From d42f1e816868956d368679a8ccb7bf6332969f09 Mon Sep 17 00:00:00 2001 From: Modular Magician Date: Tue, 26 Mar 2024 16:32:03 +0000 Subject: [PATCH] Sync main feature branch provider functions (#10273) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fixes: permadiff issue if event trigger region is not specified (#9989) * fixes: permadiff issue if event trigger region is not specified - fixes https://github.com/hashicorp/terraform-provider-google/issues/17161 * chore: Updated cloudfunction2 test with no explicit trigger_region * Fix GKE front matter, bad field docs (#10018) * Fix GKE front matter, bad field docs * Update container_cluster.html.markdown * added default value for minPortsPerVM field at "google_compute_router_nat" (#9712) * added default value for statis allocation * setting the default from API * add newline removal bash command in guidelines (#9734) * Update hashicorp/terraform-plugin-framework, hashicorp/terraform-plugin-mux, hashicorp/terraform-plugin-sdk/v2 (#10009) * Adding Data Source Forwarding Rules (#10004) * Fix broken terraform datasource google_compute_machine_types example (#10020) * Add check for Environment proto field before accessing in Dataflow provider (#10016) * Add comments to skipped sweeper (#10023) * Add comments for skipped sweepers (#10024) * C3 version schema (#9986) * add support for build number in composerEnvironmentVersionRegexp and composerImageVersionDiffSuppress * make build number optional * regroup regex, cleaner comparison of versions * correction * Add Resource Manager Tags support to 'google_container_cluster' (#9531) * resourceManagerTags added to Cluster Node Config schema * update beta tag * add cluster and node proto tests * add expand and flatten proto * removed beta tag * added to documentation * added resource manager tags to auto pilot * migrating resourceManagerTags tests * migrating node_pools test * migrating additional tests * minor fixes * fixing tests * add in-place update support * fixed tests * fixed annotations * validated clusters and node pools tests. Isolated node pool auto config * isolated resource manager tags from docs * fixed permission issue * fixed spaces * fixed non determinism on tag keys * removed auto_pilot rmts * fixed time_sleep * add depends_on to IAM policies * Add volume replication support for Google Cloud NetApp Volumes (#9816) * Initial replication commit * Cleanup work - Renamed a lot of files to make clear which resource the belong to - Updated documentation for resource fields - Renamed a few resource fields and changed some types - Disabled the custom code for now. Needs to be discussed first * Update example file * Updated example file * Major updates - Reorganisation of block - Reorganisation of fields to match API documentation - Updated example parameters - Added missing API fields - Improved descriptions - * For replication deletion, stop replication first * Add support for deleting destination volume on replication delete * Make volumes deletable in presence of snapshots. This change will be PRed for volume resource independently. Adding it here while it is not in main. * Improving debug error message * yaml check and format fix * Add wait for mirror to initialize. Required to run destroy shortly after create. * Wait on destroy, not on create * Make deleting a replication more robust - doc improvements - started to implement stop/resume. More work required. - renamed a few files to better reflect what they are good for * adding support for stop/resume * yamlformat and lint * Add force delete to delete volumes with nested snapshots * resource test first version * More changes to make tests solid - Introduced new parameter to wait for mirror_status==MIRRORED - more mirror state reconciliation * Test updates * few cleanups * Make virtual field verifies happy * Minor test improvements * More fine tuning - Remove merge conflict in volume.yaml - make generated test work - make output field work - ignore_read for virtual fields * Resource name change as suggested by @slevenick * Remove snapshot code block and fix typo * Detect manual stop/resume actions * Remove ignore_read for deletion_policy * - Made destinationVolumeParameters immutable. It still requires ignore_read. - removed ignore_read from virtual_fields * destinationVolumeParameters are only evaluated at create. Make the immutable. * Name cleanups and comment improvements * removed comment Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com> * tabs to spaces in resource block Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com> * Updates to address review comments - make wait_for_mirror also work for stop/resume, additionally to create - convert tabs in test resource blocks to spaces - fix typos * Rewording of comments Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com> --------- Co-authored-by: G-NamanGupta Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com> * Ensured that beta runs in TeamCity use only beta paths (#10025) * Ensured that beta runs in TeamCity use only beta paths * Added tests for sweeper package path * Adds description for default value of `cpuidle` field (#10005) * add description * remove tail space * Add location field in DNS authorization resource. (#9968) * Add location field in DNS authorization resource * Fixed the provider version of the updated config --------- Co-authored-by: Hamza Hassan * Add discoveryengine service (#10017) * Add validations for Composer 2/3 only fields (#9917) * block upgrade to composer 3 * make isComposer3 more generic, correct imageVersionChangeValidationFunc * added validation for Composer 2/3 specific fields * add tests for validation * add checks in flattenComposerEnvironmentConfig * Update attributes of fields not used in Composer 3 * make customizeDiff functions beta only * remove Computed from gke_cluster * remove Optional instead of Computed * add envCfg.PrivateEnvironmentConfig is nil check * modify isComposer3 to take string * minor correction to avoid merge conflicts * Made TestAccContainerCluster_withGatewayApiConfig error regex more forgiving (#10034) Fixed https://github.com/hashicorp/terraform-provider-google/issues/17319 * Add ceritificateManagerCertificates field to ComputeRegionTargetHttpsProxy resource (#10011) Co-authored-by: Hamza Hassan * Added missing quote marks to TEST_PREFIX (#10035) Without this, | gets interpreted as a pipe and the test count always becomes 0 if there are multiple prefixes supplied * Promote enable_confidential_storage from beta to GA (#9993) * Add IAM resources for Cloud Deploy Target (#9927) * Add IAM resources for Cloud Deploy Target * update * add back import_format * Add comments to skipped sweepers (#10028) * Add sweepers for gkebackupPlan and restorePlan (#10026) * add `remote_function_options` to bigquery_routine (#9893) * Add dataGovernanceType and remoteFunctionOptions to bigquery_routine * add function-sources.zip to biguquery fixtures * fix resource names in TestAccBigQueryRoutine * add bigquery routine remote function example * Adding documentaiton build_worker_pool (#10022) * docs: fix import example in google_project_iam (#10007) Fix the example in the `google_project_iam` documentation. https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_iam#import * ScottSuarez not on vacation anymore (#10052) * I'm on vaction :) * ScottSuarez not vaction anymore * ScottSuarez not vaction anymore * Promote (R)IGM.AllInstancesConfig to V1 (#9964) * Promote metric settings in compute region autoscaler to GA (#10045) * Fixed flakiness in TestAccDataPipelinePipeline_dataPipelinePipelineExample (#10040) * Retry delete network step while creating a google project. (#10046) * Adding the namespace_labels field to the GKE Hub Scope resource (#9972) * initial commit for scope-level namespace labels * Add validation exceptions for the field of the GKEHub Scope and Namespace resources to be of type * Undoing unnecessary changes * Fixing the type of Scope namespace_labels field * Support connectivity fields for Composer 3 (#9889) * add composer_network_attachment * indicate conflicting configs * commas * no need for bidirectional conflict definition (generates double errors) * protect nit PrivateClusterConfig * for optimizing error messages about conflicts * add 2 step update for composer_network_attachment * make composer_network_attachment available in beta only * add two step update for network and subnetwork * corrections in 2 phase update for network/subnetwork * remove composer3 check(CustomizeDiff will solve this), filter api error, add tests (unsetting netwok/subnetwork not working) * added ForceNewIf fot network/subnetwork, problem with unsetting these fields remains * add docs for composer_network_attachment * add test for network attachment * ignore non empty plan in network attachment test * add networkAttachment update and conflicting fields tests * add ComputedIf for network, change isComposer3 * minor corrections * remove computedIf * filter equivalent values of network/subnetwork in ForceNewIf * simplify ResourceConditionFunc, add beta/ga version conditions * typo * more general comparison of network references * use tpgresource.CompareSelfLinkRelativePaths instead of custom function * modify isComposer3 to avoid merge conflicts later. * removing this since documentation is handled in other PR and to avoid conflicts while merging. * replace ExpectNonEmptyPlan with lifecycle.ignore_changes * add testcase for changing network attachment to network and subnetwork * add third step to TestAccComposerEnvironmentComposer3_updateWithNetworkAndSubnetwork * modify tests to use different network for attachment * remove unused constant * remove ExpectNonEmptyPlan (already replaced with lifecycle.ignore_changes) * Fix resource name to have sweepable prefix (#9984) * doc(spanner): update documents to have example for IAM conditions use with google spanner database (#10049) * Promote Cloud Deploy Automation to GA (#10043) * Add Cloud Deploy Automation * Attempt to solve the test errors based on https://yaqs.corp.google.com/eng/q/7753655943518224384 * Add update test for the new automation resource * fix lint errors * fix lint errors * fix errors in GA provider test * add the missing test * add a full test * Attempt to fix the acceptance test errors * fix a lint error * mark labels as default_from_api:true * fix advance rollout rule definition * Mark service_account as 'ignore_read: true' * Fix test errors * Resolve review comments * Format test file * promote google_clouddeploy_automation to GA * promote google_clouddeploy_automation to GA * fix lint errors * Add cloudquota service (#10063) * TeamCity: Add validating GHAs that check Kotlin files listing services (#9999) * services diff gha * add needs * use setup-go@v3 * add artifacts * remove checkout * update directory * update common-copy.yaml * update common-copy.yaml * remove data print * add pull-request check on teamcitydiff * update paths in GHA * add exit code in diff_check * update exit output * add exit code diff_check.go * services_beta diff check support * beta services support args * add arg for services kt file * services_ga.kt in gha * move diff_check to tools folder * remove go command * provide path for artifacts download * add cd in Build Provider * update diff_check_beta.yml * fix paths * yml typo beta * directory testing * directory testing * fix directory issues with commands * refactor tools/teamcity-diff-check/main.go * directory check * typo * remove common copy * generate both providers into one gha * type artifacts name * add -o flag into artifacts download * use merge multiple artifacts * use artifact@v4 * use mmv1 directory for services file * remove .zip * output missing services from diff * find artifacts folder * use beta provider as only artifact * include google ga and beta in gha * artifact name * -o flag in artifacts * output stdout from go list command * diff test * output beta main.go * remove err check * remove services print / refactor for final review * output cleanup * uncomment go list err * regex assert * add check for new services in PR / set googleServices as groundtruth in serviceDifference function * add actions/checkout * logic fix * add needs: check-pr * add mmv1/products for pull-request event * set force depth 0 * Update .github/workflows/teamcity-services-diff-check.yml Co-authored-by: Sarah French <15078782+SarahFrench@users.noreply.github.com> * Update .github/workflows/teamcity-services-diff-check.yml Co-authored-by: Sarah French <15078782+SarahFrench@users.noreply.github.com> * use text file for services, add if statement in gha * directory typo * typo * typo in grep * quotations on if statement * unquote GITHUB_OUTPUT * add quotes on output.services * if test * echo output * github_output error fix * services.outputs * proper if statement syntax gpush * invalid 0 format * add missing assignment * fix openfile error * remove types in pull_request trigger * send txt files to correct directory * check services directory for ls command * add weekly workflow for teamcity diff check * change name for weekly check --------- Co-authored-by: Sarah French <15078782+SarahFrench@users.noreply.github.com> * Fixed `runtime` in app engine tests (#10047) * Fix google_notebooks_instance labels not being able to be updated (#9933) * add labels to runtime update test * Add labels to ImportStateVerifyIgnore * fix indentation * Add IAM resources for Cloud Deploy Custom Target Type (#10051) * Add IAM resources for Cloud Deploy Custom Target Type * Add base url override for Cloud Deploy Custom Target Type IAM policy * Update import format for IAM policy and primary resource name to examples for IAM generated tests * Remove unneeded cache step in TeamCity-related GHAs, lint GHA files (#10075) * Remove unneeded GHA steps - do we need to cache here? * Whitespace * Test change with fake new service * Resolve build error in fake service * Re-order GHA steps and add name * Add name to checkout step * Add comments, remove extra whitespace * Remove fake new service * Add output to identifiers, check for project as well as projectsId (#10081) * Add output to identifiers, check for project as well as projectsId * Correct identifier behavior * Rubocop * remove nickelliot/zli82016 from vacation reviewers (#10080) * Update membership.go * Update membership.go * Update enrolled_teams.yml (#10082) * Fix resource_bigquery_dataset ID validation (#10027) * fix resource_bigquery_dataset ID validation * skip the new validation tests for VCR * update dataset IDs to be valid in terraform-google-conversion example files * update more dataset IDs in the CAI files * Prevent duplicate entries in vcr results (#10068) * Prevent duplicate entries in vcr results * Create empty map * Only collect result from current test * Split github tokens (#9988) * Split github tokens * Update .ci/gcb-generate-diffs-new.yml Co-authored-by: Stephen Lewis (Burrows) * Remove redundant downstreams token * Make diff processor use new token * Update path to markdown file * Replace GITHUB_TOKEN * Make github tokens optional for generate downstream * Allow either github token to be used * Replace GITHUB_TOKEN * Move environment variable lookup out of constructor * Update .ci/magician/vcr/tester.go Co-authored-by: Stephen Lewis (Burrows) * Add downstream token * Make request reviewer use GITHUB_TOKEN and tgc integration use GITHUB_TOKEN_CLASSIC * Apply suggestions from code review Co-authored-by: Stephen Lewis (Burrows) --------- Co-authored-by: Stephen Lewis (Burrows) * Instance lifecycle policy default action on failure implementation (#10050) * Add wait in `TestAccAppEngineStandardAppVersion_update` test to avoid 'API has not been used in project' error (#10076) * Add wait in acc test to avoid 'API has not been used in project' error * Add external provider `time` * Fix defect when referencing google_project resource * Set GITHUB_TOKEN environment variable for hub (#10091) * fix forceNew on master_ipv4_cidr_block and private_endpoint_subnetwork (#10089) * make go-converted YAML compatible with go compiler (#10033) Co-authored-by: Zhenhua Li Co-authored-by: Nick Elliot * Revert "Promote metric settings in compute region autoscaler to GA" (#10095) This reverts commit c3ce700765fbc4b3dc9896da767194b8eda9a13d. * Add type field to DNS authorization reosurce (#10030) * Add type field to DNS authorization reosurce * Add an example for regional DNS authorization * Add an example for regional certs using regional DNS auth * Fix lint errors * Fix typo in the enum values * Add type field in regional dns auth example --------- Co-authored-by: Hamza Hassan * TeamCity: Refactor config tests (#9956) * Add test util for locating a subproject 2 layers deep * Refactor tests to use new helper function * Consolidate testing of service sweeper builds, refactor `getSubProject` to return non-nullable value * Refactor new sweeper tests * Update `teamcity-diff-check` script and GHAs to have more explicit calls to action (#10098) * TeamCity: enable ad hoc triggers of teamcity-diff-check GHA (#10099) * Revert "fix forceNew on master_ipv4_cidr_block and private_endpoint_subnetwork (#10089)" (#10096) * subnetwork and service_account_email params described (17211) (#10102) * subnetwork and service_account_email params described (17211) * Doc adjustment * Update provider name in various spots (#10092) * Go compiler skeleton and early terraform.rb provider code (#10104) * Remove provider-related caches to address cache issues (#10097) We keep exceeding the 10GB cache limit for the repo, resulting in workflows stalling for 30min on caching steps and then timing out. * Fix hashicorp/terraform-provider-google#17388 (only run tests in beta) (#10093) * Revert "Fix hashicorp/terraform-provider-google#17388 (only run tests in beta)" (#10111) This reverts commit ae819d0619edd36414af1c5dc5f9e68a6b999174. * Add support for string --> object map for DCL resources (#10039) * Add support for string --> object map for DCL resources * Fix whitespace in template * Add test, need updated DCL to work * Add override for key name * Both overrides * Update docs, prepend key for maps * Update bundle descriptions * Comment update * fix permadiff by reading empty docker_config field (#10113) * Import package golang.org/x/exp/slices in MMv1 go compiler (#10108) * fix(kms): certificate chain type to array of strings (#9582) * Bump GHA actions to navigate deprecations of NodeJS 12 and 16 (#10110) * Update all uses of `actions/cache` to v3 * Update all uses of `actions/checkout` to v4 * Update all uses of `actions/upload-artifact` to v3.1.0 * Update all uses of `actions/setup-go` to v4.0.0 * Update all uses of `ruby/setup-ruby` to v1.160.0 from v1.144.2 [v1.160.0](https://github.com/ruby/setup-ruby/releases/tag/v1.160.0) is the version after they upgraded to NodeJS 20 where they fixed some issues from the upgrade from nodejs 16->20 The previous version, ruby/setup-ruby@ec02537da5712d66d4d50a0f33b7eb52773b5ed1, is v1.144.2 * Address dependency issues in TestAccFirestoreField_* tests (#9957) * Add additional wait in TestAccFirestoreField_* tests * Boost wait in test to 6 minutes * Add dependency between database and service to control delete order * Update dependency to explicitly include project * Make firestore fields be removed from state when they're 'deleted' * Add `destroy_duration` * Remove from state after log line that uses id value * Update destory check to accept a 403 as valid * Remove unneeded changes in PR * Remove call to SetId * add network_url attribute in consumer_accept_list block of google_compute_service_attachment resource (#9895) * add network_url attribute in consumer_accept_list block of google_compute_service_attachment resource * Bugfix: Use SelfLinkRelativePath check to prevent false positive resource changes * Update the GCF resource to reflect transition from Container Registry to Artifact Registry (#10058) * Handwrite sweepers for networkConnectivity hubs and spokes (#10069) * Fix wrong variable in override logic (#10125) * Make missing test detector reader into a separate module (#10115) * Use old github token if new tokens are not available (#10114) * Use old github token if new tokens are not available * Add lookup function for github token or fallback * Add fall back * Add fallback * Add test for PATCH environment type (#10131) * Add new resource for Application for Apphub (#10079) * Add new resource for Application for Apphub * Add new resource for Application for Apphub * Enable Apphub API in test cases * Fix precheck error * Fix precheck error * Resolve comments * Fix lint error * Fix examples * Remove apphub from teamcity config This causes PR build failures, I'll add it later --------- Co-authored-by: Sam Levenick * Add apphub (#10133) Adds AppHub to APIs to activate * Allow sending empty app_engine and serverless google_compute_region_network_endpoint_group (#10031) * Support service-level min instances in Cloud Run v2 services. (#10083) * feat: Add CMEK support for Firestore database in Beta provider (#10044) * Modify database.yaml to add cmek related fields * Add two examples for firestore CMEK databases for testing * Resolve trailing space * Update documentation for kmsKeyName field * Resolve trailing space * Make field immutable * Update field documentation * Update field description * Allow vcenter_network to be set (#9946) * Allow vcenter_network to be set * set default from api * Sort resources and set in product in go compiler (#10135) * fix failing posture test (#10086) * fix failing posture test * modify posture name --------- Co-authored-by: Sneha Prasad * Create support for KMS Ekmconnection resource (#10094) * Fixes two lifecycle rules with different no_age value always generates change. (#10137) * TeamCity: Add project for testing the provider functions feature branch (#10088) * Add ability to use non-default versions of Terraform in TeamCity builds * Add function to enable making build configs for single packages at a time * Add new sub project that contains 2 builds for testing provider functions the 2 builds: 1) only pulls code from the feature branch on the downstream hashicorp/terraform-provider-google repo 2) only pulls code from the feature branch on the downstream hashicorp/terraform-provider-google-beta repo These builds both use an alpha release of TF 1.8.0 * Add builds for testing auto generated branches in the MM upstream repos These re-use existing VCR Roots. * Make the builds that test the `FEATURE-BRANCH-provider-functions branches in the downstream repos run every night at the default time * Fix defect in 'Download Terraform' build step definition * Update build step to solve bug * Update build_configuration_per_package.kt * Add `ephemeral_directories` to google_workstations_workstation_config (#10042) * Add `ephemeral_directories` to google_workstations_workstation_config * Remove trailing spaces * Add a test for ephemeral_directories * Fix test * Add a test for source_image * Fix typo in test * Remove unnecessary immutable field * App Check DeviceCheck provider (#9978) * App Check DeviceCheck provider * Remove minimal example & pattern field * Add real private keys that are not useful anywhere * Limit tests to beta * Documentation (#10012) * duplicate Composer 2 argument reference * remove fields that are not supported in Composer 3 * move fields that are new in Composer 3 to Composer 3 section only * make suggested changes, add description if new versioning schema * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown, remove outdated info Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * add notice that composer 3 is not yet released. * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Stephen Lewis (Burrows) * specify composer version in section links. * specify composer version in composer 1 documentation links * add section links in composer 2 argument reference * add section links in composer 3 argument reference * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> * Update mmv1/third_party/terraform/website/docs/r/composer_environment.html.markdown Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> --------- Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> Co-authored-by: Stephen Lewis (Burrows) * Promote metric settings in compute region autoscaler to GA (#10103) * Clarified permissions for a few workflows (#10124) * Clarified permissions for a few workflows * fixed conditions for running repository-documentation workflows * Bumped actions/checkout to v4 * force downstream generation * Revert "force downstream generation" This reverts commit d54857b4dc5767ab8f98543e6a84d25c8be1104a. * Post statuses earlier (#10128) * Post initial statuses earlier so that we are resilient issues during cloning * force generation * Revert "force generation" This reverts commit 864ec92ec03b75dea021cdb617d86d31112d9140. * Make TestAccDefaultUniverseDomain_doesNotMatchExplicit independent from test credentials (#10140) * Simplified / clarified approval flow for presubmits (#10142) * Simplified / clarified approval flow for presubmits * Force generation * Removed unused command args and cleaned up documentation for membership-checker * Revert "Force generation" This reverts commit db32066e198daf930006f72bae43602f22d8e3d9. * Clean up delete template (#10144) * added missing web documentation about create_timestamp for compute_(region_)instance_group_manager (#10148) * Move pre_delete code closer to the request (#10143) * Create resource definition for IAP Tunnel DestGroup (#10064) * Add new resource for Service Project for Apphub (#10048) FIXES https://github.com/hashicorp/terraform-provider-google/issues/17405 * [#15779] Add google_network_security_firewall_endpoint_association resource (#9815) * [#15779] Add google_network_security_firewall_endpoint_association resource * Fixing tests * Fixes * Add test for update --------- Co-authored-by: Luca Prete * update teamcity diff check to run every monday morning also (#10159) * Add DisplayName to Product struct (#10161) * Add data source for apphub discovered service (#10105) * Add data source for apphub discovered service * Add data source for apphub discovered service' * Add data source for apphub discovered service * resolved comments * retry logic added * add tests and documentation * Corrected tests and added project field in the data source * changed id field * Added random_suffix for the resources created and enabled iam policy and compute api * modified retry logic * Modified schema for the data source, and tests * Removed IAM permission blocks * Add dependency for compute api * Resolve merge conflict * Add time sleep * Modified test function name * Shorten service project name * Add billing account * corrected get env variable function call * Modified project id * Combined time delay * Resolving comments * Remove retry logic and add time sleep for resource ingestion * Graduate support of GKE Queued Provisioning to GA (#10053) * Update index page of documentation to link to issue templates for Bugs and FRs (#10160) * Update index