diff --git a/.changelog/12735.txt b/.changelog/12735.txt new file mode 100644 index 00000000000..42b910df155 --- /dev/null +++ b/.changelog/12735.txt @@ -0,0 +1,3 @@ +```release-note:none + +``` \ No newline at end of file diff --git a/google/services/accesscontextmanager/resource_access_context_manager_access_level.go b/google/services/accesscontextmanager/resource_access_context_manager_access_level.go index 4847d84c73f..eefe5e41aa6 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_access_level.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_access_level.go @@ -375,6 +375,13 @@ func resourceAccessContextManagerAccessLevelCreate(d *schema.ResourceData, meta return err } + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{parent}}/accessLevels") if err != nil { return err @@ -530,6 +537,13 @@ func resourceAccessContextManagerAccessLevelUpdate(d *schema.ResourceData, meta return err } + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{name}}") if err != nil { return err @@ -606,6 +620,13 @@ func resourceAccessContextManagerAccessLevelDelete(d *schema.ResourceData, meta billingProject := "" + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{name}}") if err != nil { return err diff --git a/google/services/accesscontextmanager/resource_access_context_manager_access_level_condition.go b/google/services/accesscontextmanager/resource_access_context_manager_access_level_condition.go index 0a1074f0a6b..75a06d74d3f 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_access_level_condition.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_access_level_condition.go @@ -22,6 +22,7 @@ import ( "log" "net/http" "reflect" + "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -232,6 +233,11 @@ Format: accessPolicies/{policy_id}/accessLevels/{short_name}`, }, }, }, + "access_policy_id": { + Type: schema.TypeString, + Computed: true, + Description: `The name of the Access Policy this resource belongs to.`, + }, }, UseJSONNumber: true, } @@ -288,7 +294,12 @@ func resourceAccessContextManagerAccessLevelConditionCreate(d *schema.ResourceDa obj["vpcNetworkSources"] = vpcNetworkSourcesProp } - lockName, err := tpgresource.ReplaceVars(d, config, "{{access_level}}") + obj, err = resourceAccessContextManagerAccessLevelConditionEncoder(d, meta, obj) + if err != nil { + return err + } + + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -472,7 +483,7 @@ func resourceAccessContextManagerAccessLevelConditionDelete(d *schema.ResourceDa billingProject := "" - lockName, err := tpgresource.ReplaceVars(d, config, "{{access_level}}") + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -839,6 +850,17 @@ func expandNestedAccessContextManagerAccessLevelConditionVpcNetworkSourcesVpcSub return v, nil } +func resourceAccessContextManagerAccessLevelConditionEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + // Set the access_policy_id field from part of the access_level parameter. + + // The is logic is inside the encoder since the access_policy_id field is part of + // the mutex lock and encoders run before the lock is set. + parts := strings.Split(d.Get("access_level").(string), "/") + d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts[1])) + + return obj, nil +} + func flattenNestedAccessContextManagerAccessLevelCondition(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { var v interface{} var ok bool diff --git a/google/services/accesscontextmanager/resource_access_context_manager_access_levels.go b/google/services/accesscontextmanager/resource_access_context_manager_access_levels.go index a64caf19e78..19b1ffcb65c 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_access_levels.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_access_levels.go @@ -346,6 +346,13 @@ func resourceAccessContextManagerAccessLevelsCreate(d *schema.ResourceData, meta obj["accessLevels"] = accessLevelsProp } + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{parent}}/accessLevels:replaceAll") if err != nil { return err @@ -452,6 +459,13 @@ func resourceAccessContextManagerAccessLevelsUpdate(d *schema.ResourceData, meta obj["accessLevels"] = accessLevelsProp } + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{parent}}/accessLevels:replaceAll") if err != nil { return err diff --git a/google/services/accesscontextmanager/resource_access_context_manager_access_policy.go b/google/services/accesscontextmanager/resource_access_context_manager_access_policy.go index 86da43776a4..dbf878e3b10 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_access_policy.