* add dns armor module
* add dns armor to pf
* added missing/optional attributes
* Update project schemas
* Set version file copyright year to 2025
* replace module with single resource
* moved into it's own file
* Added tests and defaulting enabled to false
* Add optional name parameter and updated schemas
* make dns_threat_detector.enabled optional in project schemas
---------
Co-authored-by: Luca Prete <preteluca@gmail.com>
* feat(fast): add attachment groups factory to 2-networking
Adds support for `google_compute_interconnect_attachment_group` in the `2-networking` stage.
By implementing this at the factory level alongside `vlan-attachments`, users can now declaratively aggregate VLAN attachments across multiple VPCs and natively reference them using the `$attachment_groups:<key>` context identifier in their configuration YAMLs.
Includes:
- Factory implementation in `factory-vlan-attachments.tf`.
- New JSON schemas for `attachment-groups` and updates to `vlan-attachments` to support context linkage.
- Test coverage with new inventory generations.
Fixes#3791
* feat(agent-engine): add support for container and custom image specs
- Add container_config to deployment_files.
- Add image_spec with build_args to source_config.
- Make agent_framework optional and document supported values.
- Implement dynamic specs for container and source deployments.
- Add examples and automated tests for new deployment types.
* chore: update Google provider version to 7.28.0 across modules
Mechanical update of versions.tf and versions.tofu files using tools/versions.py.
* feat(agent-engine): refactor for container deployments and API alignment
- Group deployment settings under 'deployment_config' (renamed from 'deployment_files').
- Support container-based deployments via 'container_config' and 'image_spec'.
- Refactor 'source_files_config' (renamed from 'source_config') to include mutually exclusive 'python_spec' and 'image_spec'.
- Support 'developer_connect_config' as a source code type.
- Group engine settings (framework, env, secrets) under 'agent_engine_config'.
- Add support for 'memory_bank_config' persistent memory.
- Overhaul reasoning engine resources with dynamic blocks to match provider schema.
- Update all documentation examples, add TOC, and refresh test inventories.
* Update dynamic python_spec block and related example yamls
* Ignore changes setting for developer_connect_source under lifecycle management
* fixing review comments for `try` and default path for `source_path`
---------
Co-authored-by: Hemanand <hemr@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* chore(fast): update boilerplate in 2-networking yaml files
* chore(fast): replace stackdriver.googleapis.com with logging and monitoring services
* fix(net-vpc-factory): correct description for secondary subnet example
* feat(agent-engine): add support for memory bank configuration
* refactor(agent-engine): remove source_path_override and revert to standard source_path
* provider version upgrade from 7.17 to 7.27
* docs(agent-engine): fix README validation and update tables
---------
Co-authored-by: Hemanand <hemr@google.com>
* Migrate organization policy tests to standard tftest.yaml.
Remove python-hcl2 dependency and the custom python test file.
Consolidate the boolean, list, and custom constraint tests into a single `org_policies` test with a factory equivalent.
Restructure factory files into a unified `factory/` directory.
* Migrate project and folder org policy tests to standard tftest.yaml.
Replicate the organization module changes for project and folder modules:
- Remove python-hcl2 dependency usages and conftest.py.
- Remove custom python test files for org policies.
- Consolidate org policy tests into a single `org_policies` test with a factory equivalent.
- Unify factory files into a `factory/` directory.
- Remove redundant common.tfvars in folder module.
* Add factory policies directory to duplicate-diff checks.
Ensure the YAML factory files for org policies remain perfectly identical across the organization, folder, and project modules.
* Remove unused deepdiff dependency from requirements and pre-commit config.
* Add boilerplate
* fix broken link
* feat(2-networking): add NS And DS record dynamically from sub-zones records
* tfdoc
* feat(test): 2-networking adding dns_delegations test with and without DSSEC
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Simone Ruffilli <sruffilli@google.com>
Fixes#3819 by changing the default of `private_cluster_config` to `null` instead of an empty object, preventing the module from unintentionally generating an empty `private_cluster_config` block and treating the cluster as private when it wasn't requested.
* add ad for compute-vm refactor
* Exclue nic_type from validated fields, add split of main.tf and template.tf
* boot disk
* fix examples and fixtures
* attached disks
* fix further examples and module-level tests
* remove extra file
* fix mig examples
* finish refactoring variables
* align fast and other modules
* refactor(compute-vm): align examples and ADR with the newly implemented interface
This commit addresses the remaining references of the `instance_type` and `confidential_compute` parameters in the testing environment and updates the ADR.
* feat(compute-vm): add network_performance_config to instance and templates
This change implements the usage of the `network_performance_tier` variable we added earlier into the actual Terraform resources.
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
* fix(modules/organization): conditions ignored in tags
* fix(modules/project): conditions ignored in tags
* fix(modules/project): Tags:1 test skipped due to bad markdown block
---------
Co-authored-by: Julio Castillo <jccb@google.com>
