable_restriction**: *boolean*
\ No newline at end of file
diff --git a/fast/stages/2-networking-a-simple/schemas/firewall-policy-rules.schema.md b/fast/stages/2-networking-a-simple/schemas/firewall-policy-rules.schema.md
new file mode 100644
index 000000000..45a4a996d
--- /dev/null
+++ b/fast/stages/2-networking-a-simple/schemas/firewall-policy-rules.schema.md
@@ -0,0 +1,49 @@
+# Firewall Rules
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+
+## Definitions
+
+- **rule**: *object*
+
*additional properties: false*
+ - ⁺**priority**: *number*
+ - **action**: *string*
+
*enum: ['allow', 'deny', 'goto_next', 'apply_security_profile_group']*
+ - **description**: *string*
+ - **disabled**: *boolean*
+ - **enable_logging**: *boolean*
+ - **security_profile_group**: *string*
+ - **target_resources**: *array*
+ - items: *string*
+ - **target_service_accounts**: *array*
+ - items: *string*
+ - **target_tags**: *array*
+ - items: *string*
+ - **tls_inspect**: *boolean*
+ - **match**: *object*
+
*additional properties: false*
+ - **address_groups**: *array*
+ - items: *string*
+ - **fqdns**: *array*
+ - items: *string*
+ - **region_codes**: *array*
+ - items: *string*
+ - **threat_intelligences**: *array*
+ - items: *string*
+ - **destination_ranges**: *array*
+ - items: *string*
+ - **source_ranges**: *array*
+ - items: *string*
+ - **source_tags**: *array*
+ - items: *string*
+ - **layer4_configs**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **protocol**: *string*
+ - **ports**: *array*
\ No newline at end of file
diff --git a/fast/stages/2-networking-a-simple/schemas/firewall-rules.schema.md b/fast/stages/2-networking-a-simple/schemas/firewall-rules.schema.md
new file mode 100644
index 000000000..2e3a0df0a
--- /dev/null
+++ b/fast/stages/2-networking-a-simple/schemas/firewall-rules.schema.md
@@ -0,0 +1,41 @@
+# Firewall Rules
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **egress**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+- **ingress**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+
+## Definitions
+
+- **rule**: *object*
+
*additional properties: false*
+ - **deny**: *boolean*
+ - **description**: *string*
+ - **destination_ranges**: *array*
+ - items: *string*
+ - **disabled**: *boolean*
+ - **enable_logging**: *object*
+
*additional properties: false*
+ - **include_metadata**: *boolean*
+ - **priority**: *number*
+ - **source_ranges**: *array*
+ - items: *string*
+ - **sources**: *array*
+ - items: *string*
+ - **targets**: *array*
+ - items: *string*
+ - **use_service_accounts**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **protocol**: *string*
+ - **ports**: *array*
+ - items: *number*
\ No newline at end of file
diff --git a/fast/stages/2-networking-a-simple/schemas/subnet.schema.md b/fast/stages/2-networking-a-simple/schemas/subnet.schema.md
new file mode 100644
index 000000000..d5207a8c1
--- /dev/null
+++ b/fast/stages/2-networking-a-simple/schemas/subnet.schema.md
@@ -0,0 +1,64 @@
+# Subnet
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **active**: *boolean*
+- **description**: *string*
+- **enable_private_access**: *boolean*
+- **allow_subnet_cidr_routes_overlap**: *boolean*
+- **flow_logs_config**: *object*
+
*additional properties: false*
+ - **aggregation_interval**: *string*
+ - **filter_expression**: *string*
+ - **flow_sampling**: *number*
+ - **metadata**: *string*
+ - **metadata_fields**: *array*
+ - items: *string*
+- **global**: *boolean*
+- ⁺**ip_cidr_range**: *string*
+- **ipv6**: *object*
+
*additional properties: false*
+ - **access_type**: *string*
+- **name**: *string*
+- ⁺**region**: *string*
+- **psc**: *boolean*
+- **proxy_only**: *boolean*
+- **secondary_ip_ranges**: *object*
+ *additional properties: String*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
\ No newline at end of file
diff --git a/fast/stages/2-networking-b-nva/schemas/firewall-policy-rules.schema.md b/fast/stages/2-networking-b-nva/schemas/firewall-policy-rules.schema.md
new file mode 100644
index 000000000..45a4a996d
--- /dev/null
+++ b/fast/stages/2-networking-b-nva/schemas/firewall-policy-rules.schema.md
@@ -0,0 +1,49 @@
+# Firewall Rules
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+
+## Definitions
+
+- **rule**: *object*
+
*additional properties: false*
+ - ⁺**priority**: *number*
+ - **action**: *string*
+
*enum: ['allow', 'deny', 'goto_next', 'apply_security_profile_group']*
+ - **description**: *string*
+ - **disabled**: *boolean*
+ - **enable_logging**: *boolean*
+ - **security_profile_group**: *string*
+ - **target_resources**: *array*
+ - items: *string*
+ - **target_service_accounts**: *array*
+ - items: *string*
+ - **target_tags**: *array*
+ - items: *string*
+ - **tls_inspect**: *boolean*
+ - **match**: *object*
+
*additional properties: false*
+ - **address_groups**: *array*
+ - items: *string*
+ - **fqdns**: *array*
+ - items: *string*
+ - **region_codes**: *array*
+ - items: *string*
+ - **threat_intelligences**: *array*
+ - items: *string*
+ - **destination_ranges**: *array*
+ - items: *string*
+ - **source_ranges**: *array*
+ - items: *string*
+ - **source_tags**: *array*
+ - items: *string*
+ - **layer4_configs**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **protocol**: *string*
+ - **ports**: *array*
\ No newline at end of file
diff --git a/fast/stages/2-networking-b-nva/schemas/firewall-rules.schema.md b/fast/stages/2-networking-b-nva/schemas/firewall-rules.schema.md
new file mode 100644
index 000000000..2e3a0df0a
--- /dev/null
+++ b/fast/stages/2-networking-b-nva/schemas/firewall-rules.schema.md
@@ -0,0 +1,41 @@
+# Firewall Rules
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **egress**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+- **ingress**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+
+## Definitions
+
+- **rule**: *object*
+
*additional properties: false*
+ - **deny**: *boolean*
+ - **description**: *string*
+ - **destination_ranges**: *array*
+ - items: *string*
+ - **disabled**: *boolean*
+ - **enable_logging**: *object*
+
*additional properties: false*
+ - **include_metadata**: *boolean*
+ - **priority**: *number*
+ - **source_ranges**: *array*
+ - items: *string*
+ - **sources**: *array*
+ - items: *string*
+ - **targets**: *array*
+ - items: *string*
+ - **use_service_accounts**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **protocol**: *string*
+ - **ports**: *array*
+ - items: *number*
\ No newline at end of file
diff --git a/fast/stages/2-networking-b-nva/schemas/subnet.schema.md b/fast/stages/2-networking-b-nva/schemas/subnet.schema.md
new file mode 100644
index 000000000..d5207a8c1
--- /dev/null
+++ b/fast/stages/2-networking-b-nva/schemas/subnet.schema.md
@@ -0,0 +1,64 @@
+# Subnet
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **active**: *boolean*
+- **description**: *string*
+- **enable_private_access**: *boolean*
+- **allow_subnet_cidr_routes_overlap**: *boolean*
+- **flow_logs_config**: *object*
+
*additional properties: false*
+ - **aggregation_interval**: *string*
+ - **filter_expression**: *string*
+ - **flow_sampling**: *number*
+ - **metadata**: *string*
+ - **metadata_fields**: *array*
+ - items: *string*
+- **global**: *boolean*
+- ⁺**ip_cidr_range**: *string*
+- **ipv6**: *object*
+
*additional properties: false*
+ - **access_type**: *string*
+- **name**: *string*
+- ⁺**region**: *string*
+- **psc**: *boolean*
+- **proxy_only**: *boolean*
+- **secondary_ip_ranges**: *object*
+ *additional properties: String*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
\ No newline at end of file
diff --git a/fast/stages/2-networking-c-separate-envs/schemas/firewall-policy-rules.schema.md b/fast/stages/2-networking-c-separate-envs/schemas/firewall-policy-rules.schema.md
new file mode 100644
index 000000000..45a4a996d
--- /dev/null
+++ b/fast/stages/2-networking-c-separate-envs/schemas/firewall-policy-rules.schema.md
@@ -0,0 +1,49 @@
+# Firewall Rules
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+
+## Definitions
+
+- **rule**: *object*
+
*additional properties: false*
+ - ⁺**priority**: *number*
+ - **action**: *string*
+
*enum: ['allow', 'deny', 'goto_next', 'apply_security_profile_group']*
+ - **description**: *string*
+ - **disabled**: *boolean*
+ - **enable_logging**: *boolean*
+ - **security_profile_group**: *string*
+ - **target_resources**: *array*
+ - items: *string*
+ - **target_service_accounts**: *array*
+ - items: *string*
+ - **target_tags**: *array*
+ - items: *string*
+ - **tls_inspect**: *boolean*
+ - **match**: *object*
+
*additional properties: false*
+ - **address_groups**: *array*
+ - items: *string*
+ - **fqdns**: *array*
+ - items: *string*
+ - **region_codes**: *array*
+ - items: *string*
+ - **threat_intelligences**: *array*
+ - items: *string*
+ - **destination_ranges**: *array*
+ - items: *string*
+ - **source_ranges**: *array*
+ - items: *string*
+ - **source_tags**: *array*
+ - items: *string*
+ - **layer4_configs**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **protocol**: *string*
+ - **ports**: *array*
\ No newline at end of file
diff --git a/fast/stages/2-networking-c-separate-envs/schemas/firewall-rules.schema.md b/fast/stages/2-networking-c-separate-envs/schemas/firewall-rules.schema.md
new file mode 100644
index 000000000..2e3a0df0a
--- /dev/null
+++ b/fast/stages/2-networking-c-separate-envs/schemas/firewall-rules.schema.md
@@ -0,0 +1,41 @@
+# Firewall Rules
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **egress**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+- **ingress**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+
+## Definitions
+
+- **rule**: *object*
+
*additional properties: false*
+ - **deny**: *boolean*
+ - **description**: *string*
+ - **destination_ranges**: *array*
+ - items: *string*
+ - **disabled**: *boolean*
+ - **enable_logging**: *object*
+
*additional properties: false*
+ - **include_metadata**: *boolean*
+ - **priority**: *number*
+ - **source_ranges**: *array*
+ - items: *string*
+ - **sources**: *array*
+ - items: *string*
+ - **targets**: *array*
+ - items: *string*
+ - **use_service_accounts**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **protocol**: *string*
+ - **ports**: *array*
+ - items: *number*
\ No newline at end of file
diff --git a/fast/stages/2-networking-c-separate-envs/schemas/subnet.schema.md b/fast/stages/2-networking-c-separate-envs/schemas/subnet.schema.md
new file mode 100644
index 000000000..d5207a8c1
--- /dev/null
+++ b/fast/stages/2-networking-c-separate-envs/schemas/subnet.schema.md
@@ -0,0 +1,64 @@
+# Subnet
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **active**: *boolean*
+- **description**: *string*
+- **enable_private_access**: *boolean*
+- **allow_subnet_cidr_routes_overlap**: *boolean*
+- **flow_logs_config**: *object*
+
*additional properties: false*
+ - **aggregation_interval**: *string*
+ - **filter_expression**: *string*
