Add AlloyDB user support

mmv1/products/alloydb/User.yaml

@@ -0,0 +1,103 @@
+# Copyright 2023 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+--- !ruby/object:Api::Resource
+name: 'User'
+self_link: '{{cluster}}/users/{{user_id}}'
+base_url: '{{cluster}}/users'
+create_url: '{{cluster}}/users?userId={{user_id}}'
+update_verb: :PATCH
+update_mask: true
+description: 'An AlloyDB User.'
+references: !ruby/object:Api::Resource::ReferenceLinks
+  guides:
+    'AlloyDB': 'https://cloud.google.com/alloydb/docs/'
+  api: 'https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.users/create'
+async: !ruby/object:Provider::Terraform::PollAsync
+  check_response_func_existence: transport_tpg.PollCheckForExistence
+  check_response_func_absence: transport_tpg.PollCheckForAbsence
+  target_occurrences: 10
+  actions: ['create', 'update', 'delete']
+import_format: ['{{cluster}}/users/{{user_id}}']
+custom_code: !ruby/object:Provider::Terraform::CustomCode
+  custom_import: templates/terraform/custom_import/alloydb_user.go.erb
+autogen_async: true
+skip_sweeper: true
+examples:
+  - !ruby/object:Provider::Terraform::Examples
+    name: 'alloydb_user'
+    primary_resource_id: 'default'
+      # Fine-grained resource need different autogenerated tests, as
+      # we need to check destroy during a test step where the parent resource
+      # still exists, rather than during CheckDestroy (when read returns
+      # nothing because the parent resource has then also been destroyed)
+    skip_test: true
+    vars:
+      alloydb_user_id: 'me'
+      alloydb_user_password: 'changeme'
+      alloydb_cluster_id: 'alloydb-cluster'
+      alloydb_instance_id: 'alloydb-instance'
+  - !ruby/object:Provider::Terraform::Examples
+    name: 'alloydb_user_iam_user'
+    primary_resource_id: 'default'
+      # Fine-grained resource need different autogenerated tests, as
+      # we need to check destroy during a test step where the parent resource
+      # still exists, rather than during CheckDestroy (when read returns
+      # nothing because the parent resource has then also been destroyed)
+    skip_test: true
+    vars:
+      alloydb_user_id: 'me@example.com'
+      alloydb_cluster_id: 'alloydb-cluster-iam'
+      alloydb_instance_id: 'alloydb-instance-iam'
+parameters:
+  - !ruby/object:Api::Type::String
+    name: 'userId'
+    required: true
+    immutable: true
+    url_param_only: true
+    description: |
+      The ID of the alloydb user.
+  - !ruby/object:Api::Type::ResourceRef
+    name: 'cluster'
+    description: |
+      Identifies the alloydb cluster. Must be in the format
+      'projects/{project}/locations/{location}/clusters/{cluster_id}'
+    required: true
+    immutable: true
+    resource: 'Cluster'
+    imports: 'name'
+    url_param_only: true
+properties:
+  - !ruby/object:Api::Type::String
+    name: 'name'
+    output: true
+    description: |
+      Output only. Name of the resource in the form of projects/{project}/locations/{location}/cluster/{cluster}/users/{user}.
+  - !ruby/object:Api::Type::String
+    name: 'password'
+    description: |
+      Input only. Password for the user. This field is required but shouldn't be set if user_type is set to `ALLOYDB_IAM_USER`
+    sensitive: true
+    ignore_read: true
+  - !ruby/object:Api::Type::Array
+    name: 'databaseRoles'
+    item_type: Api::Type::String
+    description:
+      Optional. List of database roles this user has. The database role strings are subject to the PostgreSQL naming conventions.
+  - !ruby/object:Api::Type::Enum
+    name: 'userType'
+    description: 'Optional. Type of this user.'
+    default_value: :ALLOYDB_BUILT_IN
+    values:
+      - :ALLOYDB_BUILT_IN
+      - :ALLOYDB_IAM_USER

mmv1/templates/terraform/custom_import/alloydb_user.go.erb

@@ -0,0 +1,17 @@
+config := meta.(*transport_tpg.Config)
+
+// current import_formats can't import fields with forward slashes in their value
+if err := tpgresource.ParseImportId([]string{
+	"(?P<cluster>.+)/users/(?P<user_id>[^/]+)",
+}, d, config); err != nil {
+	return nil, err
+}
+
+// Replace import id for the resource id
+id, err := tpgresource.ReplaceVars(d, config, "{{cluster}}/users/{{user_id}}")
+if err != nil {
+	return nil, fmt.Errorf("Error constructing id: %s", err)
+}
+d.SetId(id)
+
+return []*schema.ResourceData{d}, nil