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_access_policy.go @@ -118,6 +118,13 @@ func resourceAccessContextManagerAccessPolicyCreate(d *schema.ResourceData, meta obj["scopes"] = scopesProp } + lockName, err := tpgresource.ReplaceVars(d, config, "accessPolicies/{{name}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}accessPolicies") if err != nil { return err @@ -271,6 +278,13 @@ func resourceAccessContextManagerAccessPolicyUpdate(d *schema.ResourceData, meta obj["scopes"] = scopesProp } + lockName, err := tpgresource.ReplaceVars(d, config, "accessPolicies/{{name}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}accessPolicies/{{name}}") if err != nil { return err @@ -339,6 +353,13 @@ func resourceAccessContextManagerAccessPolicyDelete(d *schema.ResourceData, meta billingProject := "" + lockName, err := tpgresource.ReplaceVars(d, config, "accessPolicies/{{name}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}accessPolicies/{{name}}") if err != nil { return err diff --git a/google/services/accesscontextmanager/resource_access_context_manager_authorized_orgs_desc.go b/google/services/accesscontextmanager/resource_access_context_manager_authorized_orgs_desc.go index 3a7d400cd3e..fa3106ffaa9 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_authorized_orgs_desc.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_authorized_orgs_desc.go @@ -180,6 +180,13 @@ func resourceAccessContextManagerAuthorizedOrgsDescCreate(d *schema.ResourceData return err } + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{parent}}/authorizedOrgsDescs") if err != nil { return err @@ -328,6 +335,13 @@ func resourceAccessContextManagerAuthorizedOrgsDescUpdate(d *schema.ResourceData return err } + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{name}}") if err != nil { return err @@ -389,6 +403,13 @@ func resourceAccessContextManagerAuthorizedOrgsDescDelete(d *schema.ResourceData billingProject := "" + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{name}}") if err != nil { return err diff --git a/google/services/accesscontextmanager/resource_access_context_manager_egress_policy.go b/google/services/accesscontextmanager/resource_access_context_manager_egress_policy.go index 6c84f8e1901..e057cce69b5 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_egress_policy.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_egress_policy.go @@ -22,6 +22,7 @@ import ( "log" "net/http" "reflect" + "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -59,6 +60,11 @@ func ResourceAccessContextManagerEgressPolicy() *schema.Resource { ForceNew: true, Description: `A GCP resource that is inside of the service perimeter.`, }, + "access_policy_id": { + Type: schema.TypeString, + Computed: true, + Description: `The name of the Access Policy this resource belongs to.`, + }, }, UseJSONNumber: true, } @@ -79,6 +85,18 @@ func resourceAccessContextManagerEgressPolicyCreate(d *schema.ResourceData, meta obj["resource"] = resourceProp } + obj, err = resourceAccessContextManagerEgressPolicyEncoder(d, meta, obj) + if err != nil { + return err + } + + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{egress_policy_name}}") if err != nil { return err @@ -222,6 +240,13 @@ func resourceAccessContextManagerEgressPolicyDelete(d *schema.ResourceData, meta billingProject := "" + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{egress_policy_name}}") if err != nil { return err @@ -281,6 +306,9 @@ func resourceAccessContextManagerEgressPolicyImport(d *schema.ResourceData, meta return nil, err } + if err := d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts["accessPolicy"])); err != nil { + return nil, fmt.Errorf("Error setting access_policy_id: %s", err) + } if err := d.Set("perimeter", fmt.Sprintf("accessPolicies/%s/servicePerimeters/%s", parts["accessPolicy"], parts["perimeter"])); err != nil { return nil, fmt.Errorf("Error setting perimeter: %s", err) } @@ -295,6 +323,17 @@ func expandNestedAccessContextManagerEgressPolicyResource(v interface{}, d tpgre return v, nil } +func resourceAccessContextManagerEgressPolicyEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + // Set the access_policy_id field from part of the egress_policy_name parameter. + + // The is logic is inside the encoder since the access_policy_id field is part of + // the mutex lock and encoders run before the lock is set. + parts := strings.Split(d.Get("egress_policy_name").(string), "/") + d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts[1])) + + return obj, nil +} + func flattenNestedAccessContextManagerEgressPolicy(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { var v interface{} var ok bool diff --git a/google/services/accesscontextmanager/resource_access_context_manager_ingress_policy.go b/google/services/accesscontextmanager/resource_access_context_manager_ingress_policy.go index 66f3d2b1e7d..cb031a34069 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_ingress_policy.