From 04602353ce50e112021d8f7b15f396c2d8feff25 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 7 Feb 2023 10:54:55 +0100 Subject: [PATCH 1/7] New compute-vm examples and tests --- modules/compute-vm/README.md | 253 +++++++++++++++--- .../compute_vm/examples/alias-ips.yaml | 36 +++ tests/modules/compute_vm/examples/cmek.yaml | 57 ++++ .../compute_vm/examples/confidential.yaml | 31 +++ tests/modules/compute_vm/examples/group.yaml | 27 ++ tests/modules/compute_vm/examples/gvnic.yaml | 43 +++ tests/modules/compute_vm/examples/iam.yaml | 34 +++ tests/modules/compute_vm/examples/ips.yaml | 45 ++++ .../modules/compute_vm/examples/metadata.yaml | 32 +++ tests/modules/compute_vm/examples/sas.yaml | 49 ++++ tests/modules/compute_vm/examples/simple.yaml | 72 +++++ tests/modules/compute_vm/examples/spot.yaml | 31 +++ .../modules/compute_vm/examples/template.yaml | 65 +++++ tests/modules/compute_vm/fixture/main.tf | 31 --- tests/modules/compute_vm/fixture/variables.tf | 70 ----- tests/modules/compute_vm/test_plan.py | 77 ------ tests/modules/compute_vm/test_plan_disks.py | 158 ++++++----- .../compute_vm/test_plan_interfaces.py | 42 --- tests/modules/organization/tftest.yaml | 2 +- 19 files changed, 824 insertions(+), 331 deletions(-) create mode 100644 tests/modules/compute_vm/examples/alias-ips.yaml create mode 100644 tests/modules/compute_vm/examples/cmek.yaml create mode 100644 tests/modules/compute_vm/examples/confidential.yaml create mode 100644 tests/modules/compute_vm/examples/group.yaml create mode 100644 tests/modules/compute_vm/examples/gvnic.yaml create mode 100644 tests/modules/compute_vm/examples/iam.yaml create mode 100644 tests/modules/compute_vm/examples/ips.yaml create mode 100644 tests/modules/compute_vm/examples/metadata.yaml create mode 100644 tests/modules/compute_vm/examples/sas.yaml create mode 100644 tests/modules/compute_vm/examples/simple.yaml create mode 100644 tests/modules/compute_vm/examples/spot.yaml create mode 100644 tests/modules/compute_vm/examples/template.yaml delete mode 100644 tests/modules/compute_vm/fixture/main.tf delete mode 100644 tests/modules/compute_vm/fixture/variables.tf delete mode 100644 tests/modules/compute_vm/test_plan.py delete mode 100644 tests/modules/compute_vm/test_plan_interfaces.py diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index 2f715555a2..9435119bd8 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -25,35 +25,61 @@ module "simple-vm-example" { }] service_account_create = true } -# tftest modules=1 resources=2 - +# tftest modules=1 resources=2 inventory=simple.yaml ``` -### Spot VM +### Service account managed -[Spot VMs](https://cloud.google.com/compute/docs/instances/spot) are ephemeral compute instances suitable for batch jobs and fault-tolerant workloads. Spot VMs provide new features that [preemptible instances](https://cloud.google.com/compute/docs/instances/preemptible) do not support, such as the absence of a maximum runtime. +VM service accounts can be managed in three different ways: +- You can let the module create a service account for you by settting `service_account_create = true` +- You can use an existing service account by setting `service_account_create = false` (the default value) and passing the full email address of the service account to the `service_account` variable. This is useful, for example, if you want to reuse the service account from another previously created instance, or if you want to create the service account manually with the `iam-service-account` module. In this case, you probably also want to set `service_account_scopes` to `cloud-platform`. +- Lastly, you can use the default compute service account by setting `service_account_crate = false`. Please note that using the default compute service account is not recommended. ```hcl -module "spot-vm-example" { +module "vm-managed-sa-example" { source = "./fabric/modules/compute-vm" project_id = var.project_id zone = "europe-west1-b" - name = "test" - options = { - spot = true - termination_action = "STOP" - } + name = "test1" network_interfaces = [{ network = var.vpc.self_link subnetwork = var.subnet.self_link }] service_account_create = true } -# tftest modules=1 resources=2 +module "vm-managed-sa-example2" { + source = "./fabric/modules/compute-vm" + project_id = var.project_id + zone = "europe-west1-b" + name = "test2" + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + }] + service_account = module.vm-managed-sa-example.service_account_email + service_account_scopes = ["cloud-platform"] +} + +# not recommended +module "vm-default-sa-example2" { + source = "./fabric/modules/compute-vm" + project_id = var.project_id + zone = "europe-west1-b" + name = "test3" + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + }] + service_account_create = false +} + +# tftest modules=3 resources=4 inventory=sas.yaml ``` -### Disk sources +### Disk management + +#### Disk sources Attached disks can be created and optionally initialized from a pre-existing source, or attached to VMs when pre-existing. The `source` and `source_type` attributes of the `attached_disks` variable allows several modes of operation: @@ -65,7 +91,7 @@ Attached disks can be created and optionally initialized from a pre-existing sou This is an example of attaching a pre-existing regional PD to a new instance: ```hcl -module "simple-vm-example" { +module "vm-disks-example" { source = "./fabric/modules/compute-vm" project_id = var.project_id zone = "${var.region}-b" @@ -91,7 +117,7 @@ module "simple-vm-example" { And the same example for an instance template (where not using the full self link of the disk triggers recreation of the template) ```hcl -module "simple-vm-example" { +module "vm-disks-example" { source = "./fabric/modules/compute-vm" project_id = var.project_id zone = "${var.region}-b" @@ -115,39 +141,41 @@ module "simple-vm-example" { # tftest modules=1 resources=2 ``` -### Disk encryption with Cloud KMS +### Network interfaces -This example shows how to control disk encryption via the the `encryption` variable, in this case the self link to a KMS CryptoKey that will be used to encrypt boot and attached disk. Managing the key with the `../kms` module is of course possible, but is not shown here. +#### Internal and external IPs + +By default VNs are create with an automatically assigned IP addresses, but you can change it through the `addreses` and `nat` attributes of the `network_interfaces` variable: ```hcl -module "kms-vm-example" { +module "vm-internal-ip" { source = "./fabric/modules/compute-vm" - project_id = var.project_id + project_id = "my-project" zone = "europe-west1-b" - name = "kms-test" + name = "vm-internal-ip" network_interfaces = [{ network = var.vpc.self_link subnetwork = var.subnet.self_link + addresses = { external = null, internal = "10.0.0.2" } }] - attached_disks = [ - { - name = "attached-disk" - size = 10 - } - ] - service_account_create = true - boot_disk = { - image = "projects/debian-cloud/global/images/family/debian-10" - } - encryption = { - encrypt_boot = true - kms_key_self_link = var.kms_key.self_link - } } -# tftest modules=1 resources=3 + +module "vm-external-ip" { + source = "./fabric/modules/compute-vm" + project_id = "my-project" + zone = "europe-west1-b" + name = "vm-external-ip" + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + nat = true + addresses = { external = "8.8.8.8", internal = null } + }] +} +# tftest modules=2 resources=2 inventory=ips.yaml ``` -### Using Alias IPs +#### Using Alias IPs This example shows how to add additional [Alias IPs](https://cloud.google.com/vpc/docs/alias-ip) to your VM. @@ -164,12 +192,11 @@ module "vm-with-alias-ips" { alias1 = "10.16.0.10/32" } }] - service_account_create = true } -# tftest modules=1 resources=2 +# tftest modules=1 resources=1 inventory=alias-ips.yaml ``` -### Using gVNIC +#### Using gVNIC This example shows how to enable [gVNIC](https://cloud.google.com/compute/docs/networking/using-gvnic) on your VM by customizing a `cos` image. Given that gVNIC needs to be enabled as an instance configuration and as a guest os configuration, you'll need to supply a bootable disk with `guest_os_features=GVNIC`. `SEV_CAPABLE`, `UEFI_COMPATIBLE` and `VIRTIO_SCSI_MULTIQUEUE` are enabled implicitly in the `cos`, `rhel`, `centos` and other images. @@ -210,9 +237,153 @@ module "vm-with-gvnic" { }] service_account_create = true } -# tftest modules=1 resources=3 +# tftest modules=1 resources=3 inventory=gvnic.yaml +``` + +### Metadata + +You can define labels and custom metadata values. Metadata can be leveraged, for example, to define a custom startup script. + +```hcl +module "vm-metadata-example" { + source = "./fabric/modules/compute-vm" + project_id = var.project_id + zone = "europe-west1-b" + name = "nginx-server" + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + }] + labels = { + env = "dev" + system = "crm" + } + metadata = { + startup-script = <<-EOF + #! /bin/bash + apt-get update + apt-get install -y nginx + EOF + } + service_account_create = true +} +# tftest modules=1 resources=2 inventory=metadata.yaml +``` + +### IAM + +Like most modules, you can assign IAM roles to the instance using the `iam` variable. + +```hcl +module "vm-iam-example" { + source = "./fabric/modules/compute-vm" + project_id = var.project_id + zone = "europe-west1-b" + name = "webserver" + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + }] + iam = { + "roles/compute.instanceAdmin" = [ + "group:webserver@example.com", + "group:admin@example.com" + ] + } +} +# tftest modules=1 resources=2 inventory=iam.yaml + +``` + +### Spot VM + +[Spot VMs](https://cloud.google.com/compute/docs/instances/spot) are ephemeral compute instances suitable for batch jobs and fault-tolerant workloads. Spot VMs provide new features that [preemptible instances](https://cloud.google.com/compute/docs/instances/preemptible) do not support, such as the absence of a maximum runtime. + +```hcl +module "spot-vm-example" { + source = "./fabric/modules/compute-vm" + project_id = var.project_id + zone = "europe-west1-b" + name = "test" + options = { + spot = true + termination_action = "STOP" + } + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + }] +} +# tftest modules=1 resources=1 inventory=spot.yaml +``` + +### Confidential compute + +You can enable confidential compute with the `confidential_compute` variable, which can be used for standalone instances or for instance templates. + +```hcl +module "vm-confidential-example" { + source = "./fabric/modules/compute-vm" + project_id = var.project_id + zone = "europe-west1-b" + name = "confidential-vm" + confidential_compute = true + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + }] + +} + +module "template-confidential-example" { + source = "./fabric/modules/compute-vm" + project_id = var.project_id + zone = "europe-west1-b" + name = "confidential-template" + confidential_compute = true + create_template = true + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + }] +} + +# tftest modules=2 resources=2 inventory=confidential.yaml +``` + +### Shielded VM configuration + +### Disk encryption with Cloud KMS + +This example shows how to control disk encryption via the the `encryption` variable, in this case the self link to a KMS CryptoKey that will be used to encrypt boot and attached disk. Managing the key with the `../kms` module is of course possible, but is not shown here. + +```hcl +module "kms-vm-example" { + source = "./fabric/modules/compute-vm" + project_id = var.project_id + zone = "europe-west1-b" + name = "kms-test" + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + }] + attached_disks = [{ + name = "attached-disk" + size = 10 + }] + service_account_create = true + boot_disk = { + image = "projects/debian-cloud/global/images/family/debian-10" + } + encryption = { + encrypt_boot = true + kms_key_self_link = var.kms_key.self_link + } +} +# tftest modules=1 resources=3 inventory=cmek.yaml ``` + ### Instance template This example shows how to use the module to manage an instance template that defines an additional attached disk for each instance, and overrides defaults for the boot disk image and service account. @@ -239,7 +410,7 @@ module "cos-test" { service_account = "vm-default@my-project.iam.gserviceaccount.com" create_template = true } -# tftest modules=1 resources=1 +# tftest modules=1 resources=1 inventory=template.yaml ``` ### Instance group @@ -270,7 +441,7 @@ module "instance-group" { } group = { named_ports = {} } } -# tftest modules=1 resources=2 +# tftest modules=1 resources=2 inventory=group.yaml ``` diff --git a/tests/modules/compute_vm/examples/alias-ips.yaml b/tests/modules/compute_vm/examples/alias-ips.yaml new file mode 100644 index 0000000000..016f966097 --- /dev/null +++ b/tests/modules/compute_vm/examples/alias-ips.yaml @@ -0,0 +1,36 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vm-with-alias-ips.google_compute_instance.default[0]: + name: test + network_interface: + - access_config: [] + alias_ip_range: + - ip_cidr_range: 10.16.0.10/32 + subnetwork_range_name: alias1 + ipv6_access_config: [] + network: projects/xxx/global/networks/aaa + nic_type: null + queue_count: null + subnetwork: subnet_self_link + project: my-project + zone: europe-west1-b + +counts: + google_compute_instance: 1 + modules: 1 + resources: 1 + +outputs: {} diff --git a/tests/modules/compute_vm/examples/cmek.yaml b/tests/modules/compute_vm/examples/cmek.yaml new file mode 100644 index 0000000000..cf390fde0a --- /dev/null +++ b/tests/modules/compute_vm/examples/cmek.yaml @@ -0,0 +1,57 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.kms-vm-example.google_compute_disk.disks["attached-disk"]: + disk_encryption_key: + - kms_key_self_link: kms_key_self_link + kms_key_service_account: null + raw_key: null + labels: + disk_name: attached-disk + disk_type: pd-balanced + name: kms-test-attached-disk + project: project-id + size: 10 + type: pd-balanced + zone: europe-west1-b + module.kms-vm-example.google_compute_instance.default[0]: + attached_disk: + - device_name: attached-disk + disk_encryption_key_raw: null + mode: READ_WRITE + source: kms-test-attached-disk + boot_disk: + - auto_delete: true + disk_encryption_key_raw: null + initialize_params: + - image: projects/debian-cloud/global/images/family/debian-10 + size: 10 + type: pd-balanced + kms_key_self_link: kms_key_self_link + mode: READ_WRITE + name: kms-test + zone: europe-west1-b + module.kms-vm-example.google_service_account.service_account[0]: + account_id: tf-vm-kms-test + description: null + disabled: false + display_name: Terraform VM kms-test. + project: project-id + timeouts: null + +counts: + google_compute_disk: 1 + google_compute_instance: 1 + google_service_account: 1 diff --git a/tests/modules/compute_vm/examples/confidential.yaml b/tests/modules/compute_vm/examples/confidential.yaml new file mode 100644 index 0000000000..e842d4cb4b --- /dev/null +++ b/tests/modules/compute_vm/examples/confidential.yaml @@ -0,0 +1,31 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.template-confidential-example.google_compute_instance_template.default[0]: + confidential_instance_config: + - enable_confidential_compute: true + name_prefix: confidential-template- + project: project-id + region: europe-west1 + module.vm-confidential-example.google_compute_instance.default[0]: + confidential_instance_config: + - enable_confidential_compute: true + name: confidential-vm + project: project-id + zone: europe-west1-b + +counts: + google_compute_instance: 1 + google_compute_instance_template: 1 diff --git a/tests/modules/compute_vm/examples/group.yaml b/tests/modules/compute_vm/examples/group.yaml new file mode 100644 index 0000000000..c28c47648e --- /dev/null +++ b/tests/modules/compute_vm/examples/group.yaml @@ -0,0 +1,27 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.instance-group.google_compute_instance.default[0]: {} + module.instance-group.google_compute_instance_group.unmanaged[0]: + name: ilb-test + named_port: [] + network: projects/xxx/global/networks/aaa + project: my-project + timeouts: null + zone: europe-west1-b + +counts: + google_compute_instance: 1 + google_compute_instance_group: 1 diff --git a/tests/modules/compute_vm/examples/gvnic.yaml b/tests/modules/compute_vm/examples/gvnic.yaml new file mode 100644 index 0000000000..da95de9e47 --- /dev/null +++ b/tests/modules/compute_vm/examples/gvnic.yaml @@ -0,0 +1,43 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + google_compute_image.cos-gvnic: + guest_os_features: + - type: GVNIC + - type: SEV_CAPABLE + - type: UEFI_COMPATIBLE + - type: VIRTIO_SCSI_MULTIQUEUE + name: my-image + project: my-project + source_image: https://www.googleapis.com/compute/v1/projects/cos-cloud/global/images/cos-89-16108-534-18 + module.vm-with-gvnic.google_compute_instance.default[0]: + name: test + network_interface: + - access_config: [] + alias_ip_range: [] + ipv6_access_config: [] + network: projects/xxx/global/networks/aaa + nic_type: GVNIC + queue_count: null + subnetwork: subnet_self_link + project: my-project + zone: europe-west1-b + +counts: + google_compute_image: 1 + google_compute_instance: 1 + google_service_account: 1 + modules: 1 + resources: 3 diff --git a/tests/modules/compute_vm/examples/iam.yaml b/tests/modules/compute_vm/examples/iam.yaml new file mode 100644 index 0000000000..254d266d78 --- /dev/null +++ b/tests/modules/compute_vm/examples/iam.yaml @@ -0,0 +1,34 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vm-iam-example.google_compute_instance.default[0]: + name: webserver + module.vm-iam-example.google_compute_instance_iam_binding.default["roles/compute.instanceAdmin"]: + condition: [] + instance_name: webserver + members: + - group:admin@example.com + - group:webserver@example.com + project: project-id + role: roles/compute.instanceAdmin + zone: europe-west1-b + +counts: + google_compute_instance: 1 + google_compute_instance_iam_binding: 1 + modules: 1 + resources: 2 + +outputs: {} diff --git a/tests/modules/compute_vm/examples/ips.yaml b/tests/modules/compute_vm/examples/ips.yaml new file mode 100644 index 0000000000..65931abb5e --- /dev/null +++ b/tests/modules/compute_vm/examples/ips.yaml @@ -0,0 +1,45 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vm-external-ip.google_compute_instance.default[0]: + name: vm-external-ip + network_interface: + - access_config: + - nat_ip: 8.8.8.8 + public_ptr_domain_name: null + alias_ip_range: [] + ipv6_access_config: [] + network: projects/xxx/global/networks/aaa + nic_type: null + queue_count: null + subnetwork: subnet_self_link + project: my-project + zone: europe-west1-b + module.vm-internal-ip.google_compute_instance.default[0]: + name: vm-internal-ip + network_interface: + - access_config: [] + alias_ip_range: [] + ipv6_access_config: [] + network: projects/xxx/global/networks/aaa + network_ip: 10.0.0.2 + nic_type: null + queue_count: null + subnetwork: subnet_self_link + project: my-project + zone: europe-west1-b + +counts: + google_compute_instance: 2 diff --git a/tests/modules/compute_vm/examples/metadata.yaml b/tests/modules/compute_vm/examples/metadata.yaml new file mode 100644 index 0000000000..fbe0d06ff7 --- /dev/null +++ b/tests/modules/compute_vm/examples/metadata.yaml @@ -0,0 +1,32 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vm-metadata-example.google_compute_instance.default[0]: + metadata: + startup-script: | + #! /bin/bash + apt-get update + apt-get install -y nginx + name: nginx-server + project: project-id + zone: europe-west1-b + labels: + env: dev + system: crm + module.vm-metadata-example.google_service_account.service_account[0]: {} + +counts: + google_compute_instance: 1 + google_service_account: 1 diff --git a/tests/modules/compute_vm/examples/sas.yaml b/tests/modules/compute_vm/examples/sas.yaml new file mode 100644 index 0000000000..96a948317e --- /dev/null +++ b/tests/modules/compute_vm/examples/sas.yaml @@ -0,0 +1,49 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vm-default-sa-example2.google_compute_instance.default[0]: + name: test3 + project: project-id + service_account: + - scopes: + - https://www.googleapis.com/auth/devstorage.read_only + - https://www.googleapis.com/auth/logging.write + - https://www.googleapis.com/auth/monitoring.write + zone: europe-west1-b + module.vm-managed-sa-example.google_compute_instance.default[0]: + name: test1 + project: project-id + service_account: + - scopes: + - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/userinfo.email + zone: europe-west1-b + module.vm-managed-sa-example.google_service_account.service_account[0]: + account_id: tf-vm-test1 + display_name: Terraform VM test1. + project: project-id + module.vm-managed-sa-example2.google_compute_instance.default[0]: + name: test2 + project: project-id + service_account: + - scopes: + - https://www.googleapis.com/auth/cloud-platform + zone: europe-west1-b + +counts: + google_compute_instance: 3 + google_service_account: 1 + modules: 3 + resources: 4 diff --git a/tests/modules/compute_vm/examples/simple.yaml b/tests/modules/compute_vm/examples/simple.yaml new file mode 100644 index 0000000000..6754efaae8 --- /dev/null +++ b/tests/modules/compute_vm/examples/simple.yaml @@ -0,0 +1,72 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.simple-vm-example.google_compute_instance.default[0]: + advanced_machine_features: [] + allow_stopping_for_update: true + attached_disk: [] + boot_disk: + - auto_delete: true + disk_encryption_key_raw: null + initialize_params: + - image: projects/debian-cloud/global/images/family/debian-11 + size: 10 + type: pd-balanced + mode: READ_WRITE + can_ip_forward: false + deletion_protection: false + description: Managed by the compute-vm Terraform module. + enable_display: false + hostname: null + labels: null + machine_type: f1-micro + metadata: null + metadata_startup_script: null + name: test + network_interface: + - access_config: [] + alias_ip_range: [] + ipv6_access_config: [] + network: projects/xxx/global/networks/aaa + nic_type: null + queue_count: null + subnetwork: subnet_self_link + project: project-id + scheduling: + - automatic_restart: true + instance_termination_action: null + max_run_duration: [] + min_node_cpus: null + node_affinities: [] + on_host_maintenance: MIGRATE + preemptible: false + provisioning_model: STANDARD + scratch_disk: [] + service_account: + - scopes: + - https://www.googleapis.com/auth/cloud-platform + - https://www.googleapis.com/auth/userinfo.email + shielded_instance_config: [] + tags: null + zone: europe-west1-b + module.simple-vm-example.google_service_account.service_account[0]: + account_id: tf-vm-test + display_name: Terraform VM test. + project: project-id + + +counts: + google_compute_instance: 1 + google_service_account: 1 diff --git a/tests/modules/compute_vm/examples/spot.yaml b/tests/modules/compute_vm/examples/spot.yaml new file mode 100644 index 0000000000..c15852dbcb --- /dev/null +++ b/tests/modules/compute_vm/examples/spot.yaml @@ -0,0 +1,31 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.spot-vm-example.google_compute_instance.default[0]: + name: test + project: project-id + scheduling: + - automatic_restart: false + instance_termination_action: STOP + max_run_duration: [] + min_node_cpus: null + node_affinities: [] + on_host_maintenance: TERMINATE + preemptible: true + provisioning_model: SPOT + zone: europe-west1-b + +counts: + google_compute_instance: 1 diff --git a/tests/modules/compute_vm/examples/template.yaml b/tests/modules/compute_vm/examples/template.yaml new file mode 100644 index 0000000000..1f1888bfcb --- /dev/null +++ b/tests/modules/compute_vm/examples/template.yaml @@ -0,0 +1,65 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.cos-test.google_compute_instance_template.default[0]: + disk: + - auto_delete: true + boot: true + disk_encryption_key: [] + disk_name: null + disk_size_gb: 10 + disk_type: pd-balanced + labels: null + resource_policies: null + source: null + source_image: projects/cos-cloud/global/images/family/cos-stable + source_image_encryption_key: [] + source_snapshot: null + source_snapshot_encryption_key: [] + - auto_delete: true + device_name: disk-1 + disk_encryption_key: [] + disk_name: disk-1 + disk_size_gb: 10 + disk_type: pd-balanced + labels: null + mode: READ_WRITE + resource_policies: null + source: null + source_image_encryption_key: [] + source_snapshot: null + source_snapshot_encryption_key: [] + type: PERSISTENT + name_prefix: test- + network_interface: + - access_config: [] + alias_ip_range: [] + ipv6_access_config: [] + network: projects/xxx/global/networks/aaa + network_ip: null + nic_type: null + queue_count: null + subnetwork: subnet_self_link + project: my-project + region: europe-west1 + service_account: + - email: vm-default@my-project.iam.gserviceaccount.com + scopes: + - https://www.googleapis.com/auth/devstorage.read_only + - https://www.googleapis.com/auth/logging.write + - https://www.googleapis.com/auth/monitoring.write + +counts: + google_compute_instance_template: 1 diff --git a/tests/modules/compute_vm/fixture/main.tf b/tests/modules/compute_vm/fixture/main.tf deleted file mode 100644 index 5815f25f7f..0000000000 --- a/tests/modules/compute_vm/fixture/main.tf +++ /dev/null @@ -1,31 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "test" { - source = "../../../../modules/compute-vm" - project_id = "my-project" - zone = "europe-west1-b" - name = "test" - attached_disks = var.attached_disks - attached_disk_defaults = var.attached_disk_defaults - create_template = var.create_template - confidential_compute = var.confidential_compute - group = var.group - iam = var.iam - metadata = var.metadata - network_interfaces = var.network_interfaces - service_account_create = var.service_account_create -} diff --git a/tests/modules/compute_vm/fixture/variables.tf b/tests/modules/compute_vm/fixture/variables.tf deleted file mode 100644 index 02d839f640..0000000000 --- a/tests/modules/compute_vm/fixture/variables.tf +++ /dev/null @@ -1,70 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "attached_disks" { - description = "Additional disks, if options is null defaults will be used in its place. Source type is one of 'image' (zonal disks in vms and template), 'snapshot' (vm), 'existing', and null." - type = any - default = [] -} - -variable "attached_disk_defaults" { - description = "Defaults for attached disks options." - type = any - default = { - auto_delete = true - mode = "READ_WRITE" - replica_zone = null - type = "pd-balanced" - } -} - -variable "confidential_compute" { - type = bool - default = false -} - -variable "create_template" { - type = bool - default = false -} - -variable "group" { - type = any - default = null -} - -variable "iam" { - type = map(set(string)) - default = {} -} - -variable "metadata" { - type = map(string) - default = {} -} - -variable "network_interfaces" { - type = any - default = [{ - network = "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default", - subnetwork = "https://www.googleapis.com/compute/v1/projects/my-project/regions/europe-west1/subnetworks/default-default", - }] -} - -variable "service_account_create" { - type = bool - default = false -} diff --git a/tests/modules/compute_vm/test_plan.py b/tests/modules/compute_vm/test_plan.py deleted file mode 100644 index 701891c5bd..0000000000 --- a/tests/modules/compute_vm/test_plan.py +++ /dev/null @@ -1,77 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -def test_defaults(plan_runner): - _, resources = plan_runner() - assert len(resources) == 1 - assert resources[0]['type'] == 'google_compute_instance' - - -def test_service_account(plan_runner): - _, resources = plan_runner(service_account_create='true') - assert len(resources) == 2 - assert set(r['type'] for r in resources) == set([ - 'google_compute_instance', 'google_service_account' - ]) - - -def test_template(plan_runner): - _, resources = plan_runner(create_template='true') - assert