From 233c186ed61d2906899b0291609c4b325d3d74d5 Mon Sep 17 00:00:00 2001 From: Modular Magician Date: Tue, 18 Jan 2022 16:53:17 +0000 Subject: [PATCH] Network Connectivity Spoke (#5586) Signed-off-by: Modular Magician --- .changelog/5586.txt | 3 + go.mod | 2 +- go.sum | 8 +- google-beta/provider.go | 1 + .../resource_compute_forwarding_rule.go | 2 +- ...resource_compute_global_forwarding_rule.go | 2 +- .../resource_network_connectivity_spoke.go | 626 ++++ ...twork_connectivity_spoke_generated_test.go | 227 ++ ...network_connectivity_spoke_sweeper_test.go | 71 + ...resource_os_config_os_policy_assignment.go | 2597 +++++++++++------ .../network_connectivity_spoke.html.markdown | 213 ++ ..._config_os_policy_assignment.html.markdown | 368 ++- website/google.erb | 4 + 13 files changed, 3204 insertions(+), 920 deletions(-) create mode 100644 .changelog/5586.txt create mode 100644 google-beta/resource_network_connectivity_spoke.go create mode 100644 google-beta/resource_network_connectivity_spoke_generated_test.go create mode 100644 google-beta/resource_network_connectivity_spoke_sweeper_test.go create mode 100644 website/docs/r/network_connectivity_spoke.html.markdown diff --git a/.changelog/5586.txt b/.changelog/5586.txt new file mode 100644 index 0000000000..389a67779f --- /dev/null +++ b/.changelog/5586.txt @@ -0,0 +1,3 @@ +```release-note:new-resource +`google_network_connectivity_spoke` +``` diff --git a/go.mod b/go.mod index 3cad0099d2..a1630b6fe4 100644 --- a/go.mod +++ b/go.mod @@ -1,7 +1,7 @@ module github.com/hashicorp/terraform-provider-google-beta require ( cloud.google.com/go/bigtable v1.10.1 - github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220106225628-959dba9ad83c + github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220114025148-a9879027a727 github.com/apparentlymart/go-cidr v1.1.0 github.com/client9/misspell v0.3.4 github.com/davecgh/go-spew v1.1.1 diff --git a/go.sum b/go.sum index 8c0379d3af..56f087c478 100644 --- a/go.sum +++ b/go.sum @@ -65,6 +65,12 @@ github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24 h1:sHglBQTwgx+rW github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24/go.mod h1:4UJr5HIiMZrwgkSPdsjy2uOQExX/WEILpIrO9UPGuXs= github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20211215020606-79616333f950 h1:pJAaEIUF6dSY6hRyiHpSlSHgvyaCv478IUVZR6t2OIU= github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20211215020606-79616333f950/go.mod h1:oEeBHikdF/NrnUy0ornVaY1OT+jGvTqm+LQS0+ZDKzU= +github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220106225628-959dba9ad83c h1:eSQGB4tXlzv8Z/LXRoP3Ja6dHMSIv/z4Qw+5VT6WaB8= +github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220106225628-959dba9ad83c/go.mod h1:oEeBHikdF/NrnUy0ornVaY1OT+jGvTqm+LQS0+ZDKzU= +github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220110205338-bb0f55721bc4 h1:q6pEOs1blrAzT4w9oWV9BlgAaNXEytrOTORhYxIBQEQ= +github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220110205338-bb0f55721bc4/go.mod h1:oEeBHikdF/NrnUy0ornVaY1OT+jGvTqm+LQS0+ZDKzU= +github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220114025148-a9879027a727 h1:+s/Q1OtaOX8y10li7GLqeBx6e4jd3aF/YlLhXWG9Y9g= +github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220114025148-a9879027a727/go.mod h1:oEeBHikdF/NrnUy0ornVaY1OT+jGvTqm+LQS0+ZDKzU= github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver v1.4.2/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= @@ -1441,5 +1447,3 @@ rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= -github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220106225628-959dba9ad83c h1:eSQGB4tXlzv8Z/LXRoP3Ja6dHMSIv/z4Qw+5VT6WaB8= -github.com/GoogleCloudPlatform/declarative-resource-client-library v0.0.0-20220106225628-959dba9ad83c/go.mod h1:oEeBHikdF/NrnUy0ornVaY1OT+jGvTqm+LQS0+ZDKzU= diff --git a/google-beta/provider.go b/google-beta/provider.go index 78dc2c3105..53118f4b65 100644 --- a/google-beta/provider.go +++ b/google-beta/provider.go @@ -1367,6 +1367,7 @@ func ResourceMapWithErrors() (map[string]*schema.Resource, error) { "google_gke_hub_feature_membership": resourceGkeHubFeatureMembership(), "google_monitoring_monitored_project": resourceMonitoringMonitoredProject(), "google_network_connectivity_hub": resourceNetworkConnectivityHub(), + "google_network_connectivity_spoke": resourceNetworkConnectivitySpoke(), "google_org_policy_policy": resourceOrgPolicyPolicy(), "google_os_config_os_policy_assignment": resourceOsConfigOsPolicyAssignment(), "google_privateca_certificate_template": resourcePrivatecaCertificateTemplate(), diff --git a/google-beta/resource_compute_forwarding_rule.go b/google-beta/resource_compute_forwarding_rule.go index 48c1fa00b2..cd25946081 100644 --- a/google-beta/resource_compute_forwarding_rule.go +++ b/google-beta/resource_compute_forwarding_rule.go @@ -116,7 +116,7 @@ func resourceComputeForwardingRule() *schema.Resource { Type: schema.TypeString, Optional: true, ForceNew: true, - Description: "Specifies the forwarding rule type.\n\n* `EXTERNAL` is used for:\n * Classic Cloud VPN gateways\n * Protocol forwarding to VMs from an external IP address\n * The following load balancers: HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP\n* `INTERNAL` is used for:\n * Protocol forwarding to VMs from an internal IP address\n * Internal TCP/UDP load balancers\n* `INTERNAL_MANAGED` is used for:\n * Internal HTTP(S) load balancers\n* `INTERNAL_SELF_MANAGED` is used for:\n * Traffic Director\n\nFor more information about forwarding rules, refer to [Forwarding rule concepts](/load-balancing/docs/forwarding-rule-concepts). Possible values: INVALID, INTERNAL, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED, EXTERNAL", + Description: "Specifies the forwarding rule type.\n\n* `EXTERNAL` is used for:\n * Classic Cloud VPN gateways\n * Protocol forwarding to VMs from an external IP address\n * The following load balancers: HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP\n* `INTERNAL` is used for:\n * Protocol forwarding to VMs from an internal IP address\n * Internal TCP/UDP load balancers\n* `INTERNAL_MANAGED` is used for:\n * Internal HTTP(S) load balancers\n* `INTERNAL_SELF_MANAGED` is used for:\n * Traffic Director\n* `EXTERNAL_MANAGED` is used for:\n * Global external HTTP(S) load balancers \n\nFor more information about forwarding rules, refer to [Forwarding rule concepts](/load-balancing/docs/forwarding-rule-concepts). Possible values: INVALID, INTERNAL, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED, EXTERNAL, EXTERNAL_MANAGED", Default: "EXTERNAL", }, diff --git a/google-beta/resource_compute_global_forwarding_rule.go b/google-beta/resource_compute_global_forwarding_rule.go index 484c039df5..cb3c49bcfc 100644 --- a/google-beta/resource_compute_global_forwarding_rule.go +++ b/google-beta/resource_compute_global_forwarding_rule.go @@ -102,7 +102,7 @@ func resourceComputeGlobalForwardingRule() *schema.Resource { Type: schema.TypeString, Optional: true, ForceNew: true, - Description: "Specifies the forwarding rule type.\n\n* `EXTERNAL` is used for:\n * Classic Cloud VPN gateways\n * Protocol forwarding to VMs from an external IP address\n * The following load balancers: HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP\n* `INTERNAL` is used for:\n * Protocol forwarding to VMs from an internal IP address\n * Internal TCP/UDP load balancers\n* `INTERNAL_MANAGED` is used for:\n * Internal HTTP(S) load balancers\n* `INTERNAL_SELF_MANAGED` is used for:\n * Traffic Director\n\nFor more information about forwarding rules, refer to [Forwarding rule concepts](/load-balancing/docs/forwarding-rule-concepts). Possible values: INVALID, INTERNAL, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED, EXTERNAL", + Description: "Specifies the forwarding rule type.\n\n* `EXTERNAL` is used for:\n * Classic Cloud VPN gateways\n * Protocol forwarding to VMs from an external IP address\n * The following load balancers: HTTP(S), SSL Proxy, TCP Proxy, and Network TCP/UDP\n* `INTERNAL` is used for:\n * Protocol forwarding to VMs from an internal IP address\n * Internal TCP/UDP load balancers\n* `INTERNAL_MANAGED` is used for:\n * Internal HTTP(S) load balancers\n* `INTERNAL_SELF_MANAGED` is used for:\n * Traffic Director\n* `EXTERNAL_MANAGED` is used for:\n * Global external HTTP(S) load balancers \n\nFor more information about forwarding rules, refer to [Forwarding rule concepts](/load-balancing/docs/forwarding-rule-concepts). Possible values: INVALID, INTERNAL, INTERNAL_MANAGED, INTERNAL_SELF_MANAGED, EXTERNAL, EXTERNAL_MANAGED", Default: "EXTERNAL", }, diff --git a/google-beta/resource_network_connectivity_spoke.go b/google-beta/resource_network_connectivity_spoke.go new file mode 100644 index 0000000000..5ff33f714a --- /dev/null +++ b/google-beta/resource_network_connectivity_spoke.go @@ -0,0 +1,626 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: DCL *** +// +// ---------------------------------------------------------------------------- +// +// This file is managed by Magic Modules (https://github.com/GoogleCloudPlatform/magic-modules) +// and is based on the DCL (https://github.com/GoogleCloudPlatform/declarative-resource-client-library). +// Changes will need to be made to the DCL or Magic Modules instead of here. +// +// We are not currently able to accept contributions to this file. If changes +// are required, please file an issue at https://github.com/hashicorp/terraform-provider-google/issues/new/choose +// +// ---------------------------------------------------------------------------- + +package google + +import ( + "context" + "fmt" + "log" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + dcl "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" + networkconnectivity "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/networkconnectivity/beta" +) + +func resourceNetworkConnectivitySpoke() *schema.Resource { + return &schema.Resource{ + Create: resourceNetworkConnectivitySpokeCreate, + Read: resourceNetworkConnectivitySpokeRead, + Update: resourceNetworkConnectivitySpokeUpdate, + Delete: resourceNetworkConnectivitySpokeDelete, + + Importer: &schema.ResourceImporter{ + State: resourceNetworkConnectivitySpokeImport, + }, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(10 * time.Minute), + Update: schema.DefaultTimeout(10 * time.Minute), + Delete: schema.DefaultTimeout(10 * time.Minute), + }, + + Schema: map[string]*schema.Schema{ + "hub": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + DiffSuppressFunc: compareSelfLinkOrResourceName, + Description: "Immutable. The URI of the hub that this spoke is attached to.", + }, + + "location": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: "The location for the resource", + }, + + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: "Immutable. The name of the spoke. Spoke names must be unique.", + }, + + "description": { + Type: schema.TypeString, + Optional: true, + Description: "An optional description of the spoke.", + }, + + "labels": { + Type: schema.TypeMap, + Optional: true, + Description: "Optional labels in key:value format. For more information about labels, see [Requirements for labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements).", + Elem: &schema.Schema{Type: schema.TypeString}, + }, + + "linked_interconnect_attachments": { + Type: schema.TypeList, + Optional: true, + ForceNew: true, + Description: "A collection of VLAN attachment resources. These resources should be redundant attachments that all advertise the same prefixes to Google Cloud. Alternatively, in active/passive configurations, all attachments should be capable of advertising the same prefixes.", + MaxItems: 1, + Elem: NetworkConnectivitySpokeLinkedInterconnectAttachmentsSchema(), + ConflictsWith: []string{"linked_vpn_tunnels", "linked_router_appliance_instances"}, + }, + + "linked_router_appliance_instances": { + Type: schema.TypeList, + Optional: true, + ForceNew: true, + Description: "The URIs of linked Router appliance resources", + MaxItems: 1, + Elem: NetworkConnectivitySpokeLinkedRouterApplianceInstancesSchema(), + ConflictsWith: []string{"linked_vpn_tunnels", "linked_interconnect_attachments"}, + }, + + "linked_vpn_tunnels": { + Type: schema.TypeList, + Optional: true, + ForceNew: true, + Description: "The URIs of linked VPN tunnel resources", + MaxItems: 1, + Elem: NetworkConnectivitySpokeLinkedVpnTunnelsSchema(), + ConflictsWith: []string{"linked_interconnect_attachments", "linked_router_appliance_instances"}, + }, + + "project": { + Type: schema.TypeString, + Computed: true, + Optional: true, + ForceNew: true, + DiffSuppressFunc: compareSelfLinkOrResourceName, + Description: "The project for the resource", + }, + + "create_time": { + Type: schema.TypeString, + Computed: true, + Description: "Output only. The time the spoke was created.", + }, + + "state": { + Type: schema.TypeString, + Computed: true, + Description: "Output only. The current lifecycle state of this spoke. Possible values: STATE_UNSPECIFIED, CREATING, ACTIVE, DELETING", + }, + + "unique_id": { + Type: schema.TypeString, + Computed: true, + Description: "Output only. The Google-generated UUID for the spoke. This value is unique across all spoke resources. If a spoke is deleted and another with the same name is created, the new spoke is assigned a different unique_id.", + }, + + "update_time": { + Type: schema.TypeString, + Computed: true, + Description: "Output only. The time the spoke was last updated.", + }, + }, + } +} + +func NetworkConnectivitySpokeLinkedInterconnectAttachmentsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "site_to_site_data_transfer": { + Type: schema.TypeBool, + Required: true, + ForceNew: true, + Description: "A value that controls whether site-to-site data transfer is enabled for these resources. Note that data transfer is available only in supported locations.", + }, + + "uris": { + Type: schema.TypeList, + Required: true, + ForceNew: true, + Description: "The URIs of linked interconnect attachment resources", + Elem: &schema.Schema{Type: schema.TypeString}, + }, + }, + } +} + +func NetworkConnectivitySpokeLinkedRouterApplianceInstancesSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "instances": { + Type: schema.TypeList, + Required: true, + ForceNew: true, + Description: "The list of router appliance instances", + Elem: NetworkConnectivitySpokeLinkedRouterApplianceInstancesInstancesSchema(), + }, + + "site_to_site_data_transfer": { + Type: schema.TypeBool, + Required: true, + ForceNew: true, + Description: "A value that controls whether site-to-site data transfer is enabled for these resources. Note that data transfer is available only in supported locations.", + }, + }, + } +} + +func NetworkConnectivitySpokeLinkedRouterApplianceInstancesInstancesSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "ip_address": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Description: "The IP address on the VM to use for peering.", + }, + + "virtual_machine": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + DiffSuppressFunc: compareSelfLinkOrResourceName, + Description: "The URI of the virtual machine resource", + }, + }, + } +} + +func NetworkConnectivitySpokeLinkedVpnTunnelsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "site_to_site_data_transfer": { + Type: schema.TypeBool, + Required: true, + ForceNew: true, + Description: "A value that controls whether site-to-site data transfer is enabled for these resources. Note that data transfer is available only in supported locations.", + }, + + "uris": { + Type: schema.TypeList, + Required: true, + ForceNew: true, + Description: "The URIs of linked VPN tunnel resources.", + Elem: &schema.Schema{Type: schema.TypeString}, + }, + }, + } +} + +func resourceNetworkConnectivitySpokeCreate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*Config) + project, err := getProject(d, config) + if err != nil { + return err + } + + obj := &networkconnectivity.Spoke{ + Hub: dcl.String(d.Get("hub").(string)), + Location: dcl.String(d.Get("location").(string)), + Name: dcl.String(d.Get("name").(string)), + Description: dcl.String(d.Get("description").(string)), + Labels: checkStringMap(d.Get("labels")), + LinkedInterconnectAttachments: expandNetworkConnectivitySpokeLinkedInterconnectAttachments(d.Get("linked_interconnect_attachments")), + LinkedRouterApplianceInstances: expandNetworkConnectivitySpokeLinkedRouterApplianceInstances(d.Get("linked_router_appliance_instances")), + LinkedVpnTunnels: expandNetworkConnectivitySpokeLinkedVpnTunnels(d.Get("linked_vpn_tunnels")), + Project: dcl.String(project), + } + + id, err := replaceVarsForId(d, config, "projects/{{project}}/locations/{{location}}/spokes/{{name}}") + if err != nil { + return fmt.Errorf("error constructing id: %s", err) + } + d.SetId(id) + createDirective := CreateDirective + userAgent, err := generateUserAgentString(d, config.userAgent) + if err != nil { + return err + } + billingProject := project + // err == nil indicates that the billing_project value was found + if bp, err := getBillingProject(d, config); err == nil { + billingProject = bp + } + client := NewDCLNetworkConnectivityClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutCreate)) + if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { + d.SetId("") + return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) + } else { + client.Config.BasePath = bp + } + res, err := client.ApplySpoke(context.Background(), obj, createDirective...) + + if _, ok := err.(dcl.DiffAfterApplyError); ok { + log.Printf("[DEBUG] Diff after apply returned from the DCL: %s", err) + } else if err != nil { + // The resource didn't actually create + d.SetId("") + return fmt.Errorf("Error creating Spoke: %s", err) + } + + log.Printf("[DEBUG] Finished creating Spoke %q: %#v", d.Id(), res) + + return resourceNetworkConnectivitySpokeRead(d, meta) +} + +func resourceNetworkConnectivitySpokeRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*Config) + project, err := getProject(d, config) + if err != nil { + return err + } + + obj := &networkconnectivity.Spoke{ + Hub: dcl.String(d.Get("hub").(string)), + Location: dcl.String(d.Get("location").(string)), + Name: dcl.String(d.Get("name").(string)), + Description: dcl.String(d.Get("description").