cloud-foundation-fabric

End-to-end modular samples and landing zones toolkit for Terraform on GCP.

APACHE-2.0 License

Stars
1.4K
Committers
234
View Code on GitHub
Ecosystems: Terraform, BigQuery

Bot releases are visible (Hide)

cloud-foundation-fabric - v33.0.0 Latest Release

Published by ludoo 3 months ago

BLUEPRINTS

  • [#2450] Remove "constraints/" from org policy names (juliocc)
  • [#2448] incompatible change: Add generic URL output to modules/artifact-registry (juliocc)
  • [#2423] incompatible change: Refactor service agent management (juliocc)
  • [#2433] incompatible change: Reintroduce docker image path output in AR module (ludoo)
  • [#2416] Add support for sqlAssertion AutoDQ rule type in dataplex-datascan (jayBana)
  • [#2395] Fix tutorial error. (wiktorn)
  • [#2396] incompatible change: Update modules/artifact-registry with newly-released features. (juliocc)
  • [#2392] Added forward_proxy_uri to apigee environments in apigee-x-foundation… (apichick)
  • [#2389] Several wording and typos updates (bluPhy)
  • [#2382] Fixes related to Apigee KMS keys (apichick)
  • [#2372] Added spanner-instance module (apichick)

FAST

  • [#2410] [FAST] Add basic NGFW enterprise stage (LucaPrete)
  • [#2450] Remove "constraints/" from org policy names (juliocc)
  • [#2397] NCC in 2-net-a-simple (sruffilli)
  • [#2446] Remove alpha from gcloud storage cp as it moved to GA (LucaPrete)
  • [#2444] Add context to net-vpc factory (sruffilli)
  • [#2423] incompatible change: Refactor service agent management (juliocc)
  • [#2440] FAST ng: stage 0 environments and VPC-SC IaC resources (ludoo)
  • [#2430] FAST: IAM cleanups to reflect PF changes (sruffilli)
  • [#2417] Allow description to be set for FAST-managed tags (juliocc)
  • [#2412] [FAST] Housekeeping in CICD workflow templates and extra stage (jayBana)
  • [#2411] [FAST] Fix IAM bindings to impersonate resman CICD SAs at bootstrap stage (jayBana)
  • [#2404] Documented new GCVE design options (eliamaldini)
  • [#2402] gitlab workflow template fixes #2401 (sudhirrs)
  • [#2389] Several wording and typos updates (bluPhy)
  • [#2378] Add wording for SCC Enterprise to FAST stage 0 (ludoo)

MODULES

  • [#2459] Allow user to override peerings names (juliocc)
  • [#2457] update readme with cross project backend external regional/global LB - review (vivianvarela)
  • [#2454] Add support for dry-run org policies (juliocc)
  • [#2456] Manage lifecycle of cloud functions v2 IAM (ludoo)
  • [#2449] Add moved blocks for the service networking service agent and IAM (juliocc)
  • [#2448] Add generic URL output to modules/artifiact-registry (juliocc)
  • [#2447] Fix wrong expression in compute-mig module (bz-canva)
  • [#2445] Override primary flag for the storage transfer service agent (juliocc)
  • [#2444] Add context to net-vpc factory (sruffilli)
  • [#2443] Project service agents moved block and enabled services (ludoo)
  • [#2423] incompatible change: Refactor service agent management (juliocc)
  • [#2439] incompatible change: Remove default values to secondary range names in GKE cluster modules (fulyagonultas)
  • [#2437] Add coalesce to factory fw policies to support empty yaml files (LucaPrete)
  • [#2436] Allow disabling topic creation in GCS module notification (ludoo)
  • [#2433] incompatible change: Reintroduce docker image path output in AR module (ludoo)
  • [#2424] E2E tests for ncc-spoke-ra (wiktorn)
  • [#2427] Fix Cloud Function v1/v2 E2E tests (wiktorn)
  • [#2421] fix cloudbuild service account email (nathou)
  • [#2418] Adding support for DWS for GKE nodepools (aurelienlegrand)
  • [#2416] Add support for sqlAssertion AutoDQ rule type in dataplex-datascan (jayBana)
  • [#2406] incompatible change: Adding TPU limits for GKE cluster node auto-provisioning (NAP) (aurelienlegrand)
  • [#2415] Added certificate_manager_certificates to app load balancers (apichick)
  • [#2413] incompatible change: Add E2E tests for Cloud Functions and fix perma-diff (wiktorn)
  • [#2409] Adds support for external SPGs to net-firewall-policy (LucaPrete)
  • [#2407] Allow project factory projects to override name (juliocc)
  • [#2405] Adding placement_policy for GKE nodepools (ex: GPU compact placement or TPU topology) (aurelienlegrand)
  • [#2400] Add info about roles for connectors service agent (wiktorn)
  • [#2396] incompatible change: Update modules/artifact-registry with newly-released features. (juliocc)
  • [#2393] Add support for SSL policy to net-lb-app-int module (ludoo)
  • [#2387] Added certificate-manager module (apichick)
  • [#2390] Add AssuredWorkload support to the folder module (averbuks)
  • [#2384] Allow Cloud NAT to only use secondary ranges (juliocc)
  • [#2388] Added missing links to firestore module is READMEs. (apichick)
  • [#2389] Several wording and typos updates (bluPhy)
  • [#2374] Added firestore module (apichick)
  • [#2380] Added private_endpoint_subnetwork parameters to GKE standard and autopilot modules (luigi-bitonti)
  • [#2370] Apigee - Add forward_proxy_uri support on environment resource (diogo-j-n-teixeira)
  • [#2376] Removed advertised_groups ALL_VPC_SUBNETS, ALL_VPC_SUBNETS as they ar… (apichick)
  • [#2375] Minor fixes in workstations IAM (apichick)
  • [#2372] Added spanner-instance module (apichick)
  • [#2373] Added expire_time option to the secret-manager module (deanosaurx)
  • [#2371] Support build service account in cloud function v2 module (ludoo)
  • [#2369] Add example, tests and fix for Google APIs PSC endpoint (wiktorn)
  • [#2368] Fix for plan not in sync when creating billing budgets in project factory #2365 (sudhirrs)
  • [#2366] Added additional range field to GKE standand and autopilot (luigi-bitonti)

TOOLS

  • [#2452] Add --extra-files option to plan_summary.py cmd (LucaPrete)
  • [#2445] Override primary flag for the storage transfer service agent (juliocc)
  • [#2423] incompatible change: Refactor service agent management (juliocc)
  • [#2441] Add commit id at the end of README (juliocc)
  • [#2413] incompatible change: Add E2E tests for Cloud Functions and fix perma-diff (wiktorn)
  • [#2399] Test different versions of Terraform (wiktorn)
cloud-foundation-fabric - v32.0.1

Published by ludoo 3 months ago

In this release:

cloud-foundation-fabric - v32.0.0

Published by ludoo 4 months ago

BLUEPRINTS

  • [#2361] incompatible change: Support GCS objects in cloud function modules bundles (ludoo)
  • [#2358] incompatible change: Support pre-made bundle archives in cloud function modules (ludoo)
  • [#2347] Add GCVE Logging and Monitoring Blueprint (KonradSchieban)
  • [#2356] Add Terraform installation step to meet the versions.tf requirements (wiktorn)
  • [#2355] Bump @grpc/grpc-js from 1.10.7 to 1.10.9 in /blueprints/apigee/apigee-x-foundations/functions/instance-monitor (dependabot[bot])
  • [#2341] Alloydb add support for psc (simonebruzzechesse)
  • [#2328] [FAST] Rename stage 2-networking-d-separate-envs to 2-networking-c-separate-envs (LucaPrete)
  • [#2326] Add pre-commit hook configuration (wiktorn)
  • [#2299] Kong Gateway on GKE offloading to Cloud Run (juliodiez)
  • [#2317] resource_labels added to the node_config nodepool (fulyagonultas)
  • [#2106] Gitlab Runner blueprint (simonebruzzechesse)
  • [#2303] incompatible change: Remove default location from gcs module (ludoo)
  • [#2296] Bump requests from 2.31.0 to 2.32.0 in /blueprints/cloud-operations/network-quota-monitoring/src (dependabot[bot])
  • [#2284] incompatible change: Unify VPN and Peering FAST stages (sruffilli)

DOCUMENTATION

FAST

  • [#2353] Add main project factory service account (ludoo)
  • [#2352] incompatible change: Remove support for source repositories from FAST CI/CD (ludoo)
  • [#2344] Fix typos in documentation (albertogeniola)
  • [#2340] Fix wrong documentation reference to tfvars (albertogeniola)
  • [#2337] DNS policy fix (sruffilli)
  • [#2335] Add perimeter ids in vpc-sc module outputs, fix vpc-sc in project factory module (ludoo)
  • [#2334] Support setting IAM for FAST tags in resource management stage (ludoo)
  • [#2333] Fix resman top-level folders variable types (ludoo)
  • [#2332] Fix dns policy (wiktorn)
  • [#2331] Enable hierarchy in fast project factory (ludoo)
  • [#2330] Update PGA domains (juliocc)
  • [#2329] FAST: Enable networkconnectivity when using NCC-RA in 2-b (sruffilli)
  • [#2328] [FAST] Rename stage 2-networking-d-separate-envs to 2-networking-c-separate-envs (LucaPrete)
  • [#2325] Fix restrictAllowedGenerations org policy example (juliocc)
  • [#2317] resource_labels added to the node_config nodepool (fulyagonultas)
  • [#2319] Pbrumblay/clarify org policy tags (pbrumblay)
  • [#2309] incompatible change: Merge FAST C and E network stages into a new B stage. (sruffilli)
  • [#2315] FAST: Obsolete assets cleanup (sruffilli)
  • [#2305] FAST MT: Readme updates and more prefix validation (sruffilli)
  • [#2232] New extra stage for FAST gitlab setup (simonebruzzechesse)
  • [#2294] Avoid unnecessary terraform plans for closed (unmerged) PRs (pbrumblay)
  • [#2298] Adjust list of imported org policies to official docs (wiktorn)
  • [#2297] Add support for tenant factory CI/CD (ludoo)
  • [#2292] [FAST] fix: tenant-factory logging bucket project (LucaPrete)
  • [#2290] Add wif permissions to bootstrap tf SA (simonebruzzechesse)
  • [#2289] Fix mt diagram and broken link (ludoo)
  • [#2288] Ignore test resource data in new network stage, split out fast variables (ludoo)
  • [#2286] Switch FAST stages 0-1s to excalidraw diagrams (ludoo)
  • [#2287] incompatible change: FAST: Cleanup/harmonization of Simple and NVA net stages (sruffilli)
  • [#2284] incompatible change: Unify VPN and Peering FAST stages (sruffilli)
  • [#2254] incompatible change: FAST: add top-level folders and restructure teams/tenants in resman (ludoo)

