Merge branch 'master' into feature/apigee-add-retention

README.md

@@ -32,7 +32,7 @@ Currently available modules:
 - **foundational** - [billing budget](./modules/billing-budget), [Cloud Identity group](./modules/cloud-identity-group/), [folder](./modules/folder), [service accounts](./modules/iam-service-account), [logging bucket](./modules/logging-bucket), [organization](./modules/organization), [project](./modules/project), [projects-data-source](./modules/projects-data-source)
 - **networking** - [DNS](./modules/dns), [DNS Response Policy](./modules/dns-response-policy/), [Cloud Endpoints](./modules/endpoints), [address reservation](./modules/net-address), [NAT](./modules/net-cloudnat), [VLAN Attachment](./modules/net-vlan-attachment/), [External Application LB](./modules/net-lb-app-ext/), [External Passthrough Network LB](./modules/net-lb-ext), [Internal Application LB](./modules/net-lb-app-int), [Internal Passthrough Network LB](./modules/net-lb-int), [Internal Proxy Network LB](./modules/net-lb-proxy-int), [IPSec over Interconnect](./modules/net-ipsec-over-interconnect), [VPC](./modules/net-vpc), [VPC firewall](./modules/net-vpc-firewall), [VPC firewall policy](./modules/net-vpc-firewall-policy), [VPC peering](./modules/net-vpc-peering), [VPN dynamic](./modules/net-vpn-dynamic), [HA VPN](./modules/net-vpn-ha), [VPN static](./modules/net-vpn-static), [Service Directory](./modules/service-directory), [Secure Web Proxy](./modules/net-swp)
 - **compute** - [VM/VM group](./modules/compute-vm), [MIG](./modules/compute-mig), [COS container](./modules/cloud-config-container/cos-generic-metadata/) (coredns, mysql, onprem, squid), [GKE cluster](./modules/gke-cluster-standard), [GKE hub](./modules/gke-hub), [GKE nodepool](./modules/gke-nodepool)
-- **data** - [AlloyDB instance](./modules/alloydb-instance), [BigQuery dataset](./modules/bigquery-dataset), [Bigtable instance](./modules/bigtable-instance), [Dataplex](./modules/dataplex), [Cloud SQL instance](./modules/cloudsql-instance), [Data Catalog Policy Tag](./modules/data-catalog-policy-tag), [Datafusion](./modules/datafusion), [Dataproc](./modules/dataproc), [GCS](./modules/gcs), [Pub/Sub](./modules/pubsub)
+- **data** - [AlloyDB instance](./modules/alloydb-instance), [BigQuery dataset](./modules/bigquery-dataset), [Bigtable instance](./modules/bigtable-instance), [Dataplex](./modules/dataplex), [Dataplex DataScan](./modules/dataplex-datascan/), [Cloud SQL instance](./modules/cloudsql-instance), [Data Catalog Policy Tag](./modules/data-catalog-policy-tag), [Datafusion](./modules/datafusion), [Dataproc](./modules/dataproc), [GCS](./modules/gcs), [Pub/Sub](./modules/pubsub)
 - **development** - [API Gateway](./modules/api-gateway), [Apigee](./modules/apigee), [Artifact Registry](./modules/artifact-registry), [Container Registry](./modules/container-registry), [Cloud Source Repository](./modules/source-repository)
 - **security** - [Binauthz](./modules/binauthz/), [KMS](./modules/kms), [SecretManager](./modules/secret-manager), [VPC Service Control](./modules/vpc-sc)
 - **serverless** - [Cloud Function v1](./modules/cloud-function-v1), [Cloud Function v2](./modules/cloud-function-v2), [Cloud Run](./modules/cloud-run)

blueprints/networking/ha-vpn-over-interconnect/README.md

@@ -24,26 +24,22 @@ A single pre-existing project and a VPC is used in this blueprint to keep variab
 The provided project needs a valid billing account and the Compute APIs enabled.
 