(string)), + Labels: checkStringMap(d.Get("labels")), + LinkedInterconnectAttachments: expandNetworkConnectivitySpokeLinkedInterconnectAttachments(d.Get("linked_interconnect_attachments")), + LinkedRouterApplianceInstances: expandNetworkConnectivitySpokeLinkedRouterApplianceInstances(d.Get("linked_router_appliance_instances")), + LinkedVpnTunnels: expandNetworkConnectivitySpokeLinkedVpnTunnels(d.Get("linked_vpn_tunnels")), + Project: dcl.String(project), + } + + userAgent, err := generateUserAgentString(d, config.userAgent) + if err != nil { + return err + } + billingProject := project + // err == nil indicates that the billing_project value was found + if bp, err := getBillingProject(d, config); err == nil { + billingProject = bp + } + client := NewDCLNetworkConnectivityClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutRead)) + if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { + d.SetId("") + return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) + } else { + client.Config.BasePath = bp + } + res, err := client.GetSpoke(context.Background(), obj) + if err != nil { + resourceName := fmt.Sprintf("NetworkConnectivitySpoke %q", d.Id()) + return handleNotFoundDCLError(err, d, resourceName) + } + + if err = d.Set("hub", res.Hub); err != nil { + return fmt.Errorf("error setting hub in state: %s", err) + } + if err = d.Set("location", res.Location); err != nil { + return fmt.Errorf("error setting location in state: %s", err) + } + if err = d.Set("name", res.Name); err != nil { + return fmt.Errorf("error setting name in state: %s", err) + } + if err = d.Set("description", res.Description); err != nil { + return fmt.Errorf("error setting description in state: %s", err) + } + if err = d.Set("labels", res.Labels); err != nil { + return fmt.Errorf("error setting labels in state: %s", err) + } + if err = d.Set("linked_interconnect_attachments", flattenNetworkConnectivitySpokeLinkedInterconnectAttachments(res.LinkedInterconnectAttachments)); err != nil { + return fmt.Errorf("error setting linked_interconnect_attachments in state: %s", err) + } + if err = d.Set("linked_router_appliance_instances", flattenNetworkConnectivitySpokeLinkedRouterApplianceInstances(res.LinkedRouterApplianceInstances)); err != nil { + return fmt.Errorf("error setting linked_router_appliance_instances in state: %s", err) + } + if err = d.Set("linked_vpn_tunnels", flattenNetworkConnectivitySpokeLinkedVpnTunnels(res.LinkedVpnTunnels)); err != nil { + return fmt.Errorf("error setting linked_vpn_tunnels in state: %s", err) + } + if err = d.Set("project", res.Project); err != nil { + return fmt.Errorf("error setting project in state: %s", err) + } + if err = d.Set("create_time", res.CreateTime); err != nil { + return fmt.Errorf("error setting create_time in state: %s", err) + } + if err = d.Set("state", res.State); err != nil { + return fmt.Errorf("error setting state in state: %s", err) + } + if err = d.Set("unique_id", res.UniqueId); err != nil { + return fmt.Errorf("error setting unique_id in state: %s", err) + } + if err = d.Set("update_time", res.UpdateTime); err != nil { + return fmt.Errorf("error setting update_time in state: %s", err) + } + + return nil +} +func resourceNetworkConnectivitySpokeUpdate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*Config) + project, err := getProject(d, config) + if err != nil { + return err + } + + obj := &networkconnectivity.Spoke{ + Hub: dcl.String(d.Get("hub").(string)), + Location: dcl.String(d.Get("location").(string)), + Name: dcl.String(d.Get("name").(string)), + Description: dcl.String(d.Get("description").(string)), + Labels: checkStringMap(d.Get("labels")), + LinkedInterconnectAttachments: expandNetworkConnectivitySpokeLinkedInterconnectAttachments(d.Get("linked_interconnect_attachments")), + LinkedRouterApplianceInstances: expandNetworkConnectivitySpokeLinkedRouterApplianceInstances(d.Get("linked_router_appliance_instances")), + LinkedVpnTunnels: expandNetworkConnectivitySpokeLinkedVpnTunnels(d.Get("linked_vpn_tunnels")), + Project: dcl.String(project), + } + directive := UpdateDirective + userAgent, err := generateUserAgentString(d, config.userAgent) + if err != nil { + return err + } + + billingProject := "" + // err == nil indicates that the billing_project value was found + if bp, err := getBillingProject(d, config); err == nil { + billingProject = bp + } + client := NewDCLNetworkConnectivityClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutUpdate)) + if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { + d.SetId("") + return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) + } else { + client.Config.BasePath = bp + } + res, err := client.ApplySpoke(context.Background(), obj, directive...) + + if _, ok := err.(dcl.DiffAfterApplyError); ok { + log.Printf("[DEBUG] Diff after apply returned from the DCL: %s", err) + } else if err != nil { + // The resource didn't actually create + d.SetId("") + return fmt.Errorf("Error updating Spoke: %s", err) + } + + log.Printf("[DEBUG] Finished creating Spoke %q: %#v", d.Id(), res) + + return resourceNetworkConnectivitySpokeRead(d, meta) +} + +func resourceNetworkConnectivitySpokeDelete(d *schema.ResourceData, meta interface{}) error { + config := meta.(*Config) + project, err := getProject(d, config) + if err != nil { + return err + } + + obj := &networkconnectivity.Spoke{ + Hub: dcl.String(d.Get("hub").(string)), + Location: dcl.String(d.Get("location").(string)), + Name: dcl.String(d.Get("name").(string)), + Description: dcl.String(d.Get("description").(string)), + Labels: checkStringMap(d.Get("labels")), + LinkedInterconnectAttachments: expandNetworkConnectivitySpokeLinkedInterconnectAttachments(d.Get("linked_interconnect_attachments")), + LinkedRouterApplianceInstances: expandNetworkConnectivitySpokeLinkedRouterApplianceInstances(d.Get("linked_router_appliance_instances")), + LinkedVpnTunnels: expandNetworkConnectivitySpokeLinkedVpnTunnels(d.Get("linked_vpn_tunnels")), + Project: dcl.String(project), + } + + log.Printf("[DEBUG] Deleting Spoke %q", d.Id()) + userAgent, err := generateUserAgentString(d, config.userAgent) + if err != nil { + return err + } + billingProject := project + // err == nil indicates that the billing_project value was found + if bp, err := getBillingProject(d, config); err == nil { + billingProject = bp + } + client := NewDCLNetworkConnectivityClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutDelete)) + if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { + d.SetId("") + return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) + } else { + client.Config.BasePath = bp + } + if err := client.DeleteSpoke(context.Background(), obj); err != nil { + return fmt.Errorf("Error deleting Spoke: %s", err) + } + + log.Printf("[DEBUG] Finished deleting Spoke %q", d.Id()) + return nil +} + +func resourceNetworkConnectivitySpokeImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + config := meta.(*Config) + if err := parseImportId([]string{ + "projects/(?P[^/]+)/locations/(?P[^/]+)/spokes/(?P[^/]+)", + "(?P[^/]+)/(?P[^/]+)/(?P[^/]+)", + "(?P[^/]+)/(?P[^/]+)", + }, d, config); err != nil { + return nil, err + } + + // Replace import id for the resource id + id, err := replaceVarsForId(d, config, "projects/{{project}}/locations/{{location}}/spokes/{{name}}") + if err != nil { + return nil, fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + return []*schema.ResourceData{d}, nil +} + +func expandNetworkConnectivitySpokeLinkedInterconnectAttachments(o interface{}) *networkconnectivity.SpokeLinkedInterconnectAttachments { + if o == nil { + return networkconnectivity.EmptySpokeLinkedInterconnectAttachments + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return networkconnectivity.EmptySpokeLinkedInterconnectAttachments + } + obj := objArr[0].(map[string]interface{}) + return &networkconnectivity.SpokeLinkedInterconnectAttachments{ + SiteToSiteDataTransfer: dcl.Bool(obj["site_to_site_data_transfer"].(bool)), + Uris: expandStringArray(obj["uris"]), + } +} + +func flattenNetworkConnectivitySpokeLinkedInterconnectAttachments(obj *networkconnectivity.SpokeLinkedInterconnectAttachments) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "site_to_site_data_transfer": obj.SiteToSiteDataTransfer, + "uris": obj.Uris, + } + + return []interface{}{transformed} + +} + +func expandNetworkConnectivitySpokeLinkedRouterApplianceInstances(o interface{}) *networkconnectivity.SpokeLinkedRouterApplianceInstances { + if o == nil { + return networkconnectivity.EmptySpokeLinkedRouterApplianceInstances + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return networkconnectivity.EmptySpokeLinkedRouterApplianceInstances + } + obj := objArr[0].(map[string]interface{}) + return &networkconnectivity.SpokeLinkedRouterApplianceInstances{ + Instances: expandNetworkConnectivitySpokeLinkedRouterApplianceInstancesInstancesArray(obj["instances"]), + SiteToSiteDataTransfer: dcl.Bool(obj["site_to_site_data_transfer"].(bool)), + } +} + +func flattenNetworkConnectivitySpokeLinkedRouterApplianceInstances(obj *networkconnectivity.SpokeLinkedRouterApplianceInstances) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "instances": flattenNetworkConnectivitySpokeLinkedRouterApplianceInstancesInstancesArray(obj.Instances), + "site_to_site_data_transfer": obj.SiteToSiteDataTransfer, + } + + return []interface{}{transformed} + +} +func expandNetworkConnectivitySpokeLinkedRouterApplianceInstancesInstancesArray(o interface{}) []networkconnectivity.SpokeLinkedRouterApplianceInstancesInstances { + if o == nil { + return make([]networkconnectivity.SpokeLinkedRouterApplianceInstancesInstances, 0) + } + + objs := o.([]interface{}) + if len(objs) == 0 { + return make([]networkconnectivity.SpokeLinkedRouterApplianceInstancesInstances, 0) + } + + items := make([]networkconnectivity.SpokeLinkedRouterApplianceInstancesInstances, 0, len(objs)) + for _, item := range objs { + i := expandNetworkConnectivitySpokeLinkedRouterApplianceInstancesInstances(item) + items = append(items, *i) + } + + return items +} + +func expandNetworkConnectivitySpokeLinkedRouterApplianceInstancesInstances(o interface{}) *networkconnectivity.SpokeLinkedRouterApplianceInstancesInstances { + if o == nil { + return networkconnectivity.EmptySpokeLinkedRouterApplianceInstancesInstances + } + + obj := o.(map[string]interface{}) + return &networkconnectivity.SpokeLinkedRouterApplianceInstancesInstances{ + IPAddress: dcl.String(obj["ip_address"].(string)), + VirtualMachine: dcl.String(obj["virtual_machine"].(string)), + } +} + +func flattenNetworkConnectivitySpokeLinkedRouterApplianceInstancesInstancesArray(objs []networkconnectivity.SpokeLinkedRouterApplianceInstancesInstances) []interface{} { + if objs == nil { + return nil + } + + items := []interface{}{} + for _, item := range objs { + i := flattenNetworkConnectivitySpokeLinkedRouterApplianceInstancesInstances(&item) + items = append(items, i) + } + + return items +} + +func flattenNetworkConnectivitySpokeLinkedRouterApplianceInstancesInstances(obj *networkconnectivity.SpokeLinkedRouterApplianceInstancesInstances) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "ip_address": obj.IPAddress, + "virtual_machine": obj.VirtualMachine, + } + + return transformed + +} + +func expandNetworkConnectivitySpokeLinkedVpnTunnels(o interface{}) *networkconnectivity.SpokeLinkedVpnTunnels { + if o == nil { + return networkconnectivity.EmptySpokeLinkedVpnTunnels + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return networkconnectivity.EmptySpokeLinkedVpnTunnels + } + obj := objArr[0].(map[string]interface{}) + return &networkconnectivity.SpokeLinkedVpnTunnels{ + SiteToSiteDataTransfer: dcl.Bool(obj["site_to_site_data_transfer"].(bool)), + Uris: expandStringArray(obj["uris"]), + } +} + +func flattenNetworkConnectivitySpokeLinkedVpnTunnels(obj *networkconnectivity.SpokeLinkedVpnTunnels) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "site_to_site_data_transfer": obj.SiteToSiteDataTransfer, + "uris": obj.Uris, + } + + return []interface{}{transformed} + +} diff --git a/google-beta/resource_network_connectivity_spoke_generated_test.go b/google-beta/resource_network_connectivity_spoke_generated_test.go new file mode 100644 index 0000000000..3d0121749a --- /dev/null +++ b/google-beta/resource_network_connectivity_spoke_generated_test.go @@ -0,0 +1,227 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: DCL *** +// +// ---------------------------------------------------------------------------- +// +// This file is managed by Magic Modules (https://github.com/GoogleCloudPlatform/magic-modules) +// and is based on the DCL (https://github.com/GoogleCloudPlatform/declarative-resource-client-library). +// Changes will need to be made to the DCL or Magic Modules instead of here. +// +// We are not currently able to accept contributions to this file. If changes +// are required, please file an issue at https://github.com/hashicorp/terraform-provider-google/issues/new/choose +// +// ---------------------------------------------------------------------------- + +package google + +import ( + "context" + "fmt" + dcl "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" + networkconnectivity "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/networkconnectivity/beta" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "strings" + "testing" +) + +func TestAccNetworkConnectivitySpoke_RouterApplianceHandWritten(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "project_name": getTestProjectFromEnv(), + "region": getTestRegionFromEnv(), + "zone": getTestZoneFromEnv(), + "random_suffix": randString(t, 10), + } + + vcrTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckNetworkConnectivitySpokeDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccNetworkConnectivitySpoke_RouterApplianceHandWritten(context), + }, + { + ResourceName: "google_network_connectivity_spoke.primary", + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccNetworkConnectivitySpoke_RouterApplianceHandWrittenUpdate0(context), + }, + { + ResourceName: "google_network_connectivity_spoke.primary", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAccNetworkConnectivitySpoke_RouterApplianceHandWritten(context map[string]interface{}) string { + return Nprintf(` + +resource "google_compute_network" "network" { + name = "tf-test-network%{random_suffix}" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "subnetwork" { + name = "tf-test-subnet%{random_suffix}" + ip_cidr_range = "10.0.0.0/28" + region = "%{region}" + network = google_compute_network.network.self_link +} + +resource "google_compute_instance" "instance" { + name = "tf-test-instance%{random_suffix}" + machine_type = "e2-medium" + can_ip_forward = true + zone = "%{zone}" + + boot_disk { + initialize_params { + image = "projects/debian-cloud/global/images/debian-10-buster-v20210817" + } + } + + network_interface { + subnetwork = google_compute_subnetwork.subnetwork.name + network_ip = "10.0.0.2" + access_config { + network_tier = "PREMIUM" + } + } +} + +resource "google_network_connectivity_hub" "basic_hub" { + name = "tf-test-hub%{random_suffix}" + description = "A sample hub" + labels = { + label-two = "value-one" + } +} + +resource "google_network_connectivity_spoke" "primary" { + name = "tf-test-name%{random_suffix}" + location = "%{region}" + description = "A sample spoke with a linked routher appliance instance" + labels = { + label-one = "value-one" + } + hub = google_network_connectivity_hub.basic_hub.id + linked_router_appliance_instances { + instances { + virtual_machine = google_compute_instance.instance.self_link + ip_address = "10.0.0.2" + } + site_to_site_data_transfer = true + } +} +`, context) +} + +func testAccNetworkConnectivitySpoke_RouterApplianceHandWrittenUpdate0(context map[string]interface{}) string { + return Nprintf(` + +resource "google_compute_network" "network" { + name = "tf-test-network%{random_suffix}" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "subnetwork" { + name = "tf-test-subnet%{random_suffix}" + ip_cidr_range = "10.0.0.0/28" + region = "%{region}" + network = google_compute_network.network.self_link +} + +resource "google_compute_instance" "instance" { + name = "tf-test-instance%{random_suffix}" + machine_type = "e2-medium" + can_ip_forward = true + zone = "%{zone}" + + boot_disk { + initialize_params { + image = "projects/debian-cloud/global/images/debian-10-buster-v20210817" + } + } + + network_interface { + subnetwork = google_compute_subnetwork.subnetwork.name + network_ip = "10.0.0.2" + access_config { + network_tier = "PREMIUM" + } + } +} + +resource "google_network_connectivity_hub" "basic_hub" { + name = "tf-test-hub%{random_suffix}" + description = "A sample hub" + labels = { + label-two = "value-one" + } +} + +resource "google_network_connectivity_spoke" "primary" { + name = "tf-test-name%{random_suffix}" + location = "%{region}" + description = "An UPDATED sample spoke with a linked routher appliance instance" + labels = { + label-two = "value-two" + } + hub = google_network_connectivity_hub.basic_hub.id + linked_router_appliance_instances { + instances { + virtual_machine = google_compute_instance.instance.self_link + ip_address = "10.0.0.2" + } + site_to_site_data_transfer = true + } +} +`, context) +} + +func testAccCheckNetworkConnectivitySpokeDestroyProducer(t *testing.T) func(s *terraform.State) error { + return func(s *terraform.State) error { + for name, rs := range s.RootModule().Resources { + if rs.Type != "rs.google_network_connectivity_spoke" { + continue + } + if strings.HasPrefix(name, "data.") { + continue + } + + config := googleProviderConfig(t) + + billingProject := "" + if config.BillingProject != "" { + billingProject = config.BillingProject + } + + obj := &networkconnectivity.Spoke{ + Hub: dcl.String(rs.Primary.Attributes["hub"]), + Location: dcl.String(rs.Primary.Attributes["location"]), + Name: dcl.String(rs.Primary.Attributes["name"]), + Description: dcl.String(rs.Primary.Attributes["description"]), + Project: dcl.StringOrNil(rs.Primary.Attributes["project"]), + CreateTime: dcl.StringOrNil(rs.Primary.Attributes["create_time"]), + State: networkconnectivity.SpokeStateEnumRef(rs.Primary.Attributes["state"]), + UniqueId: dcl.StringOrNil(rs.Primary.Attributes["unique_id"]), + UpdateTime: dcl.StringOrNil(rs.Primary.Attributes["update_time"]), + } + + client := NewDCLNetworkConnectivityClient(config, config.userAgent, billingProject, 0) + _, err := client.GetSpoke(context.Background(), obj) + if err == nil { + return fmt.Errorf("google_network_connectivity_spoke still exists %v", obj) + } + } + return nil + } +} diff --git a/google-beta/resource_network_connectivity_spoke_sweeper_test.go b/google-beta/resource_network_connectivity_spoke_sweeper_test.go new file mode 100644 index 0000000000..e133ecb85a --- /dev/null +++ b/google-beta/resource_network_connectivity_spoke_sweeper_test.go @@ -0,0 +1,71 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: DCL *** +// +// ---------------------------------------------------------------------------- +// +// This file is managed by Magic Modules (https://github.com/GoogleCloudPlatform/magic-modules) +// and is based on the DCL (https://github.com/GoogleCloudPlatform/declarative-resource-client-library). +// Changes will need to be made to the DCL or Magic Modules instead of here. +// +// We are not currently able to accept contributions to this file. If changes +// are required, please file an issue at https://github.com/hashicorp/terraform-provider-google/issues/new/choose +// +// ---------------------------------------------------------------------------- + +package google + +import ( + "context" + "log" + "testing" + + networkconnectivity "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/networkconnectivity/beta" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func init() { + resource.AddTestSweepers("NetworkConnectivitySpoke", &resource.Sweeper{ + Name: "NetworkConnectivitySpoke", + F: testSweepNetworkConnectivitySpoke, + }) +} + +func testSweepNetworkConnectivitySpoke(region string) error { + log.Print("[INFO][SWEEPER_LOG] Starting sweeper for NetworkConnectivitySpoke") + + config, err := sharedConfigForRegion(region) + if err != nil { + log.Printf("[INFO][SWEEPER_LOG] error getting shared config for region: %s", err) + return err + } + + err = config.LoadAndValidate(context.Background()) + if err != nil { + log.Printf("[INFO][SWEEPER_LOG] error loading: %s", err) + return err + } + + t := &testing.T{} + billingId := getTestBillingAccountFromEnv(t) + + // Setup variables to be used for Delete arguments. + d := map[string]string{ + "project": config.Project, + "region": region, + "location": region, + "zone": "-", + "billing_account": billingId, + } + + client := NewDCLNetworkConnectivityClient(config, config.userAgent, "", 0) + err = client.DeleteAllSpoke(context.Background(), d["project"], d["location"], isDeletableNetworkConnectivitySpoke) + if err != nil { + return err + } + return nil +} + +func isDeletableNetworkConnectivitySpoke(r *networkconnectivity.Spoke) bool { + return isSweepableTestResource(*r.Name) +} diff --git a/google-beta/resource_os_config_os_policy_assignment.go b/google-beta/resource_os_config_os_policy_assignment.go index be92a1f7fe..137d3b54d0 100644 --- a/google-beta/resource_os_config_os_policy_assignment.go +++ b/google-beta/resource_os_config_os_policy_assignment.go @@ -335,447 +335,465 @@ func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecSchema() *sc Required: true, Description: "Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates \"in desired state\", and exit code of 101 indicates \"not in desired state\". Any other exit code indicates a failure running validate.