Add support for NEG type PRIVATE_SERVICE_CONNECT in NetworkEndpointGr…

…oup (#6021) (#11687) Co-authored-by: Stephen Lewis (Burrows) <stephen.r.burrows@gmail.com> Signed-off-by: Modular Magician <magic-modules@google.com> Co-authored-by: Stephen Lewis (Burrows) <stephen.r.burrows@gmail.com>
hashicorp · May 11, 2022 · 6648023 · 6648023
1 parent a8c4eef
commit 6648023
Show file tree

Hide file tree

Showing 6 changed files with 98 additions and 12 deletions.
diff --git a/.changelog/6021.txt b/.changelog/6021.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+compute: added support for NEG type `PRIVATE_SERVICE_CONNECT` in `NetworkEndpointGroup`
+```
diff --git a/google/resource_clouddeploy_delivery_pipeline_generated_test.go b/google/resource_clouddeploy_delivery_pipeline_generated_test.go
@@ -106,17 +106,17 @@ resource "google_clouddeploy_delivery_pipeline" "primary" {
   name     = "tf-test-pipeline%{random_suffix}"
 
   annotations = {
-    my_second_annotation = "updated-example-annotation-2"
-
     my_third_annotation = "example-annotation-3"
+
+    my_second_annotation = "updated-example-annotation-2"
   }
 
   description = "updated description"
 
   labels = {
-    my_third_label = "example-label-3"
-
     my_second_label = "updated-example-label-2"
+
+    my_third_label = "example-label-3"
   }
 
   project = "%{project_name}"

diff --git a/google/resource_clouddeploy_target_generated_test.go b/google/resource_clouddeploy_target_generated_test.go
@@ -123,9 +123,9 @@ resource "google_clouddeploy_target" "primary" {
   name     = "tf-test-target%{random_suffix}"
 
   annotations = {
-    my_second_annotation = "updated-example-annotation-2"
-
     my_third_annotation = "example-annotation-3"
+
+    my_second_annotation = "updated-example-annotation-2"
   }
 
   description = "updated description"

diff --git a/google/resource_compute_region_network_endpoint_group.go b/google/resource_compute_region_network_endpoint_group.go
@@ -99,7 +99,7 @@ Example value: "v1", "v2".`,
 						},
 					},
 				},
-				ExactlyOneOf: []string{"app_engine", "cloud_function", "cloud_run"},
+				ConflictsWith: []string{"cloud_run", "cloud_function"},
 			},
 			"cloud_function": {
 				Type:     schema.TypeList,
@@ -134,7 +134,7 @@ will parse them to { function = "function1" } and { function = "function2" } res
 						},
 					},
 				},
-				ExactlyOneOf: []string{"app_engine", "cloud_function", "cloud_run"},
+				ConflictsWith: []string{"cloud_run", "app_engine"},
 			},
 			"cloud_run": {
 				Type:     schema.TypeList,
@@ -179,7 +179,7 @@ and { service="bar2", tag="foo2" } respectively.`,
 						},
 					},
 				},
-				ExactlyOneOf: []string{"cloud_run", "cloud_function", "app_engine"},
+				ConflictsWith: []string{"app_engine", "cloud_function"},
 			},
 			"description": {
 				Type:     schema.TypeString,
@@ -192,10 +192,17 @@ you create the resource.`,
 				Type:         schema.TypeString,
 				Optional:     true,
 				ForceNew:     true,
-				ValidateFunc: validateEnum([]string{"SERVERLESS", ""}),
-				Description:  `Type of network endpoints in this network endpoint group. Defaults to SERVERLESS Default value: "SERVERLESS" Possible values: ["SERVERLESS"]`,
+				ValidateFunc: validateEnum([]string{"SERVERLESS", "PRIVATE_SERVICE_CONNECT", ""}),
+				Description:  `Type of network endpoints in this network endpoint group. Defaults to SERVERLESS Default value: "SERVERLESS" Possible values: ["SERVERLESS", "PRIVATE_SERVICE_CONNECT"]`,
 				Default:      "SERVERLESS",
 			},
+			"psc_target_service": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+				Description: `The target service url used to set up private service connection to
+a Google API or a PSC Producer Service Attachment.`,
+			},
 			"project": {
 				Type:     schema.TypeString,
 				Optional: true,
@@ -237,6 +244,12 @@ func resourceComputeRegionNetworkEndpointGroupCreate(d *schema.ResourceData, met
 	} else if v, ok := d.GetOkExists("network_endpoint_type"); !isEmptyValue(reflect.ValueOf(networkEndpointTypeProp)) && (ok || !reflect.DeepEqual(v, networkEndpointTypeProp)) {
 		obj["networkEndpointType"] = networkEndpointTypeProp
 	}
+	pscTargetServiceProp, err := expandComputeRegionNetworkEndpointGroupPscTargetService(d.Get("psc_target_service"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("psc_target_service"); !isEmptyValue(reflect.ValueOf(pscTargetServiceProp)) && (ok || !reflect.DeepEqual(v, pscTargetServiceProp)) {
+		obj["pscTargetService"] = pscTargetServiceProp
+	}
 	cloudRunProp, err := expandComputeRegionNetworkEndpointGroupCloudRun(d.Get("cloud_run"), d, config)
 	if err != nil {
 		return err
@@ -351,6 +364,9 @@ func resourceComputeRegionNetworkEndpointGroupRead(d *schema.ResourceData, meta
 	if err := d.Set("network_endpoint_type", flattenComputeRegionNetworkEndpointGroupNetworkEndpointType(res["networkEndpointType"], d, config)); err != nil {
 		return fmt.Errorf("Error reading RegionNetworkEndpointGroup: %s", err)
 	}
+	if err := d.Set("psc_target_service", flattenComputeRegionNetworkEndpointGroupPscTargetService(res["pscTargetService"], d, config)); err != nil {
+		return fmt.Errorf("Error reading RegionNetworkEndpointGroup: %s", err)
+	}
 	if err := d.Set("cloud_run", flattenComputeRegionNetworkEndpointGroupCloudRun(res["cloudRun"], d, config)); err != nil {
 		return fmt.Errorf("Error reading RegionNetworkEndpointGroup: %s", err)
 	}
@@ -448,6 +464,10 @@ func flattenComputeRegionNetworkEndpointGroupNetworkEndpointType(v interface{},
 	return v
 }
 
