Releases: terraform-google-modules/terraform-example-foundation
Releases · terraform-google-modules/terraform-example-foundation
v4.0.0
4.0.0 (2024-01-10)
⚠ BREAKING CHANGES
- Add support for Log Analytics and Remove BigQuery log destination (#1025)
- Enable CMEK for Terraform state buckets (#1030)
- Network Refactoring (#991)
- deps: update terraform terraform-google-modules/network/google to v7 (#956)
Features
- add assured workload example (#934) (be568ab)
- add instructions for deployment using GitHub Actions (#955) (56450bd)
- add instructions for deployment using GitLab pipelines (#1047) (0805878)
- add support for fine grained configuration of VPC-flow logs (#1035) (ee3a1d8)
- Add support for Log Analytics and Remove BigQuery log destination (#1025) (25c61c4)
- Add support to proxy-only subnetworks and new IP CIDR allocation (#1040) (79b217e)
- CAI Monitoring Cloud Function (#1015) (141f067)
- change budget alerts to alarm by forecast (#1037) (8a4c106)
- Change old firewall to new network-firewall (#1041) (f2469c1)
- create projects for KMS resources (#1032) (f16e805)
- create subfolders for business units in 4-projects step (#1039) (06084be)
- deps: Expand Terraform Google Provider to v5 (major) (#1004) (511f5cb)
- deps: Update Terraform google to v5 (#1059) (87f3832)
- Enable CMEK for Terraform state buckets (#1030) (63906d8)
- Firewall policy rule with resource manager tag (#1005) (a92e31b)
- implementing terraform cloud deploy with agents (#1034) (2c96a2f)
- make sed and find commands portable between Linux (GNU) and Mac OS (BSD) (#1043) (62e8c23)
- Network Refactoring (#991) (5f698ed)
- Remove "compute.disableGuestAttributesAccess" org policy (#1019) (9fac80f)
- update tf-wrapper.sh script to deal with generic folder hierarchy (#992) (4d7e822)
Bug Fixes
- add cloud build bucket location (#921) (cf3f117)
- add VPC Flow logs exceptions for REGIONAL_MANAGED_PROXY and INTERNAL_HTTPS_LOAD_BALANCER (#976) (dd4ff91)
- alternative deployment methods minor issues fix (#1065) (e09d174)
- change priority of 'allow-google-apis' firewall rules to prevent collision with the deny all rule (#972) (7205518)
- CI: bump request_timeout for 1-org (#1070) (336487b)
- correct terraform required_version for optional (#1003) (5ef089c)
- deps: update terraform terraform-google-modules/network/google to v7 (#956) (2f54ad6)
- Fix missing Terraform module attribution (#973) (d1d2973)
- replace text example of private key with an image in the jenkins readme (#1027) (325785c)
- set the build timeout for the build that creates the Terraform and gcloud image to 20 minutes (#1071) (7f5ce28)
v3.0.0
3.0.0 (2022-12-16)
⚠ BREAKING CHANGES
- use random_project_id_length (#891)
- remove unused variables in network-dual-svpc/shared (#853)
- bump min TF version to 1.3.0 and use optionals (#831)
- use remote state to read data from previous steps (#782)
- Configure bring your own service account in bootstrap (#777)
- add granular service accounts (#724)
- deps: update terraform null to v3 (#750)
- use branch main for the gcp-policies repository and use controller for Jenkins master (#738)
- split network step (#735)
Features
- add granular service accounts (#724) (4c84d80)
- add optional groups creation (#757) (5d9f867)
- Add support for new organization policies (#863) (9c17c13)
- Add support for tags (#829) (a0604b3)
- Bring your on Service Account for the App Infra Pipeline (#824) (0d6be42)
- bump min TF version to 1.3.0 and use optionals (#831) (6207113)
- Configure bring your own service account in bootstrap (#777) (015fe3d)
- Create a workspace for 0-bootstrap (#866) (6e9c575)
- Create base environment module for step 4-projects (#669) (7a533bf)