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPolicyAssignmentExecSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateSchema(), }, "enforce": { Type: schema.TypeList, Optional: true, - Description: "Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates \"in desired state\", and exit code of 101 indicates \"not in desired state\". Any other exit code indicates a failure running validate.", + Description: "What to run to bring this resource into the desired state. An exit code of 100 indicates \"success\", any other exit code indicates a failure running enforce.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPolicyAssignmentExecSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceSchema(), }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "path": { - Type: schema.TypeString, - Required: true, - Description: "Required. The absolute path of the file within the VM.", - }, - - "state": { + "interpreter": { Type: schema.TypeString, Required: true, - Description: "Required. Desired state of the file. Possible values: OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED, COMPLIANT, NON_COMPLIANT, UNKNOWN, NO_OS_POLICIES_APPLICABLE", + Description: "Required. The script interpreter to use. Possible values: INTERPRETER_UNSPECIFIED, NONE, SHELL, POWERSHELL", }, - "content": { - Type: schema.TypeString, + "args": { + Type: schema.TypeList, Optional: true, - Description: "A a file with this content. The size of the content is limited to 1024 characters.", + Description: "Optional arguments to pass to the source during execution.", + Elem: &schema.Schema{Type: schema.TypeString}, }, "file": { Type: schema.TypeList, Optional: true, - Description: "Required. A deb package.", + Description: "A remote or local file.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPolicyAssignmentFileSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileSchema(), }, - "permissions": { + "output_file_path": { Type: schema.TypeString, - Computed: true, - Description: "Consists of three octal digits which represent, in order, the permissions of the owner, group, and other users for the file (similarly to the numeric mode used in the linux chmod utility). Each digit represents a three bit number with the 4 bit corresponding to the read permissions, the 2 bit corresponds to the write bit, and the one bit corresponds to the execute permission. Default behavior is 755. Below are some examples of permissions and their associated values: read, write, and execute: 7 read and execute: 5 read and write: 6 read only: 4", + Optional: true, + Description: "Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes.", + }, + + "script": { + Type: schema.TypeString, + Optional: true, + Description: "An inline script. The size of the script is limited to 1024 characters.", }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "desired_state": { - Type: schema.TypeString, - Required: true, - Description: "Required. The desired state the agent should maintain for this package. Possible values: DESIRED_STATE_UNSPECIFIED, INSTALLED, REMOVED", - }, - - "apt": { - Type: schema.TypeList, - Optional: true, - Description: "A package managed by Apt.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgAptSchema(), - }, - - "deb": { - Type: schema.TypeList, - Optional: true, - Description: "A deb package file.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSchema(), - }, - - "googet": { - Type: schema.TypeList, - Optional: true, - Description: "A package managed by GooGet.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGoogetSchema(), - }, - - "msi": { - Type: schema.TypeList, + "allow_insecure": { + Type: schema.TypeBool, Optional: true, - Description: "An MSI package.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSchema(), + Description: "Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified.", }, - "rpm": { + "gcs": { Type: schema.TypeList, Optional: true, - Description: "An rpm package file.", + Description: "A Cloud Storage object.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcsSchema(), }, - "yum": { - Type: schema.TypeList, + "local_path": { + Type: schema.TypeString, Optional: true, - Description: "A package managed by YUM.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYumSchema(), + Description: "A local path within the VM to use.", }, - "zypper": { + "remote": { Type: schema.TypeList, Optional: true, - Description: "A package managed by Zypper.", + Description: "A generic remote file.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypperSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemoteSchema(), }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgAptSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcsSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "name": { + "bucket": { Type: schema.TypeString, Required: true, - Description: "Required. Package name.", + Description: "Required. Bucket of the Cloud Storage object.", }, - }, - } -} -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSchema() *schema.Resource { - return &schema.Resource{ - Schema: map[string]*schema.Schema{ - "source": { - Type: schema.TypeList, + "object": { + Type: schema.TypeString, Required: true, - Description: "Required. A deb package.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPolicyAssignmentFileSchema(), + Description: "Required. Name of the Cloud Storage object.", }, - "pull_deps": { - Type: schema.TypeBool, + "generation": { + Type: schema.TypeInt, Optional: true, - Description: "Whether dependencies should also be installed. - install when false: `dpkg -i package` - install when true: `apt-get update && apt-get -y install package.deb`", + Description: "Generation number of the Cloud Storage object.", }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGoogetSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemoteSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "name": { + "uri": { Type: schema.TypeString, Required: true, - Description: "Required. Package name.", + Description: "Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`.", + }, + + "sha256_checksum": { + Type: schema.TypeString, + Optional: true, + Description: "SHA256 checksum of the remote file.", }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "source": { - Type: schema.TypeList, + "interpreter": { + Type: schema.TypeString, Required: true, - Description: "Required. A deb package.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPolicyAssignmentFileSchema(), + Description: "Required. The script interpreter to use. Possible values: INTERPRETER_UNSPECIFIED, NONE, SHELL, POWERSHELL", }, - "properties": { + "args": { Type: schema.TypeList, Optional: true, - Description: "Additional properties to use during installation. This should be in the format of Property=Setting. Appended to the defaults of `ACTION=INSTALL REBOOT=ReallySuppress`.", + Description: "Optional arguments to pass to the source during execution.", Elem: &schema.Schema{Type: schema.TypeString}, }, - }, - } -} -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSchema() *schema.Resource { - return &schema.Resource{ - Schema: map[string]*schema.Schema{ - "source": { + "file": { Type: schema.TypeList, - Required: true, - Description: "Required. A deb package.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPolicyAssignmentFileSchema(), - }, - - "pull_deps": { - Type: schema.TypeBool, Optional: true, - Description: "Whether dependencies should also be installed. - install when false: `rpm --upgrade --replacepkgs package.rpm` - install when true: `yum -y install package.rpm` or `zypper -y install package.rpm`", + Description: "A remote or local file.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileSchema(), }, - }, - } -} -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYumSchema() *schema.Resource { - return &schema.Resource{ - Schema: map[string]*schema.Schema{ - "name": { + "output_file_path": { Type: schema.TypeString, - Required: true, - Description: "Required. Package name.", + Optional: true, + Description: "Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes.", }, - }, - } -} -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypperSchema() *schema.Resource { - return &schema.Resource{ - Schema: map[string]*schema.Schema{ - "name": { + "script": { Type: schema.TypeString, - Required: true, - Description: "Required. Package name.", + Optional: true, + Description: "An inline script. The size of the script is limited to 1024 characters.", }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositorySchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "apt": { - Type: schema.TypeList, + "allow_insecure": { + Type: schema.TypeBool, Optional: true, - Description: "An Apt Repository.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptSchema(), + Description: "Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified.", }, - "goo": { + "gcs": { Type: schema.TypeList, Optional: true, - Description: "A Goo Repository.", + Description: "A Cloud Storage object.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGooSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcsSchema(), }, - "yum": { - Type: schema.TypeList, + "local_path": { + Type: schema.TypeString, Optional: true, - Description: "A Yum Repository.", - MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYumSchema(), + Description: "A local path within the VM to use.", }, - "zypper": { + "remote": { Type: schema.TypeList, Optional: true, - Description: "A Zypper Repository.", + Description: "A generic remote file.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypperSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemoteSchema(), }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcsSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "archive_type": { - Type: schema.TypeString, - Required: true, - Description: "Required. Type of archive files in this repository. Possible values: ARCHIVE_TYPE_UNSPECIFIED, DEB, DEB_SRC", - }, - - "components": { - Type: schema.TypeList, - Required: true, - Description: "Required. List of components for this repository. Must contain at least one item.", - Elem: &schema.Schema{Type: schema.TypeString}, - }, - - "distribution": { + "bucket": { Type: schema.TypeString, Required: true, - Description: "Required. Distribution of this repository.", + Description: "Required. Bucket of the Cloud Storage object.", }, - "uri": { + "object": { Type: schema.TypeString, Required: true, - Description: "Required. URI for this repository.", + Description: "Required. Name of the Cloud Storage object.", }, - "gpg_key": { - Type: schema.TypeString, + "generation": { + Type: schema.TypeInt, Optional: true, - Description: "URI of the key file for this repository. The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`.", + Description: "Generation number of the Cloud Storage object.", }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGooSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemoteSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "name": { + "uri": { Type: schema.TypeString, Required: true, - Description: "Required. The name of the repository.", + Description: "Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`.", }, - "url": { + "sha256_checksum": { Type: schema.TypeString, - Required: true, - Description: "Required. The url of the repository.", + Optional: true, + Description: "SHA256 checksum of the remote file.", }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYumSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "base_url": { + "path": { Type: schema.TypeString, Required: true, - Description: "Required. The location of the repository directory.", + Description: "Required. The absolute path of the file within the VM.", }, - "id": { + "state": { Type: schema.TypeString, Required: true, - Description: "Required. A one word, unique name for this repository. This is the `repo id` in the yum config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for resource conflicts.", + Description: "Required. Desired state of the file. Possible values: OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED, COMPLIANT, NON_COMPLIANT, UNKNOWN, NO_OS_POLICIES_APPLICABLE", }, - "display_name": { + "content": { Type: schema.TypeString, Optional: true, - Description: "The display name of the repository.", + Description: "A a file with this content. The size of the content is limited to 1024 characters.", }, - "gpg_keys": { + "file": { Type: schema.TypeList, Optional: true, - Description: "URIs of GPG keys.", - Elem: &schema.Schema{Type: schema.TypeString}, + Description: "A remote or local source.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileSchema(), + }, + + "permissions": { + Type: schema.TypeString, + Computed: true, + Description: "Consists of three octal digits which represent, in order, the permissions of the owner, group, and other users for the file (similarly to the numeric mode used in the linux chmod utility). Each digit represents a three bit number with the 4 bit corresponding to the read permissions, the 2 bit corresponds to the write bit, and the one bit corresponds to the execute permission. Default behavior is 755. Below are some examples of permissions and their associated values: read, write, and execute: 7 read and execute: 5 read and write: 6 read only: 4", }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypperSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "base_url": { + "allow_insecure": { + Type: schema.TypeBool, + Optional: true, + Description: "Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified.", + }, + + "gcs": { + Type: schema.TypeList, + Optional: true, + Description: "A Cloud Storage object.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcsSchema(), + }, + + "local_path": { Type: schema.TypeString, - Required: true, - Description: "Required. The location of the repository directory.", + Optional: true, + Description: "A local path within the VM to use.", }, - "id": { + "remote": { + Type: schema.TypeList, + Optional: true, + Description: "A generic remote file.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemoteSchema(), + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "bucket": { Type: schema.TypeString, Required: true, - Description: "Required. A one word, unique name for this repository. This is the `repo id` in the zypper config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for GuestPolicy conflicts.", + Description: "Required. Bucket of the Cloud Storage object.", }, - "display_name": { + "object": { Type: schema.TypeString, - Optional: true, - Description: "The display name of the repository.", + Required: true, + Description: "Required. Name of the Cloud Storage object.", }, - "gpg_keys": { - Type: schema.TypeList, + "generation": { + Type: schema.TypeInt, Optional: true, - Description: "URIs of GPG keys.", - Elem: &schema.Schema{Type: schema.TypeString}, + Description: "Generation number of the Cloud Storage object.", }, }, } } -func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsInventoryFiltersSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemoteSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "os_short_name": { + "uri": { Type: schema.TypeString, Required: true, - Description: "Required. The OS short name", + Description: "Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`.", }, - "os_version": { + "sha256_checksum": { Type: schema.TypeString, Optional: true, - Description: "The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions.", + Description: "SHA256 checksum of the remote file.", }, }, } } -func OsConfigOsPolicyAssignmentRolloutSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "disruption_budget": { - Type: schema.TypeList, + "desired_state": { + Type: schema.TypeString, Required: true, - Description: "Required. The maximum number (or percentage) of VMs per zone to disrupt at any given moment.", + Description: "Required. The desired state the agent should maintain for this package. Possible values: DESIRED_STATE_UNSPECIFIED, INSTALLED, REMOVED", + }, + + "apt": { + Type: schema.TypeList, + Optional: true, + Description: "A package managed by Apt.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentRolloutDisruptionBudgetSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgAptSchema(), }, - "min_wait_duration": { + "deb": { + Type: schema.TypeList, + Optional: true, + Description: "A deb package file.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSchema(), + }, + + "googet": { + Type: schema.TypeList, + Optional: true, + Description: "A package managed by GooGet.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGoogetSchema(), + }, + + "msi": { + Type: schema.TypeList, + Optional: true, + Description: "An MSI package.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSchema(), + }, + + "rpm": { + Type: schema.TypeList, + Optional: true, + Description: "An rpm package file.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSchema(), + }, + + "yum": { + Type: schema.TypeList, + Optional: true, + Description: "A package managed by YUM.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYumSchema(), + }, + + "zypper": { + Type: schema.TypeList, + Optional: true, + Description: "A package managed by Zypper.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypperSchema(), + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgAptSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "name": { Type: schema.TypeString, Required: true, - Description: "Required. This determines the minimum duration of time to wait after the configuration changes are applied through the current rollout. A VM continues to count towards the `disruption_budget` at least until this duration of time has passed after configuration changes are applied.", + Description: "Required. Package name.", }, }, } } -func OsConfigOsPolicyAssignmentRolloutDisruptionBudgetSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "fixed": { - Type: schema.TypeInt, - Optional: true, - Description: "Specifies a fixed value.", + "source": { + Type: schema.TypeList, + Required: true, + Description: "Required. A deb package.