Start the deprecation process of the old networking stages (#3451)

This PR renames `2-networking-foo` stages to `2-networking-legacy-foo` - including references of stages in docs and tests. **Breaking Changes** ```upgrade-note `fast/stages/2-networking-a-simple`: The stage is being deprecated, and superseded the `2-networking` FAST stage, introduced in #3435 `fast/stages/2-networking-b-nva`: The stage is being deprecated, and superseded the `2-networking` FAST stage, introduced in #3435 `fast/stages/2-networking-c-separate-envs`: The stage is being deprecated, and superseded the `2-networking` FAST stage, introduced in #3435 `modules/net-vpc-factory`: The module has been deprecated, and superseded the `2-networking` FAST stage, introduced in #3435 ```
2025-10-22 16:31:14 +02:00
parent 7ea9612b07
commit de8ebefe17
215 changed files with 32 additions and 5714 deletions
--- a/README.md
+++ b/README.md
@@ -30,7 +30,7 @@ Currently available modules:

 - **foundational** - [billing account](./modules/billing-account), [Cloud Identity group](./modules/cloud-identity-group/), [folder](./modules/folder), [service accounts](./modules/iam-service-account), [logging bucket](./modules/logging-bucket), [organization](./modules/organization), [project](./modules/project), [projects-data-source](./modules/projects-data-source)
 - **process factories** - [project factory](./modules/project-factory/README.md)
- **networking** - [DNS](./modules/dns), [DNS Response Policy](./modules/dns-response-policy/), [Cloud Endpoints](./modules/endpoints), [address reservation](./modules/net-address), [NAT](./modules/net-cloudnat), [VLAN Attachment](./modules/net-vlan-attachment/), [External Application LB](./modules/net-lb-app-ext/), [External Passthrough Network LB](./modules/net-lb-ext), [External Regional Application Load Balancer](./modules/net-lb-app-ext-regional/), [Firewall policy](./modules/net-firewall-policy), [Internal Application LB](./modules/net-lb-app-int), [Cross-region Internal Application LB](./modules/net-lb-app-int-cross-region), [Internal Passthrough Network LB](./modules/net-lb-int), [Internal Proxy Network LB](./modules/net-lb-proxy-int), [IPSec over Interconnect](./modules/net-ipsec-over-interconnect), [VPC](./modules/net-vpc), [VPC factory](./modules/net-vpc-factory/README.md), [VPC firewall](./modules/net-vpc-firewall), [VPC peering](./modules/net-vpc-peering), [VPN dynamic](./modules/net-vpn-dynamic), [HA VPN](./modules/net-vpn-ha), [VPN static](./modules/net-vpn-static), [Service Directory](./modules/service-directory), [Secure Web Proxy](./modules/net-swp)
+- **networking** - [DNS](./modules/dns), [DNS Response Policy](./modules/dns-response-policy/), [Cloud Endpoints](./modules/endpoints), [address reservation](./modules/net-address), [NAT](./modules/net-cloudnat), [VLAN Attachment](./modules/net-vlan-attachment/), [External Application LB](./modules/net-lb-app-ext/), [External Passthrough Network LB](./modules/net-lb-ext), [External Regional Application Load Balancer](./modules/net-lb-app-ext-regional/), [Firewall policy](./modules/net-firewall-policy), [Internal Application LB](./modules/net-lb-app-int), [Cross-region Internal Application LB](./modules/net-lb-app-int-cross-region), [Internal Passthrough Network LB](./modules/net-lb-int), [Internal Proxy Network LB](./modules/net-lb-proxy-int), [IPSec over Interconnect](./modules/net-ipsec-over-interconnect), [VPC](./modules/net-vpc), [VPC firewall](./modules/net-vpc-firewall), [VPC peering](./modules/net-vpc-peering), [VPN dynamic](./modules/net-vpn-dynamic), [HA VPN](./modules/net-vpn-ha), [VPN static](./modules/net-vpn-static), [Service Directory](./modules/service-directory), [Secure Web Proxy](./modules/net-swp)
