* PF: fix reference to automation SAs in IAM block in service accounts for PF
* add test
---------
Co-authored-by: Luca Prete <lucaprete@google.com>
Co-authored-by: Ludo <ludomagno@google.com>
* Remove bridge perimeters
* Update FAST stages
* Allow project ids in perimeter definitions
* Preserve order order for ingress/egress policies
* Use CAI
* Use CAI
* Fix tests
* AlloyDB read poll support and various usability fixes
* Added support for read poll instances.
* Added support for public (outbound) IPs.
* Added new arguments: `machine_type`, `skip_await_major_version_upgrade`, and `subscription_type`.
* Added outputs for key cluster attributes, including ID and name.
* Improved input variable validations and simplified configurations.
* Fixed bug where AlloyDB user accounts always had null passwords.
* Resolved Terraform state drift issues for `network_config` and `psc_config`.
* Fixed `continuous_backup_config` always being implicitly or explicitly enabled.
* Fixed `automated_backup_policy` and `maintenance_update_policy`, which do not support non-zero minutes, seconds and nanos.
* Fixed various typos.
* Aligned the format of test examples.
* Fixed invalid condition: authorized external networks require enabled public IP, however enabled public IP can have empty authorized external networks
* Formatting
* Fix PSA block
---------
Co-authored-by: Julio Castillo <jccb@google.com>
* Add deletion_policy to project-factory module
* Use project deletion_policy in object normalization
* Replicate changes in net-vpc-factory
---------
Co-authored-by: Julio Castillo <jccb@google.com>
This pull request introduces the `net-vpc-factory` module. This new factory handles:
* Project setup (most of what's supported by the `project` module)
* VPC setup
* Routing
* Subnets
* Connectivity options
* NCC (hub, VPC spokes and VPN hybrid spokes)
* Peerings
* VPN (GCP-to-onprem and GCP-to-GCP)
* NAT (everything supported by the `net-cloudnat` module)
* DNS (everything supported by the `dns` module)
* Firewall (everything supported by the `net-vpc-firewall` module)
* Added variable for activating nat and implementation in google_apigee_net_address resource
* Regenerated readme
* Added tests for nat & activation
* Removed unnecessary coalesce
* Fixed test params
* Added test to confirm activate is working
* Remove service account key upload. Add create_ignore_already_exists
* Add tag bindings to service accounts
* Add description to create_ignore_already_exists
* Remove broken links
* Allow disabling IP access to GKE control plane
* Add additive VPC scope DNS domain to gke clusters
* Fix typo
* Bump provider to 6.27.0
* Update readme
* Staging the New Variable change and the flag endablement for 'invoker_iam_disabled' in the 'google_cloud_run_v2_service' resouece associated with the 'cloud-run-v2' module.
* Updating tfdocs to include the new variables for the 'invoker_iam_disabled' flag in the 'google_cloud_run_v2_service' resource in module 'cloud-run-v2'
* Updating the testing in the readme for the cloud-run-v2 module.
* Fixing an issue with links in README.md Docs
* Fixing README.md linting.
* Add perimeter factory
Proposal to allow the management of perimeters in yaml factory.
Project discovery is extended to multiple perimeters with query filtering.
Doc clean uo
* default perimeters desc to null
* linting
* Revert changes to FAST
* Remove test and schema from FAST
* Align vars and perimeter factory
* Interpolate resource_sets in more places
* Silence linter
* Update README.md
---------
Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Ludovico Magnocavallo <ludo@qix.it>
* Increase the default complexity of DB passwords in order to meet password_validation_policy.default_complexity
* Use password_validation_policy.min_length if provided
* Explicitly generate a root_password if not provided
* Use object (password, random_password) for root_password config
* Make root_password non-nullable, and add validation against specifying both a password and `random_password`.
Fix test for stronger password generation.
* Add example for root_password and password_validation_policy
* Rerun tfdoc.py
---------
Co-authored-by: Julio Castillo <jccb@google.com>
* Fix the missing locality_lb_policy value and add validation for it
* Added variables, dynamic blocks and validation to support locality_lb_policy/ies
* Formatting
* tfdoc generation
* Fix net-lb-app-ext readme
* Fixes for Ludo, coalesce and brevity
* fmt
* Revert null check due to failing tests
---------
Co-authored-by: Jack Lever <jack@thelevers.com.au>
Co-authored-by: Ludo <ludomagno@google.com>