+ - **flow_sampling**: *number*
+ - **metadata**: *string*
+ - **metadata_fields**: *array*
+ - items: *string*
+- **global**: *boolean*
+- ⁺**ip_cidr_range**: *string*
+- **ipv6**: *object*
+
*additional properties: false*
+ - **access_type**: *string*
+- **name**: *string*
+- ⁺**region**: *string*
+- **psc**: *boolean*
+- **proxy_only**: *boolean*
+- **secondary_ip_ranges**: *object*
+ *additional properties: String*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
\ No newline at end of file
diff --git a/fast/stages/2-project-factory/schemas/budget.schema.md b/fast/stages/2-project-factory/schemas/budget.schema.md
new file mode 100644
index 000000000..826f067fd
--- /dev/null
+++ b/fast/stages/2-project-factory/schemas/budget.schema.md
@@ -0,0 +1,62 @@
+# Budget
+
+
+
+## Properties
+
+*additional properties: false*
+
+- ⁺**amount**: *object*
+
*additional properties: false*
+ - **currency_code**: *string*
+ - **nanos**: *number*
+ - **units**: *number*
+ - **use_last_period**: *boolean*
+- **display_name**: *string*
+- **filter**: *object*
+
*additional properties: false*
+ - **credit_types_treatment**: *object*
+
*additional properties: false*
+ - **exclude_all**: *boolean*
+ - **include_specified**: *array*
+ - items: *string*
+ - **label**: *object*
+
*additional properties: false*
+ - **key**: *string*
+ - **value**: *string*
+ - **period**: *object*
+
*additional properties: false*
+ - **calendar**: *string*
+ - **custom**: *object*
+
*additional properties: false*
+ - **start_date**: *reference([date](#refs-date))*
+ - **end_date**: *reference([date](#refs-date))*
+ - **projects**: *array*
+ - items: *string*
+ - **resource_ancestors**: *array*
+ - items: *string*
+ - **services**: *array*
+ - items: *string*
+ - **subaccounts**: *array*
+ - items: *string*
+- **threshold_rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - ⁺**percent**: *number*
+ - **forecasted_spend**: *boolean*
+- **update_rules**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **disable_default_iam_recipients**: *boolean*
+ - **monitoring_notification_channels**: *array*
+ - items: *string*
+ - **pubsub_topic**: *string*
+
+## Definitions
+
+- **date**: *object*
+
*additional properties: false*
+ - **day**: *number*
+ - **month**: *number*
+ - **year**: *number*
\ No newline at end of file
diff --git a/fast/stages/2-project-factory/schemas/folder.schema.md b/fast/stages/2-project-factory/schemas/folder.schema.md
new file mode 100644
index 000000000..b771e6a34
--- /dev/null
+++ b/fast/stages/2-project-factory/schemas/folder.schema.md
@@ -0,0 +1,76 @@
+# Folder
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+- **name**: *string*
+- **org_policies**: *object*
+
*additional properties: false*
+ - **`^[a-z]+\.`**: *object*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+- **parent**: *string*
+- **tag_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *string*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/fast/stages/2-project-factory/schemas/project.schema.md b/fast/stages/2-project-factory/schemas/project.schema.md
new file mode 100644
index 000000000..795929797
--- /dev/null
+++ b/fast/stages/2-project-factory/schemas/project.schema.md
@@ -0,0 +1,199 @@
+# Project
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **automation**: *object*
+
*additional properties: false*
+ - ⁺**project**: *string*
+ - **bucket**: *reference([bucket](#refs-bucket))*
+ - **service_accounts**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **iam_billing_roles**: *reference([iam_billing_roles](#refs-iam_billing_roles))*
+ - **iam_folder_roles**: *reference([iam_folder_roles](#refs-iam_folder_roles))*
+ - **iam_organization_roles**: *reference([iam_organization_roles](#refs-iam_organization_roles))*
+ - **iam_project_roles**: *reference([iam_project_roles](#refs-iam_project_roles))*
+ - **iam_sa_roles**: *reference([iam_sa_roles](#refs-iam_sa_roles))*
+ - **iam_storage_roles**: *reference([iam_storage_roles](#refs-iam_storage_roles))*
+- **billing_account**: *string*
+- **billing_budgets**: *array*
+ - items: *string*
+- **buckets**: *reference([buckets](#refs-buckets))*
+- **contacts**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+- **deletion_policy**: *string*
+
*enum: ['PREVENT', 'DELETE', 'ABANDON']*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+- **labels**: *object*
+- **metric_scopes**: *array*
+ - items: *string*
+- **name**: *string*
+- **org_policies**: *object*
+
*additional properties: false*
+ - **`^[a-z]+\.`**: *object*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+- **parent**: *string*
+- **prefix**: *string*
+- **project_reuse**: *object*
+
*additional properties: false*
+ - **use_data_source**: *boolean*
+ - **project_attributes**: *object*
+ - ⁺**name**: *string*
+ - ⁺**number**: *number*
+ - **services_enabled**: *array*
+ - items: *string*
+- **service_accounts**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *object*
+
*additional properties: false*
+ - **display_name**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_self_roles**: *array*
+ - items: *string*
+ - **iam_project_roles**: *reference([iam_project_roles](#refs-iam_project_roles))*
+- **service_encryption_key_ids**: *object*
+
*additional properties: false*
+ - **`^[a-z-]+\.googleapis\.com$`**: *array*
+ - items: *string*
+- **services**: *array*
+ - items: *string*
+- **shared_vpc_host_config**: *object*
+
*additional properties: false*
+ - ⁺**enabled**: *boolean*
+ - **service_projects**: *array*
+ - items: *string*
+- **shared_vpc_service_config**: *object*
+
*additional properties: false*
+ - ⁺**host_project**: *string*
+ - **network_users**: *array*
+ - items: *string*
+ - **service_agent_iam**: *object*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+ - **service_agent_subnet_iam**: *object*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+ - **service_iam_grants**: *array*
+ - items: *string*
+ - **network_subnet_users**: *object*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+- **tag_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *string*
+- **tags**: *object*
+ *additional properties: Object*
+- **vpc_sc**: *object*
+ - ⁺**perimeter_name**: *string*
+ - **perimeter_bridges**: *array*
+ - items: *string*
+ - **is_dry_run**: *boolean*
+
+## Definitions
+
+- **bucket**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **labels**: *object*
+ *additional properties: String*
+ - **location**: *string*
+ - **prefix**: *string*
+ - **storage_class**: *string*
+ - **uniform_bucket_level_access**: *boolean*
+ - **versioning**: *boolean*
+- **buckets**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *reference([bucket](#refs-bucket))*
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
+ - items: *string*
+- **iam_billing_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_folder_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_organization_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_project_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_sa_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_storage_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/fast/stages/3-data-platform-dev/README.md b/fast/stages/3-data-platform-dev/README.md
index 23ea0952b..7188028de 100644
--- a/fast/stages/3-data-platform-dev/README.md
+++ b/fast/stages/3-data-platform-dev/README.md
@@ -229,25 +229,25 @@ The following table lists the available substitutions.
| name | description | type | required | default | producer |
|---|---|:---:|:---:|:---:|:---:|
| [automation](variables-fast.tf#L17) | Automation resources created by the bootstrap stage. | object({…}) | ✓ | | 0-bootstrap |
-| [billing_account](variables-fast.tf#L25) | Billing account id. If billing account is not part of the same org set `is_org_level` to false. | object({…}) | ✓ | | 0-bootstrap |
-| [environments](variables-fast.tf#L33) | Environment names. | object({…}) | ✓ | | 1-resman |
-| [prefix](variables-fast.tf#L68) | Prefix used for resources that need unique names. Use a maximum of 9 chars for organizations, and 11 chars for tenants. | string | ✓ | | 0-bootstrap |
+| [billing_account](variables-fast.tf#L26) | Billing account id. If billing account is not part of the same org set `is_org_level` to false. | object({…}) | ✓ | | 0-bootstrap |
+| [environments](variables-fast.tf#L34) | Environment names. | object({…}) | ✓ | | 1-resman |
+| [prefix](variables-fast.tf#L69) | Prefix used for resources that need unique names. Use a maximum of 9 chars for organizations, and 11 chars for tenants. | string | ✓ | | 0-bootstrap |
| [aspect_types](variables.tf#L17) | Aspect templates. Merged with those defined via the factory. | map(object({…})) | | {} | |
| [central_project_config](variables.tf#L48) | Configuration for the top-level central project. | object({…}) | | {} | |
| [encryption_keys](variables.tf#L84) | Default encryption keys for services, in service => { region => key id } format. Overridable on a per-object basis. | object({…}) | | {} | |
| [exposure_config](variables.tf#L95) | Data exposure configuration. | object({…}) | | {} | |
| [factories_config](variables.tf#L113) | Configuration for the resource factories. | object({…}) | | {} | |
-| [folder_ids](variables-fast.tf#L44) | Folder name => id mappings. | map(string) | | {} | 1-resman |
-| [host_project_ids](variables-fast.tf#L52) | Shared VPC host project name => id mappings. | map(string) | | {} | 2-networking |
-| [kms_keys](variables-fast.tf#L60) | KMS key ids. | map(string) | | {} | 2-security |
+| [folder_ids](variables-fast.tf#L45) | Folder name => id mappings. | map(string) | | {} | 1-resman |
+| [host_project_ids](variables-fast.tf#L53) | Shared VPC host project name => id mappings. | map(string) | | {} | 2-networking |
+| [kms_keys](variables-fast.tf#L61) | KMS key ids. | map(string) | | {} | 2-security |
| [location](variables.tf#L128) | Default location used when no location is specified. | string | | "europe-west1" | |
| [outputs_location](variables.tf#L135) | Enable writing provider, tfvars and CI/CD workflow files to local filesystem. Leave null to disable. | string | | null | |
-| [regions](variables-fast.tf#L78) | Region mappings. | map(string) | | {} | 2-networking |
+| [regions](variables-fast.tf#L79) | Region mappings. | map(string) | | {} | 2-networking |
| [secure_tags](variables.tf#L141) | Resource manager tags created in the central project. | map(object({…})) | | {} | |
| [stage_config](variables.tf#L162) | Stage configuration used to find environment and resource ids, and to generate names. | object({…}) | | {…} | |
-| [subnet_self_links](variables-fast.tf#L86) | Subnet VPC name => { name => self link } mappings. | map(map(string)) | | {} | 2-networking |
-| [tag_values](variables-fast.tf#L94) | FAST-managed resource manager tag values. | map(string) | | {} | 1-resman |