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceSchema(), }, - "percent": { - Type: schema.TypeInt, + "pull_deps": { + Type: schema.TypeBool, Optional: true, - Description: "Specifies the relative value defined as a percentage, which will be multiplied by a reference value.", + Description: "Whether dependencies should also be installed. - install when false: `dpkg -i package` - install when true: `apt-get update && apt-get -y install package.deb`", }, }, } } -func OsConfigOsPolicyAssignmentOSPolicyAssignmentFileSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ "allow_insecure": { @@ -789,7 +807,7 @@ func OsConfigOsPolicyAssignmentOSPolicyAssignmentFileSchema() *schema.Resource { Optional: true, Description: "A Cloud Storage object.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPolicyAssignmentFileGcsSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcsSchema(), }, "local_path": { @@ -803,13 +821,13 @@ func OsConfigOsPolicyAssignmentOSPolicyAssignmentFileSchema() *schema.Resource { Optional: true, Description: "A generic remote file.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPolicyAssignmentFileRemoteSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemoteSchema(), }, }, } } -func OsConfigOsPolicyAssignmentOSPolicyAssignmentFileGcsSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcsSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ "bucket": { @@ -833,7 +851,7 @@ func OsConfigOsPolicyAssignmentOSPolicyAssignmentFileGcsSchema() *schema.Resourc } } -func OsConfigOsPolicyAssignmentOSPolicyAssignmentFileRemoteSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemoteSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ "uri": { @@ -851,78 +869,667 @@ func OsConfigOsPolicyAssignmentOSPolicyAssignmentFileRemoteSchema() *schema.Reso } } -func OsConfigOsPolicyAssignmentOSPolicyAssignmentExecSchema() *schema.Resource { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGoogetSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ - "interpreter": { + "name": { Type: schema.TypeString, Required: true, - Description: "Required. The script interpreter to use. Possible values: INTERPRETER_UNSPECIFIED, NONE, SHELL, POWERSHELL", + Description: "Required. Package name.", }, + }, + } +} - "args": { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "source": { + Type: schema.TypeList, + Required: true, + Description: "Required. The MSI package.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceSchema(), + }, + + "properties": { Type: schema.TypeList, Optional: true, - Description: "Optional arguments to pass to the source during execution.", + Description: "Additional properties to use during installation. This should be in the format of Property=Setting. Appended to the defaults of `ACTION=INSTALL REBOOT=ReallySuppress`.", Elem: &schema.Schema{Type: schema.TypeString}, }, + }, + } +} - "file": { +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "allow_insecure": { + Type: schema.TypeBool, + Optional: true, + Description: "Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified.", + }, + + "gcs": { Type: schema.TypeList, Optional: true, - Description: "Required. A deb package.", + Description: "A Cloud Storage object.", MaxItems: 1, - Elem: OsConfigOsPolicyAssignmentOSPolicyAssignmentFileSchema(), + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcsSchema(), }, - "output_file_path": { + "local_path": { Type: schema.TypeString, Optional: true, - Description: "Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes.", + Description: "A local path within the VM to use.", }, - "script": { - Type: schema.TypeString, + "remote": { + Type: schema.TypeList, Optional: true, - Description: "An inline script. The size of the script is limited to 1024 characters.", + Description: "A generic remote file.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemoteSchema(), }, }, } } -func resourceOsConfigOsPolicyAssignmentCreate(d *schema.ResourceData, meta interface{}) error { - config := meta.(*Config) - project, err := getProject(d, config) - if err != nil { - return err - } +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "bucket": { + Type: schema.TypeString, + Required: true, + Description: "Required. Bucket of the Cloud Storage object.", + }, - obj := &osconfig.OSPolicyAssignment{ - InstanceFilter: expandOsConfigOsPolicyAssignmentInstanceFilter(d.Get("instance_filter")), - Location: dcl.String(d.Get("location").(string)), - Name: dcl.String(d.Get("name").(string)), - OSPolicies: expandOsConfigOsPolicyAssignmentOSPoliciesArray(d.Get("os_policies")), - Rollout: expandOsConfigOsPolicyAssignmentRollout(d.Get("rollout")), - Description: dcl.String(d.Get("description").(string)), - Project: dcl.String(project), - } + "object": { + Type: schema.TypeString, + Required: true, + Description: "Required. Name of the Cloud Storage object.", + }, - id, err := replaceVarsForId(d, config, "projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}") - if err != nil { - return fmt.Errorf("error constructing id: %s", err) - } - d.SetId(id) - createDirective := CreateDirective - userAgent, err := generateUserAgentString(d, config.userAgent) - if err != nil { - return err - } - billingProject := project - // err == nil indicates that the billing_project value was found - if bp, err := getBillingProject(d, config); err == nil { - billingProject = bp + "generation": { + Type: schema.TypeInt, + Optional: true, + Description: "Generation number of the Cloud Storage object.", + }, + }, } - client := NewDCLOsConfigClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutCreate)) +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemoteSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "uri": { + Type: schema.TypeString, + Required: true, + Description: "Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`.", + }, + + "sha256_checksum": { + Type: schema.TypeString, + Optional: true, + Description: "SHA256 checksum of the remote file.", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "source": { + Type: schema.TypeList, + Required: true, + Description: "Required. An rpm package.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceSchema(), + }, + + "pull_deps": { + Type: schema.TypeBool, + Optional: true, + Description: "Whether dependencies should also be installed. - install when false: `rpm --upgrade --replacepkgs package.rpm` - install when true: `yum -y install package.rpm` or `zypper -y install package.rpm`", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "allow_insecure": { + Type: schema.TypeBool, + Optional: true, + Description: "Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified.", + }, + + "gcs": { + Type: schema.TypeList, + Optional: true, + Description: "A Cloud Storage object.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcsSchema(), + }, + + "local_path": { + Type: schema.TypeString, + Optional: true, + Description: "A local path within the VM to use.", + }, + + "remote": { + Type: schema.TypeList, + Optional: true, + Description: "A generic remote file.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemoteSchema(), + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcsSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "bucket": { + Type: schema.TypeString, + Required: true, + Description: "Required. Bucket of the Cloud Storage object.", + }, + + "object": { + Type: schema.TypeString, + Required: true, + Description: "Required. Name of the Cloud Storage object.", + }, + + "generation": { + Type: schema.TypeInt, + Optional: true, + Description: "Generation number of the Cloud Storage object.", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemoteSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "uri": { + Type: schema.TypeString, + Required: true, + Description: "Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`.", + }, + + "sha256_checksum": { + Type: schema.TypeString, + Optional: true, + Description: "SHA256 checksum of the remote file.", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYumSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + Description: "Required. Package name.", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypperSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + Description: "Required. Package name.", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositorySchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "apt": { + Type: schema.TypeList, + Optional: true, + Description: "An Apt Repository.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptSchema(), + }, + + "goo": { + Type: schema.TypeList, + Optional: true, + Description: "A Goo Repository.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGooSchema(), + }, + + "yum": { + Type: schema.TypeList, + Optional: true, + Description: "A Yum Repository.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYumSchema(), + }, + + "zypper": { + Type: schema.TypeList, + Optional: true, + Description: "A Zypper Repository.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypperSchema(), + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "archive_type": { + Type: schema.TypeString, + Required: true, + Description: "Required. Type of archive files in this repository. Possible values: ARCHIVE_TYPE_UNSPECIFIED, DEB, DEB_SRC", + }, + + "components": { + Type: schema.TypeList, + Required: true, + Description: "Required. List of components for this repository. Must contain at least one item.", + Elem: &schema.Schema{Type: schema.TypeString}, + }, + + "distribution": { + Type: schema.TypeString, + Required: true, + Description: "Required. Distribution of this repository.", + }, + + "uri": { + Type: schema.TypeString, + Required: true, + Description: "Required. URI for this repository.", + }, + + "gpg_key": { + Type: schema.TypeString, + Optional: true, + Description: "URI of the key file for this repository. The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`.", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGooSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + Description: "Required. The name of the repository.", + }, + + "url": { + Type: schema.TypeString, + Required: true, + Description: "Required. The url of the repository.", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYumSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "base_url": { + Type: schema.TypeString, + Required: true, + Description: "Required. The location of the repository directory.", + }, + + "id": { + Type: schema.TypeString, + Required: true, + Description: "Required. A one word, unique name for this repository. This is the `repo id` in the yum config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for resource conflicts.", + }, + + "display_name": { + Type: schema.TypeString, + Optional: true, + Description: "The display name of the repository.", + }, + + "gpg_keys": { + Type: schema.TypeList, + Optional: true, + Description: "URIs of GPG keys.", + Elem: &schema.Schema{Type: schema.TypeString}, + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypperSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "base_url": { + Type: schema.TypeString, + Required: true, + Description: "Required. The location of the repository directory.", + }, + + "id": { + Type: schema.TypeString, + Required: true, + Description: "Required. A one word, unique name for this repository. This is the `repo id` in the zypper config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for GuestPolicy conflicts.", + }, + + "display_name": { + Type: schema.TypeString, + Optional: true, + Description: "The display name of the repository.", + }, + + "gpg_keys": { + Type: schema.TypeList, + Optional: true, + Description: "URIs of GPG keys.", + Elem: &schema.Schema{Type: schema.TypeString}, + }, + }, + } +} + +func OsConfigOsPolicyAssignmentOSPoliciesResourceGroupsInventoryFiltersSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "os_short_name": { + Type: schema.TypeString, + Required: true, + Description: "Required. The OS short name", + }, + + "os_version": { + Type: schema.TypeString, + Optional: true, + Description: "The OS version Prefix matches are supported if asterisk(*) is provided as the last character. For example, to match all versions with a major version of `7`, specify the following value for this field `7.*` An empty string matches all OS versions.", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentRolloutSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "disruption_budget": { + Type: schema.TypeList, + Required: true, + Description: "Required. The maximum number (or percentage) of VMs per zone to disrupt at any given moment.", + MaxItems: 1, + Elem: OsConfigOsPolicyAssignmentRolloutDisruptionBudgetSchema(), + }, + + "min_wait_duration": { + Type: schema.TypeString, + Required: true, + Description: "Required. This determines the minimum duration of time to wait after the configuration changes are applied through the current rollout. A VM continues to count towards the `disruption_budget` at least until this duration of time has passed after configuration changes are applied.", + }, + }, + } +} + +func OsConfigOsPolicyAssignmentRolloutDisruptionBudgetSchema() *schema.Resource { + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "fixed": { + Type: schema.TypeInt, + Optional: true, + Description: "Specifies a fixed value.", + }, + + "percent": { + Type: schema.TypeInt, + Optional: true, + Description: "Specifies the relative value defined as a percentage, which will be multiplied by a reference value.", + }, + }, + } +} + +func resourceOsConfigOsPolicyAssignmentCreate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*Config) + project, err := getProject(d, config) + if err != nil { + return err + } + + obj := &osconfig.OSPolicyAssignment{ + InstanceFilter: expandOsConfigOsPolicyAssignmentInstanceFilter(d.Get("instance_filter")), + Location: dcl.String(d.Get("location").(string)), + Name: dcl.String(d.Get("name").(string)), + OSPolicies: expandOsConfigOsPolicyAssignmentOSPoliciesArray(d.Get("os_policies")), + Rollout: expandOsConfigOsPolicyAssignmentRollout(d.Get("rollout")), + Description: dcl.String(d.Get("description").(string)), + Project: dcl.String(project), + } + + id, err := replaceVarsForId(d, config, "projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}") + if err != nil { + return fmt.Errorf("error constructing id: %s", err) + } + d.SetId(id) + createDirective := CreateDirective + userAgent, err := generateUserAgentString(d, config.userAgent) + if err != nil { + return err + } + billingProject := project + // err == nil indicates that the billing_project value was found + if bp, err := getBillingProject(d, config); err == nil { + billingProject = bp + } + client := NewDCLOsConfigClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutCreate)) + client.Config.BasePath = strings.ReplaceAll(client.Config.BasePath, "v1beta", "v1") + if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { + d.SetId("") + return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) + } else { + client.Config.BasePath = bp + } + res, err := client.ApplyOSPolicyAssignment(context.Background(), obj, createDirective...) + + if _, ok := err.(dcl.DiffAfterApplyError); ok { + log.Printf("[DEBUG] Diff after apply returned from the DCL: %s", err) + } else if err != nil { + // The resource didn't actually create + d.SetId("") + return fmt.Errorf("Error creating OSPolicyAssignment: %s", err) + } + + log.Printf("[DEBUG] Finished creating OSPolicyAssignment %q: %#v", d.Id(), res) + + return resourceOsConfigOsPolicyAssignmentRead(d, meta) +} + +func resourceOsConfigOsPolicyAssignmentRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*Config) + project, err := getProject(d, config) + if err != nil { + return err + } + + obj := &osconfig.OSPolicyAssignment{ + InstanceFilter: expandOsConfigOsPolicyAssignmentInstanceFilter(d.Get("instance_filter")), + Location: dcl.String(d.Get("location").(string)), + Name: dcl.String(d.Get("name").(string)), + OSPolicies: expandOsConfigOsPolicyAssignmentOSPoliciesArray(d.Get("os_policies")), + Rollout: expandOsConfigOsPolicyAssignmentRollout(d.Get("rollout")), + Description: dcl.String(d.Get("description").(string)), + Project: dcl.String(project), + } + + userAgent, err := generateUserAgentString(d, config.userAgent) + if err != nil { + return err + } + billingProject := project + // err == nil indicates that the billing_project value was found + if bp, err := getBillingProject(d, config); err == nil { + billingProject = bp + } + client := NewDCLOsConfigClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutRead)) + client.Config.BasePath = strings.ReplaceAll(client.Config.BasePath, "v1beta", "v1") + if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { + d.SetId("") + return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) + } else { + client.Config.BasePath = bp + } + res, err := client.GetOSPolicyAssignment(context.Background(), obj) + if err != nil { + resourceName := fmt.Sprintf("OsConfigOsPolicyAssignment %q", d.Id()) + return handleNotFoundDCLError(err, d, resourceName) + } + + if err = d.Set("instance_filter", flattenOsConfigOsPolicyAssignmentInstanceFilter(res.InstanceFilter)); err != nil { + return fmt.Errorf("error setting instance_filter in state: %s", err) + } + if err = d.Set("location", res.Location); err != nil { + return fmt.Errorf("error setting location in state: %s", err) + } + if err = d.Set("name", res.Name); err != nil { + return fmt.Errorf("error setting name in state: %s", err) + } + if err = d.Set("os_policies", flattenOsConfigOsPolicyAssignmentOSPoliciesArray(res.OSPolicies)); err != nil { + return fmt.Errorf("error setting os_policies in state: %s", err) + } + if err = d.Set("rollout", flattenOsConfigOsPolicyAssignmentRollout(res.Rollout)); err != nil { + return fmt.Errorf("error setting rollout in state: %s", err) + } + if err = d.Set("description", res.Description); err != nil { + return fmt.Errorf("error setting description in state: %s", err) + } + if err = d.Set("project", res.Project); err != nil { + return fmt.Errorf("error setting project in state: %s", err) + } + if err = d.Set("baseline", res.Baseline); err != nil { + return fmt.Errorf("error setting baseline in state: %s", err) + } + if err = d.Set("deleted", res.Deleted); err != nil { + return fmt.Errorf("error setting deleted in state: %s", err) + } + if err = d.Set("etag", res.Etag); err != nil { + return fmt.Errorf("error setting etag in state: %s", err) + } + if err = d.Set("reconciling", res.Reconciling); err != nil { + return fmt.Errorf("error setting reconciling in state: %s", err) + } + if err = d.Set("revision_create_time", res.RevisionCreateTime); err != nil { + return fmt.Errorf("error setting revision_create_time in state: %s", err) + } + if err = d.Set("revision_id", res.RevisionId); err != nil { + return fmt.Errorf("error setting revision_id in state: %s", err) + } + if err = d.Set("rollout_state", res.RolloutState); err != nil { + return fmt.Errorf("error setting rollout_state in state: %s", err) + } + if err = d.Set("uid", res.Uid); err != nil { + return fmt.Errorf("error setting uid in state: %s", err) + } + + return nil +} +func resourceOsConfigOsPolicyAssignmentUpdate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*Config) + project, err := getProject(d, config) + if err != nil { + return err + } + + obj := &osconfig.OSPolicyAssignment{ + InstanceFilter: expandOsConfigOsPolicyAssignmentInstanceFilter(d.Get("instance_filter")), + Location: dcl.String(d.Get("location").