+func flattenComputeRegionNetworkEndpointGroupPscTargetService(v interface{}, d *schema.ResourceData, config *Config) interface{} {
+	return v
+}
+
 func flattenComputeRegionNetworkEndpointGroupCloudRun(v interface{}, d *schema.ResourceData, config *Config) interface{} {
 	if v == nil {
 		return nil
@@ -545,6 +565,10 @@ func expandComputeRegionNetworkEndpointGroupNetworkEndpointType(v interface{}, d
 	return v, nil
 }
 
+func expandComputeRegionNetworkEndpointGroupPscTargetService(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandComputeRegionNetworkEndpointGroupCloudRun(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
 	l := v.([]interface{})
 	if len(l) == 0 || l[0] == nil {

diff --git a/google/resource_compute_region_network_endpoint_group_generated_test.go b/google/resource_compute_region_network_endpoint_group_generated_test.go
@@ -244,6 +244,43 @@ resource "google_storage_bucket_object" "appengine_neg" {
 `, context)
 }
 
+func TestAccComputeRegionNetworkEndpointGroup_regionNetworkEndpointGroupPscExample(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"random_suffix": randString(t, 10),
+	}
+
+	vcrTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckComputeRegionNetworkEndpointGroupDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccComputeRegionNetworkEndpointGroup_regionNetworkEndpointGroupPscExample(context),
+			},
+			{
+				ResourceName:            "google_compute_region_network_endpoint_group.psc_neg",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"region"},
+			},
+		},
+	})
+}
+
+func testAccComputeRegionNetworkEndpointGroup_regionNetworkEndpointGroupPscExample(context map[string]interface{}) string {
+	return Nprintf(`
+resource "google_compute_region_network_endpoint_group" "psc_neg" {
+  name                  = "tf-test-psc-neg%{random_suffix}"
+  region                = "asia-northeast3"
+
+  network_endpoint_type = "PRIVATE_SERVICE_CONNECT"
+  psc_target_service    = "asia-northeast3-cloudkms.googleapis.com"
+}
+`, context)
+}
+
 func testAccCheckComputeRegionNetworkEndpointGroupDestroyProducer(t *testing.T) func(s *terraform.State) error {
 	return func(s *terraform.State) error {
 		for name, rs := range s.RootModule().Resources {

diff --git a/website/docs/r/compute_region_network_endpoint_group.html.markdown b/website/docs/r/compute_region_network_endpoint_group.html.markdown
@@ -195,6 +195,23 @@ resource "google_storage_bucket_object" "appengine_neg" {
   source = "./test-fixtures/appengine/hello-world.zip"
 }
 ```
+<div class = "oics-button" style="float: right; margin: 0 0 -15px">
+  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgit.luolix.top%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=region_network_endpoint_group_psc&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
+    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
+  </a>
+</div>
+## Example Usage - Region Network Endpoint Group Psc
+
+
+```hcl
+resource "google_compute_region_network_endpoint_group" "psc_neg" {
+  name                  = "psc-neg"
+  region                = "asia-northeast3"
+
+  network_endpoint_type = "PRIVATE_SERVICE_CONNECT"
+  psc_target_service    = "asia-northeast3-cloudkms.googleapis.com"
+}
+```
 
 ## Argument Reference
 
@@ -228,7 +245,12 @@ The following arguments are supported:
   (Optional)
   Type of network endpoints in this network endpoint group. Defaults to SERVERLESS
   Default value is `SERVERLESS`.
-  Possible values are `SERVERLESS`.
+  Possible values are `SERVERLESS` and `PRIVATE_SERVICE_CONNECT`.
+
+* `psc_target_service` -
+  (Optional)
+  The target service url used to set up private service connection to
+  a Google API or a PSC Producer Service Attachment.
 
 * `cloud_run` -
   (Optional)