From 9717d35d81a5039cbfcb11c5a7caf766b8fdf348 Mon Sep 17 00:00:00 2001 From: "Stephen Lewis (Burrows)" Date: Thu, 19 Dec 2024 08:50:38 -0800 Subject: [PATCH] =?UTF-8?q?Revert=20"Migrate=20google=5Fcompute=5Ffirewall?= =?UTF-8?q?=5Fpolicy=5Fassociation=20resource=20from=20DCL=20=E2=80=A6"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 613bdaee0c0243e40465a7b5497693b9720eeb85. --- .../compute/FirewallPolicyAssociation.yaml | 83 -------------- ...ompute_firewall_policy_association.go.tmpl | 7 -- .../firewall_policy_association.tf.tmpl | 17 --- ...ewall_policy_association_operation.go.tmpl | 11 -- ...ewall_policy_association_operation.go.tmpl | 11 -- ...ompute_firewall_policy_association.go.tmpl | 5 - ...ompute_firewall_policy_association_test.go | 50 -------- ..._firewall_policy_association.html.markdown | 107 ++++++++++++++++++ .../beta/firewall_policy_association.yaml | 4 + .../compute/firewall_policy_association.yaml | 4 + 10 files changed, 115 insertions(+), 184 deletions(-) delete mode 100644 mmv1/products/compute/FirewallPolicyAssociation.yaml delete mode 100644 mmv1/templates/terraform/custom_expand/compute_firewall_policy_association.go.tmpl delete mode 100644 mmv1/templates/terraform/examples/firewall_policy_association.tf.tmpl delete mode 100644 mmv1/templates/terraform/post_create/compute_firewall_policy_association_operation.go.tmpl delete mode 100644 mmv1/templates/terraform/post_delete/compute_firewall_policy_association_operation.go.tmpl delete mode 100644 mmv1/templates/terraform/pre_read/compute_firewall_policy_association.go.tmpl create mode 100644 mmv1/third_party/terraform/website/docs/r/compute_firewall_policy_association.html.markdown create mode 100644 tpgtools/overrides/compute/beta/firewall_policy_association.yaml create mode 100644 tpgtools/overrides/compute/firewall_policy_association.yaml diff --git a/mmv1/products/compute/FirewallPolicyAssociation.yaml b/mmv1/products/compute/FirewallPolicyAssociation.yaml deleted file mode 100644 index eef602a814bf..000000000000 --- a/mmv1/products/compute/FirewallPolicyAssociation.yaml +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 2024 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -name: 'FirewallPolicyAssociation' -api_resource_type_kind: FirewallPolicy -kind: 'compute#firewallPolicyAssociation' -description: | - Allows associating hierarchical firewall policies with the target where they are applied. This allows creating policies and rules in a different location than they are applied. - For more information on applying hierarchical firewall policies see the [official documentation](https://cloud.google.com/firewall/docs/firewall-policies#managing_hierarchical_firewall_policy_resources) -references: - guides: - api: 'https://cloud.google.com/compute/docs/reference/rest/v1/firewallPolicies/addAssociation' -docs: -id_format: 'locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}' -base_url: 'locations/global/firewallPolicies/{{firewall_policy}}' -self_link: 'locations/global/firewallPolicies/{{firewall_policy}}/getAssociation?name={{name}}' -create_url: 'locations/global/firewallPolicies/{{firewall_policy}}/addAssociation' -delete_url: 'locations/global/firewallPolicies/{{firewall_policy}}/removeAssociation?name={{name}}' -delete_verb: 'POST' -immutable: true -import_format: - - 'locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}' - - '{{firewall_policy}}/{{name}}' -timeouts: - insert_minutes: 20 - update_minutes: 20 - delete_minutes: 20 -custom_code: - pre_read: 'templates/terraform/pre_read/compute_firewall_policy_association.go.tmpl' - post_create: 'templates/terraform/post_create/compute_firewall_policy_association_operation.go.tmpl' - post_delete: 'templates/terraform/post_delete/compute_firewall_policy_association_operation.go.tmpl' -custom_diff: - - 'tpgresource.DefaultProviderProject' -examples: - - name: 'firewall_policy_association' - primary_resource_id: 'default' - vars: - policy_name: 'my-policy' - association_name: 'my-association' - folder_name: 'my-folder' - test_env_vars: - org_id: 'ORG_ID' - exclude_test: true -parameters: - - name: 'firewallPolicy' - type: ResourceRef - description: | - The firewall policy of the resource. - ignore_read: true - required: true - immutable: true - diff_suppress_func: 'tpgresource.CompareResourceNames' - custom_expand: 'templates/terraform/custom_expand/compute_firewall_policy_association.go.tmpl' - resource: 'FirewallPolicy' - imports: 'name' -properties: - - name: 'name' - type: String - description: | - The name for an association. - required: true - - name: 'attachmentTarget' - type: String - description: | - The target that the firewall policy is attached to. - required: true - diff_suppress_func: 'tpgresource.CompareSelfLinkOrResourceName' - - name: 'shortName' - type: String - description: | - The short name of the firewall policy of the association. - output: true diff --git a/mmv1/templates/terraform/custom_expand/compute_firewall_policy_association.go.tmpl b/mmv1/templates/terraform/custom_expand/compute_firewall_policy_association.go.tmpl deleted file mode 100644 index 7b3a6e343f90..000000000000 --- a/mmv1/templates/terraform/custom_expand/compute_firewall_policy_association.go.tmpl +++ /dev/null @@ -1,7 +0,0 @@ -func expand{{$.GetPrefix}}{{$.TitlelizeProperty}}(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { - firewallPolicyId := tpgresource.GetResourceNameFromSelfLink(v.(string)) - if err := d.Set("firewall_policy", firewallPolicyId); err != nil { - return nil, fmt.Errorf("Error setting firewall_policy: %s", err) - } - return firewallPolicyId, nil -} \ No newline at end of file diff --git a/mmv1/templates/terraform/examples/firewall_policy_association.tf.tmpl b/mmv1/templates/terraform/examples/firewall_policy_association.tf.tmpl deleted file mode 100644 index 5ae7625e741c..000000000000 --- a/mmv1/templates/terraform/examples/firewall_policy_association.tf.tmpl +++ /dev/null @@ -1,17 +0,0 @@ -resource "google_folder" "folder" { - display_name = "{{index $.Vars "folder_name"}}" - parent = "organizations/{{index $.TestEnvVars "org_id"}}" - deletion_protection = false -} - -resource "google_compute_firewall_policy" "policy" { - parent = "organizations/{{index $.TestEnvVars "org_id"}}" - short_name = "{{index $.Vars "policy_name"}}" - description = "Example Resource" -} - -resource "google_compute_firewall_policy_association" "{{$.PrimaryResourceId}}" { - firewall_policy = google_compute_firewall_policy.policy.id - attachment_target = google_folder.folder.name - name = "{{index $.Vars "association_name"}}" -} \ No newline at end of file diff --git a/mmv1/templates/terraform/post_create/compute_firewall_policy_association_operation.go.tmpl b/mmv1/templates/terraform/post_create/compute_firewall_policy_association_operation.go.tmpl deleted file mode 100644 index 0953b637e026..000000000000 --- a/mmv1/templates/terraform/post_create/compute_firewall_policy_association_operation.go.tmpl +++ /dev/null @@ -1,11 +0,0 @@ -parent := d.Get("firewall_policy").(string) -var opRes map[string]interface{} -err = ComputeOrgOperationWaitTimeWithResponse( - config, res, &opRes, parent, "Creating FirewallPolicyAssociation", userAgent, - d.Timeout(schema.TimeoutCreate)) - -if err != nil { - // The resource didn't actually create - d.SetId("") - return fmt.Errorf("Error waiting to create FirewallPolicyAssociation: %s", err) -} \ No newline at end of file diff --git a/mmv1/templates/terraform/post_delete/compute_firewall_policy_association_operation.go.tmpl b/mmv1/templates/terraform/post_delete/compute_firewall_policy_association_operation.go.tmpl deleted file mode 100644 index 45ef4fbfe655..000000000000 --- a/mmv1/templates/terraform/post_delete/compute_firewall_policy_association_operation.go.tmpl +++ /dev/null @@ -1,11 +0,0 @@ -parent := d.Get("firewall_policy").