len(resources) == 1 - assert resources[0]['type'] == 'google_compute_instance_template' - assert resources[0]['values']['name_prefix'] == 'test-' - - -def test_group(plan_runner): - _, resources = plan_runner(group='{named_ports={}}') - assert len(resources) == 2 - assert set(r['type'] for r in resources) == set([ - 'google_compute_instance_group', 'google_compute_instance' - ]) - - -def test_iam(plan_runner): - iam = ( - '{"roles/compute.instanceAdmin" = ["user:a@a.com", "user:b@a.com"],' - '"roles/iam.serviceAccountUser" = ["user:a@a.com"]}' - ) - _, resources = plan_runner(iam=iam) - assert len(resources) == 3 - assert set(r['type'] for r in resources) == set([ - 'google_compute_instance', 'google_compute_instance_iam_binding']) - iam_bindings = dict( - (r['index'], r['values']['members']) for r in resources if r['type'] - == 'google_compute_instance_iam_binding' - ) - assert iam_bindings == { - 'roles/compute.instanceAdmin': ['user:a@a.com', 'user:b@a.com'], - 'roles/iam.serviceAccountUser': ['user:a@a.com'], - } - - -def test_confidential_compute(plan_runner): - _, resources = plan_runner(confidential_compute='true') - assert len(resources) == 1 - assert resources[0]['values']['confidential_instance_config'] == [ - {'enable_confidential_compute': True}] - assert resources[0]['values']['scheduling'][0]['on_host_maintenance'] == 'TERMINATE' - - -def test_confidential_compute_template(plan_runner): - _, resources = plan_runner(confidential_compute='true', - create_template='true') - assert len(resources) == 1 - assert resources[0]['values']['confidential_instance_config'] == [ - {'enable_confidential_compute': True}] - assert resources[0]['values']['scheduling'][0]['on_host_maintenance'] == 'TERMINATE' diff --git a/tests/modules/compute_vm/test_plan_disks.py b/tests/modules/compute_vm/test_plan_disks.py index 153c072f55..2c461d4548 100644 --- a/tests/modules/compute_vm/test_plan_disks.py +++ b/tests/modules/compute_vm/test_plan_disks.py @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,7 +14,7 @@ def test_types(plan_runner): - _disks = '''[{ + _disks = '''[{ name = "data1" size = "10" source_type = "image" @@ -34,35 +34,53 @@ def test_types(plan_runner): options = null }] ''' - _, resources = plan_runner(attached_disks=_disks) - assert len(resources) == 3 - disks = { - r['values']['name']: r['values'] - for r in resources if r['type'] == 'google_compute_disk' - } - assert disks['test-data1']['size'] == 10 - assert disks['test-data2']['size'] == 20 - assert disks['test-data1']['image'] == 'image-1' - assert disks['test-data1']['snapshot'] is None - assert disks['test-data2']['snapshot'] == 'snapshot-2' - assert disks['test-data2']['image'] is None - instance = [ - r['values'] for r in resources - if r['type'] == 'google_compute_instance' - ][0] - instance_disks = { - d['source']: d['device_name'] - for d in instance['attached_disk'] - } - assert instance_disks == { - 'test-data1': 'data1', - 'test-data2': 'data2', - 'disk-3': 'data3' - } + _, resources = plan_runner(attached_disks=_disks) + assert len(resources) == 3 + disks = { + r['values']['name']: r['values'] + for r in resources + if r['type'] == 'google_compute_disk' + } + assert disks['test-data1']['size'] == 10 + assert disks['test-data2']['size'] == 20 + assert disks['test-data1']['image'] == 'image-1' + assert disks['test-data1']['snapshot'] is None + assert disks['test-data2']['snapshot'] == 'snapshot-2' + assert disks['test-data2']['image'] is None + instance = [ + r['values'] for r in resources if r['type'] == 'google_compute_instance' + ][0] + instance_disks = { + d['source']: d['device_name'] for d in instance['attached_disk'] + } + assert instance_disks == { + 'test-data1': 'data1', + 'test-data2': 'data2', + 'disk-3': 'data3' + } def test_options(plan_runner): - _disks = '''[{ + _disks = '''[ +{ + name = "data1" + size = "10" + source_type = "image" + source = "image-1" + options = null + }, { + name = "data2" + size = "20" + source_type = "snapshot" + source = "snapshot-2" + options = null + }, { + name = "data3" + size = null + source_type = "attach" + source = "disk-3" + } + { name = "data1" size = "10" source_type = "image" @@ -80,26 +98,26 @@ def test_options(plan_runner): } }] ''' - _, resources = plan_runner(attached_disks=_disks) - assert len(resources) == 3 - disks_z = [ - r['values'] for r in resources if r['type'] == 'google_compute_disk' - ] - disks_r = [ - r['values'] for r in resources - if r['type'] == 'google_compute_region_disk' - ] - assert len(disks_z) == len(disks_r) == 1 - instance = [ - r['values'] for r in resources - if r['type'] == 'google_compute_instance' - ][0] - instance_disks = [d['device_name'] for d in instance['attached_disk']] - assert instance_disks == ['data1', 'data2'] + _, resources = plan_runner(attached_disks=_disks) + assert len(resources) == 3 + disks_z = [ + r['values'] for r in resources if r['type'] == 'google_compute_disk' + ] + disks_r = [ + r['values'] + for r in resources + if r['type'] == 'google_compute_region_disk' + ] + assert len(disks_z) == len(disks_r) == 1 + instance = [ + r['values'] for r in resources if r['type'] == 'google_compute_instance' + ][0] + instance_disks = [d['device_name'] for d in instance['attached_disk']] + assert instance_disks == ['data1', 'data2'] def test_template(plan_runner): - _disks = '''[{ + _disks = '''[{ name = "data1" size = "10" source_type = "image" @@ -117,17 +135,18 @@ def test_template(plan_runner): } }] ''' - _, resources = plan_runner(attached_disks=_disks, create_template="true") - assert len(resources) == 1 - template = [ - r['values'] for r in resources - if r['type'] == 'google_compute_instance_template' - ][0] - assert len(template['disk']) == 3 + _, resources = plan_runner(attached_disks=_disks, create_template="true") + assert len(resources) == 1 + template = [ + r['values'] + for r in resources + if r['type'] == 'google_compute_instance_template' + ][0] + assert len(template['disk']) == 3 def test_auto_delete(plan_runner): - _disks = '''[{ + _disks = '''[{ name = "data1" size = "10" options = { @@ -147,19 +166,20 @@ def test_auto_delete(plan_runner): } }] ''' - _, resources = plan_runner(attached_disks=_disks, create_template="true") - assert len(resources) == 1 - template = [ - r['values'] for r in resources - if r['type'] == 'google_compute_instance_template' - ][0] - additional_disks = [ - d for d in template['disk'] if 'boot' not in d or d['boot'] != True - ] - assert len(additional_disks) == 3 - disk_data1 = [d for d in additional_disks if d['disk_name'] == 'data1'] - disk_data2 = [d for d in additional_disks if d['disk_name'] == 'data2'] - disk_data3 = [d for d in additional_disks if d['disk_name'] == 'data3'] - assert len(disk_data1) == 1 and disk_data1[0]['auto_delete'] == True - assert len(disk_data2) == 1 and disk_data2[0]['auto_delete'] == False - assert len(disk_data3) == 1 and disk_data3[0]['auto_delete'] == False + _, resources = plan_runner(attached_disks=_disks, create_template="true") + assert len(resources) == 1 + template = [ + r['values'] + for r in resources + if r['type'] == 'google_compute_instance_template' + ][0] + additional_disks = [ + d for d in template['disk'] if 'boot' not in d or d['boot'] != True + ] + assert len(additional_disks) == 3 + disk_data1 = [d for d in additional_disks if d['disk_name'] == 'data1'] + disk_data2 = [d for d in additional_disks if d['disk_name'] == 'data2'] + disk_data3 = [d for d in additional_disks if d['disk_name'] == 'data3'] + assert len(disk_data1) == 1 and disk_data1[0]['auto_delete'] == True + assert len(disk_data2) == 1 and disk_data2[0]['auto_delete'] == False + assert len(disk_data3) == 1 and disk_data3[0]['auto_delete'] == False diff --git a/tests/modules/compute_vm/test_plan_interfaces.py b/tests/modules/compute_vm/test_plan_interfaces.py deleted file mode 100644 index e88c087be3..0000000000 --- a/tests/modules/compute_vm/test_plan_interfaces.py +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -def test_address(plan_runner): - nics = '''[{ - network = "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default", - subnetwork = "https://www.googleapis.com/compute/v1/projects/my-project/regions/europe-west1/subnetworks/default-default", - nat = false, - addresses = {external=null, internal="10.0.0.2"} - }] - ''' - _, resources = plan_runner(network_interfaces=nics) - assert len(resources) == 1 - n = resources[0]['values']['network_interface'][0] - assert n['network_ip'] == "10.0.0.2" - assert n['access_config'] == [] - - -def test_nat_address(plan_runner): - nics = '''[{ - network = "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default", - subnetwork = "https://www.googleapis.com/compute/v1/projects/my-project/regions/europe-west1/subnetworks/default-default", - nat = true, - addresses = {external="8.8.8.8", internal=null} - }] - ''' - _, resources = plan_runner(network_interfaces=nics) - assert len(resources) == 1 - n = resources[0]['values']['network_interface'][0] - assert 'network_ip' not in n - assert n['access_config'][0]['nat_ip'] == '8.8.8.8' diff --git a/tests/modules/organization/tftest.yaml b/tests/modules/organization/tftest.yaml index c49a139a6f..7568b732ad 100644 --- a/tests/modules/organization/tftest.yaml +++ b/tests/modules/organization/tftest.