MODULES

  • [#2364] Relax dataproc master config type (ludoo)
  • [#2363] Add support for different endpoint types for Cloud NAT (wiktorn)
  • [#2362] Strip bucket name from bundle URI in cloud function modules (ludoo)
  • [#2361] incompatible change: Support GCS objects in cloud function modules bundles (ludoo)
  • [#2360] Validate bundle, use pathexpand in cloud function modules (ludoo)
  • [#2359] Don't compute checksum in cloud function modules for static bundles (ludoo)
  • [#2358] incompatible change: Support pre-made bundle archives in cloud function modules (ludoo)
  • [#2357] Add use_table_schema parameter for PubSub subscription to BigQuery (mdaddetta)
  • [#2354] Use var.vpc_config.subnetwork in NEGs when var.neg_config.*.subnetwork is not provided (wiktorn)
  • [#2351] Added missing validation values for backend services (deanosaurx)
  • [#2350] Add network tags outputs and examples to project module (ludoo)
  • [#2341] Alloydb add support for psc (simonebruzzechesse)
  • [#2339] Enable stateful ha in gke cluster standard module (ludoo)
  • [#2336] Add documentation for load balancer changes (wiktorn)
  • [#2335] Add perimeter ids in vpc-sc module outputs, fix vpc-sc in project factory module (ludoo)
  • [#2321] Fixed e2e tests for alloydb module (simonebruzzechesse)
  • [#2312] Fixes for Alloydb E2E tests (wiktorn)
  • [#2317] resource_labels added to the node_config nodepool (fulyagonultas)
  • [#2280] Secret manager e2etests (dibaskar-google)
  • [#2307] Extend support for tag bindings to more modules (ludoo)
  • [#2306] Internet NEG for internal proxy LB (wiktorn)
  • [#2304] incompatible change: Remove default location from container-registry, datacatalog-policy-tag, workstation-cluster (ludoo)
  • [#2303] incompatible change: Remove default location from gcs module (ludoo)
  • [#2301] Fix permadiff in cloud nat module (ludoo)
  • [#2300] Add support for shared vpc host to project factory (ludoo)
  • [#2285] New alloydb module (simonebruzzechesse)
  • [#2291] IPS support for Firewall Policy (rickygodoy)
  • [#2293] Internet NEG for net-lb-app-int (wiktorn)

TOOLS

cloud-foundation-fabric - v31.1.0

Published by ludoo 5 months ago

This release reflects a change in the Google provider that fixes a bug with secondary VPC subnet ranges:

  • [#2282] Disable reserved_internal_range in net-vpc due to provider bug (sruffilli)
cloud-foundation-fabric - v31.0.0

Published by ludoo 5 months ago

This release will be the last one supporting the (by now) legacy FAST teams and tenants implementations.

BLUEPRINTS

  • [#2278] Bump express from 4.18.2 to 4.19.2 in /blueprints/apigee/apigee-x-foundations/functions/instance-monitor (dependabot[bot])
  • [#2275] Add support for reserved_internal_range in net-vpc (sruffilli)
  • [#2277] Added missing apigee org attributes to apigee x foundations blueprint (apichick)
  • [#2279] Bump protobufjs, @google-cloud/logging-bunyan and @google-cloud/monitoring in /blueprints/apigee/apigee-x-foundations/functions/instance-monitor (dependabot[bot])
  • [#2274] Added apigee-x-foundations blueprint (apichick)
  • [#2243] Added new attributes Apigee organization and bumped up providers version (apichick)
  • [#2239] Update README.md (vicenteg)
  • [#2230] docs: 📝 fix error in phpIPAM terraform config by updating VPC pe… (PapaPeskwo)
  • [#2227] Bump golang.org/x/net from 0.17.0 to 0.23.0 in /blueprints/cloud-operations/unmanaged-instances-healthcheck/function/healthchecker (dependabot[bot])
  • [#2228] Bump golang.org/x/net from 0.17.0 to 0.23.0 in /blueprints/cloud-operations/unmanaged-instances-healthcheck/function/restarter (dependabot[bot])
  • [#2226] fix cloud sql PSA after module upgrade (simonebruzzechesse)
  • [#2220] Add tflint to pipelines (juliocc)
  • [#2218] incompatible change: Allow multiple PSA service providers in net-vpc module (ludoo)
  • [#2208] Updated diagram to better reflect PSC terminology (bswenka)
  • [#2207] feat(gke-cluster-standard): Add optional CiliumClusterWideNetworkPolicy (anthonyhaussman)
  • [#2201] Updating cloud-run-v2 terraform and some typos (bluPhy)
  • [#2191] FAST GCVE stage (eliamaldini)
  • [#2181] Bump express from 4.17.3 to 4.19.2 in /blueprints/gke/binauthz/image (dependabot[bot])
  • [#2174] Bump provider version to 5.18 to fix non-empty plan for google_notebooks_instance (wiktorn)
  • [#2171] incompatible change: Fix subnet configuration in cloud nat module (ludoo)
  • [#2168] Support advanced_datapath_observability in gke cluster standard module (ludoo)
  • [#2169] Add stub READMEs for the removed hub and spoke blueprints (ludoo)

DOCUMENTATION

  • [#2164] Updated CONTRIBUTING.md with a guide to cut a new release (sruffilli)

FAST

  • [#2267] Fix 0-bootstrap iam_by_principals not taking into account all principals (wiktorn)
  • [#2263] Update docs - gcp-network-admins -> gcp-vpc-network-admins (wiktorn)
  • [#2260] Remove data source from folder module (ludoo)
  • [#2253] Misc FAST fixes (juliocc)
  • [#2235] Update FAST logging (juliocc)
  • [#2233] Fix permissions for branch network dev - read sa (LucaPrete)
  • [#2221] Enable TFLint in FAST stages (juliocc)
  • [#2220] Add tflint to pipelines (juliocc)
  • [#2218] incompatible change: Allow multiple PSA service providers in net-vpc module (ludoo)
  • [#2219] Remove unused variables/locals from FAST (juliocc)
  • [#2215] Add new org policies to FAST (juliocc)
  • [#2210] Add support for quotas to project module (ludoo)
  • [#2206] Update the description and README for the tags variable (timothy-jabez)
  • [#2204] Align exported tfvars in FAST networking stages, add psc and proxy only subnets (ludoo)
  • [#2203] incompatible change: FAST security stage refactor (ludoo)
  • [#2196] Add variable to resman to control top-level folder IAM (juliocc)
  • [#2195] Allow r/o project factory SAs access to folder-level IAM (ludoo)
  • [#2191] FAST GCVE stage (eliamaldini)
  • [#2178] Add missing permission to org viewer custom role in FAST stage 0 (ludoo)
  • [#2172] Fix subnet names in FAST net stage c nva (ludoo)

MODULES

  • [#2275] Add support for reserved_internal_range in net-vpc (sruffilli)
  • [#2274] Added apigee-x-foundations blueprint (apichick)
  • [#2270] Cloud function CMEK key support (luigi-bitonti)
  • [#2272] New Bindplane cloud-config-container setup (simonebruzzechesse)
  • [#2269] Implement the full IAM interface for tags (ludoo)
  • [#2268] Add logging settings to folder module (ludoo)
  • [#2242] CloudSQL PSC Endpoints support (wiktorn)
  • [#2265] Fix failing E2E net-vpc test (wiktorn)
  • [#2264] Fix bug from output typo in new project-factory module (JanCVanB)
  • [#2262] Make Simple NVA route IAP traffic through NIC 0 (juliocc)
  • [#2261] Add Hybrid NAT support (juliocc)
  • [#2260] Remove data source from folder module (ludoo)
  • [#2247] Fix workstation-cluster module for private deployment (simonebruzzechesse)
  • [#2252] Add support for labels to GKE backup plans (ludoo)
  • [#2251] Fix factory ingress policy services in vpc-sc module (ludoo)
  • [#2248] Added missing identity when connectors API is enabled (jnahelou)
  • [#2246] Fixed issue with service networking DNS peering (apichick)
  • [#2243] Added new attributes Apigee organization and bumped up providers version (apichick)
  • [#2244] incompatible change: Removed BFD settings from net-vpn-ha module as it is not supported (apichick)
  • [#2241] Use default labels on pubsub subscription when no override is provided (wiktorn)
  • [#2238] fix: allow disabling node autoprovisioning (kumadee)
  • [#2234] Added build environment variables in cloud function v1 (luigi-bitonti)
  • [#2229] incompatible change: Refactor vpc-sc support in project module, add support for dry run (ludoo)
  • [#2226] fix cloud sql PSA after module upgrade (simonebruzzechesse)
  • [#2224] added missing option for exclusion scope (cmalpe)
  • [#2220] Add tflint to pipelines (juliocc)
  • [#2218] incompatible change: Allow multiple PSA service providers in net-vpc module (ludoo)
  • [#2216] Remove data source from net-vpc module (ludoo)
  • [#2214] Net LB App Internal Cross-Region recipe (ludoo)
  • [#2213] Add support for tags to GCS module (ludoo)
  • [#2211] Add project quotas factory (wiktorn)
  • [#2212] Add support for GCS soft-delete retention period (sruffilli)
  • [#2210] Add support for quotas to project module (ludoo)
  • [#2209] Add support for data cache to cloud sql module (ludoo)
  • [#2207] feat(gke-cluster-standard): Add optional CiliumClusterWideNetworkPolicy (anthonyhaussman)
  • [#2205] Add validation rule for DNS module health check targets (ludoo)
  • [#2201] Updating cloud-run-v2 terraform and some typos (bluPhy)
  • [#2202] added force_destroy to dns module (nika-pr)
  • [#2191] FAST GCVE stage (eliamaldini)
  • [#2190] VPC module - PSA configurable service producer (spica29)
  • [#2185] Fix failing e2e tests for Cloud Run CMEK (wiktorn)
  • [#2182] incompatible change: Fix default nodepool defaults in gke standard module (ludoo)
  • [#2177] add cmek option for cloud_run_v2 (SalehElnagarSecurrency)
  • [#2175] feat(gke-cluster-standard): Set optionnal default_node_pool configuration (anthonyhaussman)
  • [#2174] Bump provider version to 5.18 to fix non-empty plan for google_notebooks_instance (wiktorn)
  • [#2171] incompatible change: Fix subnet configuration in cloud nat module (ludoo)
  • [#2170] Support optional secondary ranges in net-cloudnat module (ludoo)
  • [#2168] Support advanced_datapath_observability in gke cluster standard module (ludoo)
  • [#2166] feat(net-cloudnat): add tcp_time_wait to config_timeouts (frits-v)

TOOLS

cloud-foundation-fabric - v30.0.0

Published by sruffilli 7 months ago

BLUEPRINTS

  • [#2141] Dataproc module cleanup & fixes (wiktorn)
  • [#2131] Introduce mandatory OWNERS file for blueprint maintainership (juliocc)
  • [#2133] Updated diagram to better reflect code naming. (bswenka)
  • [#2135] Rename modules/cloudsql-instance deletion protection variables (juliocc)
  • [#2119] Fix phpipam blueprint (simonebruzzechesse)
  • [#2110] Gitlab blueprint (simonebruzzechesse)
  • [#1843] incompatible change: Factories refactor (ludoo)
  • [#2105] incompatible change: Enable shielded nodes by default on GKE mt blueprint and FAST stage (ludoo)
  • [#2082] Fix GKE multitenant blueprint roles (ludoo)
  • [#2076] Use Fabric modules in blueprints/networking/psc-glb-and-armor (wiktorn)
  • [#2075] Updated path matchers to be more user friendly, added better test exa… (bswenka)
  • [#2079] Format python files in blueprints (simonebruzzechesse)
  • [#2071] Bswenka/psc glb and armor 2 producers (bswenka)
  • [#2072] Fix e2e tests - vertex mlops and net-address (wiktorn)
  • [#2064] incompatible change: Extend FAST to support different principal types (ludoo)
  • [#2058] glb and armor subnet fix (bswenka)
  • [#2061] HA MySQL cluster deployment on GKE (wiktorn)
  • [#2059] GKE stateful blueprints (juliocc)
  • [#2036] Shielded nodes and custom service account in FAST GKE stage and blueprint (CSPR-related) (ludoo)
  • [#2016] incompatible change: Ensure data platform service accounts meet FAST requirements (ludoo)