- default configuration for VPC-SC should have all supported services (#864) (a496744)
- deps: update terraform null to v3 (#750) (b2e8bfc)
- Enable Essential Contacts (#783) (86fcb2a)
- Feature/private service connect module (#722) (b3b9145)
- ingress egress support for vpc sc (#784) (c6f12e2)
- Inline App Infra Pipeline
sa_roles
(#867) (33a6619) - Modularize logging components (#781) (a1d636e)
- new org policies (#791) (878da45)
- Refactor/centralized network variable (#665) (cdb97bf)
- remove default SA editor role from Seed and CICD projects (#896) (465d3dd)
- Remove redundant optional firewall rules (#647) (6e17729)
- split network step (#735) (512430b)
- update 3-networks to support TPG 4 and other updates (#733) (d940f6e)
- update document and script to use gcloud beta terraform vet (#729) (d1a56d4)
- use branch main for the gcp-policies repository and use controller for Jenkins master (#738) (afc9d71)
- Use Cloud build private pools (#868) (ca06365)
- use random_project_id_length (dd063aa)
- use random_project_id_length (#891) (dd063aa)
- use remote state to read data from previous steps (#782) (a761a99)
- validate requirements script (#765) (84bbd25)
Bug Fixes
terraform-example-foundation v2.3.1
terraform-example-foundation v2.3.0
terraform-example-foundation v2.2.0
v2.1.2
terraform-example-foundation v2.1.1
terraform-example-foundation v2.1.0
v2.0.1
terraform-example-foundation v2.0.0
Features
- 4-projects GCS CMEK example (#346) (d74ff33)
- add FAQ, Glossary & Troubleshooting docs (#466) (57643a6)
- Add GAR in infra pipelines and tests (#395) (2a2e4fe)
- Add hub and spoke network architecture (#298) (d9468db)
- add iam.automaticIamGrantsForDefaultServiceAccounts org policy constraint (#386) (f6b0387)
- Add log export GCS bucket object versioning (#317) (cb0e622)
- add Shielded VMs & OS Login org policies (#283) (07a201e)
- Add step 5-app-infra (#382) (fd5329c)
- add support for hierarchical firewall policies (#343) (e7bb1bc)
- Add terraform validator and add policy-library (#263) (f220588)
- Adds prefix to projects and folder name (#289) (66dacf2)
- App Infra pipelines (#337) (c3b19e8)
- enable hub & spoke transitivity via gateway VMs (#322) (f6cd9ad)
- example-foundations test modes (#309) (34a6d75)
- implement support for Partner Interconnect (#345) (70501ec)
- Make BigQuery log destinations partitioned (#277) (f40c5fe)
- Move Cloud Source Repo definition to variable. (#302) (48037c9)
- Replace container registry with artifact registry in CloudBuild (#367) (6b6469b)
- Update terraform-validator version, instructions and CMEK bucket (#397) (8f7c58e)
- updates to support TF 0.13 (#268) (c5c6c6c)
Bug Fixes
- 1-org README.md add setting up Security Command Center to Prerequisites (#467) (ee04cb5)
- add bucket prefix for bootstrap (#407) (03bd05a)
- add cloudbuild api to seed proj (#358) (1fda12b)
- add CMEK project name prefix and root readme project names (#414) (141c059)
- add impersonate to gcloud builds submit command in infra-pipeline module (#458) (1d3fbf8)
- add infra pipeline CB SA role test (#450) (e30fe8c)
- add missing google apis to policy constraint (#370) (2ac0466)
- Add missing symlink in shared network env (#328) (48c2318)
- add network fixture prepare to lint test (#323) (c120d55)
- add standalone repo for terraform-validator policies (#403) (b170478)
- Adding KMS API in bootstrap project (#385) (39b8da3)
- Bugfix/fix 4-projects issues (#374) (f5f5224)
- clone policies repo once per build (#329) (3e95111)
- default sa deprivilege (ea5fcc2)
- Documentation fixes (#327) (ce610d0)
- Documentation language inconsistencies, typos and tests (#419) ([71b633f](https://www.github.com/terraform-google-modules/terraform-example-foundation/commit/71b633f...