page of documentation to link to issue templates for Bugs and FRs * Remove unused param from URL * Remove other unused parameter from URL * Add data source for AppHub discovered workload (#10107) * Add data source for Apphub discovered workload * Add data source for Apphub discovered workload * Add data source for Apphub Discovered Workload * Resolved comments * Resolved comments * Resolved comments * Resolved comments * Add tests and documentation for data source discovered workload * Resolved comments and added tests * Resolved comments * Added modifications in tests, data source and documentation * Added modifications in tests, data source and documentation * Added modifications in tests, data source and documentation * Verified tests * Tests Verification * Tests Verification * Updated logic to obtain workload_uri * Updated logic to obtain workload_uri * Resolved comments * Resolved comments * Add billing account and shorten service project name * Add header * Change the project name to start with tf-test * Resolved comments * Lint changes * Removing two sleeps * Removing two sleeps * Modifying documentation * Resolved tests * Resolved comments * Resolved comments * logic modification * Update Retry logic * Update Retry logic * Resolved tests * Adding workload_uri description * Adding workload_uri description * Update Documentation for ACM Service Perimeter resources to reflect Granular Controls group support (#10087) groups Co-authored-by: Charles Leon * fix tags cause notebooks instances to recreate (#10179) * add labels to runtime update test * Add labels to ImportStateVerifyIgnore * fix indentation * fix tags cause notebooks instances to create * Documentation Fix compute_security_policy (#9732) Fix mixed up descriptions between request_uri and request_query_param. * Add new resource Workload for Apphub (#10155) * Add new resource Workload for Apphub * Fix lint error * Add billing account * Remove extra delay from test * Resolve comments * Add handwritten update test * Fix lint error * Add data source changes * Remove merged changes * Remove merged changes * Batch all update tests into one step to make test fast * Add a delay between discovered resource fetch and managed instance group manager creation * Add back org_id * Update region from us-east1 to us-central1 * Use standard diff suppress function --------- Co-authored-by: praseedhaPK <161299686+praseedhaPK@users.noreply.github.com> Co-authored-by: Krishnan Gopal * Fix for PrivateNat test failures (#10174) * Add new resource Service for Apphub (#10132) * Add new resource for Service Project for Apphub FIXES https://github.com/hashicorp/terraform-provider-google/issues/17405 * Add new resource for Service Project for Apphub FIXES https://github.com/hashicorp/terraform-provider-google/issues/17405 * Add new resource for Service Project Attachment for Apphub FIXES https://github.com/hashicorp/terraform-provider-google/issues/17405 * Add new resource for Service Project Attachment for Apphub FIXES https://github.com/hashicorp/terraform-provider-google/issues/17405 * Add new resource for Service Project Attachment for Apphub FIXES https://github.com/hashicorp/terraform-provider-google/issues/17405 * Add new resource for Application for Apphub * Add new resource for Application for Apphub * Enable Apphub API in test cases * Add new resource for Service Project Attachment for Apphub FIXES https://github.com/hashicorp/terraform-provider-google/issues/17405 * Enable apphub API in test cases * Fix precheck error * Fix precheck error * Fix precheck error * Fix precheck error * Resolve comments * Fix lint error * Fix errors * Add new resource for Service for Apphub * Fix examples * Add test * Fix tests * Add IAM permissions * Add IAM permission * Fix IAM issues * Remove merged changes * Add billing account * Remove extra delay from tests * Add handwritten update test * Remove merged changes * Make changes to yaml file incorporating comments from https://github.com/GoogleCloudPlatform/magic-modules/pull/10155 * Fix lint errors in Service YAML definition * Add a delay between discovered resource fetch and forwarding rule creation * Add a delay between discovered resource fetch and forwarding rule creation * Add a delay between discovered resource fetch and forwarding rule creation * Batch update tests to improve speed * Use standard diff suppress function * Update region from us-east1 to us-central1 --------- Co-authored-by: Krishnan Gopal Co-authored-by: praseedhaPK <161299686+praseedhaPK@users.noreply.github.com> * feat: add credentials_secret field in azure blob storage block for google storage transfer job resource (#9278) * feat: add `credentials_secret` in `azure_blob_storage_data` source config * feat: add version guard for `credentials_secret` as in preview * docs: add documentation on `credentials_secret` * Added CloudQuotas service and Create QuotaInfo Datasource (#10071) * add quota info data source * add test and documention for quota_info data source * fix lint error * clean up * update test * manually import cloudquotas to terraform provider * Update mmv1/third_party/terraform/provider/provider_mmv1_resources.go.erb Co-authored-by: Riley Karson * Update mmv1/third_party/terraform/provider/provider_mmv1_resources.go.erb Co-authored-by: Riley Karson --------- Co-authored-by: Riley Karson * Update comments in .teamcity/ files for clarity (#10149) * Make warning about files being controlled by MM more explicit * Add guidance to the input files about how to update them, and when * Add fields pathTemplateMatch and pathTemplateRewrite to resource google_compute_region_url_map (#10157) * Refactor TeamCity Services Diff Check to run as one job (#10158) * Add explicity dependency on IAM in PubSub acc test config (#9921) * Improve the error messages when mmv1 compilation fails (#10191) * Update enrolled teams (#10192) * Fix generate comment diff processor build failure (#10164) * Refactored generate_comment to continue in the face of errors Also switched to go template for comment formatting * Moved to structured data for diffs Also added error formatting into comment * Added basic tests for comment formatting * Skipped missing tests and breaking changes if repo failed to clone * Force generation * Breaking change * Fixed error display in diff comment * Marked diff-processor targets as not being real files * Added PATH to diffProcessorEnv * Fixed formatting for error sections * Cleaned up passthrough env var usage * Made exec.sh exit 1 if there are any errors running the magician * Don't error on initial build of the magician binary * Added missing env var for diff processor build * Force generation of tf-oics * Revert "Force generation of tf-oics" This reverts commit fcb65f121cbb0f7040a6b40c635eae3b318d936d. * Revert "Force generation" This reverts commit 596d1eb5afb10d36ab934411e0f1c47aa8b363e9. * Revert "Breaking change" This reverts commit fb04ad401e1d4ee93ef767297a2a59af7d2acffa. * Force missing test run * force missing tests to run - take 2 * Revert "force missing tests to run - take 2" This reverts commit 34f7d16a8442f09aa4a52e0ceafb8dae73f89b08. * Revert "Force missing test run" This reverts commit 90e664a935c4645314c3aabf1f48836e4547fc68. * Rewrite versions related functions (#10181) * Update Dockerfiles to Go 1.21 (#10175) * Add an override for generating long form tests (#10162) * Update to go 1.21 (#10169) * Update .go-version file in TPG and TPGB repos * Update go.mod used to generate TPG/TPGB and run `go mod tidy` * Update go.mod in mmv1/third_party/terraform/scripts * Update go.mod in mmv1 * Update go.mod in docs * Update go.mod in tools/go-changelog and run `go mod tidy` * Update go.mod in tools/missing-test-detector and run `go mod tidy` * Update go.mod in tools/diff-processor * Update go.mod in tools/issue-labeler * Update go.mod in tools/teamcity-generator * Update go.mod in tpgtools and run `go mod tidy` * Update doctor script to ensure developers use Go 1.21 locally * Update GHA workflows to use Go 1.21 * Add missing update to GHA * Add note about permissions (#10195) * Fix the bug for computed labels and annotations (#10182) * AndroidApp package_name should be immutable & required (#10194) * Fix service team reviews (#10200) * Corrected unknown command messge to clean up stderr * Made tests throw error if team name is empty * Fixed handling of unset github_team name * Add gcs volume type to Cloud Run v2 beta provider (#9746) * Add gcs volume type to Cloud Run v2 beta provider * update gcs v2 docs to specify required launch stage and execution environment * merge changes with upstream * cloudrunv2: Validate number of ports specified restricting to 1. (#10173) * cloudrunv2: Validate number of ports specified restricting to 1. * Update mmv1/products/cloudrunv2/Service.yaml * Bump google.golang.org/protobuf from 1.28.1 to 1.33.0 in /.ci/magician (#10196) Bumps google.golang.org/protobuf from 1.28.1 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * attempt at fixing the (R)IGM.status output message (#10188) * attempt at fixing the (R)IGM.status output message * Fix plural of instances * Fix plural of instances * Fix plural of instances * Fix plural of instances * Access Context Manager - make ingress and egress rules immutable (#10147) * Access Context Manager - make ingress and egress rules immutable * Move immutable state to top level resource --------- Co-authored-by: Charles Leon * Bump golang.org/x/net from 0.10.0 to 0.17.0 in /.ci/magician (#9243) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.10.0 to 0.17.0. - [Commits](https://github.com/golang/net/compare/v0.10.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix datastream private connection sweeper (#10201) * fix datastream private connection sweeper * update * run gofmt * Add SarahFrench to on vacation list (#10189) * Modify issue labeler to skip linked issues (#10199) * Modify issue labeler to skip linked issues * Update tests * Remove misleading examples from docs for `google_dataform_repository`, add new example (#10187) * Remove misleading examples from docs for `google_dataform_repository`, add new example * Remove unusued var from new example * Fix typo * Fix other instances of typo * Bump google.golang.org/grpc from 1.53.0 to 1.56.3 in /.ci/magician (#9366) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.53.0 to 1.56.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.53.0...v1.56.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Moving the netapp kmsconfig resource update test to a different region to avoid conflict with create test (#10185) * Only run mmv1 rake tests and yaml linting if relevant files have changed (#10207) * Only run mmv1 rake tests and yaml linting if relevant files have changed * fix path for rb files Co-authored-by: Sarah French <15078782+SarahFrench@users.noreply.github.com> --------- Co-authored-by: Sarah French <15078782+SarahFrench@users.noreply.github.com> * Clean up functions and add slice utility functions (#10210) * Clean up function all_resourcerefs * Add slice utility functions * Change sensitive_props as resource method * Removed github-differ bash scripts (#10208) * Add ingestion settings to `google_pubsub_topic` (#9985) * Add ingestion settings to `google_pubsub_topic` * Add ingestion settings to `google_pubsub_topic` * Add create/update tests for `google_pubsub_topic` ingestion settings * Update topic ingestion settings test * Run Firestore index tests in fresh databases. (#10168) * Run Firestore index tests in fresh databases. This removes the index dependency on creating a document, as creating indexes on a non-existent collection is a valid operation in Firestore. This removes the dependency on a fixed (default) database, which should deflake tests. Fixes #17393. * Move project_id to test_env_vars. * Move project_id to test_env_vars for datastore_mode example. * AccessContextManager - Add dry run service perimeter resource (#10145) Co-authored-by: Charlesleonius * Create quota infos datasource (#10074) * add quota info data source * add test and documention for quota_info data source * fix lint error * add quota infos datasource * update read test * remove duplicate import * update formatting and documentation * remove pagination parameters, concat and return all qualified entries * remove specific check for number of entries * fix(spanner): remove validation on version retention period on spanner database (#10184) * fix(spanner): remove validation on version retention period on spanner database * fix build * initial mmv1 go templating and flags (#10219) * Adds support for Soft Delete feature, which allows setting soft delete policy on 'google_storage_bucket' resource. (#10171) * Fixes and enhancements after the bug bash. (#10223) * remove float from documentation * change storage-gb type to int * Revert "change storage-gb type to int" This reverts commit 89795a80889287fb287497fbcbbfdbb365d40884. * add support for dag_processor count * fix int64 unpacking * add validation for composer internal ip range size * add upper limit for dag_prcessor.count * google_monitoring_alert_policy periods doc update & dataproc doc update (#10226) * enable_http_port_access is a boolean not a string * add doc update to alert policy notification rate limit period * Add support for boost configs in workstations configs (#10176) * add boostConfig workstationConfig * add boostConfig workstationConfig * link example * remove * update descriptions and add update test * update machine type * fix update test * Add a rule for removing diff suppress functions (#10167) * Add a rule for removing diff suppress functions * Add rule link to docs * Rewrite Resource functions (#10228) * Add missing guest_os_features enumeration value (#10229) * add billing project id support to firewall endpoint resource (#10122) * add billing project support * removed description field due to API issue * test updated and fixed for ADC support * added ADC warning * removing ADC * Upgraded version of actions related to scorecard (#10234) * Don't re-request review if initial PR comment is edited (#10232) * Pinned versions for GitHub Actions (#10239) * Switched from diff-processor adding labels to just computing and returning them as JSON (#10211) * Switched diff-processor from add-labels command to changed-schema-labels command * Force update to redis cluster * Revert "Force update to redis cluster" This reverts commit 750c39ddf7f30d8a448fb775b86711ecbf3830f0. * change the dataflow zone from us-central1-f to us-east5-b (#10205) * Added `CloudQuotas` service and Create `QuotaPreference` Resource (#10019) * setup resoruce config and add create tests * add create and update test * fix lint error * fix lint error * update yaml config * remove trailing spaces * modify update test * update acceptance test and cleanup * add upsert scenario for testing * update acceptance test syntax * remove allow-missing flag & fix update test failure * add import and id format * teamcity test failure - manually add cloudquotas service * teamcity test failure - manually add cloudquotas service for beta * add field 'validate_only' to tests * address comments & fix test failure * remove unused import * remove `validate_only` field, add ignore read feature to `annotations` field * add input only fields to ImportStateVerifyIgnore * update field name * VCR test failure: remove batch service creation * fix formatting * Magician tgc integration (#9907) * Add command for tgc integration tests * Use magician for TGC integration tests * Fix variable name * Remove owner * Fix go mod tidy command * Use new github token * Fix https://github.com/hashicorp/terraform-provider-google/issues/17389 (#10206) * generated_id added to compute_region_backend_service (#10243) * Clarify CI README a bit (#10245) * Add integrations product. Create Client resource. (#10186) Co-authored-by: Cameron Thornton * Add apphub.admin role for the organization in the test environment (#10152) * add apphub.admin role for the organizations that the CI runs the tests * Change to use org instead of billing id * Change to use org instead of billing id --------- Co-authored-by: Krishnan Gopal * Change ItemType to object (#10249) * Clarify usage of min/max throughput and instances (#10130) * Clarify usage of min/max throughput and instances * fix lint * fix snake casing * Fixed issues with diff-processor caused by GA-only compilation errors (#10250) * Added file to trigger google-only failure * Check if cleaning the diff processor up properly solves the issue * Revert "Check if cleaning the diff processor up properly solves the issue" This reverts commit 85c358e4191d5e6115bfef0e02c819f92b45dfe0. * Clean up diff processor before building instead of after * Revert "Added file to trigger google-only failure" This reverts commit 0e4486080477902820ad282666d0c8f51e890076. * Consolidate Documentation for App Hub resources and data sources into one subcategory (#10238) * add apphub.admin role for the organizations that the CI runs the tests * Change to use org instead of billing id * Change to use org instead of billing id * Fix subcategory of data sources consistent with rest of AppHub product resources * This change is supposed to be a part of another feature --------- Co-authored-by: Krishnan Gopal * Corrected names of iam_workload resource and data source files (#10253) beta is not part of the resource name. This is important for https://github.com/GoogleCloudPlatform/magic-modules/pull/10248 * Pin workflow dependency versions (#10256) * Pinned python yaml library versions * Pinned goimports version in build-downstreams * Force generation * Revert "Force generation" This reverts commit b2d876045277156ae2fd3a44194fe58164297186. * Rewrite type functions (#10259) * Removed double quotes and typo in google_project_iam_member documentation (#9750) * Iniital setup for codeql scanning (#10254) * Added permissions: read-all to codeql action (#10264) * Remove java-kotlin codeql scanning (#10263) * Initial resource documentation templating (#10266) * Add note about modifying yaml files (#10202) * bq table - add geojson support (#10215) * bq table - add geojson support * bq table - add geojson support * CR comments * Add logsBucket (#10267) * Remove SarahFrench from vacation list (#10272) * ci: add missing pathspec dependency for yamllint pipeline (#10269) pipelines for YAML lints are failing due to: ``` Traceback (most recent call last): File "/home/runner/.local/bin/yamllint", line 5, in from yamllint.cli import run File "/home/runner/.local/lib/python3.10/site-packages/yamllint/cli.py", line 24, in from yamllint.config import YamlLintConfig, YamlLintConfigError File "/home/runner/.local/lib/python3.10/site-packages/yamllint/config.py", line 19, in import pathspec ModuleNotFoundError: No module named 'pathspec' ``` A fresh install in a virtual environment using the following command: ```bash $ pip install yamllint==1.32.0 pyyaml==6.0.1 $ pip freeze pathspec==0.12.1 PyYAML==6.0.1 yamllint==1.32.0 ``` Regression introduced by 60917c85e2f6645e21846fcf0197ff18244c747d * remove `pattern` field from `.yaml` files (#10227) * remove pattern field * fix lint yaml files * metastore - add support for scheduled backups (#10213) * add support for dataproc metastore scheduled backups * CR comments * CR comments * CR comments * CR comments * CR comments * Update mmv1/third_party/terraform/services/dataprocmetastore/resource_dataproc_metastore_service_test.go.erb Co-authored-by: Zhenhua Li * Update mmv1/third_party/terraform/services/dataprocmetastore/resource_dataproc_metastore_service_test.go.erb Co-authored-by: Zhenhua Li * CR comments --------- Co-authored-by: Zhenhua Li * Update default TF version used in TeamCity to be `"1.8.0-rc1"` (#10276) * Update default TF version used in TeamCity to be 1.8.0-rc1 This will be updated to 1.8.0 after the GA release * Update pom.xml to pull in a hardcoded server-api dependency version : 2024.07-SNAPSHOT * Fix issue where `cloudquotas` was imported twice in GA provider When I generate the Beta provider locally I don't see the import being added --------- Signed-off-by: dependabot[bot] Co-authored-by: Deepak Kumar <21131061+kumadee@users.noreply.github.com> Co-authored-by: Riley Karson Co-authored-by: Max Portocarrero CI&T <105444618+maxi-cit@users.noreply.github.com> Co-authored-by: Mauricio Alvarez Leon <65101411+BBBmau@users.noreply.github.com> Co-authored-by: Jesse Liddle Co-authored-by: Wessel Blokzijl Co-authored-by: Jack McCluskey <34928439+jrmccluskey@users.noreply.github.com> Co-authored-by: hao-nan-li <100219545+hao-nan-li@users.noreply.github.com> Co-authored-by: Salome Papiashvili Co-authored-by: Oliver Krause <3621164+okrause@users.noreply.github.com> Co-authored-by: G-NamanGupta Co-authored-by: Shuya Ma <87669292+shuyama1@users.noreply.github.com> Co-authored-by: Stephen Lewis (Burrows) Co-authored-by: Yanwei Guo Co-authored-by: Hamzawy63 <43001514+Hamzawy63@users.noreply.github.com> Co-authored-by: Hamza Hassan Co-authored-by: Ryan Oaks Co-authored-by: Sneha-at Co-authored-by: Shogo Watanabe <1286807+nownabe@users.noreply.github.com> Co-authored-by: Obada Alabbadi <76101898+obada-ab@users.noreply.github.com> Co-authored-by: NA2047 <12290725+NA2047@users.noreply.github.com> Co-authored-by: Yuki Watanabe <47182350+yuki0920@users.noreply.github.com> Co-authored-by: Scott Suarez Co-authored-by: askubis Co-authored-by: Pavan Kumar Sunkara Co-authored-by: ajaybgunjal1 <161062655+ajaybgunjal1@users.noreply.github.com> Co-authored-by: Hossein Golestani Co-authored-by: rahul2393 Co-authored-by: Chris Co-authored-by: bcreddy-gcp <123543489+bcreddy-gcp@users.noreply.github.com> Co-authored-by: Matt Santa Co-authored-by: Sam Levenick Co-authored-by: Nick Elliot Co-authored-by: wj-chen Co-authored-by: Thomas Rodgers Co-authored-by: Stephen Lewis (Burrows) Co-authored-by: yiyinglovecoding <113492735+yiyinglovecoding@users.noreply.github.com> Co-authored-by: Cameron Thornton Co-authored-by: Zhenhua Li Co-authored-by: Francis (Feng) Liu Co-authored-by: makuing <71718183+makuing@users.noreply.github.com> Co-authored-by: Lingkai Shen Co-authored-by: Jared Co-authored-by: Joakim Tangnes <10198932+Zarux@users.noreply.github.com> Co-authored-by: Laurens Knoll <3205006+laurensknoll@users.noreply.github.com> Co-authored-by: Rustem Bekmukhametov Co-authored-by: xuchenma <67921399+xuchenma@users.noreply.github.com> Co-authored-by: Esha Goel Co-authored-by: Filip 'Cherit' Szóstak Co-authored-by: Benjamin Kaplan <58792807+bskaplan@users.noreply.github.com> Co-authored-by: jinyangtang <147192056+jinyangtang@users.noreply.github.com> Co-authored-by: Naitian Liu <83430653+naitianliu-google@users.noreply.github.com> Co-authored-by: Sneha Prasad <32434989+snpd25@users.noreply.github.com> Co-authored-by: Sneha Prasad Co-authored-by: rishamchokshi <44479344+rishamchokshi@users.noreply.github.com> Co-authored-by: kautikdk <144651627+kautikdk@users.noreply.github.com> Co-authored-by: kangy-google Co-authored-by: Salome Papiashvili Co-authored-by: Pavel Salnikov <90701144+pavel-salnikov@users.noreply.github.com> Co-authored-by: Michael R. Torres <6692889+micrictor@users.noreply.github.com> Co-authored-by: Esha Goel Co-authored-by: Luca Prete Co-authored-by: Luca Prete Co-authored-by: gurankitt <161278508+gurankitt@users.noreply.github.com> Co-authored-by: Antoni Zawodny Co-authored-by: praseedhaPK <161299686+praseedhaPK@users.noreply.github.com> Co-authored-by: Charles Leon Co-authored-by: Charles Leon Co-authored-by: Andrew Grasso Co-authored-by: Krishnan Gopal Co-authored-by: shijeesh-ns <92889532+shijeesh-ns@users.noreply.github.com> Co-authored-by: kumailkermalli-datatonic <108349674+kumailkermalli-datatonic@users.noreply.github.com> Co-authored-by: Xuran Liu Co-authored-by: Rostislav Bobrovsky Co-authored-by: Ali Ebrahim Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: roop2 <161707562+roop2@users.noreply.github.com> Co-authored-by: fayssalmartanigcp <73672393+fayssalmartanigcp@users.noreply.github.com> Co-authored-by: Patrick Costello Co-authored-by: Daniel Randell Co-authored-by: joelkattapuram <46967875+joelkattapuram@users.noreply.github.com> Co-authored-by: Harrison Powers Co-authored-by: liferoad Co-authored-by: Pawel Jasinski <56267784+pawelJas@users.noreply.github.com> Co-authored-by: Rohit Jangid Co-authored-by: krishnangopal1810 <156300588+krishnangopal1810@users.noreply.github.com> Co-authored-by: Jashan Sudan Co-authored-by: Aleks Vujić Co-authored-by: Ilia Lazebnik Co-authored-by: Srevin Saju [upstream:8821b6ce8241ddfd68707af219c52493dcce5d34] Signed-off-by: Modular Magician --- .changelog/10273.txt | 3 + .teamcity/components/constants.kt | 2 +- .teamcity/components/inputs/services_beta.kt | 5 + .teamcity/components/inputs/services_ga.kt | 5 + .teamcity/pom.xml | 2 +- google/fwmodels/provider_model.go | 1 + google/fwprovider/framework_provider.go | 6 + google/fwtransport/framework_config.go | 10 + google/provider/provider.go | 6 + google/provider/provider_mmv1_resources.go | 1232 +++++++++-------- ...cess_context_manager_access_policy_test.go | 31 +- ...ager_service_perimeter_dry_run_resource.go | 473 +++++++ ...service_perimeter_dry_run_resource_test.go | 141 ++ ...manager_service_perimeter_egress_policy.go | 145 +- ...anager_service_perimeter_ingress_policy.go | 144 +- .../bigquery/resource_bigquery_table.go | 15 + .../bigquery/resource_bigquery_table_test.go | 2 + ..._source_google_cloud_quotas_quota_infos.go | 217 +++ ...ce_google_cloud_quotas_quota_infos_test.go | 53 + .../resource_cloud_quotas_quota_preference.go | 676 +++++++++ ...urce_cloud_quotas_quota_preference_test.go | 182 +++ .../resource_cloud_run_v2_service.go | 3 +- .../resource_cloud_run_v2_service_test.go | 2 - .../composer/resource_composer_environment.go | 15 + .../services/compute/resource_compute_disk.go | 4 +- ...resource_compute_instance_group_manager.go | 10 +- ...resource_compute_region_backend_service.go | 25 + ...e_compute_region_instance_group_manager.go | 7 +- .../dataflow/resource_dataflow_job_test.go | 16 +- .../resource_dataproc_cluster_test.go | 2 +- .../resource_dataproc_metastore_service.go | 142 ++ ...taproc_metastore_service_generated_test.go | 61 + ...esource_dataproc_metastore_service_test.go | 64 + ...e_datastream_private_connection_sweeper.go | 17 +- ...app_check_service_config_generated_test.go | 2 +- ..._firebase_app_check_service_config_test.go | 56 +- ...resource_firestore_index_generated_test.go | 61 +- ...data_source_iam_workload_identity_pool.go} | 0 ...ce_iam_workload_identity_pool_provider.go} | 0 ...m_workload_identity_pool_provider_test.go} | 0 ...source_iam_workload_identity_pool_test.go} | 0 ...rce_iam_workload_identity_pool_id_test.go} | 0 ...orkload_identity_pool_provider_id_test.go} | 0 .../resource_integrations_client.go | 287 ++++ ...urce_integrations_client_generated_test.go | 122 ++ .../resource_monitoring_alert_policy.go | 7 +- .../netapp/resource_netapp_kmsconfig_test.go | 22 +- .../services/pubsub/resource_pubsub_topic.go | 189 +++ .../resource_pubsub_topic_generated_test.go | 43 + .../pubsub/resource_pubsub_topic_test.go | 68 + .../spanner/resource_spanner_database.go | 47 +- .../spanner/resource_spanner_database_test.go | 72 - .../storage/resource_storage_bucket.go | 61 + .../storage/resource_storage_bucket_test.go | 74 + .../resource_vpc_access_connector.go | 35 +- google/sweeper/gcp_sweeper_test.go | 1 + google/transport/config.go | 9 + .../d/apphub_discovered_service.html.markdown | 4 +- .../apphub_discovered_workload.html.markdown | 2 +- .../d/cloud_quotas_quota_info.html.markdown | 1 - .../d/cloud_quotas_quota_infos.html.markdown | 62 + ...taform_repository_iam_policy.html.markdown | 6 +- ...e_perimeter_dry_run_resource.html.markdown | 129 ++ ...vice_perimeter_egress_policy.html.markdown | 47 +- ...ice_perimeter_ingress_policy.html.markdown | 50 +- ...r_service_perimeter_resource.html.markdown | 5 +- website/docs/r/bigquery_table.html.markdown | 2 + ...loud_quotas_quota_preference.html.markdown | 179 +++ website/docs/r/cloud_run_v2_job.html.markdown | 15 + .../docs/r/cloud_run_v2_service.html.markdown | 2 +- .../docs/r/composer_environment.html.markdown | 4 +- website/docs/r/compute_disk.html.markdown | 2 +- ...mpute_instance_group_manager.html.markdown | 12 +- ...mpute_region_backend_service.html.markdown | 3 + ...egion_instance_group_manager.html.markdown | 12 +- .../docs/r/dataform_repository.html.markdown | 66 +- .../r/dataform_repository_iam.html.markdown | 18 +- website/docs/r/dataproc_cluster.html.markdown | 2 +- .../dataproc_metastore_service.html.markdown | 64 + .../docs/r/firebase_android_app.html.markdown | 10 +- ...ase_app_check_service_config.html.markdown | 2 +- website/docs/r/firestore_index.html.markdown | 57 +- .../docs/r/google_project_iam.html.markdown | 2 +- .../docs/r/integrations_client.html.markdown | 200 +++ .../r/monitoring_alert_policy.html.markdown | 1 + ...k_security_firewall_endpoint.html.markdown | 10 + website/docs/r/pubsub_topic.html.markdown | 61 + website/docs/r/storage_bucket.html.markdown | 8 + .../docs/r/vpc_access_connector.html.markdown | 15 +- ...kstations_workstation_config.html.markdown | 97 ++ 90 files changed, 4711 insertions(+), 1314 deletions(-) create mode 100644 .changelog/10273.txt create mode 100644 google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource.go create mode 100644 google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource_test.go create mode 100644 google/services/cloudquotas/data_source_google_cloud_quotas_quota_infos.go create mode 100644 google/services/cloudquotas/data_source_google_cloud_quotas_quota_infos_test.go create mode 100644 google/services/cloudquotas/resource_cloud_quotas_quota_preference.go create mode 100644 google/services/cloudquotas/resource_cloud_quotas_quota_preference_test.go rename google/services/iambeta/{data_source_iam_beta_workload_identity_pool.go => data_source_iam_workload_identity_pool.go} (100%) rename google/services/iambeta/{data_source_iam_beta_workload_identity_pool_provider.go => data_source_iam_workload_identity_pool_provider.go} (100%) rename google/services/iambeta/{data_source_iam_beta_workload_identity_pool_provider_test.go => data_source_iam_workload_identity_pool_provider_test.go} (100%) rename google/services/iambeta/{data_source_iam_beta_workload_identity_pool_test.go => data_source_iam_workload_identity_pool_test.go} (100%) rename google/services/iambeta/{resource_iam_beta_workload_identity_pool_id_test.go => resource_iam_workload_identity_pool_id_test.go} (100%) rename google/services/iambeta/{resource_iam_beta_workload_identity_pool_provider_id_test.go => resource_iam_workload_identity_pool_provider_id_test.go} (100%) create mode 100644 google/services/integrations/resource_integrations_client.go create mode 100644 google/services/integrations/resource_integrations_client_generated_test.go create mode 100644 website/docs/d/cloud_quotas_quota_infos.html.markdown create mode 100644 website/docs/r/access_context_manager_service_perimeter_dry_run_resource.html.markdown create mode 100644 website/docs/r/cloud_quotas_quota_preference.html.markdown create mode 100644 website/docs/r/integrations_client.html.markdown diff --git a/.changelog/10273.txt b/.changelog/10273.txt new file mode 100644 index 00000000000..42b910df155 --- /dev/null +++ b/.changelog/10273.txt @@ -0,0 +1,3 @@ +```release-note:none + +``` \ No newline at end of file diff --git a/.teamcity/components/constants.kt b/.teamcity/components/constants.kt index ba1cd010f3a..dd314e1f2cc 100644 --- a/.teamcity/components/constants.kt +++ b/.teamcity/components/constants.kt @@ -16,7 +16,7 @@ const val DefaultStartHour = 4 const val DefaultParallelism = 6 // specifies the default version of Terraform Core which should be used for testing -const val DefaultTerraformCoreVersion = "1.2.5" +const val DefaultTerraformCoreVersion = "1.8.0-rc1" // TODO(SarahFrench) - update to 1.8.0 once it's gone GA // This represents a cron view of days of the week const val DefaultDaysOfWeek = "*" diff --git a/.teamcity/components/inputs/services_beta.kt b/.teamcity/components/inputs/services_beta.kt index 13510630f13..613e795bf68 100644 --- a/.teamcity/components/inputs/services_beta.kt +++ b/.teamcity/components/inputs/services_beta.kt @@ -466,6 +466,11 @@ var ServicesListBeta = mapOf( "displayName" to "Integrationconnectors", "path" to "./google-beta/services/integrationconnectors" ), + "integrations" to mapOf( + "name" to "integrations", + "displayName" to "Applicationintegration", + "path" to "./google-beta/services/integrations" + ), "kms" to mapOf( "name" to "kms", "displayName" to "Kms", diff --git a/.teamcity/components/inputs/services_ga.kt b/.teamcity/components/inputs/services_ga.kt index f4b303eccc6..f3a3fe57388 100644 --- a/.teamcity/components/inputs/services_ga.kt +++ b/.teamcity/components/inputs/services_ga.kt @@ -461,6 +461,11 @@ var ServicesListGa = mapOf( "displayName" to "Integrationconnectors", "path" to "./google/services/integrationconnectors" ), + "integrations" to mapOf( + "name" to "integrations", + "displayName" to "Applicationintegration", + "path" to "./google/services/integrations" + ), "kms" to mapOf( "name" to "kms", "displayName" to "Kms", diff --git a/.teamcity/pom.xml b/.teamcity/pom.xml index bacb2965abc..0a752451076 100644 --- a/.teamcity/pom.xml +++ b/.teamcity/pom.xml @@ -136,7 +136,7 @@ org.jetbrains.teamcity server-api - ${teamcity.dsl.version} + 2024.07-SNAPSHOT test diff --git a/google/fwmodels/provider_model.go b/google/fwmodels/provider_model.go index dfd6a92424b..0a7f73b9a17 100644 --- a/google/fwmodels/provider_model.go +++ b/google/fwmodels/provider_model.go @@ -101,6 +101,7 @@ type ProviderModel struct { IapCustomEndpoint types.String `tfsdk:"iap_custom_endpoint"` IdentityPlatformCustomEndpoint types.String `tfsdk:"identity_platform_custom_endpoint"` IntegrationConnectorsCustomEndpoint types.String `tfsdk:"integration_connectors_custom_endpoint"` + IntegrationsCustomEndpoint types.String `tfsdk:"integrations_custom_endpoint"` KMSCustomEndpoint types.String `tfsdk:"kms_custom_endpoint"` LoggingCustomEndpoint types.String `tfsdk:"logging_custom_endpoint"` LookerCustomEndpoint types.String `tfsdk:"looker_custom_endpoint"` diff --git a/google/fwprovider/framework_provider.go b/google/fwprovider/framework_provider.go index 12528f77a6d..da6fa5f9d4a 100644 --- a/google/fwprovider/framework_provider.go +++ b/google/fwprovider/framework_provider.go @@ -583,6 +583,12 @@ func (p *FrameworkProvider) Schema(_ context.Context, _ provider.SchemaRequest, transport_tpg.CustomEndpointValidator(), }, }, + "integrations_custom_endpoint": &schema.StringAttribute{ + Optional: true, + Validators: []validator.String{ + transport_tpg.CustomEndpointValidator(), + }, + }, "kms_custom_endpoint": &schema.StringAttribute{ Optional: true, Validators: []validator.String{ diff --git a/google/fwtransport/framework_config.go b/google/fwtransport/framework_config.go index 4ba7c643a9e..615211d755f 100644 --- a/google/fwtransport/framework_config.go +++ b/google/fwtransport/framework_config.go @@ -124,6 +124,7 @@ type FrameworkProviderConfig struct { IapBasePath string IdentityPlatformBasePath string IntegrationConnectorsBasePath string + IntegrationsBasePath string KMSBasePath string LoggingBasePath string LookerBasePath string @@ -277,6 +278,7 @@ func (p *FrameworkProviderConfig) LoadAndValidateFramework(ctx context.Context, p.IapBasePath = data.IapCustomEndpoint.ValueString() p.IdentityPlatformBasePath = data.IdentityPlatformCustomEndpoint.ValueString() p.IntegrationConnectorsBasePath = data.IntegrationConnectorsCustomEndpoint.ValueString() + p.IntegrationsBasePath = data.IntegrationsCustomEndpoint.ValueString() p.KMSBasePath = data.KMSCustomEndpoint.ValueString() p.LoggingBasePath = data.LoggingCustomEndpoint.ValueString() p.LookerBasePath = data.LookerCustomEndpoint.ValueString() @@ -1029,6 +1031,14 @@ func (p *FrameworkProviderConfig) HandleDefaults(ctx context.Context, data *fwmo data.IntegrationConnectorsCustomEndpoint = types.StringValue(customEndpoint.(string)) } } + if data.IntegrationsCustomEndpoint.IsNull() { + customEndpoint := transport_tpg.MultiEnvDefault([]string{ + "GOOGLE_INTEGRATIONS_CUSTOM_ENDPOINT", + }, transport_tpg.DefaultBasePaths[transport_tpg.IntegrationsBasePathKey]) + if customEndpoint != nil { + data.IntegrationsCustomEndpoint = types.StringValue(customEndpoint.(string)) + } + } if data.KMSCustomEndpoint.IsNull() { customEndpoint := transport_tpg.MultiEnvDefault([]string{ "GOOGLE_KMS_CUSTOM_ENDPOINT", diff --git a/google/provider/provider.go b/google/provider/provider.go index 7f3d0687396..aa01f1965a3 100644 --- a/google/provider/provider.go +++ b/google/provider/provider.go @@ -510,6 +510,11 @@ func Provider() *schema.Provider { Optional: true, ValidateFunc: transport_tpg.ValidateCustomEndpoint, }, + "integrations_custom_endpoint": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: transport_tpg.ValidateCustomEndpoint, + }, "kms_custom_endpoint": { Type: schema.TypeString, Optional: true, @@ -1002,6 +1007,7 @@ func ProviderConfigure(ctx context.Context, d *schema.ResourceData, p *schema.Pr config.IapBasePath = d.Get("iap_custom_endpoint").(string) config.IdentityPlatformBasePath = d.Get("identity_platform_custom_endpoint").(string) config.IntegrationConnectorsBasePath = d.Get("integration_connectors_custom_endpoint").(string) + config.IntegrationsBasePath = d.Get("integrations_custom_endpoint").(string) config.KMSBasePath = d.Get("kms_custom_endpoint").(string) config.LoggingBasePath = d.Get("logging_custom_endpoint").(string) config.LookerBasePath = d.Get("looker_custom_endpoint").(string) diff --git a/google/provider/provider_mmv1_resources.go b/google/provider/provider_mmv1_resources.go index f89054014cf..2fee32635b5 100644 --- a/google/provider/provider_mmv1_resources.go +++ b/google/provider/provider_mmv1_resources.go @@ -35,6 +35,7 @@ import ( "github.com/hashicorp/terraform-provider-google/google/services/cloudfunctions2" "github.com/hashicorp/terraform-provider-google/google/services/cloudidentity" "github.com/hashicorp/terraform-provider-google/google/services/cloudids" + "github.com/hashicorp/terraform-provider-google/google/services/cloudquotas" "github.com/hashicorp/terraform-provider-google/google/services/cloudrun" "github.com/hashicorp/terraform-provider-google/google/services/cloudrunv2" "github.com/hashicorp/terraform-provider-google/google/services/cloudscheduler" @@ -77,6 +78,7 @@ import ( "github.com/hashicorp/terraform-provider-google/google/services/iap" "github.com/hashicorp/terraform-provider-google/google/services/identityplatform" "github.com/hashicorp/terraform-provider-google/google/services/integrationconnectors" + "github.com/hashicorp/terraform-provider-google/google/services/integrations" "github.com/hashicorp/terraform-provider-google/google/services/kms" "github.com/hashicorp/terraform-provider-google/google/services/logging" "github.com/hashicorp/terraform-provider-google/google/services/looker" @@ -125,8 +127,6 @@ import ( "github.com/hashicorp/terraform-provider-google/google/services/dataflow" "github.com/hashicorp/terraform-provider-google/google/services/servicenetworking" "github.com/hashicorp/terraform-provider-google/google/tpgiamresource" - // https://github.com/hashicorp/terraform-provider-google/issues/15633 for details - "github.com/hashicorp/terraform-provider-google/google/services/cloudquotas" ) // Datasources @@ -156,6 +156,7 @@ var handwrittenDatasources = map[string]*schema.Resource{ "google_cloud_identity_group_memberships": cloudidentity.DataSourceGoogleCloudIdentityGroupMemberships(), "google_cloud_identity_group_lookup": cloudidentity.DataSourceGoogleCloudIdentityGroupLookup(), "google_cloud_quotas_quota_info": cloudquotas.DataSourceGoogleCloudQuotasQuotaInfo(), + "google_cloud_quotas_quota_infos": cloudquotas.DataSourceGoogleCloudQuotasQuotaInfos(), "google_cloud_run_locations": cloudrun.DataSourceGoogleCloudRunLocations(), "google_cloud_run_service": cloudrun.DataSourceGoogleCloudRunService(), "google_cloud_run_v2_job": cloudrunv2.DataSourceGoogleCloudRunV2Job(), @@ -395,620 +396,623 @@ var handwrittenIAMDatasources = map[string]*schema.Resource{ } // Resources -// Generated resources: 394 +// Generated resources: 397 // Generated IAM resources: 234 -// Total generated resources: 628 +// Total generated resources: 631 var generatedResources = map[string]*schema.Resource{ - "google_folder_access_approval_settings": accessapproval.ResourceAccessApprovalFolderSettings(), - "google_organization_access_approval_settings": accessapproval.ResourceAccessApprovalOrganizationSettings(), - "google_project_access_approval_settings": accessapproval.ResourceAccessApprovalProjectSettings(), - "google_access_context_manager_access_level": accesscontextmanager.ResourceAccessContextManagerAccessLevel(), - "google_access_context_manager_access_level_condition": accesscontextmanager.ResourceAccessContextManagerAccessLevelCondition(), - "google_access_context_manager_access_levels": accesscontextmanager.ResourceAccessContextManagerAccessLevels(), - "google_access_context_manager_access_policy": accesscontextmanager.ResourceAccessContextManagerAccessPolicy(), - "google_access_context_manager_access_policy_iam_binding": tpgiamresource.ResourceIamBinding(accesscontextmanager.AccessContextManagerAccessPolicyIamSchema, accesscontextmanager.AccessContextManagerAccessPolicyIamUpdaterProducer, accesscontextmanager.AccessContextManagerAccessPolicyIdParseFunc), - "google_access_context_manager_access_policy_iam_member": tpgiamresource.ResourceIamMember(accesscontextmanager.AccessContextManagerAccessPolicyIamSchema, accesscontextmanager.AccessContextManagerAccessPolicyIamUpdaterProducer, accesscontextmanager.AccessContextManagerAccessPolicyIdParseFunc), - "google_access_context_manager_access_policy_iam_policy": tpgiamresource.ResourceIamPolicy(accesscontextmanager.AccessContextManagerAccessPolicyIamSchema, accesscontextmanager.AccessContextManagerAccessPolicyIamUpdaterProducer, accesscontextmanager.AccessContextManagerAccessPolicyIdParseFunc), - "google_access_context_manager_authorized_orgs_desc": accesscontextmanager.ResourceAccessContextManagerAuthorizedOrgsDesc(), - "google_access_context_manager_egress_policy": accesscontextmanager.ResourceAccessContextManagerEgressPolicy(), - "google_access_context_manager_gcp_user_access_binding": accesscontextmanager.ResourceAccessContextManagerGcpUserAccessBinding(), - "google_access_context_manager_ingress_policy": accesscontextmanager.ResourceAccessContextManagerIngressPolicy(), - "google_access_context_manager_service_perimeter": accesscontextmanager.ResourceAccessContextManagerServicePerimeter(), - "google_access_context_manager_service_perimeter_egress_policy": accesscontextmanager.ResourceAccessContextManagerServicePerimeterEgressPolicy(), - "google_access_context_manager_service_perimeter_ingress_policy": accesscontextmanager.ResourceAccessContextManagerServicePerimeterIngressPolicy(), - "google_access_context_manager_service_perimeter_resource": accesscontextmanager.ResourceAccessContextManagerServicePerimeterResource(), - "google_access_context_manager_service_perimeters": accesscontextmanager.ResourceAccessContextManagerServicePerimeters(), - "google_active_directory_domain": activedirectory.ResourceActiveDirectoryDomain(), - "google_active_directory_domain_trust": activedirectory.ResourceActiveDirectoryDomainTrust(), - "google_alloydb_backup": alloydb.ResourceAlloydbBackup(), - "google_alloydb_cluster": alloydb.ResourceAlloydbCluster(), - "google_alloydb_instance": alloydb.ResourceAlloydbInstance(), - "google_alloydb_user": alloydb.ResourceAlloydbUser(), - "google_apigee_addons_config": apigee.ResourceApigeeAddonsConfig(), - "google_apigee_endpoint_attachment": apigee.ResourceApigeeEndpointAttachment(), - "google_apigee_env_keystore": apigee.ResourceApigeeEnvKeystore(), - "google_apigee_env_references": apigee.ResourceApigeeEnvReferences(), - "google_apigee_envgroup": apigee.ResourceApigeeEnvgroup(), - "google_apigee_envgroup_attachment": apigee.ResourceApigeeEnvgroupAttachment(), - "google_apigee_environment": apigee.ResourceApigeeEnvironment(), - "google_apigee_environment_iam_binding": tpgiamresource.ResourceIamBinding(apigee.ApigeeEnvironmentIamSchema, apigee.ApigeeEnvironmentIamUpdaterProducer, apigee.ApigeeEnvironmentIdParseFunc), - "google_apigee_environment_iam_member": tpgiamresource.ResourceIamMember(apigee.ApigeeEnvironmentIamSchema, apigee.ApigeeEnvironmentIamUpdaterProducer, apigee.ApigeeEnvironmentIdParseFunc), - "google_apigee_environment_iam_policy": tpgiamresource.ResourceIamPolicy(apigee.ApigeeEnvironmentIamSchema, apigee.ApigeeEnvironmentIamUpdaterProducer, apigee.ApigeeEnvironmentIdParseFunc), - "google_apigee_instance": apigee.ResourceApigeeInstance(), - "google_apigee_instance_attachment": apigee.ResourceApigeeInstanceAttachment(), - "google_apigee_keystores_aliases_self_signed_cert": apigee.ResourceApigeeKeystoresAliasesSelfSignedCert(), - "google_apigee_nat_address": apigee.ResourceApigeeNatAddress(), - "google_apigee_organization": apigee.ResourceApigeeOrganization(), - "google_apigee_sync_authorization": apigee.ResourceApigeeSyncAuthorization(), - "google_apigee_target_server": apigee.ResourceApigeeTargetServer(), - "google_app_engine_application_url_dispatch_rules": appengine.ResourceAppEngineApplicationUrlDispatchRules(), - "google_app_engine_domain_mapping": appengine.ResourceAppEngineDomainMapping(), - "google_app_engine_firewall_rule": appengine.ResourceAppEngineFirewallRule(), - "google_app_engine_flexible_app_version": appengine.ResourceAppEngineFlexibleAppVersion(), - "google_app_engine_service_network_settings": appengine.ResourceAppEngineServiceNetworkSettings(), - "google_app_engine_service_split_traffic": appengine.ResourceAppEngineServiceSplitTraffic(), - "google_app_engine_standard_app_version": appengine.ResourceAppEngineStandardAppVersion(), - "google_apphub_application": apphub.ResourceApphubApplication(), - "google_apphub_service": apphub.ResourceApphubService(), - "google_apphub_service_project_attachment": apphub.ResourceApphubServiceProjectAttachment(), - "google_apphub_workload": apphub.ResourceApphubWorkload(), - "google_artifact_registry_repository": artifactregistry.ResourceArtifactRegistryRepository(), - "google_artifact_registry_repository_iam_binding": tpgiamresource.ResourceIamBinding(artifactregistry.ArtifactRegistryRepositoryIamSchema, artifactregistry.ArtifactRegistryRepositoryIamUpdaterProducer, artifactregistry.ArtifactRegistryRepositoryIdParseFunc), - "google_artifact_registry_repository_iam_member": tpgiamresource.ResourceIamMember(artifactregistry.ArtifactRegistryRepositoryIamSchema, artifactregistry.ArtifactRegistryRepositoryIamUpdaterProducer, artifactregistry.ArtifactRegistryRepositoryIdParseFunc), - "google_artifact_registry_repository_iam_policy": tpgiamresource.ResourceIamPolicy(artifactregistry.ArtifactRegistryRepositoryIamSchema, artifactregistry.ArtifactRegistryRepositoryIamUpdaterProducer, artifactregistry.ArtifactRegistryRepositoryIdParseFunc), - "google_beyondcorp_app_connection": beyondcorp.ResourceBeyondcorpAppConnection(), - "google_beyondcorp_app_connector": beyondcorp.ResourceBeyondcorpAppConnector(), - "google_beyondcorp_app_gateway": beyondcorp.ResourceBeyondcorpAppGateway(), - "google_biglake_catalog": biglake.ResourceBiglakeCatalog(), - "google_biglake_database": biglake.ResourceBiglakeDatabase(), - "google_biglake_table": biglake.ResourceBiglakeTable(), - "google_bigquery_dataset": bigquery.ResourceBigQueryDataset(), - "google_bigquery_dataset_access": bigquery.ResourceBigQueryDatasetAccess(), - "google_bigquery_job": bigquery.ResourceBigQueryJob(), - "google_bigquery_routine": bigquery.ResourceBigQueryRoutine(), - "google_bigquery_table_iam_binding": tpgiamresource.ResourceIamBinding(bigquery.BigQueryTableIamSchema, bigquery.BigQueryTableIamUpdaterProducer, bigquery.BigQueryTableIdParseFunc), - "google_bigquery_table_iam_member": tpgiamresource.ResourceIamMember(bigquery.BigQueryTableIamSchema, bigquery.BigQueryTableIamUpdaterProducer, bigquery.BigQueryTableIdParseFunc), - "google_bigquery_table_iam_policy": tpgiamresource.ResourceIamPolicy(bigquery.BigQueryTableIamSchema, bigquery.BigQueryTableIamUpdaterProducer, bigquery.BigQueryTableIdParseFunc), - "google_bigquery_analytics_hub_data_exchange": bigqueryanalyticshub.ResourceBigqueryAnalyticsHubDataExchange(), - "google_bigquery_analytics_hub_data_exchange_iam_binding": tpgiamresource.ResourceIamBinding(bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIdParseFunc), - "google_bigquery_analytics_hub_data_exchange_iam_member": tpgiamresource.ResourceIamMember(bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIdParseFunc), - "google_bigquery_analytics_hub_data_exchange_iam_policy": tpgiamresource.ResourceIamPolicy(bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIdParseFunc), - "google_bigquery_analytics_hub_listing": bigqueryanalyticshub.ResourceBigqueryAnalyticsHubListing(), - "google_bigquery_analytics_hub_listing_iam_binding": tpgiamresource.ResourceIamBinding(bigqueryanalyticshub.BigqueryAnalyticsHubListingIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubListingIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubListingIdParseFunc), - "google_bigquery_analytics_hub_listing_iam_member": tpgiamresource.ResourceIamMember(bigqueryanalyticshub.BigqueryAnalyticsHubListingIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubListingIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubListingIdParseFunc), - "google_bigquery_analytics_hub_listing_iam_policy": tpgiamresource.ResourceIamPolicy(bigqueryanalyticshub.BigqueryAnalyticsHubListingIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubListingIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubListingIdParseFunc), - "google_bigquery_connection": bigqueryconnection.ResourceBigqueryConnectionConnection(), - "google_bigquery_connection_iam_binding": tpgiamresource.ResourceIamBinding(bigqueryconnection.BigqueryConnectionConnectionIamSchema, bigqueryconnection.BigqueryConnectionConnectionIamUpdaterProducer, bigqueryconnection.BigqueryConnectionConnectionIdParseFunc), - "google_bigquery_connection_iam_member": tpgiamresource.ResourceIamMember(bigqueryconnection.BigqueryConnectionConnectionIamSchema, bigqueryconnection.BigqueryConnectionConnectionIamUpdaterProducer, bigqueryconnection.BigqueryConnectionConnectionIdParseFunc), - "google_bigquery_connection_iam_policy": tpgiamresource.ResourceIamPolicy(bigqueryconnection.BigqueryConnectionConnectionIamSchema, bigqueryconnection.BigqueryConnectionConnectionIamUpdaterProducer, bigqueryconnection.BigqueryConnectionConnectionIdParseFunc), - "google_bigquery_datapolicy_data_policy": bigquerydatapolicy.ResourceBigqueryDatapolicyDataPolicy(), - "google_bigquery_datapolicy_data_policy_iam_binding": tpgiamresource.ResourceIamBinding(bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamSchema, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamUpdaterProducer, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIdParseFunc), - "google_bigquery_datapolicy_data_policy_iam_member": tpgiamresource.ResourceIamMember(bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamSchema, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamUpdaterProducer, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIdParseFunc), - "google_bigquery_datapolicy_data_policy_iam_policy": tpgiamresource.ResourceIamPolicy(bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamSchema, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamUpdaterProducer, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIdParseFunc), - "google_bigquery_data_transfer_config": bigquerydatatransfer.ResourceBigqueryDataTransferConfig(), - "google_bigquery_bi_reservation": bigqueryreservation.ResourceBigqueryReservationBiReservation(), - "google_bigquery_capacity_commitment": bigqueryreservation.ResourceBigqueryReservationCapacityCommitment(), - "google_bigquery_reservation": bigqueryreservation.ResourceBigqueryReservationReservation(), - "google_bigtable_app_profile": bigtable.ResourceBigtableAppProfile(), - "google_billing_budget": billing.ResourceBillingBudget(), - "google_binary_authorization_attestor": binaryauthorization.ResourceBinaryAuthorizationAttestor(), - "google_binary_authorization_attestor_iam_binding": tpgiamresource.ResourceIamBinding(binaryauthorization.BinaryAuthorizationAttestorIamSchema, binaryauthorization.BinaryAuthorizationAttestorIamUpdaterProducer, binaryauthorization.BinaryAuthorizationAttestorIdParseFunc), - "google_binary_authorization_attestor_iam_member": tpgiamresource.ResourceIamMember(binaryauthorization.BinaryAuthorizationAttestorIamSchema, binaryauthorization.BinaryAuthorizationAttestorIamUpdaterProducer, binaryauthorization.BinaryAuthorizationAttestorIdParseFunc), - "google_binary_authorization_attestor_iam_policy": tpgiamresource.ResourceIamPolicy(binaryauthorization.BinaryAuthorizationAttestorIamSchema, binaryauthorization.BinaryAuthorizationAttestorIamUpdaterProducer, binaryauthorization.BinaryAuthorizationAttestorIdParseFunc), - "google_binary_authorization_policy": binaryauthorization.ResourceBinaryAuthorizationPolicy(), - "google_blockchain_node_engine_blockchain_nodes": blockchainnodeengine.ResourceBlockchainNodeEngineBlockchainNodes(), - "google_certificate_manager_certificate": certificatemanager.ResourceCertificateManagerCertificate(), - "google_certificate_manager_certificate_issuance_config": certificatemanager.ResourceCertificateManagerCertificateIssuanceConfig(), - "google_certificate_manager_certificate_map": certificatemanager.ResourceCertificateManagerCertificateMap(), - "google_certificate_manager_certificate_map_entry": certificatemanager.ResourceCertificateManagerCertificateMapEntry(), - "google_certificate_manager_dns_authorization": certificatemanager.ResourceCertificateManagerDnsAuthorization(), - "google_certificate_manager_trust_config": certificatemanager.ResourceCertificateManagerTrustConfig(), - "google_cloud_asset_folder_feed": cloudasset.ResourceCloudAssetFolderFeed(), - "google_cloud_asset_organization_feed": cloudasset.ResourceCloudAssetOrganizationFeed(), - "google_cloud_asset_project_feed": cloudasset.ResourceCloudAssetProjectFeed(), - "google_cloudbuild_bitbucket_server_config": cloudbuild.ResourceCloudBuildBitbucketServerConfig(), - "google_cloudbuild_trigger": cloudbuild.ResourceCloudBuildTrigger(), - "google_cloudbuildv2_connection": cloudbuildv2.ResourceCloudbuildv2Connection(), - "google_cloudbuildv2_connection_iam_binding": tpgiamresource.ResourceIamBinding(cloudbuildv2.Cloudbuildv2ConnectionIamSchema, cloudbuildv2.Cloudbuildv2ConnectionIamUpdaterProducer, cloudbuildv2.Cloudbuildv2ConnectionIdParseFunc), - "google_cloudbuildv2_connection_iam_member": tpgiamresource.ResourceIamMember(cloudbuildv2.Cloudbuildv2ConnectionIamSchema, cloudbuildv2.Cloudbuildv2ConnectionIamUpdaterProducer, cloudbuildv2.Cloudbuildv2ConnectionIdParseFunc), - "google_cloudbuildv2_connection_iam_policy": tpgiamresource.ResourceIamPolicy(cloudbuildv2.Cloudbuildv2ConnectionIamSchema, cloudbuildv2.Cloudbuildv2ConnectionIamUpdaterProducer, cloudbuildv2.Cloudbuildv2ConnectionIdParseFunc), - "google_cloudbuildv2_repository": cloudbuildv2.ResourceCloudbuildv2Repository(), - "google_clouddeploy_automation": clouddeploy.ResourceClouddeployAutomation(), - "google_clouddeploy_custom_target_type": clouddeploy.ResourceClouddeployCustomTargetType(), - "google_clouddeploy_custom_target_type_iam_binding": tpgiamresource.ResourceIamBinding(clouddeploy.ClouddeployCustomTargetTypeIamSchema, clouddeploy.ClouddeployCustomTargetTypeIamUpdaterProducer, clouddeploy.ClouddeployCustomTargetTypeIdParseFunc), - "google_clouddeploy_custom_target_type_iam_member": tpgiamresource.ResourceIamMember(clouddeploy.ClouddeployCustomTargetTypeIamSchema, clouddeploy.ClouddeployCustomTargetTypeIamUpdaterProducer, clouddeploy.ClouddeployCustomTargetTypeIdParseFunc), - "google_clouddeploy_custom_target_type_iam_policy": tpgiamresource.ResourceIamPolicy(clouddeploy.ClouddeployCustomTargetTypeIamSchema, clouddeploy.ClouddeployCustomTargetTypeIamUpdaterProducer, clouddeploy.ClouddeployCustomTargetTypeIdParseFunc), - "google_clouddeploy_delivery_pipeline_iam_binding": tpgiamresource.ResourceIamBinding(clouddeploy.ClouddeployDeliveryPipelineIamSchema, clouddeploy.ClouddeployDeliveryPipelineIamUpdaterProducer, clouddeploy.ClouddeployDeliveryPipelineIdParseFunc), - "google_clouddeploy_delivery_pipeline_iam_member": tpgiamresource.ResourceIamMember(clouddeploy.ClouddeployDeliveryPipelineIamSchema, clouddeploy.ClouddeployDeliveryPipelineIamUpdaterProducer, clouddeploy.ClouddeployDeliveryPipelineIdParseFunc), - "google_clouddeploy_delivery_pipeline_iam_policy": tpgiamresource.ResourceIamPolicy(clouddeploy.ClouddeployDeliveryPipelineIamSchema, clouddeploy.ClouddeployDeliveryPipelineIamUpdaterProducer, clouddeploy.ClouddeployDeliveryPipelineIdParseFunc), - "google_clouddeploy_target_iam_binding": tpgiamresource.ResourceIamBinding(clouddeploy.ClouddeployTargetIamSchema, clouddeploy.ClouddeployTargetIamUpdaterProducer, clouddeploy.ClouddeployTargetIdParseFunc), - "google_clouddeploy_target_iam_member": tpgiamresource.ResourceIamMember(clouddeploy.ClouddeployTargetIamSchema, clouddeploy.ClouddeployTargetIamUpdaterProducer, clouddeploy.ClouddeployTargetIdParseFunc), - "google_clouddeploy_target_iam_policy": tpgiamresource.ResourceIamPolicy(clouddeploy.ClouddeployTargetIamSchema, clouddeploy.ClouddeployTargetIamUpdaterProducer, clouddeploy.ClouddeployTargetIdParseFunc), - "google_clouddomains_registration": clouddomains.ResourceClouddomainsRegistration(), - "google_cloudfunctions_function_iam_binding": tpgiamresource.ResourceIamBinding(cloudfunctions.CloudFunctionsCloudFunctionIamSchema, cloudfunctions.CloudFunctionsCloudFunctionIamUpdaterProducer, cloudfunctions.CloudFunctionsCloudFunctionIdParseFunc), - "google_cloudfunctions_function_iam_member": tpgiamresource.ResourceIamMember(cloudfunctions.CloudFunctionsCloudFunctionIamSchema, cloudfunctions.CloudFunctionsCloudFunctionIamUpdaterProducer, cloudfunctions.CloudFunctionsCloudFunctionIdParseFunc), - "google_cloudfunctions_function_iam_policy": tpgiamresource.ResourceIamPolicy(cloudfunctions.CloudFunctionsCloudFunctionIamSchema, cloudfunctions.CloudFunctionsCloudFunctionIamUpdaterProducer, cloudfunctions.CloudFunctionsCloudFunctionIdParseFunc), - "google_cloudfunctions2_function": cloudfunctions2.ResourceCloudfunctions2function(), - "google_cloudfunctions2_function_iam_binding": tpgiamresource.ResourceIamBinding(cloudfunctions2.Cloudfunctions2functionIamSchema, cloudfunctions2.Cloudfunctions2functionIamUpdaterProducer, cloudfunctions2.Cloudfunctions2functionIdParseFunc), - "google_cloudfunctions2_function_iam_member": tpgiamresource.ResourceIamMember(cloudfunctions2.Cloudfunctions2functionIamSchema, cloudfunctions2.Cloudfunctions2functionIamUpdaterProducer, cloudfunctions2.Cloudfunctions2functionIdParseFunc), - "google_cloudfunctions2_function_iam_policy": tpgiamresource.ResourceIamPolicy(cloudfunctions2.Cloudfunctions2functionIamSchema, cloudfunctions2.Cloudfunctions2functionIamUpdaterProducer, cloudfunctions2.Cloudfunctions2functionIdParseFunc), - "google_cloud_identity_group": cloudidentity.ResourceCloudIdentityGroup(), - "google_cloud_identity_group_membership": cloudidentity.ResourceCloudIdentityGroupMembership(), - "google_cloud_ids_endpoint": cloudids.ResourceCloudIdsEndpoint(), - "google_cloud_run_domain_mapping": cloudrun.ResourceCloudRunDomainMapping(), - "google_cloud_run_service": cloudrun.ResourceCloudRunService(), - "google_cloud_run_service_iam_binding": tpgiamresource.ResourceIamBinding(cloudrun.CloudRunServiceIamSchema, cloudrun.CloudRunServiceIamUpdaterProducer, cloudrun.CloudRunServiceIdParseFunc), - "google_cloud_run_service_iam_member": tpgiamresource.ResourceIamMember(cloudrun.CloudRunServiceIamSchema, cloudrun.CloudRunServiceIamUpdaterProducer, cloudrun.CloudRunServiceIdParseFunc), - "google_cloud_run_service_iam_policy": tpgiamresource.ResourceIamPolicy(cloudrun.CloudRunServiceIamSchema, cloudrun.CloudRunServiceIamUpdaterProducer, cloudrun.CloudRunServiceIdParseFunc), - "google_cloud_run_v2_job": cloudrunv2.ResourceCloudRunV2Job(), - "google_cloud_run_v2_job_iam_binding": tpgiamresource.ResourceIamBinding(cloudrunv2.CloudRunV2JobIamSchema, cloudrunv2.CloudRunV2JobIamUpdaterProducer, cloudrunv2.CloudRunV2JobIdParseFunc), - "google_cloud_run_v2_job_iam_member": tpgiamresource.ResourceIamMember(cloudrunv2.CloudRunV2JobIamSchema, cloudrunv2.CloudRunV2JobIamUpdaterProducer, cloudrunv2.CloudRunV2JobIdParseFunc), - "google_cloud_run_v2_job_iam_policy": tpgiamresource.ResourceIamPolicy(cloudrunv2.CloudRunV2JobIamSchema, cloudrunv2.CloudRunV2JobIamUpdaterProducer, cloudrunv2.CloudRunV2JobIdParseFunc), - "google_cloud_run_v2_service": cloudrunv2.ResourceCloudRunV2Service(), - "google_cloud_run_v2_service_iam_binding": tpgiamresource.ResourceIamBinding(cloudrunv2.CloudRunV2ServiceIamSchema, cloudrunv2.CloudRunV2ServiceIamUpdaterProducer, cloudrunv2.CloudRunV2ServiceIdParseFunc), - "google_cloud_run_v2_service_iam_member": tpgiamresource.ResourceIamMember(cloudrunv2.CloudRunV2ServiceIamSchema, cloudrunv2.CloudRunV2ServiceIamUpdaterProducer, cloudrunv2.CloudRunV2ServiceIdParseFunc), - "google_cloud_run_v2_service_iam_policy": tpgiamresource.ResourceIamPolicy(cloudrunv2.CloudRunV2ServiceIamSchema, cloudrunv2.CloudRunV2ServiceIamUpdaterProducer, cloudrunv2.CloudRunV2ServiceIdParseFunc), - "google_cloud_scheduler_job": cloudscheduler.ResourceCloudSchedulerJob(), - "google_cloud_tasks_queue": cloudtasks.ResourceCloudTasksQueue(), - "google_cloud_tasks_queue_iam_binding": tpgiamresource.ResourceIamBinding(cloudtasks.CloudTasksQueueIamSchema, cloudtasks.CloudTasksQueueIamUpdaterProducer, cloudtasks.CloudTasksQueueIdParseFunc), - "google_cloud_tasks_queue_iam_member": tpgiamresource.ResourceIamMember(cloudtasks.CloudTasksQueueIamSchema, cloudtasks.CloudTasksQueueIamUpdaterProducer, cloudtasks.CloudTasksQueueIdParseFunc), - "google_cloud_tasks_queue_iam_policy": tpgiamresource.ResourceIamPolicy(cloudtasks.CloudTasksQueueIamSchema, cloudtasks.CloudTasksQueueIamUpdaterProducer, cloudtasks.CloudTasksQueueIdParseFunc), - "google_compute_address": compute.ResourceComputeAddress(), - "google_compute_autoscaler": compute.ResourceComputeAutoscaler(), - "google_compute_backend_bucket": compute.ResourceComputeBackendBucket(), - "google_compute_backend_bucket_signed_url_key": compute.ResourceComputeBackendBucketSignedUrlKey(), - "google_compute_backend_service": compute.ResourceComputeBackendService(), - "google_compute_backend_service_signed_url_key": compute.ResourceComputeBackendServiceSignedUrlKey(), - "google_compute_disk": compute.ResourceComputeDisk(), - "google_compute_disk_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeDiskIamSchema, compute.ComputeDiskIamUpdaterProducer, compute.ComputeDiskIdParseFunc), - "google_compute_disk_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeDiskIamSchema, compute.ComputeDiskIamUpdaterProducer, compute.ComputeDiskIdParseFunc), - "google_compute_disk_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeDiskIamSchema, compute.ComputeDiskIamUpdaterProducer, compute.ComputeDiskIdParseFunc), - "google_compute_disk_resource_policy_attachment": compute.ResourceComputeDiskResourcePolicyAttachment(), - "google_compute_external_vpn_gateway": compute.ResourceComputeExternalVpnGateway(), - "google_compute_firewall": compute.ResourceComputeFirewall(), - "google_compute_forwarding_rule": compute.ResourceComputeForwardingRule(), - "google_compute_global_address": compute.ResourceComputeGlobalAddress(), - "google_compute_global_forwarding_rule": compute.ResourceComputeGlobalForwardingRule(), - "google_compute_global_network_endpoint": compute.ResourceComputeGlobalNetworkEndpoint(), - "google_compute_global_network_endpoint_group": compute.ResourceComputeGlobalNetworkEndpointGroup(), - "google_compute_ha_vpn_gateway": compute.ResourceComputeHaVpnGateway(), - "google_compute_health_check": compute.ResourceComputeHealthCheck(), - "google_compute_http_health_check": compute.ResourceComputeHttpHealthCheck(), - "google_compute_https_health_check": compute.ResourceComputeHttpsHealthCheck(), - "google_compute_image": compute.ResourceComputeImage(), - "google_compute_image_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeImageIamSchema, compute.ComputeImageIamUpdaterProducer, compute.ComputeImageIdParseFunc), - "google_compute_image_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeImageIamSchema, compute.ComputeImageIamUpdaterProducer, compute.ComputeImageIdParseFunc), - "google_compute_image_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeImageIamSchema, compute.ComputeImageIamUpdaterProducer, compute.ComputeImageIdParseFunc), - "google_compute_instance_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeInstanceIamSchema, compute.ComputeInstanceIamUpdaterProducer, compute.ComputeInstanceIdParseFunc), - "google_compute_instance_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeInstanceIamSchema, compute.ComputeInstanceIamUpdaterProducer, compute.ComputeInstanceIdParseFunc), - "google_compute_instance_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeInstanceIamSchema, compute.ComputeInstanceIamUpdaterProducer, compute.ComputeInstanceIdParseFunc), - "google_compute_instance_group_membership": compute.ResourceComputeInstanceGroupMembership(), - "google_compute_instance_group_named_port": compute.ResourceComputeInstanceGroupNamedPort(), - "google_compute_interconnect_attachment": compute.ResourceComputeInterconnectAttachment(), - "google_compute_managed_ssl_certificate": compute.ResourceComputeManagedSslCertificate(), - "google_compute_network": compute.ResourceComputeNetwork(), - "google_compute_network_endpoint": compute.ResourceComputeNetworkEndpoint(), - "google_compute_network_endpoint_group": compute.ResourceComputeNetworkEndpointGroup(), - "google_compute_network_endpoints": compute.ResourceComputeNetworkEndpoints(), - "google_compute_network_firewall_policy": compute.ResourceComputeNetworkFirewallPolicy(), - "google_compute_network_peering_routes_config": compute.ResourceComputeNetworkPeeringRoutesConfig(), - "google_compute_node_group": compute.ResourceComputeNodeGroup(), - "google_compute_node_template": compute.ResourceComputeNodeTemplate(), - "google_compute_packet_mirroring": compute.ResourceComputePacketMirroring(), - "google_compute_per_instance_config": compute.ResourceComputePerInstanceConfig(), - "google_compute_public_advertised_prefix": compute.ResourceComputePublicAdvertisedPrefix(), - "google_compute_public_delegated_prefix": compute.ResourceComputePublicDelegatedPrefix(), - "google_compute_region_autoscaler": compute.ResourceComputeRegionAutoscaler(), - "google_compute_region_backend_service": compute.ResourceComputeRegionBackendService(), - "google_compute_region_commitment": compute.ResourceComputeRegionCommitment(), - "google_compute_region_disk": compute.ResourceComputeRegionDisk(), - "google_compute_region_disk_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeRegionDiskIamSchema, compute.ComputeRegionDiskIamUpdaterProducer, compute.ComputeRegionDiskIdParseFunc), - "google_compute_region_disk_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeRegionDiskIamSchema, compute.ComputeRegionDiskIamUpdaterProducer, compute.ComputeRegionDiskIdParseFunc), - "google_compute_region_disk_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeRegionDiskIamSchema, compute.ComputeRegionDiskIamUpdaterProducer, compute.ComputeRegionDiskIdParseFunc), - "google_compute_region_disk_resource_policy_attachment": compute.ResourceComputeRegionDiskResourcePolicyAttachment(), - "google_compute_region_health_check": compute.ResourceComputeRegionHealthCheck(), - "google_compute_region_network_endpoint": compute.ResourceComputeRegionNetworkEndpoint(), - "google_compute_region_network_endpoint_group": compute.ResourceComputeRegionNetworkEndpointGroup(), - "google_compute_region_network_firewall_policy": compute.ResourceComputeRegionNetworkFirewallPolicy(), - "google_compute_region_per_instance_config": compute.ResourceComputeRegionPerInstanceConfig(), - "google_compute_region_ssl_certificate": compute.ResourceComputeRegionSslCertificate(), - "google_compute_region_ssl_policy": compute.ResourceComputeRegionSslPolicy(), - "google_compute_region_target_http_proxy": compute.ResourceComputeRegionTargetHttpProxy(), - "google_compute_region_target_https_proxy": compute.ResourceComputeRegionTargetHttpsProxy(), - "google_compute_region_target_tcp_proxy": compute.ResourceComputeRegionTargetTcpProxy(), - "google_compute_region_url_map": compute.ResourceComputeRegionUrlMap(), - "google_compute_reservation": compute.ResourceComputeReservation(), - "google_compute_resource_policy": compute.ResourceComputeResourcePolicy(), - "google_compute_route": compute.ResourceComputeRoute(), - "google_compute_router": compute.ResourceComputeRouter(), - "google_compute_router_nat": compute.ResourceComputeRouterNat(), - "google_compute_service_attachment": compute.ResourceComputeServiceAttachment(), - "google_compute_snapshot": compute.ResourceComputeSnapshot(), - "google_compute_snapshot_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeSnapshotIamSchema, compute.ComputeSnapshotIamUpdaterProducer, compute.ComputeSnapshotIdParseFunc), - "google_compute_snapshot_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeSnapshotIamSchema, compute.ComputeSnapshotIamUpdaterProducer, compute.ComputeSnapshotIdParseFunc), - "google_compute_snapshot_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeSnapshotIamSchema, compute.ComputeSnapshotIamUpdaterProducer, compute.ComputeSnapshotIdParseFunc), - "google_compute_ssl_certificate": compute.ResourceComputeSslCertificate(), - "google_compute_ssl_policy": compute.ResourceComputeSslPolicy(), - "google_compute_subnetwork": compute.ResourceComputeSubnetwork(), - "google_compute_subnetwork_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeSubnetworkIamSchema, compute.ComputeSubnetworkIamUpdaterProducer, compute.ComputeSubnetworkIdParseFunc), - "google_compute_subnetwork_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeSubnetworkIamSchema, compute.ComputeSubnetworkIamUpdaterProducer, compute.ComputeSubnetworkIdParseFunc), - "google_compute_subnetwork_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeSubnetworkIamSchema, compute.ComputeSubnetworkIamUpdaterProducer, compute.ComputeSubnetworkIdParseFunc), - "google_compute_target_grpc_proxy": compute.ResourceComputeTargetGrpcProxy(), - "google_compute_target_http_proxy": compute.ResourceComputeTargetHttpProxy(), - "google_compute_target_https_proxy": compute.ResourceComputeTargetHttpsProxy(), - "google_compute_target_instance": compute.ResourceComputeTargetInstance(), - "google_compute_target_ssl_proxy": compute.ResourceComputeTargetSslProxy(), - "google_compute_target_tcp_proxy": compute.ResourceComputeTargetTcpProxy(), - "google_compute_url_map": compute.ResourceComputeUrlMap(), - "google_compute_vpn_gateway": compute.ResourceComputeVpnGateway(), - "google_compute_vpn_tunnel": compute.ResourceComputeVpnTunnel(), - "google_container_analysis_note": containeranalysis.ResourceContainerAnalysisNote(), - "google_container_analysis_note_iam_binding": tpgiamresource.ResourceIamBinding(containeranalysis.ContainerAnalysisNoteIamSchema, containeranalysis.ContainerAnalysisNoteIamUpdaterProducer, containeranalysis.ContainerAnalysisNoteIdParseFunc), - "google_container_analysis_note_iam_member": tpgiamresource.ResourceIamMember(containeranalysis.ContainerAnalysisNoteIamSchema, containeranalysis.ContainerAnalysisNoteIamUpdaterProducer, containeranalysis.ContainerAnalysisNoteIdParseFunc), - "google_container_analysis_note_iam_policy": tpgiamresource.ResourceIamPolicy(containeranalysis.ContainerAnalysisNoteIamSchema, containeranalysis.ContainerAnalysisNoteIamUpdaterProducer, containeranalysis.ContainerAnalysisNoteIdParseFunc), - "google_container_analysis_occurrence": containeranalysis.ResourceContainerAnalysisOccurrence(), - "google_container_attached_cluster": containerattached.ResourceContainerAttachedCluster(), - "google_billing_project_info": corebilling.ResourceCoreBillingProjectInfo(), - "google_database_migration_service_connection_profile": databasemigrationservice.ResourceDatabaseMigrationServiceConnectionProfile(), - "google_database_migration_service_private_connection": databasemigrationservice.ResourceDatabaseMigrationServicePrivateConnection(), - "google_data_catalog_entry": datacatalog.ResourceDataCatalogEntry(), - "google_data_catalog_entry_group": datacatalog.ResourceDataCatalogEntryGroup(), - "google_data_catalog_entry_group_iam_binding": tpgiamresource.ResourceIamBinding(datacatalog.DataCatalogEntryGroupIamSchema, datacatalog.DataCatalogEntryGroupIamUpdaterProducer, datacatalog.DataCatalogEntryGroupIdParseFunc), - "google_data_catalog_entry_group_iam_member": tpgiamresource.ResourceIamMember(datacatalog.DataCatalogEntryGroupIamSchema, datacatalog.DataCatalogEntryGroupIamUpdaterProducer, datacatalog.DataCatalogEntryGroupIdParseFunc), - "google_data_catalog_entry_group_iam_policy": tpgiamresource.ResourceIamPolicy(datacatalog.DataCatalogEntryGroupIamSchema, datacatalog.DataCatalogEntryGroupIamUpdaterProducer, datacatalog.DataCatalogEntryGroupIdParseFunc), - "google_data_catalog_policy_tag": datacatalog.ResourceDataCatalogPolicyTag(), - "google_data_catalog_policy_tag_iam_binding": tpgiamresource.ResourceIamBinding(datacatalog.DataCatalogPolicyTagIamSchema, datacatalog.DataCatalogPolicyTagIamUpdaterProducer, datacatalog.DataCatalogPolicyTagIdParseFunc), - "google_data_catalog_policy_tag_iam_member": tpgiamresource.ResourceIamMember(datacatalog.DataCatalogPolicyTagIamSchema, datacatalog.DataCatalogPolicyTagIamUpdaterProducer, datacatalog.DataCatalogPolicyTagIdParseFunc), - "google_data_catalog_policy_tag_iam_policy": tpgiamresource.ResourceIamPolicy(datacatalog.DataCatalogPolicyTagIamSchema, datacatalog.DataCatalogPolicyTagIamUpdaterProducer, datacatalog.DataCatalogPolicyTagIdParseFunc), - "google_data_catalog_tag": datacatalog.ResourceDataCatalogTag(), - "google_data_catalog_tag_template": datacatalog.ResourceDataCatalogTagTemplate(), - "google_data_catalog_tag_template_iam_binding": tpgiamresource.ResourceIamBinding(datacatalog.DataCatalogTagTemplateIamSchema, datacatalog.DataCatalogTagTemplateIamUpdaterProducer, datacatalog.DataCatalogTagTemplateIdParseFunc), - "google_data_catalog_tag_template_iam_member": tpgiamresource.ResourceIamMember(datacatalog.DataCatalogTagTemplateIamSchema, datacatalog.DataCatalogTagTemplateIamUpdaterProducer, datacatalog.DataCatalogTagTemplateIdParseFunc), - "google_data_catalog_tag_template_iam_policy": tpgiamresource.ResourceIamPolicy(datacatalog.DataCatalogTagTemplateIamSchema, datacatalog.DataCatalogTagTemplateIamUpdaterProducer, datacatalog.DataCatalogTagTemplateIdParseFunc), - "google_data_catalog_taxonomy": datacatalog.ResourceDataCatalogTaxonomy(), - "google_data_catalog_taxonomy_iam_binding": tpgiamresource.ResourceIamBinding(datacatalog.DataCatalogTaxonomyIamSchema, datacatalog.DataCatalogTaxonomyIamUpdaterProducer, datacatalog.DataCatalogTaxonomyIdParseFunc), - "google_data_catalog_taxonomy_iam_member": tpgiamresource.ResourceIamMember(datacatalog.DataCatalogTaxonomyIamSchema, datacatalog.DataCatalogTaxonomyIamUpdaterProducer, datacatalog.DataCatalogTaxonomyIdParseFunc), - "google_data_catalog_taxonomy_iam_policy": tpgiamresource.ResourceIamPolicy(datacatalog.DataCatalogTaxonomyIamSchema, datacatalog.DataCatalogTaxonomyIamUpdaterProducer, datacatalog.DataCatalogTaxonomyIdParseFunc), - "google_data_fusion_instance": datafusion.ResourceDataFusionInstance(), - "google_data_fusion_instance_iam_binding": tpgiamresource.ResourceIamBinding(datafusion.DataFusionInstanceIamSchema, datafusion.DataFusionInstanceIamUpdaterProducer, datafusion.DataFusionInstanceIdParseFunc), - "google_data_fusion_instance_iam_member": tpgiamresource.ResourceIamMember(datafusion.DataFusionInstanceIamSchema, datafusion.DataFusionInstanceIamUpdaterProducer, datafusion.DataFusionInstanceIdParseFunc), - "google_data_fusion_instance_iam_policy": tpgiamresource.ResourceIamPolicy(datafusion.DataFusionInstanceIamSchema, datafusion.DataFusionInstanceIamUpdaterProducer, datafusion.DataFusionInstanceIdParseFunc), - "google_data_loss_prevention_deidentify_template": datalossprevention.ResourceDataLossPreventionDeidentifyTemplate(), - "google_data_loss_prevention_inspect_template": datalossprevention.ResourceDataLossPreventionInspectTemplate(), - "google_data_loss_prevention_job_trigger": datalossprevention.ResourceDataLossPreventionJobTrigger(), - "google_data_loss_prevention_stored_info_type": datalossprevention.ResourceDataLossPreventionStoredInfoType(), - "google_data_pipeline_pipeline": datapipeline.ResourceDataPipelinePipeline(), - "google_dataplex_asset_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexAssetIamSchema, dataplex.DataplexAssetIamUpdaterProducer, dataplex.DataplexAssetIdParseFunc), - "google_dataplex_asset_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexAssetIamSchema, dataplex.DataplexAssetIamUpdaterProducer, dataplex.DataplexAssetIdParseFunc), - "google_dataplex_asset_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexAssetIamSchema, dataplex.DataplexAssetIamUpdaterProducer, dataplex.DataplexAssetIdParseFunc), - "google_dataplex_datascan": dataplex.ResourceDataplexDatascan(), - "google_dataplex_datascan_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexDatascanIamSchema, dataplex.DataplexDatascanIamUpdaterProducer, dataplex.DataplexDatascanIdParseFunc), - "google_dataplex_datascan_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexDatascanIamSchema, dataplex.DataplexDatascanIamUpdaterProducer, dataplex.DataplexDatascanIdParseFunc), - "google_dataplex_datascan_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexDatascanIamSchema, dataplex.DataplexDatascanIamUpdaterProducer, dataplex.DataplexDatascanIdParseFunc), - "google_dataplex_lake_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexLakeIamSchema, dataplex.DataplexLakeIamUpdaterProducer, dataplex.DataplexLakeIdParseFunc), - "google_dataplex_lake_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexLakeIamSchema, dataplex.DataplexLakeIamUpdaterProducer, dataplex.DataplexLakeIdParseFunc), - "google_dataplex_lake_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexLakeIamSchema, dataplex.DataplexLakeIamUpdaterProducer, dataplex.DataplexLakeIdParseFunc), - "google_dataplex_task": dataplex.ResourceDataplexTask(), - "google_dataplex_task_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexTaskIamSchema, dataplex.DataplexTaskIamUpdaterProducer, dataplex.DataplexTaskIdParseFunc), - "google_dataplex_task_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexTaskIamSchema, dataplex.DataplexTaskIamUpdaterProducer, dataplex.DataplexTaskIdParseFunc), - "google_dataplex_task_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexTaskIamSchema, dataplex.DataplexTaskIamUpdaterProducer, dataplex.DataplexTaskIdParseFunc), - "google_dataplex_zone_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexZoneIamSchema, dataplex.DataplexZoneIamUpdaterProducer, dataplex.DataplexZoneIdParseFunc), - "google_dataplex_zone_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexZoneIamSchema, dataplex.DataplexZoneIamUpdaterProducer, dataplex.DataplexZoneIdParseFunc), - "google_dataplex_zone_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexZoneIamSchema, dataplex.DataplexZoneIamUpdaterProducer, dataplex.DataplexZoneIdParseFunc), - "google_dataproc_autoscaling_policy": dataproc.ResourceDataprocAutoscalingPolicy(), - "google_dataproc_autoscaling_policy_iam_binding": tpgiamresource.ResourceIamBinding(dataproc.DataprocAutoscalingPolicyIamSchema, dataproc.DataprocAutoscalingPolicyIamUpdaterProducer, dataproc.DataprocAutoscalingPolicyIdParseFunc), - "google_dataproc_autoscaling_policy_iam_member": tpgiamresource.ResourceIamMember(dataproc.DataprocAutoscalingPolicyIamSchema, dataproc.DataprocAutoscalingPolicyIamUpdaterProducer, dataproc.DataprocAutoscalingPolicyIdParseFunc), - "google_dataproc_autoscaling_policy_iam_policy": tpgiamresource.ResourceIamPolicy(dataproc.DataprocAutoscalingPolicyIamSchema, dataproc.DataprocAutoscalingPolicyIamUpdaterProducer, dataproc.DataprocAutoscalingPolicyIdParseFunc), - "google_dataproc_metastore_service": dataprocmetastore.ResourceDataprocMetastoreService(), - "google_dataproc_metastore_service_iam_binding": tpgiamresource.ResourceIamBinding(dataprocmetastore.DataprocMetastoreServiceIamSchema, dataprocmetastore.DataprocMetastoreServiceIamUpdaterProducer, dataprocmetastore.DataprocMetastoreServiceIdParseFunc), - "google_dataproc_metastore_service_iam_member": tpgiamresource.ResourceIamMember(dataprocmetastore.DataprocMetastoreServiceIamSchema, dataprocmetastore.DataprocMetastoreServiceIamUpdaterProducer, dataprocmetastore.DataprocMetastoreServiceIdParseFunc), - "google_dataproc_metastore_service_iam_policy": tpgiamresource