rename variables and small fixes

0-bootstrap/README-GitHub.md

@@ -565,15 +565,15 @@ or go to [Deploying step 3-networks-hub-and-spoke](#deploying-step-3-networks-hu
    chmod 755 ./tf-wrapper.sh
    ```
 
-1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `shared.auto.example.tfvars` to `shared.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
+1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `production.auto.example.tfvars` to `production.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
 
    ```bash
    mv common.auto.example.tfvars common.auto.tfvars
-   mv shared.auto.example.tfvars shared.auto.tfvars
+   mv production.auto.example.tfvars production.auto.tfvars
    mv access_context.auto.example.tfvars access_context.auto.tfvars
    ```
 
-1. Update the file `shared.auto.tfvars` with the values for the `target_name_server_addresses`.
+1. Update the file `production.auto.tfvars` with the values for the `target_name_server_addresses`.
 1. Update the file `access_context.auto.tfvars` with the organization's `access_context_manager_policy_id`.
 
    ```bash

0-bootstrap/README-GitLab.md

@@ -568,15 +568,15 @@ or go to [Deploying step 3-networks-hub-and-spoke](#deploying-step-3-networks-hu
    chmod 755 ./*.sh
    ```
 
-1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `shared.auto.example.tfvars` to `shared.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
+1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `production.auto.example.tfvars` to `production.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
 
    ```bash
    mv common.auto.example.tfvars common.auto.tfvars
-   mv shared.auto.example.tfvars shared.auto.tfvars
+   mv production.auto.example.tfvars production.auto.tfvars
    mv access_context.auto.example.tfvars access_context.auto.tfvars
    ```
 
-1. Update the file `shared.auto.tfvars` with the values for the `target_name_server_addresses`.
+1. Update the file `production.auto.tfvars` with the values for the `target_name_server_addresses`.
 1. Update the file `access_context.auto.tfvars` with the organization's `access_context_manager_policy_id`.
 
    ```bash

0-bootstrap/README-Jenkins.md

@@ -599,16 +599,16 @@ Here you will configure a VPN Network tunnel to enable connectivity between the
    sed -i'' -e "s/CICD_PROJECT_ID/${CICD_PROJECT_ID}/" ./Jenkinsfile
    ```
 
-1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `shared.auto.example.tfvars` to `shared.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
+1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `production.auto.example.tfvars` to `production.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
 
    ```bash
    mv common.auto.example.tfvars common.auto.tfvars
-   mv shared.auto.example.tfvars shared.auto.tfvars
+   mv production.auto.example.tfvars production.auto.tfvars
    mv access_context.auto.example.tfvars access_context.auto.tfvars
    ```
 
 1. Update `common.auto.tfvars` file with values from your environment and bootstrap. See any of the envs folder [README.md](../3-networks-dual-svpc/envs/production/README.md) files for additional information on the values in the `common.auto.tfvars` file.
-1. Update `shared.auto.tfvars` file with the `target_name_server_addresses`.
+1. Update `production.auto.tfvars` file with the `target_name_server_addresses`.
 1. Update `access_context.auto.tfvars` file with the `access_context_manager_policy_id`.
 1. Use `terraform output` to get the backend bucket and networks step Terraform Service Account values from gcp-bootstrap output.
 

0-bootstrap/README-Terraform-Cloud.md

@@ -476,15 +476,15 @@ or go to [Deploying step 3-networks-hub-and-spoke](#deploying-step-3-networks-hu
    chmod 755 ./tf-wrapper.sh
    ```
 
-1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `shared.auto.example.tfvars` to `shared.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
+1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `production.auto.example.tfvars` to `production.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
 
    ```bash
    mv common.auto.example.tfvars common.auto.tfvars
-   mv shared.auto.example.tfvars shared.auto.tfvars
+   mv production.auto.example.tfvars production.auto.tfvars
    mv access_context.auto.example.tfvars access_context.auto.tfvars
    ```
 
-1. Update the file `shared.auto.tfvars` with the values for the `target_name_server_addresses`.
+1. Update the file `production.auto.tfvars` with the values for the `target_name_server_addresses`.
 1. Update the file `access_context.auto.tfvars` with the organization's `access_context_manager_policy_id`.
 
