kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,589 Commits 1 Branch 1 Tag
ca9ec30114ffe32383a49ce3b1c17ea77609e645
Commit Graph

784 Commits

Author SHA1 Message Date
Simone Ruffilli
ca9ec30114 Update list of org policies imported by FAST bootstrap stage 2024-09-13 07:05:01 +00:00
Ludovico Magnocavallo
e4413dbbd1 add documentation instructions for corner cases in github and bootstrap (#2545) 2024-08-30 14:04:43 +02:00
Ludo
3191a041e3 tfdoc 2024-08-30 10:43:04 +02:00
Ludo
e6bd1c62b8 update changelog 2024-08-30 10:42:34 +02:00
Ludovico Magnocavallo
eb89c62b5f prepare v34.0.0 release (#2543) 2024-08-30 10:06:33 +02:00
Ludovico Magnocavallo
579c7296db moved blocks and fixes for FAST v33-v34 transition (#2541) 2024-08-30 07:44:27 +00:00
Luca Prete
3ca0525039 [FAST] TLS inspection support for NGFW Enterprise (#2484) 2024-08-30 09:15:17 +02:00
Julio Castillo
f57635d044 Add managed folders suports to gcs module (#2530) 
* Add RPO, make versioning dynamic

* Add manaed folders

* Change autoclass and cors defaults to null

* Update README

* Add iam_by_principals

* Add managed folders var description

* Remove need for managed folders to end in /

* Add inventory to example

* Update readme

* Fix FAST tests
 2024-08-28 07:30:52 +00:00
Luca Prete
17667ce205 [FAST] Add permissions to nsec-r SA (#2511) 2024-08-21 20:26:32 +02:00
Ludovico Magnocavallo
13595f1499 depend network security stage from fast features in resman (#2509) 2024-08-21 08:38:43 +02:00
Ludovico Magnocavallo
ad5de9b7ea Refactor FAST project factory and supporting documentation (#2505) 
* untested

* teams pattern

* rework doc

* README

* boierplate

* tflint

* Fix tflint for project factory

* Correct path to pf

* resman changes

* fix factory variable default

* fix links

* project factory module substitutions

* tflint

* stage test

* tfdoc

* rename schema, address review comments

* README typos and wording

* tfdoc

* review comments

* remove test from yaml

* revert output workflow changes

* fix sa reference errors

* tfdoc

* pf tag roles

* schema validation

* pf tag roles

* avoid null values in pf context

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-08-20 16:45:42 +00:00
Ludovico Magnocavallo
d8a5c42b82 firewall policy module schema (#2499) 2024-08-11 10:12:03 +02:00
Ludovico Magnocavallo
7be042c706 dns rpz factory schema (#2498) 2024-08-10 17:19:28 +02:00
Ludovico Magnocavallo
3efb368b6c net vpc firewall factory schema (#2497) 2024-08-10 15:04:50 +02:00
Ludovico Magnocavallo
db044296e1 Additional module schemas (#2494) 
* resman modules

* billing account

* net-vpc subnets

* fast schemas and subnet validation
 2024-08-09 13:58:05 +00:00
Ludovico Magnocavallo
4a61dba841 organization module factory schemas (#2491) 2024-08-09 10:22:57 +00:00
Julio Castillo
bda83ea0ef Add boostrap output with log destination ids (#2483) 
* Add boostrap output with log destination ids

* Update readme
 2024-08-08 16:23:37 +02:00
Luca Prete
cb2add1718 [FAST] Rename netsec stage to nsec (#2482) 2024-08-08 12:30:09 +00:00
Ludovico Magnocavallo
db7cb937d1 VPC-SC factory JSON Schemas (#2477) 2024-08-07 12:09:37 +00:00
Julio Castillo
912cbb8281 Rename 1-vpc-sc stage to 1-vpcsc (#2471) 
* Rename 1-vpc-sc stage to 1-vpcsc

* Fix tests
 2024-08-06 11:21:55 +00:00
Julio Castillo
89333a5d43 Make policyReader binding additive in bootstrap (#2470) 2024-08-06 09:35:37 +00:00
Luca Prete
b3efa95488 [FAST] Sets projects_data_path optional, as in the project factory module (#2466) 2024-08-06 08:27:34 +02:00
Ludovico Magnocavallo
4298f14e1b fix peering routes config in fast a network stage (#2464) 2024-08-03 22:18:45 +02:00
Ludovico Magnocavallo
345716e576 VPC-SC as separate FAST stage 1 (#2460) 
* initial commit