 The two Dedicated Interconnect connections should already exist, either in the same project or in any other project belonging to the same GCP Organization.
-
-
 <!-- BEGIN TFDOC -->
-
 ## Variables
 
 | name | description | type | required | default |
 |---|---|:---:|:---:|:---:|
 | [network](variables.tf#L18) | The VPC name to which resources are associated to. | <code>string</code> | ✓ |  |
-| [overlay_config](variables.tf#L24) | Configuration for the overlay resources. | <code title="object&#40;&#123;&#10;  gcp_bgp &#61; object&#40;&#123;&#10;    asn       &#61; number&#10;    name      &#61; optional&#40;string&#41;&#10;    keepalive &#61; optional&#40;number&#41;&#10;    custom_advertise &#61; optional&#40;object&#40;&#123;&#10;      all_subnets &#61; bool&#10;      ip_ranges   &#61; map&#40;string&#41;&#10;    &#125;&#41;&#41;&#10;  &#125;&#41;&#10;  onprem_vpn_gateway &#61; object&#40;&#123;&#10;    redundancy_type &#61; optional&#40;string, &#34;TWO_IPS_REDUNDANCY&#34;&#41;&#10;    interfaces      &#61; list&#40;string&#41;&#10;  &#125;&#41;&#10;  gateways &#61; map&#40;map&#40;object&#40;&#123;&#10;    bgp_peer &#61; object&#40;&#123;&#10;      address        &#61; string&#10;      asn            &#61; number&#10;      route_priority &#61; optional&#40;number, 1000&#41;&#10;      custom_advertise &#61; optional&#40;object&#40;&#123;&#10;        all_subnets          &#61; bool&#10;        all_vpc_subnets      &#61; bool&#10;        all_peer_vpc_subnets &#61; bool&#10;        ip_ranges            &#61; map&#40;string&#41;&#10;      &#125;&#41;&#41;&#10;    &#125;&#41;&#10;    bgp_session_range               &#61; string&#10;    ike_version                     &#61; optional&#40;number, 2&#41;&#10;    peer_external_gateway_interface &#61; optional&#40;number&#41;&#10;    peer_gateway                    &#61; optional&#40;string, &#34;default&#34;&#41;&#10;    router                          &#61; optional&#40;string&#41;&#10;    shared_secret                   &#61; optional&#40;string&#41;&#10;    vpn_gateway_interface           &#61; number&#10;    &#125;&#41;&#41;&#10;  &#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ |  |
-| [project_id](variables.tf#L66) | The project id. | <code>string</code> | ✓ |  |
-| [region](variables.tf#L71) | GCP Region. | <code>string</code> | ✓ |  |
-| [underlay_config](variables.tf#L76) | Configuration for the underlay resources. | <code title="object&#40;&#123;&#10;  attachments &#61; map&#40;object&#40;&#123;&#10;    bandwidth              &#61; optional&#40;string, &#34;BPS_10G&#34;&#41;&#10;    base_name              &#61; optional&#40;string, &#34;encrypted-vlan-attachment&#34;&#41;&#10;    bgp_range              &#61; string&#10;    interconnect_self_link &#61; string&#10;    onprem_asn             &#61; number&#10;    vlan_tag               &#61; number&#10;    vpn_gateways_ip_range  &#61; string&#10;  &#125;&#41;&#41;&#10;  gcp_bgp &#61; object&#40;&#123;&#10;    asn &#61; number&#10;  &#125;&#41;&#10;  interconnect_type &#61; optional&#40;string, &#34;DEDICATED&#34;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ |  |
+| [overlay_config](variables.tf#L24) | Configuration for the overlay resources. | <code title="object&#40;&#123;&#10;  gcp_bgp &#61; object&#40;&#123;&#10;    asn       &#61; number&#10;    name      &#61; optional&#40;string&#41;&#10;    keepalive &#61; optional&#40;number&#41;&#10;    custom_advertise &#61; optional&#40;object&#40;&#123;&#10;      all_subnets &#61; bool&#10;      ip_ranges   &#61; map&#40;string&#41;&#10;    &#125;&#41;&#41;&#10;  &#125;&#41;&#10;  onprem_vpn_gateway_interfaces &#61; list&#40;string&#41;&#10;  gateways &#61; map&#40;map&#40;object&#40;&#123;&#10;    bgp_peer &#61; object&#40;&#123;&#10;      address        &#61; string&#10;      asn            &#61; number&#10;      route_priority &#61; optional&#40;number, 1000&#41;&#10;      custom_advertise &#61; optional&#40;object&#40;&#123;&#10;        all_subnets          &#61; bool&#10;        all_vpc_subnets      &#61; bool&#10;        all_peer_vpc_subnets &#61; bool&#10;        ip_ranges            &#61; map&#40;string&#41;&#10;      &#125;&#41;&#41;&#10;    &#125;&#41;&#10;    bgp_session_range               &#61; string&#10;    ike_version                     &#61; optional&#40;number, 2&#41;&#10;    peer_external_gateway_interface &#61; optional&#40;number&#41;&#10;    peer_gateway                    &#61; optional&#40;string, &#34;default&#34;&#41;&#10;    router                          &#61; optional&#40;string&#41;&#10;    shared_secret                   &#61; optional&#40;string&#41;&#10;    vpn_gateway_interface           &#61; number&#10;    &#125;&#41;&#41;&#10;  &#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ |  |
+| [project_id](variables.tf#L63) | The project id. | <code>string</code> | ✓ |  |
+| [region](variables.tf#L68) | GCP Region. | <code>string</code> | ✓ |  |
+| [underlay_config](variables.tf#L73) | Configuration for the underlay resources. | <code title="object&#40;&#123;&#10;  attachments &#61; map&#40;object&#40;&#123;&#10;    bandwidth              &#61; optional&#40;string, &#34;BPS_10G&#34;&#41;&#10;    base_name              &#61; optional&#40;string, &#34;encrypted-vlan-attachment&#34;&#41;&#10;    bgp_range              &#61; string&#10;    interconnect_self_link &#61; string&#10;    onprem_asn             &#61; number&#10;    vlan_tag               &#61; number&#10;    vpn_gateways_ip_range  &#61; string&#10;  &#125;&#41;&#41;&#10;  gcp_bgp &#61; object&#40;&#123;&#10;    asn &#61; number&#10;  &#125;&#41;&#10;  interconnect_type &#61; optional&#40;string, &#34;DEDICATED&#34;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ |  |
 
