canada-ca accelerators_accelerateurs-gcp issues

canada-ca / accelerators_accelerateurs-gcp

[GCP] Tools and templates to accelerate GC service delivery. Outils et modèles pour accélérer la prestation de services du GC.

MIT License

10 stars 8 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Automate group creation

#71 obriensystems opened 1 year ago
1
Document 3 projects (bootstrap, seed, guardrails) - what to keep - at what stage

#70 fmichaelobrien opened 1 year ago
0
Document "Project Creator" and "Billing Account Creator" roles removal from default organization level IAM permissions - move to identity principals and reduce to viewer for restricted users by default

#69 fmichaelobrien opened 1 year ago
0
Claudianavarrofragoso add billing data export setup documentation

#68 claudianavarrofragoso closed 1 year ago
3
Adjust Guardrails Onboarding Documentation for recent changes - ongoing shared billing procedures

#67 fmichaelobrien opened 1 year ago
0
derive project name from gcloud config via gcloud config list --format json | jq .core.project | sed 's/"//g'

#66 obriensystems opened 1 year ago
0
Document terraform destroy of entire guardrails including gcloud delete for seed project, billing and TF service account - to reset the organization

#65 fmichaelobrien opened 1 year ago
2
Add procedure for manually adding the Terraform SA as Billing Account User on billing (in addition to IAM) to proceed with project/billing association

#64 fmichaelobrien opened 1 year ago
2
Document turning off VPN before authenticating Terraform Service Account impersonation and billing api calls

#63 fmichaelobrien opened 1 year ago
0
Merge GR evidence requirements: gcp and azure

#62 fmichaelobrien opened 1 year ago
0
Doc: add prereq step to turn off GoC VPN - otherwise terraform plan/apply will not authenticate

#61 fmichaelobrien opened 1 year ago
0
#52 - add GR 12 - disable public marketplace organization policy

#60 obriensystems closed 1 year ago
3
GR validation script procedure, regional mb fix, missing asset inventory jsons and hardcoded bucket name require rework before validation works

#59 obriensystems opened 1 year ago
1
Make bootstrap SA role additions quiet to preserve GR install log history

#58 fmichaelobrien opened 1 year ago
1
Bug: bootstrap project without billing associated due to maxed 5 projects/billing quota will fail billing check silently

#57 fmichaelobrien opened 1 year ago
1
Rerun of terraform causes regional org policy hidden attribute change northamerica-northeast1 for module.org-policy.google_organization_policy.org_policy_list_allow_values[0]

#56 obriensystems opened 1 year ago
1
Verify terraform version post v1.3.4 - getting terraform plan/apply impersonate errors

#55 fmichaelobrien opened 1 year ago
1
GR 8: Segment and Separate - VPC diagrams for Profile 1 to 6

#54 fmichaelobrien opened 1 year ago
1
GR 1 and 2: Implement SSO for Super Admin and at Identity org level for Evidence ATO acceptance

#53 fmichaelobrien opened 2 years ago
0
GR 12: Implement private catalog for marketplace reduction for Evidence ATO acceptance

#52 fmichaelobrien closed 1 year ago
7
Add GR 09: restrict public IPs for VMs and SQL instances via organization policy

#51 obriensystems opened 2 years ago
1
delete or sed-update the labels in projects.tf

#50 obriensystems opened 2 years ago
0
#47 - terraform 1.2.8 breaks without SA removal - critical fix

#49 fmichaelobrien closed 2 years ago
1
fix the open in cloud shell from my fork to the main repo

#48 fmichaelobrien closed 2 years ago
1
example install run 20220915 - to validate terraform 1.2.8 project-factory removal of impersonate_service_account

#47 obriensystems opened 2 years ago
5
adjust both sh scripts - derive project for organization and billing (no input required)

#46 obriensystems opened 2 years ago
4
doc: add back pointer to gc collab wiki links

#45 obriensystems opened 2 years ago
1
Log sink sk-c-logging-pub pub/sub topic missing

#44 fmichaelobrien opened 2 years ago
2
Validate dept-seed-project does not have a GCP existing project conflict - either add random suffix or add increment on gcloud projects create command

#43 fmichaelobrien opened 2 years ago
1
Document and add to bootstrap.sh 6 super admin required roles required to prepare for terraform service account permissions

#42 fmichaelobrien opened 2 years ago
10
Document cloud shell open user must select "Trust repo" for permissions to take effect

#41 fmichaelobrien opened 2 years ago
0
Validation Verification

#40 fmichaelobrien opened 2 years ago
0
Marketplace GR-12 restriction required - or private service catalog

#39 fmichaelobrien opened 2 years ago
2
Adjust bootstrap.sh to add the Billing Account Administrator role to the TF Service Account for both the Billing view as well as existing IAM view

#38 fmichaelobrien opened 2 years ago
0
Document cloud broker procedure to associate billing account ID with organization + billing user

#37 fmichaelobrien opened 2 years ago
0
#34 - chmod 755/readme/link/doc updates

#36 fmichaelobrien closed 2 years ago
0
Post -i workaround for SED during guardrails validation - known issue can be fixed

#35 obriensystems opened 2 years ago
0
bootstrap.sh needs a committed chmod 755 in the repo

#34 fmichaelobrien closed 2 years ago
1
Move Google Admin group creation back into Google Cloud IAM group creation - no need to switch out to admin - assign to fmichaelobrien

#33 fmichaelobrien opened 2 years ago
0
bootstrap.sh 2nd sed on provider.tf not required

#32 fmichaelobrien opened 2 years ago
0
Adjust bootstrap.sh script for OSX (sed -i) should be (sed) - use a parameter

#31 fmichaelobrien opened 2 years ago
1
Alternate glcoud init (auth) procedure for shell browser clients with popup blockers - use local gcloud sdk

#30 fmichaelobrien opened 2 years ago
3
Open in cloud shell - hardcoded to fmichaelobrien fork not canada-ca main - I'll PR shortly

#29 fmichaelobrien opened 2 years ago
2
noticed readme link on main readme is 404

#28 fmichaelobrien closed 2 years ago
1
minor: rerun terraform causes org policy rewrite - no effect - policy still up

#27 fmichaelobrien opened 2 years ago
0
Ready to Merge ---- Adjust script/terraform deployment for single session automation with rerun capability and pre/post roles/permissions set/verify - Claudia and Michael recent triage

#26 fmichaelobrien closed 2 years ago
3
reentrant bootstrap script has switched to seed project from boostrap - return back to bootstrap

#25 fmichaelobrien opened 2 years ago
0
Remaining config changes to fully deploy

#24 fmichaelobrien opened 2 years ago
9
add "Open in Cloud Shell" automated clone to shell button in readme.MD - to help with initial setup - script needs to override HOME var

#23 fmichaelobrien closed 2 years ago
1
Add Terraform Service Account impersonation config/code

#22 fmichaelobrien opened 2 years ago
3