.ResourceIamPolicy(dataprocmetastore.DataprocMetastoreServiceIamSchema, dataprocmetastore.DataprocMetastoreServiceIamUpdaterProducer, dataprocmetastore.DataprocMetastoreServiceIdParseFunc), - "google_datastore_index": datastore.ResourceDatastoreIndex(), - "google_datastream_connection_profile": datastream.ResourceDatastreamConnectionProfile(), - "google_datastream_private_connection": datastream.ResourceDatastreamPrivateConnection(), - "google_datastream_stream": datastream.ResourceDatastreamStream(), - "google_deployment_manager_deployment": deploymentmanager.ResourceDeploymentManagerDeployment(), - "google_dialogflow_agent": dialogflow.ResourceDialogflowAgent(), - "google_dialogflow_entity_type": dialogflow.ResourceDialogflowEntityType(), - "google_dialogflow_fulfillment": dialogflow.ResourceDialogflowFulfillment(), - "google_dialogflow_intent": dialogflow.ResourceDialogflowIntent(), - "google_dialogflow_cx_agent": dialogflowcx.ResourceDialogflowCXAgent(), - "google_dialogflow_cx_entity_type": dialogflowcx.ResourceDialogflowCXEntityType(), - "google_dialogflow_cx_environment": dialogflowcx.ResourceDialogflowCXEnvironment(), - "google_dialogflow_cx_flow": dialogflowcx.ResourceDialogflowCXFlow(), - "google_dialogflow_cx_intent": dialogflowcx.ResourceDialogflowCXIntent(), - "google_dialogflow_cx_page": dialogflowcx.ResourceDialogflowCXPage(), - "google_dialogflow_cx_security_settings": dialogflowcx.ResourceDialogflowCXSecuritySettings(), - "google_dialogflow_cx_test_case": dialogflowcx.ResourceDialogflowCXTestCase(), - "google_dialogflow_cx_version": dialogflowcx.ResourceDialogflowCXVersion(), - "google_dialogflow_cx_webhook": dialogflowcx.ResourceDialogflowCXWebhook(), - "google_discovery_engine_chat_engine": discoveryengine.ResourceDiscoveryEngineChatEngine(), - "google_discovery_engine_data_store": discoveryengine.ResourceDiscoveryEngineDataStore(), - "google_discovery_engine_search_engine": discoveryengine.ResourceDiscoveryEngineSearchEngine(), - "google_dns_managed_zone": dns.ResourceDNSManagedZone(), - "google_dns_managed_zone_iam_binding": tpgiamresource.ResourceIamBinding(dns.DNSManagedZoneIamSchema, dns.DNSManagedZoneIamUpdaterProducer, dns.DNSManagedZoneIdParseFunc), - "google_dns_managed_zone_iam_member": tpgiamresource.ResourceIamMember(dns.DNSManagedZoneIamSchema, dns.DNSManagedZoneIamUpdaterProducer, dns.DNSManagedZoneIdParseFunc), - "google_dns_managed_zone_iam_policy": tpgiamresource.ResourceIamPolicy(dns.DNSManagedZoneIamSchema, dns.DNSManagedZoneIamUpdaterProducer, dns.DNSManagedZoneIdParseFunc), - "google_dns_policy": dns.ResourceDNSPolicy(), - "google_dns_response_policy": dns.ResourceDNSResponsePolicy(), - "google_dns_response_policy_rule": dns.ResourceDNSResponsePolicyRule(), - "google_document_ai_processor": documentai.ResourceDocumentAIProcessor(), - "google_document_ai_processor_default_version": documentai.ResourceDocumentAIProcessorDefaultVersion(), - "google_document_ai_warehouse_document_schema": documentaiwarehouse.ResourceDocumentAIWarehouseDocumentSchema(), - "google_document_ai_warehouse_location": documentaiwarehouse.ResourceDocumentAIWarehouseLocation(), - "google_edgecontainer_cluster": edgecontainer.ResourceEdgecontainerCluster(), - "google_edgecontainer_node_pool": edgecontainer.ResourceEdgecontainerNodePool(), - "google_edgecontainer_vpn_connection": edgecontainer.ResourceEdgecontainerVpnConnection(), - "google_edgenetwork_network": edgenetwork.ResourceEdgenetworkNetwork(), - "google_edgenetwork_subnet": edgenetwork.ResourceEdgenetworkSubnet(), - "google_essential_contacts_contact": essentialcontacts.ResourceEssentialContactsContact(), - "google_filestore_backup": filestore.ResourceFilestoreBackup(), - "google_filestore_instance": filestore.ResourceFilestoreInstance(), - "google_filestore_snapshot": filestore.ResourceFilestoreSnapshot(), - "google_firebase_app_check_app_attest_config": firebaseappcheck.ResourceFirebaseAppCheckAppAttestConfig(), - "google_firebase_app_check_debug_token": firebaseappcheck.ResourceFirebaseAppCheckDebugToken(), - "google_firebase_app_check_device_check_config": firebaseappcheck.ResourceFirebaseAppCheckDeviceCheckConfig(), - "google_firebase_app_check_play_integrity_config": firebaseappcheck.ResourceFirebaseAppCheckPlayIntegrityConfig(), - "google_firebase_app_check_recaptcha_enterprise_config": firebaseappcheck.ResourceFirebaseAppCheckRecaptchaEnterpriseConfig(), - "google_firebase_app_check_recaptcha_v3_config": firebaseappcheck.ResourceFirebaseAppCheckRecaptchaV3Config(), - "google_firebase_app_check_service_config": firebaseappcheck.ResourceFirebaseAppCheckServiceConfig(), - "google_firestore_backup_schedule": firestore.ResourceFirestoreBackupSchedule(), - "google_firestore_database": firestore.ResourceFirestoreDatabase(), - "google_firestore_document": firestore.ResourceFirestoreDocument(), - "google_firestore_field": firestore.ResourceFirestoreField(), - "google_firestore_index": firestore.ResourceFirestoreIndex(), - "google_gke_backup_backup_plan": gkebackup.ResourceGKEBackupBackupPlan(), - "google_gke_backup_backup_plan_iam_binding": tpgiamresource.ResourceIamBinding(gkebackup.GKEBackupBackupPlanIamSchema, gkebackup.GKEBackupBackupPlanIamUpdaterProducer, gkebackup.GKEBackupBackupPlanIdParseFunc), - "google_gke_backup_backup_plan_iam_member": tpgiamresource.ResourceIamMember(gkebackup.GKEBackupBackupPlanIamSchema, gkebackup.GKEBackupBackupPlanIamUpdaterProducer, gkebackup.GKEBackupBackupPlanIdParseFunc), - "google_gke_backup_backup_plan_iam_policy": tpgiamresource.ResourceIamPolicy(gkebackup.GKEBackupBackupPlanIamSchema, gkebackup.GKEBackupBackupPlanIamUpdaterProducer, gkebackup.GKEBackupBackupPlanIdParseFunc), - "google_gke_backup_restore_plan": gkebackup.ResourceGKEBackupRestorePlan(), - "google_gke_backup_restore_plan_iam_binding": tpgiamresource.ResourceIamBinding(gkebackup.GKEBackupRestorePlanIamSchema, gkebackup.GKEBackupRestorePlanIamUpdaterProducer, gkebackup.GKEBackupRestorePlanIdParseFunc), - "google_gke_backup_restore_plan_iam_member": tpgiamresource.ResourceIamMember(gkebackup.GKEBackupRestorePlanIamSchema, gkebackup.GKEBackupRestorePlanIamUpdaterProducer, gkebackup.GKEBackupRestorePlanIdParseFunc), - "google_gke_backup_restore_plan_iam_policy": tpgiamresource.ResourceIamPolicy(gkebackup.GKEBackupRestorePlanIamSchema, gkebackup.GKEBackupRestorePlanIamUpdaterProducer, gkebackup.GKEBackupRestorePlanIdParseFunc), - "google_gke_hub_membership": gkehub.ResourceGKEHubMembership(), - "google_gke_hub_membership_iam_binding": tpgiamresource.ResourceIamBinding(gkehub.GKEHubMembershipIamSchema, gkehub.GKEHubMembershipIamUpdaterProducer, gkehub.GKEHubMembershipIdParseFunc), - "google_gke_hub_membership_iam_member": tpgiamresource.ResourceIamMember(gkehub.GKEHubMembershipIamSchema, gkehub.GKEHubMembershipIamUpdaterProducer, gkehub.GKEHubMembershipIdParseFunc), - "google_gke_hub_membership_iam_policy": tpgiamresource.ResourceIamPolicy(gkehub.GKEHubMembershipIamSchema, gkehub.GKEHubMembershipIamUpdaterProducer, gkehub.GKEHubMembershipIdParseFunc), - "google_gke_hub_feature": gkehub2.ResourceGKEHub2Feature(), - "google_gke_hub_feature_iam_binding": tpgiamresource.ResourceIamBinding(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer, gkehub2.GKEHub2FeatureIdParseFunc), - "google_gke_hub_feature_iam_member": tpgiamresource.ResourceIamMember(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer, gkehub2.GKEHub2FeatureIdParseFunc), - "google_gke_hub_feature_iam_policy": tpgiamresource.ResourceIamPolicy(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer, gkehub2.GKEHub2FeatureIdParseFunc), - "google_gke_hub_fleet": gkehub2.ResourceGKEHub2Fleet(), - "google_gke_hub_membership_binding": gkehub2.ResourceGKEHub2MembershipBinding(), - "google_gke_hub_namespace": gkehub2.ResourceGKEHub2Namespace(), - "google_gke_hub_scope": gkehub2.ResourceGKEHub2Scope(), - "google_gke_hub_scope_iam_binding": tpgiamresource.ResourceIamBinding(gkehub2.GKEHub2ScopeIamSchema, gkehub2.GKEHub2ScopeIamUpdaterProducer, gkehub2.GKEHub2ScopeIdParseFunc), - "google_gke_hub_scope_iam_member": tpgiamresource.ResourceIamMember(gkehub2.GKEHub2ScopeIamSchema, gkehub2.GKEHub2ScopeIamUpdaterProducer, gkehub2.GKEHub2ScopeIdParseFunc), - "google_gke_hub_scope_iam_policy": tpgiamresource.ResourceIamPolicy(gkehub2.GKEHub2ScopeIamSchema, gkehub2.GKEHub2ScopeIamUpdaterProducer, gkehub2.GKEHub2ScopeIdParseFunc), - "google_gke_hub_scope_rbac_role_binding": gkehub2.ResourceGKEHub2ScopeRBACRoleBinding(), - "google_gkeonprem_bare_metal_admin_cluster": gkeonprem.ResourceGkeonpremBareMetalAdminCluster(), - "google_gkeonprem_bare_metal_cluster": gkeonprem.ResourceGkeonpremBareMetalCluster(), - "google_gkeonprem_bare_metal_node_pool": gkeonprem.ResourceGkeonpremBareMetalNodePool(), - "google_gkeonprem_vmware_cluster": gkeonprem.ResourceGkeonpremVmwareCluster(), - "google_gkeonprem_vmware_node_pool": gkeonprem.ResourceGkeonpremVmwareNodePool(), - "google_healthcare_consent_store": healthcare.ResourceHealthcareConsentStore(), - "google_healthcare_consent_store_iam_binding": tpgiamresource.ResourceIamBinding(healthcare.HealthcareConsentStoreIamSchema, healthcare.HealthcareConsentStoreIamUpdaterProducer, healthcare.HealthcareConsentStoreIdParseFunc), - "google_healthcare_consent_store_iam_member": tpgiamresource.ResourceIamMember(healthcare.HealthcareConsentStoreIamSchema, healthcare.HealthcareConsentStoreIamUpdaterProducer, healthcare.HealthcareConsentStoreIdParseFunc), - "google_healthcare_consent_store_iam_policy": tpgiamresource.ResourceIamPolicy(healthcare.HealthcareConsentStoreIamSchema, healthcare.HealthcareConsentStoreIamUpdaterProducer, healthcare.HealthcareConsentStoreIdParseFunc), - "google_healthcare_dataset": healthcare.ResourceHealthcareDataset(), - "google_healthcare_dicom_store": healthcare.ResourceHealthcareDicomStore(), - "google_healthcare_fhir_store": healthcare.ResourceHealthcareFhirStore(), - "google_healthcare_hl7_v2_store": healthcare.ResourceHealthcareHl7V2Store(), - "google_iam_access_boundary_policy": iam2.ResourceIAM2AccessBoundaryPolicy(), - "google_iam_deny_policy": iam2.ResourceIAM2DenyPolicy(), - "google_iam_workload_identity_pool": iambeta.ResourceIAMBetaWorkloadIdentityPool(), - "google_iam_workload_identity_pool_provider": iambeta.ResourceIAMBetaWorkloadIdentityPoolProvider(), - "google_iam_workforce_pool": iamworkforcepool.ResourceIAMWorkforcePoolWorkforcePool(), - "google_iam_workforce_pool_provider": iamworkforcepool.ResourceIAMWorkforcePoolWorkforcePoolProvider(), - "google_iap_app_engine_service_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapAppEngineServiceIamSchema, iap.IapAppEngineServiceIamUpdaterProducer, iap.IapAppEngineServiceIdParseFunc), - "google_iap_app_engine_service_iam_member": tpgiamresource.ResourceIamMember(iap.IapAppEngineServiceIamSchema, iap.IapAppEngineServiceIamUpdaterProducer, iap.IapAppEngineServiceIdParseFunc), - "google_iap_app_engine_service_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapAppEngineServiceIamSchema, iap.IapAppEngineServiceIamUpdaterProducer, iap.IapAppEngineServiceIdParseFunc), - "google_iap_app_engine_version_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapAppEngineVersionIamSchema, iap.IapAppEngineVersionIamUpdaterProducer, iap.IapAppEngineVersionIdParseFunc), - "google_iap_app_engine_version_iam_member": tpgiamresource.ResourceIamMember(iap.IapAppEngineVersionIamSchema, iap.IapAppEngineVersionIamUpdaterProducer, iap.IapAppEngineVersionIdParseFunc), - "google_iap_app_engine_version_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapAppEngineVersionIamSchema, iap.IapAppEngineVersionIamUpdaterProducer, iap.IapAppEngineVersionIdParseFunc), - "google_iap_brand": iap.ResourceIapBrand(), - "google_iap_client": iap.ResourceIapClient(), - "google_iap_tunnel_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapTunnelIamSchema, iap.IapTunnelIamUpdaterProducer, iap.IapTunnelIdParseFunc), - "google_iap_tunnel_iam_member": tpgiamresource.ResourceIamMember(iap.IapTunnelIamSchema, iap.IapTunnelIamUpdaterProducer, iap.IapTunnelIdParseFunc), - "google_iap_tunnel_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapTunnelIamSchema, iap.IapTunnelIamUpdaterProducer, iap.IapTunnelIdParseFunc), - "google_iap_tunnel_dest_group": iap.ResourceIapTunnelDestGroup(), - "google_iap_tunnel_dest_group_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapTunnelDestGroupIamSchema, iap.IapTunnelDestGroupIamUpdaterProducer, iap.IapTunnelDestGroupIdParseFunc), - "google_iap_tunnel_dest_group_iam_member": tpgiamresource.ResourceIamMember(iap.IapTunnelDestGroupIamSchema, iap.IapTunnelDestGroupIamUpdaterProducer, iap.IapTunnelDestGroupIdParseFunc), - "google_iap_tunnel_dest_group_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapTunnelDestGroupIamSchema, iap.IapTunnelDestGroupIamUpdaterProducer, iap.IapTunnelDestGroupIdParseFunc), - "google_iap_tunnel_instance_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapTunnelInstanceIamSchema, iap.IapTunnelInstanceIamUpdaterProducer, iap.IapTunnelInstanceIdParseFunc), - "google_iap_tunnel_instance_iam_member": tpgiamresource.ResourceIamMember(iap.IapTunnelInstanceIamSchema, iap.IapTunnelInstanceIamUpdaterProducer, iap.IapTunnelInstanceIdParseFunc), - "google_iap_tunnel_instance_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapTunnelInstanceIamSchema, iap.IapTunnelInstanceIamUpdaterProducer, iap.IapTunnelInstanceIdParseFunc), - "google_iap_web_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebIamSchema, iap.IapWebIamUpdaterProducer, iap.IapWebIdParseFunc), - "google_iap_web_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebIamSchema, iap.IapWebIamUpdaterProducer, iap.IapWebIdParseFunc), - "google_iap_web_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebIamSchema, iap.IapWebIamUpdaterProducer, iap.IapWebIdParseFunc), - "google_iap_web_backend_service_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebBackendServiceIamSchema, iap.IapWebBackendServiceIamUpdaterProducer, iap.IapWebBackendServiceIdParseFunc), - "google_iap_web_backend_service_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebBackendServiceIamSchema, iap.IapWebBackendServiceIamUpdaterProducer, iap.IapWebBackendServiceIdParseFunc), - "google_iap_web_backend_service_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebBackendServiceIamSchema, iap.IapWebBackendServiceIamUpdaterProducer, iap.IapWebBackendServiceIdParseFunc), - "google_iap_web_region_backend_service_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebRegionBackendServiceIamSchema, iap.IapWebRegionBackendServiceIamUpdaterProducer, iap.IapWebRegionBackendServiceIdParseFunc), - "google_iap_web_region_backend_service_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebRegionBackendServiceIamSchema, iap.IapWebRegionBackendServiceIamUpdaterProducer, iap.IapWebRegionBackendServiceIdParseFunc), - "google_iap_web_region_backend_service_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebRegionBackendServiceIamSchema, iap.IapWebRegionBackendServiceIamUpdaterProducer, iap.IapWebRegionBackendServiceIdParseFunc), - "google_iap_web_type_app_engine_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebTypeAppEngineIamSchema, iap.IapWebTypeAppEngineIamUpdaterProducer, iap.IapWebTypeAppEngineIdParseFunc), - "google_iap_web_type_app_engine_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebTypeAppEngineIamSchema, iap.IapWebTypeAppEngineIamUpdaterProducer, iap.IapWebTypeAppEngineIdParseFunc), - "google_iap_web_type_app_engine_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebTypeAppEngineIamSchema, iap.IapWebTypeAppEngineIamUpdaterProducer, iap.IapWebTypeAppEngineIdParseFunc), - "google_iap_web_type_compute_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebTypeComputeIamSchema, iap.IapWebTypeComputeIamUpdaterProducer, iap.IapWebTypeComputeIdParseFunc), - "google_iap_web_type_compute_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebTypeComputeIamSchema, iap.IapWebTypeComputeIamUpdaterProducer, iap.IapWebTypeComputeIdParseFunc), - "google_iap_web_type_compute_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebTypeComputeIamSchema, iap.IapWebTypeComputeIamUpdaterProducer, iap.IapWebTypeComputeIdParseFunc), - "google_identity_platform_config": identityplatform.ResourceIdentityPlatformConfig(), - "google_identity_platform_default_supported_idp_config": identityplatform.ResourceIdentityPlatformDefaultSupportedIdpConfig(), - "google_identity_platform_inbound_saml_config": identityplatform.ResourceIdentityPlatformInboundSamlConfig(), - "google_identity_platform_oauth_idp_config": identityplatform.ResourceIdentityPlatformOauthIdpConfig(), - "google_identity_platform_project_default_config": identityplatform.ResourceIdentityPlatformProjectDefaultConfig(), - "google_identity_platform_tenant": identityplatform.ResourceIdentityPlatformTenant(), - "google_identity_platform_tenant_default_supported_idp_config": identityplatform.ResourceIdentityPlatformTenantDefaultSupportedIdpConfig(), - "google_identity_platform_tenant_inbound_saml_config": identityplatform.ResourceIdentityPlatformTenantInboundSamlConfig(), - "google_identity_platform_tenant_oauth_idp_config": identityplatform.ResourceIdentityPlatformTenantOauthIdpConfig(), - "google_integration_connectors_connection": integrationconnectors.ResourceIntegrationConnectorsConnection(), - "google_integration_connectors_endpoint_attachment": integrationconnectors.ResourceIntegrationConnectorsEndpointAttachment(), - "google_kms_crypto_key": kms.ResourceKMSCryptoKey(), - "google_kms_crypto_key_version": kms.ResourceKMSCryptoKeyVersion(), - "google_kms_ekm_connection": kms.ResourceKMSEkmConnection(), - "google_kms_key_ring": kms.ResourceKMSKeyRing(), - "google_kms_key_ring_import_job": kms.ResourceKMSKeyRingImportJob(), - "google_kms_secret_ciphertext": kms.ResourceKMSSecretCiphertext(), - "google_logging_folder_settings": logging.ResourceLoggingFolderSettings(), - "google_logging_linked_dataset": logging.ResourceLoggingLinkedDataset(), - "google_logging_log_view": logging.ResourceLoggingLogView(), - "google_logging_metric": logging.ResourceLoggingMetric(), - "google_logging_organization_settings": logging.ResourceLoggingOrganizationSettings(), - "google_looker_instance": looker.ResourceLookerInstance(), - "google_memcache_instance": memcache.ResourceMemcacheInstance(), - "google_migration_center_group": migrationcenter.ResourceMigrationCenterGroup(), - "google_migration_center_preference_set": migrationcenter.ResourceMigrationCenterPreferenceSet(), - "google_ml_engine_model": mlengine.ResourceMLEngineModel(), - "google_monitoring_alert_policy": monitoring.ResourceMonitoringAlertPolicy(), - "google_monitoring_service": monitoring.ResourceMonitoringGenericService(), - "google_monitoring_group": monitoring.ResourceMonitoringGroup(), - "google_monitoring_metric_descriptor": monitoring.ResourceMonitoringMetricDescriptor(), - "google_monitoring_monitored_project": monitoring.ResourceMonitoringMonitoredProject(), - "google_monitoring_notification_channel": monitoring.ResourceMonitoringNotificationChannel(), - "google_monitoring_custom_service": monitoring.ResourceMonitoringService(), - "google_monitoring_slo": monitoring.ResourceMonitoringSlo(), - "google_monitoring_uptime_check_config": monitoring.ResourceMonitoringUptimeCheckConfig(), - "google_netapp_volume": netapp.ResourceNetappVolume(), - "google_netapp_volume_replication": netapp.ResourceNetappVolumeReplication(), - "google_netapp_volume_snapshot": netapp.ResourceNetappVolumeSnapshot(), - "google_netapp_active_directory": netapp.ResourceNetappactiveDirectory(), - "google_netapp_backup_policy": netapp.ResourceNetappbackupPolicy(), - "google_netapp_backup_vault": netapp.ResourceNetappbackupVault(), - "google_netapp_kmsconfig": netapp.ResourceNetappkmsconfig(), - "google_netapp_storage_pool": netapp.ResourceNetappstoragePool(), - "google_network_connectivity_policy_based_route": networkconnectivity.ResourceNetworkConnectivityPolicyBasedRoute(), - "google_network_connectivity_service_connection_policy": networkconnectivity.ResourceNetworkConnectivityServiceConnectionPolicy(), - "google_network_management_connectivity_test": networkmanagement.ResourceNetworkManagementConnectivityTest(), - "google_network_security_address_group": networksecurity.ResourceNetworkSecurityAddressGroup(), - "google_network_security_gateway_security_policy": networksecurity.ResourceNetworkSecurityGatewaySecurityPolicy(), - "google_network_security_gateway_security_policy_rule": networksecurity.ResourceNetworkSecurityGatewaySecurityPolicyRule(), - "google_network_security_address_group_iam_binding": tpgiamresource.ResourceIamBinding(networksecurity.NetworkSecurityProjectAddressGroupIamSchema, networksecurity.NetworkSecurityProjectAddressGroupIamUpdaterProducer, networksecurity.NetworkSecurityProjectAddressGroupIdParseFunc), - "google_network_security_address_group_iam_member": tpgiamresource.ResourceIamMember(networksecurity.NetworkSecurityProjectAddressGroupIamSchema, networksecurity.NetworkSecurityProjectAddressGroupIamUpdaterProducer, networksecurity.NetworkSecurityProjectAddressGroupIdParseFunc), - "google_network_security_address_group_iam_policy": tpgiamresource.ResourceIamPolicy(networksecurity.NetworkSecurityProjectAddressGroupIamSchema, networksecurity.NetworkSecurityProjectAddressGroupIamUpdaterProducer, networksecurity.NetworkSecurityProjectAddressGroupIdParseFunc), - "google_network_security_url_lists": networksecurity.ResourceNetworkSecurityUrlLists(), - "google_network_services_edge_cache_keyset": networkservices.ResourceNetworkServicesEdgeCacheKeyset(), - "google_network_services_edge_cache_origin": networkservices.ResourceNetworkServicesEdgeCacheOrigin(), - "google_network_services_edge_cache_service": networkservices.ResourceNetworkServicesEdgeCacheService(), - "google_network_services_gateway": networkservices.ResourceNetworkServicesGateway(), - "google_notebooks_environment": notebooks.ResourceNotebooksEnvironment(), - "google_notebooks_instance": notebooks.ResourceNotebooksInstance(), - "google_notebooks_instance_iam_binding": tpgiamresource.ResourceIamBinding(notebooks.NotebooksInstanceIamSchema, notebooks.NotebooksInstanceIamUpdaterProducer, notebooks.NotebooksInstanceIdParseFunc), - "google_notebooks_instance_iam_member": tpgiamresource.ResourceIamMember(notebooks.NotebooksInstanceIamSchema, notebooks.NotebooksInstanceIamUpdaterProducer, notebooks.NotebooksInstanceIdParseFunc), - "google_notebooks_instance_iam_policy": tpgiamresource.ResourceIamPolicy(notebooks.NotebooksInstanceIamSchema, notebooks.NotebooksInstanceIamUpdaterProducer, notebooks.NotebooksInstanceIdParseFunc), - "google_notebooks_location": notebooks.ResourceNotebooksLocation(), - "google_notebooks_runtime": notebooks.ResourceNotebooksRuntime(), - "google_notebooks_runtime_iam_binding": tpgiamresource.ResourceIamBinding(notebooks.NotebooksRuntimeIamSchema, notebooks.NotebooksRuntimeIamUpdaterProducer, notebooks.NotebooksRuntimeIdParseFunc), - "google_notebooks_runtime_iam_member": tpgiamresource.ResourceIamMember(notebooks.NotebooksRuntimeIamSchema, notebooks.NotebooksRuntimeIamUpdaterProducer, notebooks.NotebooksRuntimeIdParseFunc), - "google_notebooks_runtime_iam_policy": tpgiamresource.ResourceIamPolicy(notebooks.NotebooksRuntimeIamSchema, notebooks.NotebooksRuntimeIamUpdaterProducer, notebooks.NotebooksRuntimeIdParseFunc), - "google_org_policy_custom_constraint": orgpolicy.ResourceOrgPolicyCustomConstraint(), - "google_os_config_patch_deployment": osconfig.ResourceOSConfigPatchDeployment(), - "google_os_login_ssh_public_key": oslogin.ResourceOSLoginSSHPublicKey(), - "google_privateca_ca_pool": privateca.ResourcePrivatecaCaPool(), - "google_privateca_ca_pool_iam_binding": tpgiamresource.ResourceIamBinding(privateca.PrivatecaCaPoolIamSchema, privateca.PrivatecaCaPoolIamUpdaterProducer, privateca.PrivatecaCaPoolIdParseFunc), - "google_privateca_ca_pool_iam_member": tpgiamresource.ResourceIamMember(privateca.PrivatecaCaPoolIamSchema, privateca.PrivatecaCaPoolIamUpdaterProducer, privateca.PrivatecaCaPoolIdParseFunc), - "google_privateca_ca_pool_iam_policy": tpgiamresource.ResourceIamPolicy(privateca.PrivatecaCaPoolIamSchema, privateca.PrivatecaCaPoolIamUpdaterProducer, privateca.PrivatecaCaPoolIdParseFunc), - "google_privateca_certificate": privateca.ResourcePrivatecaCertificate(), - "google_privateca_certificate_authority": privateca.ResourcePrivatecaCertificateAuthority(), - "google_privateca_certificate_template_iam_binding": tpgiamresource.ResourceIamBinding(privateca.PrivatecaCertificateTemplateIamSchema, privateca.PrivatecaCertificateTemplateIamUpdaterProducer, privateca.PrivatecaCertificateTemplateIdParseFunc), - "google_privateca_certificate_template_iam_member": tpgiamresource.ResourceIamMember(privateca.PrivatecaCertificateTemplateIamSchema, privateca.PrivatecaCertificateTemplateIamUpdaterProducer, privateca.PrivatecaCertificateTemplateIdParseFunc), - "google_privateca_certificate_template_iam_policy": tpgiamresource.ResourceIamPolicy(privateca.PrivatecaCertificateTemplateIamSchema, privateca.PrivatecaCertificateTemplateIamUpdaterProducer, privateca.PrivatecaCertificateTemplateIdParseFunc), - "google_public_ca_external_account_key": publicca.ResourcePublicCAExternalAccountKey(), - "google_pubsub_schema": pubsub.ResourcePubsubSchema(), - "google_pubsub_schema_iam_binding": tpgiamresource.ResourceIamBinding(pubsub.PubsubSchemaIamSchema, pubsub.PubsubSchemaIamUpdaterProducer, pubsub.PubsubSchemaIdParseFunc), - "google_pubsub_schema_iam_member": tpgiamresource.ResourceIamMember(pubsub.PubsubSchemaIamSchema, pubsub.PubsubSchemaIamUpdaterProducer, pubsub.PubsubSchemaIdParseFunc), - "google_pubsub_schema_iam_policy": tpgiamresource.ResourceIamPolicy(pubsub.PubsubSchemaIamSchema, pubsub.PubsubSchemaIamUpdaterProducer, pubsub.PubsubSchemaIdParseFunc), - "google_pubsub_subscription": pubsub.ResourcePubsubSubscription(), - "google_pubsub_topic": pubsub.ResourcePubsubTopic(), - "google_pubsub_topic_iam_binding": tpgiamresource.ResourceIamBinding(pubsub.PubsubTopicIamSchema, pubsub.PubsubTopicIamUpdaterProducer, pubsub.PubsubTopicIdParseFunc), - "google_pubsub_topic_iam_member": tpgiamresource.ResourceIamMember(pubsub.PubsubTopicIamSchema, pubsub.PubsubTopicIamUpdaterProducer, pubsub.PubsubTopicIdParseFunc), - "google_pubsub_topic_iam_policy": tpgiamresource.ResourceIamPolicy(pubsub.PubsubTopicIamSchema, pubsub.PubsubTopicIamUpdaterProducer, pubsub.PubsubTopicIdParseFunc), - "google_pubsub_lite_reservation": pubsublite.ResourcePubsubLiteReservation(), - "google_pubsub_lite_subscription": pubsublite.ResourcePubsubLiteSubscription(), - "google_pubsub_lite_topic": pubsublite.ResourcePubsubLiteTopic(), - "google_redis_cluster": redis.ResourceRedisCluster(), - "google_redis_instance": redis.ResourceRedisInstance(), - "google_resource_manager_lien": resourcemanager.ResourceResourceManagerLien(), - "google_secret_manager_secret": secretmanager.ResourceSecretManagerSecret(), - "google_secret_manager_secret_iam_binding": tpgiamresource.ResourceIamBinding(secretmanager.SecretManagerSecretIamSchema, secretmanager.SecretManagerSecretIamUpdaterProducer, secretmanager.SecretManagerSecretIdParseFunc), - "google_secret_manager_secret_iam_member": tpgiamresource.ResourceIamMember(secretmanager.SecretManagerSecretIamSchema, secretmanager.SecretManagerSecretIamUpdaterProducer, secretmanager.SecretManagerSecretIdParseFunc), - "google_secret_manager_secret_iam_policy": tpgiamresource.ResourceIamPolicy(secretmanager.SecretManagerSecretIamSchema, secretmanager.SecretManagerSecretIamUpdaterProducer, secretmanager.SecretManagerSecretIdParseFunc), - "google_secret_manager_secret_version": secretmanager.ResourceSecretManagerSecretVersion(), - "google_secure_source_manager_instance": securesourcemanager.ResourceSecureSourceManagerInstance(), - "google_secure_source_manager_instance_iam_binding": tpgiamresource.ResourceIamBinding(securesourcemanager.SecureSourceManagerInstanceIamSchema, securesourcemanager.SecureSourceManagerInstanceIamUpdaterProducer, securesourcemanager.SecureSourceManagerInstanceIdParseFunc), - "google_secure_source_manager_instance_iam_member": tpgiamresource.ResourceIamMember(securesourcemanager.SecureSourceManagerInstanceIamSchema, securesourcemanager.SecureSourceManagerInstanceIamUpdaterProducer, securesourcemanager.SecureSourceManagerInstanceIdParseFunc), - "google_secure_source_manager_instance_iam_policy": tpgiamresource.ResourceIamPolicy(securesourcemanager.SecureSourceManagerInstanceIamSchema, securesourcemanager.SecureSourceManagerInstanceIamUpdaterProducer, securesourcemanager.SecureSourceManagerInstanceIdParseFunc), - "google_scc_event_threat_detection_custom_module": securitycenter.ResourceSecurityCenterEventThreatDetectionCustomModule(), - "google_scc_folder_custom_module": securitycenter.ResourceSecurityCenterFolderCustomModule(), - "google_scc_mute_config": securitycenter.ResourceSecurityCenterMuteConfig(), - "google_scc_notification_config": securitycenter.ResourceSecurityCenterNotificationConfig(), - "google_scc_organization_custom_module": securitycenter.ResourceSecurityCenterOrganizationCustomModule(), - "google_scc_project_custom_module": securitycenter.ResourceSecurityCenterProjectCustomModule(), - "google_scc_source": securitycenter.ResourceSecurityCenterSource(), - "google_scc_source_iam_binding": tpgiamresource.ResourceIamBinding(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc), - "google_scc_source_iam_member": tpgiamresource.ResourceIamMember(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc), - "google_scc_source_iam_policy": tpgiamresource.ResourceIamPolicy(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc), - "google_securityposture_posture": securityposture.ResourceSecurityposturePosture(), - "google_securityposture_posture_deployment": securityposture.ResourceSecurityposturePostureDeployment(), - "google_endpoints_service_iam_binding": tpgiamresource.ResourceIamBinding(servicemanagement.ServiceManagementServiceIamSchema, servicemanagement.ServiceManagementServiceIamUpdaterProducer, servicemanagement.ServiceManagementServiceIdParseFunc), - "google_endpoints_service_iam_member": tpgiamresource.ResourceIamMember(servicemanagement.ServiceManagementServiceIamSchema, servicemanagement.ServiceManagementServiceIamUpdaterProducer, servicemanagement.ServiceManagementServiceIdParseFunc), - "google_endpoints_service_iam_policy": tpgiamresource.ResourceIamPolicy(servicemanagement.ServiceManagementServiceIamSchema, servicemanagement.ServiceManagementServiceIamUpdaterProducer, servicemanagement.ServiceManagementServiceIdParseFunc), - "google_endpoints_service_consumers_iam_binding": tpgiamresource.ResourceIamBinding(servicemanagement.ServiceManagementServiceConsumersIamSchema, servicemanagement.ServiceManagementServiceConsumersIamUpdaterProducer, servicemanagement.ServiceManagementServiceConsumersIdParseFunc), - "google_endpoints_service_consumers_iam_member": tpgiamresource.ResourceIamMember(servicemanagement.ServiceManagementServiceConsumersIamSchema, servicemanagement.ServiceManagementServiceConsumersIamUpdaterProducer, servicemanagement.ServiceManagementServiceConsumersIdParseFunc), - "google_endpoints_service_consumers_iam_policy": tpgiamresource.ResourceIamPolicy(servicemanagement.ServiceManagementServiceConsumersIamSchema, servicemanagement.ServiceManagementServiceConsumersIamUpdaterProducer, servicemanagement.ServiceManagementServiceConsumersIdParseFunc), - "google_sourcerepo_repository": sourcerepo.ResourceSourceRepoRepository(), - "google_sourcerepo_repository_iam_binding": tpgiamresource.ResourceIamBinding(sourcerepo.SourceRepoRepositoryIamSchema, sourcerepo.SourceRepoRepositoryIamUpdaterProducer, sourcerepo.SourceRepoRepositoryIdParseFunc), - "google_sourcerepo_repository_iam_member": tpgiamresource.ResourceIamMember(sourcerepo.SourceRepoRepositoryIamSchema, sourcerepo.SourceRepoRepositoryIamUpdaterProducer, sourcerepo.SourceRepoRepositoryIdParseFunc), - "google_sourcerepo_repository_iam_policy": tpgiamresource.ResourceIamPolicy(sourcerepo.SourceRepoRepositoryIamSchema, sourcerepo.SourceRepoRepositoryIamUpdaterProducer, sourcerepo.SourceRepoRepositoryIdParseFunc), - "google_spanner_database": spanner.ResourceSpannerDatabase(), - "google_spanner_instance": spanner.ResourceSpannerInstance(), - "google_sql_database": sql.ResourceSQLDatabase(), - "google_sql_source_representation_instance": sql.ResourceSQLSourceRepresentationInstance(), - "google_storage_bucket_iam_binding": tpgiamresource.ResourceIamBinding(storage.StorageBucketIamSchema, storage.StorageBucketIamUpdaterProducer, storage.StorageBucketIdParseFunc), - "google_storage_bucket_iam_member": tpgiamresource.ResourceIamMember(storage.StorageBucketIamSchema, storage.StorageBucketIamUpdaterProducer, storage.StorageBucketIdParseFunc), - "google_storage_bucket_iam_policy": tpgiamresource.ResourceIamPolicy(storage.StorageBucketIamSchema, storage.StorageBucketIamUpdaterProducer, storage.StorageBucketIdParseFunc), - "google_storage_bucket_access_control": storage.ResourceStorageBucketAccessControl(), - "google_storage_default_object_access_control": storage.ResourceStorageDefaultObjectAccessControl(), - "google_storage_hmac_key": storage.ResourceStorageHmacKey(), - "google_storage_object_access_control": storage.ResourceStorageObjectAccessControl(), - "google_storage_insights_report_config": storageinsights.ResourceStorageInsightsReportConfig(), - "google_storage_transfer_agent_pool": storagetransfer.ResourceStorageTransferAgentPool(), - "google_tags_tag_binding": tags.ResourceTagsTagBinding(), - "google_tags_tag_key": tags.ResourceTagsTagKey(), - "google_tags_tag_key_iam_binding": tpgiamresource.ResourceIamBinding(tags.TagsTagKeyIamSchema, tags.TagsTagKeyIamUpdaterProducer, tags.TagsTagKeyIdParseFunc), - "google_tags_tag_key_iam_member": tpgiamresource.ResourceIamMember(tags.TagsTagKeyIamSchema, tags.TagsTagKeyIamUpdaterProducer, tags.TagsTagKeyIdParseFunc), - "google_tags_tag_key_iam_policy": tpgiamresource.ResourceIamPolicy(tags.TagsTagKeyIamSchema, tags.TagsTagKeyIamUpdaterProducer, tags.TagsTagKeyIdParseFunc), - "google_tags_tag_value": tags.ResourceTagsTagValue(), - "google_tags_tag_value_iam_binding": tpgiamresource.ResourceIamBinding(tags.TagsTagValueIamSchema, tags.TagsTagValueIamUpdaterProducer, tags.TagsTagValueIdParseFunc), - "google_tags_tag_value_iam_member": tpgiamresource.ResourceIamMember(tags.TagsTagValueIamSchema, tags.TagsTagValueIamUpdaterProducer, tags.TagsTagValueIdParseFunc), - "google_tags_tag_value_iam_policy": tpgiamresource.ResourceIamPolicy(tags.TagsTagValueIamSchema, tags.TagsTagValueIamUpdaterProducer, tags.TagsTagValueIdParseFunc), - "google_tpu_node": tpu.ResourceTPUNode(), - "google_vertex_ai_dataset": vertexai.ResourceVertexAIDataset(), - "google_vertex_ai_endpoint": vertexai.ResourceVertexAIEndpoint(), - "google_vertex_ai_feature_group": vertexai.ResourceVertexAIFeatureGroup(), - "google_vertex_ai_feature_group_feature": vertexai.ResourceVertexAIFeatureGroupFeature(), - "google_vertex_ai_feature_online_store": vertexai.ResourceVertexAIFeatureOnlineStore(), - "google_vertex_ai_feature_online_store_featureview": vertexai.ResourceVertexAIFeatureOnlineStoreFeatureview(), - "google_vertex_ai_featurestore": vertexai.ResourceVertexAIFeaturestore(), - "google_vertex_ai_featurestore_entitytype": vertexai.ResourceVertexAIFeaturestoreEntitytype(), - "google_vertex_ai_featurestore_entitytype_feature": vertexai.ResourceVertexAIFeaturestoreEntitytypeFeature(), - "google_vertex_ai_index": vertexai.ResourceVertexAIIndex(), - "google_vertex_ai_index_endpoint": vertexai.ResourceVertexAIIndexEndpoint(), - "google_vertex_ai_tensorboard": vertexai.ResourceVertexAITensorboard(), - "google_vmwareengine_cluster": vmwareengine.ResourceVmwareengineCluster(), - "google_vmwareengine_external_access_rule": vmwareengine.ResourceVmwareengineExternalAccessRule(), - "google_vmwareengine_external_address": vmwareengine.ResourceVmwareengineExternalAddress(), - "google_vmwareengine_network": vmwareengine.ResourceVmwareengineNetwork(), - "google_vmwareengine_network_peering": vmwareengine.ResourceVmwareengineNetworkPeering(), - "google_vmwareengine_network_policy": vmwareengine.ResourceVmwareengineNetworkPolicy(), - "google_vmwareengine_private_cloud": vmwareengine.ResourceVmwareenginePrivateCloud(), - "google_vmwareengine_subnet": vmwareengine.ResourceVmwareengineSubnet(), - "google_vpc_access_connector": vpcaccess.ResourceVPCAccessConnector(), - "google_workbench_instance": workbench.ResourceWorkbenchInstance(), - "google_workbench_instance_iam_binding": tpgiamresource.ResourceIamBinding(workbench.WorkbenchInstanceIamSchema, workbench.WorkbenchInstanceIamUpdaterProducer, workbench.WorkbenchInstanceIdParseFunc), - "google_workbench_instance_iam_member": tpgiamresource.ResourceIamMember(workbench.WorkbenchInstanceIamSchema, workbench.WorkbenchInstanceIamUpdaterProducer, workbench.WorkbenchInstanceIdParseFunc), - "google_workbench_instance_iam_policy": tpgiamresource.ResourceIamPolicy(workbench.WorkbenchInstanceIamSchema, workbench.WorkbenchInstanceIamUpdaterProducer, workbench.WorkbenchInstanceIdParseFunc), - "google_workflows_workflow": workflows.ResourceWorkflowsWorkflow(), + "google_folder_access_approval_settings": accessapproval.ResourceAccessApprovalFolderSettings(), + "google_organization_access_approval_settings": accessapproval.ResourceAccessApprovalOrganizationSettings(), + "google_project_access_approval_settings": accessapproval.ResourceAccessApprovalProjectSettings(), + "google_access_context_manager_access_level": accesscontextmanager.ResourceAccessContextManagerAccessLevel(), + "google_access_context_manager_access_level_condition": accesscontextmanager.ResourceAccessContextManagerAccessLevelCondition(), + "google_access_context_manager_access_levels": accesscontextmanager.ResourceAccessContextManagerAccessLevels(), + "google_access_context_manager_access_policy": accesscontextmanager.ResourceAccessContextManagerAccessPolicy(), + "google_access_context_manager_access_policy_iam_binding": tpgiamresource.ResourceIamBinding(accesscontextmanager.AccessContextManagerAccessPolicyIamSchema, accesscontextmanager.AccessContextManagerAccessPolicyIamUpdaterProducer, accesscontextmanager.AccessContextManagerAccessPolicyIdParseFunc), + "google_access_context_manager_access_policy_iam_member": tpgiamresource.ResourceIamMember(accesscontextmanager.AccessContextManagerAccessPolicyIamSchema, accesscontextmanager.AccessContextManagerAccessPolicyIamUpdaterProducer, accesscontextmanager.AccessContextManagerAccessPolicyIdParseFunc), + "google_access_context_manager_access_policy_iam_policy": tpgiamresource.ResourceIamPolicy(accesscontextmanager.AccessContextManagerAccessPolicyIamSchema, accesscontextmanager.AccessContextManagerAccessPolicyIamUpdaterProducer, accesscontextmanager.AccessContextManagerAccessPolicyIdParseFunc), + "google_access_context_manager_authorized_orgs_desc": accesscontextmanager.ResourceAccessContextManagerAuthorizedOrgsDesc(), + "google_access_context_manager_egress_policy": accesscontextmanager.ResourceAccessContextManagerEgressPolicy(), + "google_access_context_manager_gcp_user_access_binding": accesscontextmanager.ResourceAccessContextManagerGcpUserAccessBinding(), + "google_access_context_manager_ingress_policy": accesscontextmanager.ResourceAccessContextManagerIngressPolicy(), + "google_access_context_manager_service_perimeter": accesscontextmanager.ResourceAccessContextManagerServicePerimeter(), + "google_access_context_manager_service_perimeter_dry_run_resource": accesscontextmanager.ResourceAccessContextManagerServicePerimeterDryRunResource(), + "google_access_context_manager_service_perimeter_egress_policy": accesscontextmanager.ResourceAccessContextManagerServicePerimeterEgressPolicy(), + "google_access_context_manager_service_perimeter_ingress_policy": accesscontextmanager.ResourceAccessContextManagerServicePerimeterIngressPolicy(), + "google_access_context_manager_service_perimeter_resource": accesscontextmanager.ResourceAccessContextManagerServicePerimeterResource(), + "google_access_context_manager_service_perimeters": accesscontextmanager.ResourceAccessContextManagerServicePerimeters(), + "google_active_directory_domain": activedirectory.ResourceActiveDirectoryDomain(), + "google_active_directory_domain_trust": activedirectory.ResourceActiveDirectoryDomainTrust(), + "google_alloydb_backup": alloydb.ResourceAlloydbBackup(), + "google_alloydb_cluster": alloydb.ResourceAlloydbCluster(), + "google_alloydb_instance": alloydb.ResourceAlloydbInstance(), + "google_alloydb_user": alloydb.ResourceAlloydbUser(), + "google_apigee_addons_config": apigee.ResourceApigeeAddonsConfig(), + "google_apigee_endpoint_attachment": apigee.ResourceApigeeEndpointAttachment(), + "google_apigee_env_keystore": apigee.ResourceApigeeEnvKeystore(), + "google_apigee_env_references": apigee.ResourceApigeeEnvReferences(), + "google_apigee_envgroup": apigee.ResourceApigeeEnvgroup(), + "google_apigee_envgroup_attachment": apigee.ResourceApigeeEnvgroupAttachment(), + "google_apigee_environment": apigee.ResourceApigeeEnvironment(), + "google_apigee_environment_iam_binding": tpgiamresource.ResourceIamBinding(apigee.ApigeeEnvironmentIamSchema, apigee.ApigeeEnvironmentIamUpdaterProducer, apigee.ApigeeEnvironmentIdParseFunc), + "google_apigee_environment_iam_member": tpgiamresource.ResourceIamMember(apigee.ApigeeEnvironmentIamSchema, apigee.ApigeeEnvironmentIamUpdaterProducer, apigee.ApigeeEnvironmentIdParseFunc), + "google_apigee_environment_iam_policy": tpgiamresource.ResourceIamPolicy(apigee.ApigeeEnvironmentIamSchema, apigee.ApigeeEnvironmentIamUpdaterProducer, apigee.ApigeeEnvironmentIdParseFunc), + "google_apigee_instance": apigee.ResourceApigeeInstance(), + "google_apigee_instance_attachment": apigee.ResourceApigeeInstanceAttachment(), + "google_apigee_keystores_aliases_self_signed_cert": apigee.ResourceApigeeKeystoresAliasesSelfSignedCert(), + "google_apigee_nat_address": apigee.ResourceApigeeNatAddress(), + "google_apigee_organization": apigee.ResourceApigeeOrganization(), + "google_apigee_sync_authorization": apigee.ResourceApigeeSyncAuthorization(), + "google_apigee_target_server": apigee.ResourceApigeeTargetServer(), + "google_app_engine_application_url_dispatch_rules": appengine.ResourceAppEngineApplicationUrlDispatchRules(), + "google_app_engine_domain_mapping": appengine.ResourceAppEngineDomainMapping(), + "google_app_engine_firewall_rule": appengine.ResourceAppEngineFirewallRule(), + "google_app_engine_flexible_app_version": appengine.ResourceAppEngineFlexibleAppVersion(), + "google_app_engine_service_network_settings": appengine.ResourceAppEngineServiceNetworkSettings(), + "google_app_engine_service_split_traffic": appengine.ResourceAppEngineServiceSplitTraffic(), + "google_app_engine_standard_app_version": appengine.ResourceAppEngineStandardAppVersion(), + "google_apphub_application": apphub.ResourceApphubApplication(), + "google_apphub_service": apphub.ResourceApphubService(), + "google_apphub_service_project_attachment": apphub.ResourceApphubServiceProjectAttachment(), + "google_apphub_workload": apphub.ResourceApphubWorkload(), + "google_artifact_registry_repository": artifactregistry.ResourceArtifactRegistryRepository(), + "google_artifact_registry_repository_iam_binding": tpgiamresource.ResourceIamBinding(artifactregistry.ArtifactRegistryRepositoryIamSchema, artifactregistry.ArtifactRegistryRepositoryIamUpdaterProducer, artifactregistry.ArtifactRegistryRepositoryIdParseFunc), + "google_artifact_registry_repository_iam_member": tpgiamresource.ResourceIamMember(artifactregistry.ArtifactRegistryRepositoryIamSchema, artifactregistry.ArtifactRegistryRepositoryIamUpdaterProducer, artifactregistry.ArtifactRegistryRepositoryIdParseFunc), + "google_artifact_registry_repository_iam_policy": tpgiamresource.ResourceIamPolicy(artifactregistry.ArtifactRegistryRepositoryIamSchema, artifactregistry.ArtifactRegistryRepositoryIamUpdaterProducer, artifactregistry.ArtifactRegistryRepositoryIdParseFunc), + "google_beyondcorp_app_connection": beyondcorp.ResourceBeyondcorpAppConnection(), + "google_beyondcorp_app_connector": beyondcorp.ResourceBeyondcorpAppConnector(), + "google_beyondcorp_app_gateway": beyondcorp.ResourceBeyondcorpAppGateway(), + "google_biglake_catalog": biglake.ResourceBiglakeCatalog(), + "google_biglake_database": biglake.ResourceBiglakeDatabase(), + "google_biglake_table": biglake.ResourceBiglakeTable(), + "google_bigquery_dataset": bigquery.ResourceBigQueryDataset(), + "google_bigquery_dataset_access": bigquery.ResourceBigQueryDatasetAccess(), + "google_bigquery_job": bigquery.ResourceBigQueryJob(), + "google_bigquery_routine": bigquery.ResourceBigQueryRoutine(), + "google_bigquery_table_iam_binding": tpgiamresource.ResourceIamBinding(bigquery.BigQueryTableIamSchema, bigquery.BigQueryTableIamUpdaterProducer, bigquery.BigQueryTableIdParseFunc), + "google_bigquery_table_iam_member": tpgiamresource.ResourceIamMember(bigquery.BigQueryTableIamSchema, bigquery.BigQueryTableIamUpdaterProducer, bigquery.BigQueryTableIdParseFunc), + "google_bigquery_table_iam_policy": tpgiamresource.ResourceIamPolicy(bigquery.BigQueryTableIamSchema, bigquery.BigQueryTableIamUpdaterProducer, bigquery.BigQueryTableIdParseFunc), + "google_bigquery_analytics_hub_data_exchange": bigqueryanalyticshub.ResourceBigqueryAnalyticsHubDataExchange(), + "google_bigquery_analytics_hub_data_exchange_iam_binding": tpgiamresource.ResourceIamBinding(bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIdParseFunc), + "google_bigquery_analytics_hub_data_exchange_iam_member": tpgiamresource.ResourceIamMember(bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIdParseFunc), + "google_bigquery_analytics_hub_data_exchange_iam_policy": tpgiamresource.ResourceIamPolicy(bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubDataExchangeIdParseFunc), + "google_bigquery_analytics_hub_listing": bigqueryanalyticshub.ResourceBigqueryAnalyticsHubListing(), + "google_bigquery_analytics_hub_listing_iam_binding": tpgiamresource.ResourceIamBinding(bigqueryanalyticshub.BigqueryAnalyticsHubListingIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubListingIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubListingIdParseFunc), + "google_bigquery_analytics_hub_listing_iam_member": tpgiamresource.ResourceIamMember(bigqueryanalyticshub.BigqueryAnalyticsHubListingIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubListingIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubListingIdParseFunc), + "google_bigquery_analytics_hub_listing_iam_policy": tpgiamresource.ResourceIamPolicy(bigqueryanalyticshub.BigqueryAnalyticsHubListingIamSchema, bigqueryanalyticshub.BigqueryAnalyticsHubListingIamUpdaterProducer, bigqueryanalyticshub.BigqueryAnalyticsHubListingIdParseFunc), + "google_bigquery_connection": bigqueryconnection.ResourceBigqueryConnectionConnection(), + "google_bigquery_connection_iam_binding": tpgiamresource.ResourceIamBinding(bigqueryconnection.BigqueryConnectionConnectionIamSchema, bigqueryconnection.BigqueryConnectionConnectionIamUpdaterProducer, bigqueryconnection.BigqueryConnectionConnectionIdParseFunc), + "google_bigquery_connection_iam_member": tpgiamresource.ResourceIamMember(bigqueryconnection.BigqueryConnectionConnectionIamSchema, bigqueryconnection.BigqueryConnectionConnectionIamUpdaterProducer, bigqueryconnection.BigqueryConnectionConnectionIdParseFunc), + "google_bigquery_connection_iam_policy": tpgiamresource.ResourceIamPolicy(bigqueryconnection.BigqueryConnectionConnectionIamSchema, bigqueryconnection.BigqueryConnectionConnectionIamUpdaterProducer, bigqueryconnection.BigqueryConnectionConnectionIdParseFunc), + "google_bigquery_datapolicy_data_policy": bigquerydatapolicy.ResourceBigqueryDatapolicyDataPolicy(), + "google_bigquery_datapolicy_data_policy_iam_binding": tpgiamresource.ResourceIamBinding(bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamSchema, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamUpdaterProducer, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIdParseFunc), + "google_bigquery_datapolicy_data_policy_iam_member": tpgiamresource.ResourceIamMember(bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamSchema, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamUpdaterProducer, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIdParseFunc), + "google_bigquery_datapolicy_data_policy_iam_policy": tpgiamresource.ResourceIamPolicy(bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamSchema, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIamUpdaterProducer, bigquerydatapolicy.BigqueryDatapolicyDataPolicyIdParseFunc), + "google_bigquery_data_transfer_config": bigquerydatatransfer.ResourceBigqueryDataTransferConfig(), + "google_bigquery_bi_reservation": bigqueryreservation.ResourceBigqueryReservationBiReservation(), + "google_bigquery_capacity_commitment": bigqueryreservation.ResourceBigqueryReservationCapacityCommitment(), + "google_bigquery_reservation": bigqueryreservation.ResourceBigqueryReservationReservation(), + "google_bigtable_app_profile": bigtable.ResourceBigtableAppProfile(), + "google_billing_budget": billing.ResourceBillingBudget(), + "google_binary_authorization_attestor": binaryauthorization.ResourceBinaryAuthorizationAttestor(), + "google_binary_authorization_attestor_iam_binding": tpgiamresource.ResourceIamBinding(binaryauthorization.BinaryAuthorizationAttestorIamSchema, binaryauthorization.BinaryAuthorizationAttestorIamUpdaterProducer, binaryauthorization.BinaryAuthorizationAttestorIdParseFunc), + "google_binary_authorization_attestor_iam_member": tpgiamresource.ResourceIamMember(binaryauthorization.BinaryAuthorizationAttestorIamSchema, binaryauthorization.BinaryAuthorizationAttestorIamUpdaterProducer, binaryauthorization.BinaryAuthorizationAttestorIdParseFunc), + "google_binary_authorization_attestor_iam_policy": tpgiamresource.ResourceIamPolicy(binaryauthorization.BinaryAuthorizationAttestorIamSchema, binaryauthorization.BinaryAuthorizationAttestorIamUpdaterProducer, binaryauthorization.BinaryAuthorizationAttestorIdParseFunc), + "google_binary_authorization_policy": binaryauthorization.ResourceBinaryAuthorizationPolicy(), + "google_blockchain_node_engine_blockchain_nodes": blockchainnodeengine.ResourceBlockchainNodeEngineBlockchainNodes(), + "google_certificate_manager_certificate": certificatemanager.ResourceCertificateManagerCertificate(), + "google_certificate_manager_certificate_issuance_config": certificatemanager.ResourceCertificateManagerCertificateIssuanceConfig(), + "google_certificate_manager_certificate_map": certificatemanager.ResourceCertificateManagerCertificateMap(), + "google_certificate_manager_certificate_map_entry": certificatemanager.ResourceCertificateManagerCertificateMapEntry(), + "google_certificate_manager_dns_authorization": certificatemanager.ResourceCertificateManagerDnsAuthorization(), + "google_certificate_manager_trust_config": certificatemanager.ResourceCertificateManagerTrustConfig(), + "google_cloud_asset_folder_feed": cloudasset.ResourceCloudAssetFolderFeed(), + "google_cloud_asset_organization_feed": cloudasset.ResourceCloudAssetOrganizationFeed(), + "google_cloud_asset_project_feed": cloudasset.ResourceCloudAssetProjectFeed(), + "google_cloudbuild_bitbucket_server_config": cloudbuild.ResourceCloudBuildBitbucketServerConfig(), + "google_cloudbuild_trigger": cloudbuild.ResourceCloudBuildTrigger(), + "google_cloudbuildv2_connection": cloudbuildv2.ResourceCloudbuildv2Connection(), + "google_cloudbuildv2_connection_iam_binding": tpgiamresource.ResourceIamBinding(cloudbuildv2.Cloudbuildv2ConnectionIamSchema, cloudbuildv2.Cloudbuildv2ConnectionIamUpdaterProducer, cloudbuildv2.Cloudbuildv2ConnectionIdParseFunc), + "google_cloudbuildv2_connection_iam_member": tpgiamresource.ResourceIamMember(cloudbuildv2.Cloudbuildv2ConnectionIamSchema, cloudbuildv2.Cloudbuildv2ConnectionIamUpdaterProducer, cloudbuildv2.Cloudbuildv2ConnectionIdParseFunc), + "google_cloudbuildv2_connection_iam_policy": tpgiamresource.ResourceIamPolicy(cloudbuildv2.Cloudbuildv2ConnectionIamSchema, cloudbuildv2.Cloudbuildv2ConnectionIamUpdaterProducer, cloudbuildv2.Cloudbuildv2ConnectionIdParseFunc), + "google_cloudbuildv2_repository": cloudbuildv2.ResourceCloudbuildv2Repository(), + "google_clouddeploy_automation": clouddeploy.ResourceClouddeployAutomation(), + "google_clouddeploy_custom_target_type": clouddeploy.ResourceClouddeployCustomTargetType(), + "google_clouddeploy_custom_target_type_iam_binding": tpgiamresource.ResourceIamBinding(clouddeploy.ClouddeployCustomTargetTypeIamSchema, clouddeploy.ClouddeployCustomTargetTypeIamUpdaterProducer, clouddeploy.ClouddeployCustomTargetTypeIdParseFunc), + "google_clouddeploy_custom_target_type_iam_member": tpgiamresource.ResourceIamMember(clouddeploy.ClouddeployCustomTargetTypeIamSchema, clouddeploy.ClouddeployCustomTargetTypeIamUpdaterProducer, clouddeploy.ClouddeployCustomTargetTypeIdParseFunc), + "google_clouddeploy_custom_target_type_iam_policy": tpgiamresource.ResourceIamPolicy(clouddeploy.ClouddeployCustomTargetTypeIamSchema, clouddeploy.ClouddeployCustomTargetTypeIamUpdaterProducer, clouddeploy.ClouddeployCustomTargetTypeIdParseFunc), + "google_clouddeploy_delivery_pipeline_iam_binding": tpgiamresource.ResourceIamBinding(clouddeploy.ClouddeployDeliveryPipelineIamSchema, clouddeploy.ClouddeployDeliveryPipelineIamUpdaterProducer, clouddeploy.ClouddeployDeliveryPipelineIdParseFunc), + "google_clouddeploy_delivery_pipeline_iam_member": tpgiamresource.ResourceIamMember(clouddeploy.ClouddeployDeliveryPipelineIamSchema, clouddeploy.ClouddeployDeliveryPipelineIamUpdaterProducer, clouddeploy.ClouddeployDeliveryPipelineIdParseFunc), + "google_clouddeploy_delivery_pipeline_iam_policy": tpgiamresource.ResourceIamPolicy(clouddeploy.ClouddeployDeliveryPipelineIamSchema, clouddeploy.ClouddeployDeliveryPipelineIamUpdaterProducer, clouddeploy.ClouddeployDeliveryPipelineIdParseFunc), + "google_clouddeploy_target_iam_binding": tpgiamresource.ResourceIamBinding(clouddeploy.ClouddeployTargetIamSchema, clouddeploy.ClouddeployTargetIamUpdaterProducer, clouddeploy.ClouddeployTargetIdParseFunc), + "google_clouddeploy_target_iam_member": tpgiamresource.ResourceIamMember(clouddeploy.ClouddeployTargetIamSchema, clouddeploy.ClouddeployTargetIamUpdaterProducer, clouddeploy.ClouddeployTargetIdParseFunc), + "google_clouddeploy_target_iam_policy": tpgiamresource.ResourceIamPolicy(clouddeploy.ClouddeployTargetIamSchema, clouddeploy.ClouddeployTargetIamUpdaterProducer, clouddeploy.ClouddeployTargetIdParseFunc), + "google_clouddomains_registration": clouddomains.ResourceClouddomainsRegistration(), + "google_cloudfunctions_function_iam_binding": tpgiamresource.ResourceIamBinding(cloudfunctions.CloudFunctionsCloudFunctionIamSchema, cloudfunctions.CloudFunctionsCloudFunctionIamUpdaterProducer, cloudfunctions.CloudFunctionsCloudFunctionIdParseFunc), + "google_cloudfunctions_function_iam_member": tpgiamresource.ResourceIamMember(cloudfunctions.CloudFunctionsCloudFunctionIamSchema, cloudfunctions.CloudFunctionsCloudFunctionIamUpdaterProducer, cloudfunctions.CloudFunctionsCloudFunctionIdParseFunc), + "google_cloudfunctions_function_iam_policy": tpgiamresource.ResourceIamPolicy(cloudfunctions.CloudFunctionsCloudFunctionIamSchema, cloudfunctions.CloudFunctionsCloudFunctionIamUpdaterProducer, cloudfunctions.CloudFunctionsCloudFunctionIdParseFunc), + "google_cloudfunctions2_function": cloudfunctions2.ResourceCloudfunctions2function(), + "google_cloudfunctions2_function_iam_binding": tpgiamresource.ResourceIamBinding(cloudfunctions2.Cloudfunctions2functionIamSchema, cloudfunctions2.Cloudfunctions2functionIamUpdaterProducer, cloudfunctions2.Cloudfunctions2functionIdParseFunc), + "google_cloudfunctions2_function_iam_member": tpgiamresource.ResourceIamMember(cloudfunctions2.Cloudfunctions2functionIamSchema, cloudfunctions2.Cloudfunctions2functionIamUpdaterProducer, cloudfunctions2.Cloudfunctions2functionIdParseFunc), + "google_cloudfunctions2_function_iam_policy": tpgiamresource.ResourceIamPolicy(cloudfunctions2.Cloudfunctions2functionIamSchema, cloudfunctions2.Cloudfunctions2functionIamUpdaterProducer, cloudfunctions2.Cloudfunctions2functionIdParseFunc), + "google_cloud_identity_group": cloudidentity.ResourceCloudIdentityGroup(), + "google_cloud_identity_group_membership": cloudidentity.ResourceCloudIdentityGroupMembership(), + "google_cloud_ids_endpoint": cloudids.ResourceCloudIdsEndpoint(), + "google_cloud_quotas_quota_preference": cloudquotas.ResourceCloudQuotasQuotaPreference(), + "google_cloud_run_domain_mapping": cloudrun.ResourceCloudRunDomainMapping(), + "google_cloud_run_service": cloudrun.ResourceCloudRunService(), + "google_cloud_run_service_iam_binding": tpgiamresource.ResourceIamBinding(cloudrun.CloudRunServiceIamSchema, cloudrun.CloudRunServiceIamUpdaterProducer, cloudrun.CloudRunServiceIdParseFunc), + "google_cloud_run_service_iam_member": tpgiamresource.ResourceIamMember(cloudrun.CloudRunServiceIamSchema, cloudrun.CloudRunServiceIamUpdaterProducer, cloudrun.CloudRunServiceIdParseFunc), + "google_cloud_run_service_iam_policy": tpgiamresource.ResourceIamPolicy(cloudrun.CloudRunServiceIamSchema, cloudrun.CloudRunServiceIamUpdaterProducer, cloudrun.CloudRunServiceIdParseFunc), + "google_cloud_run_v2_job": cloudrunv2.ResourceCloudRunV2Job(), + "google_cloud_run_v2_job_iam_binding": tpgiamresource.ResourceIamBinding(cloudrunv2.CloudRunV2JobIamSchema, cloudrunv2.CloudRunV2JobIamUpdaterProducer, cloudrunv2.CloudRunV2JobIdParseFunc), + "google_cloud_run_v2_job_iam_member": tpgiamresource.ResourceIamMember(cloudrunv2.CloudRunV2JobIamSchema, cloudrunv2.CloudRunV2JobIamUpdaterProducer, cloudrunv2.CloudRunV2JobIdParseFunc), + "google_cloud_run_v2_job_iam_policy": tpgiamresource.ResourceIamPolicy(cloudrunv2.CloudRunV2JobIamSchema, cloudrunv2.CloudRunV2JobIamUpdaterProducer, cloudrunv2.CloudRunV2JobIdParseFunc), + "google_cloud_run_v2_service": cloudrunv2.ResourceCloudRunV2Service(), + "google_cloud_run_v2_service_iam_binding": tpgiamresource.ResourceIamBinding(cloudrunv2.CloudRunV2ServiceIamSchema, cloudrunv2.CloudRunV2ServiceIamUpdaterProducer, cloudrunv2.CloudRunV2ServiceIdParseFunc), + "google_cloud_run_v2_service_iam_member": tpgiamresource.ResourceIamMember(cloudrunv2.CloudRunV2ServiceIamSchema, cloudrunv2.CloudRunV2ServiceIamUpdaterProducer, cloudrunv2.CloudRunV2ServiceIdParseFunc), + "google_cloud_run_v2_service_iam_policy": tpgiamresource.ResourceIamPolicy(cloudrunv2.CloudRunV2ServiceIamSchema, cloudrunv2.CloudRunV2ServiceIamUpdaterProducer, cloudrunv2.CloudRunV2ServiceIdParseFunc), + "google_cloud_scheduler_job": cloudscheduler.ResourceCloudSchedulerJob(), + "google_cloud_tasks_queue": cloudtasks.ResourceCloudTasksQueue(), + "google_cloud_tasks_queue_iam_binding": tpgiamresource.ResourceIamBinding(cloudtasks.CloudTasksQueueIamSchema, cloudtasks.CloudTasksQueueIamUpdaterProducer, cloudtasks.CloudTasksQueueIdParseFunc), + "google_cloud_tasks_queue_iam_member": tpgiamresource.ResourceIamMember(cloudtasks.CloudTasksQueueIamSchema, cloudtasks.CloudTasksQueueIamUpdaterProducer, cloudtasks.CloudTasksQueueIdParseFunc), + "google_cloud_tasks_queue_iam_policy": tpgiamresource.ResourceIamPolicy(cloudtasks.CloudTasksQueueIamSchema, cloudtasks.CloudTasksQueueIamUpdaterProducer, cloudtasks.CloudTasksQueueIdParseFunc), + "google_compute_address": compute.ResourceComputeAddress(), + "google_compute_autoscaler": compute.ResourceComputeAutoscaler(), + "google_compute_backend_bucket": compute.ResourceComputeBackendBucket(), + "google_compute_backend_bucket_signed_url_key": compute.ResourceComputeBackendBucketSignedUrlKey(), + "google_compute_backend_service": compute.ResourceComputeBackendService(), + "google_compute_backend_service_signed_url_key": compute.ResourceComputeBackendServiceSignedUrlKey(), + "google_compute_disk": compute.ResourceComputeDisk(), + "google_compute_disk_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeDiskIamSchema, compute.ComputeDiskIamUpdaterProducer, compute.ComputeDiskIdParseFunc), + "google_compute_disk_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeDiskIamSchema, compute.ComputeDiskIamUpdaterProducer, compute.ComputeDiskIdParseFunc), + "google_compute_disk_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeDiskIamSchema, compute.ComputeDiskIamUpdaterProducer, compute.ComputeDiskIdParseFunc), + "google_compute_disk_resource_policy_attachment": compute.ResourceComputeDiskResourcePolicyAttachment(), + "google_compute_external_vpn_gateway": compute.ResourceComputeExternalVpnGateway(), + "google_compute_firewall": compute.ResourceComputeFirewall(), + "google_compute_forwarding_rule": compute.ResourceComputeForwardingRule(), + "google_compute_global_address": compute.ResourceComputeGlobalAddress(), + "google_compute_global_forwarding_rule": compute.ResourceComputeGlobalForwardingRule(), + "google_compute_global_network_endpoint": compute.ResourceComputeGlobalNetworkEndpoint(), + "google_compute_global_network_endpoint_group": compute.ResourceComputeGlobalNetworkEndpointGroup(), + "google_compute_ha_vpn_gateway": compute.ResourceComputeHaVpnGateway(), + "google_compute_health_check": compute.ResourceComputeHealthCheck(), + "google_compute_http_health_check": compute.ResourceComputeHttpHealthCheck(), + "google_compute_https_health_check": compute.ResourceComputeHttpsHealthCheck(), + "google_compute_image": compute.ResourceComputeImage(), + "google_compute_image_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeImageIamSchema, compute.ComputeImageIamUpdaterProducer, compute.ComputeImageIdParseFunc), + "google_compute_image_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeImageIamSchema, compute.ComputeImageIamUpdaterProducer, compute.ComputeImageIdParseFunc), + "google_compute_image_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeImageIamSchema, compute.ComputeImageIamUpdaterProducer, compute.ComputeImageIdParseFunc), + "google_compute_instance_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeInstanceIamSchema, compute.ComputeInstanceIamUpdaterProducer, compute.ComputeInstanceIdParseFunc), + "google_compute_instance_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeInstanceIamSchema, compute.ComputeInstanceIamUpdaterProducer, compute.ComputeInstanceIdParseFunc), + "google_compute_instance_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeInstanceIamSchema, compute.ComputeInstanceIamUpdaterProducer, compute.ComputeInstanceIdParseFunc), + "google_compute_instance_group_membership": compute.ResourceComputeInstanceGroupMembership(), + "google_compute_instance_group_named_port": compute.ResourceComputeInstanceGroupNamedPort(), + "google_compute_interconnect_attachment": compute.ResourceComputeInterconnectAttachment(), + "google_compute_managed_ssl_certificate": compute.ResourceComputeManagedSslCertificate(), + "google_compute_network": compute.ResourceComputeNetwork(), + "google_compute_network_endpoint": compute.ResourceComputeNetworkEndpoint(), + "google_compute_network_endpoint_group": compute.ResourceComputeNetworkEndpointGroup(), + "google_compute_network_endpoints": compute.ResourceComputeNetworkEndpoints(), + "google_compute_network_firewall_policy": compute.ResourceComputeNetworkFirewallPolicy(), + "google_compute_network_peering_routes_config": compute.ResourceComputeNetworkPeeringRoutesConfig(), + "google_compute_node_group": compute.ResourceComputeNodeGroup(), + "google_compute_node_template": compute.ResourceComputeNodeTemplate(), + "google_compute_packet_mirroring": compute.ResourceComputePacketMirroring(), + "google_compute_per_instance_config": compute.ResourceComputePerInstanceConfig(), + "google_compute_public_advertised_prefix": compute.ResourceComputePublicAdvertisedPrefix(), + "google_compute_public_delegated_prefix": compute.ResourceComputePublicDelegatedPrefix(), + "google_compute_region_autoscaler": compute.ResourceComputeRegionAutoscaler(), + "google_compute_region_backend_service": compute.ResourceComputeRegionBackendService(), + "google_compute_region_commitment": compute.ResourceComputeRegionCommitment(), + "google_compute_region_disk": compute.ResourceComputeRegionDisk(), + "google_compute_region_disk_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeRegionDiskIamSchema, compute.ComputeRegionDiskIamUpdaterProducer, compute.ComputeRegionDiskIdParseFunc), + "google_compute_region_disk_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeRegionDiskIamSchema, compute.ComputeRegionDiskIamUpdaterProducer, compute.ComputeRegionDiskIdParseFunc), + "google_compute_region_disk_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeRegionDiskIamSchema, compute.ComputeRegionDiskIamUpdaterProducer, compute.ComputeRegionDiskIdParseFunc), + "google_compute_region_disk_resource_policy_attachment": compute.ResourceComputeRegionDiskResourcePolicyAttachment(), + "google_compute_region_health_check": compute.ResourceComputeRegionHealthCheck(), + "google_compute_region_network_endpoint": compute.ResourceComputeRegionNetworkEndpoint(), + "google_compute_region_network_endpoint_group": compute.ResourceComputeRegionNetworkEndpointGroup(), + "google_compute_region_network_firewall_policy": compute.ResourceComputeRegionNetworkFirewallPolicy(), + "google_compute_region_per_instance_config": compute.ResourceComputeRegionPerInstanceConfig(), + "google_compute_region_ssl_certificate": compute.ResourceComputeRegionSslCertificate(), + "google_compute_region_ssl_policy": compute.ResourceComputeRegionSslPolicy(), + "google_compute_region_target_http_proxy": compute.ResourceComputeRegionTargetHttpProxy(), + "google_compute_region_target_https_proxy": compute.ResourceComputeRegionTargetHttpsProxy(), + "google_compute_region_target_tcp_proxy": compute.ResourceComputeRegionTargetTcpProxy(), + "google_compute_region_url_map": compute.ResourceComputeRegionUrlMap(), + "google_compute_reservation": compute.ResourceComputeReservation(), + "google_compute_resource_policy": compute.ResourceComputeResourcePolicy(), + "google_compute_route": compute.ResourceComputeRoute(), + "google_compute_router": compute.ResourceComputeRouter(), + "google_compute_router_nat": compute.ResourceComputeRouterNat(), + "google_compute_service_attachment": compute.ResourceComputeServiceAttachment(), + "google_compute_snapshot": compute.ResourceComputeSnapshot(), + "google_compute_snapshot_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeSnapshotIamSchema, compute.ComputeSnapshotIamUpdaterProducer, compute.ComputeSnapshotIdParseFunc), + "google_compute_snapshot_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeSnapshotIamSchema, compute.ComputeSnapshotIamUpdaterProducer, compute.ComputeSnapshotIdParseFunc), + "google_compute_snapshot_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeSnapshotIamSchema, compute.ComputeSnapshotIamUpdaterProducer, compute.ComputeSnapshotIdParseFunc), + "google_compute_ssl_certificate": compute.ResourceComputeSslCertificate(), + "google_compute_ssl_policy": compute.ResourceComputeSslPolicy(), + "google_compute_subnetwork": compute.ResourceComputeSubnetwork(), + "google_compute_subnetwork_iam_binding": tpgiamresource.ResourceIamBinding(compute.ComputeSubnetworkIamSchema, compute.ComputeSubnetworkIamUpdaterProducer, compute.ComputeSubnetworkIdParseFunc), + "google_compute_subnetwork_iam_member": tpgiamresource.ResourceIamMember(compute.ComputeSubnetworkIamSchema, compute.ComputeSubnetworkIamUpdaterProducer, compute.ComputeSubnetworkIdParseFunc), + "google_compute_subnetwork_iam_policy": tpgiamresource.ResourceIamPolicy(compute.ComputeSubnetworkIamSchema, compute.ComputeSubnetworkIamUpdaterProducer, compute.ComputeSubnetworkIdParseFunc), + "google_compute_target_grpc_proxy": compute.ResourceComputeTargetGrpcProxy(), + "google_compute_target_http_proxy": compute.ResourceComputeTargetHttpProxy(), + "google_compute_target_https_proxy": compute.ResourceComputeTargetHttpsProxy(), + "google_compute_target_instance": compute.ResourceComputeTargetInstance(), + "google_compute_target_ssl_proxy": compute.ResourceComputeTargetSslProxy(), + "google_compute_target_tcp_proxy": compute.ResourceComputeTargetTcpProxy(), + "google_compute_url_map": compute.ResourceComputeUrlMap(), + "google_compute_vpn_gateway": compute.ResourceComputeVpnGateway(), + "google_compute_vpn_tunnel": compute.ResourceComputeVpnTunnel(), + "google_container_analysis_note": containeranalysis.ResourceContainerAnalysisNote(), + "google_container_analysis_note_iam_binding": tpgiamresource.ResourceIamBinding(containeranalysis.ContainerAnalysisNoteIamSchema, containeranalysis.ContainerAnalysisNoteIamUpdaterProducer, containeranalysis.ContainerAnalysisNoteIdParseFunc), + "google_container_analysis_note_iam_member": tpgiamresource.ResourceIamMember(containeranalysis.ContainerAnalysisNoteIamSchema, containeranalysis.ContainerAnalysisNoteIamUpdaterProducer, containeranalysis.ContainerAnalysisNoteIdParseFunc), + "google_container_analysis_note_iam_policy": tpgiamresource.ResourceIamPolicy(containeranalysis.ContainerAnalysisNoteIamSchema, containeranalysis.ContainerAnalysisNoteIamUpdaterProducer, containeranalysis.ContainerAnalysisNoteIdParseFunc), + "google_container_analysis_occurrence": containeranalysis.ResourceContainerAnalysisOccurrence(), + "google_container_attached_cluster": containerattached.ResourceContainerAttachedCluster(), + "google_billing_project_info": corebilling.ResourceCoreBillingProjectInfo(), + "google_database_migration_service_connection_profile": databasemigrationservice.ResourceDatabaseMigrationServiceConnectionProfile(), + "google_database_migration_service_private_connection": databasemigrationservice.ResourceDatabaseMigrationServicePrivateConnection(), + "google_data_catalog_entry": datacatalog.ResourceDataCatalogEntry(), + "google_data_catalog_entry_group": datacatalog.ResourceDataCatalogEntryGroup(), + "google_data_catalog_entry_group_iam_binding": tpgiamresource.ResourceIamBinding(datacatalog.DataCatalogEntryGroupIamSchema, datacatalog.DataCatalogEntryGroupIamUpdaterProducer, datacatalog.DataCatalogEntryGroupIdParseFunc), + "google_data_catalog_entry_group_iam_member": tpgiamresource.ResourceIamMember(datacatalog.DataCatalogEntryGroupIamSchema, datacatalog.DataCatalogEntryGroupIamUpdaterProducer, datacatalog.DataCatalogEntryGroupIdParseFunc), + "google_data_catalog_entry_group_iam_policy": tpgiamresource.ResourceIamPolicy(datacatalog.DataCatalogEntryGroupIamSchema, datacatalog.DataCatalogEntryGroupIamUpdaterProducer, datacatalog.DataCatalogEntryGroupIdParseFunc), + "google_data_catalog_policy_tag": datacatalog.ResourceDataCatalogPolicyTag(), + "google_data_catalog_policy_tag_iam_binding": tpgiamresource.ResourceIamBinding(datacatalog.DataCatalogPolicyTagIamSchema, datacatalog.DataCatalogPolicyTagIamUpdaterProducer, datacatalog.DataCatalogPolicyTagIdParseFunc), + "google_data_catalog_policy_tag_iam_member": tpgiamresource.ResourceIamMember(datacatalog.DataCatalogPolicyTagIamSchema, datacatalog.DataCatalogPolicyTagIamUpdaterProducer, datacatalog.DataCatalogPolicyTagIdParseFunc), + "google_data_catalog_policy_tag_iam_policy": tpgiamresource.ResourceIamPolicy(datacatalog.DataCatalogPolicyTagIamSchema, datacatalog.DataCatalogPolicyTagIamUpdaterProducer, datacatalog.DataCatalogPolicyTagIdParseFunc), + "google_data_catalog_tag": datacatalog.ResourceDataCatalogTag(), + "google_data_catalog_tag_template": datacatalog.ResourceDataCatalogTagTemplate(), + "google_data_catalog_tag_template_iam_binding": tpgiamresource.ResourceIamBinding(datacatalog.DataCatalogTagTemplateIamSchema, datacatalog.DataCatalogTagTemplateIamUpdaterProducer, datacatalog.DataCatalogTagTemplateIdParseFunc), + "google_data_catalog_tag_template_iam_member": tpgiamresource.ResourceIamMember(datacatalog.DataCatalogTagTemplateIamSchema, datacatalog.DataCatalogTagTemplateIamUpdaterProducer, datacatalog.DataCatalogTagTemplateIdParseFunc), + "google_data_catalog_tag_template_iam_policy": tpgiamresource.ResourceIamPolicy(datacatalog.DataCatalogTagTemplateIamSchema, datacatalog.DataCatalogTagTemplateIamUpdaterProducer, datacatalog.DataCatalogTagTemplateIdParseFunc), + "google_data_catalog_taxonomy": datacatalog.ResourceDataCatalogTaxonomy(), + "google_data_catalog_taxonomy_iam_binding": tpgiamresource.ResourceIamBinding(datacatalog.DataCatalogTaxonomyIamSchema, datacatalog.DataCatalogTaxonomyIamUpdaterProducer, datacatalog.DataCatalogTaxonomyIdParseFunc), + "google_data_catalog_taxonomy_iam_member": tpgiamresource.ResourceIamMember(datacatalog.DataCatalogTaxonomyIamSchema, datacatalog.DataCatalogTaxonomyIamUpdaterProducer, datacatalog.DataCatalogTaxonomyIdParseFunc), + "google_data_catalog_taxonomy_iam_policy": tpgiamresource.ResourceIamPolicy(datacatalog.DataCatalogTaxonomyIamSchema, datacatalog.DataCatalogTaxonomyIamUpdaterProducer, datacatalog.DataCatalogTaxonomyIdParseFunc), + "google_data_fusion_instance": datafusion.ResourceDataFusionInstance(), + "google_data_fusion_instance_iam_binding": tpgiamresource.ResourceIamBinding(datafusion.DataFusionInstanceIamSchema, datafusion.DataFusionInstanceIamUpdaterProducer, datafusion.DataFusionInstanceIdParseFunc), + "google_data_fusion_instance_iam_member": tpgiamresource.ResourceIamMember(datafusion.DataFusionInstanceIamSchema, datafusion.DataFusionInstanceIamUpdaterProducer, datafusion.DataFusionInstanceIdParseFunc), + "google_data_fusion_instance_iam_policy": tpgiamresource.ResourceIamPolicy(datafusion.DataFusionInstanceIamSchema, datafusion.DataFusionInstanceIamUpdaterProducer, datafusion.DataFusionInstanceIdParseFunc), + "google_data_loss_prevention_deidentify_template": datalossprevention.ResourceDataLossPreventionDeidentifyTemplate(), + "google_data_loss_prevention_inspect_template": datalossprevention.ResourceDataLossPreventionInspectTemplate(), + "google_data_loss_prevention_job_trigger": datalossprevention.ResourceDataLossPreventionJobTrigger(), + "google_data_loss_prevention_stored_info_type": datalossprevention.ResourceDataLossPreventionStoredInfoType(), + "google_data_pipeline_pipeline": datapipeline.ResourceDataPipelinePipeline(), + "google_dataplex_asset_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexAssetIamSchema, dataplex.DataplexAssetIamUpdaterProducer, dataplex.DataplexAssetIdParseFunc), + "google_dataplex_asset_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexAssetIamSchema, dataplex.DataplexAssetIamUpdaterProducer, dataplex.DataplexAssetIdParseFunc), + "google_dataplex_asset_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexAssetIamSchema, dataplex.DataplexAssetIamUpdaterProducer, dataplex.DataplexAssetIdParseFunc), + "google_dataplex_datascan": dataplex.ResourceDataplexDatascan(), + "google_dataplex_datascan_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexDatascanIamSchema, dataplex.DataplexDatascanIamUpdaterProducer, dataplex.DataplexDatascanIdParseFunc), + "google_dataplex_datascan_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexDatascanIamSchema, dataplex.DataplexDatascanIamUpdaterProducer, dataplex.DataplexDatascanIdParseFunc), + "google_dataplex_datascan_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexDatascanIamSchema, dataplex.DataplexDatascanIamUpdaterProducer, dataplex.DataplexDatascanIdParseFunc), + "google_dataplex_lake_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexLakeIamSchema, dataplex.DataplexLakeIamUpdaterProducer, dataplex.DataplexLakeIdParseFunc), + "google_dataplex_lake_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexLakeIamSchema, dataplex.DataplexLakeIamUpdaterProducer, dataplex.DataplexLakeIdParseFunc), + "google_dataplex_lake_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexLakeIamSchema, dataplex.DataplexLakeIamUpdaterProducer, dataplex.DataplexLakeIdParseFunc), + "google_dataplex_task": dataplex.ResourceDataplexTask(), + "google_dataplex_task_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexTaskIamSchema, dataplex.DataplexTaskIamUpdaterProducer, dataplex.DataplexTaskIdParseFunc), + "google_dataplex_task_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexTaskIamSchema, dataplex.DataplexTaskIamUpdaterProducer, dataplex.DataplexTaskIdParseFunc), + "google_dataplex_task_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexTaskIamSchema, dataplex.DataplexTaskIamUpdaterProducer, dataplex.DataplexTaskIdParseFunc), + "google_dataplex_zone_iam_binding": tpgiamresource.ResourceIamBinding(dataplex.DataplexZoneIamSchema, dataplex.DataplexZoneIamUpdaterProducer, dataplex.DataplexZoneIdParseFunc), + "google_dataplex_zone_iam_member": tpgiamresource.ResourceIamMember(dataplex.DataplexZoneIamSchema, dataplex.DataplexZoneIamUpdaterProducer, dataplex.DataplexZoneIdParseFunc), + "google_dataplex_zone_iam_policy": tpgiamresource.ResourceIamPolicy(dataplex.DataplexZoneIamSchema, dataplex.DataplexZoneIamUpdaterProducer, dataplex.DataplexZoneIdParseFunc), + "google_dataproc_autoscaling_policy": dataproc.ResourceDataprocAutoscalingPolicy(), + "google_dataproc_autoscaling_policy_iam_binding": tpgiamresource.ResourceIamBinding(dataproc.DataprocAutoscalingPolicyIamSchema, dataproc.DataprocAutoscalingPolicyIamUpdaterProducer, dataproc.DataprocAutoscalingPolicyIdParseFunc), + "google_dataproc_autoscaling_policy_iam_member": tpgiamresource.ResourceIamMember(dataproc.DataprocAutoscalingPolicyIamSchema, dataproc.DataprocAutoscalingPolicyIamUpdaterProducer, dataproc.DataprocAutoscalingPolicyIdParseFunc), + "google_dataproc_autoscaling_policy_iam_policy": tpgiamresource.ResourceIamPolicy(dataproc.DataprocAutoscalingPolicyIamSchema, dataproc.DataprocAutoscalingPolicyIamUpdaterProducer, dataproc.DataprocAutoscalingPolicyIdParseFunc), + "google_dataproc_metastore_service": dataprocmetastore.ResourceDataprocMetastoreService(), + "google_dataproc_metastore_service_iam_binding": tpgiamresource.ResourceIamBinding(dataprocmetastore.DataprocMetastoreServiceIamSchema, dataprocmetastore.DataprocMetastoreServiceIamUpdaterProducer, dataprocmetastore.DataprocMetastoreServiceIdParseFunc), + "google_dataproc_metastore_service_iam_member": tpgiamresource.ResourceIamMember(dataprocmetastore.DataprocMetastoreServiceIamSchema, dataprocmetastore.DataprocMetastoreServiceIamUpdaterProducer, dataprocmetastore.DataprocMetastoreServiceIdParseFunc), + "google_dataproc_metastore_service_iam_policy": tpgiamresource.ResourceIamPolicy(dataprocmetastore.DataprocMetastoreServiceIamSchema, dataprocmetastore.DataprocMetastoreServiceIamUpdaterProducer, dataprocmetastore.DataprocMetastoreServiceIdParseFunc), + "google_datastore_index": datastore.ResourceDatastoreIndex(), + "google_datastream_connection_profile": datastream.ResourceDatastreamConnectionProfile(), + "google_datastream_private_connection": datastream.ResourceDatastreamPrivateConnection(), + "google_datastream_stream": datastream.ResourceDatastreamStream(), + "google_deployment_manager_deployment": deploymentmanager.ResourceDeploymentManagerDeployment(), + "google_dialogflow_agent": dialogflow.ResourceDialogflowAgent(), + "google_dialogflow_entity_type": dialogflow.ResourceDialogflowEntityType(), + "google_dialogflow_fulfillment": dialogflow.ResourceDialogflowFulfillment(), + "google_dialogflow_intent": dialogflow.ResourceDialogflowIntent(), + "google_dialogflow_cx_agent": dialogflowcx.ResourceDialogflowCXAgent(), + "google_dialogflow_cx_entity_type": dialogflowcx.ResourceDialogflowCXEntityType(), + "google_dialogflow_cx_environment": dialogflowcx.ResourceDialogflowCXEnvironment(), + "google_dialogflow_cx_flow": dialogflowcx.ResourceDialogflowCXFlow(), + "google_dialogflow_cx_intent": dialogflowcx.ResourceDialogflowCXIntent(), + "google_dialogflow_cx_page": dialogflowcx.ResourceDialogflowCXPage(), + "google_dialogflow_cx_security_settings": dialogflowcx.ResourceDialogflowCXSecuritySettings(), + "google_dialogflow_cx_test_case": dialogflowcx.ResourceDialogflowCXTestCase(), + "google_dialogflow_cx_version": dialogflowcx.ResourceDialogflowCXVersion(), + "google_dialogflow_cx_webhook": dialogflowcx.ResourceDialogflowCXWebhook(), + "google_discovery_engine_chat_engine": discoveryengine.ResourceDiscoveryEngineChatEngine(), + "google_discovery_engine_data_store": discoveryengine.ResourceDiscoveryEngineDataStore(), + "google_discovery_engine_search_engine": discoveryengine.ResourceDiscoveryEngineSearchEngine(), + "google_dns_managed_zone": dns.ResourceDNSManagedZone(), + "google_dns_managed_zone_iam_binding": tpgiamresource.ResourceIamBinding(dns.DNSManagedZoneIamSchema, dns.DNSManagedZoneIamUpdaterProducer, dns.DNSManagedZoneIdParseFunc), + "google_dns_managed_zone_iam_member": tpgiamresource.ResourceIamMember(dns.DNSManagedZoneIamSchema, dns.DNSManagedZoneIamUpdaterProducer, dns.DNSManagedZoneIdParseFunc), + "google_dns_managed_zone_iam_policy": tpgiamresource.ResourceIamPolicy(dns.DNSManagedZoneIamSchema, dns.DNSManagedZoneIamUpdaterProducer, dns.DNSManagedZoneIdParseFunc), + "google_dns_policy": dns.ResourceDNSPolicy(), + "google_dns_response_policy": dns.ResourceDNSResponsePolicy(), + "google_dns_response_policy_rule": dns.ResourceDNSResponsePolicyRule(), + "google_document_ai_processor": documentai.ResourceDocumentAIProcessor(), + "google_document_ai_processor_default_version": documentai