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_ingress_policy.go @@ -22,6 +22,7 @@ import ( "log" "net/http" "reflect" + "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -59,6 +60,11 @@ func ResourceAccessContextManagerIngressPolicy() *schema.Resource { ForceNew: true, Description: `A GCP resource that is inside of the service perimeter.`, }, + "access_policy_id": { + Type: schema.TypeString, + Computed: true, + Description: `The name of the Access Policy this resource belongs to.`, + }, }, UseJSONNumber: true, } @@ -79,6 +85,18 @@ func resourceAccessContextManagerIngressPolicyCreate(d *schema.ResourceData, met obj["resource"] = resourceProp } + obj, err = resourceAccessContextManagerIngressPolicyEncoder(d, meta, obj) + if err != nil { + return err + } + + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{ingress_policy_name}}") if err != nil { return err @@ -222,6 +240,13 @@ func resourceAccessContextManagerIngressPolicyDelete(d *schema.ResourceData, met billingProject := "" + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{ingress_policy_name}}") if err != nil { return err @@ -281,6 +306,9 @@ func resourceAccessContextManagerIngressPolicyImport(d *schema.ResourceData, met return nil, err } + if err := d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts["accessPolicy"])); err != nil { + return nil, fmt.Errorf("Error setting access_policy_id: %s", err) + } if err := d.Set("perimeter", fmt.Sprintf("accessPolicies/%s/servicePerimeters/%s", parts["accessPolicy"], parts["perimeter"])); err != nil { return nil, fmt.Errorf("Error setting perimeter: %s", err) } @@ -295,6 +323,17 @@ func expandNestedAccessContextManagerIngressPolicyResource(v interface{}, d tpgr return v, nil } +func resourceAccessContextManagerIngressPolicyEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + // Set the access_policy_id field from part of the ingress_policy_name parameter. + + // The is logic is inside the encoder since the access_policy_id field is part of + // the mutex lock and encoders run before the lock is set. + parts := strings.Split(d.Get("ingress_policy_name").(string), "/") + d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts[1])) + + return obj, nil +} + func flattenNestedAccessContextManagerIngressPolicy(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { var v interface{} var ok bool diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter.go index 2d57ac82851..58cf2711392 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter.go @@ -1023,7 +1023,7 @@ func resourceAccessContextManagerServicePerimeterCreate(d *schema.ResourceData, return err } - lockName, err := tpgresource.ReplaceVars(d, config, "{{name}}") + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") if err != nil { return err } @@ -1203,7 +1203,7 @@ func resourceAccessContextManagerServicePerimeterUpdate(d *schema.ResourceData, return err } - lockName, err := tpgresource.ReplaceVars(d, config, "{{name}}") + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") if err != nil { return err } @@ -1290,7 +1290,7 @@ func resourceAccessContextManagerServicePerimeterDelete(d *schema.ResourceData, billingProject := "" - lockName, err := tpgresource.ReplaceVars(d, config, "{{name}}") + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") if err != nil { return err } diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_egress_policy.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_egress_policy.go index b1e830c63bb..34539912af4 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_egress_policy.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_egress_policy.go @@ -24,6 +24,7 @@ import ( "reflect" "slices" "sort" + "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -286,6 +287,11 @@ the perimeter.`, }, }, }, + "access_policy_id": { + Type: schema.TypeString, + Computed: true, + Description: `The name of the Access Policy this resource belongs to.`, + }, }, UseJSONNumber: true, } @@ -312,7 +318,12 @@ func resourceAccessContextManagerServicePerimeterDryRunEgressPolicyCreate(d *sch obj["egressTo"] = egressToProp } - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") + obj, err = resourceAccessContextManagerServicePerimeterDryRunEgressPolicyEncoder(d, meta, obj) + if err != nil { + return err + } + + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -469,7 +480,7 @@ func resourceAccessContextManagerServicePerimeterDryRunEgressPolicyDelete(d *sch billingProject := "" - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -890,6 +901,17 @@ func expandNestedAccessContextManagerServicePerimeterDryRunEgressPolicyEgressToO return v, nil } +func resourceAccessContextManagerServicePerimeterDryRunEgressPolicyEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + // Set the access_policy_id field from part of the perimeter parameter. + + // The is logic is inside the encoder since the access_policy_id field is part of + // the mutex lock and encoders run before the lock is set. + parts := strings.Split(d.Get("perimeter").