 ## Outputs
 
 | name | description | sensitive |
 |---|---|:---:|
 | [underlay](outputs.tf#L17) | Setup for the underlay connection. |  |
-
 <!-- END TFDOC -->
 ## Test
 
@@ -64,9 +60,7 @@ module "test" {
         }
       }
     }
-    onprem_vpn_gateway = {
-      interfaces = ["172.16.0.1", "172.16.0.2"]
-    }
+    onprem_vpn_gateway_interfaces = ["172.16.0.1", "172.16.0.2"]
     gateways = {
       a = {
         remote-0 = {

blueprints/networking/ha-vpn-over-interconnect/overlay.tf

@@ -47,9 +47,9 @@ resource "google_compute_external_vpn_gateway" "default" {
   name            = "peer-vpn-gateway"
   project         = var.project_id
   description     = "Peer IPSec over Interconnect VPN gateway"
-  redundancy_type = length(var.overlay_config.onprem_vpn_gateway) == 2 ? "TWO_IPS_REDUNDANCY" : "SINGLE_IP_INTERNALLY_REDUNDANT"
+  redundancy_type = length(var.overlay_config.onprem_vpn_gateway_interfaces) == 2 ? "TWO_IPS_REDUNDANCY" : "SINGLE_IP_INTERNALLY_REDUNDANT"
   dynamic "interface" {
-    for_each = var.overlay_config.onprem_vpn_gateway.interfaces
+    for_each = var.overlay_config.onprem_vpn_gateway_interfaces
     content {
       id         = interface.key
       ip_address = interface.value

blueprints/networking/ha-vpn-over-interconnect/variables.tf

@@ -33,10 +33,7 @@ variable "overlay_config" {
         ip_ranges   = map(string)
       }))
     })
-    onprem_vpn_gateway = object({
-      redundancy_type = optional(string, "TWO_IPS_REDUNDANCY")
-      interfaces      = list(string)
-    })
+    onprem_vpn_gateway_interfaces = list(string)
     gateways = map(map(object({
       bgp_peer = object({
         address        = string

modules/README.md

@@ -77,6 +77,7 @@ These modules are used in the examples included in this repository. If you are u
 - [BigQuery dataset](./bigquery-dataset)
 - [Bigtable instance](./bigtable-instance)
 - [Dataplex](./dataplex)
+- [Dataplex DataScan](./dataplex-datascan/)
 - [Cloud SQL instance](./cloudsql-instance)
 - [Data Catalog Policy Tag](./data-catalog-policy-tag)
 - [Datafusion](./datafusion)