From 88f1b3c3cef9a8dfe0dce3b2097fdde9be8fd34b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felipe=20Gon=C3=A7alves=20de=20Castro?=
 <felipecastro07@gmail.com>
Date: Wed, 13 Sep 2023 19:03:55 -0300
Subject: [PATCH] enhance subnetwork resource with PRIVATE_NAT purpose in docs
 and test

---
 mmv1/products/compute/Subnetwork.yaml            | 10 +++++++++-
 .../subnetwork_purpose_private_nat.tf.erb        | 16 ++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 mmv1/templates/terraform/examples/subnetwork_purpose_private_nat.tf.erb

diff --git a/mmv1/products/compute/Subnetwork.yaml b/mmv1/products/compute/Subnetwork.yaml
index 1c48d02c2f40..30a42a051352 100644
--- a/mmv1/products/compute/Subnetwork.yaml
+++ b/mmv1/products/compute/Subnetwork.yaml
@@ -109,6 +109,13 @@ examples:
     vars:
       subnetwork_name: 'internal-ipv6-test-subnetwork'
       network_name: 'internal-ipv6-test-network'
+  - !ruby/object:Provider::Terraform::Examples
+    name: 'subnetwork_purpose_private_nat'
+    min_version: beta
+    primary_resource_id: 'subnetwork-purpose-private-nat'
+    vars:
+      subnetwork_name: 'subnet-purpose-test-subnetwork'
+      network_name: 'subnet-purpose-test-network'
 properties:
   - !ruby/object:Api::Type::Time
     name: 'creationTimestamp'
@@ -165,10 +172,11 @@ properties:
     name: 'purpose'
     immutable: true
     description: |
-      The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY`, or `PRIVATE_SERVICE_CONNECT`.
+      The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY`, `PRIVATE_SERVICE_CONNECT` or `PRIVATE_NAT`([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)).
       A subnet with purpose set to `REGIONAL_MANAGED_PROXY` is a user-created subnetwork that is reserved for regional Envoy-based load balancers.
       A subnetwork in a given region with purpose set to `GLOBAL_MANAGED_PROXY` is a proxy-only subnet and is shared between all the cross-regional Envoy-based load balancers.
       A subnetwork with purpose set to `PRIVATE_SERVICE_CONNECT` reserves the subnet for hosting a Private Service Connect published service.
+      A subnetwork with purpose set to `PRIVATE_NAT` is used as source range for Private NAT gateways.
       Note that `REGIONAL_MANAGED_PROXY` is the preferred setting for all regional Envoy load balancers.
       If unspecified, the purpose defaults to `PRIVATE_RFC_1918`.
     default_from_api: true
diff --git a/mmv1/templates/terraform/examples/subnetwork_purpose_private_nat.tf.erb b/mmv1/templates/terraform/examples/subnetwork_purpose_private_nat.tf.erb
new file mode 100644
index 000000000000..198e86759998
--- /dev/null
+++ b/mmv1/templates/terraform/examples/subnetwork_purpose_private_nat.tf.erb
@@ -0,0 +1,16 @@
+resource "google_compute_subnetwork" "subnetwork-purpose-private-nat" {
+  provider         = google-beta
+
+  name             = "<%= ctx[:vars]['subnetwork_name'] %>"
+  region           = "us-west2"
+  ip_cidr_range    = "192.168.1.0/24"
+  purpose          = "PRIVATE_NAT"
+  network          = google_compute_network.custom-test.id
+}
+
+resource "google_compute_network" "custom-test" {
+  provider                = google-beta
+
+  name                    = "<%= ctx[:vars]['network_name'] %>"
+  auto_create_subnetworks = false
+}