-| [vpc_self_links](variables-fast.tf#L102) | Shared VPC name => self link mappings. | map(string) | | {} | 2-networking |
+| [subnet_self_links](variables-fast.tf#L87) | Subnet VPC name => { name => self link } mappings. | map(map(string)) | | {} | 2-networking |
+| [tag_values](variables-fast.tf#L95) | FAST-managed resource manager tag values. | map(string) | | {} | 1-resman |
+| [vpc_self_links](variables-fast.tf#L103) | Shared VPC name => self link mappings. | map(string) | | {} | 2-networking |
## Outputs
diff --git a/fast/stages/3-data-platform-dev/schemas/aspect-type.schema.md b/fast/stages/3-data-platform-dev/schemas/aspect-type.schema.md
new file mode 100644
index 000000000..2f7cfed1c
--- /dev/null
+++ b/fast/stages/3-data-platform-dev/schemas/aspect-type.schema.md
@@ -0,0 +1,45 @@
+# Dataplex Aspect Type
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **description**: *string*
+- **display_name**: *string*
+- **labels**: *object*
+- **metadata_template**: *string*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
\ No newline at end of file
diff --git a/fast/stages/3-data-platform-dev/schemas/data-domain.schema.json b/fast/stages/3-data-platform-dev/schemas/data-domain.schema.json
index d8002c94d..690c91524 100644
--- a/fast/stages/3-data-platform-dev/schemas/data-domain.schema.json
+++ b/fast/stages/3-data-platform-dev/schemas/data-domain.schema.json
@@ -14,6 +14,7 @@
"type": "string"
},
"automation": {
+ "type": "object",
"additionalProperties": false,
"properties": {
"location": {
diff --git a/fast/stages/3-data-platform-dev/schemas/data-domain.schema.md b/fast/stages/3-data-platform-dev/schemas/data-domain.schema.md
new file mode 100644
index 000000000..fa31d74cf
--- /dev/null
+++ b/fast/stages/3-data-platform-dev/schemas/data-domain.schema.md
@@ -0,0 +1,122 @@
+# Data Domain
+
+
+
+## Properties
+
+*additional properties: false*
+
+- ⁺**name**: *string*
+- **short_name**: *string*
+- **automation**: *object*
+
*additional properties: false*
+ - **location**: *string*
+ - **impersonation_principals**: *array*
+ - items: *string*
+- **deploy_config**: *object*
+
*additional properties: false*
+ - **composer**: *object*
+
*additional properties: false*
+ - **encryption_key**: *string*
+ - **environment_size**: *string*
+
*default: ENVIRONMENT_SIZE_SMALL*, *enum: ['ENVIRONMENT_SIZE_SMALL', 'ENVIRONMENT_SIZE_MEDIUM', 'ENVIRONMENT_SIZE_LARGE']*
+ - ⁺**node_config**: *object*
+
*additional properties: false*
+ - **service_account**: *string*
+ - ⁺**network**: *string*
+ - ⁺**subnetwork**: *string*
+ - **private_builds**: *boolean*
+ - **private_environment**: *boolean*
+ - **region**: *string*
+ - **workloads_config**: *object*
+
*additional properties: false*
+ - **dag_processor**: *reference([composer_workload](#refs-composer_workload))*
+ - **triggerer**: *reference([composer_workload](#refs-composer_workload))*
+ - **scheduler**: *reference([composer_workload](#refs-composer_workload))*
+ - **web_server**: *reference([composer_workload](#refs-composer_workload))*
+ - **worker**: *object*
+
*additional properties: false*
+ - **cpu**: *number*
+ - **memory_gb**: *number*
+ - **storage_gb**: *number*
+ - **min_count**: *integer*
+ - **max_count**: *integer*
+- **folder_config**: *object*
+
*additional properties: false*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+- **project_config**: *object*
+
*additional properties: false*
+ - **name**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+ - **services**: *array*
+ - items: *string*
+ - **shared_vpc_service_config**: *object*
+
*additional properties: false*
+ - ⁺**host_project**: *string*
+ - **network_users**: *array*
+ - items: *string*
+ - **service_agent_iam**: *object*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+ - **service_iam_grants**: *array*
+ - items: *string*
+- **service_accounts**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **iam_storage_roles**: *reference([iam_storage_roles](#refs-iam_storage_roles))*
+ - **name**: *string*
+
+## Definitions
+
+- **composer_workload**: *object*
+
*additional properties: false*
+ - **cpu**: *number*
+ - **memory_gb**: *number*
+ - **storage_gb**: *number*
+ - **count**: *integer*
+- **iam**: *object*
+
*additional properties: false*
+ - **`^(?:roles/|[a-z_]+)`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^[a-z]+[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_storage_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/fast/stages/3-data-platform-dev/schemas/data-product.schema.json b/fast/stages/3-data-platform-dev/schemas/data-product.schema.json
index 453f81e4a..49bec5e1e 100644
--- a/fast/stages/3-data-platform-dev/schemas/data-product.schema.json
+++ b/fast/stages/3-data-platform-dev/schemas/data-product.schema.json
@@ -5,6 +5,7 @@
"additionalProperties": false,
"properties": {
"automation": {
+ "type": "object",
"additionalProperties": false,
"properties": {
"location": {
@@ -28,6 +29,7 @@
"additionalProperties": false,
"properties": {
"datasets": {
+ "type": "object",
"patternProperties": {
"^[a-z][a-z0-9_]+$": {
"type": "object",
@@ -53,6 +55,7 @@
"additionalProperties": false,
"properties": {
"buckets": {
+ "type": "object",
"patternProperties": {
"^[a-z][a-z0-9-]+$": {
"type": "object",
diff --git a/fast/stages/3-data-platform-dev/schemas/data-product.schema.md b/fast/stages/3-data-platform-dev/schemas/data-product.schema.md
new file mode 100644
index 000000000..96dc0fa77
--- /dev/null
+++ b/fast/stages/3-data-platform-dev/schemas/data-product.schema.md
@@ -0,0 +1,97 @@
+# Data Product
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **automation**: *object*
+
*additional properties: false*
+ - **location**: *string*
+ - **impersonation_principals**: *array*
+ - items: *string*
+- **exposure_layer**: *object*
+
*additional properties: false*
+ - **bigquery**: *object*
+
*additional properties: false*
+ - **datasets**: *object*
+ - **`^[a-z][a-z0-9_]+$`**: *object*
+
*additional properties: false*
+ - **encryption_key**: *string*
+ - **location**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **storage**: *object*
+
*additional properties: false*
+ - **buckets**: *object*
+ - **`^[a-z][a-z0-9-]+$`**: *object*
+
*additional properties: false*
+ - **encryption_key**: *string*
+ - **location**: *string*
+ - **storage_class**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+- **service_accounts**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **iam_storage_roles**: *reference([iam_storage_roles](#refs-iam_storage_roles))*
+ - **name**: *string*
+- **services**: *array*
+ - items: *string*
+- **shared_vpc_service_config**: *object*
+
*additional properties: false*
+ - ⁺**host_project**: *string*
+ - **network_users**: *array*
+ - items: *string*
+ - **service_agent_iam**: *object*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+ - **service_iam_grants**: *array*
+ - items: *string*
+- **short_name**: *string*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^(?:roles/|[a-z_]+)`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^[a-z]+[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_storage_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/fast/stages/3-data-platform-dev/variables-fast.tf b/fast/stages/3-data-platform-dev/variables-fast.tf
index 7aa193024..676e1d31a 100644
--- a/fast/stages/3-data-platform-dev/variables-fast.tf
+++ b/fast/stages/3-data-platform-dev/variables-fast.tf
@@ -22,6 +22,7 @@ variable "automation" {
})
nullable = false
}
+
variable "billing_account" {
# tfdoc:variable:source 0-bootstrap
description = "Billing account id. If billing account is not part of the same org set `is_org_level` to false."
diff --git a/modules/billing-account/schemas/budget.schema.json b/modules/billing-account/schemas/budget.schema.json
index b1bdb24d7..61a97730a 100644
--- a/modules/billing-account/schemas/budget.schema.json
+++ b/modules/billing-account/schemas/budget.schema.json
@@ -1,6 +1,6 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
- "title": "Project",
+ "title": "Budget",
"type": "object",
"additionalProperties": false,
"required": [
diff --git a/modules/billing-account/schemas/budget.schema.md b/modules/billing-account/schemas/budget.schema.md
new file mode 100644
index 000000000..826f067fd
--- /dev/null
+++ b/modules/billing-account/schemas/budget.schema.md
@@ -0,0 +1,62 @@
+# Budget
+
+
+
+## Properties
+
+*additional properties: false*
+
+- ⁺**amount**: *object*
+
*additional properties: false*
+ - **currency_code**: *string*
+ - **nanos**: *number*
+ - **units**: *number*
+ - **use_last_period**: *boolean*
+- **display_name**: *string*
+- **filter**: *object*
+
*additional properties: false*
+ - **credit_types_treatment**: *object*
+
*additional properties: false*
+ - **exclude_all**: *boolean*
+ - **include_specified**: *array*
+ - items: *string*
+ - **label**: *object*
+
*additional properties: false*
+ - **key**: *string*
+ - **value**: *string*
+ - **period**: *object*
+
*additional properties: false*
+ - **calendar**: *string*
+ - **custom**: *object*
+
*additional properties: false*
+ - **start_date**: *reference([date](#refs-date))*
+ - **end_date**: *reference([date](#refs-date))*
+ - **projects**: *array*
+ - items: *string*
+ - **resource_ancestors**: *array*
+ - items: *string*
+ - **services**: *array*
+ - items: *string*
+ - **subaccounts**: *array*
+ - items: *string*
+- **threshold_rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - ⁺**percent**: *number*
+ - **forecasted_spend**: *boolean*
+- **update_rules**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **disable_default_iam_recipients**: *boolean*
+ - **monitoring_notification_channels**: *array*
+ - items: *string*
+ - **pubsub_topic**: *string*
+
+## Definitions
+
+- **date**: *object*
+
*additional properties: false*
+ - **day**: *number*
+ - **month**: *number*
+ - **year**: *number*
\ No newline at end of file
diff --git a/modules/data-catalog-tag-template/schemas/tag-template.schema.json b/modules/data-catalog-tag-template/schemas/tag-template.schema.json
index b16ee013e..cb4d79e20 100644
--- a/modules/data-catalog-tag-template/schemas/tag-template.schema.json
+++ b/modules/data-catalog-tag-template/schemas/tag-template.schema.json
@@ -37,6 +37,7 @@
"additionalProperties": false,
"properties": {
"primitive_type": {
+ "type": "string",
"enum": [
"DOUBLE",
"STRING",
diff --git a/modules/data-catalog-tag-template/schemas/tag-template.schema.md b/modules/data-catalog-tag-template/schemas/tag-template.schema.md
new file mode 100644
index 000000000..8a9b01cda
--- /dev/null
+++ b/modules/data-catalog-tag-template/schemas/tag-template.schema.md
@@ -0,0 +1,60 @@
+# Data Catalog Tag Template
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **display_name**: *string*
+- **force_delete**: *boolean*
+- **region**: *string*
+- **fields**: *object*
+
*additional properties: false*
+ - **display_name**: *string*
+ - **description**: *string*
+ - **is_required**: *boolean*