 - **compute** - [VM/VM group](./modules/compute-vm), [MIG](./modules/compute-mig), [COS container](./modules/cloud-config-container/cos-generic-metadata/) (coredns, mysql, onprem, squid), [GKE cluster](./modules/gke-cluster-standard), [GKE hub](./modules/gke-hub), [GKE nodepool](./modules/gke-nodepool), [GCVE private cloud](./modules/gcve-private-cloud)
 - **data** - [AlloyDB instance](./modules/alloydb), [Analytics Hub](./modules/analytics-hub), [BigQuery connection](./modules/bigquery-connection), [BigQuery dataset](./modules/bigquery-dataset), [Biglake Catalog](./modules/biglake-catalog), [Bigtable instance](./modules/bigtable-instance), [Dataplex](./modules/dataplex), [Dataplex Aspect Types](./modules/dataplex-aspect-types/), [Dataplex DataScan](./modules/dataplex-datascan), [Cloud SQL instance](./modules/cloudsql-instance), [Spanner instance](./modules/spanner-instance), [Firestore](./modules/firestore), [Data Catalog Policy Tag](./modules/data-catalog-policy-tag), [Data Catalog Tag](./modules/data-catalog-tag), [Data Catalog Tag Template](./modules/data-catalog-tag-template), [Datafusion](./modules/datafusion), [Dataproc](./modules/dataproc), [GCS](./modules/gcs), [Pub/Sub](./modules/pubsub), [Dataform Repository](./modules/dataform-repository/), [Looker Core](./modules/looker-core)
 - **AI** - [AI Applications](./modules/ai-applications/README.md)
--- a/adrs/fast/addon-stages.md
+++ b/adrs/fast/addon-stages.md
@@ -54,9 +54,9 @@ fast
    ├── 0-bootstrap
    ├── 1-resman
    ├── 1-vpcsc
-    ├── 2-networking-a-simple
-    ├── 2-networking-b-nva
-    ├── 2-networking-c-separate-envs
+    ├── 2-networking-legacy-a-simple
+    ├── 2-networking-legacy-b-nva
+    ├── 2-networking-legacy-c-separate-envs
    ├── 2-project-factory
    ├── 2-security
    ├── 3-gcve-dev
--- a/fast/extras/0-cicd-gitlab/README.md
+++ b/fast/extras/0-cicd-gitlab/README.md
@@ -179,7 +179,7 @@ projects = {
      }
    }
    group         = "net-admins"
-    populate_from = "../../stages/2-networking-a-peering"
+    populate_from = "../../stages/2-networking-legacy-a-peering"
    workflow_file = "networking-workflow.yaml"
  }
 }
@@ -235,7 +235,7 @@ projects = {
      }
    }
    group           = "net-admins"
-    populate_from   = "../../stages/2-networking-a-peering"
+    populate_from   = "../../stages/2-networking-legacy-a-peering"
    populate_sample = true
    workflow_file   = "networking-workflow.yaml"
  }
@@ -290,7 +290,7 @@ projects = {
      }
    }
    group           = "net-admins"
-    populate_from   = "../../stages/2-networking-a-peering"
+    populate_from   = "../../stages/2-networking-legacy-a-peering"
    populate_sample = true
    workflow_file   = "networking-workflow.yaml"
  }
--- a/fast/extras/0-cicd-gitlab/terraform.tfvars.sample
+++ b/fast/extras/0-cicd-gitlab/terraform.tfvars.sample
@@ -46,7 +46,7 @@ projects = {
      }
    }
    group            = "net-admins"
-    populate_from    = "../../stages/2-networking-a-peering"
+    populate_from    = "../../stages/2-networking-legacy-a-peering"
    populate_samples = true
    workflow_file    = "networking-workflow.yaml"
  }
--- a/fast/stages/2-networking-legacy-a-simple/.fast-stage.env
+++ b/fast/stages/2-networking-legacy-a-simple/.fast-stage.env
--- a/fast/stages/2-networking-legacy-a-simple/.gitignore
+++ b/fast/stages/2-networking-legacy-a-simple/.gitignore
--- a/fast/stages/2-networking-legacy-a-simple/IAM.md
+++ b/fast/stages/2-networking-legacy-a-simple/IAM.md
--- a/fast/stages/2-networking-legacy-a-simple/README.md
+++ b/fast/stages/2-networking-legacy-a-simple/README.md
@@ -110,7 +110,7 @@ This is a summary of the main options:
 - [NCC](https://cloud.google.com/network-connectivity/docs/network-connectivity-center)
  - Pros: full bandwidth with no configurations, no extra latency, transitivity between spokes, feature (PSC transitivity, Private NAT, rich roadmap)
  - Cons: traffic between spokes incour charges, architectures involving NVAs can't currently easily be implemented