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. From fa064ddf4d29656056c2db4a93087827ffab7161 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 7 Feb 2023 11:00:18 +0100 Subject: [PATCH 2/7] Fix typo --- modules/compute-vm/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index 9435119bd8..7fdb85fd30 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -28,7 +28,7 @@ module "simple-vm-example" { # tftest modules=1 resources=2 inventory=simple.yaml ``` -### Service account managed +### Service account management VM service accounts can be managed in three different ways: - You can let the module create a service account for you by settting `service_account_create = true` From 08f25408728f8b37c20793f4d3221b8ec86780e1 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 7 Feb 2023 11:26:26 +0100 Subject: [PATCH 3/7] Bump provider version --- .../apigee/bigquery-analytics/versions.tf | 4 ++-- .../versions.tf | 4 ++-- blueprints/cloud-operations/adfs/versions.tf | 4 ++-- .../versions.tf | 4 ++-- .../dns-fine-grained-iam/versions.tf | 4 ++-- .../cloud-operations/dns-shared-vpc/versions.tf | 4 ++-- .../iam-delegated-role-grants/versions.tf | 4 ++-- .../onprem-sa-key-management/versions.tf | 4 ++-- .../packer-image-builder/versions.tf | 4 ++-- .../quota-monitoring/versions.tf | 4 ++-- .../versions.tf | 4 ++-- .../tfc-workflow-using-wif/tfc-oidc/versions.tf | 4 ++-- .../cmek-via-centralized-kms/versions.tf | 4 ++-- .../data-solutions/data-playground/versions.tf | 4 ++-- .../gcs-to-bq-with-least-privileges/versions.tf | 4 ++-- .../factories/net-vpc-firewall-yaml/versions.tf | 4 ++-- .../nginx-reverse-proxy-cluster/versions.tf | 4 ++-- .../onprem-google-access-dns/versions.tf | 4 ++-- .../decentralized-firewall/versions.tf | 4 ++-- .../networking/filtering-proxy-psc/versions.tf | 4 ++-- .../networking/filtering-proxy/versions.tf | 4 ++-- .../hub-and-spoke-peering/versions.tf | 4 ++-- .../networking/hub-and-spoke-vpn/versions.tf | 4 ++-- blueprints/networking/ilb-next-hop/versions.tf | 4 ++-- .../versions.tf | 4 ++-- .../networking/shared-vpc-gke/versions.tf | 4 ++-- .../openshift/tf/versions.tf | 4 ++-- default-versions.tf | 4 ++-- modules/__experimental/net-neg/versions.tf | 4 ++-- modules/api-gateway/versions.tf | 4 ++-- modules/apigee/versions.tf | 4 ++-- modules/artifact-registry/versions.tf | 4 ++-- modules/bigquery-dataset/versions.tf | 4 ++-- modules/bigtable-instance/versions.tf | 4 ++-- modules/billing-budget/versions.tf | 4 ++-- modules/binauthz/versions.tf | 4 ++-- .../__need_fixing/onprem/versions.tf | 4 ++-- .../cloud-config-container/coredns/versions.tf | 4 ++-- .../cos-generic-metadata/versions.tf | 4 ++-- .../envoy-traffic-director/versions.tf | 4 ++-- .../cloud-config-container/mysql/versions.tf | 4 ++-- .../nginx-tls/versions.tf | 4 ++-- .../cloud-config-container/nginx/versions.tf | 4 ++-- .../simple-nva/versions.tf | 4 ++-- .../cloud-config-container/squid/versions.tf | 4 ++-- modules/cloud-function/versions.tf | 4 ++-- modules/cloud-identity-group/versions.tf | 4 ++-- modules/cloud-run/versions.tf | 4 ++-- modules/cloudsql-instance/versions.tf | 4 ++-- modules/compute-mig/versions.tf | 4 ++-- modules/compute-vm/README.md | 17 +++++++++++++++++ modules/compute-vm/versions.tf | 4 ++-- modules/container-registry/versions.tf | 4 ++-- modules/data-catalog-policy-tag/versions.tf | 4 ++-- modules/datafusion/versions.tf | 4 ++-- modules/dns/versions.tf | 4 ++-- modules/endpoints/versions.tf | 4 ++-- modules/folder/versions.tf | 4 ++-- modules/gcs/versions.tf | 4 ++-- modules/gke-cluster/versions.tf | 4 ++-- modules/gke-hub/versions.tf | 4 ++-- modules/gke-nodepool/versions.tf | 4 ++-- modules/iam-service-account/versions.tf | 4 ++-- modules/kms/versions.tf | 4 ++-- modules/logging-bucket/versions.tf | 4 ++-- modules/net-address/versions.tf | 4 ++-- modules/net-cloudnat/versions.tf | 4 ++-- modules/net-glb/versions.tf | 4 ++-- modules/net-ilb-l7/versions.tf | 4 ++-- modules/net-ilb/versions.tf | 4 ++-- .../versions.tf | 4 ++-- modules/net-vpc-firewall/versions.tf | 4 ++-- modules/net-vpc-peering/versions.tf | 4 ++-- modules/net-vpc/versions.tf | 4 ++-- modules/net-vpn-dynamic/versions.tf | 4 ++-- modules/net-vpn-ha/versions.tf | 4 ++-- modules/net-vpn-static/versions.tf | 4 ++-- modules/organization/versions.tf | 4 ++-- modules/project/versions.tf | 4 ++-- modules/projects-data-source/versions.tf | 4 ++-- modules/pubsub/versions.tf | 4 ++-- modules/secret-manager/versions.tf | 4 ++-- modules/service-directory/versions.tf | 4 ++-- modules/source-repository/versions.tf | 4 ++-- modules/vpc-sc/versions.tf | 4 ++-- 85 files changed, 185 insertions(+), 168 deletions(-) diff --git a/blueprints/apigee/bigquery-analytics/versions.tf b/blueprints/apigee/bigquery-analytics/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/apigee/bigquery-analytics/versions.tf +++ b/blueprints/apigee/bigquery-analytics/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/adfs/versions.tf b/blueprints/cloud-operations/adfs/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/adfs/versions.tf +++ b/blueprints/cloud-operations/adfs/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf b/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf +++ b/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf b/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf +++ b/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/dns-shared-vpc/versions.tf b/blueprints/cloud-operations/dns-shared-vpc/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/dns-shared-vpc/versions.tf +++ b/blueprints/cloud-operations/dns-shared-vpc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf b/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf +++ b/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/onprem-sa-key-management/versions.tf b/blueprints/cloud-operations/onprem-sa-key-management/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/onprem-sa-key-management/versions.tf +++ b/blueprints/cloud-operations/onprem-sa-key-management/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/packer-image-builder/versions.tf b/blueprints/cloud-operations/packer-image-builder/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/packer-image-builder/versions.tf +++ b/blueprints/cloud-operations/packer-image-builder/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/quota-monitoring/versions.tf b/blueprints/cloud-operations/quota-monitoring/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/quota-monitoring/versions.tf +++ b/blueprints/cloud-operations/quota-monitoring/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf b/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf +++ b/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf b/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf +++ b/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf b/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf +++ b/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/data-solutions/data-playground/versions.tf b/blueprints/data-solutions/data-playground/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/data-solutions/data-playground/versions.tf +++ b/blueprints/data-solutions/data-playground/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf b/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf +++ b/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/factories/net-vpc-firewall-yaml/versions.tf b/blueprints/factories/net-vpc-firewall-yaml/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/factories/net-vpc-firewall-yaml/versions.tf +++ b/blueprints/factories/net-vpc-firewall-yaml/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf b/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf +++ b/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf b/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf +++ b/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/decentralized-firewall/versions.tf b/blueprints/networking/decentralized-firewall/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/decentralized-firewall/versions.tf +++ b/blueprints/networking/decentralized-firewall/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/filtering-proxy-psc/versions.tf b/blueprints/networking/filtering-proxy-psc/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/filtering-proxy-psc/versions.tf +++ b/blueprints/networking/filtering-proxy-psc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/filtering-proxy/versions.tf b/blueprints/networking/filtering-proxy/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/filtering-proxy/versions.tf +++ b/blueprints/networking/filtering-proxy/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/hub-and-spoke-peering/versions.tf b/blueprints/networking/hub-and-spoke-peering/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/hub-and-spoke-peering/versions.tf +++ b/blueprints/networking/hub-and-spoke-peering/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/hub-and-spoke-vpn/versions.tf b/blueprints/networking/hub-and-spoke-vpn/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/hub-and-spoke-vpn/versions.tf +++ b/blueprints/networking/hub-and-spoke-vpn/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/ilb-next-hop/versions.tf b/blueprints/networking/ilb-next-hop/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/ilb-next-hop/versions.tf +++ b/blueprints/networking/ilb-next-hop/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/private-cloud-function-from-onprem/versions.tf b/blueprints/networking/private-cloud-function-from-onprem/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/private-cloud-function-from-onprem/versions.tf +++ b/blueprints/networking/private-cloud-function-from-onprem/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/networking/shared-vpc-gke/versions.tf b/blueprints/networking/shared-vpc-gke/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/networking/shared-vpc-gke/versions.tf +++ b/blueprints/networking/shared-vpc-gke/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/blueprints/third-party-solutions/openshift/tf/versions.tf b/blueprints/third-party-solutions/openshift/tf/versions.tf index 4900174aae..08492c6f95 100644 --- a/blueprints/third-party-solutions/openshift/tf/versions.tf +++ b/blueprints/third-party-solutions/openshift/tf/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/default-versions.tf b/default-versions.tf index 4900174aae..08492c6f95 100644 --- a/default-versions.tf +++ b/default-versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/__experimental/net-neg/versions.tf b/modules/__experimental/net-neg/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/__experimental/net-neg/versions.tf +++ b/modules/__experimental/net-neg/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/api-gateway/versions.tf b/modules/api-gateway/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/api-gateway/versions.tf +++ b/modules/api-gateway/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/apigee/versions.tf b/modules/apigee/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/apigee/versions.tf +++ b/modules/apigee/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/artifact-registry/versions.tf b/modules/artifact-registry/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/artifact-registry/versions.tf +++ b/modules/artifact-registry/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/bigquery-dataset/versions.tf b/modules/bigquery-dataset/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/bigquery-dataset/versions.tf +++ b/modules/bigquery-dataset/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/bigtable-instance/versions.tf b/modules/bigtable-instance/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/bigtable-instance/versions.tf +++ b/modules/bigtable-instance/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/billing-budget/versions.tf b/modules/billing-budget/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/billing-budget/versions.tf +++ b/modules/billing-budget/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/binauthz/versions.tf b/modules/binauthz/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/binauthz/versions.tf +++ b/modules/binauthz/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-config-container/__need_fixing/onprem/versions.tf b/modules/cloud-config-container/__need_fixing/onprem/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-config-container/__need_fixing/onprem/versions.tf +++ b/modules/cloud-config-container/__need_fixing/onprem/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-config-container/coredns/versions.tf b/modules/cloud-config-container/coredns/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-config-container/coredns/versions.tf +++ b/modules/cloud-config-container/coredns/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-config-container/cos-generic-metadata/versions.tf b/modules/cloud-config-container/cos-generic-metadata/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-config-container/cos-generic-metadata/versions.tf +++ b/modules/cloud-config-container/cos-generic-metadata/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-config-container/envoy-traffic-director/versions.tf b/modules/cloud-config-container/envoy-traffic-director/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-config-container/envoy-traffic-director/versions.tf +++ b/modules/cloud-config-container/envoy-traffic-director/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-config-container/mysql/versions.tf b/modules/cloud-config-container/mysql/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-config-container/mysql/versions.tf +++ b/modules/cloud-config-container/mysql/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-config-container/nginx-tls/versions.tf b/modules/cloud-config-container/nginx-tls/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-config-container/nginx-tls/versions.tf +++ b/modules/cloud-config-container/nginx-tls/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-config-container/nginx/versions.tf b/modules/cloud-config-container/nginx/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-config-container/nginx/versions.tf +++ b/modules/cloud-config-container/nginx/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-config-container/simple-nva/versions.tf b/modules/cloud-config-container/simple-nva/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-config-container/simple-nva/versions.tf +++ b/modules/cloud-config-container/simple-nva/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-config-container/squid/versions.tf b/modules/cloud-config-container/squid/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-config-container/squid/versions.tf +++ b/modules/cloud-config-container/squid/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-function/versions.tf b/modules/cloud-function/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-function/versions.tf +++ b/modules/cloud-function/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-identity-group/versions.tf b/modules/cloud-identity-group/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-identity-group/versions.tf +++ b/modules/cloud-identity-group/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloud-run/versions.tf b/modules/cloud-run/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloud-run/versions.tf +++ b/modules/cloud-run/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/cloudsql-instance/versions.tf b/modules/cloudsql-instance/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/cloudsql-instance/versions.tf +++ b/modules/cloudsql-instance/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/compute-mig/versions.tf b/modules/compute-mig/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/compute-mig/versions.tf +++ b/modules/compute-mig/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index 7fdb85fd30..a4059dcf56 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -8,6 +8,23 @@ This module can operate in two distinct modes: In both modes, an optional service account can be created and assigned to either instances or template. If you need a managed instance group when using the module in template mode, refer to the [`compute-mig`](../compute-mig) module. ## Examples +- [Instance using defaults](#instance-using-defaults) +- [Service account management](#service-account-management) +- [Disk management](#disk-management) + - [Disk sources](#disk-sources) +- [Network interfaces](#network-interfaces) + - [Internal and external IPs](#internal-and-external-ips) + - [Using Alias IPs](#using-alias-ips) + - [Using gVNIC](#using-gvnic) +- [Metadata](#metadata) +- [IAM](#iam) +- [Spot VM](#spot-vm) +- [Confidential compute](#confidential-compute) +- [Shielded VM configuration](#shielded-vm-configuration) +- [Disk encryption with Cloud KMS](#disk-encryption-with-cloud-kms) +- [Instance template](#instance-template) +- [Instance group](#instance-group) + ### Instance using defaults diff --git a/modules/compute-vm/versions.tf b/modules/compute-vm/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/compute-vm/versions.tf +++ b/modules/compute-vm/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/container-registry/versions.tf b/modules/container-registry/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/container-registry/versions.tf +++ b/modules/container-registry/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/data-catalog-policy-tag/versions.tf b/modules/data-catalog-policy-tag/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/data-catalog-policy-tag/versions.tf +++ b/modules/data-catalog-policy-tag/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/datafusion/versions.tf b/modules/datafusion/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/datafusion/versions.tf +++ b/modules/datafusion/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/dns/versions.tf b/modules/dns/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/dns/versions.tf +++ b/modules/dns/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/endpoints/versions.tf b/modules/endpoints/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/endpoints/versions.tf +++ b/modules/endpoints/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/folder/versions.tf b/modules/folder/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/folder/versions.tf +++ b/modules/folder/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/gcs/versions.tf b/modules/gcs/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/gcs/versions.tf +++ b/modules/gcs/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/gke-cluster/versions.tf