kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,074 Commits 1 Branch 1 Tag
49f0e9d2fc8edffa71f94a7b001431d712b8558e
Commit Graph

927 Commits

Author SHA1 Message Date
apichick
a39874413d Updated network config variables in GKE node pool (#3052) 2025-04-21 20:44:39 +02:00
Ludovico Magnocavallo
5adba9a018 New Dataplex Aspect Types module (#3050) 
* README and tests missing

* default location value

* tested

* READMEs
 2025-04-20 11:25:13 +02:00
Ludo
205a43a96f prepare v39.0.0 2025-04-18 17:44:29 +02:00
Ludo
2b0a9db8ed Merge branch 'fast-dev' 2025-04-18 17:34:08 +02:00
Ludo
89e68a8e22 prepare v38.2.0 2025-04-18 17:32:51 +02:00
Ludo
c65a8afa6f streamline vpc-sc moved file 2025-04-18 17:28:25 +02:00
simonebruzzechesse
1e2eea1296 2-secops stage (#3038) 
* new 2-secops stage
* new 3-secops-dev stage

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-04-18 15:57:29 +02:00
Simone Ruffilli
c6c4cc71d5 Pathexpand all factory data paths (#3033) 
* Pathexpand all factory data paths

* fix net monitoring paths

* fix file paths

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-04-16 13:28:10 +02:00
Ludo
4821ac2c07 Merge remote-tracking branch 'origin/master' into fast-dev 2025-04-16 12:13:35 +02:00
Ludovico Magnocavallo
ade7fb32b0 rename stage_config output/variables to stage_configs (#3042) 2025-04-16 09:34:01 +00:00
Francisco P
41df4e09bc Add managed Kafka (#3035) 
* Add managed Kafka project template with configuration and variable definitions

* Refactor managed Kafka configuration to use a single kafka_config object for improved clarity and maintainability

* Add Apache License 2.0 header to managed Kafka template files

* Update README and add project.yaml for Managed Kafka cluster setup

* Update README to skip tftest validation for managed Kafka module
 2025-04-15 18:15:46 +00:00
karpok78
639a86e626 PF SA fix for budget alert (#3036) 
Allowing PF RO SA to parse budget alerts
 2025-04-13 13:14:32 +00:00
Simone Ruffilli
d20fc9333b Update CICD section of 0-bootstrap. (#3032) 
Update CICD section of 0-bootstrap.
Fixes #2930
 2025-04-12 09:45:58 +02:00
Sepehr Javid
8b9979d93e add tag binding for stage folder config (#3028) 
* add tag binding for stage folder config

* update readme

* address comment

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-04-11 15:34:47 +00:00
Ludovico Magnocavallo
4811f72a6c Add FAST to Python linting check (#3026) 
* turn on Python linting for fast
* remove secops.py

---------

Co-authored-by: bruzzechesse <bruzzechesse@google.com>
 2025-04-11 16:48:17 +02:00
Ludo
594a9695ab Merge remote-tracking branch 'origin/master' into fast-dev 2025-04-11 15:52:37 +02:00
simonebruzzechesse
a747653e88 SecOps Anonymization improvements (#3013) 
* update secops anonymization pipeline with new chronicle APIs
 2025-04-11 15:14:05 +02:00
Simone Ruffilli
3c91acd181 Replace all instances of stackdriver.googleapis.com with log+mon (#3022) 
Replace all instances of stackdriver.googleapis.com with logging.googleapis.com  and monitoring.googleapis.com.
Fixes #2932
 2025-04-11 12:04:50 +00:00
Ludovico Magnocavallo
7b993cd2f1 allow configuring dns zone names in FAST networking stages (#3021) 2025-04-09 18:53:20 +02:00
Luca Prete
f7a0958e17 [FAST] Remove object creator permission from storage viewer custom role (#3020) 2025-04-09 16:39:20 +02:00
Julio Castillo
b2e26e50ae Enable storage.restrictAuthTypes org policy (#3017) 2025-04-08 15:43:24 +02:00
Matt
db165721f3 Add OKTA WIF provider definition (#3015) 
Co-authored-by: Julio Castillo <jccb@google.com>
 2025-04-08 12:48:06 +00:00
Ludovico Magnocavallo
bdc97a54c7 Properly support org policy tags in resman/project factory (#3014) 
* allow setting IAM for org policy tags, add org policy tags to pf context

* allow tag id substitution

* tfdoc
 2025-04-08 14:24:46 +02:00
Wiktor Niesiobędzki
9c93c6daa4 Add trusted images projects 2025-04-06 12:49:16 +02:00
Ludovico Magnocavallo
7aba2c1b58 allow external config of restricted services base set in vpc-sc stage (#3009) 2025-04-04 12:04:15 +00:00
Ludovico Magnocavallo
69188fa9d9 Implement support for VPC-SC perimeter membership from project factory (#3007) 
* support project factory-level vpc-sc perimeter interpolation