(string)), + Name: dcl.String(d.Get("name").(string)), + OSPolicies: expandOsConfigOsPolicyAssignmentOSPoliciesArray(d.Get("os_policies")), + Rollout: expandOsConfigOsPolicyAssignmentRollout(d.Get("rollout")), + Description: dcl.String(d.Get("description").(string)), + Project: dcl.String(project), + } + directive := UpdateDirective + userAgent, err := generateUserAgentString(d, config.userAgent) + if err != nil { + return err + } + + billingProject := "" + // err == nil indicates that the billing_project value was found + if bp, err := getBillingProject(d, config); err == nil { + billingProject = bp + } + client := NewDCLOsConfigClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutUpdate)) + client.Config.BasePath = strings.ReplaceAll(client.Config.BasePath, "v1beta", "v1") + if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { + d.SetId("") + return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) + } else { + client.Config.BasePath = bp + } + res, err := client.ApplyOSPolicyAssignment(context.Background(), obj, directive...) + + if _, ok := err.(dcl.DiffAfterApplyError); ok { + log.Printf("[DEBUG] Diff after apply returned from the DCL: %s", err) + } else if err != nil { + // The resource didn't actually create + d.SetId("") + return fmt.Errorf("Error updating OSPolicyAssignment: %s", err) + } + + log.Printf("[DEBUG] Finished creating OSPolicyAssignment %q: %#v", d.Id(), res) + + return resourceOsConfigOsPolicyAssignmentRead(d, meta) +} + +func resourceOsConfigOsPolicyAssignmentDelete(d *schema.ResourceData, meta interface{}) error { + config := meta.(*Config) + project, err := getProject(d, config) + if err != nil { + return err + } + + obj := &osconfig.OSPolicyAssignment{ + InstanceFilter: expandOsConfigOsPolicyAssignmentInstanceFilter(d.Get("instance_filter")), + Location: dcl.String(d.Get("location").(string)), + Name: dcl.String(d.Get("name").(string)), + OSPolicies: expandOsConfigOsPolicyAssignmentOSPoliciesArray(d.Get("os_policies")), + Rollout: expandOsConfigOsPolicyAssignmentRollout(d.Get("rollout")), + Description: dcl.String(d.Get("description").(string)), + Project: dcl.String(project), + } + + log.Printf("[DEBUG] Deleting OSPolicyAssignment %q", d.Id()) + userAgent, err := generateUserAgentString(d, config.userAgent) + if err != nil { + return err + } + billingProject := project + // err == nil indicates that the billing_project value was found + if bp, err := getBillingProject(d, config); err == nil { + billingProject = bp + } + client := NewDCLOsConfigClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutDelete)) client.Config.BasePath = strings.ReplaceAll(client.Config.BasePath, "v1beta", "v1") if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { d.SetId("") @@ -930,752 +1537,1164 @@ func resourceOsConfigOsPolicyAssignmentCreate(d *schema.ResourceData, meta inter } else { client.Config.BasePath = bp } - res, err := client.ApplyOSPolicyAssignment(context.Background(), obj, createDirective...) + if err := client.DeleteOSPolicyAssignment(context.Background(), obj); err != nil { + return fmt.Errorf("Error deleting OSPolicyAssignment: %s", err) + } + + log.Printf("[DEBUG] Finished deleting OSPolicyAssignment %q", d.Id()) + return nil +} + +func resourceOsConfigOsPolicyAssignmentImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + config := meta.(*Config) + if err := parseImportId([]string{ + "projects/(?P[^/]+)/locations/(?P[^/]+)/osPolicyAssignments/(?P[^/]+)", + "(?P[^/]+)/(?P[^/]+)/(?P[^/]+)", + "(?P[^/]+)/(?P[^/]+)", + }, d, config); err != nil { + return nil, err + } + + // Replace import id for the resource id + id, err := replaceVarsForId(d, config, "projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}") + if err != nil { + return nil, fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + return []*schema.ResourceData{d}, nil +} + +func expandOsConfigOsPolicyAssignmentInstanceFilter(o interface{}) *osconfig.OSPolicyAssignmentInstanceFilter { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentInstanceFilter + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentInstanceFilter + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentInstanceFilter{ + All: dcl.Bool(obj["all"].(bool)), + ExclusionLabels: expandOsConfigOsPolicyAssignmentInstanceFilterExclusionLabelsArray(obj["exclusion_labels"]), + InclusionLabels: expandOsConfigOsPolicyAssignmentInstanceFilterInclusionLabelsArray(obj["inclusion_labels"]), + Inventories: expandOsConfigOsPolicyAssignmentInstanceFilterInventoriesArray(obj["inventories"]), + } +} + +func flattenOsConfigOsPolicyAssignmentInstanceFilter(obj *osconfig.OSPolicyAssignmentInstanceFilter) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "all": obj.All, + "exclusion_labels": flattenOsConfigOsPolicyAssignmentInstanceFilterExclusionLabelsArray(obj.ExclusionLabels), + "inclusion_labels": flattenOsConfigOsPolicyAssignmentInstanceFilterInclusionLabelsArray(obj.InclusionLabels), + "inventories": flattenOsConfigOsPolicyAssignmentInstanceFilterInventoriesArray(obj.Inventories), + } + + return []interface{}{transformed} + +} +func expandOsConfigOsPolicyAssignmentInstanceFilterExclusionLabelsArray(o interface{}) []osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels { + if o == nil { + return make([]osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels, 0) + } + + objs := o.([]interface{}) + if len(objs) == 0 { + return make([]osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels, 0) + } + + items := make([]osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels, 0, len(objs)) + for _, item := range objs { + i := expandOsConfigOsPolicyAssignmentInstanceFilterExclusionLabels(item) + items = append(items, *i) + } + + return items +} + +func expandOsConfigOsPolicyAssignmentInstanceFilterExclusionLabels(o interface{}) *osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentInstanceFilterExclusionLabels + } + + obj := o.(map[string]interface{}) + return &osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels{ + Labels: checkStringMap(obj["labels"]), + } +} + +func flattenOsConfigOsPolicyAssignmentInstanceFilterExclusionLabelsArray(objs []osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels) []interface{} { + if objs == nil { + return nil + } + + items := []interface{}{} + for _, item := range objs { + i := flattenOsConfigOsPolicyAssignmentInstanceFilterExclusionLabels(&item) + items = append(items, i) + } + + return items +} + +func flattenOsConfigOsPolicyAssignmentInstanceFilterExclusionLabels(obj *osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "labels": obj.Labels, + } + + return transformed + +} +func expandOsConfigOsPolicyAssignmentInstanceFilterInclusionLabelsArray(o interface{}) []osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels { + if o == nil { + return make([]osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels, 0) + } + + objs := o.([]interface{}) + if len(objs) == 0 { + return make([]osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels, 0) + } + + items := make([]osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels, 0, len(objs)) + for _, item := range objs { + i := expandOsConfigOsPolicyAssignmentInstanceFilterInclusionLabels(item) + items = append(items, *i) + } + + return items +} + +func expandOsConfigOsPolicyAssignmentInstanceFilterInclusionLabels(o interface{}) *osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentInstanceFilterInclusionLabels + } + + obj := o.(map[string]interface{}) + return &osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels{ + Labels: checkStringMap(obj["labels"]), + } +} + +func flattenOsConfigOsPolicyAssignmentInstanceFilterInclusionLabelsArray(objs []osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels) []interface{} { + if objs == nil { + return nil + } + + items := []interface{}{} + for _, item := range objs { + i := flattenOsConfigOsPolicyAssignmentInstanceFilterInclusionLabels(&item) + items = append(items, i) + } + + return items +} + +func flattenOsConfigOsPolicyAssignmentInstanceFilterInclusionLabels(obj *osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "labels": obj.Labels, + } + + return transformed + +} +func expandOsConfigOsPolicyAssignmentInstanceFilterInventoriesArray(o interface{}) []osconfig.OSPolicyAssignmentInstanceFilterInventories { + if o == nil { + return make([]osconfig.OSPolicyAssignmentInstanceFilterInventories, 0) + } + + objs := o.([]interface{}) + if len(objs) == 0 { + return make([]osconfig.OSPolicyAssignmentInstanceFilterInventories, 0) + } + + items := make([]osconfig.OSPolicyAssignmentInstanceFilterInventories, 0, len(objs)) + for _, item := range objs { + i := expandOsConfigOsPolicyAssignmentInstanceFilterInventories(item) + items = append(items, *i) + } + + return items +} + +func expandOsConfigOsPolicyAssignmentInstanceFilterInventories(o interface{}) *osconfig.OSPolicyAssignmentInstanceFilterInventories { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentInstanceFilterInventories + } + + obj := o.(map[string]interface{}) + return &osconfig.OSPolicyAssignmentInstanceFilterInventories{ + OSShortName: dcl.String(obj["os_short_name"].(string)), + OSVersion: dcl.String(obj["os_version"].(string)), + } +} + +func flattenOsConfigOsPolicyAssignmentInstanceFilterInventoriesArray(objs []osconfig.OSPolicyAssignmentInstanceFilterInventories) []interface{} { + if objs == nil { + return nil + } + + items := []interface{}{} + for _, item := range objs { + i := flattenOsConfigOsPolicyAssignmentInstanceFilterInventories(&item) + items = append(items, i) + } + + return items +} + +func flattenOsConfigOsPolicyAssignmentInstanceFilterInventories(obj *osconfig.OSPolicyAssignmentInstanceFilterInventories) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "os_short_name": obj.OSShortName, + "os_version": obj.OSVersion, + } + + return transformed + +} +func expandOsConfigOsPolicyAssignmentOSPoliciesArray(o interface{}) []osconfig.OSPolicyAssignmentOSPolicies { + if o == nil { + return make([]osconfig.OSPolicyAssignmentOSPolicies, 0) + } + + objs := o.([]interface{}) + if len(objs) == 0 { + return make([]osconfig.OSPolicyAssignmentOSPolicies, 0) + } + + items := make([]osconfig.OSPolicyAssignmentOSPolicies, 0, len(objs)) + for _, item := range objs { + i := expandOsConfigOsPolicyAssignmentOSPolicies(item) + items = append(items, *i) + } + + return items +} + +func expandOsConfigOsPolicyAssignmentOSPolicies(o interface{}) *osconfig.OSPolicyAssignmentOSPolicies { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPolicies + } + + obj := o.(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPolicies{ + Id: dcl.String(obj["id"].(string)), + Mode: osconfig.OSPolicyAssignmentOSPoliciesModeEnumRef(obj["mode"].(string)), + ResourceGroups: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsArray(obj["resource_groups"]), + AllowNoResourceGroupMatch: dcl.Bool(obj["allow_no_resource_group_match"].(bool)), + Description: dcl.String(obj["description"].(string)), + } +} - if _, ok := err.(dcl.DiffAfterApplyError); ok { - log.Printf("[DEBUG] Diff after apply returned from the DCL: %s", err) - } else if err != nil { - // The resource didn't actually create - d.SetId("") - return fmt.Errorf("Error creating OSPolicyAssignment: %s", err) +func flattenOsConfigOsPolicyAssignmentOSPoliciesArray(objs []osconfig.OSPolicyAssignmentOSPolicies) []interface{} { + if objs == nil { + return nil } - log.Printf("[DEBUG] Finished creating OSPolicyAssignment %q: %#v", d.Id(), res) + items := []interface{}{} + for _, item := range objs { + i := flattenOsConfigOsPolicyAssignmentOSPolicies(&item) + items = append(items, i) + } - return resourceOsConfigOsPolicyAssignmentRead(d, meta) + return items } -func resourceOsConfigOsPolicyAssignmentRead(d *schema.ResourceData, meta interface{}) error { - config := meta.(*Config) - project, err := getProject(d, config) - if err != nil { - return err +func flattenOsConfigOsPolicyAssignmentOSPolicies(obj *osconfig.OSPolicyAssignmentOSPolicies) interface{} { + if obj == nil || obj.Empty() { + return nil } - - obj := &osconfig.OSPolicyAssignment{ - InstanceFilter: expandOsConfigOsPolicyAssignmentInstanceFilter(d.Get("instance_filter")), - Location: dcl.String(d.Get("location").(string)), - Name: dcl.String(d.Get("name").(string)), - OSPolicies: expandOsConfigOsPolicyAssignmentOSPoliciesArray(d.Get("os_policies")), - Rollout: expandOsConfigOsPolicyAssignmentRollout(d.Get("rollout")), - Description: dcl.String(d.Get("description").(string)), - Project: dcl.String(project), + transformed := map[string]interface{}{ + "id": obj.Id, + "mode": obj.Mode, + "resource_groups": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsArray(obj.ResourceGroups), + "allow_no_resource_group_match": obj.AllowNoResourceGroupMatch, + "description": obj.Description, } - userAgent, err := generateUserAgentString(d, config.userAgent) - if err != nil { - return err - } - billingProject := project - // err == nil indicates that the billing_project value was found - if bp, err := getBillingProject(d, config); err == nil { - billingProject = bp + return transformed + +} +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsArray(o interface{}) []osconfig.OSPolicyAssignmentOSPoliciesResourceGroups { + if o == nil { + return make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroups, 0) } - client := NewDCLOsConfigClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutRead)) - client.Config.BasePath = strings.ReplaceAll(client.Config.BasePath, "v1beta", "v1") - if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { - d.SetId("") - return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) - } else { - client.Config.BasePath = bp + + objs := o.([]interface{}) + if len(objs) == 0 { + return make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroups, 0) } - res, err := client.GetOSPolicyAssignment(context.Background(), obj) - if err != nil { - resourceName := fmt.Sprintf("OsConfigOsPolicyAssignment %q", d.Id()) - return handleNotFoundDCLError(err, d, resourceName) + + items := make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroups, 0, len(objs)) + for _, item := range objs { + i := expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroups(item) + items = append(items, *i) } - if err = d.Set("instance_filter", flattenOsConfigOsPolicyAssignmentInstanceFilter(res.InstanceFilter)); err != nil { - return fmt.Errorf("error setting instance_filter in state: %s", err) + return items +} + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroups(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroups { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroups } - if err = d.Set("location", res.Location); err != nil { - return fmt.Errorf("error setting location in state: %s", err) + + obj := o.(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroups{ + Resources: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesArray(obj["resources"]), + InventoryFilters: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsInventoryFiltersArray(obj["inventory_filters"]), } - if err = d.Set("name", res.Name); err != nil { - return fmt.Errorf("error setting name in state: %s", err) +} + +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsArray(objs []osconfig.OSPolicyAssignmentOSPoliciesResourceGroups) []interface{} { + if objs == nil { + return nil } - if err = d.Set("os_policies", flattenOsConfigOsPolicyAssignmentOSPoliciesArray(res.OSPolicies)); err != nil { - return fmt.Errorf("error setting os_policies in state: %s", err) + + items := []interface{}{} + for _, item := range objs { + i := flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroups(&item) + items = append(items, i) } - if err = d.Set("rollout", flattenOsConfigOsPolicyAssignmentRollout(res.Rollout)); err != nil { - return fmt.Errorf("error setting rollout in state: %s", err) + + return items +} + +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroups(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroups) interface{} { + if obj == nil || obj.Empty() { + return nil } - if err = d.Set("description", res.Description); err != nil { - return fmt.Errorf("error setting description in state: %s", err) + transformed := map[string]interface{}{ + "resources": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesArray(obj.Resources), + "inventory_filters": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsInventoryFiltersArray(obj.InventoryFilters), } - if err = d.Set("project", res.Project); err != nil { - return fmt.Errorf("error setting project in state: %s", err) + + return transformed + +} +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesArray(o interface{}) []osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources { + if o == nil { + return make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources, 0) } - if err = d.Set("baseline", res.Baseline); err != nil { - return fmt.Errorf("error setting baseline in state: %s", err) + + objs := o.([]interface{}) + if len(objs) == 0 { + return make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources, 0) } - if err = d.Set("deleted", res.Deleted); err != nil { - return fmt.Errorf("error setting deleted in state: %s", err) + + items := make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources, 0, len(objs)) + for _, item := range objs { + i := expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResources(item) + items = append(items, *i) } - if err = d.Set("etag", res.Etag); err != nil { - return fmt.Errorf("error setting etag in state: %s", err) + + return items +} + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResources(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResources } - if err = d.Set("reconciling", res.Reconciling); err != nil { - return fmt.Errorf("error setting reconciling in state: %s", err) + + obj := o.(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources{ + Id: dcl.String(obj["id"].(string)), + Exec: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExec(obj["exec"]), + File: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFile(obj["file"]), + Pkg: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg(obj["pkg"]), + Repository: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository(obj["repository"]), } - if err = d.Set("revision_create_time", res.RevisionCreateTime); err != nil { - return fmt.Errorf("error setting revision_create_time in state: %s", err) +} + +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesArray(objs []osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources) []interface{} { + if objs == nil { + return nil } - if err = d.Set("revision_id", res.RevisionId); err != nil { - return fmt.Errorf("error setting revision_id in state: %s", err) + + items := []interface{}{} + for _, item := range objs { + i := flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResources(&item) + items = append(items, i) } - if err = d.Set("rollout_state", res.RolloutState); err != nil { - return fmt.Errorf("error setting rollout_state in state: %s", err) + + return items +} + +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResources(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources) interface{} { + if obj == nil || obj.Empty() { + return nil } - if err = d.Set("uid", res.Uid); err != nil { - return fmt.Errorf("error setting uid in state: %s", err) + transformed := map[string]interface{}{ + "id": obj.Id, + "exec": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExec(obj.Exec), + "file": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFile(obj.File), + "pkg": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg(obj.Pkg), + "repository": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository(obj.Repository), } - return nil + return transformed + } -func resourceOsConfigOsPolicyAssignmentUpdate(d *schema.ResourceData, meta interface{}) error { - config := meta.