    ```bash

3-networks-dual-svpc/README.md

@@ -163,16 +163,16 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get
    chmod 755 ./tf-wrapper.sh
    ```
 
-1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `shared.auto.example.tfvars` to `shared.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
+1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `production.auto.example.tfvars` to `production.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
 
    ```bash
    mv common.auto.example.tfvars common.auto.tfvars
-   mv shared.auto.example.tfvars shared.auto.tfvars
+   mv production.auto.example.tfvars production.auto.tfvars
    mv access_context.auto.example.tfvars access_context.auto.tfvars
    ```
 
 1. Update `common.auto.tfvars` file with values from your environment and bootstrap. See any of the envs folder [README.md](./envs/production/README.md) files for additional information on the values in the `common.auto.tfvars` file.
-   Update `shared.auto.tfvars` file with the `target_name_server_addresses`.
+   Update `production.auto.tfvars` file with the `target_name_server_addresses`.
    Update `access_context.auto.tfvars` file with the `access_context_manager_policy_id`.
    Use `terraform output` to get the backend bucket value from 0-bootstrap output.
 
@@ -305,16 +305,16 @@ See `0-bootstrap` [README-GitHub.md](../0-bootstrap/README-GitHub.md#deploying-s
    git checkout -b production
    ```
 
-1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `shared.auto.example.tfvars` to `shared.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
+1. Rename `common.auto.example.tfvars` to `common.auto.tfvars`, rename `production.auto.example.tfvars` to `production.auto.tfvars` and rename `access_context.auto.example.tfvars` to `access_context.auto.tfvars`.
 
    ```bash
    mv common.auto.example.tfvars common.auto.tfvars
-   mv shared.auto.example.tfvars shared.auto.tfvars
+   mv production.auto.example.tfvars production.auto.tfvars
    mv access_context.auto.example.tfvars access_context.auto.tfvars
    ```
 
 1. Update `common.auto.tfvars` file with values from your environment and bootstrap. See any of the envs folder [README.md](./envs/production/README.md) files for additional information on the values in the `common.auto.tfvars` file.
-1. Update `shared.auto.tfvars` file with the `target_name_server_addresses`.
+1. Update `production.auto.tfvars` file with the `target_name_server_addresses`.
 1. Update `access_context.auto.tfvars` file with the `access_context_manager_policy_id`.
 1. Use `terraform output` to get the backend bucket value from gcp-bootstrap output.
 

3-networks-dual-svpc/envs/production/main.tf

@@ -20,48 +20,48 @@ locals {
   /*
    * Base network ranges
    */
-  base_private_service_cidr = "10.16.16.0/21"
+  base_private_service_cidr = "10.16.24.0/21"
   base_subnet_primary_ranges = {
-    (local.default_region1) = "10.0.128.0/18"
-    (local.default_region2) = "10.1.128.0/18"
+    (local.default_region1) = "10.0.192.0/18"
+    (local.default_region2) = "10.1.192.0/18"
   }
   base_subnet_proxy_ranges = {
-    (local.default_region1) = "10.18.4.0/23"
-    (local.default_region2) = "10.19.4.0/23"
+    (local.default_region1) = "10.18.6.0/23"
+    (local.default_region2) = "10.19.6.0/23"
   }
   base_subnet_secondary_ranges = {
     (local.default_region1) = [
       {
         range_name    = "rn-${local.environment_code}-shared-base-${local.default_region1}-gke-pod"
-        ip_cidr_range = "100.64.128.0/18"
+        ip_cidr_range = "100.64.192.0/18"
       },
       {
         range_name    = "rn-${local.environment_code}-shared-base-${local.default_region1}-gke-svc"
-        ip_cidr_range = "100.65.128.0/18"
+        ip_cidr_range = "100.65.192.0/18"
       }
     ]
   }
   /*
    * Restricted network ranges
    */
-  restricted_private_service_cidr = "10.16.48.0/21"
+  restricted_private_service_cidr = "10.16.56.0/21"
   restricted_subnet_primary_ranges = {
-    (local.default_region1) = "10.8.128.0/18"
-    (local.default_region2) = "10.9.128.0/18"
+    (local.default_region1) = "10.8.192.0/18"
+    (local.default_region2) = "10.9.192.0/18"
   }
   restricted_subnet_proxy_ranges = {
-    (local.default_region1) = "10.26.4.0/23"
-    (local.default_region2) = "10.27.4.0/23"
+    (local.default_region1) = "10.26.6.0/23"
+    (local.default_region2) = "10.27.6.0/23"
   }
   restricted_subnet_secondary_ranges = {
     (local.default_region1) = [
       {
         range_name    = "rn-${local.environment_code}-shared-restricted-${local.default_region1}-gke-pod"
-        ip_cidr_range = "100.72.128.0/18"
+        ip_cidr_range = "100.72.192.0/18"
       },
       {
         range_name    = "rn-${local.environment_code}-shared-restricted-${local.default_region1}-gke-svc"
-        ip_cidr_range = "100.73.128.0/18"
+        ip_cidr_range = "100.73.192.0/18"
       }
     ]
   }

