From 9d780e419f9f36f9231875d8f811f3ed889e3e34 Mon Sep 17 00:00:00 2001 From: The Magician Date: Mon, 31 Jul 2023 12:28:43 -0700 Subject: [PATCH] Update docs for missing proxy subnet type (#8502) (#5981) * Update subnetwork_log_config.go.erb with new purpose * Update Subnetwork.yaml * Update TargetHttpsProxy.yaml Signed-off-by: Modular Magician --- .changelog/8502.txt | 3 +++ .../services/compute/resource_compute_subnetwork.go | 11 ++++++----- .../compute/resource_compute_target_https_proxy.go | 5 ++--- website/docs/r/compute_subnetwork.html.markdown | 7 ++++--- .../docs/r/compute_target_https_proxy.html.markdown | 5 ++--- 5 files changed, 17 insertions(+), 14 deletions(-) create mode 100644 .changelog/8502.txt diff --git a/.changelog/8502.txt b/.changelog/8502.txt new file mode 100644 index 0000000000..839d5fdd91 --- /dev/null +++ b/.changelog/8502.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +compute: added a new type `GLOBAL_MANAGED_PROXY` for the filed `purpose` in the resource `google_compute_subnetwork` +``` diff --git a/google-beta/services/compute/resource_compute_subnetwork.go b/google-beta/services/compute/resource_compute_subnetwork.go index cbc76e2340..901e43d444 100644 --- a/google-beta/services/compute/resource_compute_subnetwork.go +++ b/google-beta/services/compute/resource_compute_subnetwork.go @@ -128,7 +128,7 @@ cannot enable direct path. Possible values: ["EXTERNAL", "INTERNAL"]`, Optional: true, Description: `Denotes the logging options for the subnetwork flow logs. If logging is enabled logs will be exported to Stackdriver. This field cannot be set if the 'purpose' of this -subnetwork is 'INTERNAL_HTTPS_LOAD_BALANCER'`, +subnetwork is 'INTERNAL_HTTPS_LOAD_BALANCER' or 'REGIONAL_MANAGED_PROXY' or 'GLOBAL_MANAGED_PROXY'`, MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -204,12 +204,13 @@ access Google APIs and services by using Private Google Access.`, Computed: true, Optional: true, ForceNew: true, - Description: `The purpose of the resource. This field can be either 'PRIVATE_RFC_1918', 'INTERNAL_HTTPS_LOAD_BALANCER', 'REGIONAL_MANAGED_PROXY', or 'PRIVATE_SERVICE_CONNECT'. + Description: `The purpose of the resource. This field can be either 'PRIVATE_RFC_1918', 'INTERNAL_HTTPS_LOAD_BALANCER', 'REGIONAL_MANAGED_PROXY', 'GLOBAL_MANAGED_PROXY' or 'PRIVATE_SERVICE_CONNECT'. A subnetwork with purpose set to 'INTERNAL_HTTPS_LOAD_BALANCER' is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. A subnetwork in a given region with purpose set to 'REGIONAL_MANAGED_PROXY' is a proxy-only subnet and is shared between all the regional Envoy-based load balancers. +A subnetwork in a given region with purpose set to 'GLOBAL_MANAGED_PROXY' is a proxy-only subnet and is shared between all the cross-regional Envoy-based load balancers. A subnetwork with purpose set to 'PRIVATE_SERVICE_CONNECT' reserves the subnet for hosting a Private Service Connect published service. If unspecified, the purpose defaults to 'PRIVATE_RFC_1918'. -The enableFlowLogs field isn't supported with the purpose field set to 'INTERNAL_HTTPS_LOAD_BALANCER'.`, +The enableFlowLogs field isn't supported with the purpose field set to 'INTERNAL_HTTPS_LOAD_BALANCER' or 'REGIONAL_MANAGED_PROXY' or 'GLOBAL_MANAGED_PROXY'.`, }, "region": { Type: schema.TypeString, @@ -1265,8 +1266,8 @@ func expandComputeSubnetworkLogConfig(v interface{}, d tpgresource.TerraformReso if len(l) == 0 || l[0] == nil { purpose, ok := d.GetOkExists("purpose") - if ok && (purpose.(string) == "REGIONAL_MANAGED_PROXY" || purpose.(string) == "INTERNAL_HTTPS_LOAD_BALANCER") { - // Subnetworks for regional L7 ILB/XLB do not accept any values for logConfig + if ok && (purpose.(string) == "REGIONAL_MANAGED_PROXY" || purpose.(string) == "GLOBAL_MANAGED_PROXY" || purpose.