(*Config) - project, err := getProject(d, config) - if err != nil { - return err + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExec(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec{ + Validate: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate(obj["validate"]), + Enforce: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce(obj["enforce"]), + } +} - obj := &osconfig.OSPolicyAssignment{ - InstanceFilter: expandOsConfigOsPolicyAssignmentInstanceFilter(d.Get("instance_filter")), - Location: dcl.String(d.Get("location").(string)), - Name: dcl.String(d.Get("name").(string)), - OSPolicies: expandOsConfigOsPolicyAssignmentOSPoliciesArray(d.Get("os_policies")), - Rollout: expandOsConfigOsPolicyAssignmentRollout(d.Get("rollout")), - Description: dcl.String(d.Get("description").(string)), - Project: dcl.String(project), +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExec(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec) interface{} { + if obj == nil || obj.Empty() { + return nil } - directive := UpdateDirective - userAgent, err := generateUserAgentString(d, config.userAgent) - if err != nil { - return err + transformed := map[string]interface{}{ + "validate": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate(obj.Validate), + "enforce": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce(obj.Enforce), } - billingProject := "" - // err == nil indicates that the billing_project value was found - if bp, err := getBillingProject(d, config); err == nil { - billingProject = bp + return []interface{}{transformed} + +} + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate } - client := NewDCLOsConfigClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutUpdate)) - client.Config.BasePath = strings.ReplaceAll(client.Config.BasePath, "v1beta", "v1") - if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { - d.SetId("") - return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) - } else { - client.Config.BasePath = bp + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate{ + Interpreter: osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateInterpreterEnumRef(obj["interpreter"].(string)), + Args: expandStringArray(obj["args"]), + File: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile(obj["file"]), + OutputFilePath: dcl.String(obj["output_file_path"].(string)), + Script: dcl.String(obj["script"].(string)), + } +} + +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate) interface{} { + if obj == nil || obj.Empty() { + return nil } - res, err := client.ApplyOSPolicyAssignment(context.Background(), obj, directive...) - - if _, ok := err.(dcl.DiffAfterApplyError); ok { - log.Printf("[DEBUG] Diff after apply returned from the DCL: %s", err) - } else if err != nil { - // The resource didn't actually create - d.SetId("") - return fmt.Errorf("Error updating OSPolicyAssignment: %s", err) + transformed := map[string]interface{}{ + "interpreter": obj.Interpreter, + "args": obj.Args, + "file": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile(obj.File), + "output_file_path": obj.OutputFilePath, + "script": obj.Script, } - log.Printf("[DEBUG] Finished creating OSPolicyAssignment %q: %#v", d.Id(), res) + return []interface{}{transformed} - return resourceOsConfigOsPolicyAssignmentRead(d, meta) } -func resourceOsConfigOsPolicyAssignmentDelete(d *schema.ResourceData, meta interface{}) error { - config := meta.(*Config) - project, err := getProject(d, config) - if err != nil { - return err - } - - obj := &osconfig.OSPolicyAssignment{ - InstanceFilter: expandOsConfigOsPolicyAssignmentInstanceFilter(d.Get("instance_filter")), - Location: dcl.String(d.Get("location").(string)), - Name: dcl.String(d.Get("name").(string)), - OSPolicies: expandOsConfigOsPolicyAssignmentOSPoliciesArray(d.Get("os_policies")), - Rollout: expandOsConfigOsPolicyAssignmentRollout(d.Get("rollout")), - Description: dcl.String(d.Get("description").(string)), - Project: dcl.String(project), +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile } - - log.Printf("[DEBUG] Deleting OSPolicyAssignment %q", d.Id()) - userAgent, err := generateUserAgentString(d, config.userAgent) - if err != nil { - return err + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile } - billingProject := project - // err == nil indicates that the billing_project value was found - if bp, err := getBillingProject(d, config); err == nil { - billingProject = bp + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile{ + AllowInsecure: dcl.Bool(obj["allow_insecure"].(bool)), + Gcs: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs(obj["gcs"]), + LocalPath: dcl.String(obj["local_path"].(string)), + Remote: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote(obj["remote"]), } - client := NewDCLOsConfigClient(config, userAgent, billingProject, d.Timeout(schema.TimeoutDelete)) - client.Config.BasePath = strings.ReplaceAll(client.Config.BasePath, "v1beta", "v1") - if bp, err := replaceVars(d, config, client.Config.BasePath); err != nil { - d.SetId("") - return fmt.Errorf("Could not format %q: %w", client.Config.BasePath, err) - } else { - client.Config.BasePath = bp +} + +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile) interface{} { + if obj == nil || obj.Empty() { + return nil } - if err := client.DeleteOSPolicyAssignment(context.Background(), obj); err != nil { - return fmt.Errorf("Error deleting OSPolicyAssignment: %s", err) + transformed := map[string]interface{}{ + "allow_insecure": obj.AllowInsecure, + "gcs": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs(obj.Gcs), + "local_path": obj.LocalPath, + "remote": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote(obj.Remote), } - log.Printf("[DEBUG] Finished deleting OSPolicyAssignment %q", d.Id()) - return nil + return []interface{}{transformed} + } -func resourceOsConfigOsPolicyAssignmentImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { - config := meta.(*Config) - if err := parseImportId([]string{ - "projects/(?P[^/]+)/locations/(?P[^/]+)/osPolicyAssignments/(?P[^/]+)", - "(?P[^/]+)/(?P[^/]+)/(?P[^/]+)", - "(?P[^/]+)/(?P[^/]+)", - }, d, config); err != nil { - return nil, err +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs{ + Bucket: dcl.String(obj["bucket"].(string)), + Object: dcl.String(obj["object"].(string)), + Generation: dcl.Int64(int64(obj["generation"].(int))), } +} - // Replace import id for the resource id - id, err := replaceVarsForId(d, config, "projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}") - if err != nil { - return nil, fmt.Errorf("Error constructing id: %s", err) +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "bucket": obj.Bucket, + "object": obj.Object, + "generation": obj.Generation, } - d.SetId(id) - return []*schema.ResourceData{d}, nil + return []interface{}{transformed} + } -func expandOsConfigOsPolicyAssignmentInstanceFilter(o interface{}) *osconfig.OSPolicyAssignmentInstanceFilter { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote { if o == nil { - return osconfig.EmptyOSPolicyAssignmentInstanceFilter + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote } objArr := o.([]interface{}) if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentInstanceFilter + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote } obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentInstanceFilter{ - All: dcl.Bool(obj["all"].(bool)), - ExclusionLabels: expandOsConfigOsPolicyAssignmentInstanceFilterExclusionLabelsArray(obj["exclusion_labels"]), - InclusionLabels: expandOsConfigOsPolicyAssignmentInstanceFilterInclusionLabelsArray(obj["inclusion_labels"]), - Inventories: expandOsConfigOsPolicyAssignmentInstanceFilterInventoriesArray(obj["inventories"]), + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote{ + Uri: dcl.String(obj["uri"].(string)), + Sha256Checksum: dcl.String(obj["sha256_checksum"].(string)), } } -func flattenOsConfigOsPolicyAssignmentInstanceFilter(obj *osconfig.OSPolicyAssignmentInstanceFilter) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "all": obj.All, - "exclusion_labels": flattenOsConfigOsPolicyAssignmentInstanceFilterExclusionLabelsArray(obj.ExclusionLabels), - "inclusion_labels": flattenOsConfigOsPolicyAssignmentInstanceFilterInclusionLabelsArray(obj.InclusionLabels), - "inventories": flattenOsConfigOsPolicyAssignmentInstanceFilterInventoriesArray(obj.Inventories), + "uri": obj.Uri, + "sha256_checksum": obj.Sha256Checksum, } return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentInstanceFilterExclusionLabelsArray(o interface{}) []osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels { + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce { if o == nil { - return make([]osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels, 0) + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce } - - objs := o.([]interface{}) - if len(objs) == 0 { - return make([]osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels, 0) + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce{ + Interpreter: osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceInterpreterEnumRef(obj["interpreter"].(string)), + Args: expandStringArray(obj["args"]), + File: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile(obj["file"]), + OutputFilePath: dcl.String(obj["output_file_path"].(string)), + Script: dcl.String(obj["script"].(string)), } +} - items := make([]osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels, 0, len(objs)) - for _, item := range objs { - i := expandOsConfigOsPolicyAssignmentInstanceFilterExclusionLabels(item) - items = append(items, *i) +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "interpreter": obj.Interpreter, + "args": obj.Args, + "file": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile(obj.File), + "output_file_path": obj.OutputFilePath, + "script": obj.Script, } - return items + return []interface{}{transformed} + } -func expandOsConfigOsPolicyAssignmentInstanceFilterExclusionLabels(o interface{}) *osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile { if o == nil { - return osconfig.EmptyOSPolicyAssignmentInstanceFilterExclusionLabels + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile } - - obj := o.(map[string]interface{}) - return &osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels{ - Labels: checkStringMap(obj["labels"]), + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile{ + AllowInsecure: dcl.Bool(obj["allow_insecure"].(bool)), + Gcs: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs(obj["gcs"]), + LocalPath: dcl.String(obj["local_path"].(string)), + Remote: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote(obj["remote"]), } } -func flattenOsConfigOsPolicyAssignmentInstanceFilterExclusionLabelsArray(objs []osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels) []interface{} { - if objs == nil { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile) interface{} { + if obj == nil || obj.Empty() { return nil } - - items := []interface{}{} - for _, item := range objs { - i := flattenOsConfigOsPolicyAssignmentInstanceFilterExclusionLabels(&item) - items = append(items, i) + transformed := map[string]interface{}{ + "allow_insecure": obj.AllowInsecure, + "gcs": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs(obj.Gcs), + "local_path": obj.LocalPath, + "remote": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote(obj.Remote), } - return items + return []interface{}{transformed} + } -func flattenOsConfigOsPolicyAssignmentInstanceFilterExclusionLabels(obj *osconfig.OSPolicyAssignmentInstanceFilterExclusionLabels) interface{} { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs{ + Bucket: dcl.String(obj["bucket"].(string)), + Object: dcl.String(obj["object"].(string)), + Generation: dcl.Int64(int64(obj["generation"].(int))), + } +} + +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "labels": obj.Labels, + "bucket": obj.Bucket, + "object": obj.Object, + "generation": obj.Generation, } - return transformed + return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentInstanceFilterInclusionLabelsArray(o interface{}) []osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels { + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote { if o == nil { - return make([]osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels, 0) + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote } - - objs := o.([]interface{}) - if len(objs) == 0 { - return make([]osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels, 0) + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote{ + Uri: dcl.String(obj["uri"].(string)), + Sha256Checksum: dcl.String(obj["sha256_checksum"].(string)), + } +} - items := make([]osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels, 0, len(objs)) - for _, item := range objs { - i := expandOsConfigOsPolicyAssignmentInstanceFilterInclusionLabels(item) - items = append(items, *i) +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "uri": obj.Uri, + "sha256_checksum": obj.Sha256Checksum, } - return items + return []interface{}{transformed} + } -func expandOsConfigOsPolicyAssignmentInstanceFilterInclusionLabels(o interface{}) *osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFile(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile { if o == nil { - return osconfig.EmptyOSPolicyAssignmentInstanceFilterInclusionLabels + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile } - - obj := o.(map[string]interface{}) - return &osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels{ - Labels: checkStringMap(obj["labels"]), + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile{ + Path: dcl.String(obj["path"].(string)), + State: osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileStateEnumRef(obj["state"].(string)), + Content: dcl.String(obj["content"].(string)), + File: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile(obj["file"]), } } -func flattenOsConfigOsPolicyAssignmentInstanceFilterInclusionLabelsArray(objs []osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels) []interface{} { - if objs == nil { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFile(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile) interface{} { + if obj == nil || obj.Empty() { return nil } + transformed := map[string]interface{}{ + "path": obj.Path, + "state": obj.State, + "content": obj.Content, + "file": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile(obj.File), + "permissions": obj.Permissions, + } - items := []interface{}{} - for _, item := range objs { - i := flattenOsConfigOsPolicyAssignmentInstanceFilterInclusionLabels(&item) - items = append(items, i) + return []interface{}{transformed} + +} + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile{ + AllowInsecure: dcl.Bool(obj["allow_insecure"].(bool)), + Gcs: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs(obj["gcs"]), + LocalPath: dcl.String(obj["local_path"].(string)), + Remote: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote(obj["remote"]), } - - return items } -func flattenOsConfigOsPolicyAssignmentInstanceFilterInclusionLabels(obj *osconfig.OSPolicyAssignmentInstanceFilterInclusionLabels) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "labels": obj.Labels, + "allow_insecure": obj.AllowInsecure, + "gcs": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs(obj.Gcs), + "local_path": obj.LocalPath, + "remote": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote(obj.Remote), } - return transformed + return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentInstanceFilterInventoriesArray(o interface{}) []osconfig.OSPolicyAssignmentInstanceFilterInventories { + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs { if o == nil { - return make([]osconfig.OSPolicyAssignmentInstanceFilterInventories, 0) + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs } - - objs := o.([]interface{}) - if len(objs) == 0 { - return make([]osconfig.OSPolicyAssignmentInstanceFilterInventories, 0) + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs } - - items := make([]osconfig.OSPolicyAssignmentInstanceFilterInventories, 0, len(objs)) - for _, item := range objs { - i := expandOsConfigOsPolicyAssignmentInstanceFilterInventories(item) - items = append(items, *i) + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs{ + Bucket: dcl.String(obj["bucket"].(string)), + Object: dcl.String(obj["object"].(string)), + Generation: dcl.Int64(int64(obj["generation"].(int))), } - - return items } -func expandOsConfigOsPolicyAssignmentInstanceFilterInventories(o interface{}) *osconfig.OSPolicyAssignmentInstanceFilterInventories { - if o == nil { - return osconfig.EmptyOSPolicyAssignmentInstanceFilterInventories +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs) interface{} { + if obj == nil || obj.Empty() { + return nil } - - obj := o.(map[string]interface{}) - return &osconfig.OSPolicyAssignmentInstanceFilterInventories{ - OSShortName: dcl.String(obj["os_short_name"].(string)), - OSVersion: dcl.String(obj["os_version"].(string)), + transformed := map[string]interface{}{ + "bucket": obj.Bucket, + "object": obj.Object, + "generation": obj.Generation, } + + return []interface{}{transformed} + } -func flattenOsConfigOsPolicyAssignmentInstanceFilterInventoriesArray(objs []osconfig.OSPolicyAssignmentInstanceFilterInventories) []interface{} { - if objs == nil { - return nil +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote } - - items := []interface{}{} - for _, item := range objs { - i := flattenOsConfigOsPolicyAssignmentInstanceFilterInventories(&item) - items = append(items, i) + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote{ + Uri: dcl.String(obj["uri"].(string)), + Sha256Checksum: dcl.String(obj["sha256_checksum"].(string)), } - - return items } -func flattenOsConfigOsPolicyAssignmentInstanceFilterInventories(obj *osconfig.OSPolicyAssignmentInstanceFilterInventories) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "os_short_name": obj.OSShortName, - "os_version": obj.OSVersion, + "uri": obj.Uri, + "sha256_checksum": obj.Sha256Checksum, } - return transformed + return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesArray(o interface{}) []osconfig.OSPolicyAssignmentOSPolicies { + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg { if o == nil { - return make([]osconfig.OSPolicyAssignmentOSPolicies, 0) + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg } - - objs := o.