3-networks-dual-svpc/envs/shared/README.md

@@ -13,9 +13,7 @@
 | bgp\_asn\_dns | BGP Autonomous System Number (ASN). | `number` | `64667` | no |
 | dns\_enable\_logging | Toggle DNS logging for VPC DNS. | `bool` | `true` | no |
 | domain | The DNS name of forwarding managed zone, for instance 'example.com'. Must end with a period. | `string` | n/a | yes |
-| enable\_partner\_interconnect | Enable Partner Interconnect in the environment. | `bool` | `false` | no |
 | firewall\_policies\_enable\_logging | Toggle hierarchical firewall logging. | `bool` | `true` | no |
-| preactivate\_partner\_interconnect | Preactivate Partner Interconnect VLAN attachment in the environment. | `bool` | `false` | no |
 | remote\_state\_bucket | Backend bucket to load Terraform Remote State Data from previous steps. | `string` | n/a | yes |
 | tfc\_org\_name | Name of the TFC organization | `string` | `""` | no |
 | vpc\_flow\_logs | enable\_logging: set to true to enable VPC flow logging for the subnetworks.<br>  aggregation\_interval: Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Possible values are: INTERVAL\_5\_SEC, INTERVAL\_30\_SEC, INTERVAL\_1\_MIN, INTERVAL\_5\_MIN, INTERVAL\_10\_MIN, INTERVAL\_15\_MIN.<br>  flow\_sampling: Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. The value of the field must be in [0, 1].<br>  metadata: Configures whether metadata fields should be added to the reported VPC flow logs. Possible values are: EXCLUDE\_ALL\_METADATA, INCLUDE\_ALL\_METADATA, CUSTOM\_METADATA.<br>  metadata\_fields: ist of metadata fields that should be added to reported logs. Can only be specified if VPC flow logs for this subnetwork is enabled and "metadata" is set to CUSTOM\_METADATA.<br>  filter\_expr: Export filter used to define which VPC flow logs should be logged, as as CEL expression. See https://cloud.google.com/vpc/docs/flow-logs#filtering for details on how to format this field. | <pre>object({<br>    enable_logging       = optional(string, "true")<br>    aggregation_interval = optional(string, "INTERVAL_5_SEC")<br>    flow_sampling        = optional(string, "0.5")<br>    metadata             = optional(string, "INCLUDE_ALL_METADATA")<br>    metadata_fields      = optional(list(string), [])<br>    filter_expr          = optional(string, "true")<br>  })</pre> | `{}` | no |

3-networks-dual-svpc/envs/shared/remote.tf

@@ -17,12 +17,10 @@
 locals {
   env                       = "common"
   environment_code          = "c"
-  dns_bgp_asn_number        = var.enable_partner_interconnect ? "16550" : var.bgp_asn_dns
+  dns_bgp_asn_number        = var.bgp_asn_dns
   default_region1           = data.terraform_remote_state.bootstrap.outputs.common_config.default_region
   default_region2           = data.terraform_remote_state.bootstrap.outputs.common_config.default_region_2
   folder_prefix             = data.terraform_remote_state.bootstrap.outputs.common_config.folder_prefix
-  interconnect_project_id   = data.terraform_remote_state.org.outputs.interconnect_project_id
-  restricted_project_id     = data.terraform_remote_state.org.outputs.shared_vpc_projects[local.env].restricted_shared_vpc_project_id
   parent_id                 = data.terraform_remote_state.bootstrap.outputs.common_config.parent_id
   bootstrap_folder_name     = data.terraform_remote_state.bootstrap.outputs.common_config.bootstrap_folder_name
   common_folder_name        = data.terraform_remote_state.org.outputs.common_folder_name