From 4e9eeb94d3d4dff8961344a92e79bc9a28b4c5c6 Mon Sep 17 00:00:00 2001 From: The Magician Date: Tue, 20 Feb 2024 11:36:19 -0800 Subject: [PATCH] App Check reCAPTCHA V3 and reCAPTCHA Enterprise providers (#9991) (#6989) * App check debug token * Use api_name and identity to wire up debugTokenId * App Check * update mask [upstream:5ddf4406a2fdb1f18a3cdf35872a9f7d072c5b7e] Signed-off-by: Modular Magician --- .changelog/9991.txt | 4 + .../provider/provider_mmv1_resources.go | 6 +- ...e_app_check_recaptcha_enterprise_config.go | 342 +++++++++++++++++ ...aptcha_enterprise_config_generated_test.go | 83 +++++ ..._check_recaptcha_enterprise_config_test.go | 59 +++ ..._firebase_app_check_recaptcha_v3_config.go | 347 ++++++++++++++++++ ...heck_recaptcha_v3_config_generated_test.go | 83 +++++ ...base_app_check_recaptcha_v3_config_test.go | 59 +++ ..._recaptcha_enterprise_config.html.markdown | 134 +++++++ ...pp_check_recaptcha_v3_config.html.markdown | 142 +++++++ 10 files changed, 1257 insertions(+), 2 deletions(-) create mode 100644 .changelog/9991.txt create mode 100644 google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config.go create mode 100644 google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config_generated_test.go create mode 100644 google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config_test.go create mode 100644 google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config.go create mode 100644 google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config_generated_test.go create mode 100644 google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config_test.go create mode 100644 website/docs/r/firebase_app_check_recaptcha_enterprise_config.html.markdown create mode 100644 website/docs/r/firebase_app_check_recaptcha_v3_config.html.markdown diff --git a/.changelog/9991.txt b/.changelog/9991.txt new file mode 100644 index 0000000000..f589a75387 --- /dev/null +++ b/.changelog/9991.txt @@ -0,0 +1,4 @@ +```release-note:new-resource +`google_firebase_app_check_recaptcha_enterprise_config` +`google_firebase_app_check_recaptcha_v3_config ` +``` \ No newline at end of file diff --git a/google-beta/provider/provider_mmv1_resources.go b/google-beta/provider/provider_mmv1_resources.go index ebbf3e8951..2dd38e327b 100644 --- a/google-beta/provider/provider_mmv1_resources.go +++ b/google-beta/provider/provider_mmv1_resources.go @@ -429,9 +429,9 @@ var handwrittenIAMDatasources = map[string]*schema.Resource{ } // Resources -// Generated resources: 441 +// Generated resources: 443 // Generated IAM resources: 258 -// Total generated resources: 699 +// Total generated resources: 701 var generatedResources = map[string]*schema.Resource{ "google_folder_access_approval_settings": accessapproval.ResourceAccessApprovalFolderSettings(), "google_organization_access_approval_settings": accessapproval.ResourceAccessApprovalOrganizationSettings(), @@ -822,6 +822,8 @@ var generatedResources = map[string]*schema.Resource{ "google_firebase_app_check_app_attest_config": firebaseappcheck.ResourceFirebaseAppCheckAppAttestConfig(), "google_firebase_app_check_debug_token": firebaseappcheck.ResourceFirebaseAppCheckDebugToken(), "google_firebase_app_check_play_integrity_config": firebaseappcheck.ResourceFirebaseAppCheckPlayIntegrityConfig(), + "google_firebase_app_check_recaptcha_enterprise_config": firebaseappcheck.ResourceFirebaseAppCheckRecaptchaEnterpriseConfig(), + "google_firebase_app_check_recaptcha_v3_config": firebaseappcheck.ResourceFirebaseAppCheckRecaptchaV3Config(), "google_firebase_app_check_service_config": firebaseappcheck.ResourceFirebaseAppCheckServiceConfig(), "google_firebase_database_instance": firebasedatabase.ResourceFirebaseDatabaseInstance(), "google_firebase_extensions_instance": firebaseextensions.ResourceFirebaseExtensionsInstance(), diff --git a/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config.go b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config.go new file mode 100644 index 0000000000..43e61ab7cf --- /dev/null +++ b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config.go @@ -0,0 +1,342 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package firebaseappcheck + +import ( + "fmt" + "log" + "reflect" + "strings" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/hashicorp/terraform-provider-google-beta/google-beta/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport" +) + +func ResourceFirebaseAppCheckRecaptchaEnterpriseConfig() *schema.Resource { + return &schema.Resource{ + Create: resourceFirebaseAppCheckRecaptchaEnterpriseConfigCreate, + Read: resourceFirebaseAppCheckRecaptchaEnterpriseConfigRead, + Update: resourceFirebaseAppCheckRecaptchaEnterpriseConfigUpdate, + Delete: resourceFirebaseAppCheckRecaptchaEnterpriseConfigDelete, + + Importer: &schema.ResourceImporter{ + State: resourceFirebaseAppCheckRecaptchaEnterpriseConfigImport, + }, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(20 * time.Minute), + Update: schema.DefaultTimeout(20 * time.Minute), + Delete: schema.DefaultTimeout(20 * time.Minute), + }, + + CustomizeDiff: customdiff.All( + tpgresource.DefaultProviderProject, + ), + + Schema: map[string]*schema.Schema{ + "app_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: `The ID of an +[Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id).