+ - **order**: *number*
+ - **type**: *object*
+
*additional properties: false*
+ - **primitive_type**: *string*
+
*enum: ['DOUBLE', 'STRING', 'BOOL', 'TIMESTAMP']*
+ - **enum_type_values**: *array*
+ - items: *string*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/modules/dataplex-aspect-types/schemas/aspect-type.schema.md b/modules/dataplex-aspect-types/schemas/aspect-type.schema.md
new file mode 100644
index 000000000..2f7cfed1c
--- /dev/null
+++ b/modules/dataplex-aspect-types/schemas/aspect-type.schema.md
@@ -0,0 +1,45 @@
+# Dataplex Aspect Type
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **description**: *string*
+- **display_name**: *string*
+- **labels**: *object*
+- **metadata_template**: *string*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
\ No newline at end of file
diff --git a/modules/folder/schemas/org-policies.schema.md b/modules/folder/schemas/org-policies.schema.md
new file mode 100644
index 000000000..75f6e72d1
--- /dev/null
+++ b/modules/folder/schemas/org-policies.schema.md
@@ -0,0 +1,33 @@
+# Organization Policies
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
+
*additional properties: false*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *reference([allow-deny](#refs-allow-deny))*
+ - **deny**: *reference([allow-deny](#refs-allow-deny))*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+ - **parameters**: *string*
+
+## Definitions
+
+- **allow-deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.json b/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.json
index 1badfd5cb..b5df323b9 100644
--- a/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.json
+++ b/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.json
@@ -20,6 +20,7 @@
"type": "number"
},
"action": {
+ "type": "string",
"enum": [
"allow",
"deny",
diff --git a/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.md b/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.md
new file mode 100644
index 000000000..45a4a996d
--- /dev/null
+++ b/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.md
@@ -0,0 +1,49 @@
+# Firewall Rules
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+
+## Definitions
+
+- **rule**: *object*
+
*additional properties: false*
+ - ⁺**priority**: *number*
+ - **action**: *string*
+
*enum: ['allow', 'deny', 'goto_next', 'apply_security_profile_group']*
+ - **description**: *string*
+ - **disabled**: *boolean*
+ - **enable_logging**: *boolean*
+ - **security_profile_group**: *string*
+ - **target_resources**: *array*
+ - items: *string*
+ - **target_service_accounts**: *array*
+ - items: *string*
+ - **target_tags**: *array*
+ - items: *string*
+ - **tls_inspect**: *boolean*
+ - **match**: *object*
+
*additional properties: false*
+ - **address_groups**: *array*
+ - items: *string*
+ - **fqdns**: *array*
+ - items: *string*
+ - **region_codes**: *array*
+ - items: *string*
+ - **threat_intelligences**: *array*
+ - items: *string*
+ - **destination_ranges**: *array*
+ - items: *string*
+ - **source_ranges**: *array*
+ - items: *string*
+ - **source_tags**: *array*
+ - items: *string*
+ - **layer4_configs**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **protocol**: *string*
+ - **ports**: *array*
\ No newline at end of file
diff --git a/modules/net-swp/schemas/policy-rule.schema.md b/modules/net-swp/schemas/policy-rule.schema.md
new file mode 100644
index 000000000..294ed8fe8
--- /dev/null
+++ b/modules/net-swp/schemas/policy-rule.schema.md
@@ -0,0 +1,24 @@
+# Policy rule
+
+
+
+## Properties
+
+*additional properties: false*
+
+- ⁺**priority**: *integer*
+- **allow**: *boolean*
+- **description**: *string*
+- **enabled**: *boolean*
+- **application_matcher**: *string*
+- **session_matcher**: *string*
+- **tls_inspect**: *boolean*
+- **matcher_args**: *object*
+
*additional properties: false*
+ - **application**: *array*
+ - items: *string*
+ - **session**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/modules/net-swp/schemas/url-list.schema.md b/modules/net-swp/schemas/url-list.schema.md
new file mode 100644
index 000000000..716ef094c
--- /dev/null
+++ b/modules/net-swp/schemas/url-list.schema.md
@@ -0,0 +1,14 @@
+# URL list
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **description**: *string*
+- **values**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/modules/net-vpc-factory/schemas/network-project.schema.json b/modules/net-vpc-factory/schemas/network-project.schema.json
index b50b66154..37e9d02b8 100644
--- a/modules/net-vpc-factory/schemas/network-project.schema.json
+++ b/modules/net-vpc-factory/schemas/network-project.schema.json
@@ -1302,19 +1302,13 @@
"type": "string"
},
"exclude_export_ranges": {
- "type": [
- "array",
- "null"
- ],
+ "type": "array",
"items": {
"type": "string"
}
},
"include_export_ranges": {
- "type": [
- "array",
- "null"
- ],
+ "type": "array",
"items": {
"type": "string"
}
@@ -1506,4 +1500,4 @@
}
}
}
-}
+}
\ No newline at end of file
diff --git a/modules/net-vpc-factory/schemas/network-project.schema.md b/modules/net-vpc-factory/schemas/network-project.schema.md
new file mode 100644
index 000000000..9e12e5274
--- /dev/null
+++ b/modules/net-vpc-factory/schemas/network-project.schema.md
@@ -0,0 +1,460 @@
+# Network Project Configuration (Single)
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **project_config**: *reference([projectConfig](#refs-projectConfig))*
+- **ncc_hub_config**: *reference([nccHubConfig](#refs-nccHubConfig))*
+- **vpc_config**: *reference([vpcConfigMap](#refs-vpcConfigMap))*
+
+## Definitions
+
+- **projectConfig**: *object*
+
*additional properties: false*
+ - ⁺**name**: *string*
+ - **prefix**: *string*
+ - **parent**: *string*
+ - **project_reuse**: *object*
+
*additional properties: false*
+ - **use_data_source**: *boolean*
+ - **project_attributes**: *object*
+ - ⁺**name**: *string*
+ - ⁺**number**: *number*
+ - **services_enabled**: *array*
+ - items: *string*
+ - **billing_account**: *string*
+ - **deletion_policy**: *string*
+
*enum: ['DELETE', 'ABANDON']*
+ - **default_service_account**: *string*
+
*enum: ['deprovision', 'disable', 'keep']*
+ - **auto_create_network**: *boolean*
+ - **project_create**: *boolean*
+ - **shared_vpc_host_config**: *object*
+
*additional properties: false*
+ - ⁺**enabled**: *boolean*
+ - **service_projects**: *array*
+ - items: *string*
+ - **services**: *array*
+ - items: *string*
+ - **org_policies**: *reference([orgPolicies](#refs-orgPolicies))*
+ - **metric_scopes**: *array*
+ - items: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iamBindings](#refs-iamBindings))*
+ - **iam_bindings_additive**: *reference([iamBindingsAdditive](#refs-iamBindingsAdditive))*
+ - **iam_by_principals**: *reference([iamByPrincipals](#refs-iamByPrincipals))*
+ - **iam_by_principals_additive**: *reference([iamByPrincipals](#refs-iamByPrincipals))*
+- **nccHubConfig**: *object*
+
*additional properties: false*
+ - ⁺**name**: *string*
+ - **description**: *string*
+ - **preset_topology**: *string*
+
*enum: ['MESH', 'STAR', 'PLANETARY']*
+ - **export_psc**: *boolean*
+ - **groups**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9_-]+$`**: *reference([nccGroup](#refs-nccGroup))*
+- **nccGroup**: *object*
+
*additional properties: false*
+ - **labels**: *reference([stringMap](#refs-stringMap))*
+ - **description**: *string*
+ - **auto_accept**: *array*
+ - items: *string*
+- **vpcConfigMap**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *reference([vpcConfigEntry](#refs-vpcConfigEntry))*
+- **vpcConfigEntry**: *object*
+
*additional properties: false*
+ - **auto_create_subnetworks**: *boolean*
+ - **create_googleapis_routes**: *object*
+
*additional properties: false*
+ - **private**: *boolean*
+ - **private-6**: *boolean*
+ - **restricted**: *boolean*
+ - **restricted-6**: *boolean*
+ - **delete_default_routes_on_create**: *boolean*
+ - **description**: *string*
+ - **dns_policy**: *object*
+
*additional properties: false*
+ - **inbound**: *boolean*
+ - **logging**: *boolean*
+ - **outbound**: *object*
+
*additional properties: false*
+ - **private_ns**: *array*
+ - items: *string*
+ - **public_ns**: *array*
+ - items: *string*
+ - **dns_zones**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([dnsZone](#refs-dnsZone))*
+ - **firewall_policy_enforcement_order**: *string*
+
*enum: ['AFTER_CLASSIC_FIREWALL', 'BEFORE_CLASSIC_FIREWALL']*
+ - **ipv6_config**: *object*
+
*additional properties: false*
+ - **enable_ula_internal**: *boolean*
+ - **internal_range**: *string*
+ - **mtu**: *number*
+ - **nat_config**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([natConfig](#refs-natConfig))*
+ - **network_attachments**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([networkAttachment](#refs-networkAttachment))*
+ - **policy_based_routes**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([policyBasedRoute](#refs-policyBasedRoute))*
+ - **psa_config**: *array*
+ - items: *reference([psaConfig](#refs-psaConfig))*
+ - **routers**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([routerConfig](#refs-routerConfig))*
+ - **routes**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([routeConfig](#refs-routeConfig))*
+ - **routing_mode**: *string*
+
*enum: ['GLOBAL', 'REGIONAL']*
+ - **subnets_factory_config**: *object*
+
*additional properties: false*
+ - **context**: *object*
+
*additional properties: false*
+ - **regions**: *reference([stringMap](#refs-stringMap))*
+ - **subnets_folder**: *string*
+ - **firewall_factory_config**: *object*
+
*additional properties: false*
+ - **cidr_tpl_file**: *string*
+ - **rules_folder**: *string*
+ - **vpn_config**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([vpnConfig](#refs-vpnConfig))*
+ - **peering_config**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([peeringConfig](#refs-peeringConfig))*
+ - **ncc_config**: *reference([vpcNccConfig](#refs-vpcNccConfig))*
+- **dnsZone**: *object*
+
*additional properties: false*
+ - **force_destroy**: *boolean*
+ - **description**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **zone_config**: *reference([dnsZoneConfig](#refs-dnsZoneConfig))*
+ - **recordsets**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9_. -]+$`**: *reference([dnsRecordSet](#refs-dnsRecordSet))*
+- **dnsZoneConfig**: *object*
+
*additional properties: false*
+ - ⁺**domain**: *string*
+ - **forwarding**: *object*
+
*additional properties: false*
+ - **forwarders**: *reference([stringMap](#refs-stringMap))*
+ - **client_networks**: *array*
+ - items: *string*
+ - **peering**: *object*
+
*additional properties: false*
+ - **client_networks**: *array*
+ - items: *string*
+ - ⁺**peer_network**: *string*
+ - **public**: *object*
+
*additional properties: false*
+ - **dnssec_config**: *reference([dnssecConfig](#refs-dnssecConfig))*
+ - **enable_logging**: *boolean*
+ - **private**: *object*
+
*additional properties: false*
+ - **client_networks**: *array*