(string), "/") + d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts[1])) + + return obj, nil +} + func flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicy(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { var v interface{} var ok bool diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_ingress_policy.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_ingress_policy.go index c83f8b389db..e87e4435e95 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_ingress_policy.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_ingress_policy.go @@ -24,6 +24,7 @@ import ( "reflect" "slices" "sort" + "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -290,6 +291,11 @@ also matches the 'operations' field.`, }, }, }, + "access_policy_id": { + Type: schema.TypeString, + Computed: true, + Description: `The name of the Access Policy this resource belongs to.`, + }, }, UseJSONNumber: true, } @@ -316,7 +322,12 @@ func resourceAccessContextManagerServicePerimeterDryRunIngressPolicyCreate(d *sc obj["ingressTo"] = ingressToProp } - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") + obj, err = resourceAccessContextManagerServicePerimeterDryRunIngressPolicyEncoder(d, meta, obj) + if err != nil { + return err + } + + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -473,7 +484,7 @@ func resourceAccessContextManagerServicePerimeterDryRunIngressPolicyDelete(d *sc billingProject := "" - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -876,6 +887,17 @@ func expandNestedAccessContextManagerServicePerimeterDryRunIngressPolicyIngressT return v, nil } +func resourceAccessContextManagerServicePerimeterDryRunIngressPolicyEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + // Set the access_policy_id field from part of the perimeter parameter. + + // The is logic is inside the encoder since the access_policy_id field is part of + // the mutex lock and encoders run before the lock is set. + parts := strings.Split(d.Get("perimeter").(string), "/") + d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts[1])) + + return obj, nil +} + func flattenNestedAccessContextManagerServicePerimeterDryRunIngressPolicy(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { var v interface{} var ok bool diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource.go index 531d6066b13..6bfefdbe0a5 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource.go @@ -22,6 +22,7 @@ import ( "log" "net/http" "reflect" + "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -61,6 +62,11 @@ func ResourceAccessContextManagerServicePerimeterDryRunResource() *schema.Resour Currently only projects are allowed. Format: projects/{project_number}`, }, + "access_policy_id": { + Type: schema.TypeString, + Computed: true, + Description: `The name of the Access Policy this resource belongs to.`, + }, }, UseJSONNumber: true, } @@ -81,7 +87,12 @@ func resourceAccessContextManagerServicePerimeterDryRunResourceCreate(d *schema. obj["resource"] = resourceProp } - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter_name}}") + obj, err = resourceAccessContextManagerServicePerimeterDryRunResourceEncoder(d, meta, obj) + if err != nil { + return err + } + + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -232,7 +243,7 @@ func resourceAccessContextManagerServicePerimeterDryRunResourceDelete(d *schema. billingProject := "" - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter_name}}") + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -319,6 +330,17 @@ func expandNestedAccessContextManagerServicePerimeterDryRunResourceResource(v in return v, nil } +func resourceAccessContextManagerServicePerimeterDryRunResourceEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + // Set the access_policy_id field from part of the perimeter_name parameter. + + // The is logic is inside the encoder since the access_policy_id field is part of + // the mutex lock and encoders run before the lock is set. + parts := strings.Split(d.Get("perimeter_name").(string), "/") + d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts[1])) + + return obj, nil +} + func flattenNestedAccessContextManagerServicePerimeterDryRunResource(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { var v interface{} var ok bool diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_egress_policy.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_egress_policy.go index bec1a57b321..1311ecd677d 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_egress_policy.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_egress_policy.go @@ -24,6 +24,7 @@ import ( "reflect" "slices" "sort" + "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -286,6 +287,11 @@ the perimeter.`, }, }, }, + "access_policy_id": { + Type: schema.TypeString, + Computed: true, + Description: `The name of the Access Policy this resource belongs to.