`, + }, + "site_key": { + Type: schema.TypeString, + Required: true, + Description: `The score-based site key created in reCAPTCHA Enterprise used to invoke reCAPTCHA and generate the reCAPTCHA tokens for your application. + +**Important**: This is not the siteSecret (as it is in reCAPTCHA v3), but rather your score-based reCAPTCHA Enterprise site key.`, + }, + "token_ttl": { + Type: schema.TypeString, + Computed: true, + Optional: true, + Description: `Specifies the duration for which App Check tokens exchanged from reCAPTCHA Enterprise artifacts will be valid. +If unset, a default value of 1 hour is assumed. Must be between 30 minutes and 7 days, inclusive. + +A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".`, + }, + "name": { + Type: schema.TypeString, + Computed: true, + Description: `The relative resource name of the reCAPTCHA Enterprise configuration object`, + }, + "project": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, + }, + UseJSONNumber: true, + } +} + +func resourceFirebaseAppCheckRecaptchaEnterpriseConfigCreate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + obj := make(map[string]interface{}) + tokenTtlProp, err := expandFirebaseAppCheckRecaptchaEnterpriseConfigTokenTtl(d.Get("token_ttl"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("token_ttl"); !tpgresource.IsEmptyValue(reflect.ValueOf(tokenTtlProp)) && (ok || !reflect.DeepEqual(v, tokenTtlProp)) { + obj["tokenTtl"] = tokenTtlProp + } + siteKeyProp, err := expandFirebaseAppCheckRecaptchaEnterpriseConfigSiteKey(d.Get("site_key"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("site_key"); !tpgresource.IsEmptyValue(reflect.ValueOf(siteKeyProp)) && (ok || !reflect.DeepEqual(v, siteKeyProp)) { + obj["siteKey"] = siteKeyProp + } + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/recaptchaEnterpriseConfig?updateMask=tokenTtl,siteKey") + if err != nil { + return err + } + + log.Printf("[DEBUG] Creating new RecaptchaEnterpriseConfig: %#v", obj) + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for RecaptchaEnterpriseConfig: %s", err) + } + billingProject = project + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "PATCH", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutCreate), + }) + if err != nil { + return fmt.Errorf("Error creating RecaptchaEnterpriseConfig: %s", err) + } + if err := d.Set("name", flattenFirebaseAppCheckRecaptchaEnterpriseConfigName(res["name"], d, config)); err != nil { + return fmt.Errorf(`Error setting computed identity field "name": %s`, err) + } + + // Store the ID now + id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/apps/{{app_id}}/recaptchaEnterpriseConfig") + if err != nil { + return fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + log.Printf("[DEBUG] Finished creating RecaptchaEnterpriseConfig %q: %#v", d.Id(), res) + + return resourceFirebaseAppCheckRecaptchaEnterpriseConfigRead(d, meta) +} + +func resourceFirebaseAppCheckRecaptchaEnterpriseConfigRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/recaptchaEnterpriseConfig") + if err != nil { + return err + } + + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for RecaptchaEnterpriseConfig: %s", err) + } + billingProject = project + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + }) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("FirebaseAppCheckRecaptchaEnterpriseConfig %q", d.Id())) + } + + if err := d.Set("project", project); err != nil { + return fmt.Errorf("Error reading RecaptchaEnterpriseConfig: %s", err) + } + + if err := d.Set("name", flattenFirebaseAppCheckRecaptchaEnterpriseConfigName(res["name"], d, config)); err != nil { + return fmt.Errorf("Error reading RecaptchaEnterpriseConfig: %s", err) + } + if err := d.Set("token_ttl", flattenFirebaseAppCheckRecaptchaEnterpriseConfigTokenTtl(res["tokenTtl"], d, config)); err != nil { + return fmt.Errorf("Error reading RecaptchaEnterpriseConfig: %s", err) + } + if err := d.Set("site_key", flattenFirebaseAppCheckRecaptchaEnterpriseConfigSiteKey(res["siteKey"], d, config)); err != nil { + return fmt.Errorf("Error reading RecaptchaEnterpriseConfig: %s", err) + } + + return nil +} + +func resourceFirebaseAppCheckRecaptchaEnterpriseConfigUpdate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for RecaptchaEnterpriseConfig: %s", err) + } + billingProject = project + + obj := make(map[string]interface{}) + tokenTtlProp, err := expandFirebaseAppCheckRecaptchaEnterpriseConfigTokenTtl(d.Get("token_ttl"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("token_ttl"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, tokenTtlProp)) { + obj["tokenTtl"] = tokenTtlProp + } + siteKeyProp, err := expandFirebaseAppCheckRecaptchaEnterpriseConfigSiteKey(d.Get("site_key"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("site_key"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, siteKeyProp)) { + obj["siteKey"] = siteKeyProp + } + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/recaptchaEnterpriseConfig") + if err != nil { + return err + } + + log.Printf("[DEBUG] Updating RecaptchaEnterpriseConfig %q: %#v", d.Id(), obj) + updateMask := []string{} + + if d.HasChange("token_ttl") { + updateMask = append(updateMask, "tokenTtl") + } + + if d.HasChange("site_key") { + updateMask = append(updateMask, "siteKey") + } + // updateMask is a URL parameter but not present in the schema, so ReplaceVars + // won't set it + url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")}) + if err != nil { + return err + } + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + // if updateMask is empty we are not updating anything so skip the post + if len(updateMask) > 0 { + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "PATCH", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutUpdate), + }) + + if err != nil { + return fmt.Errorf("Error updating RecaptchaEnterpriseConfig %q: %s", d.Id(), err) + } else { + log.Printf("[DEBUG] Finished updating RecaptchaEnterpriseConfig %q: %#v", d.Id(), res) + } + + } + + return resourceFirebaseAppCheckRecaptchaEnterpriseConfigRead(d, meta) +} + +func resourceFirebaseAppCheckRecaptchaEnterpriseConfigDelete(d *schema.ResourceData, meta interface{}) error { + log.Printf("[WARNING] FirebaseAppCheck RecaptchaEnterpriseConfig resources"+ + " cannot be deleted from Google Cloud. The resource %s will be removed from Terraform"+ + " state, but will still be present on Google Cloud.", d.Id()) + d.SetId("") + + return nil +} + +func resourceFirebaseAppCheckRecaptchaEnterpriseConfigImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + config := meta.(*transport_tpg.Config) + if err := tpgresource.ParseImportId([]string{ + "^projects/(?P[^/]+)/apps/(?P[^/]+)/recaptchaEnterpriseConfig$", + "^(?P[^/]+)/(?P[^/]+)$", + "^(?P[^/]+)$", + }, d, config); err != nil { + return nil, err + } + + // Replace import id for the resource id + id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/apps/{{app_id}}/recaptchaEnterpriseConfig") + if err != nil { + return nil, fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + return []*schema.ResourceData{d}, nil +} + +func flattenFirebaseAppCheckRecaptchaEnterpriseConfigName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenFirebaseAppCheckRecaptchaEnterpriseConfigTokenTtl(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenFirebaseAppCheckRecaptchaEnterpriseConfigSiteKey(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func expandFirebaseAppCheckRecaptchaEnterpriseConfigTokenTtl(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandFirebaseAppCheckRecaptchaEnterpriseConfigSiteKey(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} diff --git a/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config_generated_test.go b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config_generated_test.go new file mode 100644 index 0000000000..7d3c0704fd --- /dev/null +++ b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config_generated_test.go @@ -0,0 +1,83 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package firebaseappcheck_test + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/hashicorp/terraform-provider-google-beta/google-beta/acctest" + "github.com/hashicorp/terraform-provider-google-beta/google-beta/envvar" +) + +func TestAccFirebaseAppCheckRecaptchaEnterpriseConfig_firebaseAppCheckRecaptchaEnterpriseConfigBasicExample(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "project_id": envvar.GetTestProjectFromEnv(), + "token_ttl": "7200s", + "site_key": "6LdpMXIpAAAAANkwWQPgEdjEhal7ugkH9RK9ytuw", + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + ExternalProviders: map[string]resource.ExternalProvider{ + "random": {}, + "time": {}, + }, + Steps: []resource.TestStep{ + { + Config: testAccFirebaseAppCheckRecaptchaEnterpriseConfig_firebaseAppCheckRecaptchaEnterpriseConfigBasicExample(context), + }, + { + ResourceName: "google_firebase_app_check_recaptcha_enterprise_config.