Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for network_firewall_policy_association and region_networ…
…k_firewall_policy_association (#6796) (#13013) Co-authored-by: Riley Karson <rileykarson@google.com> Co-authored-by: Ghaleb Al-habian <galhabian@google.com> Signed-off-by: Modular Magician <magic-modules@google.com> Signed-off-by: Modular Magician <magic-modules@google.com> Co-authored-by: Riley Karson <rileykarson@google.com> Co-authored-by: Ghaleb Al-habian <galhabian@google.com>
- Loading branch information
1 parent
f8ac976
commit 3d7592b
Showing
8 changed files
with
1,063 additions
and
31 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
```release-note:new-resource | ||
`google_compute_network_firewall_policy_association` | ||
``` | ||
```release-note:new-resource | ||
`google_compute_region_network_firewall_policy_association` | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
250 changes: 250 additions & 0 deletions
250
google/resource_compute_network_firewall_policy_association.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,250 @@ | ||
// ---------------------------------------------------------------------------- | ||
// | ||
// *** AUTO GENERATED CODE *** Type: DCL *** | ||
// | ||
// ---------------------------------------------------------------------------- | ||
// | ||
// This file is managed by Magic Modules (https://github.com/GoogleCloudPlatform/magic-modules) | ||
// and is based on the DCL (https://github.com/GoogleCloudPlatform/declarative-resource-client-library). | ||
// Changes will need to be made to the DCL or Magic Modules instead of here. | ||
// | ||
// We are not currently able to accept contributions to this file. If changes | ||
// are required, please file an issue at https://github.com/hashicorp/terraform-provider-google/issues/new/choose | ||
// | ||
// ---------------------------------------------------------------------------- | ||
|
||
package google | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
"log" | ||
"time" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" | ||
|
||
dcl "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" | ||
compute "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/compute" | ||
) | ||
|
||
func resourceComputeNetworkFirewallPolicyAssociation() *schema.Resource { | ||
return &schema.Resource{ | ||
Create: resourceComputeNetworkFirewallPolicyAssociationCreate, | ||
Read: resourceComputeNetworkFirewallPolicyAssociationRead, | ||
Delete: resourceComputeNetworkFirewallPolicyAssociationDelete, | ||
|
||
Importer: &schema.ResourceImporter{ | ||
State: resourceComputeNetworkFirewallPolicyAssociationImport, | ||
}, | ||
|
||
Timeouts: &schema.ResourceTimeout{ | ||
Create: schema.DefaultTimeout(20 * time.Minute), | ||
Delete: schema.DefaultTimeout(20 * time.Minute), | ||
}, | ||
|
||
Schema: map[string]*schema.Schema{ | ||
"attachment_target": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
DiffSuppressFunc: compareSelfLinkOrResourceName, | ||
Description: "The target that the firewall policy is attached to.", | ||
}, | ||
|
||
"firewall_policy": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
DiffSuppressFunc: compareSelfLinkOrResourceName, | ||
Description: "The firewall policy ID of the association.", | ||
}, | ||
|
||
"name": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
Description: "The name for an association.", | ||
}, | ||
|
||
"project": { | ||
Type: schema.TypeString, | ||
Computed: true, | ||
Optional: true, | ||
ForceNew: true, | ||
DiffSuppressFunc: compareSelfLinkOrResourceName, | ||
Description: "The project for the resource", | ||
}, | ||
|
||
"short_name": { | ||
Type: schema.TypeString, | ||
Computed: true, | ||
Description: "The short name of the firewall policy of the association.", | ||
}, | ||
}, | ||
} | ||
} | ||
|
||
func resourceComputeNetworkFirewallPolicyAssociationCreate(d *schema.ResourceData, meta interface{}) error { | ||
config := meta.(*Config) | ||
project, err := getProject(d, config) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
obj := &compute.NetworkFirewallPolicyAssociation{ | ||
AttachmentTarget: dcl.String(d.Get("attachment_target").(string)), | ||
FirewallPolicy: dcl.String(d.Get("firewall_policy").(string)), | ||
Name: dcl.String(d.Get("name").(string)), | ||
Project: dcl.String(project), | ||
} | ||
|
||
id, err := replaceVarsForId(d, config, "projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}") | ||
if err != nil { | ||
return fmt.Errorf("error constructing id: %s", err) | ||
} | ||
d.SetId(id) | ||
directive := CreateDirective | ||
userAgent, err := generateUserAgentString(d, config.userAgent) | ||
if err != nil { | ||
return err | ||
} | ||
billingProject := project | ||
// err == nil indicates that the billing_project value was found | ||
if bp, err := getBillingProject(d, config); err == nil { | ||
billingProject = bp | ||
} | ||
client := NewDCLComputeClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutCreate)) | ||
if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { | ||
d.SetId("") | ||
return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) | ||
