From 03dfd065410278a28420a3414a8e069fde8f37bf Mon Sep 17 00:00:00 2001 From: Roberto Jung Drebes Date: Thu, 19 Sep 2019 22:33:39 +0000 Subject: [PATCH] private-googleapis data source support Signed-off-by: Modular Magician --- .../data_source_google_netblock_ip_ranges.go | 8 +++++++- ...a_source_google_netblock_ip_ranges_test.go | 19 +++++++++++++++++++ ...ce_google_netblock_ip_ranges.html.markdown | 4 +++- 3 files changed, 29 insertions(+), 2 deletions(-) diff --git a/google/data_source_google_netblock_ip_ranges.go b/google/data_source_google_netblock_ip_ranges.go index 1f39d0ab871..0b321f88a74 100644 --- a/google/data_source_google_netblock_ip_ranges.go +++ b/google/data_source_google_netblock_ip_ranges.go @@ -68,11 +68,17 @@ func dataSourceGoogleNetblockIpRangesRead(d *schema.ResourceData, meta interface d.Set("cidr_blocks_ipv6", CidrBlocks["cidr_blocks_ipv6"]) // Static ranges case "restricted-googleapis": - // https://cloud.google.com/vpc/docs/configure-private-google-access-hybrid + // https://cloud.google.com/vpc/docs/private-access-options#domain-vips CidrBlocks["cidr_blocks_ipv4"] = append(CidrBlocks["cidr_blocks_ipv4"], "199.36.153.4/30") CidrBlocks["cidr_blocks"] = CidrBlocks["cidr_blocks_ipv4"] d.Set("cidr_blocks", CidrBlocks["cidr_blocks"]) d.Set("cidr_blocks_ipv4", CidrBlocks["cidr_blocks_ipv4"]) + case "private-googleapis": + // https://cloud.google.com/vpc/docs/private-access-options#domain-vips + CidrBlocks["cidr_blocks_ipv4"] = append(CidrBlocks["cidr_blocks_ipv4"], "199.36.153.8/30") + CidrBlocks["cidr_blocks"] = CidrBlocks["cidr_blocks_ipv4"] + d.Set("cidr_blocks", CidrBlocks["cidr_blocks"]) + d.Set("cidr_blocks_ipv4", CidrBlocks["cidr_blocks_ipv4"]) case "dns-forwarders": // https://cloud.google.com/dns/zones/#creating-forwarding-zones CidrBlocks["cidr_blocks_ipv4"] = append(CidrBlocks["cidr_blocks_ipv4"], "35.199.192.0/19") diff --git a/google/data_source_google_netblock_ip_ranges_test.go b/google/data_source_google_netblock_ip_ranges_test.go index 50602bcdb4d..07665a60234 100644 --- a/google/data_source_google_netblock_ip_ranges_test.go +++ b/google/data_source_google_netblock_ip_ranges_test.go @@ -61,6 +61,19 @@ func TestAccDataSourceGoogleNetblockIpRanges_basic(t *testing.T) { resource.TestCheckResourceAttr("data.google_netblock_ip_ranges.restricted", "cidr_blocks_ipv6.#", "0"), ), }, + { + Config: testAccNetblockIpRangesConfig_private, + Check: resource.ComposeTestCheckFunc( + // Private Google Access Unrestricted VIP + resource.TestCheckResourceAttr("data.google_netblock_ip_ranges.private", "cidr_blocks.#", "1"), + resource.TestMatchResourceAttr("data.google_netblock_ip_ranges.private", + "cidr_blocks.0", regexp.MustCompile("^(?:[0-9a-fA-F./:]{1,4}){1,2}.*/[0-9]{1,3}$")), + resource.TestCheckResourceAttr("data.google_netblock_ip_ranges.private", "cidr_blocks_ipv4.#", "1"), + resource.TestMatchResourceAttr("data.google_netblock_ip_ranges.private", + "cidr_blocks_ipv4.0", regexp.MustCompile("^(?:[0-9]{1,3}.){3}[0-9]{1,3}/[0-9]{1,2}$")), + resource.TestCheckResourceAttr("data.google_netblock_ip_ranges.private", "cidr_blocks_ipv6.#", "0"), + ), + }, { Config: testAccNetblockIpRangesConfig_dns, Check: resource.ComposeTestCheckFunc( @@ -133,6 +146,12 @@ data "google_netblock_ip_ranges" "restricted" { } ` +const testAccNetblockIpRangesConfig_private = ` +data "google_netblock_ip_ranges" "private" { + range_type = "private-googleapis" +} +` + const testAccNetblockIpRangesConfig_dns = ` data "google_netblock_ip_ranges" "dns" { range_type = "dns-forwarders" diff --git a/website/docs/d/datasource_google_netblock_ip_ranges.html.markdown b/website/docs/d/datasource_google_netblock_ip_ranges.html.markdown index 493fbdf1078..f6e97ca9a2e 100644 --- a/website/docs/d/datasource_google_netblock_ip_ranges.html.markdown +++ b/website/docs/d/datasource_google_netblock_ip_ranges.html.markdown @@ -64,7 +64,9 @@ The following arguments are supported: * `google-netblocks` - Corresponds to IP addresses used for Google services. [More details.](https://support.google.com/a/answer/33786?hl=en) - * `restricted-googleapis` - Corresponds to the IP addresses used for Private Google Access and/or VPC Service Controls API access. [More details.](https://cloud.google.com/vpc/docs/configure-private-google-access-hybrid) + * `restricted-googleapis` - Corresponds to the IP addresses used for Private Google Access only for services that support VPC Service Controls API access. [More details.](https://cloud.google.com/vpc/docs/private-access-options#domain-vips) + + * `private-googleapis` - Corresponds to the IP addresses used for Private Google Access for services that do not support VPC Service Controls. [More details.](https://cloud.google.com/vpc/docs/private-access-options#domain-vips) * `dns-forwarders` - Corresponds to the IP addresses used to originate Cloud DNS outbound forwarding. [More details.](https://cloud.google.com/dns/zones/#creating-forwarding-zones)