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"app_id"}, + }, + }, + }) +} + +func testAccFirebaseAppCheckRecaptchaEnterpriseConfig_firebaseAppCheckRecaptchaEnterpriseConfigBasicExample(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_firebase_web_app" "default" { + project = "%{project_id}" + display_name = "Web App for reCAPTCHA Enterprise" +} + +# It takes a while for App Check to recognize the new app +# If your app already exists, you don't have to wait 30 seconds. +resource "time_sleep" "wait_30s" { + depends_on = [google_firebase_web_app.default] + create_duration = "30s" +} + +resource "google_firebase_app_check_recaptcha_enterprise_config" "default" { + project = "%{project_id}" + app_id = google_firebase_web_app.default.app_id + site_key = "%{site_key}" + token_ttl = "%{token_ttl}" + + depends_on = [time_sleep.wait_30s] +} +`, context) +} diff --git a/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config_test.go b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config_test.go new file mode 100644 index 0000000000..24debd14ae --- /dev/null +++ b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_enterprise_config_test.go @@ -0,0 +1,59 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 +package firebaseappcheck_test + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/hashicorp/terraform-provider-google-beta/google-beta/acctest" + "github.com/hashicorp/terraform-provider-google-beta/google-beta/envvar" +) + +func TestAccFirebaseAppCheckRecaptchaEnterpriseConfig_firebaseAppCheckRecaptchaEnterpriseConfigUpdate(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "project_id": envvar.GetTestProjectFromEnv(), + "token_ttl": "7200s", + "site_key": "6LdpMXIpAAAAANkwWQPgEdjEhal7ugkH9RK9ytuw", + "random_suffix": acctest.RandString(t, 10), + } + + contextUpdated := map[string]interface{}{ + "project_id": envvar.GetTestProjectFromEnv(), + "token_ttl": "3800s", + "site_key": "7LdpMXIpAAAAANkwWQPgEdjEhal7ugkH9RK9ytuw", + "random_suffix": context["random_suffix"], + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + ExternalProviders: map[string]resource.ExternalProvider{ + "random": {}, + "time": {}, + }, + Steps: []resource.TestStep{ + { + Config: testAccFirebaseAppCheckRecaptchaEnterpriseConfig_firebaseAppCheckRecaptchaEnterpriseConfigBasicExample(context), + }, + { + ResourceName: "google_firebase_app_check_recaptcha_enterprise_config.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"app_id"}, + }, + { + Config: testAccFirebaseAppCheckRecaptchaEnterpriseConfig_firebaseAppCheckRecaptchaEnterpriseConfigBasicExample(contextUpdated), + }, + { + ResourceName: "google_firebase_app_check_recaptcha_enterprise_config.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"app_id"}, + }, + }, + }) +} diff --git a/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config.go b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config.go new file mode 100644 index 0000000000..e1b575bb31 --- /dev/null +++ b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config.go @@ -0,0 +1,347 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package firebaseappcheck + +import ( + "fmt" + "log" + "reflect" + "strings" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/hashicorp/terraform-provider-google-beta/google-beta/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport" +) + +func ResourceFirebaseAppCheckRecaptchaV3Config() *schema.Resource { + return &schema.Resource{ + Create: resourceFirebaseAppCheckRecaptchaV3ConfigCreate, + Read: resourceFirebaseAppCheckRecaptchaV3ConfigRead, + Update: resourceFirebaseAppCheckRecaptchaV3ConfigUpdate, + Delete: resourceFirebaseAppCheckRecaptchaV3ConfigDelete, + + Importer: &schema.ResourceImporter{ + State: resourceFirebaseAppCheckRecaptchaV3ConfigImport, + }, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(20 * time.Minute), + Update: schema.DefaultTimeout(20 * time.Minute), + Delete: schema.DefaultTimeout(20 * time.Minute), + }, + + CustomizeDiff: customdiff.All( + tpgresource.DefaultProviderProject, + ), + + Schema: map[string]*schema.Schema{ + "app_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: `The ID of an +[Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id).`, + }, + "site_secret": { + Type: schema.TypeString, + Required: true, + Description: `The site secret used to identify your service for reCAPTCHA v3 verification. +For security reasons, this field will never be populated in any response.`, + Sensitive: true, + }, + "token_ttl": { + Type: schema.TypeString, + Computed: true, + Optional: true, + Description: `Specifies the duration for which App Check tokens exchanged from reCAPTCHA V3 artifacts will be valid. +If unset, a default value of 1 hour is assumed. Must be between 30 minutes and 7 days, inclusive. + +A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".`, + }, + "name": { + Type: schema.TypeString, + Computed: true, + Description: `The relative resource name of the reCAPTCHA V3 configuration object`, + }, + "site_secret_set": { + Type: schema.TypeBool, + Computed: true, + Description: `Whether the siteSecret was previously set. Since we will never return the siteSecret field, this field is the only way to find out whether it was previously set.