} else { | ||
client.Config.BasePath = bp | ||
} | ||
res, err := client.ApplyNetworkFirewallPolicyAssociation(context.Background(), obj, directive...) | ||
|
||
if _, ok := err.(dcl.DiffAfterApplyError); ok { | ||
log.Printf("[DEBUG] Diff after apply returned from the DCL: %s", err) | ||
} else if err != nil { | ||
// The resource didn't actually create | ||
d.SetId("") | ||
return fmt.Errorf("Error creating NetworkFirewallPolicyAssociation: %s", err) | ||
} | ||
|
||
log.Printf("[DEBUG] Finished creating NetworkFirewallPolicyAssociation %q: %#v", d.Id(), res) | ||
|
||
return resourceComputeNetworkFirewallPolicyAssociationRead(d, meta) | ||
} | ||
|
||
func resourceComputeNetworkFirewallPolicyAssociationRead(d *schema.ResourceData, meta interface{}) error { | ||
config := meta.(*Config) | ||
project, err := getProject(d, config) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
obj := &compute.NetworkFirewallPolicyAssociation{ | ||
AttachmentTarget: dcl.String(d.Get("attachment_target").(string)), | ||
FirewallPolicy: dcl.String(d.Get("firewall_policy").(string)), | ||
Name: dcl.String(d.Get("name").(string)), | ||
Project: dcl.String(project), | ||
} | ||
|
||
userAgent, err := generateUserAgentString(d, config.userAgent) | ||
if err != nil { | ||
return err | ||
} | ||
billingProject := project | ||
// err == nil indicates that the billing_project value was found | ||
if bp, err := getBillingProject(d, config); err == nil { | ||
billingProject = bp | ||
} | ||
client := NewDCLComputeClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutRead)) | ||
if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { | ||
d.SetId("") | ||
return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) | ||
} else { | ||
client.Config.BasePath = bp | ||
} | ||
res, err := client.GetNetworkFirewallPolicyAssociation(context.Background(), obj) | ||
if err != nil { | ||
resourceName := fmt.Sprintf("ComputeNetworkFirewallPolicyAssociation %q", d.Id()) | ||
return handleNotFoundDCLError(err, d, resourceName) | ||
} | ||
|
||
if err = d.Set("attachment_target", res.AttachmentTarget); err != nil { | ||
return fmt.Errorf("error setting attachment_target in state: %s", err) | ||
} | ||
if err = d.Set("firewall_policy", res.FirewallPolicy); err != nil { | ||
return fmt.Errorf("error setting firewall_policy in state: %s", err) | ||
} | ||
if err = d.Set("name", res.Name); err != nil { | ||
return fmt.Errorf("error setting name in state: %s", err) | ||
} | ||
if err = d.Set("project", res.Project); err != nil { | ||
return fmt.Errorf("error setting project in state: %s", err) | ||
} | ||
if err = d.Set("short_name", res.ShortName); err != nil { | ||
return fmt.Errorf("error setting short_name in state: %s", err) | ||
} | ||
|
||
return nil | ||
} | ||
|
||
func resourceComputeNetworkFirewallPolicyAssociationDelete(d *schema.ResourceData, meta interface{}) error { | ||
config := meta.(*Config) | ||
project, err := getProject(d, config) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
obj := &compute.NetworkFirewallPolicyAssociation{ | ||
AttachmentTarget: dcl.String(d.Get("attachment_target").(string)), | ||
FirewallPolicy: dcl.String(d.Get("firewall_policy").(string)), | ||
Name: dcl.String(d.Get("name").(string)), | ||
Project: dcl.String(project), | ||
} | ||
|
||
log.Printf("[DEBUG] Deleting NetworkFirewallPolicyAssociation %q", d.Id()) | ||
userAgent, err := generateUserAgentString(d, config.userAgent) | ||
if err != nil { | ||
return err | ||
} | ||
billingProject := project | ||
// err == nil indicates that the billing_project value was found | ||
if bp, err := getBillingProject(d, config); err == nil { | ||
billingProject = bp | ||
} | ||
client := NewDCLComputeClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutDelete)) | ||
if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { | ||
d.SetId("") | ||
return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) | ||
} else { | ||
client.Config.BasePath = bp | ||
} | ||
if err := client.DeleteNetworkFirewallPolicyAssociation(context.Background(), obj); err != nil { | ||
return fmt.Errorf("Error deleting NetworkFirewallPolicyAssociation: %s", err) | ||
} | ||
|
||
log.Printf("[DEBUG] Finished deleting NetworkFirewallPolicyAssociation %q", d.Id()) | ||
return nil | ||
} | ||
|
||
func resourceComputeNetworkFirewallPolicyAssociationImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { | ||
config := meta.(*Config) | ||
|
||
if err := parseImportId([]string{ | ||
"projects/(?P<project>[^/]+)/global/firewallPolicies/(?P<firewall_policy>[^/]+)/associations/(?P<name>[^/]+)", | ||
"(?P<project>[^/]+)/(?P<firewall_policy>[^/]+)/(?P<name>[^/]+)", | ||
}, d, config); err != nil { | ||
return nil, err | ||
} | ||
|
||
// Replace import id for the resource id | ||
id, err := replaceVarsForId(d, config, "projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}") | ||
if err != nil { | ||
return nil, fmt.Errorf("Error constructing id: %s", err) | ||
} | ||
d.SetId(id) | ||
|
||
return []*schema.ResourceData{d}, nil | ||
} |
Oops, something went wrong.