diff --git a/mmv1/products/apigee/api.yaml b/mmv1/products/apigee/api.yaml index 03dea2fdad62..e6e692ca0efe 100644 --- a/mmv1/products/apigee/api.yaml +++ b/mmv1/products/apigee/api.yaml @@ -175,6 +175,16 @@ objects: description: | The size of the CIDR block range that will be reserved by the instance. For valid values, see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation. + - !ruby/object:Api::Type::String + name: 'ipRange' + description: | + IP range represents the customer-provided CIDR block of length 22 that will be used for + the Apigee instance creation. This optional range, if provided, should be freely + available as part of larger named range the customer has allocated to the Service + Networking peering. If this is not provided, Apigee will automatically request for any + available /22 CIDR block from Service Networking. The customer should use this CIDR block + for configuring their firewall needs to allow traffic from Apigee. + Input format: "a.b.c.d/22" - !ruby/object:Api::Type::String name: 'description' description: | diff --git a/mmv1/products/apigee/terraform.yaml b/mmv1/products/apigee/terraform.yaml index 5d85297bd55a..afde6711b9ef 100644 --- a/mmv1/products/apigee/terraform.yaml +++ b/mmv1/products/apigee/terraform.yaml @@ -85,6 +85,20 @@ overrides: !ruby/object:Overrides::ResourceOverrides skip_docs: true # Resource creation race skip_vcr: true + - !ruby/object:Provider::Terraform::Examples + name: "apigee_instance_ip_range" + skip_test: true + - !ruby/object:Provider::Terraform::Examples + # This is a more verbose version of the above that creates all + # the resources needed for the acceptance test. + name: "apigee_instance_ip_range_test" + primary_resource_id: "apigee_instance" + test_env_vars: + org_id: :ORG_ID + billing_account: :BILLING_ACCT + skip_docs: true + # Resource creation race + skip_vcr: true - !ruby/object:Provider::Terraform::Examples name: "apigee_instance_full" skip_test: true diff --git a/mmv1/templates/terraform/examples/apigee_instance_ip_range.tf.erb b/mmv1/templates/terraform/examples/apigee_instance_ip_range.tf.erb new file mode 100644 index 000000000000..5bc9fe3dc818 --- /dev/null +++ b/mmv1/templates/terraform/examples/apigee_instance_ip_range.tf.erb @@ -0,0 +1,33 @@ +data "google_client_config" "current" {} + +resource "google_compute_network" "apigee_network" { + name = "apigee-network" +} + +resource "google_compute_global_address" "apigee_range" { + name = "apigee-range" + purpose = "VPC_PEERING" + address_type = "INTERNAL" + prefix_length = 22 + network = google_compute_network.apigee_network.id +} + +resource "google_service_networking_connection" "apigee_vpc_connection" { + network = google_compute_network.apigee_network.id + service = "servicenetworking.googleapis.com" + reserved_peering_ranges = [google_compute_global_address.apigee_range.name] +} + +resource "google_apigee_organization" "apigee_org" { + analytics_region = "us-central1" + project_id = data.google_client_config.current.project + authorized_network = google_compute_network.apigee_network.id + depends_on = [google_service_networking_connection.apigee_vpc_connection] +} + +resource "google_apigee_instance" "apigee_instance" { + name = "tf-test%{random_suffix}" + location = "us-central1-b" + org_id = google_apigee_organization.apigee_org.id + ip_range = "10.87.8.0/22" +} diff --git a/mmv1/templates/terraform/examples/apigee_instance_ip_range_test.tf.erb b/mmv1/templates/terraform/examples/apigee_instance_ip_range_test.tf.erb new file mode 100644 index 000000000000..feabd6d45256 --- /dev/null +++ b/mmv1/templates/terraform/examples/apigee_instance_ip_range_test.tf.erb @@ -0,0 +1,60 @@ +resource "google_project" "project" { + project_id = "tf-test%{random_suffix}" + name = "tf-test%{random_suffix}" + org_id = "<%= ctx[:test_env_vars]['org_id'] %>" + billing_account = "<%= ctx[:test_env_vars]['billing_account'] %>" +} + +resource "google_project_service" "apigee" { + project = google_project.project.project_id + service = "apigee.googleapis.com" +} + +resource "google_project_service" "compute" { + project = google_project.project.project_id + service = "compute.googleapis.com" +} + +resource "google_project_service" "servicenetworking" { + project = google_project.project.project_id + service = "servicenetworking.googleapis.com" +} + +resource "google_compute_network" "apigee_network" { + name = "apigee-network" + project = google_project.project.project_id + depends_on = [google_project_service.compute] +} + +resource "google_compute_global_address" "apigee_range" { + name = "apigee-range" + purpose = "VPC_PEERING" + address_type = "INTERNAL" + prefix_length = 22 + network = google_compute_network.apigee_network.id + project = google_project.project.project_id +} + +resource "google_service_networking_connection" "apigee_vpc_connection" { + network = google_compute_network.apigee_network.id + service = "servicenetworking.googleapis.com" + reserved_peering_ranges = [google_compute_global_address.apigee_range.name] + depends_on = [google_project_service.servicenetworking] +} + +resource "google_apigee_organization" "apigee_org" { + analytics_region = "us-central1" + project_id = google_project.project.project_id + authorized_network = google_compute_network.apigee_network.id + depends_on = [ + google_service_networking_connection.apigee_vpc_connection, + google_project_service.apigee, + ] +} + +resource "google_apigee_instance" "<%= ctx[:primary_resource_id] %>" { + name = "tf-test%{random_suffix}" + location = "us-central1" + org_id = google_apigee_organization.apigee_org.id + ip_range = "10.87.8.0/22" +}