DOCUMENTATION

FAST

  • [#2139] Logging updates (juliocc)
  • [#2115] incompatible change: Align resource names in FAST networking stages (ludoo)
  • [#2112] Add support for billing budgets to project factory (ludoo)
  • [#1843] incompatible change: Factories refactor (ludoo)
  • [#2105] incompatible change: Enable shielded nodes by default on GKE mt blueprint and FAST stage (ludoo)
  • [#2101] Make all project_parent_ids fields optional (juliocc)
  • [#2086] Support domainless orgs in FAST (ludoo)
  • [#2077] incompatible change: Add workforce_identity_federation in 0-bootstrap (simonebruzzechesse)
  • [#2064] incompatible change: Extend FAST to support different principal types (ludoo)
  • [#2065] Fix imports of org policies (wiktorn)
  • [#2057] Postpone setting essential contacts until provisioning using SA (wiktorn)
  • [#2056] import default org-level org-policies (wiktorn)
  • [#2050] Enable additional recommended org policies (juliocc)
  • [#2041] Leverage net-vpc module for DNS logging in FAST (ludoo)
  • [#2038] Make Cloud NAT creation optional in FAST net stages. (juliocc)
  • [#2036] Shielded nodes and custom service account in FAST GKE stage and blueprint (CSPR-related) (ludoo)
  • [#2033] Add DNS query logging to FAST net stages (juliocc)
  • [#2032] Selectively enable logging in FAST and firewall policy module rules (CSPR-related) (ludoo)
  • [#2031] Clarify relationship with checklist groups in FAST bootstrap docs (ludoo)
  • [#2030] logging for default ingress rules in FAST (CSPR-related) (juliocc)
  • [#2019] Fix sourcerepo templates and concat call (juliocc)
  • [#2016] incompatible change: Ensure data platform service accounts meet FAST requirements (ludoo)
  • [#2014] Enforce trusted image projects constraint in FAST bootstrap (CSPR-related) (ludoo)
  • [#2010] Add support for essential contacts to FAST (CSPR-related) (ludoo)

MODULES

  • [#2162] Support automation/controlling projects and resources in project factory (ludoo)
  • [#2152] Add folder factory to project-factory module (juliocc)
  • [#2141] Dataproc module cleanup & fixes (wiktorn)
  • [#2142] Adds bfd and md5 auth support to google_compute_router_peer (sruffilli)
  • [#2139] Logging updates (juliocc)
  • [#2135] Rename modules/cloudsql-instance deletion protection variables (juliocc)
  • [#2134] incompatible change: Add links to factories doc (ludoo)
  • [#2130] incompatible change: Add support for service account IAM variables to pf (ludoo)
  • [#2129] Remove ignore_changes as terraform-provider-google#16804 is closed (wiktorn)
  • [#2125] Add support for PSC network attachments and interfaces in modules (ludoo)
  • [#2124] Update docs about role automatically granted to dataform SA (wiktorn)
  • [#2122] Define service attachment interface for lb modules and implement in internal LBs (ludoo)
  • [#2121] incompatible change: enabling dataform service agent upon activating the API (marcjwo)
  • [#2118] Add https security to cloud-functions-v1 module (mibelbahri)
  • [#2112] Add support for billing budgets to project factory (ludoo)
  • [#2111] Fix pathexpand in firewall policy module (ludoo)
  • [#1843] incompatible change: Factories refactor (ludoo)
  • [#2107] Time zone support for CloudSQL SQL Server (spica29)
  • [#2100] Module Data Catalog Tag - Add support for types (lcaggio)
  • [#2104] Fix datacalog type of kubernetes_software_config.component_version and properties (SalehElnagarSecurrency)
  • [#2090] add session affinity values: "GENERATED_COOKIE", "HEADER_FIELD", "HTTP_COOKIE" to variables-backend-service.tf (tamartayar)
  • [#2102] Allow projects as destinations for log sinks (juliocc)
  • [#2098] Fix cors policy type in lb app ext modules (ludoo)
  • [#2097] Fix #2095 for other types of load balancers (juliocc)
  • [#2096] Do not convert route rules to set (juliocc)
  • [#2087] add analytics hub module (thinhha)
  • [#2091] Accept email in service account module name (ludoo)
  • [#1954] Add support for Cloud Run v2 jobs (wiktorn)
  • [#2083] Fix data-catalog tag module (lcaggio)
  • [#2081] VPC-SC module factories (ludoo)
  • [#2060] Data catalog Tag module (lcaggio)
  • [#2064] incompatible change: Extend FAST to support different principal types (ludoo)
  • [#2062] Add Tags in project output. (lcaggio)
  • [#2056] import default org-level org-policies (wiktorn)
  • [#2053] Added destroy_scheduled_duration variable (luigi-bitonti)
  • [#2051] fix: auto_provisioning_defaults is not really optional (kumadee)
  • [#2035] Fix dnssec_config issue on state off (haraldhaas)
  • [#2030] logging for default ingress rules in FAST (CSPR-related) (juliocc)
  • [#2008] Updated the DataQualitySpec for Dataplex Datascan (shourya116)
  • [#2027] Tag Template - Fix readme tests (lcaggio)
  • [#2015] Fix typo in logging sinks implementation (ludoo)
  • [#2013] Add Tag Template module (lcaggio)
  • [#2012] Add support for target_resources to net-firewall-policy module (bcorbitt-ps)
  • [#2002] Fixes and additional support for ssl_mode for CloudSQL module (spica29)
  • [#2010] Add support for essential contacts to FAST (CSPR-related) (ludoo)

TOOLS

cloud-foundation-fabric - v29.0.0

Published by ludoo 9 months ago

In this release

BLUEPRINTS

DOCUMENTATION

FAST

  • [#2009] Tighten up security of automation project (CSPR-related) (ludoo)
  • [#2000] Checklist attribution bucket (ludoo)
  • [#1997] Update checklist parsing for top-level key (ludoo)
  • [#1992] Fix Data platform foundation (lcaggio)
  • [#1969] Integrate checklist data in FAST (ludoo)
  • [#1967] Add locations on terraform.tfvars.sample for bootstrap stage (simonebruzzechesse)
  • [#1899] Read-only service accounts for automation and CI/CD (ludoo)
  • [#1945] Fix GitHub CI/CD provider (ludoo)
  • [#1943] Revert "Add debug step for JWT tokens" (ludoo)
  • [#1940] Add kernels.googleusercontent.com zone in dns response policy (simonebruzzechesse)
  • [#1938] Add debug step for JWT tokens (wiktorn)
  • [#1932] Simplify organization tags.tf locals (juliocc)
  • [#1912] incompatible change: Custom role factories for organization and project modules (ludoo)
  • [#1900] Patch Github actions ci google-github-actions/auth@v0 --> v2 (ibrahimparvez2)

MODULES

  • [#2009] Tighten up security of automation project (CSPR-related) (ludoo)
  • [#2001] Marcwo/dataform module (marcjwo)
  • [#2005] Fix named ranges behaviour if cidr_tpl_file variable not provided. (miromichalicka)
  • [#2004] incompatible change: Remove default region for Cloud Function and Cloud Run (wiktorn)
  • [#1993] Fix DNS E2E test + add one to net-lb-app-int-cross-region (wiktorn)
  • [#1999] Added Enabled Kubernetes Beta APIs feature (luigi-bitonti)
  • [#1996] Fix factory default value for rule ports in firewall policy module (ludoo)
  • [#1994] DNS response policies e2e changes (dibaskar-google)
  • [#1977] Add example to FAST GKE stage, streamline GKE Hub module variables and usage (ludoo)
  • [#1987] Specify docker_repository field for google_cloudfunctions2_function (kumadee)
  • [#1990] Fixed README and test for DNS module (apichick)
  • [#1988] Added health checked targets for geo routing policy in dns module (apichick)
  • [#1979] feat: enable mtls on external application application load balancer (Tazminia)
  • [#1982] Add resource manager tags support for instance template (LucaPrete)
  • [#1981] Added Cross-region internal application load balancer module (apichick)
  • [#1980] Proper validation of empty string value in identity_type (viliampucik)
  • [#1978] Fix identity_type (viliampucik)
  • [#1970] Add support for service_external_ips_config to GKE cluster modules (luigi-bitonti)
  • [#1968] use provided SA for cloud function v2 trigger (juliocc)
  • [#1966] Support for ANY_USER_ACCOUNT in module vpc-sc egress rule. (xjantoth)
  • [#1964] Use fixtures in net-lb-ext (wiktorn)
  • [#1958] Create bigtable service identity with project if api is enabled (steenblik)
  • [#1963] net-address end-to-end tests (wiktorn)
  • [#1962] Add end-to-end tests for net-lb-app-ext-regional (wiktorn)
  • [#1892] New module for external regional application load balancer (juliocc)
  • [#1960] Add PNA support to Service Directory module (stribioli)
  • [#1957] Add e2e test for net_lb_app_ext module (andybubu)
  • [#1956] Support CMEK encryption on Bigtable instances. (steenblik)
  • [#1902] First version of Cloud Run module v2 (juliodiez)
  • [#1944] Dns e2e (dibaskar-google)
  • [#1948] Fix GCVE network policy (LucaPrete)
  • [#1947] GCVE: add network policy configuration (LucaPrete)
  • [#1946] Minor fix to GCVE module readme (LucaPrete)
  • [#1941] Use new resources in GCVE module, bump provider versions (LucaPrete)
  • [#1936] Move squid to __need_fixing (sruffilli)
  • [#1935] E2E tests fixes (wiktorn)
  • [#1933] Add project-scoped secure tags (juliocc)
  • [#1932] Simplify organization tags.tf locals (juliocc)
  • [#1930] Allow granting network user role on host project from project module and factory (simonebruzzechesse)
  • [#1928] incompatible change: Fix health check autocreation and id output in passthrough LB modules (ludoo)
  • [#1926] Add support for policy based routes to net-vpc (sruffilli)
  • [#1905] gke-cluster-standard : Support upgrade_settings for node auto provisioner (noony)
  • [#1923] Removed deprecated variable and added labels (luigi-bitonti)
  • [#1922] can_ip_forward in simple-nva examples (sruffilli)
  • [#1921] Sync tf version to version used by tests (wiktorn)
  • [#1920] Bump tf version (ludoo)
  • [#1918] Added missing parameters in kubelet and linux node configuration (luigi-bitonti)
  • [#1917] Added the possibility to configure maintenance window and deny maintenance period in Cloud SQL module module (francesco-pavan-huware)
  • [#1912] incompatible change: Custom role factories for organization and project modules (ludoo)
  • [#1909] net_lb_ext module e2e and example testing changes (dibaskar-google)
  • [#1908] README fixes for #1907 (wiktorn)
  • [#1906] gke-cluster-standard : Set optional shielded_instance_config block in cluster_autoscaling.auto_provisioning_defaults (noony)
  • [#1907] Add support for subnet-level service network user grants to project module, improve docs (ludoo)
  • [#1904] gke-cluster-standard : Add possibility to enable image streaming feature at cluster level (noony)
  • [#1903] Enable sole tenancy (node_affinities) on compute_vm (LucaPrete)
  • [#1901] Add IPv6 to HA VPN module + test inventories (LucaPrete)
  • [#1898] Use unique names for logging buckets in examples (wiktorn)
  • [#1896] e2e test fix for net-vpc-firewall module (rthangaraju)
  • [#1895] Add support for firewall tags to compute-vm module (ludoo)
  • [#1891] artifact-registry: Support cleanup policies (noony)
  • [#1894] e2e test fix for iam-service-account module (rthangaraju)
  • [#1893] E2E and examples tests for net-vpc module (rthangaraju)
  • [#1861] Added external data configuration support to BigQuery Module (luigi-bitonti)
  • [#1871] Added workstation-cluster module (apichick)
  • [#1874] Added PSC support to CloudSQL Module (luigi-bitonti)
  • [#1885] Fixed envoy file, it has extra character that was preventing envoy to start (apichick)