+ - items: *string*
+ - **service_directory_namespace**: *string*
+- **dnssecConfig**: *object*
+
*additional properties: false*
+ - **non_existence**: *string*
+
*enum: ['nsec', 'nsec3']*
+ - ⁺**state**: *string*
+
*enum: ['on', 'off', 'transfer']*
+ - **key_signing_key**: *reference([dnsKeySpec](#refs-dnsKeySpec))*
+ - **zone_signing_key**: *reference([dnsKeySpec](#refs-dnsKeySpec))*
+- **dnsKeySpec**: *object*
+
*additional properties: false*
+ - ⁺**algorithm**: *string*
+
*enum: ['rsasha1', 'rsasha256', 'rsasha512', 'ecdsap256sha256', 'ecdsap384sha384']*
+ - ⁺**key_length**: *number*
+- **dnsRecordSet**: *object*
+
*additional properties: false*
+ - **ttl**: *number*
+ - **records**: *array*
+ - items: *string*
+ - **geo_routing**: *array*
+ - items: *reference([dnsGeoRoutingRule](#refs-dnsGeoRoutingRule))*
+ - **wrr_routing**: *array*
+ - items: *reference([dnsWrrRoutingRule](#refs-dnsWrrRoutingRule))*
+- **dnsGeoRoutingRule**: *object*
+
*additional properties: false*
+ - ⁺**location**: *string*
+ - **records**: *array*
+ - items: *string*
+ - **health_checked_targets**: *array*
+ - items: *reference([dnsHealthCheckedTarget](#refs-dnsHealthCheckedTarget))*
+- **dnsHealthCheckedTarget**: *object*
+
*additional properties: false*
+ - ⁺**load_balancer_type**: *string*
+ - ⁺**ip_address**: *string*
+ - ⁺**port**: *string*
+ - ⁺**ip_protocol**: *string*
+ - ⁺**network_url**: *string*
+ - ⁺**project**: *string*
+ - **region**: *string*
+- **dnsWrrRoutingRule**: *object*
+
*additional properties: false*
+ - ⁺**weight**: *number*
+ - ⁺**records**: *array*
+ - items: *string*
+- **natConfig**: *object*
+
*additional properties: false*
+ - ⁺**region**: *string*
+ - **router_create**: *boolean*
+ - **router_name**: *string*
+ - **router_network**: *string*
+ - **router_asn**: *number*
+ - **type**: *string*
+
*enum: ['PUBLIC', 'PRIVATE']*
+ - **addresses**: *array*
+ - items: *string*
+ - **endpoint_types**: *array*
+ - items: *string*
+
*enum: ['ENDPOINT_TYPE_VM', 'ENDPOINT_TYPE_SWG', 'ENDPOINT_TYPE_MANAGED_PROXY_LB']*
+ - **logging_filter**: *string*
+
*enum: ['ERRORS_ONLY', 'TRANSLATIONS_ONLY', 'ALL']*
+ - **config_port_allocation**: *object*
+
*additional properties: false*
+ - **enable_endpoint_independent_mapping**: *boolean*
+ - **enable_dynamic_port_allocation**: *boolean*
+ - **min_ports_per_vm**: *number*
+ - **max_ports_per_vm**: *number*
+ - **config_source_subnetworks**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **primary_ranges_only**: *boolean*
+ - **subnetworks**: *array*
+ - items: *reference([natSourceSubnetwork](#refs-natSourceSubnetwork))*
+ - **config_timeouts**: *object*
+
*additional properties: false*
+ - **icmp**: *number*
+ - **tcp_established**: *number*
+ - **tcp_time_wait**: *number*
+ - **tcp_transitory**: *number*
+ - **udp**: *number*
+ - **rules**: *array*
+ - items: *reference([natRule](#refs-natRule))*
+- **natSourceSubnetwork**: *object*
+
*additional properties: false*
+ - ⁺**self_link**: *string*
+ - **all_ranges**: *boolean*
+ - **primary_range**: *boolean*
+ - **secondary_ranges**: *array*
+ - items: *string*
+- **natRule**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - ⁺**match**: *string*
+ - **source_ips**: *array*
+ - items: *string*
+ - **source_ranges**: *array*
+ - items: *string*
+- **networkAttachment**: *object*
+
*additional properties: false*
+ - ⁺**subnet**: *string*
+ - **automatic_connection**: *boolean*
+ - **description**: *string*
+ - **producer_accept_lists**: *array*
+ - items: *string*
+ - **producer_reject_lists**: *array*
+ - items: *string*
+- **policyBasedRoute**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **labels**: *reference([stringMap](#refs-stringMap))*
+ - **priority**: *number*
+ - **next_hop_ilb_ip**: *string*
+ - **use_default_routing**: *boolean*
+ - **filter**: *object*
+
*additional properties: false*
+ - **ip_protocol**: *string*
+ - **dest_range**: *string*
+ - **src_range**: *string*
+ - **target**: *object*
+
*additional properties: false*
+ - **interconnect_attachment**: *string*
+ - **tags**: *array*
+ - items: *string*
+- **psaConfig**: *object*
+
*additional properties: false*
+ - **deletion_policy**: *string*
+
*enum: ['delete', 'abandon']*
+ - **ranges**: *reference([stringMap](#refs-stringMap))*
+ - **export_routes**: *boolean*
+ - **import_routes**: *boolean*
+ - **peered_domains**: *array*
+ - items: *string*
+ - **range_prefix**: *string*
+ - **service_producer**: *string*
+- **routerConfig**: *object*
+
*additional properties: false*
+ - ⁺**region**: *string*
+ - **asn**: *number*
+ - **custom_advertise**: *reference([customAdvertiseConfig](#refs-customAdvertiseConfig))*
+ - **keepalive**: *number*
+ - **name**: *string*
+- **routeConfig**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - ⁺**dest_range**: *string*
+ - ⁺**next_hop_type**: *string*
+ - ⁺**next_hop**: *string*
+ - **priority**: *number*
+ - **tags**: *array*
+ - items: *string*
+- **vpnConfig**: *object*
+
*additional properties: false*
+ - ⁺**region**: *string*
+ - **ncc_spoke_config**: *object*
+
*additional properties: false*
+ - **hub**: *string*
+ - **description**: *string*
+ - **labels**: *reference([stringMap](#refs-stringMap))*
+ - ⁺**peer_gateways**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([peerGateway](#refs-peerGateway))*
+ - **router_config**: *reference([vpnRouterConfig](#refs-vpnRouterConfig))*
+ - **stack_type**: *string*
+
*enum: ['IPV4_ONLY', 'IPV4_IPV6']*
+ - ⁺**tunnels**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *reference([vpnTunnel](#refs-vpnTunnel))*
+- **peerGateway**: *object*
+
*additional properties: false*
+ - **external**: *reference([externalPeerGateway](#refs-externalPeerGateway))*
+ - **gcp**: *string*
+- **externalPeerGateway**: *object*
+
*additional properties: false*
+ - ⁺**redundancy_type**: *string*
+
*enum: ['SINGLE_IP_INTERNALLY_REDUNDANT', 'TWO_IPS_REDUNDANCY', 'FOUR_IPS_REDUNDANCY']*
+ - ⁺**interfaces**: *array*
+ - items: *string*
+ - **description**: *string*
+ - **name**: *string*
+- **vpnRouterConfig**: *object*
+
*additional properties: false*
+ - **asn**: *number*
+ - **create**: *boolean*
+ - **custom_advertise**: *reference([customAdvertiseConfig](#refs-customAdvertiseConfig))*
+ - **keepalive**: *number*
+ - **name**: *string*
+ - **override_name**: *string*
+- **vpnTunnel**: *object*
+
*additional properties: false*
+ - **bgp_peer**: *reference([bgpPeerConfig](#refs-bgpPeerConfig))*
+ - ⁺**bgp_session_range**: *string*
+ - **ike_version**: *number*
+
*enum: [1, 2]*
+ - **name**: *string*
+ - **peer_external_gateway_interface**: *number*
+ - **peer_router_interface_name**: *string*
+ - **peer_gateway**: *string*
+ - **router**: *string*
+ - **shared_secret**: *string*
+ - ⁺**vpn_gateway_interface**: *number*
+- **bgpPeerConfig**: *object*
+
*additional properties: false*
+ - ⁺**address**: *string*
+ - ⁺**asn**: *number*
+ - **route_priority**: *number*
+ - **custom_advertise**: *reference([customAdvertiseConfig](#refs-customAdvertiseConfig))*
+ - **md5_authentication_key**: *object*
+
*additional properties: false*
+ - ⁺**name**: *string*
+ - **key**: *string*
+ - **ipv6**: *object*
+
*additional properties: false*
+ - **nexthop_address**: *string*
+ - **peer_nexthop_address**: *string*
+ - **name**: *string*
+- **customAdvertiseConfig**: *object*
+
*additional properties: false*
+ - ⁺**all_subnets**: *boolean*
+ - **ip_ranges**: *reference([stringMap](#refs-stringMap))*
+- **peeringConfig**: *object*
+
*additional properties: false*
+ - ⁺**peer_network**: *string*
+ - **routes_config**: *object*
+
*additional properties: false*
+ - **export**: *boolean*
+ - **import**: *boolean*
+ - **public_export**: *boolean*
+ - **public_import**: *boolean*
+ - **stack_type**: *string*
+
*enum: ['IPV4_ONLY', 'IPV4_IPV6']*
+- **vpcNccConfig**: *object*
+
*additional properties: false*
+ - ⁺**hub**: *string*
+ - **description**: *string*
+ - **labels**: *reference([stringMap](#refs-stringMap))*
+ - **group**: *string*
+ - **exclude_export_ranges**: *array*
+ - items: *string*
+ - **include_export_ranges**: *array*
+ - items: *string*
+- **stringMap**: *object*
+ *additional properties: String*
+- **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **principalPattern**: *string*
+- **rolePattern**: *string*
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *reference([principalPattern](#refs-principalPattern))*
+- **iamBindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - ⁺**members**: *array*
+ - items: *reference([principalPattern](#refs-principalPattern))*
+ - **role**: *reference([rolePattern](#refs-rolePattern))*
+ - **condition**: *reference([condition](#refs-condition))*
+- **iamBindingsAdditive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *reference([principalPattern](#refs-principalPattern))*
+ - **role**: *reference([rolePattern](#refs-rolePattern))*
+ - **condition**: *reference([condition](#refs-condition))*
+- **iamByPrincipals**: *object*
+
*additional properties: false*
+ - **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
+ - items: *reference([rolePattern](#refs-rolePattern))*
+- **orgPolicies**: *object*
+
*additional properties: false*
+ - **`^[a-z]+\.`**: *reference([orgPolicyConfig](#refs-orgPolicyConfig))*
+- **orgPolicyConfig**: *object*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *reference([orgPolicyRule](#refs-orgPolicyRule))*
+- **orgPolicyRule**: *object*
+
*additional properties: false*
+ - **allow**: *reference([orgPolicyRuleAllowDeny](#refs-orgPolicyRuleAllowDeny))*
+ - **deny**: *reference([orgPolicyRuleAllowDeny](#refs-orgPolicyRuleAllowDeny))*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+- **orgPolicyRuleAllowDeny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/modules/net-vpc-firewall/schemas/firewall-rules.schema.md b/modules/net-vpc-firewall/schemas/firewall-rules.schema.md
new file mode 100644
index 000000000..2e3a0df0a
--- /dev/null
+++ b/modules/net-vpc-firewall/schemas/firewall-rules.schema.md
@@ -0,0 +1,41 @@
+# Firewall Rules
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **egress**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+- **ingress**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *reference([rule](#refs-rule))*
+
+## Definitions
+
+- **rule**: *object*
+
*additional properties: false*
+ - **deny**: *boolean*
+ - **description**: *string*
+ - **destination_ranges**: *array*
+ - items: *string*
+ - **disabled**: *boolean*
+ - **enable_logging**: *object*
+
*additional properties: false*
+ - **include_metadata**: *boolean*
+ - **priority**: *number*
+ - **source_ranges**: *array*
+ - items: *string*
+ - **sources**: *array*
+ - items: *string*
+ - **targets**: *array*
+ - items: *string*
+ - **use_service_accounts**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **protocol**: *string*
+ - **ports**: *array*
+ - items: *number*
\ No newline at end of file