(string) -var opRes map[string]interface{} -err = ComputeOrgOperationWaitTimeWithResponse( - config, res, &opRes, parent, "Deleting FirewallPolicyAssociation", userAgent, - d.Timeout(schema.TimeoutCreate)) - -if err != nil { - // The resource didn't actually create - d.SetId("") - return fmt.Errorf("Error waiting to delete FirewallPolicyAssociation: %s", err) -} \ No newline at end of file diff --git a/mmv1/templates/terraform/pre_read/compute_firewall_policy_association.go.tmpl b/mmv1/templates/terraform/pre_read/compute_firewall_policy_association.go.tmpl deleted file mode 100644 index a3ae32690dc1..000000000000 --- a/mmv1/templates/terraform/pre_read/compute_firewall_policy_association.go.tmpl +++ /dev/null @@ -1,5 +0,0 @@ -expandComputeFirewallPolicyAssociationFirewallPolicy(d.Get("firewall_policy"), d, config) -url, err = tpgresource.ReplaceVars(d, config, "{{"{{"}}ComputeBasePath{{"}}"}}locations/global/firewallPolicies/{{"{{"}}firewall_policy{{"}}"}}/getAssociation?name={{"{{"}}name{{"}}"}}") -if err != nil { - return err -} \ No newline at end of file diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_firewall_policy_association_test.go b/mmv1/third_party/terraform/services/compute/resource_compute_firewall_policy_association_test.go index 5845c149221f..12e8f78881a7 100644 --- a/mmv1/third_party/terraform/services/compute/resource_compute_firewall_policy_association_test.go +++ b/mmv1/third_party/terraform/services/compute/resource_compute_firewall_policy_association_test.go @@ -62,53 +62,3 @@ resource "google_compute_firewall_policy_association" "default" { } `, context) } - -func TestAccComputeFirewallPolicyAssociation_organization(t *testing.T) { - t.Parallel() - - context := map[string]interface{}{ - "random_suffix": acctest.RandString(t, 10), - "org_name": fmt.Sprintf("organizations/%s", envvar.GetTestOrgFromEnv(t)), - } - - acctest.VcrTest(t, resource.TestCase{ - PreCheck: func() { acctest.AccTestPreCheck(t) }, - ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), - ExternalProviders: map[string]resource.ExternalProvider{ - "time": {}, - }, - Steps: []resource.TestStep{ - { - Config: testAccComputeFirewallPolicyAssociation_organization(context), - }, - { - ResourceName: "google_compute_firewall_policy_association.default", - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"firewall_policy"}, - }, - }, - }) -} - -func testAccComputeFirewallPolicyAssociation_organization(context map[string]interface{}) string { - return acctest.Nprintf(` -resource "google_folder" "folder" { - display_name = "tf-test-my-folder-%{random_suffix}" - parent = "%{org_name}" - deletion_protection = false -} - -resource "google_compute_firewall_policy" "policy" { - parent = "%{org_name}" - short_name = "tf-test-my-policy-%{random_suffix}" - description = "Example Resource" -} - -resource "google_compute_firewall_policy_association" "default" { - firewall_policy = google_compute_firewall_policy.policy.id - attachment_target = google_folder.folder.name - name = "tf-test-my-association-%{random_suffix}" -} -`, context) -} diff --git a/mmv1/third_party/terraform/website/docs/r/compute_firewall_policy_association.html.markdown b/mmv1/third_party/terraform/website/docs/r/compute_firewall_policy_association.html.markdown new file mode 100644 index 000000000000..cfe4cc3fdcd9 --- /dev/null +++ b/mmv1/third_party/terraform/website/docs/r/compute_firewall_policy_association.html.markdown @@ -0,0 +1,107 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: DCL *** +# +# ---------------------------------------------------------------------------- +# +# This file is managed by Magic Modules (https:#github.com/GoogleCloudPlatform/magic-modules) +# and is based on the