GoogleCloudPlatform/pbmm-on-gcp-onboarding
GCP Canadian Public Sector Landing Zone overlay on top of the TEF via CFT modules - a secure cloud foundation
HCLApache-2.0
Issues
- 0
Dependency Dashboard
#456 opened by forking-renovate - 4
- 2
New org: billing sharing from external org now requires addition of directory id - as GCP default organization policy - domain restricted sharing
#452 opened by obriensystems - 3
- 1
Add terraform delete triggers with optional script to allow for developer workflow of repeated create/delete of all TEF projects
#390 opened by fmichaelobrien - 4
4-projects step 15 production apply of both business units - after common apply - fails with API rate limit on concurrent operations quota - fix: retry up to 60 min later
#391 opened by obriensystems - 3
5-app-infra step 10 - cloud build trigger missing for plan and apply builds
#392 opened by obriensystems - 4
FR: Add Cloud NGFW Essential capability with optional Standard or Enterprise based IPS in the TEF 3-networks-hub-and-spoke folder and associated terraform-google-modules
#396 opened by fmichaelobrien - 2
- 1
Cloud Foundation Toolkit as source original for terraform-google-modules
#398 opened by fmichaelobrien - 25
- 1
Refector for CFF: Cloud Foundation Fabric - fork towards public sector secure overlay alignment
#400 opened by fmichaelobrien - 1
Use a json global config file directly with terraform as -var-file or as a jsondecode/file locals block
#402 opened by fmichaelobrien - 2
LZ Delete: full terraform destroy option for some or all of 1-5 folders including 0-bootstrap gcloud infrastructure - dev/org reuse
#403 opened by fmichaelobrien - 1
Adjust readme.md for local PR changes specific to ongoing ADO ci/cd option
#404 opened by obriensystems - 1
Data Residency: nane1/nane2 region retrofit throughout the LZ - in prep of a single parameterized input yaml
#406 opened by obriensystems - 1
Merge duplicate instructions on GCP onboarding, roles, service enablements, billing and bootstrap project - continuation of 362
#407 opened by obriensystems - 6
DockerHub development version of the TEF Dockerfile terraform.exe image for ADO iteration based off the gcloud image in https://hub.docker.com/r/google/cloud-sdk/
#409 opened by obriensystems - 1
- 1
- 2
Install GCP local CLI on Azure Virtual Desktop
#414 opened by obriensystems - 1
Add 2nd gcp_scc_admin to gcp_ssc_findings_admin
#415 opened by fmichaelobrien - 3
Step 0-bootstrap: no outputs generated
#416 opened by eballestas - 4
- 3
0-bootstrap cloning to repo error
#418 opened by eballestas - 2
README.md warning on main branch temporary repo state while the CB/CSR option is returned during the retrofit for local TF deployment
#419 opened by fmichaelobrien - 6
Replace/revert-back CB/CSR options as we add local terraform and ado (399) options - to be able to use CB/CSR as a current option while we retrofit
#421 opened by fmichaelobrien - 2
As part of 421 - CB/local retrofit - verify no trailing . required for perimeter_additional_members like for the DNS peering domain - defaulting to no
#422 opened by obriensystems - 1
Missing cloudbuild services enable on bootstrap requires a 5 min wait state before a terraform re apply on 0-bootstrap - delete the existing cloudbuild worker pool to proceed
#425 opened by obriensystems - 1
As part of 421 - CB/local retrofit - verify KMS = us and GCS = US locations equivalents for nane1/nane2
#424 opened by obriensystems - 3
Verify windows /AVD workstation 0-bootstrap deployment has no issues with symlinks
#428 opened by fmichaelobrien - 14
Windows amd64/ia64 local gcloud client support: terraform apply via ming64/git-bash tested - expected win32 issue running bootstrap module check_env.sh works only inside docker container (ubuntu or google/cloud-sdk) - or use cloud shell
#429 opened by fmichaelobrien - 1
Verify federated ad/entra user visible in IAM gcp side for role assignment - currently only admin side can assign user to a group
#430 opened by fmichaelobrien - 20
Cloud Build module in bootstrap fails on CSR clone gcloud API auth during push-to-repo.sh for CB trigger creation on particular client - use ssh key and ssh-agent
#431 opened by fmichaelobrien - 2
- 5
Document Cloud Build worker pool quota increase required for the 1 private pool per region - will hit on 2nd dev LZ
#434 opened by obriensystems - 1
- 1
terraform destroy - procedure and docs
#437 opened by obriensystems - 1
pipeline retries for what can go wrong with timeout, group retry, CB pool creation
#438 opened by fmichaelobrien - 1
Migration: CSR (Cloud Source Repositories) EOL June 2024 - move to SSM (Secure Source Manager) as default CICD repository
#439 opened by obriensystems - 1
- 1
Canary: serverless: gen app builder
#442 opened by obriensystems - 1
Upstream: full group creation hangs on eventual consistency - wait 5 min to restart 0-bootstrap terraform plan/apply
#443 opened by obriensystems - 1
upstream: missing main branch references in 0-bootstrap push-to-repo.sh step - switch to master
#444 opened by obriensystems - 1
upstream: developer workflow - remove seed project liens before deleting - or disable liens on create
#445 opened by obriensystems - 1
Azure and GCP API calls - Cross Cloud Interconnect and Azure Expressroute
#446 opened by obriensystems - 1
Merge Marian's latest dev branch - incorporating 20240520 TEF upstream sync
#448 opened by fmichaelobrien - 3
- 1
Remove BAA from sa.tf in 0-boostrap - simuliation with only BAU - retest LZ
#450 opened by obriensystems - 0
Align PBMM and TEF repo on nonproduction, non-production and non_production identifiers - upstream and downstream
#405 opened by obriensystems