`, + }, }, UseJSONNumber: true, } @@ -312,7 +318,12 @@ func resourceAccessContextManagerServicePerimeterEgressPolicyCreate(d *schema.Re obj["egressTo"] = egressToProp } - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") + obj, err = resourceAccessContextManagerServicePerimeterEgressPolicyEncoder(d, meta, obj) + if err != nil { + return err + } + + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -468,7 +479,7 @@ func resourceAccessContextManagerServicePerimeterEgressPolicyDelete(d *schema.Re billingProject := "" - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -888,6 +899,17 @@ func expandNestedAccessContextManagerServicePerimeterEgressPolicyEgressToOperati return v, nil } +func resourceAccessContextManagerServicePerimeterEgressPolicyEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + // Set the access_policy_id field from part of the perimeter parameter. + + // The is logic is inside the encoder since the access_policy_id field is part of + // the mutex lock and encoders run before the lock is set. + parts := strings.Split(d.Get("perimeter").(string), "/") + d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts[1])) + + return obj, nil +} + func flattenNestedAccessContextManagerServicePerimeterEgressPolicy(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { var v interface{} var ok bool diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_ingress_policy.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_ingress_policy.go index e44316afa44..3f961a02b3b 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_ingress_policy.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_ingress_policy.go @@ -24,6 +24,7 @@ import ( "reflect" "slices" "sort" + "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -293,6 +294,11 @@ also matches the 'operations' field.`, }, }, }, + "access_policy_id": { + Type: schema.TypeString, + Computed: true, + Description: `The name of the Access Policy this resource belongs to.`, + }, }, UseJSONNumber: true, } @@ -319,7 +325,12 @@ func resourceAccessContextManagerServicePerimeterIngressPolicyCreate(d *schema.R obj["ingressTo"] = ingressToProp } - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") + obj, err = resourceAccessContextManagerServicePerimeterIngressPolicyEncoder(d, meta, obj) + if err != nil { + return err + } + + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -475,7 +486,7 @@ func resourceAccessContextManagerServicePerimeterIngressPolicyDelete(d *schema.R billingProject := "" - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") + lockName, err := tpgresource.ReplaceVars(d, config, "{{access_policy_id}}") if err != nil { return err } @@ -877,6 +888,17 @@ func expandNestedAccessContextManagerServicePerimeterIngressPolicyIngressToOpera return v, nil } +func resourceAccessContextManagerServicePerimeterIngressPolicyEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + // Set the access_policy_id field from part of the perimeter parameter. + + // The is logic is inside the encoder since the access_policy_id field is part of + // the mutex lock and encoders run before the lock is set. + parts := strings.Split(d.Get("perimeter").(string), "/") + d.Set("access_policy_id", fmt.Sprintf("accessPolicies/%s", parts[1])) + + return obj, nil +} + func flattenNestedAccessContextManagerServicePerimeterIngressPolicy(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { var v interface{} var ok bool diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeters.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeters.go index 21b8e296571..734b31b0f59 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeters.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeters.go @@ -886,6 +886,13 @@ func resourceAccessContextManagerServicePerimetersCreate(d *schema.ResourceData, obj["parent"] = parentProp } + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{parent}}/servicePerimeters:replaceAll") if err != nil { return err @@ -998,6 +1005,13 @@ func resourceAccessContextManagerServicePerimetersUpdate(d *schema.ResourceData, obj["parent"] = parentProp } + lockName, err := tpgresource.ReplaceVars(d, config, "{{parent}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{parent}}/servicePerimeters:replaceAll") if err != nil { return err diff --git a/website/docs/r/access_context_manager_access_level_condition.html.markdown b/website/docs/r/access_context_manager_access_level_condition.html.markdown index 208f9cf6a5c..2c07fdef795 100644 --- a/website/docs/r/access_context_manager_access_level_condition.html.markdown +++ b/website/docs/r/access_context_manager_access_level_condition.html.markdown @@ -239,6 +239,9 @@ In addition to the arguments listed above, the following computed attributes are * `id` - an