diff --git a/modules/net-vpc/schemas/subnet.schema.md b/modules/net-vpc/schemas/subnet.schema.md
new file mode 100644
index 000000000..d5207a8c1
--- /dev/null
+++ b/modules/net-vpc/schemas/subnet.schema.md
@@ -0,0 +1,64 @@
+# Subnet
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **active**: *boolean*
+- **description**: *string*
+- **enable_private_access**: *boolean*
+- **allow_subnet_cidr_routes_overlap**: *boolean*
+- **flow_logs_config**: *object*
+
*additional properties: false*
+ - **aggregation_interval**: *string*
+ - **filter_expression**: *string*
+ - **flow_sampling**: *number*
+ - **metadata**: *string*
+ - **metadata_fields**: *array*
+ - items: *string*
+- **global**: *boolean*
+- ⁺**ip_cidr_range**: *string*
+- **ipv6**: *object*
+
*additional properties: false*
+ - **access_type**: *string*
+- **name**: *string*
+- ⁺**region**: *string*
+- **psc**: *boolean*
+- **proxy_only**: *boolean*
+- **secondary_ip_ranges**: *object*
+ *additional properties: String*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
\ No newline at end of file
diff --git a/modules/organization/schemas/custom-role.schema.md b/modules/organization/schemas/custom-role.schema.md
new file mode 100644
index 000000000..4be548bca
--- /dev/null
+++ b/modules/organization/schemas/custom-role.schema.md
@@ -0,0 +1,14 @@
+# Custom Role
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **name**: *string*
+- **includedPermissions**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/modules/organization/schemas/org-policies.schema.md b/modules/organization/schemas/org-policies.schema.md
new file mode 100644
index 000000000..75f6e72d1
--- /dev/null
+++ b/modules/organization/schemas/org-policies.schema.md
@@ -0,0 +1,33 @@
+# Organization Policies
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
+
*additional properties: false*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *reference([allow-deny](#refs-allow-deny))*
+ - **deny**: *reference([allow-deny](#refs-allow-deny))*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+ - **parameters**: *string*
+
+## Definitions
+
+- **allow-deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/modules/organization/schemas/org-policy-custom-constraint.schema.md b/modules/organization/schemas/org-policy-custom-constraint.schema.md
new file mode 100644
index 000000000..d48e106b6
--- /dev/null
+++ b/modules/organization/schemas/org-policy-custom-constraint.schema.md
@@ -0,0 +1,21 @@
+# Organization Policy Custom Constraints
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z-]+\.[a-zA-Z]+$`**: *object*
+
*additional properties: false*
+ - **display_name**: *string*
+ - **description**: *string*
+ - ⁺**action_type**: *string*
+ - ⁺**condition**: *string*
+ - **method_types**: *array*
+ - items: *string*
+ - **resource_types**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/modules/project-factory/schemas/budget.schema.md b/modules/project-factory/schemas/budget.schema.md
new file mode 100644
index 000000000..826f067fd
--- /dev/null
+++ b/modules/project-factory/schemas/budget.schema.md
@@ -0,0 +1,62 @@
+# Budget
+
+
+
+## Properties
+
+*additional properties: false*
+
+- ⁺**amount**: *object*
+
*additional properties: false*
+ - **currency_code**: *string*
+ - **nanos**: *number*
+ - **units**: *number*
+ - **use_last_period**: *boolean*
+- **display_name**: *string*
+- **filter**: *object*
+
*additional properties: false*
+ - **credit_types_treatment**: *object*
+
*additional properties: false*
+ - **exclude_all**: *boolean*
+ - **include_specified**: *array*
+ - items: *string*
+ - **label**: *object*
+
*additional properties: false*
+ - **key**: *string*
+ - **value**: *string*
+ - **period**: *object*
+
*additional properties: false*
+ - **calendar**: *string*
+ - **custom**: *object*
+
*additional properties: false*
+ - **start_date**: *reference([date](#refs-date))*
+ - **end_date**: *reference([date](#refs-date))*
+ - **projects**: *array*
+ - items: *string*
+ - **resource_ancestors**: *array*
+ - items: *string*
+ - **services**: *array*
+ - items: *string*
+ - **subaccounts**: *array*
+ - items: *string*
+- **threshold_rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - ⁺**percent**: *number*
+ - **forecasted_spend**: *boolean*
+- **update_rules**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **disable_default_iam_recipients**: *boolean*
+ - **monitoring_notification_channels**: *array*
+ - items: *string*
+ - **pubsub_topic**: *string*
+
+## Definitions
+
+- **date**: *object*
+
*additional properties: false*
+ - **day**: *number*
+ - **month**: *number*
+ - **year**: *number*
\ No newline at end of file
diff --git a/modules/project-factory/schemas/folder.schema.json b/modules/project-factory/schemas/folder.schema.json
index 99bbf727a..1e87c94c6 100644
--- a/modules/project-factory/schemas/folder.schema.json
+++ b/modules/project-factory/schemas/folder.schema.json
@@ -24,66 +24,69 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
- "inherit_from_parent": {
- "type": "boolean"
- },
- "reset": {
- "type": "boolean"
- },
- "rules": {
- "type": "array",
- "items": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "allow": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ "type": "object",
+ "properties": {
+ "inherit_from_parent": {
+ "type": "boolean"
+ },
+ "reset": {
+ "type": "boolean"
+ },
+ "rules": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "allow": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "deny": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ },
+ "deny": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "enforce": {
- "type": "boolean"
- },
- "condition": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "description": {
- "type": "string"
- },
- "expression": {
- "type": "string"
- },
- "location": {
- "type": "string"
- },
- "title": {
- "type": "string"
+ },
+ "enforce": {
+ "type": "boolean"
+ },
+ "condition": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "description": {
+ "type": "string"
+ },
+ "expression": {
+ "type": "string"
+ },
+ "location": {
+ "type": "string"
+ },
+ "title": {
+ "type": "string"
+ }
}
}
}
diff --git a/modules/project-factory/schemas/folder.schema.md b/modules/project-factory/schemas/folder.schema.md
new file mode 100644
index 000000000..b771e6a34
--- /dev/null
+++ b/modules/project-factory/schemas/folder.schema.md
@@ -0,0 +1,76 @@
+# Folder
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+- **name**: *string*
+- **org_policies**: *object*
+
*additional properties: false*
+ - **`^[a-z]+\.`**: *object*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+- **parent**: *string*
+- **tag_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *string*
+
+## Definitions
+
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/modules/project-factory/schemas/project.schema.json b/modules/project-factory/schemas/project.schema.json
index babdf5381..eb9ad7021 100644
--- a/modules/project-factory/schemas/project.schema.json
+++ b/modules/project-factory/schemas/project.schema.json
@@ -87,7 +87,11 @@
},
"deletion_policy": {
"type": "string",
- "enum": ["PREVENT", "DELETE", "ABANDON"]
+ "enum": [
+ "PREVENT",
+ "DELETE",
+ "ABANDON"
+ ]
},
"iam": {
"$ref": "#/$defs/iam"
@@ -118,66 +122,69 @@
"additionalProperties": false,
"patternProperties": {
"^[a-z]+\\.": {
- "inherit_from_parent": {
- "type": "boolean"
- },
- "reset": {
- "type": "boolean"
- },
- "rules": {
- "type": "array",
- "items": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "allow": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ "type": "object",
+ "properties": {
+ "inherit_from_parent": {
+ "type": "boolean"
+ },
+ "reset": {
+ "type": "boolean"
+ },
+ "rules": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "allow": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "deny": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "all": {
- "type": "boolean"
- },
- "values": {
- "type": "array",
- "items": {
- "type": "string"
+ },
+ "deny": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "all": {
+ "type": "boolean"
+ },
+ "values": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
}
}
- }
- },
- "enforce": {
- "type": "boolean"
- },
- "condition": {
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "description": {
- "type": "string"
- },
- "expression": {
- "type": "string"
- },
- "location": {
- "type": "string"
- },
- "title": {
- "type": "string"
+ },
+ "enforce": {
+ "type": "boolean"
+ },
+ "condition": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "description": {
+ "type": "string"
+ },
+ "expression": {
+ "type": "string"
+ },
+ "location": {
+ "type": "string"
+ },
+ "title": {
+ "type": "string"
+ }
}
}
}
@@ -655,4 +662,4 @@
}
}
}
-}
+}
\ No newline at end of file
diff --git a/modules/project-factory/schemas/project.schema.md b/modules/project-factory/schemas/project.schema.md
new file mode 100644
index 000000000..795929797
--- /dev/null
+++ b/modules/project-factory/schemas/project.schema.md
@@ -0,0 +1,199 @@
+# Project
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **automation**: *object*
+
*additional properties: false*
+ - ⁺**project**: *string*
+ - **bucket**: *reference([bucket](#refs-bucket))*
+ - **service_accounts**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **iam_billing_roles**: *reference([iam_billing_roles](#refs-iam_billing_roles))*
+ - **iam_folder_roles**: *reference([iam_folder_roles](#refs-iam_folder_roles))*
+ - **iam_organization_roles**: *reference([iam_organization_roles](#refs-iam_organization_roles))*
+ - **iam_project_roles**: *reference([iam_project_roles](#refs-iam_project_roles))*
+ - **iam_sa_roles**: *reference([iam_sa_roles](#refs-iam_sa_roles))*
+ - **iam_storage_roles**: *reference([iam_storage_roles](#refs-iam_storage_roles))*
+- **billing_account**: *string*
+- **billing_budgets**: *array*
+ - items: *string*
+- **buckets**: *reference([buckets](#refs-buckets))*
+- **contacts**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+- **deletion_policy**: *string*
+
*enum: ['PREVENT', 'DELETE', 'ABANDON']*
+- **iam**: *reference([iam](#refs-iam))*
+- **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+- **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+- **iam_by_principals**: *reference([iam_by_principals](#refs-iam_by_principals))*
+- **labels**: *object*
+- **metric_scopes**: *array*
+ - items: *string*
+- **name**: *string*
+- **org_policies**: *object*
+
*additional properties: false*
+ - **`^[a-z]+\.`**: *object*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+- **parent**: *string*
+- **prefix**: *string*
+- **project_reuse**: *object*
+
*additional properties: false*
+ - **use_data_source**: *boolean*
+ - **project_attributes**: *object*
+ - ⁺**name**: *string*
+ - ⁺**number**: *number*
+ - **services_enabled**: *array*
+ - items: *string*
+- **service_accounts**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *object*
