Signed CDN urls for backend services

Signed-off-by: Modular Magician <[email protected]>
hashicorp · Apr 2, 2019 · b1ceb9d · b1ceb9d
1 parent 4d2ade9
commit b1ceb9d
Show file tree

Hide file tree

Showing 7 changed files with 624 additions and 46 deletions.
diff --git a/google/provider_compute_gen.go b/google/provider_compute_gen.go
@@ -17,33 +17,34 @@ package google
 import "github.com/hashicorp/terraform/helper/schema"
 
 var GeneratedComputeResourcesMap = map[string]*schema.Resource{
-	"google_compute_address":                       resourceComputeAddress(),
-	"google_compute_autoscaler":                    resourceComputeAutoscaler(),
-	"google_compute_backend_bucket":                resourceComputeBackendBucket(),
-	"google_compute_backend_bucket_signed_url_key": resourceComputeBackendBucketSignedUrlKey(),
-	"google_compute_disk":                          resourceComputeDisk(),
-	"google_compute_firewall":                      resourceComputeFirewall(),
-	"google_compute_forwarding_rule":               resourceComputeForwardingRule(),
-	"google_compute_global_address":                resourceComputeGlobalAddress(),
-	"google_compute_http_health_check":             resourceComputeHttpHealthCheck(),
-	"google_compute_https_health_check":            resourceComputeHttpsHealthCheck(),
-	"google_compute_health_check":                  resourceComputeHealthCheck(),
-	"google_compute_image":                         resourceComputeImage(),
-	"google_compute_interconnect_attachment":       resourceComputeInterconnectAttachment(),
-	"google_compute_network":                       resourceComputeNetwork(),
-	"google_compute_region_autoscaler":             resourceComputeRegionAutoscaler(),
-	"google_compute_region_disk":                   resourceComputeRegionDisk(),
-	"google_compute_route":                         resourceComputeRoute(),
-	"google_compute_router":                        resourceComputeRouter(),
-	"google_compute_snapshot":                      resourceComputeSnapshot(),
-	"google_compute_ssl_certificate":               resourceComputeSslCertificate(),
-	"google_compute_ssl_policy":                    resourceComputeSslPolicy(),
-	"google_compute_subnetwork":                    resourceComputeSubnetwork(),
-	"google_compute_target_http_proxy":             resourceComputeTargetHttpProxy(),
-	"google_compute_target_https_proxy":            resourceComputeTargetHttpsProxy(),
-	"google_compute_target_ssl_proxy":              resourceComputeTargetSslProxy(),
-	"google_compute_target_tcp_proxy":              resourceComputeTargetTcpProxy(),
-	"google_compute_vpn_gateway":                   resourceComputeVpnGateway(),
-	"google_compute_url_map":                       resourceComputeUrlMap(),
-	"google_compute_vpn_tunnel":                    resourceComputeVpnTunnel(),
+	"google_compute_address":                        resourceComputeAddress(),
+	"google_compute_autoscaler":                     resourceComputeAutoscaler(),
+	"google_compute_backend_bucket":                 resourceComputeBackendBucket(),
+	"google_compute_backend_bucket_signed_url_key":  resourceComputeBackendBucketSignedUrlKey(),
+	"google_compute_backend_service_signed_url_key": resourceComputeBackendServiceSignedUrlKey(),
+	"google_compute_disk":                           resourceComputeDisk(),
+	"google_compute_firewall":                       resourceComputeFirewall(),
+	"google_compute_forwarding_rule":                resourceComputeForwardingRule(),
+	"google_compute_global_address":                 resourceComputeGlobalAddress(),
+	"google_compute_http_health_check":              resourceComputeHttpHealthCheck(),
+	"google_compute_https_health_check":             resourceComputeHttpsHealthCheck(),
+	"google_compute_health_check":                   resourceComputeHealthCheck(),
+	"google_compute_image":                          resourceComputeImage(),
+	"google_compute_interconnect_attachment":        resourceComputeInterconnectAttachment(),
+	"google_compute_network":                        resourceComputeNetwork(),
+	"google_compute_region_autoscaler":              resourceComputeRegionAutoscaler(),
+	"google_compute_region_disk":                    resourceComputeRegionDisk(),
+	"google_compute_route":                          resourceComputeRoute(),
+	"google_compute_router":                         resourceComputeRouter(),
+	"google_compute_snapshot":                       resourceComputeSnapshot(),
+	"google_compute_ssl_certificate":                resourceComputeSslCertificate(),
+	"google_compute_ssl_policy":                     resourceComputeSslPolicy(),
+	"google_compute_subnetwork":                     resourceComputeSubnetwork(),
+	"google_compute_target_http_proxy":              resourceComputeTargetHttpProxy(),
+	"google_compute_target_https_proxy":             resourceComputeTargetHttpsProxy(),
+	"google_compute_target_ssl_proxy":               resourceComputeTargetSslProxy(),
+	"google_compute_target_tcp_proxy":               resourceComputeTargetTcpProxy(),
+	"google_compute_vpn_gateway":                    resourceComputeVpnGateway(),
+	"google_compute_url_map":                        resourceComputeUrlMap(),
+	"google_compute_vpn_tunnel":                     resourceComputeVpnTunnel(),
 }
diff --git a/google/resource_compute_backend_service.go b/google/resource_compute_backend_service.go
@@ -5,6 +5,8 @@ import (
 	"fmt"
 	"log"
 