identifier for the resource with format `{{access_level}}` +* `access_policy_id` - + The name of the Access Policy this resource belongs to. + ## Timeouts diff --git a/website/docs/r/access_context_manager_egress_policy.html.markdown b/website/docs/r/access_context_manager_egress_policy.html.markdown index 512ac8254ea..7ea4deb4ef5 100644 --- a/website/docs/r/access_context_manager_egress_policy.html.markdown +++ b/website/docs/r/access_context_manager_egress_policy.html.markdown @@ -50,6 +50,9 @@ In addition to the arguments listed above, the following computed attributes are * `id` - an identifier for the resource with format `{{egress_policy_name}}/{{resource}}` +* `access_policy_id` - + The name of the Access Policy this resource belongs to. + ## Timeouts diff --git a/website/docs/r/access_context_manager_ingress_policy.html.markdown b/website/docs/r/access_context_manager_ingress_policy.html.markdown index e1b4ff61451..e40fd93ee67 100644 --- a/website/docs/r/access_context_manager_ingress_policy.html.markdown +++ b/website/docs/r/access_context_manager_ingress_policy.html.markdown @@ -50,6 +50,9 @@ In addition to the arguments listed above, the following computed attributes are * `id` - an identifier for the resource with format `{{ingress_policy_name}}/{{resource}}` +* `access_policy_id` - + The name of the Access Policy this resource belongs to. + ## Timeouts diff --git a/website/docs/r/access_context_manager_service_perimeter_dry_run_egress_policy.html.markdown b/website/docs/r/access_context_manager_service_perimeter_dry_run_egress_policy.html.markdown index 973cbce79a0..18938e73ae4 100644 --- a/website/docs/r/access_context_manager_service_perimeter_dry_run_egress_policy.html.markdown +++ b/website/docs/r/access_context_manager_service_perimeter_dry_run_egress_policy.html.markdown @@ -202,6 +202,9 @@ In addition to the arguments listed above, the following computed attributes are * `id` - an identifier for the resource with format `{{perimeter}}` +* `access_policy_id` - + The name of the Access Policy this resource belongs to. + ## Timeouts diff --git a/website/docs/r/access_context_manager_service_perimeter_dry_run_ingress_policy.html.markdown b/website/docs/r/access_context_manager_service_perimeter_dry_run_ingress_policy.html.markdown index db0616d0395..b944d4a08bb 100644 --- a/website/docs/r/access_context_manager_service_perimeter_dry_run_ingress_policy.html.markdown +++ b/website/docs/r/access_context_manager_service_perimeter_dry_run_ingress_policy.html.markdown @@ -215,6 +215,9 @@ In addition to the arguments listed above, the following computed attributes are * `id` - an identifier for the resource with format `{{perimeter}}` +* `access_policy_id` - + The name of the Access Policy this resource belongs to. + ## Timeouts diff --git a/website/docs/r/access_context_manager_service_perimeter_dry_run_resource.html.markdown b/website/docs/r/access_context_manager_service_perimeter_dry_run_resource.html.markdown index 427ed3d04de..2ad5a4a2a84 100644 --- a/website/docs/r/access_context_manager_service_perimeter_dry_run_resource.html.markdown +++ b/website/docs/r/access_context_manager_service_perimeter_dry_run_resource.html.markdown @@ -96,6 +96,9 @@ In addition to the arguments listed above, the following computed attributes are * `id` - an identifier for the resource with format `{{perimeter_name}}/{{resource}}` +* `access_policy_id` - + The name of the Access Policy this resource belongs to. + ## Timeouts diff --git a/website/docs/r/access_context_manager_service_perimeter_egress_policy.html.markdown b/website/docs/r/access_context_manager_service_perimeter_egress_policy.html.markdown index 3de901d78b3..400be86a21d 100644 --- a/website/docs/r/access_context_manager_service_perimeter_egress_policy.html.markdown +++ b/website/docs/r/access_context_manager_service_perimeter_egress_policy.html.markdown @@ -202,6 +202,9 @@ In addition to the arguments listed above, the following computed attributes are * `id` - an identifier for the resource with format `{{perimeter}}` +* `access_policy_id` - + The name of the Access Policy this resource belongs to. + ## Timeouts diff --git a/website/docs/r/access_context_manager_service_perimeter_ingress_policy.html.markdown b/website/docs/r/access_context_manager_service_perimeter_ingress_policy.html.markdown index 2d6cb51abb4..aefa1679bd0 100644 --- a/website/docs/r/access_context_manager_service_perimeter_ingress_policy.html.markdown +++ b/website/docs/r/access_context_manager_service_perimeter_ingress_policy.html.markdown @@ -218,6 +218,9 @@ In addition to the arguments listed above, the following computed attributes are * `id` - an identifier for the resource with format `{{perimeter}}` +* `access_policy_id` - + The name of the Access Policy this resource belongs to. + ## Timeouts