From b6c7578d576383f812b2a1c6bf1e0731f43f3e9e Mon Sep 17 00:00:00 2001 From: "Qiuyu (Joyce) Ma" Date: Fri, 21 Feb 2020 16:05:49 -0800 Subject: [PATCH] update samples for version 1.2.0 --- .../compute_v1beta1_computenetwork.yaml | 2 +- .../compute_v1beta1_computenetwork.yaml | 2 +- .../compute_v1beta1_computenetwork.yaml | 7 +++++++ .../compute_v1beta1_computenetworkendpointgroup.yaml | 12 ++++++++++++ .../compute_v1beta1_computesubnetwork.yaml | 9 +++++++++ .../project-level-policy/iam_v1beta1_iampolicy.yaml | 10 ++++++++++ 6 files changed, 40 insertions(+), 2 deletions(-) create mode 100644 resources/computenetworkendpointgroup/compute_v1beta1_computenetwork.yaml create mode 100644 resources/computenetworkendpointgroup/compute_v1beta1_computenetworkendpointgroup.yaml create mode 100644 resources/computenetworkendpointgroup/compute_v1beta1_computesubnetwork.yaml diff --git a/resources/computefirewall/allow-rule-firewall/compute_v1beta1_computenetwork.yaml b/resources/computefirewall/allow-rule-firewall/compute_v1beta1_computenetwork.yaml index 65209e0c9e..f189437cad 100644 --- a/resources/computefirewall/allow-rule-firewall/compute_v1beta1_computenetwork.yaml +++ b/resources/computefirewall/allow-rule-firewall/compute_v1beta1_computenetwork.yaml @@ -4,4 +4,4 @@ metadata: name: computefirewall-dep-allow spec: routingMode: REGIONAL - autoCreateSubnetworks: true + autoCreateSubnetworks: false diff --git a/resources/computefirewall/deny-rule-firewall/compute_v1beta1_computenetwork.yaml b/resources/computefirewall/deny-rule-firewall/compute_v1beta1_computenetwork.yaml index e500892227..67413bd16a 100644 --- a/resources/computefirewall/deny-rule-firewall/compute_v1beta1_computenetwork.yaml +++ b/resources/computefirewall/deny-rule-firewall/compute_v1beta1_computenetwork.yaml @@ -4,4 +4,4 @@ metadata: name: computefirewall-dep-deny spec: routingMode: REGIONAL - autoCreateSubnetworks: true + autoCreateSubnetworks: false diff --git a/resources/computenetworkendpointgroup/compute_v1beta1_computenetwork.yaml b/resources/computenetworkendpointgroup/compute_v1beta1_computenetwork.yaml new file mode 100644 index 0000000000..723ddb4dab --- /dev/null +++ b/resources/computenetworkendpointgroup/compute_v1beta1_computenetwork.yaml @@ -0,0 +1,7 @@ +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeNetwork +metadata: + name: computenetworkendpointgroup-dep +spec: + routingMode: REGIONAL + autoCreateSubnetworks: false diff --git a/resources/computenetworkendpointgroup/compute_v1beta1_computenetworkendpointgroup.yaml b/resources/computenetworkendpointgroup/compute_v1beta1_computenetworkendpointgroup.yaml new file mode 100644 index 0000000000..c0ebf9437e --- /dev/null +++ b/resources/computenetworkendpointgroup/compute_v1beta1_computenetworkendpointgroup.yaml @@ -0,0 +1,12 @@ +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeNetworkEndpointGroup +metadata: + name: computenetworkendpointgroup-sample +spec: + networkRef: + name: computenetworkendpointgroup-dep + subnetworkRef: + name: computenetworkendpointgroup-dep + location: us-west1-a + defaultPort: 90 + description: A network endpoint group living in a specific us-west1 subnetwork, whose member endpoints will serve on port number 90 by default. \ No newline at end of file diff --git a/resources/computenetworkendpointgroup/compute_v1beta1_computesubnetwork.yaml b/resources/computenetworkendpointgroup/compute_v1beta1_computesubnetwork.yaml new file mode 100644 index 0000000000..9a76df7ac6 --- /dev/null +++ b/resources/computenetworkendpointgroup/compute_v1beta1_computesubnetwork.yaml @@ -0,0 +1,9 @@ +apiVersion: compute.cnrm.cloud.google.com/v1beta1 +kind: ComputeSubnetwork +metadata: + name: computenetworkendpointgroup-dep +spec: + ipCidrRange: 10.2.0.0/16 + region: us-west1 + networkRef: + name: computenetworkendpointgroup-dep \ No newline at end of file diff --git a/resources/iampolicy/project-level-policy/iam_v1beta1_iampolicy.yaml b/resources/iampolicy/project-level-policy/iam_v1beta1_iampolicy.yaml index ef71c03564..488858d790 100644 --- a/resources/iampolicy/project-level-policy/iam_v1beta1_iampolicy.yaml +++ b/resources/iampolicy/project-level-policy/iam_v1beta1_iampolicy.yaml @@ -1,6 +1,9 @@ # **WARNING**: The bindings here represent the full declarative intent for the project. # It will fully overwrite the existing policy on the given project. # +# For finer-grained control over the project's IAM policy, it is recommended +# that the IAMPolicyMember resource be used instead. +# # This sample assumes the following additional APIs are enabled: # - compute.googleapis.com # - container.googleapis.com @@ -12,6 +15,13 @@ apiVersion: iam.cnrm.cloud.google.com/v1beta1 kind: IAMPolicy metadata: + annotations: + # By default, the underlying GCP resource is deleted upon deletion of the + # K8s resource representing it (i.e. the entire IAM policy object of the + # GCP project will be wiped out if you delete this IAMPolicy resource). Set + # the 'deletion-policy' to 'abandon' to prevent the underlying GCP resource + # from being deleted upon deletion of this K8s resource. + cnrm.cloud.google.com/deletion-policy: abandon labels: label-one: value-one name: iampolicy-sample-projectlevel