+
*additional properties: false*
+ - **display_name**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_self_roles**: *array*
+ - items: *string*
+ - **iam_project_roles**: *reference([iam_project_roles](#refs-iam_project_roles))*
+- **service_encryption_key_ids**: *object*
+
*additional properties: false*
+ - **`^[a-z-]+\.googleapis\.com$`**: *array*
+ - items: *string*
+- **services**: *array*
+ - items: *string*
+- **shared_vpc_host_config**: *object*
+
*additional properties: false*
+ - ⁺**enabled**: *boolean*
+ - **service_projects**: *array*
+ - items: *string*
+- **shared_vpc_service_config**: *object*
+
*additional properties: false*
+ - ⁺**host_project**: *string*
+ - **network_users**: *array*
+ - items: *string*
+ - **service_agent_iam**: *object*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+ - **service_agent_subnet_iam**: *object*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+ - **service_iam_grants**: *array*
+ - items: *string*
+ - **network_subnet_users**: *object*
+ - **`^[a-z0-9_-]+$`**: *array*
+ - items: *string*
+- **tag_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *string*
+- **tags**: *object*
+ *additional properties: Object*
+- **vpc_sc**: *object*
+ - ⁺**perimeter_name**: *string*
+ - **perimeter_bridges**: *array*
+ - items: *string*
+ - **is_dry_run**: *boolean*
+
+## Definitions
+
+- **bucket**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **iam**: *reference([iam](#refs-iam))*
+ - **iam_bindings**: *reference([iam_bindings](#refs-iam_bindings))*
+ - **iam_bindings_additive**: *reference([iam_bindings_additive](#refs-iam_bindings_additive))*
+ - **labels**: *object*
+ *additional properties: String*
+ - **location**: *string*
+ - **prefix**: *string*
+ - **storage_class**: *string*
+ - **uniform_bucket_level_access**: *boolean*
+ - **versioning**: *boolean*
+- **buckets**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *reference([bucket](#refs-bucket))*
+- **iam**: *object*
+
*additional properties: false*
+ - **`^roles/`**: *array*
+ - items: *string*
+- **iam_bindings**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **members**: *array*
+ - items: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_bindings_additive**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - **member**: *string*
+ - **role**: *string*
+ - **condition**: *object*
+
*additional properties: false*
+ - ⁺**expression**: *string*
+ - ⁺**title**: *string*
+ - **description**: *string*
+- **iam_by_principals**: *object*
+
*additional properties: false*
+ - **`^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|[a-z])`**: *array*
+ - items: *string*
+- **iam_billing_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_folder_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_organization_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_project_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_sa_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
+- **iam_storage_roles**: *object*
+
*additional properties: false*
+ - **`^[a-z0-9-]+$`**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/modules/project/schemas/custom-role.schema.md b/modules/project/schemas/custom-role.schema.md
new file mode 100644
index 000000000..4be548bca
--- /dev/null
+++ b/modules/project/schemas/custom-role.schema.md
@@ -0,0 +1,14 @@
+# Custom Role
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **name**: *string*
+- **includedPermissions**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/modules/project/schemas/observability.schema.md b/modules/project/schemas/observability.schema.md
new file mode 100644
index 000000000..37236fc2e
--- /dev/null
+++ b/modules/project/schemas/observability.schema.md
@@ -0,0 +1,166 @@
+# Observability Schema
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **alerts**: *reference([alerts](#refs-alerts))*
+- **logging_metrics**: *reference([logging_metrics](#refs-logging_metrics))*
+- **notification_channels**: *reference([notification_channels](#refs-notification_channels))*
+
+## Definitions
+
+- **alerts**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *object*
+
*additional properties: false*
+ - ⁺**combiner**: *string*
+ - **display_name**: *string*
+ - **enabled**: *boolean*
+ - **notification_channels**: *array*
+ - items: *string*
+ - **severity**: *string*
+ - **user_labels**: *object*
+ *additional properties: String*
+ - **alert_strategy**: *object*
+
*additional properties: false*
+ - **auto_close**: *string*
+ - **notification_prompts**: *string*
+ - **notification_rate_limit**: *object*
+
*additional properties: false*
+ - **period**: *string*
+ - **notification_channel_strategy**: *object*
+
*additional properties: false*
+ - **notification_channel_names**: *array*
+ - items: *string*
+ - **renotify_interval**: *string*
+ - **conditions**: *array*
+ - items: *reference([condition](#refs-condition))*
+ - **documentation**: *object*
+
*additional properties: false*
+ - **content**: *string*
+ - **mime_type**: *string*
+ - **subject**: *string*
+ - **links**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **display_name**: *string*
+ - **url**: *string*
+- **logging_metrics**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *object*
+
*additional properties: false*
+ - ⁺**filter**: *string*
+ - **bucket_name**: *string*
+ - **description**: *string*
+ - **disabled**: *boolean*
+ - **label_extractors**: *object*
+ *additional properties: String*
+ - **value_extractor**: *string*
+ - **bucket_options**: *object*
+
*additional properties: false*
+ - **explicit_buckets**: *object*
+
*additional properties: false*
+ - **bounds**: *array*
+ - items: *number*
+ - **exponential_buckets**: *object*
+
*additional properties: false*
+ - **num_finite_buckets**: *number*
+ - **growth_factor**: *number*
+ - **scale**: *number*
+ - **linear_buckets**: *object*
+
*additional properties: false*
+ - **num_finite_buckets**: *number*
+ - **width**: *number*
+ - **offset**: *number*
+ - **metric_descriptor**: *object*
+
*additional properties: false*
+ - ⁺**metric_kind**: *string*
+ - ⁺**value_type**: *string*
+ - **display_name**: *string*
+ - **unit**: *string*
+ - **labels**: *array*
+ - items: *object*
+
*additional properties: false*
+ - ⁺**key**: *string*
+ - **description**: *string*
+ - **value_type**: *string*
+- **notification_channels**: *object*
+
*additional properties: false*
+ - **`^[a-zA-Z0-9-]+$`**: *object*
+
*additional properties: false*
+ - ⁺**type**: *string*
+ - **description**: *string*
+ - **display_name**: *string*
+ - **enabled**: *boolean*
+ - **labels**: *object*
+ *additional properties: String*
+ - **user_labels**: *object*
+ *additional properties: String*
+ - **sensitive_labels**: *object*
+
*additional properties: false*
+ - **auth_token**: *string*
+ - **password**: *string*
+ - **service_key**: *string*
+- **condition**: *object*
+
*additional properties: false*
+ - ⁺**display_name**: *string*
+ - **condition_absent**: *reference([absent_condition](#refs-absent_condition))*
+ - **condition_matched_log**: *reference([matched_log_condition](#refs-matched_log_condition))*
+ - **condition_monitoring_query_language**: *reference([monitoring_query_condition](#refs-monitoring_query_condition))*
+ - **condition_prometheus_query_language**: *reference([prometheus_query_condition](#refs-prometheus_query_condition))*
+ - **condition_threshold**: *reference([threshold_condition](#refs-threshold_condition))*
+- **absent_condition**: *object*
+
*additional properties: false*
+ - ⁺**duration**: *string*
+ - **filter**: *string*
+ - **aggregations**: *reference([aggregations](#refs-aggregations))*
+ - **trigger**: *reference([trigger](#refs-trigger))*
+- **matched_log_condition**: *object*
+
*additional properties: false*
+ - ⁺**filter**: *string*
+ - **label_extractors**: *object*
+ *additional properties: String*
+- **monitoring_query_condition**: *object*
+
*additional properties: false*
+ - ⁺**duration**: *string*
+ - ⁺**query**: *string*
+ - **evaluation_missing_data**: *string*
+ - **trigger**: *reference([trigger](#refs-trigger))*
+- **prometheus_query_condition**: *object*
+
*additional properties: false*
+ - ⁺**query**: *string*
+ - **alert_rule**: *string*
+ - **disable_metric_validation**: *boolean*
+ - **duration**: *string*
+ - **evaluation_interval**: *string*
+ - **labels**: *object*
+ *additional properties: String*
+ - **rule_group**: *string*
+- **threshold_condition**: *object*
+
*additional properties: false*
+ - ⁺**comparison**: *string*
+ - ⁺**duration**: *string*
+ - **denominator_filter**: *string*
+ - **evaluation_missing_data**: *string*
+ - **filter**: *string*
+ - **threshold_value**: *number*
+ - **aggregations**: *reference([aggregations](#refs-aggregations))*
+ - **denominator_aggregations**: *reference([aggregations](#refs-aggregations))*
+ - **forecast_options**: *object*
+
*additional properties: false*
+ - **forecast_horizon**: *string*
+ - **trigger**: *reference([trigger](#refs-trigger))*
+- **aggregations**: *object*
+
*additional properties: false*
+ - **per_series_aligner**: *string*
+ - **group_by_fields**: *array*
+ - items: *string*
+ - **cross_series_reducer**: *string*
+ - **alignment_period**: *string*
+- **trigger**: *object*
+
*additional properties: false*
+ - **count**: *number*
+ - **percent**: *number*
\ No newline at end of file
diff --git a/modules/project/schemas/org-policies.schema.md b/modules/project/schemas/org-policies.schema.md
new file mode 100644
index 000000000..75f6e72d1
--- /dev/null
+++ b/modules/project/schemas/org-policies.schema.md
@@ -0,0 +1,33 @@
+# Organization Policies
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-z-]+[a-zA-Z0-9\.]+$`**: *object*
+
*additional properties: false*
+ - **inherit_from_parent**: *boolean*
+ - **reset**: *boolean*
+ - **rules**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **allow**: *reference([allow-deny](#refs-allow-deny))*
+ - **deny**: *reference([allow-deny](#refs-allow-deny))*
+ - **enforce**: *boolean*
+ - **condition**: *object*
+
*additional properties: false*
+ - **description**: *string*
+ - **expression**: *string*
+ - **location**: *string*
+ - **title**: *string*
+ - **parameters**: *string*
+
+## Definitions
+
+- **allow-deny**: *object*
+
*additional properties: false*
+ - **all**: *boolean*
+ - **values**: *array*
+ - items: *string*
\ No newline at end of file
diff --git a/modules/project/schemas/quotas.schema.json b/modules/project/schemas/quotas.schema.json
index 3390f3b38..bddcedf32 100644
--- a/modules/project/schemas/quotas.schema.json
+++ b/modules/project/schemas/quotas.schema.json
@@ -41,6 +41,7 @@
}
},
"ignore_safety_checks": {
+ "type": "string",
"enum": [
"QUOTA_DECREASE_BELOW_USAGE",
"QUOTA_DECREASE_PERCENTAGE_TOO_HIGH",
diff --git a/modules/project/schemas/quotas.schema.md b/modules/project/schemas/quotas.schema.md
new file mode 100644