DCL (https:#github.com/GoogleCloudPlatform/declarative-resource-client-library). +# Changes will need to be made to the DCL or Magic Modules instead of here. +# +# We are not currently able to accept contributions to this file. If changes +# are required, please file an issue at https:#github.com/hashicorp/terraform-provider-google/issues/new/choose +# +# ---------------------------------------------------------------------------- +subcategory: "Compute Engine" +description: |- + Applies a hierarchical firewall policy to a target resource +--- + +# google_compute_firewall_policy_association + +Allows associating hierarchical firewall policies with the target where they are applied. This allows creating policies and rules in a different location than they are applied. + +For more information on applying hierarchical firewall policies see the [official documentation](https://cloud.google.com/vpc/docs/firewall-policies#managing_hierarchical_firewall_policy_resources) + +## Example Usage + +```hcl +resource "google_compute_firewall_policy" "default" { + parent = "organizations/12345" + short_name = "my-policy" + description = "Example Resource" +} + +resource "google_compute_firewall_policy_association" "default" { + firewall_policy = google_compute_firewall_policy.default.id + attachment_target = google_folder.folder.name + name = "my-association" +} +``` + + +## Argument Reference + +The following arguments are supported: + +* `attachment_target` - + (Required) + The target that the firewall policy is attached to. + +* `firewall_policy` - + (Required) + The firewall policy ID of the association. + +* `name` - + (Required) + The name for an association. + + + +- - - + + + +## Attributes Reference + +In addition to the arguments listed above, the following computed attributes are exported: + +* `id` - an identifier for the resource with format `locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}` + +* `short_name` - + The short name of the firewall policy of the association. + +## Timeouts + +This resource provides the following +[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: configuration options: + +- `create` - Default is 20 minutes. +- `delete` - Default is 20 minutes. + +## Import + +FirewallPolicyAssociation can be imported using any of these accepted formats: + +* `locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}` +* `{{firewall_policy}}/{{name}}` + +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import FirewallPolicyAssociation using one of the formats above. For example: + +```tf +import { + id = "locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}" + to = google_compute_firewall_policy_association.default +} +``` + +When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), FirewallPolicyAssociation can be imported using one of the formats above. For example: + +``` +$ terraform import google_compute_firewall_policy_association.default locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}} +$ terraform import google_compute_firewall_policy_association.default {{firewall_policy}}/{{name}} +``` + + + diff --git a/tpgtools/overrides/compute/beta/firewall_policy_association.yaml b/tpgtools/overrides/compute/beta/firewall_policy_association.yaml new file mode 100644 index 000000000000..af851d79a0c9 --- /dev/null +++ b/tpgtools/overrides/compute/beta/firewall_policy_association.yaml @@ -0,0 +1,4 @@ +- type: CUSTOMIZE_DIFF + details: + functions: + - tpgresource.DefaultProviderProject diff --git a/tpgtools/overrides/compute/firewall_policy_association.yaml b/tpgtools/overrides/compute/firewall_policy_association.yaml new file mode 100644 index 000000000000..af851d79a0c9 --- /dev/null +++ b/tpgtools/overrides/compute/firewall_policy_association.yaml @@ -0,0 +1,4 @@ +- type: CUSTOMIZE_DIFF + details: + functions: + - tpgresource.DefaultProviderProject