TOOLS

cloud-foundation-fabric - v28.0.0

Published by sruffilli 11 months ago

In this release:

BLUEPRINTS

  • [#1882] Fixes/improvements to F5 HA blueprint (LucaPrete)
  • [#1787] F5 blueprint (LucaPrete)
  • [#1873] Add DLP Service Agent role (wiktorn)
  • [#1859] Net dash cfv2 (aurelienlegrand)
  • [#1863] End-to-end tests for Vertex blueprint (wiktorn)
  • [#1856] Sql user features (Francesco-cloud24)
  • [#1739] Added CMEK for Secret auto managed (luigi-bitonti)
  • [#1848] Dataproc module bug fix (Francesco-cloud24)
  • [#1851] Support multilevel data and allow overriding project id in project factory (ludoo)
  • [#1838] Simplify #1836 fix, Avoid map-related casting errors in project factory (wiktorn)
  • [#1836] incompatible change: Avoid map-related casting errors in project factory (ludoo)
  • [#1832] [Minimal Data Platform] Fix Landing and curated IAM (lcaggio)
  • [#1825] Handling SQL IP address issue (aurelienlegrand)
  • [#1821] [net-address] enable ipv6 (LucaPrete)
  • [#1814] incompatible change: Allow specifying arbitrary project roles for service accounts in project factory (ludoo)
  • [#1812] Stop wrapping yamldecode with try() (sruffilli)
  • [#1806] Updating network dashboard: fixing Cloud SQL problem, fixing 1 metric… (aurelienlegrand)
  • [#1796] Make extended shared vpc attributes optional in project factory (ludoo)
  • [#1782] Add upper cap to versions, update copyright notices (sruffilli)
  • [#1765] Add support for dual stack and multiple forwarding rules to net-lb-int module (LucaPrete)
  • [#1748] Bump golang.org/x/net from 0.7.0 to 0.17.0 in /blueprints/cloud-operations/unmanaged-instances-healthcheck/function/restarter (dependabot[bot])
  • [#1747] Bump golang.org/x/net from 0.7.0 to 0.17.0 in /blueprints/cloud-operations/unmanaged-instances-healthcheck/function/healthchecker (dependabot[bot])
  • [#1735] Make deletion protection consistent across all modules (juliocc)

DOCUMENTATION

  • [#1787] F5 blueprint (LucaPrete)
  • [#1832] [Minimal Data Platform] Fix Landing and curated IAM (lcaggio)
  • [#1831] Update wording in FAST and gcve module READMEs (bluPhy)
  • [#1782] Add upper cap to versions, update copyright notices (sruffilli)
  • [#1773] Add service usage consumer role to IaC SAs, refactor delegated grants in FAST (ludoo)
  • [#1743] Billing account module (ludoo)

FAST

  • [#1855] Document fast_features (juliocc)
  • [#1864] End to end tests for GCS (wiktorn)
  • [#1836] incompatible change: Avoid map-related casting errors in project factory (ludoo)
  • [#1818] FAST: rename VPC-related files to net-* (sruffilli)
  • [#1812] Stop wrapping yamldecode with try() (sruffilli)
  • [#1810] FAST: Add access transparency logs to the default sinks (sruffilli)
  • [#1809] FAST: Add VPC serverless connector NAT ranges to hierarchical fw (sruffilli)
  • [#1811] FAST: removed references to kms_defaults (sruffilli)
  • [#1802] Less verbose project factory stage outputs (ludoo)
  • [#1797] Improve usage of optionals in FAST stage 2 VPN variables (ludoo)
  • [#1788] FAST: adds support for wif provider pubkey (sruffilli)
  • [#1782] Add upper cap to versions, update copyright notices (sruffilli)
  • [#1780] Add sink for workspace logs to bootstrap stage (ludoo)
  • [#1775] Add gcp org policy constraints file to bootstrap stage (ludoo)
  • [#1773] Add service usage consumer role to IaC SAs, refactor delegated grants in FAST (ludoo)
  • [#1765] Add support for dual stack and multiple forwarding rules to net-lb-int module (LucaPrete)
  • [#1760] Add support for psa peered domains to fast stages (ludoo)
  • [#1759] Minor edits to FAST network stage READMEs (ludoo)
  • [#1743] Billing account module (ludoo)
  • [#1735] Make deletion protection consistent across all modules (juliocc)
  • [#1734] Update to lint.sh and wording to some tf (bluPhy)
  • [#1733] Fix typo in FAST stage 2 README (bluPhy)

MODULES

TOOLS

cloud-foundation-fabric - v27.0.0

Published by juliocc about 1 year ago

What's Changed

BLUEPRINTS

  • [#1730] Minimal Data Platform - Fix (lcaggio)
  • [#1725] Fix data platform roles (lcaggio)
  • [#1724] Bump provider versions to v5.0.0 (ludoo)
  • [#1722] Add support for org policies to project factory (ludoo)
  • [#1692] incompatible change: Allow using no service account in compute-vm (ludoo)

DOCUMENTATION

  • [#1725] Fix data platform roles (lcaggio)
  • [#1724] Bump provider versions to v5.0.0 (ludoo)
  • [#1707] Only apply org policies when bootstrap user is not set (ludoo)
  • [#1697] Define and adopt standard IP ranges for FAST networking (juliocc)
  • [#1698] incompatible change: FAST: move organization policies to stage 0 (ludoo)
  • [#1695] incompatible change: Rename FAST globals output file (ludoo)

FAST

  • [#1725] Fix data platform roles (lcaggio)
  • [#1724] Bump provider versions to v5.0.0 (ludoo)
  • [#1718] FAST: add example of custom org policy condition to bootstrap README (ludoo)
  • [#1715] Fix indentation in FAST hierarchical firewall rules (juliocc)
  • [#1711] [FAST] Fix tenant folder tag (lcaggio)
  • [#1707] Only apply org policies when bootstrap user is not set (ludoo)
  • [#1705] Fix typo in bootstrap stage README (giterinhub)
  • [#1697] Define and adopt standard IP ranges for FAST networking (juliocc)
  • [#1698] incompatible change: FAST: move organization policies to stage 0 (ludoo)
  • [#1695] incompatible change: Rename FAST globals output file (ludoo)

MODULES

  • [#1714] Support multiple protocols (L3_DEFAULT) through net-ilb-in (LucaPrete)
  • [#1727] Update GCS IAM (apichick)
  • [#1728] Fix dnssec keys lookup (juliocc)
  • [#1724] Bump provider versions to v5.0.0 (ludoo)
  • [#1723] Add storage billing model to bigquery-dataset (devuonocar)
  • [#1719] Add GLB HTTP to HTTPS redirect example (ludoo)
  • [#1717] Apigee module fix try (apichick)
  • [#1716] Add retry policy for subscriptions (devuonocar)
  • [#1709] Add bug fix in bucket local variable (luigi-bitonti)
  • [#1704] Add cloud function secrets tests (wiktorn)
  • [#1703] Add bug fix to allow to use Secret Manager secrets to mount files in … (luigi-bitonti)
  • [#1701] Add support for default nodepool sa in GKE cluster module (ludoo)
  • [#1696] Add deletion_protection_enabled attribute to cloudsql-instance to ena… (steenblik)
  • [#1690] incompatible change: Rename instance attachment to match versions 23 and earlier (cygnus8595)
  • [#1694] Fix apigee addons config conditional expression (eddern)
  • [#1692] incompatible change: Allow using no service account in compute-vm (ludoo)
  • [#1688] Fix repd disk attachment in compute-vm module (ludoo)

New Contributors

Full Changelog: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v26.0.0...v27.0.0

cloud-foundation-fabric - v26.0.0

Published by ludoo about 1 year ago

BLUEPRINTS

  • [#1684] incompatible change: Update resource-level IAM interface for kms and pubsub modules (juliocc)
  • [#1682] GKE cluster modules: add optional kube state metrics (olliefr)
  • [#1681] incompatible change: Embed subnet-level IAM in the variables controlling creation of subnets (juliocc)
  • [#1680] Upgrades to monitoring_config in gke-cluster-*, docs update, and cosmetics fixes to GKE cluster modules (olliefr)
  • [#1679] Add lineage on Minimal Data Platform blueprint (lcaggio)
  • [#1678] Allow only one of secondary_range_blocks or secondary_range_names when creating GKE clusters. (juliocc)
  • [#1671] incompatible change: Fixed, added back environments to each instance, that way we can also… (apichick)
  • [#1662] merge labels from data_merges in project factory (Tutuchan)
  • [#1651] add AIRFLOW_VAR_ prefix to environment variables in data-platform blueprints (Tutuchan)
  • [#1642] New phpIPAM serverless third parties solution in blueprints (simonebruzzechesse)
  • [#1654] Fix project factory blueprint and fast stage (LucaPrete)
  • [#1647] Bump provider version to 4.80.0 (juliocc)
  • [#1638] gke-cluster-standard: change logging configuration (olliefr)
  • [#1636] Delete api gateway blueprint (juliodiez)
  • [#1607] Trap requests timeout error in quota sync (ludoo)
  • [#1595] incompatible change: IAM interface refactor (ludoo)
  • [#1601] [Data Platform] Update README.md (lcaggio)

DOCUMENTATION

  • [#1687] Add IAM variables template to ADR (juliocc)
  • [#1686] CONTRIBUTING guide: fix broken links and update "running tests for specific examples" section (olliefr)
  • [#1658] incompatible change: Change type of iam_bindings variable to allow multiple conditional bindings (ludoo)
  • [#1642] New phpIPAM serverless third parties solution in blueprints (simonebruzzechesse)
  • [#1640] Simplify linting output in workflow (juliocc)
  • [#1636] Delete api gateway blueprint (juliodiez)
  • [#1595] incompatible change: IAM interface refactor (ludoo)

FAST

  • [#1684] incompatible change: Update resource-level IAM interface for kms and pubsub modules (juliocc)
  • [#1685] Fix psa routing variable in FAST net stages (ludoo)
  • [#1682] GKE cluster modules: add optional kube state metrics (olliefr)
  • [#1681] incompatible change: Embed subnet-level IAM in the variables controlling creation of subnets (juliocc)
  • [#1680] Upgrades to monitoring_config in gke-cluster-*, docs update, and cosmetics fixes to GKE cluster modules (olliefr)
  • [#1678] Allow only one of secondary_range_blocks or secondary_range_names when creating GKE clusters. (juliocc)
  • [#1664] Align pf stage sample data to new format (ludoo)
  • [#1663] [#1661] Make FAST stage 1 resman tf destroy more reliable (LucaPrete)
  • [#1659] Link project factory documentation from FAST stage (ludoo)
  • [#1658] incompatible change: Change type of iam_bindings variable to allow multiple conditional bindings (ludoo)
  • [#1654] Fix project factory blueprint and fast stage (LucaPrete)
  • [#1638] gke-cluster-standard: change logging configuration (olliefr)
  • [#1634] [revert(revert(patch))] Remove unused ASN numbers for CloudNAT in FAST (LucaPrete)
  • [#1631] Allow single hfw policy association in folder and organization modules (juliocc)
  • [#1626] Revert "Remove unused ASN numbers from CloudNAT to avoid provider errors" (LucaPrete)
  • [#1623] Fix role name for delegated grants in FAST bootstrap (juliocc)
  • [#1612] Fix: align stage-2-e-nva-bgp to the latest APIs (LucaPrete)
  • [#1610] Fix: use existing variable to optionally name fw policies (LucaPrete)
  • [#1595] incompatible change: IAM interface refactor (ludoo)
  • [#1597] fix null object exception in bootstrap output when using cloudsource (sm3142)
  • [#1593] Fix FAST CI/CD for Gitlab (ludoo)
  • [#1583] Fix module path for teams cicd (ludoo)