+	"strconv"
+
 	"github.com/hashicorp/errwrap"
 	"github.com/hashicorp/terraform/helper/schema"
 	computeBeta "google.golang.org/api/compute/v0.beta"
@@ -90,6 +92,11 @@ func resourceComputeBackendService() *schema.Resource {
 								},
 							},
 						},
+						"signed_url_cache_max_age_sec": {
+							Type:     schema.TypeInt,
+							Optional: true,
+							Default:  3600,
+						},
 					},
 				},
 			},
@@ -611,40 +618,55 @@ func expandCdnPolicy(configured []interface{}) *computeBeta.BackendServiceCdnPol
 		return nil
 	}
 
+	policy := &computeBeta.BackendServiceCdnPolicy{}
 	data := configured[0].(map[string]interface{})
+	v := data["signed_url_cache_max_age_sec"]
+	if strVal, ok := v.(string); ok {
+		if intVal, err := strconv.ParseInt(strVal, 10, 64); err == nil {
+			v = intVal
+		} // let terraform core handle it if we can't convert the string to an int.
+	}
+	if maxAge, ok := v.(int); ok {
+		policy.SignedUrlCacheMaxAgeSec = int64(maxAge)
+	}
+
 	ckp := data["cache_key_policy"].([]interface{})
 	if len(ckp) == 0 {
-		return nil
+		return policy
 	}
 	ckpData := ckp[0].(map[string]interface{})
 
-	return &computeBeta.BackendServiceCdnPolicy{
-		CacheKeyPolicy: &computeBeta.CacheKeyPolicy{
-			IncludeHost:          ckpData["include_host"].(bool),
-			IncludeProtocol:      ckpData["include_protocol"].(bool),
-			IncludeQueryString:   ckpData["include_query_string"].(bool),
-			QueryStringBlacklist: convertStringSet(ckpData["query_string_blacklist"].(*schema.Set)),
-			QueryStringWhitelist: convertStringSet(ckpData["query_string_whitelist"].(*schema.Set)),
-			ForceSendFields:      []string{"IncludeProtocol", "IncludeHost", "IncludeQueryString", "QueryStringWhitelist", "QueryStringBlacklist"},
-		},
+	policy.CacheKeyPolicy = &computeBeta.CacheKeyPolicy{
+		IncludeHost:          ckpData["include_host"].(bool),
+		IncludeProtocol:      ckpData["include_protocol"].(bool),
+		IncludeQueryString:   ckpData["include_query_string"].(bool),
+		QueryStringBlacklist: convertStringSet(ckpData["query_string_blacklist"].(*schema.Set)),
+		QueryStringWhitelist: convertStringSet(ckpData["query_string_whitelist"].(*schema.Set)),
+		ForceSendFields:      []string{"IncludeProtocol", "IncludeHost", "IncludeQueryString", "QueryStringWhitelist", "QueryStringBlacklist"},
 	}
+	return policy
 }
 
 func flattenCdnPolicy(pol *computeBeta.BackendServiceCdnPolicy) []map[string]interface{} {
-	result := []map[string]interface{}{}
-	if pol == nil || pol.CacheKeyPolicy == nil {
-		return result
+	if pol == nil {
+		return []map[string]interface{}{}
 	}
 
-	return append(result, map[string]interface{}{
-		"cache_key_policy": []map[string]interface{}{
+	policy := map[string]interface{}{
+		"signed_url_cache_max_age_sec": pol.SignedUrlCacheMaxAgeSec,
+	}
+
+	if pol.CacheKeyPolicy != nil {
+		policy["cache_key_policy"] = []map[string]interface{}{
 			{
 				"include_host":           pol.CacheKeyPolicy.IncludeHost,
 				"include_protocol":       pol.CacheKeyPolicy.IncludeProtocol,
 				"include_query_string":   pol.CacheKeyPolicy.IncludeQueryString,
 				"query_string_blacklist": schema.NewSet(schema.HashString, convertStringArrToInterface(pol.CacheKeyPolicy.QueryStringBlacklist)),
 				"query_string_whitelist": schema.NewSet(schema.HashString, convertStringArrToInterface(pol.CacheKeyPolicy.QueryStringWhitelist)),
 			},
-		},
-	})
+		}
+	}
+
+	return []map[string]interface{}{policy}
 }