* fix ro role

* add support for IAM on service accounts

* fix typo
 2025-04-04 11:45:22 +00:00
JayKim
25b6020a14 Fix stage-3 CICD SA access (#3005) 2025-04-03 19:17:04 +00:00
Julio Castillo
f656a37c40 Merge branch 'master' into fast-dev 2025-04-02 14:07:33 +02:00
Julio Castillo
0c334a6128 Add roles support to VPC-SC (#3000) 2025-04-02 09:39:04 +02:00
Julio Castillo
bd829e6ba3 Allow disabling GKE IP endpoints and setting GKE VPC scope DNS domain (#2997) 
* Allow disabling IP access to GKE control plane

* Add additive VPC scope DNS domain to gke clusters

* Fix typo

* Bump provider to 6.27.0

* Update readme
 2025-04-02 07:03:58 +00:00
Wiktor Niesiobędzki
bea36cb047 Add requireInvokerIam constraint to the polices to prevent public exposure of Cloud Run services 2025-03-31 20:46:48 +02:00
simonebruzzechesse
1809552f8a Improve SecOps Anonymization pipeline (#2988) 
* update secops anonymization pipeline with new chronicle APIs

* improvements to doc for secops anonymization pipeline

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-03-29 19:09:37 +01:00
Ludovico Magnocavallo
554cc47707 Mongodb Atlas project template (#2986) 
* mongodb project definition

* wip

* add psc output to net-address module

* wip

* wip

* initial README, test

* remove providers file

* boilerplate

* tfdoc

* test

* fix unrelated test

* outputs, better README
 2025-03-29 08:43:27 +00:00
Ludo
0facab6724 Merge remote-tracking branch 'origin/master' into fast-dev 2025-03-28 09:38:22 +01:00
Luca Prete
ffb1452dbd Allow to specify function egress settings without using a VPC connector (#2967) 2025-03-19 10:38:33 +00:00
Ludovico Magnocavallo
b1c85962b8 update FAST diagram (#2961) 2025-03-17 12:48:14 +00:00
Ludovico Magnocavallo
9b04cb130a fix module ref in vpc-sc stage output (#2947) 2025-03-10 11:30:54 +00:00
Ludo
2861078898 Merge remote-tracking branch 'origin/master' into fast-dev 2025-03-10 09:52:26 +01:00
Simone Ruffilli
dda9002266 Fast 2-networking-a: removed obsolete not about lack of PSC transitivity 2025-03-05 06:55:59 +00:00
Ludovico Magnocavallo
94a406a3ef Update fast/stages/2-project-factory/outputs.tf 
Co-authored-by: Wiktor Niesiobędzki <github@vink.pl>
 2025-03-04 09:06:27 +01:00
Laurent Al Hossri
103548a8f3 fix(project_factory): bucket definition updated due to change on project factory module 2025-03-04 09:06:27 +01:00
Laurent Al Hossri
49e211b231 fix(project_factory): add condition on for_each to avoid creating a local file on non existing directory /providers if outputs_location is empty 2025-03-04 09:06:27 +01:00
dgourillon
cae5090cee Allow different principal types in bootstrap user variable (#2922) 
* handle the iam_user_bootstrap_bindings with a local.bootstrap_user to handle the case where var.bootstrap_user is a WIF user (starts with principal:// and does not require to be added the prefix user:)

* terraform fmt

* fix linting

* lint fix

* reran terraform fmt

* Fix condition

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-02-25 11:14:25 +00:00
Julio Castillo
3ed801c464 Use VPC-SC perimeter factory in FAST 1-vpcsc stage (#2928) 
* Use VPC-SC perimeter factory in FAST 1-vpcsc stage

* Add boilerplate

* Fix linter and schema checks

* Fix tests

* Fix schemas
 2025-02-24 12:29:51 +00:00
Antoine Méausoone
ffeb75100c fix(bootstrap): fix custom roles billing viewer duplicate permissions (#2927) 2025-02-24 12:52:30 +01:00
Wiktor Niesiobędzki
fea88ade66 Add limits for stage_names and environment 2025-02-23 18:33:32 +01:00
JayKim
1dce672d16 Fix CICD SA access (#2923) 2025-02-23 08:04:10 +01:00
dependabot[bot]
b73114c0a8 Bump requests (#2918) 
Bumps [requests](https://github.com/psf/requests) from 2.27.1 to 2.32.2.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.27.1...v2.32.2)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-02-21 09:03:12 +00:00
Ludo
60a4179c98 fast moved file 2025-02-21 09:42:42 +01:00
Julio Castillo
21253a1768 Add title to VPC-SC directional policies (#2909) 
* Add title to VPC-SC directional policies

* Ignore versions.tf in diffs

* Update versions.tf

* Fail if a perimeter uses unknown directional policies
 2025-02-20 08:48:08 +00:00