mmv1/templates/terraform/examples/alloydb_user.tf.erb

@@ -0,0 +1,44 @@
+resource "google_alloydb_user" "<%= ctx[:primary_resource_id] %>" {
+  user_id     = "<%= ctx[:vars]['alloydb_user_id'] %>"
+  password    = "<%= ctx[:vars]['alloydb_user_password'] %>"
+
+  database_roles = [
+    "postgres"
+  ]
+
+  cluster = google_alloydb_cluster.<%= ctx[:primary_resource_id] %>.id
+
+  depends_on = [google_alloydb_cluster.<%= ctx[:primary_resource_id] %>]
+}
+
+resource "google_compute_network" "<%= ctx[:primary_resource_id] %>" {
+	name = "tf-test-alloydb-cluster%{random_suffix}"
+}
+
+resource "google_alloydb_cluster" "<%= ctx[:primary_resource_id] %>" {
+  cluster_id = "<%= ctx[:vars]['alloydb_cluster_id'] %>"
+  location   = "us-central1"
+  network    = google_compute_network.<%= ctx[:primary_resource_id] %>.id
+}
+
+resource "google_alloydb_instance" "<%= ctx[:primary_resource_id] %>" {
+  cluster       = google_alloydb_cluster.<%= ctx[:primary_resource_id] %>.name
+  instance_id   = "<%= ctx[:vars]['alloydb_instance_id'] %>"
+  instance_type = "PRIMARY"
+
+  depends_on = [google_service_networking_connection.vpc_connection]
+}
+
+resource "google_compute_global_address" "private_ip_alloc" {
+  name          =  "<%= ctx[:vars]['alloydb_cluster_id'] %>"
+  address_type  = "INTERNAL"
+  purpose       = "VPC_PEERING"
+  prefix_length = 16
+  network       = google_compute_network.<%= ctx[:primary_resource_id] %>.id
+}
+
+resource "google_service_networking_connection" "vpc_connection" {
+  network                 = google_compute_network.<%= ctx[:primary_resource_id] %>.id
+  service                 = "servicenetworking.googleapis.com"
+  reserved_peering_ranges = [google_compute_global_address.private_ip_alloc.name]
+}

mmv1/templates/terraform/examples/alloydb_user_iam_user.tf.erb

@@ -0,0 +1,44 @@
+resource "google_alloydb_user" "<%= ctx[:primary_resource_id] %>" {
+  user_id      = "<%= ctx[:vars]['alloydb_user_id'] %>"
+  user_type    = "ALLOYDB_IAM_USER"
+
+  database_roles = [
+    "alloydbiamuser"
+  ]
+
+  cluster = google_alloydb_cluster.<%= ctx[:primary_resource_id] %>.id
+
+  depends_on = [google_alloydb_instance.<%= ctx[:primary_resource_id] %>]
+}
+
+resource "google_compute_network" "<%= ctx[:primary_resource_id] %>" {
+	name = "tf-test-alloydb-cluster%{random_suffix}"
+}
+
+resource "google_alloydb_cluster" "<%= ctx[:primary_resource_id] %>" {
+  cluster_id = "<%= ctx[:vars]['alloydb_cluster_id'] %>"
+  location   = "us-central1"
+  network    = google_compute_network.<%= ctx[:primary_resource_id] %>.id
+}
+
+resource "google_alloydb_instance" "<%= ctx[:primary_resource_id] %>" {
+  cluster       = google_alloydb_cluster.<%= ctx[:primary_resource_id] %>.name
+  instance_id   = "<%= ctx[:vars]['alloydb_instance_id'] %>"
+  instance_type = "PRIMARY"
+
+  depends_on = [google_service_networking_connection.vpc_connection]
+}
+
+resource "google_compute_global_address" "private_ip_alloc" {
+  name          =  "<%= ctx[:vars]['alloydb_cluster_id'] %>"
+  address_type  = "INTERNAL"
+  purpose       = "VPC_PEERING"
+  prefix_length = 16
+  network       = google_compute_network.<%= ctx[:primary_resource_id] %>.id
+}
+
+resource "google_service_networking_connection" "vpc_connection" {
+  network                 = google_compute_network.<%= ctx[:primary_resource_id] %>.id
+  service                 = "servicenetworking.googleapis.com"
+  reserved_peering_ranges = [google_compute_global_address.private_ip_alloc.name]
+}