b/modules/gke-cluster/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/gke-cluster/versions.tf +++ b/modules/gke-cluster/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/gke-hub/versions.tf b/modules/gke-hub/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/gke-hub/versions.tf +++ b/modules/gke-hub/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/gke-nodepool/versions.tf b/modules/gke-nodepool/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/gke-nodepool/versions.tf +++ b/modules/gke-nodepool/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/iam-service-account/versions.tf b/modules/iam-service-account/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/iam-service-account/versions.tf +++ b/modules/iam-service-account/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/kms/versions.tf b/modules/kms/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/kms/versions.tf +++ b/modules/kms/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/logging-bucket/versions.tf b/modules/logging-bucket/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/logging-bucket/versions.tf +++ b/modules/logging-bucket/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-address/versions.tf b/modules/net-address/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-address/versions.tf +++ b/modules/net-address/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-cloudnat/versions.tf b/modules/net-cloudnat/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-cloudnat/versions.tf +++ b/modules/net-cloudnat/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-glb/versions.tf b/modules/net-glb/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-glb/versions.tf +++ b/modules/net-glb/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-ilb-l7/versions.tf b/modules/net-ilb-l7/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-ilb-l7/versions.tf +++ b/modules/net-ilb-l7/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-ilb/versions.tf b/modules/net-ilb/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-ilb/versions.tf +++ b/modules/net-ilb/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-interconnect-attachment-direct/versions.tf b/modules/net-interconnect-attachment-direct/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-interconnect-attachment-direct/versions.tf +++ b/modules/net-interconnect-attachment-direct/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-vpc-firewall/versions.tf b/modules/net-vpc-firewall/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-vpc-firewall/versions.tf +++ b/modules/net-vpc-firewall/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-vpc-peering/versions.tf b/modules/net-vpc-peering/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-vpc-peering/versions.tf +++ b/modules/net-vpc-peering/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-vpc/versions.tf b/modules/net-vpc/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-vpc/versions.tf +++ b/modules/net-vpc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-vpn-dynamic/versions.tf b/modules/net-vpn-dynamic/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-vpn-dynamic/versions.tf +++ b/modules/net-vpn-dynamic/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-vpn-ha/versions.tf b/modules/net-vpn-ha/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-vpn-ha/versions.tf +++ b/modules/net-vpn-ha/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/net-vpn-static/versions.tf b/modules/net-vpn-static/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/net-vpn-static/versions.tf +++ b/modules/net-vpn-static/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/organization/versions.tf b/modules/organization/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/organization/versions.tf +++ b/modules/organization/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/project/versions.tf b/modules/project/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/project/versions.tf +++ b/modules/project/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/projects-data-source/versions.tf b/modules/projects-data-source/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/projects-data-source/versions.tf +++ b/modules/projects-data-source/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/pubsub/versions.tf b/modules/pubsub/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/pubsub/versions.tf +++ b/modules/pubsub/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/secret-manager/versions.tf b/modules/secret-manager/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/secret-manager/versions.tf +++ b/modules/secret-manager/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/service-directory/versions.tf b/modules/service-directory/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/service-directory/versions.tf +++ b/modules/service-directory/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/source-repository/versions.tf b/modules/source-repository/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/source-repository/versions.tf +++ b/modules/source-repository/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } diff --git a/modules/vpc-sc/versions.tf b/modules/vpc-sc/versions.tf index 4900174aae..08492c6f95 100644 --- a/modules/vpc-sc/versions.tf +++ b/modules/vpc-sc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.48.0" # tftest + version = ">= 4.50.0" # tftest } } } From 1784dd8cadc7c7d20c09407ba3723e12a94b2cc1 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 7 Feb 2023 15:56:24 +0100 Subject: [PATCH 4/7] Remove unneeded __init__.py --- tests/modules/api_gateway/__init__.py | 13 -- tests/modules/compute_vm/__init__.py | 13 -- tests/modules/compute_vm/test_plan_disks.py | 185 ------------------ tests/modules/dns/__init__.py | 13 -- tests/modules/gcs/__init__.py | 13 -- tests/modules/gke_cluster/__init__.py | 13 -- tests/modules/gke_nodepool/__init__.py | 13 -- tests/modules/iam_service_account/__init__.py | 13 -- tests/modules/net_glb/__init__.py | 13 -- 9 files changed, 289 deletions(-) delete mode 100644 tests/modules/api_gateway/__init__.py delete mode 100644 tests/modules/compute_vm/__init__.py delete mode 100644 tests/modules/compute_vm/test_plan_disks.py delete mode 100644 tests/modules/dns/__init__.py delete mode 100644 tests/modules/gcs/__init__.py delete mode 100644 tests/modules/gke_cluster/__init__.py delete mode 100644 tests/modules/gke_nodepool/__init__.py delete mode 100644 tests/modules/iam_service_account/__init__.py delete mode 100644 tests/modules/net_glb/__init__.py diff --git a/tests/modules/api_gateway/__init__.py b/tests/modules/api_gateway/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/api_gateway/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/compute_vm/__init__.py b/tests/modules/compute_vm/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/compute_vm/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/compute_vm/test_plan_disks.py b/tests/modules/compute_vm/test_plan_disks.py deleted file mode 100644 index 2c461d4548..0000000000 --- a/tests/modules/compute_vm/test_plan_disks.py +++ /dev/null @@ -1,185 +0,0 @@ -# Copyright 2023 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -def test_types(plan_runner): - _disks = '''[{ - name = "data1" - size = "10" - source_type = "image" - source = "image-1" - options = null - }, { - name = "data2" - size = "20" - source_type = "snapshot" - source = "snapshot-2" - options = null - }, { - name = "data3" - size = null - source_type = "attach" - source = "disk-3" - options = null - }] - ''' - _, resources = plan_runner(attached_disks=_disks) - assert len(resources) == 3 - disks = { - r['values']['name']: r['values'] - for r in resources - if r['type'] == 'google_compute_disk' - } - assert disks['test-data1']['size'] == 10 - assert disks['test-data2']['size'] == 20 - assert disks['test-data1']['image'] == 'image-1' - assert disks['test-data1']['snapshot'] is None - assert disks['test-data2']['snapshot'] == 'snapshot-2' - assert disks['test-data2']['image'] is None - instance = [ - r['values'] for r in resources if r['type'] == 'google_compute_instance' - ][0] - instance_disks = { - d['source']: d['device_name'] for d in instance['attached_disk'] - } - assert instance_disks == { - 'test-data1': 'data1', - 'test-data2': 'data2', - 'disk-3': 'data3' - } - - -def test_options(plan_runner): - _disks = '''[ -{ - name = "data1" - size = "10" - source_type = "image" - source = "image-1" - options = null - }, { - name = "data2" - size = "20" - source_type = "snapshot" - source = "snapshot-2" - options = null - }, { - name = "data3" - size = null - source_type = "attach" - source = "disk-3" - } - { - name = "data1" - size = "10" - source_type = "image" - source = "image-1" - options = { - mode = null, replica_zone = null, type = "pd-standard" - } - }, { - name = "data2" - size = "20" - source_type = null - source = null - options = { - mode = null, replica_zone = "europe-west1-c", type = "pd-ssd" - } - }] - ''' - _, resources = plan_runner(attached_disks=_disks) - assert len(resources) == 3 - disks_z = [ - r['values'] for r in resources if r['type'] == 'google_compute_disk' - ] - disks_r = [ - r['values'] - for r in resources - if r['type'] == 'google_compute_region_disk' - ] - assert len(disks_z) == len(disks_r) == 