`, + }, + "project": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, + }, + UseJSONNumber: true, + } +} + +func resourceFirebaseAppCheckRecaptchaV3ConfigCreate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + obj := make(map[string]interface{}) + tokenTtlProp, err := expandFirebaseAppCheckRecaptchaV3ConfigTokenTtl(d.Get("token_ttl"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("token_ttl"); !tpgresource.IsEmptyValue(reflect.ValueOf(tokenTtlProp)) && (ok || !reflect.DeepEqual(v, tokenTtlProp)) { + obj["tokenTtl"] = tokenTtlProp + } + siteSecretProp, err := expandFirebaseAppCheckRecaptchaV3ConfigSiteSecret(d.Get("site_secret"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("site_secret"); !tpgresource.IsEmptyValue(reflect.ValueOf(siteSecretProp)) && (ok || !reflect.DeepEqual(v, siteSecretProp)) { + obj["siteSecret"] = siteSecretProp + } + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/recaptchaV3Config?updateMask=tokenTtl,siteSecret") + if err != nil { + return err + } + + log.Printf("[DEBUG] Creating new RecaptchaV3Config: %#v", obj) + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for RecaptchaV3Config: %s", err) + } + billingProject = project + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "PATCH", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutCreate), + }) + if err != nil { + return fmt.Errorf("Error creating RecaptchaV3Config: %s", err) + } + if err := d.Set("name", flattenFirebaseAppCheckRecaptchaV3ConfigName(res["name"], d, config)); err != nil { + return fmt.Errorf(`Error setting computed identity field "name": %s`, err) + } + + // Store the ID now + id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/apps/{{app_id}}/recaptchaV3Config") + if err != nil { + return fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + log.Printf("[DEBUG] Finished creating RecaptchaV3Config %q: %#v", d.Id(), res) + + return resourceFirebaseAppCheckRecaptchaV3ConfigRead(d, meta) +} + +func resourceFirebaseAppCheckRecaptchaV3ConfigRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/recaptchaV3Config") + if err != nil { + return err + } + + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for RecaptchaV3Config: %s", err) + } + billingProject = project + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + }) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("FirebaseAppCheckRecaptchaV3Config %q", d.Id())) + } + + if err := d.Set("project", project); err != nil { + return fmt.Errorf("Error reading RecaptchaV3Config: %s", err) + } + + if err := d.Set("name", flattenFirebaseAppCheckRecaptchaV3ConfigName(res["name"], d, config)); err != nil { + return fmt.Errorf("Error reading RecaptchaV3Config: %s", err) + } + if err := d.Set("token_ttl", flattenFirebaseAppCheckRecaptchaV3ConfigTokenTtl(res["tokenTtl"], d, config)); err != nil { + return fmt.Errorf("Error reading RecaptchaV3Config: %s", err) + } + if err := d.Set("site_secret_set", flattenFirebaseAppCheckRecaptchaV3ConfigSiteSecretSet(res["siteSecretSet"], d, config)); err != nil { + return fmt.Errorf("Error reading RecaptchaV3Config: %s", err) + } + + return nil +} + +func resourceFirebaseAppCheckRecaptchaV3ConfigUpdate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for RecaptchaV3Config: %s", err) + } + billingProject = project + + obj := make(map[string]interface{}) + tokenTtlProp, err := expandFirebaseAppCheckRecaptchaV3ConfigTokenTtl(d.Get("token_ttl"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("token_ttl"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, tokenTtlProp)) { + obj["tokenTtl"] = tokenTtlProp + } + siteSecretProp, err := expandFirebaseAppCheckRecaptchaV3ConfigSiteSecret(d.Get("site_secret"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("site_secret"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, siteSecretProp)) { + obj["siteSecret"] = siteSecretProp + } + + url, err := tpgresource.ReplaceVars(d, config, "{{FirebaseAppCheckBasePath}}projects/{{project}}/apps/{{app_id}}/recaptchaV3Config") + if err != nil { + return err + } + + log.Printf("[DEBUG] Updating RecaptchaV3Config %q: %#v", d.Id(), obj) + updateMask := []string{} + + if d.HasChange("token_ttl") { + updateMask = append(updateMask, "tokenTtl") + } + + if d.HasChange("site_secret") { + updateMask = append(updateMask, "siteSecret") + } + // updateMask is a URL parameter but not present in the schema, so ReplaceVars + // won't set it + url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")}) + if err != nil { + return err + } + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + // if updateMask is empty we are not updating anything so skip the post + if len(updateMask) > 0 { + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "PATCH", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutUpdate), + }) + + if err != nil { + return fmt.Errorf("Error updating RecaptchaV3Config %q: %s", d.Id(), err) + } else { + log.Printf("[DEBUG] Finished updating RecaptchaV3Config %q: %#v", d.Id(), res) + } + + } + + return resourceFirebaseAppCheckRecaptchaV3ConfigRead(d, meta) +} + +func resourceFirebaseAppCheckRecaptchaV3ConfigDelete(d *schema.ResourceData, meta interface{}) error { + log.Printf("[WARNING] FirebaseAppCheck RecaptchaV3Config resources"+ + " cannot be deleted from Google Cloud. The resource %s will be removed from Terraform"+ + " state, but will still be present on Google Cloud.", d.Id()) + d.SetId("") + + return nil +} + +func resourceFirebaseAppCheckRecaptchaV3ConfigImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + config := meta.(*transport_tpg.Config) + if err := tpgresource.ParseImportId([]string{ + "^projects/(?P[^/]+)/apps/(?P[^/]+)/recaptchaV3Config$", + "^(?P[^/]+)/(?P[^/]+)$", + "^(?P[^/]+)$", + }, d, config); err != nil { + return nil, err + } + + // Replace import id for the resource id + id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/apps/{{app_id}}/recaptchaV3Config") + if err != nil { + return nil, fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + return []*schema.ResourceData{d}, nil +} + +func flattenFirebaseAppCheckRecaptchaV3ConfigName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenFirebaseAppCheckRecaptchaV3ConfigTokenTtl(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenFirebaseAppCheckRecaptchaV3ConfigSiteSecretSet(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func expandFirebaseAppCheckRecaptchaV3ConfigTokenTtl(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandFirebaseAppCheckRecaptchaV3ConfigSiteSecret(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} diff --git a/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config_generated_test.go b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config_generated_test.go new file mode 100644 index 0000000000..baae997e48 --- /dev/null +++ b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config_generated_test.go @@ -0,0 +1,83 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package firebaseappcheck_test + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/hashicorp/terraform-provider-google-beta/google-beta/acctest" + "github.com/hashicorp/terraform-provider-google-beta/google-beta/envvar" +) + +func TestAccFirebaseAppCheckRecaptchaV3Config_firebaseAppCheckRecaptchaV3ConfigBasicExample(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "project_id": envvar.GetTestProjectFromEnv(), + "token_ttl": "7200s", + "site_secret": "6Lf9YnQpAAAAAC3-MHmdAllTbPwTZxpUw5d34YzX", + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + ExternalProviders: map[string]resource.ExternalProvider{ + "random": {}, + "time": {}, + }, + Steps: []resource.TestStep{ + { + Config: testAccFirebaseAppCheckRecaptchaV3Config_firebaseAppCheckRecaptchaV3ConfigBasicExample(context), + }, + { + ResourceName: "google_firebase_app_check_recaptcha_v3_config.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"site_secret", "app_id"}, + }, + }, + }) +} + +func testAccFirebaseAppCheckRecaptchaV3Config_firebaseAppCheckRecaptchaV3ConfigBasicExample(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_firebase_web_app" "default" { + project = "%{project_id}" + display_name = "Web App for reCAPTCHA V3" +} + +# It takes a while for App Check to recognize the new app +# If your app already exists, you don't have to wait 30 seconds. +resource "time_sleep" "wait_30s" { + depends_on = [google_firebase_web_app.default] + create_duration = "30s" +} + +resource "google_firebase_app_check_recaptcha_v3_config" "default" { + project = "%{project_id}" + app_id = google_firebase_web_app.default.app_id + site_secret = "%{site_secret}" + token_ttl = "%{token_ttl}" + + depends_on = [time_sleep.wait_30s] +} +`, context) +} diff --git a/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config_test.go b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config_test.go new file mode 100644 index 0000000000..c71fbd2482 --- /dev/null +++ b/google-beta/services/firebaseappcheck/resource_firebase_app_check_recaptcha_v3_config_test.go @@ -0,0 +1,59 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 +package firebaseappcheck_test + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/hashicorp/terraform-provider-google-beta/google-beta/acctest" + "github.com/hashicorp/terraform-provider-google-beta/google-beta/envvar" +) + +func TestAccFirebaseAppCheckRecaptchaV3Config_firebaseAppCheckRecaptchaV3ConfigUpdate(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "project_id": envvar.GetTestProjectFromEnv(), + "token_ttl": "7200s", + "site_secret": "6Lf9YnQpAAAAAC3-MHmdAllTbPwTZxpUw5d34YzX", + "random_suffix": acctest.RandString(t, 10), + } + + contextUpdated := map[string]interface{}{ + "project_id": envvar.GetTestProjectFromEnv(), + "token_ttl": "3800s", + "site_secret": "7Lf9YnQpAAAAAC3-MHmdAllTbPwTZxpUw5d34YzX", + "random_suffix": context["random_suffix"], + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + ExternalProviders: map[string]resource.ExternalProvider{ + "random": {}, + "time": {}, + }, + Steps: []resource.TestStep{ + { + Config: testAccFirebaseAppCheckRecaptchaV3Config_firebaseAppCheckRecaptchaV3ConfigBasicExample(context), + }, + { + ResourceName: "google_firebase_app_check_recaptcha_v3_config.