feat(gcp): refactor GCP modules into composer + submodules (full)

README.md

@@ -62,9 +62,11 @@ The folder `examples` contains the following Terraform implementation examples :
 | AWS   | [aws-databricks-uc-bootstrap](examples/aws-databricks-uc-bootstrap/)               | AWS UC                                                                                                                                                                                               |
 | AWS   | [aws-remote-backend-infra](examples/aws-remote-backend-infra/)                     | Simple example on remote backend                                                                                                                                                                     |
 | AWS   | [aws-workspace-config](examples/aws-workspace-config/)                             | Configure workspace objects                                                                                 |
-| GCP   | [gcp-sa-provisionning](examples/gcp-sa-provisionning/)                                                                         |    Provisionning of the identity with the permissions required to deploy on GCP.                                                                                                                                 |
-| GCP   | [gcp-basic](examples/gcp-basic/)                                                                         |    Workspace Deployment with managed vpc                                                                                                                               |
-| GCP   | [gcp-byovpc](examples/gcp-byovpc/)                                                                         |    Workspace Deployment with customer-managed vpc                                                                                                                              |
+| GCP   | [gcp-sa-provisioning](examples/gcp-sa-provisioning/)                                                     | Provisioning the identity (service account) with permissions required to deploy on GCP                                                                                                          |
+| GCP   | [gcp-basic](examples/gcp-basic/)                                                                         | Workspace deployment with Databricks-managed VPC                                                                                                                               |
+| GCP   | [gcp-byovpc](examples/gcp-byovpc/)                                                                       | Workspace deployment with customer-managed VPC (Terraform creates the VPC)                                                                                                                      |
+| GCP   | [gcp-existing-vpc](examples/gcp-existing-vpc/)                                                           | Workspace deployment into a pre-existing VPC                                                                                                                                                    |
+| GCP   | [gcp-with-psc-exfiltration-protection](examples/gcp-with-psc-exfiltration-protection/)                   | Workspace with PrivateLink (PSC), private DNS, and restricted egress (hub-and-spoke topology)                                                                                                  |
 ### Modules
 
 The folder `modules` contains the following Terraform modules :
@@ -89,9 +91,13 @@ The folder `modules` contains the following Terraform modules :
 | AWS   | [aws-workspace-with-firewall](modules/aws-workspace-with-firewall/)                                       | Provisioning AWS Databricks E2 with an AWS Firewall                                                                                                                                       |
 | AWS   | [aws-exfiltration-protection](modules/aws-exfiltration-protection/)                                       | An implementation of [Data Exfiltration Protection on AWS](https://www.databricks.com/blog/2021/02/02/data-exfiltration-protection-with-databricks-on-aws.html)                           |
 | AWS   | aws-workspace-with-private-link                                                                           | Coming soon                                                                                                                                                                               |
-| GCP   | [gcp-sa-provisionning](modules/gcp-sa-provisionning/)                                                                                                |                  Provisions the identity (SA) with the correct permissions  |
-| GCP   | [gcp-workspace-basic](modules/gcp-workspace-basic/)                                                                                                |                  Provisions a workspace with managed VPC                                                                                                                                                          |
-| GCP   | [gcp-workspace-byovpc](modules/gcp-workspace-byovpc/)                                                                                                |                  Workspace with customer-managed VPC.                                                                                                                                                             |
+| GCP   | [gcp/databricks-workspace](modules/gcp/databricks-workspace/)                                            | Composer that orchestrates network, PSC, account, and DNS submodules based on scenario flags                                                                                                  |
+| GCP   | [gcp/network](modules/gcp/network/)                                                                      | VPC, subnet, router, NAT, peering, and shared-VPC binding (create or data-source lookup)                                                                                                       |
+| GCP   | [gcp/private-connectivity](modules/gcp/private-connectivity/)                                            | PSC endpoints (frontend, backend, hub-transit) and restricted-egress firewall rules                                                                                                            |
+| GCP   | [gcp/account](modules/gcp/account/)                                                                      | All databricks_mws_* resources: networks, workspaces, vpc_endpoint, private_access_settings                                                                                                    |
+| GCP   | [gcp/dns](modules/gcp/dns/)                                                                              | Private DNS zones (gcp.databricks.com, gcr.io, googleapis.com, pkg.dev) for restricted-egress workspaces                                                                                       |
+| GCP   | [gcp/service-account](modules/gcp/service-account/)                                                      | Service account with the IAM permissions required to provision Databricks workspaces                                                                                                          |
+| GCP   | [gcp/unity-catalog](modules/gcp/unity-catalog/)                                                          | Metastore, GCS bucket, storage credential, external location, and default catalog                                                                                                             |
 ### CI/CD pipelines
 
 The `cicd-pipelines` folder contains the following implementation examples of pipeline: