From 0365823c2698335835e203cbba76bc0b8fa20eb7 Mon Sep 17 00:00:00 2001
From: Marco Leogrande <dark.knight.ita@gmail.com>
Date: Tue, 21 Jun 2022 13:43:07 -0700
Subject: [PATCH] compute: support maxPortsPerVm field related to Cloud NAT's
 enableDynamicPortAllocation

Support for the Dynamic Port Allocation feature (tracked in
terraform-google-modules/terraform-google-cloud-nat#64 and
hashicorp/terraform-provider-google#11052) was initially implemented
in #6022, but it lacked support for the maxPortsPerVm field. This
field is crucial to allow the full configuration to work.
---
 mmv1/products/compute/api.yaml                |  9 ++-
 .../resource_compute_router_nat_test.go.erb   | 55 +++++++++++++++++++
 2 files changed, 63 insertions(+), 1 deletion(-)

diff --git a/mmv1/products/compute/api.yaml b/mmv1/products/compute/api.yaml
index 07ffcf763581..1411f3103a5e 100644
--- a/mmv1/products/compute/api.yaml
+++ b/mmv1/products/compute/api.yaml
@@ -13480,12 +13480,19 @@ objects:
         name: minPortsPerVm
         description: |
           Minimum number of ports allocated to a VM from this NAT.
+      - !ruby/object:Api::Type::Integer
+        name: maxPortsPerVm
+        description: |
+          Maximum number of ports allocated to a VM from this NAT.
+          This field can only be set when enableDynamicPortAllocation is enabled.
       - !ruby/object:Api::Type::Boolean
         name: enableDynamicPortAllocation
         description: |
           Enable Dynamic Port Allocation.
-          If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. 
+          If minPortsPerVm is set, minPortsPerVm must be set to a power of two greater than or equal to 32.
           If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
+          If maxPortsPerVm is set, maxPortsPerVm must be set to a power of two greater than minPortsPerVm.
+          If maxPortsPerVm is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
 
           Mutually exclusive with enableEndpointIndependentMapping.
       - !ruby/object:Api::Type::Integer
diff --git a/mmv1/third_party/terraform/tests/resource_compute_router_nat_test.go.erb b/mmv1/third_party/terraform/tests/resource_compute_router_nat_test.go.erb
index f300475d927a..6a3116023b0b 100644
--- a/mmv1/third_party/terraform/tests/resource_compute_router_nat_test.go.erb
+++ b/mmv1/third_party/terraform/tests/resource_compute_router_nat_test.go.erb
@@ -214,6 +214,14 @@ func TestAccComputeRouterNat_withPortAllocationMethods(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 			},
+			{
+				Config: testAccComputeRouterNatWithAllocationMethodWithParameters(routerName, false, true, 256, 8192),
+			},
+			{
+				ResourceName:      "google_compute_router_nat.foobar",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
@@ -660,6 +668,53 @@ resource "google_compute_router_nat" "foobar" {
 `, routerName, routerName, routerName, routerName, routerName, enableEndpointIndependentMapping, enableDynamicPortAllocation)
 }
 
+func testAccComputeRouterNatWithAllocationMethodWithParameters(routerName string, enableEndpointIndependentMapping, enableDynamicPortAllocation bool, minPortsPerVm, maxPortsPerVm uint32) string {
+	return fmt.Sprintf(`
+resource "google_compute_network" "foobar" {
+  name                    = "%s-net"
+  auto_create_subnetworks = "false"
+}
+
+resource "google_compute_subnetwork" "foobar" {
+  name          = "%s-subnet"
+  network       = google_compute_network.foobar.self_link
+  ip_cidr_range = "10.0.0.0/16"
+  region        = "us-central1"
+}
+
+resource "google_compute_address" "foobar" {
+  name   = "router-nat-%s-addr"
+  region = google_compute_subnetwork.foobar.region
+}
+
+resource "google_compute_router" "foobar" {
+  name    = "%s"
+  region  = google_compute_subnetwork.foobar.region
+  network = google_compute_network.foobar.self_link
+  bgp {
+    asn = 64514
+  }
+}
+
+resource "google_compute_router_nat" "foobar" {
+  name                               = "%s"
+  router                             = google_compute_router.foobar.name
+  region                             = google_compute_router.foobar.region
+  nat_ip_allocate_option             = "MANUAL_ONLY"
+  nat_ips                            = [google_compute_address.foobar.self_link]
+  source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
+  subnetwork {
+    name                    = google_compute_subnetwork.foobar.name
+    source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
+  }
+  enable_endpoint_independent_mapping = %t
+  enable_dynamic_port_allocation = %t
+  min_ports_per_vm = %d
+  max_ports_per_vm = %d
+}
+`, routerName, routerName, routerName, routerName, routerName, enableEndpointIndependentMapping, enableDynamicPortAllocation, minPortsPerVm, maxPortsPerVm)
+}
+
 <% unless version == 'ga' -%>
 func testAccComputeRouterNatBaseResourcesWithNatIps(routerName string) string {
 	return fmt.Sprintf(`