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"site_secret", "app_id"}, + }, + { + Config: testAccFirebaseAppCheckRecaptchaV3Config_firebaseAppCheckRecaptchaV3ConfigBasicExample(contextUpdated), + }, + { + ResourceName: "google_firebase_app_check_recaptcha_v3_config.default", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"site_secret", "app_id"}, + }, + }, + }) +} diff --git a/website/docs/r/firebase_app_check_recaptcha_enterprise_config.html.markdown b/website/docs/r/firebase_app_check_recaptcha_enterprise_config.html.markdown new file mode 100644 index 0000000000..1afc3c327e --- /dev/null +++ b/website/docs/r/firebase_app_check_recaptcha_enterprise_config.html.markdown @@ -0,0 +1,134 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in +# .github/CONTRIBUTING.md. +# +# ---------------------------------------------------------------------------- +subcategory: "Firebase App Check" +description: |- + An app's reCAPTCHA Enterprise configuration object. +--- + +# google\_firebase\_app\_check\_recaptcha\_enterprise\_config + +An app's reCAPTCHA Enterprise configuration object. + + +To get more information about RecaptchaEnterpriseConfig, see: + +* [API documentation](https://firebase.google.com/docs/reference/appcheck/rest/v1/projects.apps.recaptchaEnterpriseConfig) +* How-to Guides + * [Official Documentation](https://firebase.google.com/docs/app-check) + +## Example Usage - Firebase App Check Recaptcha Enterprise Config Basic + + +```hcl +resource "google_firebase_web_app" "default" { + project = "my-project-name" + display_name = "Web App for reCAPTCHA Enterprise" +} + +# It takes a while for App Check to recognize the new app +# If your app already exists, you don't have to wait 30 seconds. +resource "time_sleep" "wait_30s" { + depends_on = [google_firebase_web_app.default] + create_duration = "30s" +} + +resource "google_firebase_app_check_recaptcha_enterprise_config" "default" { + project = "my-project-name" + app_id = google_firebase_web_app.default.app_id + site_key = "6LdpMXIpAAAAANkwWQPgEdjEhal7ugkH9RK9ytuw" + token_ttl = "7200s" + + depends_on = [time_sleep.wait_30s] +} +``` + +## Argument Reference + +The following arguments are supported: + + +* `site_key` - + (Required) + The score-based site key created in reCAPTCHA Enterprise used to invoke reCAPTCHA and generate the reCAPTCHA tokens for your application. + **Important**: This is not the siteSecret (as it is in reCAPTCHA v3), but rather your score-based reCAPTCHA Enterprise site key. + +* `app_id` - + (Required) + The ID of an + [Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id). + + +- - - + + +* `token_ttl` - + (Optional) + Specifies the duration for which App Check tokens exchanged from reCAPTCHA Enterprise artifacts will be valid. + If unset, a default value of 1 hour is assumed. Must be between 30 minutes and 7 days, inclusive. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + +* `project` - (Optional) The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + + +## Attributes Reference + +In addition to the arguments listed above, the following computed attributes are exported: + +* `id` - an identifier for the resource with format `projects/{{project}}/apps/{{app_id}}/recaptchaEnterpriseConfig` + +* `name` - + The relative resource name of the reCAPTCHA Enterprise configuration object + + +## Timeouts + +This resource provides the following +[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: + +- `create` - Default is 20 minutes. +- `update` - Default is 20 minutes. +- `delete` - Default is 20 minutes. + +## Import + + +RecaptchaEnterpriseConfig can be imported using any of these accepted formats: + +* `projects/{{project}}/apps/{{app_id}}/recaptchaEnterpriseConfig` +* `{{project}}/{{app_id}}` +* `{{app_id}}` + + +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import RecaptchaEnterpriseConfig using one of the formats above. For example: + +```tf +import { + id = "projects/{{project}}/apps/{{app_id}}/recaptchaEnterpriseConfig" + to = google_firebase_app_check_recaptcha_enterprise_config.default +} +``` + +When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), RecaptchaEnterpriseConfig can be imported using one of the formats above. For example: + +``` +$ terraform import google_firebase_app_check_recaptcha_enterprise_config.default