- [Multi-NIC appliances](https://cloud.google.com/architecture/best-practices-vpc-design#multi-nic) (implemented by [2-networking-b-nva](../2-networking-b-nva/)
+- [Multi-NIC appliances](https://cloud.google.com/architecture/best-practices-vpc-design#multi-nic) (implemented by [2-networking-legacy-b-nva](../2-networking-legacy-b-nva/)
  - Pros: additional security features (e.g. IPS), potentially better integration with on-prem systems by using the same vendor
  - Cons: complex HA/failover setup, limited by VM bandwidth and scale, additional costs for VMs and licenses, out of band management of a critical cloud component

--- a/fast/stages/2-networking-legacy-a-simple/data/cidrs.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/cidrs.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/dashboards/firewall_insights.json
+++ b/fast/stages/2-networking-legacy-a-simple/data/dashboards/firewall_insights.json
--- a/fast/stages/2-networking-legacy-a-simple/data/dashboards/vpc_and_vpc_peering_group_quotas.json
+++ b/fast/stages/2-networking-legacy-a-simple/data/dashboards/vpc_and_vpc_peering_group_quotas.json
--- a/fast/stages/2-networking-legacy-a-simple/data/dashboards/vpn.json
+++ b/fast/stages/2-networking-legacy-a-simple/data/dashboards/vpn.json
--- a/fast/stages/2-networking-legacy-a-simple/data/dns-policy-rules.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/dns-policy-rules.yaml
--- a/fast/stages/2-networking-c-separate-envs/data/firewall-rules/prod/default-ingress.yaml
+++ b/fast/stages/2-networking-c-separate-envs/data/firewall-rules/prod/default-ingress.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/firewall-rules/dev/rules.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/firewall-rules/dev/rules.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/firewall-rules/landing/default-ingress.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/firewall-rules/landing/default-ingress.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/firewall-rules/landing/rules.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/firewall-rules/landing/rules.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/firewall-rules/prod/default-ingress.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/firewall-rules/prod/default-ingress.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/hierarchical-ingress-rules.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/hierarchical-ingress-rules.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/subnets/dev/dev-dataplatform.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/subnets/dev/dev-dataplatform.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/subnets/dev/dev-default.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/subnets/dev/dev-default.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/subnets/dev/dev-gke-nodes.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/subnets/dev/dev-gke-nodes.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/subnets/landing/landing-default.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/subnets/landing/landing-default.yaml
--- a/fast/stages/2-networking-legacy-a-simple/data/subnets/prod/prod-default.yaml
+++ b/fast/stages/2-networking-legacy-a-simple/data/subnets/prod/prod-default.yaml
--- a/fast/stages/2-networking-legacy-a-simple/diagram-ncc.png
+++ b/fast/stages/2-networking-legacy-a-simple/diagram-ncc.png
--- a/fast/stages/2-networking-legacy-a-simple/diagram-ncc.svg
+++ b/fast/stages/2-networking-legacy-a-simple/diagram-ncc.svg
--- a/fast/stages/2-networking-legacy-a-simple/diagram-peering.png
+++ b/fast/stages/2-networking-legacy-a-simple/diagram-peering.png
--- a/fast/stages/2-networking-legacy-a-simple/diagram-peering.svg
+++ b/fast/stages/2-networking-legacy-a-simple/diagram-peering.svg
--- a/fast/stages/2-networking-legacy-a-simple/diagram-vpn.png
+++ b/fast/stages/2-networking-legacy-a-simple/diagram-vpn.png
--- a/fast/stages/2-networking-legacy-a-simple/diagram-vpn.svg