MODULES

  • [#1684] incompatible change: Update resource-level IAM interface for kms and pubsub modules (juliocc)
  • [#1683] Fix subnet iam_bindings to use arbitrary keys (juliocc)
  • [#1682] GKE cluster modules: add optional kube state metrics (olliefr)
  • [#1681] incompatible change: Embed subnet-level IAM in the variables controlling creation of subnets (juliocc)
  • [#1680] Upgrades to monitoring_config in gke-cluster-*, docs update, and cosmetics fixes to GKE cluster modules (olliefr)
  • [#1678] Allow only one of secondary_range_blocks or secondary_range_names when creating GKE clusters. (juliocc)
  • [#1675] GKE Autopilot module: add network tags (olliefr)
  • [#1676] fixed up nit from PR 1666 (dgulli)
  • [#1672] Added possibility to use gcs push endpoint on pubsub subscription (luigi-bitonti)
  • [#1671] incompatible change: Fixed, added back environments to each instance, that way we can also… (apichick)
  • [#1666] added support for global proxy only subnets (dgulli)
  • [#1669] Fix for partner interconnect (apichick)
  • [#1668] fix(compute-mig): add correct type optionality for metrics in autosca… (NotArpit)
  • [#1667] fix(compute-mig): add mode property to compute_region_autoscaler (NotArpit)
  • [#1658] incompatible change: Change type of iam_bindings variable to allow multiple conditional bindings (ludoo)
  • [#1653] Fixes to the apigee module (juliocc)
  • [#1642] New phpIPAM serverless third parties solution in blueprints (simonebruzzechesse)
  • [#1650] Make net-vpc variables non-nullable (juliocc)
  • [#1647] Bump provider version to 4.80.0 (juliocc)
  • [#1646] gke-cluster-autopilot: add monitoring configuration (olliefr)
  • [#1645] gke-cluster-autopilot: add validation for release_channel input variable (olliefr)
  • [#1638] gke-cluster-standard: change logging configuration (olliefr)
  • [#1625] gke-cluster-autopilot: add logging configuration (olliefr)
  • [#1637] GRPC variable is misnamed "GRCP" in modules/cloud-run/variables.tf, causing liveness probe and startup probe to fail (zacharysmithdatatonic)
  • [#1632] Vpc sc allow null for identity type (LudovicEmo)
  • [#1633] Do not set default ASN number (LucaPrete)
  • [#1631] Allow single hfw policy association in folder and organization modules (juliocc)
  • [#1630] [Fix] Add explicit dependency between CR peers and NCC RA spoke creation (LucaPrete)
  • [#1613] Cloud SQL activation policy selectable (cmvalla)
  • [#1619] Adding support for NAT in Apigee (billabongrob)
  • [#1620] Remove net-firewall-policy match variable validation (richard-olson)
  • [#1614] Fix net-firewall-policy factory name and action (richard-olson)
  • [#1584] add support for object upload to gcs module (ehorning)
  • [#1609] incompatible change: Use cloud run bindings for cf v2 invoker role, refactor iam handling in cf v2 and cloud run (ludoo)
  • [#1590] GCVE module first release (eliamaldini)
  • [#1595] incompatible change: IAM interface refactor (ludoo)
  • [#1600] fix(cloud-run): move cpu boost annotation to revision (LiuVII)
  • [#1599] Fixing some typos (bluPhy)
  • [#1598] feat(cloud-run): add startup cpu boost option (JSchwerberg)
  • [#1594] Add support for conditions to iam_members module variables (ludoo)
  • [#1591] feat: 🎸 (modules/cloudsql-instance):add project_id for ssl cert (erabusi)
  • [#1589] Add new iam_members variable to IAM additive module interfaces (ludoo)
  • [#1588] feat: 🎸 (modules/cloudsql-instance): enable require_ssl cert support (erabusi)
  • [#1587] incompatible change: Fix factory rules key in net firewall policy module (ludoo)
  • [#1578] Fix: Instance level stateful disk config (beardedsamwise)
  • [#1582] feat(modules/cloud-run): add gen2 exec env support (LiuVII)

TOOLS

cloud-foundation-fabric - v25.0.0

Published by juliocc about 1 year ago

What's Changed

BLUEPRINTS

  • [#1581] incompatible change: Remove firewall policy management from resource management modules (ludoo)
  • [#1573] Add information about required groups (wiktorn)
  • [#1572] incompatible change: More module descriptions (ludoo)
  • [#1560] Removed unused attribute in variable of ha-vpn-over-blueprint blueprint (apichick)
  • [#1548] Minor fixes in Vertex Ai MLOPs blueprint (javiergp)
  • [#1547] incompatible change: Peering module refactor (ludoo)
  • [#1542] Grant IAM rights to service identities in host project (wiktorn)
  • [#1536] incompatible change: Update and refactor artifact registry module (ludoo)
  • [#1533] Make demo pipeline append into BQ tables (danieldeleo)
  • [#1510] incompatible change: Refactoring of dns module (apichick)
  • [#1504] Bump semver from 5.7.1 to 5.7.2 in /blueprints/serverless/api-gateway/function (dependabot[bot])
  • [#1501] Fix in nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg blueprint (apichick)
  • [#1498] Return only bucket name of composer, not full url to dags folder (wiktorn)

DOCUMENTATION

  • [#1581] incompatible change: Remove firewall policy management from resource management modules (ludoo)
  • [#1573] Add information about required groups (wiktorn)
  • [#1545] add dataplex autodq base module (thinhha)
  • [#1557] renaming net-vpc-swp to net-swp (skalolazka)
  • [#1553] Added module for Regional Internal Proxy Load Balancer (apichick)
  • [#1546] incompatible change: rename cloud-dataplex to dataplex (thinhha)
  • [#1506] Document architectural decisions (ludoo)
  • [#1500] README: audit logs on org level go to a logging bucket, not bigquery (skalolazka)

FAST

  • [#1579] Enable team CI/CD impersonation (williamsmt)
  • [#1581] incompatible change: Remove firewall policy management from resource management modules (ludoo)
  • [#1572] incompatible change: More module descriptions (ludoo)
  • [#1566] Remove unused ASN numbers from CloudNAT to avoid provider errors (LucaPrete)
  • [#1563] Update FAST CI/CD workflows so it can work with ID_TOKEN and Gitlab 15+ (LucaPrete)
  • [#1547] incompatible change: Peering module refactor (ludoo)
  • [#1514] Fix FAST stage links script for GKE stage (ludoo)
  • [#1510] incompatible change: Refactoring of dns module (apichick)

MODULES

  • [#1581] incompatible change: Remove firewall policy management from resource management modules (ludoo)
  • [#1580] Apigee addons (apichick)
  • [#1576] incompatible change: Refactor firewall policy module (ludoo)
  • [#1575] Expose allow_net_admin feature in gke-cluster-autopilot module (eunanhardy)
  • [#1572] incompatible change: More module descriptions (ludoo)
  • [#1569] Add support for cost management to GKE module (ludoo)
  • [#1568] Add support for ipv6 to net-vpc module (ludoo)
  • [#1567] Allow custom route descriptions in net-vpc module (juliocc)
  • [#1558] feat(apigee): add retention variable (danistrebel)
  • [#1564] Fixed error of inconsistent conditional result types when evaluating … (apichick)
  • [#1561] Removed unused attribute in peer_gateway_config variable (apichick)
  • [#1545] add dataplex autodq base module (thinhha)
  • [#1559] Added IPSEC_INTERCONNECT addresses to net-address module (apichick)
  • [#1557] renaming net-vpc-swp to net-swp (skalolazka)
  • [#1513] optional description in modules/net-vpc-swp (skalolazka)
  • [#1555] Fix permadiff in artifact-registry (juliocc)
  • [#1553] Added module for Regional Internal Proxy Load Balancer (apichick)
  • [#1554] Fix in IAM bindings of cloud function v2 module (apichick)
  • [#1551] Fix in validation of healthchecks variable (apichick)
  • [#1552] Add image path output to ar module (ludoo)
  • [#1550] Fix in validation of healthchecks variable (apichick)
  • [#1547] incompatible change: Peering module refactor (ludoo)
  • [#1542] Grant IAM rights to service identities in host project (wiktorn)
  • [#1546] incompatible change: rename cloud-dataplex to dataplex (thinhha)
  • [#1540] Fixes in cloud function v2 module for trigger service account (apichick)
  • [#1536] incompatible change: Update and refactor artifact registry module (ludoo)
  • [#1537] Wrong ASN when using partner_interconnect. (sruffilli)
  • [#1535] Renamed output.tf in net-vlan-attachment (sruffilli)
  • [#1523] Fix in event_filters of trigger_config (apichick)
  • [#1519] Improve Dataplex (lcaggio)
  • [#1520] feat(cloudsql-instance): Add query insights config (LiuVII)
  • [#1512] enable-logging flag can only be true for public zones (apichick)
  • [#1510] incompatible change: Refactoring of dns module (apichick)
  • [#1509] Add output to org module with custom constraint details and depends_on (juliocc)
  • [#1503] Move IAM grant to function level for trigger SA (wiktorn)
  • [#1479] Update ncc-spoke-ra module to explicity request ncc hub id when referencing existing hubs (simonebruzzechesse)
  • [#1499] Add support for custom description in net-address (simonebruzzechesse)
  • [#1497] incompatible change: Implement proper support for data access logs in resource manager modules (ludoo)

TOOLS

New Contributors

Full Changelog: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v24.0.0...v25.0.0

cloud-foundation-fabric - v24.0.0

Published by ludoo over 1 year ago

In this release:

BLUEPRINTS

  • [#1496] Allow using a separate resource for boot disk in compute-vm module (ludoo)
  • [#1488] incompatible change: Fix and improve quota monitor blueprint (ludoo)
  • [#1483] Updating a few files to fix typos (bluPhy)
  • [#1474] data-platform-minimal - support web_server_network_access_control (kthhrv)
  • [#1482] Add region to quota monitor cloud function (ludoo)
  • [#1475] Minimal Data Platform - Shared VPC (lcaggio)
  • [#1473] Improve Minimal Data Platform Blueprint (lcaggio)
  • [#1468] Dependencies update for API Gateway blueprint (apichick)
  • [#1469] Bump semver and @google-cloud/storage in /blueprints/gke/binauthz/image (dependabot[bot])
  • [#1466] incompatible change: Rename network load balancer modules (ludoo)
  • [#1459] Add preliminary support for partner interconnect (wiktorn)
  • [#1464] Fix Shielded folder README (lcaggio)
  • [#1458] Fixing typos (bluPhy)
  • [#1455] Match readme groups with variables file in shielded folder blueprint (CanburakTumer)
  • [#1451] Improve Minimal Data Platform blueprint (lcaggio)
  • [#1454] data-platform-minimal - 02-processing.tf typo (kthhrv)
  • [#1453] data-platform-minimal - correct typo (kthhrv)
  • [#1450] Split Cloud Function module in separate v1 and v2 modules (ludoo)
  • [#1447] incompatible change: Refactored apigee module and adjusted the blueprints accordingly (apichick)
  • [#1409] Added module for Secure Web Proxy (rosmo)
  • [#1420] Move net-dedicated-vlan-attachment module to net-vlan-attachment and … (apichick)
  • [#1427] Updating hub-and-spoke peering blueprint to use HA VPN. (mark1000)
  • [#1432] Make internal/external addresses optional in compute-vm (juliocc)
  • [#1423] Add support for Log Analytics on logging-bucket module and bump provider version (lcaggio)
  • [#1416] Fix and improve GCS2BQ blueprint (lcaggio)

