kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,044 Commits 1 Branch 1 Tag
8b9979d93e8ca3f79ceee969389d96aba364a136
Commit Graph

6044 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sepehr Javid
8b9979d93e add tag binding for stage folder config (#3028) 
* add tag binding for stage folder config

* update readme

* address comment

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-04-11 15:34:47 +00:00
Ludovico Magnocavallo
4811f72a6c Add FAST to Python linting check (#3026) 
* turn on Python linting for fast
* remove secops.py

---------

Co-authored-by: bruzzechesse <bruzzechesse@google.com>
 2025-04-11 16:48:17 +02:00
Wiktor Niesiobędzki
dddd42dd07 Apply recent changes to factory-projects-object.tf to vpc-factory 2025-04-11 16:28:33 +02:00
Ludo
594a9695ab Merge remote-tracking branch 'origin/master' into fast-dev 2025-04-11 15:52:37 +02:00
simonebruzzechesse
03db2e45cf secops-rules module (#3023) 
* secops-rules module
 2025-04-11 15:44:31 +02:00
simonebruzzechesse
a747653e88 SecOps Anonymization improvements (#3013) 
* update secops anonymization pipeline with new chronicle APIs
 2025-04-11 15:14:05 +02:00
Simone Ruffilli
3c91acd181 Replace all instances of stackdriver.googleapis.com with log+mon (#3022) 
Replace all instances of stackdriver.googleapis.com with logging.googleapis.com  and monitoring.googleapis.com.
Fixes #2932
 2025-04-11 12:04:50 +00:00
Wiktor Niesiobędzki
f1a3cac8ca Use factory-projects-object to normalize inputs for project module 2025-04-11 10:53:08 +02:00
Simone Ruffilli
fc84c4f60d Module: net-vpc-factory (#2982) 
This pull request introduces the `net-vpc-factory` module. This new factory handles: 

* Project setup (most of what's supported by the `project` module)
* VPC setup
  * Routing
  * Subnets
* Connectivity options
  * NCC (hub, VPC spokes and VPN hybrid spokes)
  * Peerings
  * VPN (GCP-to-onprem and GCP-to-GCP)
* NAT (everything supported by the `net-cloudnat` module)
* DNS (everything supported by the `dns` module)
* Firewall (everything supported by the `net-vpc-firewall` module)
 2025-04-10 11:44:39 +02:00
Ludovico Magnocavallo
7b993cd2f1 allow configuring dns zone names in FAST networking stages (#3021) 2025-04-09 18:53:20 +02:00
Luca Prete
f7a0958e17 [FAST] Remove object creator permission from storage viewer custom role (#3020) 2025-04-09 16:39:20 +02:00
Julio Castillo
b2e26e50ae Enable storage.restrictAuthTypes org policy (#3017) 2025-04-08 15:43:24 +02:00
Matt
db165721f3 Add OKTA WIF provider definition (#3015) 
Co-authored-by: Julio Castillo <jccb@google.com>
 2025-04-08 12:48:06 +00:00
jacklever-hub24
2390124877 Added variable for activating nat and implementation in google_apigee… (#2999) 
* Added variable for activating nat and implementation in google_apigee_net_address resource

* Regenerated readme

* Added tests for nat & activation

* Removed unnecessary coalesce

* Fixed test params

* Added test to confirm activate is working
 2025-04-08 12:31:33 +00:00
Ludovico Magnocavallo
bdc97a54c7 Properly support org policy tags in resman/project factory (#3014) 
* allow setting IAM for org policy tags, add org policy tags to pf context

* allow tag id substitution

* tfdoc
 2025-04-08 14:24:46 +02:00
Ludo
7e5c319aeb fix merge 2025-04-07 08:49:28 +02:00
Ludo
5612040209 Merge remote-tracking branch 'origin/master' into fast-dev 2025-04-07 08:47:00 +02:00
Wiktor Niesiobędzki
6d2173aada Ensure vpc_sc has correct type for overrides 2025-04-06 20:17:22 +02:00
Wiktor Niesiobędzki
d63a425b62 Allow same filename in different directories 
As long, as they do override default project name using `name`.
 2025-04-06 20:17:22 +02:00
Wiktor Niesiobędzki
4769dc3dd7 Allow null parent and prefix 2025-04-06 20:17:22 +02:00
Wiktor Niesiobędzki
c90005553a Add tests for data_defaults / data_overrides 2025-04-06 20:17:22 +02:00
Wiktor Niesiobędzki
46f731fee0 Use null values for data_overrides 2025-04-06 20:17:22 +02:00
Wiktor Niesiobędzki
ce05505a2c Add type information to project_config attributes 2025-04-06 20:17:22 +02:00
Wiktor Niesiobędzki
6d54ff9a45 Use the same keys in output as in input for projects 2025-04-06 20:17:22 +02:00
Wiktor Niesiobędzki
1c87246583 Use factory-projects-object for project object normalization 2025-04-06 20:17:22 +02:00
Wiktor Niesiobędzki
9c93c6daa4 Add trusted images projects 2025-04-06 12:49:16 +02:00
Julio Castillo
e04079e334 Add support to attach tags to service accounts (#3008) 
* Remove service account key upload. Add create_ignore_already_exists