+++ b/fast/stages/2-networking-legacy-a-simple/diagram-vpn.svg
--- a/fast/stages/2-networking-legacy-a-simple/dns-dev.tf
+++ b/fast/stages/2-networking-legacy-a-simple/dns-dev.tf
--- a/fast/stages/2-networking-legacy-a-simple/dns-landing.tf
+++ b/fast/stages/2-networking-legacy-a-simple/dns-landing.tf
--- a/fast/stages/2-networking-legacy-a-simple/dns-prod.tf
+++ b/fast/stages/2-networking-legacy-a-simple/dns-prod.tf
--- a/fast/stages/2-networking-legacy-a-simple/fast_version.txt
+++ b/fast/stages/2-networking-legacy-a-simple/fast_version.txt
--- a/fast/stages/2-networking-legacy-a-simple/main.tf
+++ b/fast/stages/2-networking-legacy-a-simple/main.tf
--- a/fast/stages/2-networking-legacy-a-simple/monitoring-vpn.tf
+++ b/fast/stages/2-networking-legacy-a-simple/monitoring-vpn.tf
--- a/fast/stages/2-networking-legacy-a-simple/monitoring.tf
+++ b/fast/stages/2-networking-legacy-a-simple/monitoring.tf
--- a/fast/stages/2-networking-legacy-a-simple/net-dev.tf
+++ b/fast/stages/2-networking-legacy-a-simple/net-dev.tf
--- a/fast/stages/2-networking-legacy-a-simple/net-landing.tf
+++ b/fast/stages/2-networking-legacy-a-simple/net-landing.tf
--- a/fast/stages/2-networking-legacy-a-simple/net-prod.tf
+++ b/fast/stages/2-networking-legacy-a-simple/net-prod.tf
--- a/fast/stages/2-networking-legacy-a-simple/outputs.tf
+++ b/fast/stages/2-networking-legacy-a-simple/outputs.tf
--- a/fast/stages/2-networking-legacy-a-simple/regions.tf
+++ b/fast/stages/2-networking-legacy-a-simple/regions.tf
--- a/fast/stages/2-networking-legacy-a-simple/schemas/dns-response-policy-rules.json
+++ b/fast/stages/2-networking-legacy-a-simple/schemas/dns-response-policy-rules.json
--- a/fast/stages/2-networking-legacy-a-simple/schemas/firewall-policy-rules.schema.json
+++ b/fast/stages/2-networking-legacy-a-simple/schemas/firewall-policy-rules.schema.json
--- a/fast/stages/2-networking-legacy-a-simple/schemas/firewall-policy-rules.schema.md
+++ b/fast/stages/2-networking-legacy-a-simple/schemas/firewall-policy-rules.schema.md
--- a/fast/stages/2-networking-legacy-a-simple/schemas/firewall-rules.schema.json
+++ b/fast/stages/2-networking-legacy-a-simple/schemas/firewall-rules.schema.json
--- a/fast/stages/2-networking-legacy-a-simple/schemas/firewall-rules.schema.md
+++ b/fast/stages/2-networking-legacy-a-simple/schemas/firewall-rules.schema.md
--- a/fast/stages/2-networking-legacy-a-simple/schemas/subnet.schema.json
+++ b/fast/stages/2-networking-legacy-a-simple/schemas/subnet.schema.json
--- a/fast/stages/2-networking-legacy-a-simple/schemas/subnet.schema.md
+++ b/fast/stages/2-networking-legacy-a-simple/schemas/subnet.schema.md
--- a/fast/stages/2-networking-legacy-a-simple/spoke-ncc.tf
+++ b/fast/stages/2-networking-legacy-a-simple/spoke-ncc.tf
--- a/fast/stages/2-networking-legacy-a-simple/spoke-peerings.tf
+++ b/fast/stages/2-networking-legacy-a-simple/spoke-peerings.tf
--- a/fast/stages/2-networking-legacy-a-simple/spoke-vpns.tf
+++ b/fast/stages/2-networking-legacy-a-simple/spoke-vpns.tf
--- a/fast/stages/2-networking-legacy-a-simple/variables-fast.tf
+++ b/fast/stages/2-networking-legacy-a-simple/variables-fast.tf
--- a/fast/stages/2-networking-legacy-a-simple/variables.tf
+++ b/fast/stages/2-networking-legacy-a-simple/variables.tf
--- a/fast/stages/2-networking-legacy-a-simple/vpn-onprem.tf
+++ b/fast/stages/2-networking-legacy-a-simple/vpn-onprem.tf
--- a/fast/stages/2-networking-legacy-b-nva/.fast-stage.env
+++ b/fast/stages/2-networking-legacy-b-nva/.fast-stage.env
--- a/fast/stages/2-networking-legacy-b-nva/README.md
+++ b/fast/stages/2-networking-legacy-b-nva/README.md
@@ -157,13 +157,13 @@ Internal connectivity (e.g. between the trusted landing VPC and the spokes) is r

 This is an options summary:

- [VPC Peering](https://cloud.google.com/vpc/docs/vpc-peering) (used here to connect the trusted landing VPC with the spokes, also used by [02-networking-a-simple](../2-networking-a-simple/))