([]interface{}) - if len(objs) == 0 { - return make([]osconfig.OSPolicyAssignmentOSPolicies, 0) + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg } - - items := make([]osconfig.OSPolicyAssignmentOSPolicies, 0, len(objs)) - for _, item := range objs { - i := expandOsConfigOsPolicyAssignmentOSPolicies(item) - items = append(items, *i) + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg{ + DesiredState: osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDesiredStateEnumRef(obj["desired_state"].(string)), + Apt: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt(obj["apt"]), + Deb: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb(obj["deb"]), + Googet: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget(obj["googet"]), + Msi: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi(obj["msi"]), + Rpm: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm(obj["rpm"]), + Yum: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum(obj["yum"]), + Zypper: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper(obj["zypper"]), } - - return items } -func expandOsConfigOsPolicyAssignmentOSPolicies(o interface{}) *osconfig.OSPolicyAssignmentOSPolicies { - if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPolicies +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg) interface{} { + if obj == nil || obj.Empty() { + return nil } - - obj := o.(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPolicies{ - Id: dcl.String(obj["id"].(string)), - Mode: osconfig.OSPolicyAssignmentOSPoliciesModeEnumRef(obj["mode"].(string)), - ResourceGroups: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsArray(obj["resource_groups"]), - AllowNoResourceGroupMatch: dcl.Bool(obj["allow_no_resource_group_match"].(bool)), - Description: dcl.String(obj["description"].(string)), + transformed := map[string]interface{}{ + "desired_state": obj.DesiredState, + "apt": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt(obj.Apt), + "deb": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb(obj.Deb), + "googet": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget(obj.Googet), + "msi": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi(obj.Msi), + "rpm": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm(obj.Rpm), + "yum": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum(obj.Yum), + "zypper": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper(obj.Zypper), } + + return []interface{}{transformed} + } -func flattenOsConfigOsPolicyAssignmentOSPoliciesArray(objs []osconfig.OSPolicyAssignmentOSPolicies) []interface{} { - if objs == nil { - return nil +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt } - - items := []interface{}{} - for _, item := range objs { - i := flattenOsConfigOsPolicyAssignmentOSPolicies(&item) - items = append(items, i) + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt{ + Name: dcl.String(obj["name"].(string)), } - - return items } -func flattenOsConfigOsPolicyAssignmentOSPolicies(obj *osconfig.OSPolicyAssignmentOSPolicies) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "id": obj.Id, - "mode": obj.Mode, - "resource_groups": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsArray(obj.ResourceGroups), - "allow_no_resource_group_match": obj.AllowNoResourceGroupMatch, - "description": obj.Description, + "name": obj.Name, } - return transformed + return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsArray(o interface{}) []osconfig.OSPolicyAssignmentOSPoliciesResourceGroups { + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb { if o == nil { - return make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroups, 0) + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb } - - objs := o.([]interface{}) - if len(objs) == 0 { - return make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroups, 0) + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb{ + Source: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource(obj["source"]), + PullDeps: dcl.Bool(obj["pull_deps"].(bool)), } +} - items := make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroups, 0, len(objs)) - for _, item := range objs { - i := expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroups(item) - items = append(items, *i) +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "source": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource(obj.Source), + "pull_deps": obj.PullDeps, } - return items + return []interface{}{transformed} + } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroups(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroups { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroups + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource } - - obj := o.(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroups{ - Resources: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesArray(obj["resources"]), - InventoryFilters: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsInventoryFiltersArray(obj["inventory_filters"]), + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource{ + AllowInsecure: dcl.Bool(obj["allow_insecure"].(bool)), + Gcs: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs(obj["gcs"]), + LocalPath: dcl.String(obj["local_path"].(string)), + Remote: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote(obj["remote"]), } } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsArray(objs []osconfig.OSPolicyAssignmentOSPoliciesResourceGroups) []interface{} { - if objs == nil { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource) interface{} { + if obj == nil || obj.Empty() { return nil } - - items := []interface{}{} - for _, item := range objs { - i := flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroups(&item) - items = append(items, i) + transformed := map[string]interface{}{ + "allow_insecure": obj.AllowInsecure, + "gcs": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs(obj.Gcs), + "local_path": obj.LocalPath, + "remote": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote(obj.Remote), } - return items + return []interface{}{transformed} + } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroups(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroups) interface{} { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs { + if o == nil { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs{ + Bucket: dcl.String(obj["bucket"].(string)), + Object: dcl.String(obj["object"].(string)), + Generation: dcl.Int64(int64(obj["generation"].(int))), + } +} + +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "resources": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesArray(obj.Resources), - "inventory_filters": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsInventoryFiltersArray(obj.InventoryFilters), + "bucket": obj.Bucket, + "object": obj.Object, + "generation": obj.Generation, } - return transformed + return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesArray(o interface{}) []osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources { + +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote { if o == nil { - return make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources, 0) + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote + } + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote + } + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote{ + Uri: dcl.String(obj["uri"].(string)), + Sha256Checksum: dcl.String(obj["sha256_checksum"].(string)), } +} - objs := o.([]interface{}) - if len(objs) == 0 { - return make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources, 0) +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote) interface{} { + if obj == nil || obj.Empty() { + return nil + } + transformed := map[string]interface{}{ + "uri": obj.Uri, + "sha256_checksum": obj.Sha256Checksum, } - items := make([]osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources, 0, len(objs)) - for _, item := range objs { - i := expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResources(item) - items = append(items, *i) - } + return []interface{}{transformed} - return items } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResources(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResources - } - - obj := o.(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources{ - Id: dcl.String(obj["id"].(string)), - Exec: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExec(obj["exec"]), - File: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFile(obj["file"]), - Pkg: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg(obj["pkg"]), - Repository: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository(obj["repository"]), + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget } -} - -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesArray(objs []osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources) []interface{} { - if objs == nil { - return nil + objArr := o.([]interface{}) + if len(objArr) == 0 { + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget } - - items := []interface{}{} - for _, item := range objs { - i := flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResources(&item) - items = append(items, i) + obj := objArr[0].(map[string]interface{}) + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget{ + Name: dcl.String(obj["name"].(string)), } - - return items } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResources(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResources) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "id": obj.Id, - "exec": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExec(obj.Exec), - "file": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFile(obj.File), - "pkg": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg(obj.Pkg), - "repository": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository(obj.Repository), + "name": obj.Name, } - return transformed + return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExec(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi } objArr := o.([]interface{}) if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi } obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec{ - Validate: expandOsConfigOsPolicyAssignmentOSPolicyAssignmentExec(obj["validate"]), - Enforce: expandOsConfigOsPolicyAssignmentOSPolicyAssignmentExec(obj["enforce"]), + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi{ + Source: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource(obj["source"]), + Properties: expandStringArray(obj["properties"]), } } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesExec(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "validate": flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentExec(obj.Validate), - "enforce": flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentExec(obj.Enforce), + "source": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource(obj.Source), + "properties": obj.Properties, } return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFile(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource } objArr := o.([]interface{}) if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource } obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile{ - Path: dcl.String(obj["path"].(string)), - State: osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileStateEnumRef(obj["state"].(string)), - Content: dcl.String(obj["content"].(string)), - File: expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj["file"]), + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource{ + AllowInsecure: dcl.Bool(obj["allow_insecure"].(bool)), + Gcs: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs(obj["gcs"]), + LocalPath: dcl.String(obj["local_path"].(string)), + Remote: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote(obj["remote"]), } } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesFile(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "path": obj.Path, - "state": obj.State, - "content": obj.Content, - "file": flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj.File), - "permissions": obj.Permissions, + "allow_insecure": obj.AllowInsecure, + "gcs": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs(obj.Gcs), + "local_path": obj.LocalPath, + "remote": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote(obj.Remote), } return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs } objArr := o.([]interface{}) if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs } obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg{ - DesiredState: osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDesiredStateEnumRef(obj["desired_state"].(string)), - Apt: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt(obj["apt"]), - Deb: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb(obj["deb"]), - Googet: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget(obj["googet"]), - Msi: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi(obj["msi"]), - Rpm: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm(obj["rpm"]), - Yum: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum(obj["yum"]), - Zypper: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper(obj["zypper"]), + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs{ + Bucket: dcl.String(obj["bucket"].(string)), + Object: dcl.String(obj["object"].(string)), + Generation: dcl.Int64(int64(obj["generation"].(int))), } } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "desired_state": obj.DesiredState, - "apt": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt(obj.Apt), - "deb": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb(obj.Deb), - "googet": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget(obj.Googet), - "msi": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi(obj.Msi), - "rpm": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm(obj.Rpm), - "yum": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum(obj.Yum), - "zypper": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper(obj.Zypper), + "bucket": obj.Bucket, + "object": obj.Object, + "generation": obj.Generation, } return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote } objArr := o.([]interface{}) if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote } obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt{ - Name: dcl.String(obj["name"].(string)), + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote{ + Uri: dcl.String(obj["uri"].(string)), + Sha256Checksum: dcl.String(obj["sha256_checksum"].(string)), } } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "name": obj.Name, + "uri": obj.Uri, + "sha256_checksum": obj.Sha256Checksum, } return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm } objArr := o.([]interface{}) if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm } obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb{ - Source: expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj["source"]), + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm{ + Source: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource(obj["source"]), PullDeps: dcl.Bool(obj["pull_deps"].(bool)), } } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "source": flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj.Source), + "source": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource(obj.Source), "pull_deps": obj.PullDeps, } @@ -1683,82 +2702,90 @@ func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb(ob } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource } objArr := o.([]interface{}) if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource } obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget{ - Name: dcl.String(obj["name"].(string)), + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource{ + AllowInsecure: dcl.Bool(obj["allow_insecure"].(bool)), + Gcs: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs(obj["gcs"]), + LocalPath: dcl.String(obj["local_path"].(string)), + Remote: expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote(obj["remote"]), } } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "name": obj.Name, + "allow_insecure": obj.AllowInsecure, + "gcs": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs(obj.Gcs), + "local_path": obj.LocalPath, + "remote": flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote(obj.Remote), } return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs } objArr := o.([]interface{}) if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs } obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi{ - Source: expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj["source"]), - Properties: expandStringArray(obj["properties"]), + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs{ + Bucket: dcl.String(obj["bucket"].(string)), + Object: dcl.String(obj["object"].(string)), + Generation: dcl.Int64(int64(obj["generation"].(int))), } } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "source": flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj.Source), - "properties": obj.Properties, + "bucket": obj.Bucket, + "object": obj.Object, + "generation": obj.Generation, } return []interface{}{transformed} } -func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm { +func expandOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote(o interface{}) *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote { if o == nil { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote } objArr := o.([]interface{}) if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm + return osconfig.EmptyOSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote } obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm{ - Source: expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj["source"]), - PullDeps: dcl.Bool(obj["pull_deps"].(bool)), + return &osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote{ + Uri: dcl.String(obj["uri"].(string)), + Sha256Checksum: dcl.String(obj["sha256_checksum"].(string)), } } -func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm) interface{} { +func flattenOsConfigOsPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote(obj *osconfig.OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote) interface{} { if obj == nil || obj.Empty() { return nil } transformed := map[string]interface{}{ - "source": flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj.Source), - "pull_deps": obj.PullDeps, + "uri": obj.Uri, + "sha256_checksum": obj.Sha256Checksum, } return []interface{}{transformed} @@ -2087,127 +3114,3 @@ func flattenOsConfigOsPolicyAssignmentRolloutDisruptionBudget(obj *osconfig.OSPo return []interface{}{transformed} } - -func expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(o interface{}) *osconfig.OSPolicyAssignmentFile { - if o == nil { - return osconfig.EmptyOSPolicyAssignmentFile - } - objArr := o.([]interface{}) - if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentFile - } - obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentFile{ - AllowInsecure: dcl.Bool(obj["allow_insecure"].(bool)), - Gcs: expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFileGcs(obj["gcs"]), - LocalPath: dcl.String(obj["local_path"].