Users API changes (#8920)

mmv1/products/alloydb/User.yaml

@@ -0,0 +1,95 @@
+# Copyright 2023 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+--- !ruby/object:Api::Resource
+name: 'User'
+self_link: '{{cluster}}/users/{{user_id}}'
+base_url: '{{cluster}}/users'
+create_url: '{{cluster}}/users?userId={{user_id}}'
+update_url: '{{cluster}}/users?userId={{user_id}}'
+update_verb: :POST
+description: 'A database user in an AlloyDB cluster.'
+references: !ruby/object:Api::Resource::ReferenceLinks
+  guides:
+    'AlloyDB': 'https://cloud.google.com/alloydb/docs/'
+  api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.users/create'
+import_format: ['projects/{{project}}/locations/{{location}}/clusters/{{cluster}}/users/{{user_id}}']
+skip_sweeper: true
+autogen_async: true
+custom_code: !ruby/object:Provider::Terraform::CustomCode
+  custom_import: templates/terraform/custom_import/alloydb_user.go.erb
+examples:
+  - !ruby/object:Provider::Terraform::Examples
+    name: 'alloydb_user_builtin'
+    primary_resource_id: 'user1'
+    vars:
+      alloydb_cluster_name: 'alloydb-cluster'
+      alloydb_cluster_pass: 'cluster_secret'
+      alloydb_instance_name: 'alloydb-instance'
+      alloydb_user_name: 'user1'
+      alloydb_user_pass: 'user_secret'
+      network_name: 'alloydb-network'
+    ignore_read_extra:
+      - 'password'
+  - !ruby/object:Provider::Terraform::Examples
+    name: 'alloydb_user_iam'
+    primary_resource_id: 'user2'
+    vars:
+      alloydb_cluster_name: 'alloydb-cluster'
+      alloydb_instance_name: 'alloydb-instance'
+      alloydb_cluster_pass: 'cluster_secret'
+      alloydb_user_name: 'user2@foo.com'
+      network_name: 'alloydb-network'
+parameters:
+  - !ruby/object:Api::Type::ResourceRef
+    name: 'cluster'
+    description: |
+      Identifies the alloydb cluster. Must be in the format
+      'projects/{project}/locations/{location}/clusters/{cluster_id}'
+    required: true
+    immutable: true
+    resource: 'Cluster'
+    imports: 'name'
+    url_param_only: true
+  - !ruby/object:Api::Type::String
+    name: 'userId'
+    required: true
+    immutable: true
+    url_param_only: true
+    description: |
+      The database role name of the user.
+  - !ruby/object:Api::Type::Enum
+    name: 'userType'
+    required: true
+    immutable: true
+    description: |
+      The type of this user.
+    values:
+      - :ALLOYDB_BUILT_IN
+      - :ALLOYDB_IAM_USER
+properties:
+  - !ruby/object:Api::Type::String
+    name: 'name'
+    output: true
+    description: |
+      Name of the resource in the form of projects/{project}/locations/{location}/clusters/{cluster}/users/{user}.
+  - !ruby/object:Api::Type::String
+    name: 'password'
+    ignore_read: true
+    description: |
+      Password for this database user.
+  - !ruby/object:Api::Type::Array
+    name: 'databaseRoles'
+    item_type: Api::Type::String
+    description: |
+      List of database roles this database user has.

mmv1/templates/terraform/custom_import/alloydb_user.go.erb

@@ -0,0 +1,17 @@
+config := meta.(*transport_tpg.Config)
+
+// current import_formats can't import fields with forward slashes in their value
+if err := tpgresource.ParseImportId([]string{
+	"(?P<cluster>.+)/users/(?P<user_id>[^/]+)",
+}, d, config); err != nil {
+	return nil, err
+}
+
+// Replace import id for the resource id
+id, err := tpgresource.ReplaceVars(d, config, "{{cluster}}/users/{{user_id}}")
+if err != nil {
+	return nil, fmt.Errorf("Error constructing id: %s", err)
+}
+d.SetId(id)
+
+return []*schema.ResourceData{d}, nil

mmv1/templates/terraform/examples/alloydb_user_builtin.tf.erb

@@ -0,0 +1,47 @@
+resource "google_alloydb_instance" "default" {
+  cluster       = google_alloydb_cluster.default.name
+  instance_id   = "<%= ctx[:vars]['alloydb_instance_name'] %>"
+  instance_type = "PRIMARY"
+
+  depends_on = [google_service_networking_connection.vpc_connection]
+}
+
+resource "google_alloydb_cluster" "default" {
+  cluster_id = "<%= ctx[:vars]['alloydb_cluster_name'] %>"
+  location   = "us-central1"
+  network    = google_compute_network.default.id
+
+  initial_user {
+    password = "<%= ctx[:vars]['alloydb_cluster_pass'] %>"
+  }
+}
+
+data "google_project" "project" {}
+
+resource "google_compute_network" "default" {
+  name = "<%= ctx[:vars]['network_name'] %>"
+}
+
+resource "google_compute_global_address" "private_ip_alloc" {
+  name          = "<%= ctx[:vars]['alloydb_cluster_name'] %>"
+  address_type  = "INTERNAL"
+  purpose       = "VPC_PEERING"
+  prefix_length = 16
+  network       = google_compute_network.default.id
+}
+
+resource "google_service_networking_connection" "vpc_connection" {
+  network                 = google_compute_network.default.id
+  service                 = "servicenetworking.googleapis.com"
+  reserved_peering_ranges = [google_compute_global_address.private_ip_alloc.name]
+}
+
+resource "google_alloydb_user" "<%= ctx[:primary_resource_id] %>" {
+  cluster = google_alloydb_cluster.default.name
+  user_id = "<%= ctx[:vars]['alloydb_user_name'] %>"
+  user_type = "ALLOYDB_BUILT_IN"
+
+  password = "<%= ctx[:vars]['alloydb_user_pass'] %>"
+  database_roles = ["alloydbsuperuser"]
+  depends_on = [google_alloydb_instance.default]
+}

mmv1/templates/terraform/examples/alloydb_user_iam.tf.erb

@@ -0,0 +1,46 @@
+resource "google_alloydb_instance" "default" {
+  cluster       = google_alloydb_cluster.default.name
+  instance_id   = "<%= ctx[:vars]['alloydb_instance_name'] %>"
+  instance_type = "PRIMARY"
+
+  depends_on = [google_service_networking_connection.vpc_connection]
+}
+
+resource "google_alloydb_cluster" "default" {
+  cluster_id = "<%= ctx[:vars]['alloydb_cluster_name'] %>"
+  location   = "us-central1"
+  network    = google_compute_network.default.id
+
+  initial_user {
+    password = "<%= ctx[:vars]['alloydb_cluster_pass'] %>"
+  }
+}
+
+data "google_project" "project" {}
+
+resource "google_compute_network" "default" {
+  name = "<%= ctx[:vars]['network_name'] %>"
+}
+
+resource "google_compute_global_address" "private_ip_alloc" {
+  name          = "<%= ctx[:vars]['alloydb_cluster_name'] %>"
+  address_type  = "INTERNAL"
+  purpose       = "VPC_PEERING"
+  prefix_length = 16
+  network       = google_compute_network.default.id
+}
+
+resource "google_service_networking_connection" "vpc_connection" {
+  network                 = google_compute_network.default.id
+  service                 = "servicenetworking.googleapis.com"
+  reserved_peering_ranges = [google_compute_global_address.private_ip_alloc.name]
+}
+
+resource "google_alloydb_user" "<%= ctx[:primary_resource_id] %>" {
+  cluster = google_alloydb_cluster.default.name
+  user_id = "<%= ctx[:vars]['alloydb_user_name'] %>"
+  user_type = "ALLOYDB_IAM_USER"
+
+  database_roles = ["alloydbiamuser"]
+  depends_on = [google_alloydb_instance.default]
+}