projects/{{project}}/apps/{{app_id}}/recaptchaEnterpriseConfig +$ terraform import google_firebase_app_check_recaptcha_enterprise_config.default {{project}}/{{app_id}} +$ terraform import google_firebase_app_check_recaptcha_enterprise_config.default {{app_id}} +``` + +## User Project Overrides + +This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override). diff --git a/website/docs/r/firebase_app_check_recaptcha_v3_config.html.markdown b/website/docs/r/firebase_app_check_recaptcha_v3_config.html.markdown new file mode 100644 index 0000000000..0985125e13 --- /dev/null +++ b/website/docs/r/firebase_app_check_recaptcha_v3_config.html.markdown @@ -0,0 +1,142 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in +# .github/CONTRIBUTING.md. +# +# ---------------------------------------------------------------------------- +subcategory: "Firebase App Check" +description: |- + An app's reCAPTCHA V3 configuration object. +--- + +# google\_firebase\_app\_check\_recaptcha\_v3\_config + +An app's reCAPTCHA V3 configuration object. + + +To get more information about RecaptchaV3Config, see: + +* [API documentation](https://firebase.google.com/docs/reference/appcheck/rest/v1/projects.apps.recaptchaV3Config) +* How-to Guides + * [Official Documentation](https://firebase.google.com/docs/app-check) + +~> **Warning:** All arguments including the following potentially sensitive +values will be stored in the raw state as plain text: `site_secret`. +[Read more about sensitive data in state](https://www.terraform.io/language/state/sensitive-data). + +## Example Usage - Firebase App Check Recaptcha V3 Config Basic + + +```hcl +resource "google_firebase_web_app" "default" { + project = "my-project-name" + display_name = "Web App for reCAPTCHA V3" +} + +# It takes a while for App Check to recognize the new app +# If your app already exists, you don't have to wait 30 seconds. +resource "time_sleep" "wait_30s" { + depends_on = [google_firebase_web_app.default] + create_duration = "30s" +} + +resource "google_firebase_app_check_recaptcha_v3_config" "default" { + project = "my-project-name" + app_id = google_firebase_web_app.default.app_id + site_secret = "6Lf9YnQpAAAAAC3-MHmdAllTbPwTZxpUw5d34YzX" + token_ttl = "7200s" + + depends_on = [time_sleep.wait_30s] +} +``` + +## Argument Reference + +The following arguments are supported: + + +* `site_secret` - + (Required) + The site secret used to identify your service for reCAPTCHA v3 verification. + For security reasons, this field will never be populated in any response. + **Note**: This property is sensitive and will not be displayed in the plan. + +* `app_id` - + (Required) + The ID of an + [Web App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id). + + +- - - + + +* `token_ttl` - + (Optional) + Specifies the duration for which App Check tokens exchanged from reCAPTCHA V3 artifacts will be valid. + If unset, a default value of 1 hour is assumed. Must be between 30 minutes and 7 days, inclusive. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + +* `project` - (Optional) The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + + +## Attributes Reference + +In addition to the arguments listed above, the following computed attributes are exported: + +* `id` - an identifier for the resource with format `projects/{{project}}/apps/{{app_id}}/recaptchaV3Config` + +* `name` - + The relative resource name of the reCAPTCHA V3 configuration object + +* `site_secret_set` - + Whether the siteSecret was previously set. Since we will never return the siteSecret field, this field is the only way to find out whether it was previously set. + + +## Timeouts + +This resource provides the following +[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: + +- `create` - Default is 20 minutes. +- `update` - Default is 20 minutes. +- `delete` - Default is 20 minutes. + +## Import + + +RecaptchaV3Config can be imported using any of these accepted formats: + +* `projects/{{project}}/apps/{{app_id}}/recaptchaV3Config` +* `{{project}}/{{app_id}}` +* `{{app_id}}` + + +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import RecaptchaV3Config using one of the formats above. For example: + +```tf +import { + id = "projects/{{project}}/apps/{{app_id}}/recaptchaV3Config" + to = google_firebase_app_check_recaptcha_v3_config.default +} +``` + +When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), RecaptchaV3Config can be imported using one of the formats above. For example: + +``` +$ terraform import google_firebase_app_check_recaptcha_v3_config.default projects/{{project}}/apps/{{app_id}}/recaptchaV3Config +$ terraform import google_firebase_app_check_recaptcha_v3_config.default {{project}}/{{app_id}} +$ terraform import google_firebase_app_check_recaptcha_v3_config.default {{app_id}} +``` + +## User Project Overrides + +This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).