* README

* boilerplate

* tflint

* tfdoc

* fix security stage tests

* vpc-sc stage tests

* tflint

* fix resman stage test inventories

* security README

* stage-level README

* Update README.md

* flexible perimeter variable

* remove diagram

* change default to dry run

* default to dry run
 2024-08-02 18:04:36 +02:00
Luca Prete
80f9ce6307 [FAST] Add basic NGFW enterprise stage (#2410) 2024-08-01 09:41:31 +00:00
Julio Castillo
2854ae6bd8 Remove "constraints/" from org policy names (#2450) 2024-07-29 15:15:04 +02:00
Simone Ruffilli
27bb48df77 NCC in 2-net-a-simple (#2397) 
* NCC in 2-net-a-simple
 2024-07-25 18:03:09 +02:00
Luca Prete
c39145e3cf Remove alpha from gcloud storage cp as it moved to GA (#2446) 2024-07-24 22:46:43 +02:00
Simone Ruffilli
d66a358b6d Add context to net-vpc (subnets) factory (#2444) 2024-07-24 15:54:20 +02:00
Julio Castillo
c0bf32e797 Refactor service agent management (#2423) 
* Service agents script

* Service agents update

* WIP

* Update script and terraform

* Fix tests

* Fix linter

* Update docs

* Bring back pf example inventory

* Fix tests

* Fix more tests

* Fix tests

* Use dataclasses for build_service_agents.py

* Remove unneeded field() from build_service_agents

* Re-enable CMEK depends_on in project outputs

* Update tools/requirements.txt

* Enable storage in GCS example projects

* Fix tests

* Add CMEK Service Agents dependencies for services

* Fix typos and data platform cmek

* More typos
 2024-07-23 22:05:38 +02:00
Ludovico Magnocavallo
5319184e71 FAST ng: stage 0 environments and VPC-SC IaC resources (#2440) 
* FAST ng: stage 0 environments and VPC-SC IaC resources

* test inventories
 2024-07-23 11:52:39 +02:00
Simone Ruffilli
3151b02eda FAST: IAM cleanups to reflect PF changes (#2430) 
* FAST: IAM cleanups to reflect PF changes
 2024-07-18 14:59:28 +02:00
Julio Castillo
cb9945a83d Allow description to be set for FAST-managed tags (#2417) 2024-07-09 18:55:20 +02:00
Jay Bana
a514ce0ef5 [FAST] Housekeeping in CICD workflow templates and extra stage (#2412) 
* Sync GitHub workflow template in assets with rest of the repo

* Remove trailing whitespace in 1-tenant-factory GitHub workflow template

* Update actions/github-script version as per NodeJS deprecation warnings

* Remove redundant Source Repo templates given #2352

* Update gh file content to handle base64 png in line with #2286

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-07-08 14:40:32 +02:00
Jay Bana
1aad2c682c Fix IAM bindings to impersonate resman CICD SAs at bootstrap stage (#2411) 2024-07-08 11:58:41 +01:00
Elia
287fee275c Documented new GCVE design options (#2404) 2024-07-02 16:46:55 +02:00
Sudhir
3bb03c99f8 gitlab workflow fixes #2401 (#2402) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-07-01 09:42:54 +00:00
Alejandro Leal
0363e2cb80 Several wording and typos updates 
Several wording and typos updates
 2024-06-27 07:36:19 +02:00
Ludovico Magnocavallo
d70cdf8393 add wording for SCC Enterprise to FAST stage 0 (#2378) 2024-06-24 19:03:07 +02:00
Ludovico Magnocavallo
e3809e6735 Add main project factory service account (#2353) 
* add main project factory service account

* add main project factory service account
 2024-06-10 12:23:30 +02:00
Ludovico Magnocavallo
b13b6032d3 Remove support for source repositories from FAST CI/CD (#2352) 
* stage 0

* stage 1

* stage 1 mt

* remove unused locals from resman

* remove unused locals from resman

* tfdoc
 2024-06-10 09:02:55 +00:00
Alberto Geniola
67754ca58e Fix typos in documentation (#2344) 
* Fix typos in documentation

* use toc

---------

Co-authored-by: Alberto Geniola <geniola@google.com>
Co-authored-by: Ludo <ludomagno@google.com>
 2024-06-07 14:32:06 +00:00
Alberto Geniola
c1e0788957 Fix wrong documentation reference to tfvars (#2340) 2024-06-04 16:23:08 +02:00
Simone Ruffilli
22494c2f68 Update README.md 2024-06-04 07:42:48 +02:00
Simone Ruffilli
3487cb8c71 DNS policy fix (#2337) 2024-06-03 08:25:35 +02:00
Ludovico Magnocavallo
f9a433825f Add perimeter ids in vpc-sc module outputs, fix vpc-sc in project factory module (#2335) 
* add perimeter ids in vpc-sc module outputs, fix vpc-sc in project factory module

* tfdoc
 2024-05-31 20:07:59 +02:00
Ludo
26357d9b0c update resman IAM 2024-05-31 15:31:51 +02:00
Ludovico Magnocavallo
5cae3fd266 add support for iam to builtin tags (#2334) 2024-05-31 12:57:13 +00:00
Ludovico Magnocavallo
d736a06c0b Fix resman top-level folders variable types (#2333) 
* fix resman top-level folders variable types

* pass logging settings to underlying module

* fix logging settings
 2024-05-31 14:45:31 +02:00
Wiktor Niesiobędzki
1cc028c64b Fix dns policy (#2332) 2024-05-31 11:27:31 +00:00