1 - instance = [ - r['values'] for r in resources if r['type'] == 'google_compute_instance' - ][0] - instance_disks = [d['device_name'] for d in instance['attached_disk']] - assert instance_disks == ['data1', 'data2'] - - -def test_template(plan_runner): - _disks = '''[{ - name = "data1" - size = "10" - source_type = "image" - source = "image-1" - options = { - mode = null, replica_zone = null, type = "pd-standard" - } - }, { - name = "data2" - size = "20" - source_type = null - source = null - options = { - mode = null, replica_zone = "europe-west1-c", type = "pd-ssd" - } - }] - ''' - _, resources = plan_runner(attached_disks=_disks, create_template="true") - assert len(resources) == 1 - template = [ - r['values'] - for r in resources - if r['type'] == 'google_compute_instance_template' - ][0] - assert len(template['disk']) == 3 - - -def test_auto_delete(plan_runner): - _disks = '''[{ - name = "data1" - size = "10" - options = { - auto_delete = true, mode = "READ_WRITE" - } - }, { - name = "data2" - size = "20" - options = { - auto_delete = false, mode = "READ_WRITE" - }, - }, { - name = "data3" - size = "20" - options = { - mode = "READ_ONLY" - } - }] - ''' - _, resources = plan_runner(attached_disks=_disks, create_template="true") - assert len(resources) == 1 - template = [ - r['values'] - for r in resources - if r['type'] == 'google_compute_instance_template' - ][0] - additional_disks = [ - d for d in template['disk'] if 'boot' not in d or d['boot'] != True - ] - assert len(additional_disks) == 3 - disk_data1 = [d for d in additional_disks if d['disk_name'] == 'data1'] - disk_data2 = [d for d in additional_disks if d['disk_name'] == 'data2'] - disk_data3 = [d for d in additional_disks if d['disk_name'] == 'data3'] - assert len(disk_data1) == 1 and disk_data1[0]['auto_delete'] == True - assert len(disk_data2) == 1 and disk_data2[0]['auto_delete'] == False - assert len(disk_data3) == 1 and disk_data3[0]['auto_delete'] == False diff --git a/tests/modules/dns/__init__.py b/tests/modules/dns/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/dns/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/gcs/__init__.py b/tests/modules/gcs/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/gcs/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/gke_cluster/__init__.py b/tests/modules/gke_cluster/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/gke_cluster/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/gke_nodepool/__init__.py b/tests/modules/gke_nodepool/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/gke_nodepool/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/iam_service_account/__init__.py b/tests/modules/iam_service_account/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/iam_service_account/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/modules/net_glb/__init__.py b/tests/modules/net_glb/__init__.py deleted file mode 100644 index 6d6d1266c3..0000000000 --- a/tests/modules/net_glb/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. From bb565b72f15c4339469a3839f4e62ebd24d1d168 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 7 Feb 2023 15:56:44 +0100 Subject: [PATCH 5/7] Add Disk examples --- modules/compute-vm/README.md | 47 ++++++++++++++- .../compute_vm/examples/disk-options.yaml | 59 +++++++++++++++++++ 2 files changed, 103 insertions(+), 3 deletions(-) create mode 100644 tests/modules/compute_vm/examples/disk-options.yaml diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index a4059dcf56..d783297f97 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -100,9 +100,9 @@ module "vm-default-sa-example2" { Attached disks can be created and optionally initialized from a pre-existing source, or attached to VMs when pre-existing. The `source` and `source_type` attributes of the `attached_disks` variable allows several modes of operation: -- `source_type = "image"` can be used with zonal disks in instances and templates, set `source` to the image name or link -- `source_type = "snapshot"` can be used with instances only, set `source` to the snapshot name or link -- `source_type = "attach"` can be used for both instances and templates to attach an existing disk, set source to the name (for zonal disks) or link (for regional disks) of the existing disk to attach; no disk will be created +- `source_type = "image"` can be used with zonal disks in instances and templates, set `source` to the image name or self link +- `source_type = "snapshot"` can be used with instances only, set `source` to the snapshot name or self link +- `source_type = "attach"` can be used for both instances and templates to attach an existing disk, set source to the name (for zonal disks) or self link (for regional disks) of the existing disk to attach; no disk will be created - `source_type = null` can be used where an empty disk is needed, `source` becomes irrelevant and can be left null This is an example of attaching a pre-existing regional PD to a new instance: @@ -158,6 +158,47 @@ module "vm-disks-example" { # tftest modules=1 resources=2 ``` +#### Disk types and options + +The `attached_disks` variable exposes an `option` attribute that can be used to fine tune the configuration of each disk. The following example shows a VM with multiple disks + +```hcl +module "vm-disk-options-example" { + source = "./fabric/modules/compute-vm" + project_id = var.project_id + zone = "europe-west1-b" + name = "test" + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + }] + attached_disks = [ + { + name = "data1" + size = "10" + source_type = "image" + source = "image-1" + options = { + auto_delete = false + replica_zone = "europe-west1-c" + } + }, + { + name = "data2" + size = "20" + source_type = "snapshot" + source = "snapshot-2" + options = { + type = "pd-ssd" + mode = "READ_ONLY" + } + } + ] + service_account_create = true +} +# tftest modules=1 resources=4 inventory=disk-options.yaml +``` + ### Network interfaces #### Internal and external IPs diff --git a/tests/modules/compute_vm/examples/disk-options.yaml b/tests/modules/compute_vm/examples/disk-options.yaml new file mode 100644 index 0000000000..91c11b4199 --- /dev/null +++ b/tests/modules/compute_vm/examples/disk-options.yaml @@ -0,0 +1,59 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.vm-disk-options-example.google_compute_disk.disks["data2"]: + name: test-data2 + project: project-id + size: 20 + snapshot: snapshot-2 + type: pd-ssd + zone: europe-west1-b + module.vm-disk-options-example.google_compute_instance.default[0]: + attached_disk: + - device_name: data2 + disk_encryption_key_raw: null + mode: READ_ONLY + source: test-data2 + - device_name: data1 + disk_encryption_key_raw: null + mode: READ_WRITE + source: test-data1 + boot_disk: + - auto_delete: true + disk_encryption_key_raw: null + initialize_params: + - image: projects/debian-cloud/global/images/family/debian-11 + size: 10 + type: pd-balanced + mode: READ_WRITE + description: Managed by the compute-vm Terraform module. + name: test + project: project-id + zone: europe-west1-b + module.vm-disk-options-example.google_compute_region_disk.disks["data1"]: + name: test-data1 + project: project-id + region: europe-west1 + replica_zones: + - europe-west1-b + - europe-west1-c + size: 10 + type: pd-balanced + +counts: + google_compute_disk: 1 + google_compute_instance: 1 + google_compute_region_disk: 1 + google_service_account: 1 From 1aba238c99160f922088a20cf1a3c80aeff86cfd Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 7 Feb 2023 15:57:23 +0100 Subject: [PATCH 6/7] Remove empty section --- modules/compute-vm/README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index d783297f97..27ecfe9dd9 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -409,8 +409,6 @@ module "template-confidential-example" { # tftest modules=2 resources=2 inventory=confidential.yaml ``` -### Shielded VM configuration - ### Disk encryption with Cloud KMS This example shows how to control disk encryption via the the `encryption` variable, in this case the self link to a KMS CryptoKey that will be used to encrypt boot and attached disk. Managing the key with the `../kms` module is of course possible, but is not shown here. From 3395464754f4e72c0f0a8444162d772fcea3412a Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 7 Feb 2023 16:17:16 +0100 Subject: [PATCH 7/7] Update TOC --- modules/compute-vm/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index 27ecfe9dd9..7cfaf068f5 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -12,6 +12,7 @@ In both modes, an optional service account can be created and assigned to either - [Service account management](#service-account-management) - [Disk management](#disk-management) - [Disk sources](#disk-sources) + - [Disk types and options](#disk-types-and-options) - [Network interfaces](#network-interfaces) - [Internal and external IPs](#internal-and-external-ips) - [Using Alias IPs](#using-alias-ips) @@ -20,7 +21,6 @@ In both modes, an optional service account can be created and assigned to either - [IAM](#iam) - [Spot VM](#spot-vm) - [Confidential compute](#confidential-compute) -- [Shielded VM configuration](#shielded-vm-configuration) - [Disk encryption with Cloud KMS](#disk-encryption-with-cloud-kms) - [Instance template](#instance-template) - [Instance group](#instance-group)