* Add tag bindings to service accounts

* Add description to create_ignore_already_exists

* Remove broken links
 2025-04-04 12:31:19 +00:00
Ludovico Magnocavallo
7aba2c1b58 allow external config of restricted services base set in vpc-sc stage (#3009) 2025-04-04 12:04:15 +00:00
Ludovico Magnocavallo
69188fa9d9 Implement support for VPC-SC perimeter membership from project factory (#3007) 
* support project factory-level vpc-sc perimeter interpolation

* fix ro role

* add support for IAM on service accounts

* fix typo
 2025-04-04 11:45:22 +00:00
Ludovico Magnocavallo
c8a9cd3edb Update VPC-SC README (#3006) 
Fixes #2983
 2025-04-04 09:06:26 +02:00
JayKim
25b6020a14 Fix stage-3 CICD SA access (#3005) 2025-04-03 19:17:04 +00:00
Ludo
728d9aee6e Merge remote-tracking branch 'origin/master' into fast-dev 2025-04-03 19:51:57 +02:00
Ludovico Magnocavallo
dde3c1abf2 Add support for non-destructive tag bindings to compute-vm module (#3004) 
* wip

* add support for tag bindings

* tfdoc

* improve example

* tfdoc
 2025-04-03 18:20:00 +02:00
Ludovico Magnocavallo
8b774f1fba cross-project serverless neg example (#3003) 2025-04-03 08:53:47 +00:00
Julio Castillo
f656a37c40 Merge branch 'master' into fast-dev 2025-04-02 14:07:33 +02:00
Julio Castillo
0c334a6128 Add roles support to VPC-SC (#3000) 2025-04-02 09:39:04 +02:00
Julio Castillo
bd829e6ba3 Allow disabling GKE IP endpoints and setting GKE VPC scope DNS domain (#2997) 
* Allow disabling IP access to GKE control plane

* Add additive VPC scope DNS domain to gke clusters

* Fix typo

* Bump provider to 6.27.0

* Update readme
 2025-04-02 07:03:58 +00:00
simonebruzzechesse
638c4d9d12 Fix Cloud SQL deployment and use local remote docker hub for pulling gitlab docker image (#2989) 
fix gitlab blueprint 
add docker remote registry
 2025-04-01 14:20:24 +02:00
Tim Hiatt
762841da79 Fr/timhiatt/invoker iam disable (#2994) 
* Staging the New Variable change and the flag endablement for 'invoker_iam_disabled' in the 'google_cloud_run_v2_service' resouece associated with the 'cloud-run-v2' module.

* Updating tfdocs to include the new variables for the 'invoker_iam_disabled' flag in the 'google_cloud_run_v2_service' resource in module 'cloud-run-v2'

* Updating the testing in the readme for the cloud-run-v2 module.

* Fixing an issue with links in README.md Docs

* Fixing README.md linting.
 2025-04-01 11:41:08 +02:00
Wiktor Niesiobędzki
dcccb1a1d0 Improve failure message 2025-04-01 10:40:32 +02:00
Marco Cadetg
2b2e52fecd feat: add gcp_public_cidrs_access_enabled to gke-cluster-{autopilot,standard} (#2993) 2025-04-01 06:17:44 +00:00
Wiktor Niesiobędzki
bea36cb047 Add requireInvokerIam constraint to the polices to prevent public exposure of Cloud Run services 2025-03-31 20:46:48 +02:00
Wiktor Niesiobędzki
925788b54a Merge remote-tracking branch 'upstream/master' into wiktorn-master-to-fast-dev 2025-03-31 07:49:04 +00:00
Ludo
196b06441b update changelog 2025-03-31 09:21:07 +02:00
Wiktor Niesiobędzki
3e84236345 Project object c14n in separte file 
Create separate file for canonicalization of project factory objects and
introduce duplicate-diff lint checker.
 2025-03-30 10:39:08 +02:00
simonebruzzechesse
1809552f8a Improve SecOps Anonymization pipeline (#2988) 
* update secops anonymization pipeline with new chronicle APIs

* improvements to doc for secops anonymization pipeline

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-03-29 19:09:37 +01:00
Ludovico Magnocavallo
554cc47707 Mongodb Atlas project template (#2986) 
* mongodb project definition

* wip

* add psc output to net-address module

* wip

* wip

* initial README, test

* remove providers file

* boilerplate

* tfdoc

* test

* fix unrelated test

* outputs, better README
 2025-03-29 08:43:27 +00:00
Ludo
0facab6724 Merge remote-tracking branch 'origin/master' into fast-dev 2025-03-28 09:38:22 +01:00
Taneli Leppä
e4f3f713bb Update list of GPUs. 2025-03-26 13:51:54 +01:00
Taneli Leppä
ccecc32718 compute-vm: Add graceful shutdown configuration and some missing GPUs. 2025-03-26 13:51:54 +01:00