DOCUMENTATION

  • [#1483] Updating a few files to fix typos (bluPhy)
  • [#1473] Improve Minimal Data Platform Blueprint (lcaggio)
  • [#1466] incompatible change: Rename network load balancer modules (ludoo)
  • [#1450] Split Cloud Function module in separate v1 and v2 modules (ludoo)
  • [#1444] Fixing typos (bluPhy)
  • [#1409] Added module for Secure Web Proxy (rosmo)
  • [#1420] Move net-dedicated-vlan-attachment module to net-vlan-attachment and … (apichick)
  • [#1418] Network Load Balancer module (ludoo)

FAST

  • [#1470] FAST: initial implementation of lightweight tenants (ludoo)
  • [#1492] Peering dashboard (aurelienlegrand)
  • [#1487] Fix primary gke/dp ranges in FAST subnets (juliocc)
  • [#1478] FAST: short_name_is_prefix for multi-tenant (drebes)
  • [#1483] Updating a few files to fix typos (bluPhy)
  • [#1477] Changing the IP range of pods from 100.64.48.0/20 to 100.65.16.0/20 Fixes #1461 (arvindag07)
  • [#1466] incompatible change: Rename network load balancer modules (ludoo)
  • [#1446] fixup(project-factory): Use the correct KMS Service Agents attribute … (alloveras)
  • [#1445] Bump TF version in all workflow templates to coincide with module requirements (kthhrv)
  • [#1443] Fix repo names check in extra FAST stage (ludoo)
  • [#1432] Make internal/external addresses optional in compute-vm (juliocc)
  • [#1429] Use RFC6598 addresses for pods and subnets (wiktorn)
  • [#1426] Add custom tag support to FAST (ludoo)
  • [#1425] Small fixes (ludoo)
  • [#1412] Add VPN monitoring alerts to 2-networking and VPN usage chart (afda16)

MODULES

  • [#1496] Allow using a separate resource for boot disk in compute-vm module (ludoo)
  • [#1489] incompatible change: Disable googleapi routes creation when vpc is not created in net-vpc module (ludoo)
  • [#1486] Allow external editing of group instances in lb modules (ludoo)
  • [#1480] Add bigquery authorized resources (thinhha)
  • [#1485] incompatible change: Align group names in lb modules (ludoo)
  • [#1456] add missing variable image_uri (jose-bermudez-digitalfemsa)
  • [#1471] Add ToCs to resource manager modules (ludoo)
  • [#1466] incompatible change: Rename network load balancer modules (ludoo)
  • [#1467] Add support for resource policies to compute vm module (ludoo)
  • [#1439] modules/vpc-sc: google_access_context_manager_service_perimeter add support for method_selectors/permission (LudovicEmo)
  • [#1460] Added validation for edge_availability_domain value (apichick)
  • [#1458] Fixing typos (bluPhy)
  • [#1449] Added iam for DNS managed zone to dns module (apichick)
  • [#1452] feat(artifact-registry): Add support for CMEK (alloveras)
  • [#1450] Split Cloud Function module in separate v1 and v2 modules (ludoo)
  • [#1447] incompatible change: Refactored apigee module and adjusted the blueprints accordingly (apichick)
  • [#1440] enable_logging variable was not being used (apichick)
  • [#1436] Ignore Cloud Run system annotations/labels (wiktorn)
  • [#1409] Added module for Secure Web Proxy (rosmo)
  • [#1420] Move net-dedicated-vlan-attachment module to net-vlan-attachment and … (apichick)
  • [#1434] Add subnets id output, expand net-address outputs (juliocc)
  • [#1432] Make internal/external addresses optional in compute-vm (juliocc)
  • [#1428] Added support for PSC negs in net-ilb-l7 module (apichick)
  • [#1430] Fix serverless neg example in ILB L7 module (ludoo)
  • [#1426] Add custom tag support to FAST (ludoo)
  • [#1423] Add support for Log Analytics on logging-bucket module and bump provider version (lcaggio)
  • [#1425] Small fixes (ludoo)
  • [#1419] Fix NLB module (ludoo)
  • [#1418] Network Load Balancer module (ludoo)

TOOLS

  • [#1496] Allow using a separate resource for boot disk in compute-vm module (ludoo)
cloud-foundation-fabric - v23.0.0

Published by ludoo over 1 year ago

In this release:

BLUEPRINTS

  • [#1410] incompatible change: Ensure all modules have an id output (ludoo)
  • [#1390] HA VPN over Interconnect modules and blueprint (sruffilli)

DOCUMENTATION

FAST

  • [#1414] Bump GH TF version to coincide with module requirements (davideasaf)
  • [#1400] Add default googleapi route creation to net-vpc (juliocc)

MODULES

  • [#1417] Remove hardcoded description from instance groups created under net-ilb (LucaPrete)
  • [#1415] Add notice to net-ilb module on routes (ludoo)
  • [#1403] add alloydb module (prabhaarya)
  • [#1411] Add networksecurity to JIT identity list (rosmo)
  • [#1410] incompatible change: Ensure all modules have an id output (ludoo)
  • [#1405] Added comment in the dns module, saying that inbound/outbound server … (apichick)
  • [#1407] Multiple Updates in READMEs and wording (bluPhy)
  • [#1390] HA VPN over Interconnect modules and blueprint (sruffilli)
  • [#1404] Add trigger SA for Cloud Run (wiktorn)
  • [#1400] Add default googleapi route creation to net-vpc (juliocc)

TOOLS

  • [#1410] incompatible change: Ensure all modules have an id output (ludoo)
cloud-foundation-fabric - v22.0.0

Published by juliocc over 1 year ago

What's Changed

BLUEPRINTS

  • [#1389] Bump requests from 2.28.1 to 2.31.0 in /blueprints/cloud-operations/network-dashboard/src (dependabot[bot])
  • [#1388] Firewall Validator fix target_service_accounts ref (afda16)
  • [#1382] chore: update mlops blueprint metadata (bharathkkb)
  • [#1380] Minimal Data Platform - Make components optional (lcaggio)
  • [#1378] Updates to blueprints/data-solutions/shielded-folder (bluPhy)
  • [#1375] Several updates (bluPhy)
  • [#1365] feat(net-cloudnat): add toggle for independent endpoint mapping and dynamic port allocation (JSchwerberg)
  • [#1362] Add Minimal Data Platform blueprint (lcaggio)
  • [#1364] Cloud Run services in service projects (juliodiez)
  • [#1358] update variables files for gke nodepool taints (jackspyder)
  • [#1359] Blueprint metadata validator (juliocc)
  • [#1355] Fix Shielded Folder - VertexML interoperability (lcaggio)
  • [#1353] fix in IAM binding of Apigee BigQuery analytics blueprint (apichick)
  • [#1346] incompatible change: FAST: shorten stage 3 prefixes, enforce prefix length in stage 3s (ludoo)
  • [#1345] chore: update metadata schema (bharathkkb)
  • [#1343] Fix because of changes in the cloud functions module and the Apigee a… (apichick)
  • [#1342] Add directory to vertex-mlops blueprint metadata (juliocc)
  • [#1337] Improve Vertex mlops blueprint (lcaggio)
  • [#1338] Set all resource requests to the autopilot minimum as the existing va… (apichick)
  • [#1330] Separating GKE Standard and Autopilot Modules (avinashkumar1289)
  • [#1334] Rename mlops blueprint providers file (ludoo)
  • [#1333] Add providers to vertex-mlops blueprint (juliocc)
  • [#1331] IAP for Cloud Run GA (juliodiez)
  • [#1309] [DataPlatform] Fix data-eng role on orchestration project (lcaggio)
  • [#1323] fix: create log-export-dataset on shielded-folder when no ecryption keys are defined (bgdanix)
  • [#1319] Fixed wait_time in locust script (apichick)
  • [#1312] add firewall enforcement variable to VPC (fawzihmouda)
  • [#1305] add missing enable_addons reference in gke blueprint for multitenant-… (jackspyder)
  • [#1306] Support new fields in bigquery module, bump provider versions, unpin local provider (ludoo)
  • [#1293] Refactor cloud run module to use optionals and support all features (ludoo)
  • [#1289] incompatible change: Network Dashboard improvements and bug fixing (simonebruzzechesse)
  • [#1283] Fixed permissions of files created (apichick)
  • [#1274] Add support for VPC Connector and different monitoring project to network dashboard deploy (ludoo)

DOCUMENTATION

FAST

  • [#1394] Allow setting identities in VPC SC module egress policies (ludoo)
  • [#1391] fix(stages): only add sandbox SA when sandbox feature is enabled (gustavovalverde)
  • [#1385] Add conditional org admin role to sandbox SA (ludoo)
  • [#1383] Allows groups from other orgs/domains (drebes)
  • [#1375] Several updates (bluPhy)
  • [#1376] fixed permissions for security stage SA (alx13)
  • [#1367] fix routes priority typo (fawzihmouda)
  • [#1358] update variables files for gke nodepool taints (jackspyder)
  • [#1352] incompatible change: Switch FAST networking stages to network policies for Google domains (ludoo)
  • [#1346] incompatible change: FAST: shorten stage 3 prefixes, enforce prefix length in stage 3s (ludoo)
  • [#1344] Add logging details to bootstrap outputs (juliocc)
  • [#1324] Fix typo in FAST cicd extra stage variable name (ludoo)
  • [#1328] Strip org name from deploy key repo in FAST cicd stage (ludoo)
  • [#1318] Allow longer org prefix plus tenant prefix (derailed-dash)
  • [#1315] Fix stage links script for multitenant stages (ludoo)
  • [#1313] Fixed typo in readme for FAST multitenant (derailed-dash)
  • [#892] Add network NVA NCC stage (LucaPrete)
  • [#1285] Update YAML schema for hierarchical firewall rules (sruffilli)
  • [#1284] Update Provider and Terraform variables section in FAST project factory (gcardamone)