index 000000000..a4a5a9f53
--- /dev/null
+++ b/modules/project/schemas/quotas.schema.md
@@ -0,0 +1,24 @@
+# Organization Policies
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **`^[a-zA-Z0-9_-]+$`**: *object*
+
*additional properties: false*
+ - ⁺**service**: *string*
+ - ⁺**quota_id**: *string*
+ - ⁺**preferred_value**: *number*
+ - **dimensions**: *object*
+ *additional properties: String*
+ - **justification**: *string*
+ - **contact_email**: *string*
+ - **annotations**: *object*
+ *additional properties: String*
+ - **ignore_safety_checks**: *string*
+
*enum: ['QUOTA_DECREASE_BELOW_USAGE', 'QUOTA_DECREASE_PERCENTAGE_TOO_HIGH', 'QUOTA_SAFETY_CHECK_UNSPECIFIED']*
+
+## Definitions
+
diff --git a/modules/vpc-sc/schemas/access-level.schema.md b/modules/vpc-sc/schemas/access-level.schema.md
new file mode 100644
index 000000000..052c0b1a5
--- /dev/null
+++ b/modules/vpc-sc/schemas/access-level.schema.md
@@ -0,0 +1,43 @@
+# VPC-SC access level
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **combining_function**: *string*
+- **conditions**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **device_policy**: *object*
+
*additional properties: false*
+ - **allowed_device_management_levels**: *array*
+ - items: *string*
+ - **allowed_encryption_statuses**: *array*
+ - items: *string*
+ - ⁺**require_admin_approval**: *boolean*
+ - ⁺**require_corp_owned**: *boolean*
+ - **require_screen_lock**: *boolean*
+ - **os_constraints**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **os_type**: *string*
+ - **minimum_version**: *string*
+ - **require_verified_chrome_os**: *boolean*
+ - **ip_subnetworks**: *array*
+ - items: *string*
+ - **members**: *array*
+ - items: *string*
+ - **negate**: *boolean*
+ - **regions**: *array*
+ - items: *string*
+ - **required_access_levels**: *array*
+ - items: *string*
+ - **vpc_subnets**: *object*
+
*additional properties: false*
+ - **`^//compute.googleapis.com/projects/[^/]+/global/networks/[^/]+$`**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/modules/vpc-sc/schemas/egress-policy.schema.json b/modules/vpc-sc/schemas/egress-policy.schema.json
index adc667acc..d7192f5e2 100644
--- a/modules/vpc-sc/schemas/egress-policy.schema.json
+++ b/modules/vpc-sc/schemas/egress-policy.schema.json
@@ -22,6 +22,7 @@
}
},
"identity_type": {
+ "type": "string",
"enum": [
"IDENTITY_TYPE_UNSPECIFIED",
"ANY_IDENTITY",
@@ -97,4 +98,4 @@
}
}
}
-}
+}
\ No newline at end of file
diff --git a/modules/vpc-sc/schemas/egress-policy.schema.md b/modules/vpc-sc/schemas/egress-policy.schema.md
new file mode 100644
index 000000000..69f2585dc
--- /dev/null
+++ b/modules/vpc-sc/schemas/egress-policy.schema.md
@@ -0,0 +1,38 @@
+# VPC-SC egress policy
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **title**: *string*
+- ⁺**from**: *object*
+
*additional properties: false*
+ - **access_levels**: *array*
+ - items: *string*
+ - **identity_type**: *string*
+
*enum: ['IDENTITY_TYPE_UNSPECIFIED', 'ANY_IDENTITY', 'ANY_USER_ACCOUNT', 'ANY_SERVICE_ACCOUNT', '']*
+ - **identities**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+- ⁺**to**: *object*
+
*additional properties: false*
+ - **external_resources**: *array*
+ - items: *string*
+ - **operations**: *array*
+ - items: *object*
+
*additional properties: false*
+ - **method_selectors**: *array*
+ - items: *string*
+ - **permission_selectors**: *array*
+ - items: *string*
+ - ⁺**service_name**: *string*
+ - **resources**: *array*
+ - items: *string*
+ - **roles**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/modules/vpc-sc/schemas/ingress-policy.schema.json b/modules/vpc-sc/schemas/ingress-policy.schema.json
index e970c850b..952a24f5f 100644
--- a/modules/vpc-sc/schemas/ingress-policy.schema.json
+++ b/modules/vpc-sc/schemas/ingress-policy.schema.json
@@ -22,6 +22,7 @@
}
},
"identity_type": {
+ "type": "string",
"enum": [
"IDENTITY_TYPE_UNSPECIFIED",
"ANY_IDENTITY",
@@ -89,4 +90,4 @@
}
}
}
-}
+}
\ No newline at end of file
diff --git a/modules/vpc-sc/schemas/ingress-policy.schema.md b/modules/vpc-sc/schemas/ingress-policy.schema.md
new file mode 100644
index 000000000..c1208bf8c
--- /dev/null
+++ b/modules/vpc-sc/schemas/ingress-policy.schema.md
@@ -0,0 +1,34 @@
+# VPC-SC ingress policy
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **title**: *string*
+- ⁺**from**: *object*
+
*additional properties: false*
+ - **access_levels**: *array*
+ - items: *string*
+ - **identity_type**: *string*
+
*enum: ['IDENTITY_TYPE_UNSPECIFIED', 'ANY_IDENTITY', 'ANY_USER_ACCOUNT', 'ANY_SERVICE_ACCOUNT', '']*
+ - **identities**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+- ⁺**to**: *object*
+
*additional properties: false*
+ - **operations**: *array*
+ - items: *object*
+ - **method_selectors**: *array*
+ - items: *string*
+ - **permission_selectors**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+ - **roles**: *array*
+ - items: *string*
+
+## Definitions
+
diff --git a/modules/vpc-sc/schemas/perimeters.schema.md b/modules/vpc-sc/schemas/perimeters.schema.md
new file mode 100644
index 000000000..cd6a5f8de
--- /dev/null
+++ b/modules/vpc-sc/schemas/perimeters.schema.md
@@ -0,0 +1,45 @@
+# perimeters
+
+
+
+## Properties
+
+*additional properties: false*
+
+- **description**: *string*
+- **title**: *string*
+- **spec**: *object*
+
*additional properties: false*
+ - **access_levels**: *array*
+ - items: *string*
+ - **egress_policies**: *array*
+ - items: *string*
+ - **ingress_policies**: *array*
+ - items: *string*
+ - **restricted_services**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+ - **vpc_accessible_services**: *reference([VpcAccessibleServices](#refs-VpcAccessibleServices))*
+- **status**: *object*
+
*additional properties: false*
+ - **access_levels**: *array*
+ - items: *string*
+ - **egress_policies**: *array*
+ - items: *string*
+ - **ingress_policies**: *array*
+ - items: *string*
+ - **resources**: *array*
+ - items: *string*
+ - **restricted_services**: *array*
+ - items: *string*
+ - **vpc_accessible_services**: *reference([VpcAccessibleServices](#refs-VpcAccessibleServices))*
+- **use_explicit_dry_run_spec**: *boolean*
+
+## Definitions
+
+- **VpcAccessibleServices**: *object*
+
*additional properties: false*
+ - ⁺**allowed_services**: *array*
+ - items: *string*
+ - **enable_restriction**: *boolean*
\ No newline at end of file
diff --git a/tools/schema_docs.py b/tools/schema_docs.py
new file mode 100755
index 000000000..f366e0dd6
--- /dev/null
+++ b/tools/schema_docs.py
@@ -0,0 +1,158 @@
+#!/usr/bin/env python3
+
+# Copyright 2025 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import click
+import collections
+import logging
+import json
+
+from pathlib import Path
+
+DOC = '\n\n'.join(
+ ('# {title}', '', '## Properties',
+ '{properties}', '## Definitions', '{definitions}'))
+
+Array = collections.namedtuple('Array', 'name items default', defaults=[None])
+Boolean = collections.namedtuple('Boolean', 'name default')
+Integer = collections.namedtuple('Integer', 'name default enum')
+Number = collections.namedtuple('Number', 'name default enum')
+Object = collections.namedtuple(
+ 'Object', 'name required additional pattern properties defs')
+Reference = collections.namedtuple('Reference', 'name to')
+String = collections.namedtuple('String', 'name default enum')
+
+
+def parse_node(node, name=None):
+ logging.debug(f'parse {name} type {node.get("type")}')
+ name = name or node.get('title')
+ el_type = node.get('type')
+ match el_type:
+ case 'array':
+ items = node.get('items')
+ items = parse_node(items, 'items') if items else None
+ el = Array(name, items, node.get('default'))
+ case 'boolean':
+ el = Boolean(name, node.get('default'))
+ case 'object':
+ additional = node.get('additionalProperties')
+ if isinstance(additional, dict):
+ additional = parse_node(additional)
+ el = Object(name, node.get('required', []), additional, [], [], [])
+ properties = node.get('properties')
+ if properties:
+ for k in properties:
+ el.properties.append(parse_node(properties[k], k))
+ pattern = node.get('patternProperties')
+ if pattern:
+ for k, v in pattern.items():
+ el.pattern.append(parse_node(v, k))
+ defs = node.get('$defs')
+ if defs:
+ for k, v in defs.items():
+ el.defs.append(parse_node(v, k))
+ case 'integer':
+ el = Integer(name, node.get('default'), node.get('enum'))
+ case 'number':
+ el = Number(name, node.get('default'), node.get('enum'))
+ case 'string':
+ el = String(name, node.get('default'), node.get('enum'))
+ case _:
+ ref = node.get('$ref')
+ if ref:
+ el = Reference(name, ref.split('/')[-1])
+ else:
+ raise ValueError(f'{name} {el_type}')
+ # logging.debug(f'return {el}')
+ return el
+
+
+def render_node(el, level=0, required=False, f_name=lambda f: f'**{f}**'):
+ buffer = []
+ defs_buffer = []
+ indent = ''
+ t = el.__class__.__name__.lower()
+ r = '⁺' if required else ''
+ if level > 0:
+ indent = ' ' * (level - 1)
+ buffer.append(f'{indent}- {r}{f_name(el.name)}: *{t}*')
+ match t:
+ case 'object':
+ if el.additional == False:
+ if level == 0:
+ buffer.append(f'*additional properties: false*\n')
+ else:
+ buffer.append(f'{indent}
*additional properties: false*')
+ elif el.additional:
+ buffer.append(
+ f'{indent} *additional properties: {el.additional.__class__.__name__}*'
+ )
+ if el.properties:
+ for p in el.properties:
+ buffer.append(render_node(p, level + 1, p.name in el.required))
+ if el.pattern:
+ for p in el.pattern:
+ buffer.append(render_node(p, level + 1,
+ f_name=lambda n: f'**`{n}`**'))
+ if level == 0 and el.defs:
+ for p in el.defs:
+ defs_buffer.append(
+ render_node(p, 1,
+ f_name=lambda n: f'**{n}**'))
+ case 'array':
+ if el.items:
+ buffer.append(render_node(el.items, level + 1, f_name=str))
+ case 'reference':
+ buffer[-1] = (
+ f'{indent}- {f_name(el.name)}: *reference([{el.to}](#refs-{el.to}))*')
+ case 'integer' | 'number' | 'string':
+ details = []
+ if el.default:
+ details.append(f'*default: {el.default}*')
+ if el.enum:
+ details.append(f'*enum: {el.enum}*')
+ if details:
+ buffer.append(f'{indent}
{", ".join(details)}')
+ if level == 0:
+ return '\n'.join(buffer), '\n'.join(defs_buffer)
+ return '\n'.join(buffer)
+
+
+@click.command()
+@click.argument('paths', type=str, nargs=-1)
+def main(paths=None):
+ paths = paths or ['.']
+ for p in paths:
+ logging.debug(f'path {p}')
+ p = Path(p)
+ schemas = [p] if p.is_file() else list(p.glob('**/*.schema.json'))
+ for f in schemas:
+ logging.info(f'schema {f}')
+ try:
+ schema = json.load(f.open())
+ except json.JSONDecodeError as e:
+ raise SystemExit(f'error decoding file {f}: {e.args[0]}')
+ tree = parse_node(schema)
+ props, defs = render_node(tree)
+ doc = DOC.format(title=schema.get('title'), properties=props,
+ definitions=defs or '')
+ f_doc = f.with_suffix('.md')
+ f_doc.write_text(doc)
+ logging.info(f'doc {f}')
+
+
+if __name__ == '__main__':
+ logging.basicConfig(level=logging.DEBUG)
+ main()