(string) == "INTERNAL_HTTPS_LOAD_BALANCER") { + // Subnetworks for regional L7 ILB/XLB or cross-regional L7 ILB do not accept any values for logConfig return nil, nil } // send enable = false to ensure logging is disabled if there is no config diff --git a/google-beta/services/compute/resource_compute_target_https_proxy.go b/google-beta/services/compute/resource_compute_target_https_proxy.go index eb6ff59f05..804c340911 100644 --- a/google-beta/services/compute/resource_compute_target_https_proxy.go +++ b/google-beta/services/compute/resource_compute_target_https_proxy.go @@ -112,9 +112,8 @@ specified, Google manages whether QUIC is used. Default value: "NONE" Possible v "ssl_certificates": { Type: schema.TypeList, Optional: true, - Description: `A list of SslCertificate resources that are used to authenticate -connections between users and the load balancer. At least one SSL -certificate must be specified.`, + Description: `A list of SslCertificate resource URLs or Certificate Manager certificate URLs that are used to authenticate +connections between users and the load balancer. At least one resource must be specified.`, Elem: &schema.Schema{ Type: schema.TypeString, DiffSuppressFunc: tpgresource.CompareSelfLinkOrResourceName, diff --git a/website/docs/r/compute_subnetwork.html.markdown b/website/docs/r/compute_subnetwork.html.markdown index a4be6534ec..354a509407 100644 --- a/website/docs/r/compute_subnetwork.html.markdown +++ b/website/docs/r/compute_subnetwork.html.markdown @@ -223,12 +223,13 @@ The following arguments are supported: * `purpose` - (Optional) - The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `INTERNAL_HTTPS_LOAD_BALANCER`, `REGIONAL_MANAGED_PROXY`, or `PRIVATE_SERVICE_CONNECT`. + The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `INTERNAL_HTTPS_LOAD_BALANCER`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY` or `PRIVATE_SERVICE_CONNECT`. A subnetwork with purpose set to `INTERNAL_HTTPS_LOAD_BALANCER` is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. A subnetwork in a given region with purpose set to `REGIONAL_MANAGED_PROXY` is a proxy-only subnet and is shared between all the regional Envoy-based load balancers. + A subnetwork in a given region with purpose set to `GLOBAL_MANAGED_PROXY` is a proxy-only subnet and is shared between all the cross-regional Envoy-based load balancers. A subnetwork with purpose set to `PRIVATE_SERVICE_CONNECT` reserves the subnet for hosting a Private Service Connect published service. If unspecified, the purpose defaults to `PRIVATE_RFC_1918`. - The enableFlowLogs field isn't supported with the purpose field set to `INTERNAL_HTTPS_LOAD_BALANCER`. + The enableFlowLogs field isn't supported with the purpose field set to `INTERNAL_HTTPS_LOAD_BALANCER` or `REGIONAL_MANAGED_PROXY` or `GLOBAL_MANAGED_PROXY`. * `role` - (Optional) @@ -269,7 +270,7 @@ The following arguments are supported: (Optional) Denotes the logging options for the subnetwork flow logs. If logging is enabled logs will be exported to Stackdriver. This field cannot be set if the `purpose` of this - subnetwork is `INTERNAL_HTTPS_LOAD_BALANCER` + subnetwork is `INTERNAL_HTTPS_LOAD_BALANCER` or `REGIONAL_MANAGED_PROXY` or `GLOBAL_MANAGED_PROXY` Structure is [documented below](#nested_log_config). * `stack_type` - diff --git a/website/docs/r/compute_target_https_proxy.html.markdown b/website/docs/r/compute_target_https_proxy.html.markdown index 9a266f6b3f..fe2069c466 100644 --- a/website/docs/r/compute_target_https_proxy.html.markdown +++ b/website/docs/r/compute_target_https_proxy.html.markdown @@ -190,9 +190,8 @@ The following arguments are supported: * `ssl_certificates` - (Optional) - A list of SslCertificate resources that are used to authenticate - connections between users and the load balancer. At least one SSL - certificate must be specified. + A list of SslCertificate resource URLs or Certificate Manager certificate URLs that are used to authenticate + connections between users and the load balancer. At least one resource must be specified. * `certificate_map` - (Optional)