diff --git a/fast/stage-links.sh b/fast/stage-links.sh index 5222c3d3ec..b690066d3b 100755 --- a/fast/stage-links.sh +++ b/fast/stage-links.sh @@ -90,13 +90,13 @@ case $STAGE_NAME in "3-network-security"*) if [[ -z "$TENANT" ]]; then echo "# if this is a tenant stage, set a \$TENANT variable with the tenant shortname and run the command again" - PROVIDER="providers/3-nsec-providers.tf" + PROVIDER="providers/3-network-security-providers.tf" TFVARS="tfvars/0-bootstrap.auto.tfvars.json tfvars/1-resman.auto.tfvars.json tfvars/2-networking.auto.tfvars.json" else unset GLOBALS - PROVIDER="tenants/$TENANT/providers/3-nsec-providers.tf" + PROVIDER="tenants/$TENANT/providers/3-network-security-providers.tf" TFVARS="tenants/$TENANT/tfvars/0-bootstrap-tenant.auto.tfvars.json tenants/$TENANT/tfvars/1-resman.auto.tfvars.json tenants/$TENANT/tfvars/2-networking.auto.tfvars.json" diff --git a/fast/stages/1-resman/README.md b/fast/stages/1-resman/README.md index b0c10ed2a5..8ece319453 100644 --- a/fast/stages/1-resman/README.md +++ b/fast/stages/1-resman/README.md @@ -232,6 +232,7 @@ A full reference of IAM roles managed by this stage [is available here](./IAM.md | name | description | modules | resources | |---|---|---|---| +| [1-resman-providers.tf](./1-resman-providers.tf) | None | | | | [billing.tf](./billing.tf) | Billing resources for external billing use cases. | | google_billing_account_iam_member | | [branch-data-platform.tf](./branch-data-platform.tf) | Data Platform stages resources. | folder · gcs · iam-service-account | | | [branch-gcve.tf](./branch-gcve.tf) | GCVE stage resources. | folder · gcs · iam-service-account | | @@ -294,7 +295,7 @@ A full reference of IAM roles managed by this stage [is available here](./IAM.md | [gke_multitenant](outputs.tf#L458) | Data for the GKE multitenant stage. | | 03-gke-multitenant | | [networking](outputs.tf#L479) | Data for the networking stage. | | | | [project_factories](outputs.tf#L488) | Data for the project factories stage. | | | -| [providers](outputs.tf#L507) | Terraform provider files for this stage and dependent stages. | ✓ | 02-networking · 02-security · 03-dataplatform · 03-nsec | +| [providers](outputs.tf#L507) | Terraform provider files for this stage and dependent stages. | ✓ | 02-networking · 02-security · 03-dataplatform · 03-network-security | | [sandbox](outputs.tf#L514) | Data for the sandbox stage. | | xx-sandbox | | [security](outputs.tf#L528) | Data for the networking stage. | | 02-security | | [tfvars](outputs.tf#L539) | Terraform variable files for the following stages. | ✓ | | diff --git a/fast/stages/1-resman/outputs.tf b/fast/stages/1-resman/outputs.tf index 80ab4435d8..4dac75cef8 100644 --- a/fast/stages/1-resman/outputs.tf +++ b/fast/stages/1-resman/outputs.tf @@ -89,8 +89,8 @@ locals { plan = try(module.branch-nsec-r-sa-cicd[0].email, null) } tf_providers_files = { - apply = "3-nsec-providers.tf" - plan = "3-nsec-r-providers.tf" + apply = "3-network-security-providers.tf" + plan = "3-network-security-r-providers.tf" } tf_var_files = local.cicd_workflow_var_files.stage_3 } @@ -209,16 +209,16 @@ locals { name = "security" sa = module.branch-security-r-sa.email }) - "3-nsec" = templatefile(local._tpl_providers, { + "3-network-security" = templatefile(local._tpl_providers, { backend_extra = null bucket = module.branch-nsec-gcs.name - name = "nsec" + name = "network-security" sa = module.branch-nsec-sa.email }) - "3-nsec-r" = templatefile(local._tpl_providers, { + "3-network-security-r" = templatefile(local._tpl_providers, { backend_extra = null bucket = module.branch-network-gcs.name - name = "nsec" + name = "network-security" sa = module.branch-nsec-r-sa.email }) }, @@ -370,8 +370,8 @@ locals { gke-dev-r = try(module.branch-gke-dev-r-sa[0].email, null) gke-prod = try(module.branch-gke-prod-sa[0].email, null) gke-prod-r = try(module.branch-gke-prod-r-sa[0].email, null) - nsec = module.branch-nsec-sa.email - nsec-r = module.branch-nsec-r-sa.email + nsec = module.branch-nsec-sa.email + nsec-r = module.branch-nsec-r-sa.email networking = module.branch-network-sa.email networking-r = module.branch-network-r-sa.email project-factory = try(module.branch-pf-sa[0].email, null) @@ -505,7 +505,7 @@ output "project_factories" { # ready to use provider configurations for subsequent stages output "providers" { - # tfdoc:output:consumers 02-networking 02-security 03-dataplatform 03-nsec + # tfdoc:output:consumers 02-networking 02-security 03-dataplatform 03-network-security description = "Terraform provider files for this stage and dependent stages." sensitive = true value = local.providers diff --git a/fast/stages/3-network-security/README.md b/fast/stages/3-network-security/README.md index 6b4de40e0c..6e9a519059 100644 --- a/fast/stages/3-network-security/README.md +++ b/fast/stages/3-network-security/README.md @@ -57,7 +57,7 @@ The commands to link or copy the provider and terraform variable files can be ea # copy and paste the following commands for '3-network-security' -ln -s ~/fast-config/providers/3-nsec-providers.tf ./ +ln -s ~/fast-config/providers/3-network-security-providers.tf ./ ln -s ~/fast-config/tfvars/0-globals.auto.tfvars.json ./ ln -s ~/fast-config/tfvars/0-bootstrap.auto.tfvars.json ./ ln -s ~/fast-config/tfvars/1-resman.auto.tfvars.json ./ @@ -69,7 +69,7 @@ ln -s ~/fast-config/tfvars/2-networking.auto.tfvars.json ./ # copy and paste the following commands for '3-network-security' -gcloud storage cp gs://xxx-prod-iac-core-outputs-0/providers/3-nsec-providers.tf ./ +gcloud storage cp gs://xxx-prod-iac-core-outputs-0/providers/3-network-security-providers.tf ./ gcloud storage cp gs://xxx-prod-iac-core-outputs-0/tfvars/0-globals.auto.tfvars.json ./ gcloud storage cp gs://xxx-prod-iac-core-outputs-0/tfvars/0-bootstrap.auto.tfvars.json ./ gcloud storage cp gs://xxx-prod-iac-core-outputs-0/tfvars/1-resman.auto.tfvars.json ./ @@ -143,7 +143,6 @@ ngfw_enterprise_config = { | name | description | modules | resources | |---|---|---|---| -| [3-nsec-providers.tf](./3-nsec-providers.tf) | None | | | | [main.tf](./main.tf) | Next-Generation Firewall Enterprise configuration. | project | google_network_security_firewall_endpoint | | [net-dev.tf](./net-dev.tf) | Security components for dev spoke VPC. | net-firewall-policy | google_network_security_firewall_endpoint_association · google_network_security_security_profile · google_network_security_security_profile_group | | [net-prod.tf](./net-prod.tf) | Security components for prod spoke VPC. | net-firewall-policy | google_network_security_firewall_endpoint_association · google_network_security_security_profile · google_network_security_security_profile_group |