From d2039374e94a392e18e2f243cabe513277d7628a Mon Sep 17 00:00:00 2001
From: Nick Elliot <nickelliot@google.com>
Date: Wed, 28 Sep 2022 14:47:13 -0700
Subject: [PATCH 1/4] Update compute_security_policy documentation for type
 field

Documentation updated for the type field to be in sync with the API docs located at https://cloud.google.com/compute/docs/reference/rest/v1/securityPolicies
---
 .../website/docs/r/compute_security_policy.html.markdown        | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/mmv1/third_party/terraform/website/docs/r/compute_security_policy.html.markdown b/mmv1/third_party/terraform/website/docs/r/compute_security_policy.html.markdown
index 28f4ab6ab9ef..ca06d2fad962 100644
--- a/mmv1/third_party/terraform/website/docs/r/compute_security_policy.html.markdown
+++ b/mmv1/third_party/terraform/website/docs/r/compute_security_policy.html.markdown
@@ -73,6 +73,8 @@ The following arguments are supported:
   * CLOUD_ARMOR_EDGE - Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services
     (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage).
     They filter requests before the request is served from Google's cache.
+  * CLOUD_ARMOR_INTERNAL_SERVICE - Cloud Armor internal service policies can be configured to filter HTTP requests targeting services 
+    managed by Traffic Director in a service mesh. They filter requests before the request is served from the application.
 
 <a name="nested_advanced_options_config"></a>The `advanced_options_config` block supports:
 

From 10ccda3422e66a98c85fc3bc0aa5b8af378d752b Mon Sep 17 00:00:00 2001
From: Nick Elliot <nickelliot@google.com>
Date: Wed, 28 Sep 2022 14:57:17 -0700
Subject: [PATCH 2/4] Update compute_security_policy documentation for type
 field

Documentation updated for the 'type' field to be in sync with the API docs located at https://cloud.google.com/compute/docs/reference/rest/v1/securityPolicies
---
 .../website/docs/r/compute_security_policy.html.markdown        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mmv1/third_party/terraform/website/docs/r/compute_security_policy.html.markdown b/mmv1/third_party/terraform/website/docs/r/compute_security_policy.html.markdown
index ca06d2fad962..7fb83e1baa0c 100644
--- a/mmv1/third_party/terraform/website/docs/r/compute_security_policy.html.markdown
+++ b/mmv1/third_party/terraform/website/docs/r/compute_security_policy.html.markdown
@@ -67,7 +67,7 @@ The following arguments are supported:
 
 * `adaptive_protection_config` - (Optional) Configuration for [Google Cloud Armor Adaptive Protection](https://cloud.google.com/armor/docs/adaptive-protection-overview?hl=en). Structure is [documented below](#nested_adaptive_protection_config).
 
-* `type` - The type indicates the intended use of the security policy.
+* `type` - The type indicates the intended use of the security policy. This field can be set only at resource creation time.
   * CLOUD_ARMOR - Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services.
     They filter requests before they hit the origin servers.
   * CLOUD_ARMOR_EDGE - Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services

From 50c3887547d7bd7eaa9db2ea7e72514b6eabecfa Mon Sep 17 00:00:00 2001
From: Nick Elliot <nickelliot@google.com>
Date: Wed, 26 Oct 2022 15:51:06 -0700
Subject: [PATCH 3/4] Add default_from_api:true flag to serviceAccount under
 FlexibleAppVersion in AppEngine

---
 mmv1/products/appengine/terraform.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/mmv1/products/appengine/terraform.yaml b/mmv1/products/appengine/terraform.yaml
index 15c5a1fee59e..e26e329f339b 100644
--- a/mmv1/products/appengine/terraform.yaml
+++ b/mmv1/products/appengine/terraform.yaml
@@ -123,6 +123,8 @@ overrides: !ruby/object:Overrides::ResourceOverrides
           Environment variables available to the application.  As these are not returned
           in the API request, Terraform will not detect any changes made outside of the Terraform config.
         ignore_read: true
+      serviceAccount: !ruby/object:Overrides::Terraform::PropertyOverride
+        default_from_api: true
       network.subnetworkName: !ruby/object:Overrides::Terraform::PropertyOverride
         name: 'subnetwork'
       betaSettings: !ruby/object:Overrides::Terraform::PropertyOverride

From 95871300ced68d0ba95289b0c0b538044489f60b Mon Sep 17 00:00:00 2001
From: Nick Elliot <nickelliot@google.com>
Date: Wed, 26 Oct 2022 15:51:06 -0700
Subject: [PATCH 4/4] Add default_from_api:true flag to serviceAccount under
 FlexibleAppVersion in AppEngine

---
 mmv1/products/appengine/terraform.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/mmv1/products/appengine/terraform.yaml b/mmv1/products/appengine/terraform.yaml
index 15c5a1fee59e..e26e329f339b 100644
--- a/mmv1/products/appengine/terraform.yaml
+++ b/mmv1/products/appengine/terraform.yaml
@@ -123,6 +123,8 @@ overrides: !ruby/object:Overrides::ResourceOverrides
           Environment variables available to the application.  As these are not returned
           in the API request, Terraform will not detect any changes made outside of the Terraform config.
         ignore_read: true
+      serviceAccount: !ruby/object:Overrides::Terraform::PropertyOverride
+        default_from_api: true
       network.subnetworkName: !ruby/object:Overrides::Terraform::PropertyOverride
         name: 'subnetwork'
       betaSettings: !ruby/object:Overrides::Terraform::PropertyOverride