+- [VPC Peering](https://cloud.google.com/vpc/docs/vpc-peering) (used here to connect the trusted landing VPC with the spokes, also used by [02-networking-legacy-a-simple](../2-networking-legacy-a-simple/))
  - Pros: no additional costs, full bandwidth with no configurations, no extra latency
  - Cons: no transitivity (e.g. to GKE masters, Cloud SQL, etc.), no selective exchange of routes, several quotas and limits shared between VPCs in a peering group
 - [Multi-NIC appliances](https://cloud.google.com/architecture/best-practices-vpc-design#multi-nic) (used here to connect the trusted landing and DMZ)
  - Pros: provides additional security features (e.g. IPS), potentially better integration with on-prem systems by using the same vendor
  - Cons: complex HA/failover setup (for the "Simple NVA" setup), limited by VM bandwidth and scale, additional costs for VMs and licenses, out of band management of a critical cloud component
- [HA VPN](https://cloud.google.com/network-connectivity/docs/vpn/concepts/topologies) (used by [02-networking-a-simple](../2-networking-a-simple/) in VPN mode)
+- [HA VPN](https://cloud.google.com/network-connectivity/docs/vpn/concepts/topologies) (used by [02-networking-legacy-a-simple](../2-networking-legacy-a-simple/) in VPN mode)
  - Pros: simple compatibility with GCP services that leverage peering internally, better control on routes, avoids peering groups shared quotas and limits
  - Cons: additional costs, marginal increase in latency, requires multiple tunnels for full bandwidth

--- a/fast/stages/2-networking-legacy-b-nva/data/bgp-config.tftpl
+++ b/fast/stages/2-networking-legacy-b-nva/data/bgp-config.tftpl
--- a/fast/stages/2-networking-legacy-b-nva/data/cidrs.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/cidrs.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/dashboards/firewall_insights.json
+++ b/fast/stages/2-networking-legacy-b-nva/data/dashboards/firewall_insights.json
--- a/fast/stages/2-networking-legacy-b-nva/data/dashboards/vpc_and_vpc_peering_group_quotas.json
+++ b/fast/stages/2-networking-legacy-b-nva/data/dashboards/vpc_and_vpc_peering_group_quotas.json
--- a/fast/stages/2-networking-legacy-b-nva/data/dashboards/vpn.json
+++ b/fast/stages/2-networking-legacy-b-nva/data/dashboards/vpn.json
--- a/fast/stages/2-networking-legacy-b-nva/data/dns-policy-rules.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/dns-policy-rules.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dev/default-ingress.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dev/default-ingress.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dev/rules.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dev/rules.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dmz/bgp.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dmz/bgp.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dmz/default-ingress.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dmz/default-ingress.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dmz/rules.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/dmz/rules.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/landing/bgp.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/landing/bgp.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/landing/default-ingress.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/landing/default-ingress.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/landing/rules.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/landing/rules.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/prod/default-ingress.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/prod/default-ingress.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/regional-pri/default-ingress.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/regional-pri/default-ingress.