diff --git a/.changelog/8952.txt b/.changelog/8952.txt new file mode 100644 index 0000000000..e0943c5a4f --- /dev/null +++ b/.changelog/8952.txt @@ -0,0 +1,2 @@ +```release-note:none +``` diff --git a/google-beta/services/compute/resource_compute_subnetwork.go b/google-beta/services/compute/resource_compute_subnetwork.go index a2e2abdc35..1534420bba 100644 --- a/google-beta/services/compute/resource_compute_subnetwork.go +++ b/google-beta/services/compute/resource_compute_subnetwork.go @@ -205,10 +205,11 @@ access Google APIs and services by using Private Google Access.`, Computed: true, Optional: true, ForceNew: true, - Description: `The purpose of the resource. This field can be either 'PRIVATE_RFC_1918', 'REGIONAL_MANAGED_PROXY', 'GLOBAL_MANAGED_PROXY', or 'PRIVATE_SERVICE_CONNECT'. + Description: `The purpose of the resource. This field can be either 'PRIVATE_RFC_1918', 'REGIONAL_MANAGED_PROXY', 'GLOBAL_MANAGED_PROXY', 'PRIVATE_SERVICE_CONNECT' or 'PRIVATE_NAT'([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)). A subnet with purpose set to 'REGIONAL_MANAGED_PROXY' is a user-created subnetwork that is reserved for regional Envoy-based load balancers. A subnetwork in a given region with purpose set to 'GLOBAL_MANAGED_PROXY' is a proxy-only subnet and is shared between all the cross-regional Envoy-based load balancers. A subnetwork with purpose set to 'PRIVATE_SERVICE_CONNECT' reserves the subnet for hosting a Private Service Connect published service. +A subnetwork with purpose set to 'PRIVATE_NAT' is used as source range for Private NAT gateways. Note that 'REGIONAL_MANAGED_PROXY' is the preferred setting for all regional Envoy load balancers. If unspecified, the purpose defaults to 'PRIVATE_RFC_1918'.`, }, diff --git a/google-beta/services/compute/resource_compute_subnetwork_generated_test.go b/google-beta/services/compute/resource_compute_subnetwork_generated_test.go index 7f20fc08de..f11608e7a5 100644 --- a/google-beta/services/compute/resource_compute_subnetwork_generated_test.go +++ b/google-beta/services/compute/resource_compute_subnetwork_generated_test.go @@ -262,6 +262,52 @@ resource "google_compute_network" "custom-test" { `, context) } +func TestAccComputeSubnetwork_subnetworkPurposePrivateNatExample(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t), + CheckDestroy: testAccCheckComputeSubnetworkDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccComputeSubnetwork_subnetworkPurposePrivateNatExample(context), + }, + { + ResourceName: "google_compute_subnetwork.subnetwork-purpose-private-nat", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"network", "region"}, + }, + }, + }) +} + +func testAccComputeSubnetwork_subnetworkPurposePrivateNatExample(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_compute_subnetwork" "subnetwork-purpose-private-nat" { + provider = google-beta + + name = "tf-test-subnet-purpose-test-subnetwork%{random_suffix}" + region = "us-west2" + ip_cidr_range = "192.168.1.0/24" + purpose = "PRIVATE_NAT" + network = google_compute_network.custom-test.id +} + +resource "google_compute_network" "custom-test" { + provider = google-beta + + name = "tf-test-subnet-purpose-test-network%{random_suffix}" + auto_create_subnetworks = false +} +`, context) +} + func testAccCheckComputeSubnetworkDestroyProducer(t *testing.T) func(s *terraform.State) error { return func(s *terraform.State) error { for name, rs := range s.RootModule().Resources { diff --git a/website/docs/r/compute_subnetwork.html.markdown b/website/docs/r/compute_subnetwork.html.markdown index 4cc035bc75..902cd23407 100644 --- a/website/docs/r/compute_subnetwork.html.markdown +++ b/website/docs/r/compute_subnetwork.html.markdown @@ -183,6 +183,32 @@ resource "google_compute_network" "custom-test" { enable_ula_internal_ipv6 = true } ``` +
+ + Open in Cloud Shell + +
+## Example Usage - Subnetwork Purpose Private Nat + + +```hcl +resource "google_compute_subnetwork" "subnetwork-purpose-private-nat" { + provider = google-beta + + name = "subnet-purpose-test-subnetwork" + region = "us-west2" + ip_cidr_range = "192.168.1.0/24" + purpose = "PRIVATE_NAT" + network = google_compute_network.custom-test.id +} + +resource "google_compute_network" "custom-test" { + provider = google-beta + + name = "subnet-purpose-test-network" + auto_create_subnetworks = false +} +``` ## Argument Reference @@ -223,10 +249,11 @@ The following arguments are supported: * `purpose` - (Optional) - The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY`, or `PRIVATE_SERVICE_CONNECT`. + The purpose of the resource. This field can be either `PRIVATE_RFC_1918`, `REGIONAL_MANAGED_PROXY`, `GLOBAL_MANAGED_PROXY`, `PRIVATE_SERVICE_CONNECT` or `PRIVATE_NAT`([Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)). A subnet with purpose set to `REGIONAL_MANAGED_PROXY` is a user-created subnetwork that is reserved for regional Envoy-based load balancers. A subnetwork in a given region with purpose set to `GLOBAL_MANAGED_PROXY` is a proxy-only subnet and is shared between all the cross-regional Envoy-based load balancers. A subnetwork with purpose set to `PRIVATE_SERVICE_CONNECT` reserves the subnet for hosting a Private Service Connect published service. + A subnetwork with purpose set to `PRIVATE_NAT` is used as source range for Private NAT gateways. Note that `REGIONAL_MANAGED_PROXY` is the preferred setting for all regional Envoy load balancers. If unspecified, the purpose defaults to `PRIVATE_RFC_1918`.