* Add default ingress deny rule with logging to FAST net stages.
Fixes#2024
* Allow firewall factory to omit rules key
* Fix tests
* Fix fast tests
* fix fast tests
* Updated the DataQualitySpec for Dataplex Datascan
* Fix linting
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* pre PR commit
* added IAM functionality
* clean up of readme
* versions.tf fix
* added separate iam.tf, facilitated existing secret manager module
* corrected optional variable defaults
* adjusted readme to new changes
* adjusted tftest line in readme for changed example
* reverted the module back to a state where it only manages one instance
* minor fix for main readme.md
---------
Co-authored-by: Julio Castillo <jccb@google.com>
* Fix named ranges behaviour if cidr_tpl_file variable not provided.
* Fix and extend tests.
* fix map syntax
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Fix DNS E2E test + add one to net-lb-app-int-cross-region
* Update README.md
* Fix inventory for tests
* Fix tests
* Fix number of resources
---------
Co-authored-by: Julio Castillo <jccb@google.com>
* implement optionals in gke-hub module
* simplify gke hub module call in mc mesh blueprint
* simplify gke hub module call and variables in multitenant blueprint
* gke hub inventory
* provide cluster and fleet examples in stage
* fix: allow configuring `docker_repository` for cloud-function2
When docker repository is not specified by default docker repository
`projects/PROJECT_ID/locations/REGION/repositories/gcf-artifacts` is used.
In such a case, terraform plan always generates a difference for `docker_repository`
field as the module passes null value but the tfstate file has the above specified
default value. This fix allows one to prevent unnecessary infrastructure change when
using the default repository as well as any user created repository.
* doc: updated README for cloud-function-v2
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* add locals for additive and authoritative org iam roles
* first shot at IAM and logging location
* tfdoc
* use locals for locations
* fix file parsing, resman stubs
* initial resman implementation
* remove unneeded code
* fix data file
* replace dumb yamldecode
* fix wrong type in organization additive bindings try
* simplify logging local
* Use check asserts for version and org id
* Checks on checklist for resman
* refactor checks, ignore checklist files on wrong org id
* stage 0 tests
* fix checklist checks
* stage 1 tests
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
* Allow empty string for 'identity_type' supported by Google provider and use correct value name for ingress 'identity_type'
* Sanitizing variables as the logical operators in Terraform do not short-circuit.