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/regional-pri/rules.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/regional-pri/rules.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/regional-sec/default-ingress.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/regional-sec/default-ingress.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/regional-sec/rules.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/firewall-rules/regional-sec/rules.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/hierarchical-ingress-rules.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/hierarchical-ingress-rules.yaml
--- a/fast/stages/2-networking-c-separate-envs/data/subnets/dev/dev-dataplatform.yaml
+++ b/fast/stages/2-networking-c-separate-envs/data/subnets/dev/dev-dataplatform.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/dev/dev-default-pri.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/dev/dev-default-pri.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/dev/dev-default-sec.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/dev/dev-default-sec.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/dev/dev-gke-nodes.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/dev/dev-gke-nodes.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/dmz/dmz-default-pri.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/dmz/dmz-default-pri.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/dmz/dmz-default-sec.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/dmz/dmz-default-sec.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/landing/landing-default-pri.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/landing/landing-default-pri.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/landing/landing-default-sec.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/landing/landing-default-sec.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/prod/prod-default-pri.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/prod/prod-default-pri.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/prod/prod-default-sec.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/prod/prod-default-sec.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/regional-pri/landing-default-pri.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/regional-pri/landing-default-pri.yaml
--- a/fast/stages/2-networking-legacy-b-nva/data/subnets/regional-sec/landing-default-sec.yaml
+++ b/fast/stages/2-networking-legacy-b-nva/data/subnets/regional-sec/landing-default-sec.yaml
--- a/fast/stages/2-networking-legacy-b-nva/diagram-ncc.png
+++ b/fast/stages/2-networking-legacy-b-nva/diagram-ncc.png
--- a/fast/stages/2-networking-legacy-b-nva/diagram-ncc.svg
+++ b/fast/stages/2-networking-legacy-b-nva/diagram-ncc.svg
--- a/fast/stages/2-networking-legacy-b-nva/diagram-regional.svg
+++ b/fast/stages/2-networking-legacy-b-nva/diagram-regional.svg
--- a/fast/stages/2-networking-legacy-b-nva/diagram-simple.png
+++ b/fast/stages/2-networking-legacy-b-nva/diagram-simple.png
--- a/fast/stages/2-networking-legacy-b-nva/diagram-simple.svg
+++ b/fast/stages/2-networking-legacy-b-nva/diagram-simple.svg
--- a/fast/stages/2-networking-legacy-b-nva/dns-dev.tf
+++ b/fast/stages/2-networking-legacy-b-nva/dns-dev.tf
--- a/fast/stages/2-networking-legacy-b-nva/dns-landing.tf
+++ b/fast/stages/2-networking-legacy-b-nva/dns-landing.tf
--- a/fast/stages/2-networking-legacy-b-nva/dns-prod.tf
+++ b/fast/stages/2-networking-legacy-b-nva/dns-prod.tf
--- a/fast/stages/2-networking-legacy-b-nva/fast_version.txt
+++ b/fast/stages/2-networking-legacy-b-nva/fast_version.txt
--- a/fast/stages/2-networking-legacy-b-nva/main.tf
+++ b/fast/stages/2-networking-legacy-b-nva/main.tf
--- a/fast/stages/2-networking-legacy-b-nva/monitoring-vpn-onprem.tf
+++ b/fast/stages/2-networking-legacy-b-nva/monitoring-vpn-onprem.tf
--- a/Show More
+++ b/Show More