(string)), - Remote: expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFileRemote(obj["remote"]), - } -} - -func flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj *osconfig.OSPolicyAssignmentFile) interface{} { - if obj == nil || obj.Empty() { - return nil - } - transformed := map[string]interface{}{ - "allow_insecure": obj.AllowInsecure, - "gcs": flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFileGcs(obj.Gcs), - "local_path": obj.LocalPath, - "remote": flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFileRemote(obj.Remote), - } - - return []interface{}{transformed} - -} - -func expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFileGcs(o interface{}) *osconfig.OSPolicyAssignmentFileGcs { - if o == nil { - return osconfig.EmptyOSPolicyAssignmentFileGcs - } - objArr := o.([]interface{}) - if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentFileGcs - } - obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentFileGcs{ - Bucket: dcl.String(obj["bucket"].(string)), - Object: dcl.String(obj["object"].(string)), - Generation: dcl.Int64(int64(obj["generation"].(int))), - } -} - -func flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFileGcs(obj *osconfig.OSPolicyAssignmentFileGcs) interface{} { - if obj == nil || obj.Empty() { - return nil - } - transformed := map[string]interface{}{ - "bucket": obj.Bucket, - "object": obj.Object, - "generation": obj.Generation, - } - - return []interface{}{transformed} - -} - -func expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFileRemote(o interface{}) *osconfig.OSPolicyAssignmentFileRemote { - if o == nil { - return osconfig.EmptyOSPolicyAssignmentFileRemote - } - objArr := o.([]interface{}) - if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentFileRemote - } - obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentFileRemote{ - Uri: dcl.String(obj["uri"].(string)), - Sha256Checksum: dcl.String(obj["sha256_checksum"].(string)), - } -} - -func flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFileRemote(obj *osconfig.OSPolicyAssignmentFileRemote) interface{} { - if obj == nil || obj.Empty() { - return nil - } - transformed := map[string]interface{}{ - "uri": obj.Uri, - "sha256_checksum": obj.Sha256Checksum, - } - - return []interface{}{transformed} - -} - -func expandOsConfigOsPolicyAssignmentOSPolicyAssignmentExec(o interface{}) *osconfig.OSPolicyAssignmentExec { - if o == nil { - return osconfig.EmptyOSPolicyAssignmentExec - } - objArr := o.([]interface{}) - if len(objArr) == 0 { - return osconfig.EmptyOSPolicyAssignmentExec - } - obj := objArr[0].(map[string]interface{}) - return &osconfig.OSPolicyAssignmentExec{ - Interpreter: osconfig.OSPolicyAssignmentExecInterpreterEnumRef(obj["interpreter"].(string)), - Args: expandStringArray(obj["args"]), - File: expandOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj["file"]), - OutputFilePath: dcl.String(obj["output_file_path"].(string)), - Script: dcl.String(obj["script"].(string)), - } -} - -func flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentExec(obj *osconfig.OSPolicyAssignmentExec) interface{} { - if obj == nil || obj.Empty() { - return nil - } - transformed := map[string]interface{}{ - "interpreter": obj.Interpreter, - "args": obj.Args, - "file": flattenOsConfigOsPolicyAssignmentOSPolicyAssignmentFile(obj.File), - "output_file_path": obj.OutputFilePath, - "script": obj.Script, - } - - return []interface{}{transformed} - -} diff --git a/website/docs/r/network_connectivity_spoke.html.markdown b/website/docs/r/network_connectivity_spoke.html.markdown new file mode 100644 index 0000000000..05cd2c2f77 --- /dev/null +++ b/website/docs/r/network_connectivity_spoke.html.markdown @@ -0,0 +1,213 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: DCL *** +# +# ---------------------------------------------------------------------------- +# +# This file is managed by Magic Modules (https:#github.com/GoogleCloudPlatform/magic-modules) +# and is based on the DCL (https:#github.com/GoogleCloudPlatform/declarative-resource-client-library). +# Changes will need to be made to the DCL or Magic Modules instead of here. +# +# We are not currently able to accept contributions to this file. If changes +# are required, please file an issue at https:#github.com/hashicorp/terraform-provider-google/issues/new/choose +# +# ---------------------------------------------------------------------------- +subcategory: "NetworkConnectivity" +layout: "google" +page_title: "Google: google_network_connectivity_spoke" +description: |- +The NetworkConnectivity Spoke resource +--- + +# google_network_connectivity_spoke + +The NetworkConnectivity Spoke resource + +## Example Usage - router_appliance +```hcl + +resource "google_compute_network" "network" { + name = "network" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "subnetwork" { + name = "subnet" + ip_cidr_range = "10.0.0.0/28" + region = "us-west1" + network = google_compute_network.network.self_link +} + +resource "google_compute_instance" "instance" { + name = "instance" + machine_type = "e2-medium" + can_ip_forward = true + zone = "us-west1-a" + + boot_disk { + initialize_params { + image = "projects/debian-cloud/global/images/debian-10-buster-v20210817" + } + } + + network_interface { + subnetwork = google_compute_subnetwork.subnetwork.name + network_ip = "10.0.0.2" + access_config { + network_tier = "PREMIUM" + } + } +} + +resource "google_network_connectivity_hub" "basic_hub" { + name = "hub" + description = "A sample hub" + labels = { + label-two = "value-one" + } +} + +resource "google_network_connectivity_spoke" "primary" { + name = "name" + location = "us-west1" + description = "A sample spoke with a linked routher appliance instance" + labels = { + label-one = "value-one" + } + hub = google_network_connectivity_hub.basic_hub.id + linked_router_appliance_instances { + instances { + virtual_machine = google_compute_instance.instance.self_link + ip_address = "10.0.0.2" + } + site_to_site_data_transfer = true + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `hub` - + (Required) + Immutable. The URI of the hub that this spoke is attached to. + +* `location` - + (Required) + The location for the resource + +* `name` - + (Required) + Immutable. The name of the spoke. Spoke names must be unique. + + + +The `instances` block supports: + +* `ip_address` - + (Optional) + The IP address on the VM to use for peering. + +* `virtual_machine` - + (Optional) + The URI of the virtual machine resource + +- - - + +* `description` - + (Optional) + An optional description of the spoke. + +* `labels` - + (Optional) + Optional labels in key:value format. For more information about labels, see [Requirements for labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements). + +* `linked_interconnect_attachments` - + (Optional) + A collection of VLAN attachment resources. These resources should be redundant attachments that all advertise the same prefixes to Google Cloud. Alternatively, in active/passive configurations, all attachments should be capable of advertising the same prefixes. + +* `linked_router_appliance_instances` - + (Optional) + The URIs of linked Router appliance resources + +* `linked_vpn_tunnels` - + (Optional) + The URIs of linked VPN tunnel resources + +* `project` - + (Optional) + The project for the resource + + + +The `linked_interconnect_attachments` block supports: + +* `site_to_site_data_transfer` - + (Required) + A value that controls whether site-to-site data transfer is enabled for these resources. Note that data transfer is available only in supported locations. + +* `uris` - + (Required) + The URIs of linked interconnect attachment resources + +The `linked_router_appliance_instances` block supports: + +* `instances` - + (Required) + The list of router appliance instances + +* `site_to_site_data_transfer` - + (Required) + A value that controls whether site-to-site data transfer is enabled for these resources. Note that data transfer is available only in supported locations. + +The `linked_vpn_tunnels` block supports: + +* `site_to_site_data_transfer` - + (Required) + A value that controls whether site-to-site data transfer is enabled for these resources. Note that data transfer is available only in supported locations. + +* `uris` - + (Required) + The URIs of linked VPN tunnel resources. + +## Attributes Reference + +In addition to the arguments listed above, the following computed attributes are exported: + +* `id` - an identifier for the resource with format `projects/{{project}}/locations/{{location}}/spokes/{{name}}` + +* `create_time` - + Output only. The time the spoke was created. + +* `state` - + Output only. The current lifecycle state of this spoke. Possible values: STATE_UNSPECIFIED, CREATING, ACTIVE, DELETING + +* `unique_id` - + Output only. The Google-generated UUID for the spoke. This value is unique across all spoke resources. If a spoke is deleted and another with the same name is created, the new spoke is assigned a different unique_id. + +* `update_time` - + Output only. The time the spoke was last updated. + +## Timeouts + +This resource provides the following +[Timeouts](/docs/configuration/resources.html#timeouts) configuration options: + +- `create` - Default is 10 minutes. +- `update` - Default is 10 minutes. +- `delete` - Default is 10 minutes. + +## Import + +Spoke can be imported using any of these accepted formats: + +``` +$ terraform import google_network_connectivity_spoke.default projects/{{project}}/locations/{{location}}/spokes/{{name}} +$ terraform import google_network_connectivity_spoke.default {{project}}/{{location}}/{{name}} +$ terraform import google_network_connectivity_spoke.default {{location}}/{{name}} +``` + + + diff --git a/website/docs/r/os_config_os_policy_assignment.html.markdown b/website/docs/r/os_config_os_policy_assignment.html.markdown index 5992037118..ed5f4676f7 100644 --- a/website/docs/r/os_config_os_policy_assignment.html.markdown +++ b/website/docs/r/os_config_os_policy_assignment.html.markdown @@ -682,6 +682,82 @@ The `resources` block supports: (Optional) Package repository resource +The `validate` block supports: + +* `args` - + (Optional) + Optional arguments to pass to the source during execution. + +* `file` - + (Optional) + A remote or local file. + +* `interpreter` - + (Required) + Required. The script interpreter to use. Possible values: INTERPRETER_UNSPECIFIED, NONE, SHELL, POWERSHELL + +* `output_file_path` - + (Optional) + Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. + +* `script` - + (Optional) + An inline script. The size of the script is limited to 1024 characters. + +The `source` block supports: + +* `allow_insecure` - + (Optional) + Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. + +* `gcs` - + (Optional) + A Cloud Storage object. + +* `local_path` - + (Optional) + A local path within the VM to use. + +* `remote` - + (Optional) + A generic remote file. + +The `source` block supports: + +* `allow_insecure` - + (Optional) + Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. + +* `gcs` - + (Optional) + A Cloud Storage object. + +* `local_path` - + (Optional) + A local path within the VM to use. + +* `remote` - + (Optional) + A generic remote file. + +The `source` block supports: + +* `allow_insecure` - + (Optional) + Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. + +* `gcs` - + (Optional) + A Cloud Storage object. + +* `local_path` - + (Optional) + A local path within the VM to use. + +* `remote` - + (Optional) + A generic remote file. + The `rollout` block supports: * `disruption_budget` - @@ -750,12 +826,118 @@ The `exec` block supports: * `enforce` - (Optional) - Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates "in desired state", and exit code of 101 indicates "not in desired state". Any other exit code indicates a failure running validate. + What to run to bring this resource into the desired state. An exit code of 100 indicates "success", any other exit code indicates a failure running enforce. * `validate` - (Required) Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates "in desired state", and exit code of 101 indicates "not in desired state". Any other exit code indicates a failure running validate. +The `enforce` block supports: + +* `args` - + (Optional) + Optional arguments to pass to the source during execution. + +* `file` - + (Optional) + A remote or local file. + +* `interpreter` - + (Required) + Required. The script interpreter to use. Possible values: INTERPRETER_UNSPECIFIED, NONE, SHELL, POWERSHELL + +* `output_file_path` - + (Optional) + Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. + +* `script` - + (Optional) + An inline script. The size of the script is limited to 1024 characters. + +The `file` block supports: + +* `allow_insecure` - + (Optional) + Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. + +* `gcs` - + (Optional) + A Cloud Storage object. + +* `local_path` - + (Optional) + A local path within the VM to use. + +* `remote` - + (Optional) + A generic remote file. + +The `gcs` block supports: + +* `bucket` - + (Required) + Required. Bucket of the Cloud Storage object. + +* `generation` - + (Optional) + Generation number of the Cloud Storage object. + +* `object` - + (Required) + Required. Name of the Cloud Storage object. + +The `remote` block supports: + +* `sha256_checksum` - + (Optional) + SHA256 checksum of the remote file. + +* `uri` - + (Required) + Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. + +The `file` block supports: + +* `allow_insecure` - + (Optional) + Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. + +* `gcs` - + (Optional) + A Cloud Storage object. + +* `local_path` - + (Optional) + A local path within the VM to use. + +* `remote` - + (Optional) + A generic remote file. + +The `gcs` block supports: + +* `bucket` - + (Required) + Required. Bucket of the Cloud Storage object. + +* `generation` - + (Optional) + Generation number of the Cloud Storage object. + +* `object` - + (Required) + Required. Name of the Cloud Storage object. + +The `remote` block supports: + +* `sha256_checksum` - + (Optional) + SHA256 checksum of the remote file. + +* `uri` - + (Required) + Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. + The `file` block supports: * `content` - @@ -764,7 +946,7 @@ The `file` block supports: * `file` - (Optional) - Required. A deb package. + A remote or local source. * `path` - (Required) @@ -777,6 +959,48 @@ The `file` block supports: (Required) Required. Desired state of the file. Possible values: OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED, COMPLIANT, NON_COMPLIANT, UNKNOWN, NO_OS_POLICIES_APPLICABLE +The `file` block supports: + +* `allow_insecure` - + (Optional) + Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. + +* `gcs` - + (Optional) + A Cloud Storage object. + +* `local_path` - + (Optional) + A local path within the VM to use. + +* `remote` - + (Optional) + A generic remote file. + +The `gcs` block supports: + +* `bucket` - + (Required) + Required. Bucket of the Cloud Storage object. + +* `generation` - + (Optional) + Generation number of the Cloud Storage object. + +* `object` - + (Required) + Required. Name of the Cloud Storage object. + +The `remote` block supports: + +* `sha256_checksum` - + (Optional) + SHA256 checksum of the remote file. + +* `uri` - + (Required) + Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. + The `pkg` block supports: * `apt` - @@ -827,6 +1051,30 @@ The `deb` block supports: (Required) Required. A deb package. +The `gcs` block supports: + +* `bucket` - + (Required) + Required. Bucket of the Cloud Storage object. + +* `generation` - + (Optional) + Generation number of the Cloud Storage object. + +* `object` - + (Required) + Required. Name of the Cloud Storage object. + +The `remote` block supports: + +* `sha256_checksum` - + (Optional) + SHA256 checksum of the remote file. + +* `uri` - + (Required) + Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. + The `googet` block supports: * `name` - @@ -841,7 +1089,31 @@ The `msi` block supports: * `source` - (Required) - Required. A deb package. + Required. The MSI package. + +The `gcs` block supports: + +* `bucket` - + (Required) + Required. Bucket of the Cloud Storage object. + +* `generation` - + (Optional) + Generation number of the Cloud Storage object. + +* `object` - + (Required) + Required. Name of the Cloud Storage object. + +The `remote` block supports: + +* `sha256_checksum` - + (Optional) + SHA256 checksum of the remote file. + +* `uri` - + (Required) + Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. The `rpm` block supports: @@ -851,7 +1123,31 @@ The `rpm` block supports: * `source` - (Required) - Required. A deb package. + Required. An rpm package. + +The `gcs` block supports: + +* `bucket` - + (Required) + Required. Bucket of the Cloud Storage object. + +* `generation` - + (Optional) + Generation number of the Cloud Storage object. + +* `object` - + (Required) + Required. Name of the Cloud Storage object. + +The `remote` block supports: + +* `sha256_checksum` - + (Optional) + SHA256 checksum of the remote file. + +* `uri` - + (Required) + Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. The `yum` block supports: @@ -951,70 +1247,6 @@ The `zypper` block supports: (Required) Required. A one word, unique name for this repository. This is the `repo id` in the zypper config file and also the `display_name` if `display_name` is omitted. This id is also used as the unique identifier when checking for GuestPolicy conflicts. -The `file` block supports: - -* `allow_insecure` - - (Optional) - Defaults to false. When false, files are subject to validations based on the file type: Remote: A checksum must be specified. Cloud Storage: An object generation number must be specified. - -* `gcs` - - (Optional) - A Cloud Storage object. - -* `local_path` - - (Optional) - A local path within the VM to use. - -* `remote` - - (Optional) - A generic remote file. - -The `gcs` block supports: - -* `bucket` - - (Required) - Required. Bucket of the Cloud Storage object. - -* `object` - - (Required) - Required. Name of the Cloud Storage object. - -* `generation` - - (Optional) - Generation number of the Cloud Storage object. - -The `remote` block supports: - -* `uri` - - (Required) - Required. URI from which to fetch the object. It should contain both the protocol and path following the format `{protocol}://{location}`. - -* `sha256_checksum` - - (Optional) - SHA256 checksum of the remote file. - -The `enforce` block supports: - -* `interpreter` - - (Required) - Required. The script interpreter to use. Possible values: INTERPRETER_UNSPECIFIED, NONE, SHELL, POWERSHELL - -* `args` - - (Optional) - Optional arguments to pass to the source during execution. - -* `file` - - (Optional) - Required. A deb package. - -* `output_file_path` - - (Optional) - Only recorded for enforce Exec. Path to an output file (that is created by this Exec) whose content will be recorded in OSPolicyResourceCompliance after a successful run. Absence or failure to read this file will result in this ExecResource being non-compliant. Output file size is limited to 100K bytes. - -* `script` - - (Optional) - An inline script. The size of the script is limited to 1024 characters. - ## Attributes Reference In addition to the arguments listed above, the following computed attributes are exported: diff --git a/website/google.erb b/website/google.erb index 0b21f7b244..b321f71212 100644 --- a/website/google.erb +++ b/website/google.erb @@ -2867,6 +2867,10 @@ google_network_connectivity_hub +
  • + google_network_connectivity_spoke +
    • +