MODULES

  • [#1395] allow to configure stack type in GKE autopilot (NitriKx)
  • [#1394] Allow setting identities in VPC SC module egress policies (ludoo)
  • [#1387] Add default Cloud Build SA to project module (juliocc)
  • [#1386] Support CMEK encryption in logging-bucket module (afda16)
  • [#1375] Several updates (bluPhy)
  • [#1372] Cloud NAT rules support (juliocc)
  • [#1374] added the export_public_ip_routes variable in the net-vpc-peering mod… (itManuel)
  • [#1373] Made available CPUs configurable in Cloud Functions module (apichick)
  • [#1365] feat(net-cloudnat): add toggle for independent endpoint mapping and dynamic port allocation (JSchwerberg)
  • [#1367] fix routes priority typo (fawzihmouda)
  • [#1360] Add support for Shared VPC in Cloud Run (juliodiez)
  • [#1329] fix: Change net-glb serve_while_stale type to number (tobbbles)
  • [#1308] Add cloud dataplex module (prabhaarya)
  • [#1352] incompatible change: Switch FAST networking stages to network policies for Google domains (ludoo)
  • [#1349] Enhance GKE Backup Configuration Support (tacchino)
  • [#1348] Ignore entire node config in standard cluster (ludoo)
  • [#1337] Improve Vertex mlops blueprint (lcaggio)
  • [#1330] Separating GKE Standard and Autopilot Modules (avinashkumar1289)
  • [#1336] Certificate renewal through terraform (bjohnrl)
  • [#1335] Inconsistent conditional result types error in net-vpc module (jamesmao-xyz)
  • [#1332] Add CMEK support on Secret manager module (lcaggio)
  • [#1326] Remove net-interconnect-attachment-direct (juliocc)
  • [#1322] Add inventories to net-vpc-firewall tests (juliocc)
  • [#1320] issue #1303: net-vpc-firewall module supporting source and destination ranges (ajlopezn)
  • [#1312] add firewall enforcement variable to VPC (fawzihmouda)
  • [#1310] Use labels var in cloud-run module (LiuVII)
  • [#1306] Support new fields in bigquery module, bump provider versions, unpin local provider (ludoo)
  • [#1301] Add ability to run vtysh from simple-nva vm directly when frr is active (LucaPrete)
  • [#1300] Fix vtysh (LucaPrete)
  • [#1299] Fix urlmap in ILB L7 module (ludoo)
  • [#1298] Add sample vtysh file to remove warnings (LucaPrete)
  • [#1293] Refactor cloud run module to use optionals and support all features (ludoo)
  • [#1287] incompatible change: Add support for backup and remove deprecated control plane field in GKE module (valeriobponza)
  • [#1295] Load all service agents identities from yaml (juliocc)
  • [#1294] Add Cloud Batch service identity (wiktorn)
  • [#1280] Add Dataplex Service Identity (wiktorn)
  • [#1282] Added local firewall management (iptables) on the NVA for dealing with COS default deny on inbound connections (simonebruzzechesse)
  • [#1281] Use unique bundle name for Cloud Function (wiktorn)
  • [#1278] DNS policy module fixes (ludoo)
  • [#1276] DNS Response Policy module (ludoo)

TOOLS

New Contributors

Full Changelog: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v21.0.0...v22.0.0

cloud-foundation-fabric - v21.0.0

Published by juliocc over 1 year ago

BLUEPRINTS

  • [#1272] Removed repeated command in script used to deploy API proxy (apichick)
  • [#1261] Fix variable terraform.tfvars.sample (dedeco)
  • [#1257] Fixes related to boot_disk in compute-vm module (apichick)
  • [#1256] incompatible change: Pin local provider (ludoo)
  • [#1245] Composer-2 - Fix 1236 (lcaggio)
  • [#1243] Autopilot fixes (apichick)
  • [#1241] incompatible change: Allow using existing boot disk in compute-vm module (ludoo)
  • [#1218] Small fixes on Network Dashboard cloud function code (simonebruzzechesse)
  • [#1229] Removed unnecessary files (apichick)
  • [#1227] Add CMEK support on BQML blueprint (lcaggio)
  • [#1225] Fix on bqml demo (gioconte)
  • [#1217] Added autopilot blueprint (apichick)
  • [#1210] Blueprint - BigQuery ML and Vertex AI Pipeline (lcaggio)
  • [#1208] Fix outdated go deps, dependabot alerts (averbuks)
  • [#1150] Blueprint: GLB hybrid NEG internal (LucaPrete)
  • [#1201] Add missing tfvars template to the tfc blueprint (averbuks)
  • [#1196] Fix compute-vm:CloudKMS test for provider>=4.54.0 (dan-farmer)
  • [#1189] Update healthchecker deps (dependabot alerts) (averbuks)
  • [#1184] incompatible change: Allow multiple peer gateways in VPN HA module (ludoo)
  • [#1143] Test blueprints from README files (juliocc)
  • [#1181] Bump golang.org/x/sys from 0.0.0-20220310020820-b874c991c1a5 to 0.1.0 in /blueprints/cloud-operations/unmanaged-instances-healthcheck/function/healthchecker (dependabot[bot])
  • [#1180] Bump golang.org/x/sys from 0.0.0-20220310020820-b874c991c1a5 to 0.1.0 in /blueprints/cloud-operations/unmanaged-instances-healthcheck/function/restarter (dependabot[bot])
  • [#1175] Serverless networking program (juliodiez)
  • [#1179] Added a PSC GCLB example (cgrotz)
  • [#1165] DataPlatform: Support project creation (lcaggio)
  • [#1167] incompatible change: Simplify org policies in resource management modules (juliocc)
  • [#1161] Additional documentation for the Data Platform Dataflow pipeline example (aymanfarhat)
  • [#1154] Workaround to mitigate provider issue 9164 (lcaggio)
  • [#1146] Serverless networking program (juliodiez)
  • [#1142] Fix bq factory docs (juliocc)
  • [#1138] New compute-vm examples and tests (juliocc)
  • [#1132] Add descriptive name as optional argument (paulwoelfel)
  • [#1105] [Feature] Update data platform blue print with Dataflow Flex template (aymanfarhat)
  • [#1129] Update KMS blueprint (lcaggio)

DOCUMENTATION

  • [#1257] Fixes related to boot_disk in compute-vm module (apichick)
  • [#1248] Add link to public serverless networking guide (juliodiez)
  • [#1232] Network firewall policy module (ludoo)
  • [#1230] Update contributing guide with new test framework (juliocc)
  • [#1221] FAQ on installing Fast on a non-empty org (skalolazka)
  • [#1217] Added autopilot blueprint (apichick)
  • [#1210] Blueprint - BigQuery ML and Vertex AI Pipeline (lcaggio)
  • [#1150] Blueprint: GLB hybrid NEG internal (LucaPrete)
  • [#1193] Add reference to Cloud Run blueprints (juliodiez)
  • [#1188] Add reference to Cloud Run blueprints (juliodiez)
  • [#1187] Add references to the serverless chapters (juliodiez)
  • [#1179] Added a PSC GCLB example (cgrotz)
  • [#1165] DataPlatform: Support project creation (lcaggio)
  • [#1145] FAST stage docs cleanup (ludoo)
  • [#1137] incompatible change: Allow configuring regions from tfvars in FAST networking stages (ludoo)
  • [#1105] [Feature] Update data platform blue print with Dataflow Flex template (aymanfarhat)
  • [#1052] incompatible change: FAST multitenant bootstrap and resource management, rename org-level FAST stages (ludoo)

FAST

  • [#1266] FAST plugin system (ludoo)
  • [#1273] Small fixes to FAST Networking stage with NVAs (simonebruzzechesse)
  • [#1265] Fix FAST hub and spoke with VPN networking stage (ludoo)
  • [#1263] Widen scope for prod project factory SA to dev (ludoo)
  • [#1240] feat: Enable populating of data directory and .sample files and update dependencies in 0-cicd-github (antonkovach)
  • [#1249] Document need to set outputs_location explicitly in every stage (ludoo)
  • [#1247] Fast: resman: location and storage class added to GKE GCS buckets (skalolazka)
  • [#1241] incompatible change: Allow using existing boot disk in compute-vm module (ludoo)
  • [#1237] Add missing attribute to FAST onprem VPN examples (ludoo)
  • [#1228] incompatible change: Simplify VPN implementation in FAST networking stages (ludoo)
  • [#1222] Manage billing.creator role authoritatively in FAST bootstrap. (juliocc)
  • [#1213] feat: Add Pull Request support to 0-cicd-github (antonkovach)
  • [#1203] Update subnet sample yaml files to use subnet_secondary_ranges (jmound)
  • [#1212] feat: skip committing unchanged files in 0-cicd-github (antonkovach)
  • [#1211] incompatible change: Add support for proxy and psc subnets to net-vpc module factory (ludoo)
  • [#1209] Billing exclusion support for FAST mt resman (ludoo)
  • [#1207] Allow preventing creation of billing IAM roles in FAST, add instructions on delayed billing association (ludoo)
  • [#1184] incompatible change: Allow multiple peer gateways in VPN HA module (ludoo)
  • [#1165] DataPlatform: Support project creation (lcaggio)
  • [#1170] Add documentation about referring modules stored on CSR (wiktorn)
  • [#1167] incompatible change: Simplify org policies in resource management modules (juliocc)
  • [#1164] fix module_prefix in fast extras 0-cicd-github (antonkovach)
  • [#1162] Fix Terraform formatting and add module_prefix attribute to modules_config (antonkovach)
  • [#1145] FAST stage docs cleanup (ludoo)
  • [#1137] incompatible change: Allow configuring regions from tfvars in FAST networking stages (ludoo)
  • [#1133] Align VPN peer interface to module in FAST net VPN stage (simonebruzzechesse)
  • [#1135] Post PR message in GitHub workflow on init or validate failure (ludoo)
  • [#1134] Fix stage 1 output file names and stage links script (ludoo)
  • [#1128] Remove info about non-existing vpc-peering-*.tf files (skalolazka)
  • [#1052] incompatible change: FAST multitenant bootstrap and resource management, rename org-level FAST stages (ludoo)

MODULES

  • [#1270] Add static gateway id to outputs of VPN ha module (ludoo)
  • [#1269] Ignore changes to metadata.0.annotations in Cloud Run module (juliocc)
  • [#1267] Improvements to NCC-RA spoke module. (LucaPrete)
  • [#1268] simple-nva: add ability to parse BGP configs as strings. (LucaPrete)
  • [#1258] Add backend service names to outputs for net-glb and net-ilb-l7 (rosmo)
  • [#1259] Add support for iam_additive and simplify factory interface in net VPC module (ludoo)
  • [#1255] incompatible change: Change target_vpcs variable in firewall policy module to support dynamic values (ludoo)
  • [#1256] incompatible change: Pin local provider (ludoo)
  • [#1246] Delay creation of SVPC host bindings until APIs and JIT SAs are done (juliocc)
  • [#1241] incompatible change: Allow using existing boot disk in compute-vm module (ludoo)
  • [#1239] Allow overriding name in net-vpc subnet factory (ludoo)
  • [#1226] Fix policy_based_routing.sh script on simple-nva module (simonebruzzechesse)
  • [#1234] Fixed connection tracking configuration on LB backend in net-ilb module (simonebruzzechesse)
  • [#1232] Network firewall policy module (ludoo)
  • [#1219] Network Connectivity Center module (juliodiez)
  • [#1227] Add CMEK support on BQML blueprint (lcaggio)
  • [#1224] Fix JIT notebook service account. (lcaggio)
  • [#1195] Extended simple-nva module to manage BGP service running on FR routing docker container (simonebruzzechesse)
  • [#1211] incompatible change: Add support for proxy and psc subnets to net-vpc module factory (ludoo)
  • [#1206] Dataproc module. Fix output. (lcaggio)
  • [#1205] Fix issue with GKE cluster notifications topic & static output for pubsub module (rosmo)
  • [#1204] Fix url_redirect issue on net-glb module (erabusi)
  • [#1199] [Dataproc module] Fix Variables (lcaggio)
  • [#1200] Add test for #1197 (juliocc)
  • [#1198] Fix secondary ranges in net-vpc readme (ludoo)
  • [#1196] Fix compute-vm:CloudKMS test for provider>=4.54.0 (dan-farmer)
  • [#1194] Fix HTTPS health check mismapped to HTTP in compute-mig and net-ilb modules (jogoldberg)
  • [#1192] Dataproc module: Fix outputs (lcaggio)
  • [#1190] Dataproc Module (lcaggio)
  • [#1191] Fix external gateway in VPN HA module (ludoo)
  • [#1186] Fix Workload Identity for ASM in GKE hub module (valeriobponza)
  • [#1184] incompatible change: Allow multiple peer gateways in VPN HA module (ludoo)
  • [#1177] Implemented conditional dynamic blocks for google_access_context_manager_service_perimeter spec and status (calexandre)
  • [#1178] adding meshconfig.googleapis.com to JIT list. (valeriobponza)
  • [#1174] Don't define nor use health checks with SNEGs (juliodiez)
  • [#1172] Allow to not use any health check (juliodiez)
  • [#1171] Modifications related to autopilot and workload identity. Added workl… (apichick)
  • [#1167] incompatible change: Simplify org policies in resource management modules (juliocc)
  • [#1168] Remove unused attribute from project module README example (juliodiez)
  • [#1166] Fix variable name in VPC-SC module examples (juliodiez)
  • [#1153] net-vpc - add missing iam properties to factory_subnets (jamesdalf)
  • [#1163] Projects-data-source module new version (averbuks)
  • [#1160] Allow additive IAM grants by robots name (wiktorn)
  • [#1158] changed pod_range reference to include secondary_pod_range issue #1157 (chemapolo)
  • [#1156] Add 'max_time_travel_hours ' support on BQ module (lcaggio)
  • [#1151] Add example about referencing existing MIGs to net-ilb module readme (LucaPrete)
  • [#1149] Add documentation about JIT-ed service accounts (wiktorn)
  • [#1131] Add Autopilot Support for cluster_autoscaling Configuration in GKE Module (tacchino)
  • [#1140] CloudSQL Backup Configuration: Support Point In Time Recovery (tacchino)
  • [#1147] Fix gke-cluster dns config feature (juliocc)
  • [#1144] Fixes for service-mesh example in gke-hub (wiktorn)
  • [#1138] New compute-vm examples and tests (juliocc)
  • [#1052] incompatible change: FAST multitenant bootstrap and resource management, rename org-level FAST stages (ludoo)

TOOLS

  • [#1266] FAST plugin system (ludoo)
  • [#1242] Remove container image workflows (kunzese)
  • [#1231] Simplify testing workflow (juliocc)
  • [#1216] Use composite action for test workflow prerequisite steps (ludoo)
  • [#1215] Try plugin cache, split examples tests (ludoo)
  • [#1211] incompatible change: Add support for proxy and psc subnets to net-vpc module factory (ludoo)
  • [#1209] Billing exclusion support for FAST mt resman (ludoo)
  • [#1208] Fix outdated go deps, dependabot alerts (averbuks)
  • [#1182] Bump actions versions (juliocc)
  • [#1052] incompatible change: FAST multitenant bootstrap and resource management, rename org-level FAST stages (ludoo)

New Contributors

Full Changelog: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v20.0.0...v21.0.0

cloud-foundation-fabric - v20.0.0

Published by ludoo over 1 year ago

This is the last release before renaming FAST stages. Changes in this release:

BLUEPRINTS

  • [#1038] Vertex Pipelines MLOps framework blueprint (javiergp)
  • [#1124] Removed unused file package-lock.json (apichick)
  • [#1119] incompatible change: Multi-Cluster Ingress gateway api config (wiktorn)
  • [#1111] incompatible change: In the apigee module now both the /22 and /28 peering IP ranges are p… (apichick)
  • [#1106] Network Dashboard: PSA support for Filestore and Memorystore (aurelienlegrand)
  • [#1110] Bump cookiejar from 2.1.3 to 2.1.4 in /blueprints/apigee/bigquery-analytics/functions/export (dependabot[bot])
  • [#1097] Use terraform resource to activate Anthos Service Mesh (wiktorn)
  • [#1104] Updated apigee hybrid for gke README (apichick)
  • [#1107] Check linting for Python dashboard files (ludoo)
  • [#1102] Improvements in apigee hybrid-gke: now using workload identity and GLB (apichick)
  • [#1098] Add shared-vpc support on data-playground blueprint (lcaggio)
  • [#1095] [Data Platform] Fix Table in readme (lcaggio)
  • [#1089] Update Data Platform (lcaggio)
  • [#1081] Apigee hybrid on GKE (apichick)
  • [#1082] Fixes in Apigee Bigquery Analytics blueprint (apichick)
  • [#1071] Moved apigee bigquery analytics blueprint, added apigee network patterns (apichick)
  • [#1073] Allow setting no ranges in firewall module custom rules (ludoo)
  • [#1072] incompatible change: Add gc_policy to Bigtable module, bump provider versions to 4.47 (iht)
  • [#1063] Network dashboard: PSA ranges support, starting with Cloud SQL (aurelienlegrand)
  • [#1062] Fixes for GKE (wiktorn)
  • [#1060] Update src/README.md for Network Dashboard (aurelienlegrand)
  • [#1020] Networking dashboard and discovery tool refactor (ludoo)

DOCUMENTATION

FAST

  • [#1118] Add missing logging admin role for initial user (ludoo)
  • [#1099] Fix destroy in stage 1 outputs (ludoo)
  • [#1089] Update Data Platform (lcaggio)
  • [#1085] fix restricted services not being added to the perimeter configurations (drebes)
  • [#1057] Adding new file FAQ and an image (agutta)
  • [#1054] FAST: fix typo in bootstrap stage README (agutta)
  • [#1051] FAST: add instructions for billing export to stage 0 README (KPRepos)

MODULES

  • [#1127] Skip node config for autopilot (ludoo)
  • [#1125] Added mesh_certificates setting in GKE cluster (rosmo)
  • [#1094] Added GLB example with MIG as backend (eliamaldini)
  • [#1119] incompatible change: Multi-Cluster Ingress gateway api config (wiktorn)
  • [#1111] incompatible change: In the apigee module now both the /22 and /28 peering IP ranges are p… (apichick)
  • [#1116] Include cloudbuild API in project module (aymanfarhat)
  • [#1115] add new parameters support in apigee module (blackillzone)
  • [#1112] Add HTTPS frontend with SNEG example (juliodiez)
  • [#1097] Use terraform resource to activate Anthos Service Mesh (wiktorn)
  • [#1101] First batch of testing updates to core modules (juliocc)
  • [#1098] Add shared-vpc support on data-playground blueprint (lcaggio)
  • [#1096] [VPC-SC] Add support for scoped Policies (lcaggio)
  • [#1093] Added tags to gke-cluster module (apichick)
  • [#1078] Fixed delete_rule in compute-mig module for stateful disks (rosmo)
  • [#1080] Added device_name field to compute-vm attached_disks parameter (rosmo)
  • [#1079] Reorder org policy rules (juliocc)
  • [#1075] incompatible change: Add cluster replicas to Bigtable module. (iht)
  • [#1073] Allow setting no ranges in firewall module custom rules (ludoo)
  • [#1072] incompatible change: Add gc_policy to Bigtable module, bump provider versions to 4.47 (iht)
  • [#1070] Fix MIG health check variable (ludoo)
  • [#1069] Allow tables with several column families in Bigtable (iht)
  • [#1068] Added endpoint_attachment_hosts output to apigee module (apichick)
  • [#1067] Corrected load balancing scheme in backend service (apichick)
  • [#1066] Refactor GCS module and tests for Terraform 1.3 (ludoo)
  • [#1062] Fixes for GKE (wiktorn)
  • [#1061] incompatible change: Allow using dynamically generated address in LB modules NEGs (ludoo)
  • [#1059] Read ranges from correct fields in firewall factory (juliocc)
  • [#1056] Feature - CloudSQL pre-allocation private IP range and GKE Cluster ignore_change lifecycle hook. (itsavvy-ankur)

TOOLS

  • [#1107] Check linting for Python dashboard files (ludoo)
  • [#1101] First batch of testing updates to core modules (juliocc)
  • [#1091] Fix check_documentation output (juliocc)
  • [#1053] Extend inventory-based testing to examples (juliocc)
cloud-foundation-fabric - v19.0.0

Published by juliocc almost 2 years ago

Highlights in this release:

  • Core modules (project, organization, folder, net-vpc, net-firewall, etc) updated to support Terraform 1.3 optional() attributes. The API for these modules is now simpler while at the same time exposing more functionalities of the underlying resources.
  • New simplified testing framework.
  • Many small fixes.

For details on changes please see our CHANGELOG.

cloud-foundation-fabric - v18.0.0

Published by ludoo about 2 years ago

This is our most comprehensive release to date, for details on changes please see our CHANGELOG.

cloud-foundation-fabric - v16.0.0

Published by ludoo over 2 years ago

In this release

  • add support for Spot VMs to gke-nodepool module
  • incompatible change add support for Spot VMs to compute-vm module
  • SQL Server AlwaysOn availability groups example
  • fixed Terraform change detection in CloudSQL when backup is disabled
  • allow multiple CIDR blocks in the ip_range for Apigee Instance
  • add prefix to project factory SA bindings
  • incompatible change subnets_l7ilb variable is deprecated in the net-vpc module, instead subnets_proxy_only variable should be used
  • add support for Private Service Connect and Proxy-only subnets to net-vpc module
  • bump Google provider versions to >= 4.17.0
  • bump Terraform version to >= 1.1.0
  • add shielded_instance_config support for instance template on compute-vm module
  • add support for gke_backup_agent_config to GKE module addons
  • add support for subscription filters to PubSub module
  • refactor Hub and Spoke with VPN example
  • fix tfdoc parsing on newllines in outputs
  • fix subnet factory example in vpc module README
  • fix condition in subnet factory flow logs
  • added new example on GLB and Cloud Armor
  • revamped and expanded Contributing Guide

FAST

  • add support for Workload Identity Federation and CI/CD repositories
  • simplify VPN tunnel configuration in the Hub and Spoke VPN network stage
  • fix subnet YAML schema
cloud-foundation-fabric - v15.0.0

Published by sruffilli over 2 years ago

In this release:

  • incompatible change the variable for PSA ranges in the net-vpc module has changed to support configuring peering routes
  • fix permadiff in net-vpc-firewall module rules
  • new gke-hub module
  • new unmanaged-instances-healthcheck example
  • add support for IAM to data-catalog-policy-tag module
  • add support for IAM additive to folder module, fixes #580
  • optionally turn off gcplogs driver in COS modules
  • fix tag output on data-catalog-policy-tag module
  • add shared-vpc support on gcs-to-bq-with-least-privileges
  • new net-ilb-l7 module

FAST

  • new 02-networking-peering networking stage
  • incompatible change the variable for PSA ranges in networking stages have changed
Package Rankings
Top 4.61% on Proxy.golang.org
Related Projects
terraform-ibm-ocp-all-inclusive

A wrapper module around several other modules, which sets up an OpenShift cluster

21 Feb 2023 1
terraform-google-cloud-run

Deploys apps to Cloud Run, along with option to map custom domain

27 Jun 2021 126
terraform-aws-eks-blueprints

Configure and deploy complete EKS clusters.

06 Apr 2021 2,673
hashicorp-stack-demoapp

HashiCorp Cloud Platform (Vault, Consul, Boundary) with Argo CD and Kubernetes

20 Oct 2020 80
monorepo

Various technology deployments, tools & code

11 Aug 2018 5
terraform-aws-starter

Get started quickly with AWS infrastructure using a robust Terraform starter kit incorporating se...

02 Jul 2023 20
terraform-ibm-base-ocp-vpc

Provisions a Red Hat OpenShift VPC cluster on IBM Cloud

13 Feb 2023 1
terraform-opentelekomcloud-project-factory

This repository helps to create an OTC-based cloud-native infrastructure landscape with Kubernete...

28 Apr 2021 82
terraform-databricks-examples

Examples of using Terraform to deploy Databricks resources

10 Jun 2022 205
terraform-google-cloud-functions

Deploys Cloud Functions (Gen 2)

05 Jan 2023 30
terraform-ibm-cloudability-onboarding

A deployable architecture which will fully onboard a standard or enterprise IBM Cloud account to ...

30 Aug 2024 0
terraform-google-anthos-vm

Creates VMs on Anthos Bare Metal clusters

25 Oct 2022 7
aws-eks-base

This boilerplate contains terraform configurations for the rapid deployment of a Kubernetes clust...

08 Mar 2021 628