.ResourceDocumentAIProcessorDefaultVersion(), + "google_document_ai_warehouse_document_schema": documentaiwarehouse.ResourceDocumentAIWarehouseDocumentSchema(), + "google_document_ai_warehouse_location": documentaiwarehouse.ResourceDocumentAIWarehouseLocation(), + "google_edgecontainer_cluster": edgecontainer.ResourceEdgecontainerCluster(), + "google_edgecontainer_node_pool": edgecontainer.ResourceEdgecontainerNodePool(), + "google_edgecontainer_vpn_connection": edgecontainer.ResourceEdgecontainerVpnConnection(), + "google_edgenetwork_network": edgenetwork.ResourceEdgenetworkNetwork(), + "google_edgenetwork_subnet": edgenetwork.ResourceEdgenetworkSubnet(), + "google_essential_contacts_contact": essentialcontacts.ResourceEssentialContactsContact(), + "google_filestore_backup": filestore.ResourceFilestoreBackup(), + "google_filestore_instance": filestore.ResourceFilestoreInstance(), + "google_filestore_snapshot": filestore.ResourceFilestoreSnapshot(), + "google_firebase_app_check_app_attest_config": firebaseappcheck.ResourceFirebaseAppCheckAppAttestConfig(), + "google_firebase_app_check_debug_token": firebaseappcheck.ResourceFirebaseAppCheckDebugToken(), + "google_firebase_app_check_device_check_config": firebaseappcheck.ResourceFirebaseAppCheckDeviceCheckConfig(), + "google_firebase_app_check_play_integrity_config": firebaseappcheck.ResourceFirebaseAppCheckPlayIntegrityConfig(), + "google_firebase_app_check_recaptcha_enterprise_config": firebaseappcheck.ResourceFirebaseAppCheckRecaptchaEnterpriseConfig(), + "google_firebase_app_check_recaptcha_v3_config": firebaseappcheck.ResourceFirebaseAppCheckRecaptchaV3Config(), + "google_firebase_app_check_service_config": firebaseappcheck.ResourceFirebaseAppCheckServiceConfig(), + "google_firestore_backup_schedule": firestore.ResourceFirestoreBackupSchedule(), + "google_firestore_database": firestore.ResourceFirestoreDatabase(), + "google_firestore_document": firestore.ResourceFirestoreDocument(), + "google_firestore_field": firestore.ResourceFirestoreField(), + "google_firestore_index": firestore.ResourceFirestoreIndex(), + "google_gke_backup_backup_plan": gkebackup.ResourceGKEBackupBackupPlan(), + "google_gke_backup_backup_plan_iam_binding": tpgiamresource.ResourceIamBinding(gkebackup.GKEBackupBackupPlanIamSchema, gkebackup.GKEBackupBackupPlanIamUpdaterProducer, gkebackup.GKEBackupBackupPlanIdParseFunc), + "google_gke_backup_backup_plan_iam_member": tpgiamresource.ResourceIamMember(gkebackup.GKEBackupBackupPlanIamSchema, gkebackup.GKEBackupBackupPlanIamUpdaterProducer, gkebackup.GKEBackupBackupPlanIdParseFunc), + "google_gke_backup_backup_plan_iam_policy": tpgiamresource.ResourceIamPolicy(gkebackup.GKEBackupBackupPlanIamSchema, gkebackup.GKEBackupBackupPlanIamUpdaterProducer, gkebackup.GKEBackupBackupPlanIdParseFunc), + "google_gke_backup_restore_plan": gkebackup.ResourceGKEBackupRestorePlan(), + "google_gke_backup_restore_plan_iam_binding": tpgiamresource.ResourceIamBinding(gkebackup.GKEBackupRestorePlanIamSchema, gkebackup.GKEBackupRestorePlanIamUpdaterProducer, gkebackup.GKEBackupRestorePlanIdParseFunc), + "google_gke_backup_restore_plan_iam_member": tpgiamresource.ResourceIamMember(gkebackup.GKEBackupRestorePlanIamSchema, gkebackup.GKEBackupRestorePlanIamUpdaterProducer, gkebackup.GKEBackupRestorePlanIdParseFunc), + "google_gke_backup_restore_plan_iam_policy": tpgiamresource.ResourceIamPolicy(gkebackup.GKEBackupRestorePlanIamSchema, gkebackup.GKEBackupRestorePlanIamUpdaterProducer, gkebackup.GKEBackupRestorePlanIdParseFunc), + "google_gke_hub_membership": gkehub.ResourceGKEHubMembership(), + "google_gke_hub_membership_iam_binding": tpgiamresource.ResourceIamBinding(gkehub.GKEHubMembershipIamSchema, gkehub.GKEHubMembershipIamUpdaterProducer, gkehub.GKEHubMembershipIdParseFunc), + "google_gke_hub_membership_iam_member": tpgiamresource.ResourceIamMember(gkehub.GKEHubMembershipIamSchema, gkehub.GKEHubMembershipIamUpdaterProducer, gkehub.GKEHubMembershipIdParseFunc), + "google_gke_hub_membership_iam_policy": tpgiamresource.ResourceIamPolicy(gkehub.GKEHubMembershipIamSchema, gkehub.GKEHubMembershipIamUpdaterProducer, gkehub.GKEHubMembershipIdParseFunc), + "google_gke_hub_feature": gkehub2.ResourceGKEHub2Feature(), + "google_gke_hub_feature_iam_binding": tpgiamresource.ResourceIamBinding(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer, gkehub2.GKEHub2FeatureIdParseFunc), + "google_gke_hub_feature_iam_member": tpgiamresource.ResourceIamMember(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer, gkehub2.GKEHub2FeatureIdParseFunc), + "google_gke_hub_feature_iam_policy": tpgiamresource.ResourceIamPolicy(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer, gkehub2.GKEHub2FeatureIdParseFunc), + "google_gke_hub_fleet": gkehub2.ResourceGKEHub2Fleet(), + "google_gke_hub_membership_binding": gkehub2.ResourceGKEHub2MembershipBinding(), + "google_gke_hub_namespace": gkehub2.ResourceGKEHub2Namespace(), + "google_gke_hub_scope": gkehub2.ResourceGKEHub2Scope(), + "google_gke_hub_scope_iam_binding": tpgiamresource.ResourceIamBinding(gkehub2.GKEHub2ScopeIamSchema, gkehub2.GKEHub2ScopeIamUpdaterProducer, gkehub2.GKEHub2ScopeIdParseFunc), + "google_gke_hub_scope_iam_member": tpgiamresource.ResourceIamMember(gkehub2.GKEHub2ScopeIamSchema, gkehub2.GKEHub2ScopeIamUpdaterProducer, gkehub2.GKEHub2ScopeIdParseFunc), + "google_gke_hub_scope_iam_policy": tpgiamresource.ResourceIamPolicy(gkehub2.GKEHub2ScopeIamSchema, gkehub2.GKEHub2ScopeIamUpdaterProducer, gkehub2.GKEHub2ScopeIdParseFunc), + "google_gke_hub_scope_rbac_role_binding": gkehub2.ResourceGKEHub2ScopeRBACRoleBinding(), + "google_gkeonprem_bare_metal_admin_cluster": gkeonprem.ResourceGkeonpremBareMetalAdminCluster(), + "google_gkeonprem_bare_metal_cluster": gkeonprem.ResourceGkeonpremBareMetalCluster(), + "google_gkeonprem_bare_metal_node_pool": gkeonprem.ResourceGkeonpremBareMetalNodePool(), + "google_gkeonprem_vmware_cluster": gkeonprem.ResourceGkeonpremVmwareCluster(), + "google_gkeonprem_vmware_node_pool": gkeonprem.ResourceGkeonpremVmwareNodePool(), + "google_healthcare_consent_store": healthcare.ResourceHealthcareConsentStore(), + "google_healthcare_consent_store_iam_binding": tpgiamresource.ResourceIamBinding(healthcare.HealthcareConsentStoreIamSchema, healthcare.HealthcareConsentStoreIamUpdaterProducer, healthcare.HealthcareConsentStoreIdParseFunc), + "google_healthcare_consent_store_iam_member": tpgiamresource.ResourceIamMember(healthcare.HealthcareConsentStoreIamSchema, healthcare.HealthcareConsentStoreIamUpdaterProducer, healthcare.HealthcareConsentStoreIdParseFunc), + "google_healthcare_consent_store_iam_policy": tpgiamresource.ResourceIamPolicy(healthcare.HealthcareConsentStoreIamSchema, healthcare.HealthcareConsentStoreIamUpdaterProducer, healthcare.HealthcareConsentStoreIdParseFunc), + "google_healthcare_dataset": healthcare.ResourceHealthcareDataset(), + "google_healthcare_dicom_store": healthcare.ResourceHealthcareDicomStore(), + "google_healthcare_fhir_store": healthcare.ResourceHealthcareFhirStore(), + "google_healthcare_hl7_v2_store": healthcare.ResourceHealthcareHl7V2Store(), + "google_iam_access_boundary_policy": iam2.ResourceIAM2AccessBoundaryPolicy(), + "google_iam_deny_policy": iam2.ResourceIAM2DenyPolicy(), + "google_iam_workload_identity_pool": iambeta.ResourceIAMBetaWorkloadIdentityPool(), + "google_iam_workload_identity_pool_provider": iambeta.ResourceIAMBetaWorkloadIdentityPoolProvider(), + "google_iam_workforce_pool": iamworkforcepool.ResourceIAMWorkforcePoolWorkforcePool(), + "google_iam_workforce_pool_provider": iamworkforcepool.ResourceIAMWorkforcePoolWorkforcePoolProvider(), + "google_iap_app_engine_service_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapAppEngineServiceIamSchema, iap.IapAppEngineServiceIamUpdaterProducer, iap.IapAppEngineServiceIdParseFunc), + "google_iap_app_engine_service_iam_member": tpgiamresource.ResourceIamMember(iap.IapAppEngineServiceIamSchema, iap.IapAppEngineServiceIamUpdaterProducer, iap.IapAppEngineServiceIdParseFunc), + "google_iap_app_engine_service_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapAppEngineServiceIamSchema, iap.IapAppEngineServiceIamUpdaterProducer, iap.IapAppEngineServiceIdParseFunc), + "google_iap_app_engine_version_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapAppEngineVersionIamSchema, iap.IapAppEngineVersionIamUpdaterProducer, iap.IapAppEngineVersionIdParseFunc), + "google_iap_app_engine_version_iam_member": tpgiamresource.ResourceIamMember(iap.IapAppEngineVersionIamSchema, iap.IapAppEngineVersionIamUpdaterProducer, iap.IapAppEngineVersionIdParseFunc), + "google_iap_app_engine_version_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapAppEngineVersionIamSchema, iap.IapAppEngineVersionIamUpdaterProducer, iap.IapAppEngineVersionIdParseFunc), + "google_iap_brand": iap.ResourceIapBrand(), + "google_iap_client": iap.ResourceIapClient(), + "google_iap_tunnel_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapTunnelIamSchema, iap.IapTunnelIamUpdaterProducer, iap.IapTunnelIdParseFunc), + "google_iap_tunnel_iam_member": tpgiamresource.ResourceIamMember(iap.IapTunnelIamSchema, iap.IapTunnelIamUpdaterProducer, iap.IapTunnelIdParseFunc), + "google_iap_tunnel_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapTunnelIamSchema, iap.IapTunnelIamUpdaterProducer, iap.IapTunnelIdParseFunc), + "google_iap_tunnel_dest_group": iap.ResourceIapTunnelDestGroup(), + "google_iap_tunnel_dest_group_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapTunnelDestGroupIamSchema, iap.IapTunnelDestGroupIamUpdaterProducer, iap.IapTunnelDestGroupIdParseFunc), + "google_iap_tunnel_dest_group_iam_member": tpgiamresource.ResourceIamMember(iap.IapTunnelDestGroupIamSchema, iap.IapTunnelDestGroupIamUpdaterProducer, iap.IapTunnelDestGroupIdParseFunc), + "google_iap_tunnel_dest_group_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapTunnelDestGroupIamSchema, iap.IapTunnelDestGroupIamUpdaterProducer, iap.IapTunnelDestGroupIdParseFunc), + "google_iap_tunnel_instance_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapTunnelInstanceIamSchema, iap.IapTunnelInstanceIamUpdaterProducer, iap.IapTunnelInstanceIdParseFunc), + "google_iap_tunnel_instance_iam_member": tpgiamresource.ResourceIamMember(iap.IapTunnelInstanceIamSchema, iap.IapTunnelInstanceIamUpdaterProducer, iap.IapTunnelInstanceIdParseFunc), + "google_iap_tunnel_instance_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapTunnelInstanceIamSchema, iap.IapTunnelInstanceIamUpdaterProducer, iap.IapTunnelInstanceIdParseFunc), + "google_iap_web_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebIamSchema, iap.IapWebIamUpdaterProducer, iap.IapWebIdParseFunc), + "google_iap_web_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebIamSchema, iap.IapWebIamUpdaterProducer, iap.IapWebIdParseFunc), + "google_iap_web_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebIamSchema, iap.IapWebIamUpdaterProducer, iap.IapWebIdParseFunc), + "google_iap_web_backend_service_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebBackendServiceIamSchema, iap.IapWebBackendServiceIamUpdaterProducer, iap.IapWebBackendServiceIdParseFunc), + "google_iap_web_backend_service_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebBackendServiceIamSchema, iap.IapWebBackendServiceIamUpdaterProducer, iap.IapWebBackendServiceIdParseFunc), + "google_iap_web_backend_service_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebBackendServiceIamSchema, iap.IapWebBackendServiceIamUpdaterProducer, iap.IapWebBackendServiceIdParseFunc), + "google_iap_web_region_backend_service_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebRegionBackendServiceIamSchema, iap.IapWebRegionBackendServiceIamUpdaterProducer, iap.IapWebRegionBackendServiceIdParseFunc), + "google_iap_web_region_backend_service_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebRegionBackendServiceIamSchema, iap.IapWebRegionBackendServiceIamUpdaterProducer, iap.IapWebRegionBackendServiceIdParseFunc), + "google_iap_web_region_backend_service_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebRegionBackendServiceIamSchema, iap.IapWebRegionBackendServiceIamUpdaterProducer, iap.IapWebRegionBackendServiceIdParseFunc), + "google_iap_web_type_app_engine_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebTypeAppEngineIamSchema, iap.IapWebTypeAppEngineIamUpdaterProducer, iap.IapWebTypeAppEngineIdParseFunc), + "google_iap_web_type_app_engine_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebTypeAppEngineIamSchema, iap.IapWebTypeAppEngineIamUpdaterProducer, iap.IapWebTypeAppEngineIdParseFunc), + "google_iap_web_type_app_engine_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebTypeAppEngineIamSchema, iap.IapWebTypeAppEngineIamUpdaterProducer, iap.IapWebTypeAppEngineIdParseFunc), + "google_iap_web_type_compute_iam_binding": tpgiamresource.ResourceIamBinding(iap.IapWebTypeComputeIamSchema, iap.IapWebTypeComputeIamUpdaterProducer, iap.IapWebTypeComputeIdParseFunc), + "google_iap_web_type_compute_iam_member": tpgiamresource.ResourceIamMember(iap.IapWebTypeComputeIamSchema, iap.IapWebTypeComputeIamUpdaterProducer, iap.IapWebTypeComputeIdParseFunc), + "google_iap_web_type_compute_iam_policy": tpgiamresource.ResourceIamPolicy(iap.IapWebTypeComputeIamSchema, iap.IapWebTypeComputeIamUpdaterProducer, iap.IapWebTypeComputeIdParseFunc), + "google_identity_platform_config": identityplatform.ResourceIdentityPlatformConfig(), + "google_identity_platform_default_supported_idp_config": identityplatform.ResourceIdentityPlatformDefaultSupportedIdpConfig(), + "google_identity_platform_inbound_saml_config": identityplatform.ResourceIdentityPlatformInboundSamlConfig(), + "google_identity_platform_oauth_idp_config": identityplatform.ResourceIdentityPlatformOauthIdpConfig(), + "google_identity_platform_project_default_config": identityplatform.ResourceIdentityPlatformProjectDefaultConfig(), + "google_identity_platform_tenant": identityplatform.ResourceIdentityPlatformTenant(), + "google_identity_platform_tenant_default_supported_idp_config": identityplatform.ResourceIdentityPlatformTenantDefaultSupportedIdpConfig(), + "google_identity_platform_tenant_inbound_saml_config": identityplatform.ResourceIdentityPlatformTenantInboundSamlConfig(), + "google_identity_platform_tenant_oauth_idp_config": identityplatform.ResourceIdentityPlatformTenantOauthIdpConfig(), + "google_integration_connectors_connection": integrationconnectors.ResourceIntegrationConnectorsConnection(), + "google_integration_connectors_endpoint_attachment": integrationconnectors.ResourceIntegrationConnectorsEndpointAttachment(), + "google_integrations_client": integrations.ResourceIntegrationsClient(), + "google_kms_crypto_key": kms.ResourceKMSCryptoKey(), + "google_kms_crypto_key_version": kms.ResourceKMSCryptoKeyVersion(), + "google_kms_ekm_connection": kms.ResourceKMSEkmConnection(), + "google_kms_key_ring": kms.ResourceKMSKeyRing(), + "google_kms_key_ring_import_job": kms.ResourceKMSKeyRingImportJob(), + "google_kms_secret_ciphertext": kms.ResourceKMSSecretCiphertext(), + "google_logging_folder_settings": logging.ResourceLoggingFolderSettings(), + "google_logging_linked_dataset": logging.ResourceLoggingLinkedDataset(), + "google_logging_log_view": logging.ResourceLoggingLogView(), + "google_logging_metric": logging.ResourceLoggingMetric(), + "google_logging_organization_settings": logging.ResourceLoggingOrganizationSettings(), + "google_looker_instance": looker.ResourceLookerInstance(), + "google_memcache_instance": memcache.ResourceMemcacheInstance(), + "google_migration_center_group": migrationcenter.ResourceMigrationCenterGroup(), + "google_migration_center_preference_set": migrationcenter.ResourceMigrationCenterPreferenceSet(), + "google_ml_engine_model": mlengine.ResourceMLEngineModel(), + "google_monitoring_alert_policy": monitoring.ResourceMonitoringAlertPolicy(), + "google_monitoring_service": monitoring.ResourceMonitoringGenericService(), + "google_monitoring_group": monitoring.ResourceMonitoringGroup(), + "google_monitoring_metric_descriptor": monitoring.ResourceMonitoringMetricDescriptor(), + "google_monitoring_monitored_project": monitoring.ResourceMonitoringMonitoredProject(), + "google_monitoring_notification_channel": monitoring.ResourceMonitoringNotificationChannel(), + "google_monitoring_custom_service": monitoring.ResourceMonitoringService(), + "google_monitoring_slo": monitoring.ResourceMonitoringSlo(), + "google_monitoring_uptime_check_config": monitoring.ResourceMonitoringUptimeCheckConfig(), + "google_netapp_volume": netapp.ResourceNetappVolume(), + "google_netapp_volume_replication": netapp.ResourceNetappVolumeReplication(), + "google_netapp_volume_snapshot": netapp.ResourceNetappVolumeSnapshot(), + "google_netapp_active_directory": netapp.ResourceNetappactiveDirectory(), + "google_netapp_backup_policy": netapp.ResourceNetappbackupPolicy(), + "google_netapp_backup_vault": netapp.ResourceNetappbackupVault(), + "google_netapp_kmsconfig": netapp.ResourceNetappkmsconfig(), + "google_netapp_storage_pool": netapp.ResourceNetappstoragePool(), + "google_network_connectivity_policy_based_route": networkconnectivity.ResourceNetworkConnectivityPolicyBasedRoute(), + "google_network_connectivity_service_connection_policy": networkconnectivity.ResourceNetworkConnectivityServiceConnectionPolicy(), + "google_network_management_connectivity_test": networkmanagement.ResourceNetworkManagementConnectivityTest(), + "google_network_security_address_group": networksecurity.ResourceNetworkSecurityAddressGroup(), + "google_network_security_gateway_security_policy": networksecurity.ResourceNetworkSecurityGatewaySecurityPolicy(), + "google_network_security_gateway_security_policy_rule": networksecurity.ResourceNetworkSecurityGatewaySecurityPolicyRule(), + "google_network_security_address_group_iam_binding": tpgiamresource.ResourceIamBinding(networksecurity.NetworkSecurityProjectAddressGroupIamSchema, networksecurity.NetworkSecurityProjectAddressGroupIamUpdaterProducer, networksecurity.NetworkSecurityProjectAddressGroupIdParseFunc), + "google_network_security_address_group_iam_member": tpgiamresource.ResourceIamMember(networksecurity.NetworkSecurityProjectAddressGroupIamSchema, networksecurity.NetworkSecurityProjectAddressGroupIamUpdaterProducer, networksecurity.NetworkSecurityProjectAddressGroupIdParseFunc), + "google_network_security_address_group_iam_policy": tpgiamresource.ResourceIamPolicy(networksecurity.NetworkSecurityProjectAddressGroupIamSchema, networksecurity.NetworkSecurityProjectAddressGroupIamUpdaterProducer, networksecurity.NetworkSecurityProjectAddressGroupIdParseFunc), + "google_network_security_url_lists": networksecurity.ResourceNetworkSecurityUrlLists(), + "google_network_services_edge_cache_keyset": networkservices.ResourceNetworkServicesEdgeCacheKeyset(), + "google_network_services_edge_cache_origin": networkservices.ResourceNetworkServicesEdgeCacheOrigin(), + "google_network_services_edge_cache_service": networkservices.ResourceNetworkServicesEdgeCacheService(), + "google_network_services_gateway": networkservices.ResourceNetworkServicesGateway(), + "google_notebooks_environment": notebooks.ResourceNotebooksEnvironment(), + "google_notebooks_instance": notebooks.ResourceNotebooksInstance(), + "google_notebooks_instance_iam_binding": tpgiamresource.ResourceIamBinding(notebooks.NotebooksInstanceIamSchema, notebooks.NotebooksInstanceIamUpdaterProducer, notebooks.NotebooksInstanceIdParseFunc), + "google_notebooks_instance_iam_member": tpgiamresource.ResourceIamMember(notebooks.NotebooksInstanceIamSchema, notebooks.NotebooksInstanceIamUpdaterProducer, notebooks.NotebooksInstanceIdParseFunc), + "google_notebooks_instance_iam_policy": tpgiamresource.ResourceIamPolicy(notebooks.NotebooksInstanceIamSchema, notebooks.NotebooksInstanceIamUpdaterProducer, notebooks.NotebooksInstanceIdParseFunc), + "google_notebooks_location": notebooks.ResourceNotebooksLocation(), + "google_notebooks_runtime": notebooks.ResourceNotebooksRuntime(), + "google_notebooks_runtime_iam_binding": tpgiamresource.ResourceIamBinding(notebooks.NotebooksRuntimeIamSchema, notebooks.NotebooksRuntimeIamUpdaterProducer, notebooks.NotebooksRuntimeIdParseFunc), + "google_notebooks_runtime_iam_member": tpgiamresource.ResourceIamMember(notebooks.NotebooksRuntimeIamSchema, notebooks.NotebooksRuntimeIamUpdaterProducer, notebooks.NotebooksRuntimeIdParseFunc), + "google_notebooks_runtime_iam_policy": tpgiamresource.ResourceIamPolicy(notebooks.NotebooksRuntimeIamSchema, notebooks.NotebooksRuntimeIamUpdaterProducer, notebooks.NotebooksRuntimeIdParseFunc), + "google_org_policy_custom_constraint": orgpolicy.ResourceOrgPolicyCustomConstraint(), + "google_os_config_patch_deployment": osconfig.ResourceOSConfigPatchDeployment(), + "google_os_login_ssh_public_key": oslogin.ResourceOSLoginSSHPublicKey(), + "google_privateca_ca_pool": privateca.ResourcePrivatecaCaPool(), + "google_privateca_ca_pool_iam_binding": tpgiamresource.ResourceIamBinding(privateca.PrivatecaCaPoolIamSchema, privateca.PrivatecaCaPoolIamUpdaterProducer, privateca.PrivatecaCaPoolIdParseFunc), + "google_privateca_ca_pool_iam_member": tpgiamresource.ResourceIamMember(privateca.PrivatecaCaPoolIamSchema, privateca.PrivatecaCaPoolIamUpdaterProducer, privateca.PrivatecaCaPoolIdParseFunc), + "google_privateca_ca_pool_iam_policy": tpgiamresource.ResourceIamPolicy(privateca.PrivatecaCaPoolIamSchema, privateca.PrivatecaCaPoolIamUpdaterProducer, privateca.PrivatecaCaPoolIdParseFunc), + "google_privateca_certificate": privateca.ResourcePrivatecaCertificate(), + "google_privateca_certificate_authority": privateca.ResourcePrivatecaCertificateAuthority(), + "google_privateca_certificate_template_iam_binding": tpgiamresource.ResourceIamBinding(privateca.PrivatecaCertificateTemplateIamSchema, privateca.PrivatecaCertificateTemplateIamUpdaterProducer, privateca.PrivatecaCertificateTemplateIdParseFunc), + "google_privateca_certificate_template_iam_member": tpgiamresource.ResourceIamMember(privateca.PrivatecaCertificateTemplateIamSchema, privateca.PrivatecaCertificateTemplateIamUpdaterProducer, privateca.PrivatecaCertificateTemplateIdParseFunc), + "google_privateca_certificate_template_iam_policy": tpgiamresource.ResourceIamPolicy(privateca.PrivatecaCertificateTemplateIamSchema, privateca.PrivatecaCertificateTemplateIamUpdaterProducer, privateca.PrivatecaCertificateTemplateIdParseFunc), + "google_public_ca_external_account_key": publicca.ResourcePublicCAExternalAccountKey(), + "google_pubsub_schema": pubsub.ResourcePubsubSchema(), + "google_pubsub_schema_iam_binding": tpgiamresource.ResourceIamBinding(pubsub.PubsubSchemaIamSchema, pubsub.PubsubSchemaIamUpdaterProducer, pubsub.PubsubSchemaIdParseFunc), + "google_pubsub_schema_iam_member": tpgiamresource.ResourceIamMember(pubsub.PubsubSchemaIamSchema, pubsub.PubsubSchemaIamUpdaterProducer, pubsub.PubsubSchemaIdParseFunc), + "google_pubsub_schema_iam_policy": tpgiamresource.ResourceIamPolicy(pubsub.PubsubSchemaIamSchema, pubsub.PubsubSchemaIamUpdaterProducer, pubsub.PubsubSchemaIdParseFunc), + "google_pubsub_subscription": pubsub.ResourcePubsubSubscription(), + "google_pubsub_topic": pubsub.ResourcePubsubTopic(), + "google_pubsub_topic_iam_binding": tpgiamresource.ResourceIamBinding(pubsub.PubsubTopicIamSchema, pubsub.PubsubTopicIamUpdaterProducer, pubsub.PubsubTopicIdParseFunc), + "google_pubsub_topic_iam_member": tpgiamresource.ResourceIamMember(pubsub.PubsubTopicIamSchema, pubsub.PubsubTopicIamUpdaterProducer, pubsub.PubsubTopicIdParseFunc), + "google_pubsub_topic_iam_policy": tpgiamresource.ResourceIamPolicy(pubsub.PubsubTopicIamSchema, pubsub.PubsubTopicIamUpdaterProducer, pubsub.PubsubTopicIdParseFunc), + "google_pubsub_lite_reservation": pubsublite.ResourcePubsubLiteReservation(), + "google_pubsub_lite_subscription": pubsublite.ResourcePubsubLiteSubscription(), + "google_pubsub_lite_topic": pubsublite.ResourcePubsubLiteTopic(), + "google_redis_cluster": redis.ResourceRedisCluster(), + "google_redis_instance": redis.ResourceRedisInstance(), + "google_resource_manager_lien": resourcemanager.ResourceResourceManagerLien(), + "google_secret_manager_secret": secretmanager.ResourceSecretManagerSecret(), + "google_secret_manager_secret_iam_binding": tpgiamresource.ResourceIamBinding(secretmanager.SecretManagerSecretIamSchema, secretmanager.SecretManagerSecretIamUpdaterProducer, secretmanager.SecretManagerSecretIdParseFunc), + "google_secret_manager_secret_iam_member": tpgiamresource.ResourceIamMember(secretmanager.SecretManagerSecretIamSchema, secretmanager.SecretManagerSecretIamUpdaterProducer, secretmanager.SecretManagerSecretIdParseFunc), + "google_secret_manager_secret_iam_policy": tpgiamresource.ResourceIamPolicy(secretmanager.SecretManagerSecretIamSchema, secretmanager.SecretManagerSecretIamUpdaterProducer, secretmanager.SecretManagerSecretIdParseFunc), + "google_secret_manager_secret_version": secretmanager.ResourceSecretManagerSecretVersion(), + "google_secure_source_manager_instance": securesourcemanager.ResourceSecureSourceManagerInstance(), + "google_secure_source_manager_instance_iam_binding": tpgiamresource.ResourceIamBinding(securesourcemanager.SecureSourceManagerInstanceIamSchema, securesourcemanager.SecureSourceManagerInstanceIamUpdaterProducer, securesourcemanager.SecureSourceManagerInstanceIdParseFunc), + "google_secure_source_manager_instance_iam_member": tpgiamresource.ResourceIamMember(securesourcemanager.SecureSourceManagerInstanceIamSchema, securesourcemanager.SecureSourceManagerInstanceIamUpdaterProducer, securesourcemanager.SecureSourceManagerInstanceIdParseFunc), + "google_secure_source_manager_instance_iam_policy": tpgiamresource.ResourceIamPolicy(securesourcemanager.SecureSourceManagerInstanceIamSchema, securesourcemanager.SecureSourceManagerInstanceIamUpdaterProducer, securesourcemanager.SecureSourceManagerInstanceIdParseFunc), + "google_scc_event_threat_detection_custom_module": securitycenter.ResourceSecurityCenterEventThreatDetectionCustomModule(), + "google_scc_folder_custom_module": securitycenter.ResourceSecurityCenterFolderCustomModule(), + "google_scc_mute_config": securitycenter.ResourceSecurityCenterMuteConfig(), + "google_scc_notification_config": securitycenter.ResourceSecurityCenterNotificationConfig(), + "google_scc_organization_custom_module": securitycenter.ResourceSecurityCenterOrganizationCustomModule(), + "google_scc_project_custom_module": securitycenter.ResourceSecurityCenterProjectCustomModule(), + "google_scc_source": securitycenter.ResourceSecurityCenterSource(), + "google_scc_source_iam_binding": tpgiamresource.ResourceIamBinding(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc), + "google_scc_source_iam_member": tpgiamresource.ResourceIamMember(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc), + "google_scc_source_iam_policy": tpgiamresource.ResourceIamPolicy(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc), + "google_securityposture_posture": securityposture.ResourceSecurityposturePosture(), + "google_securityposture_posture_deployment": securityposture.ResourceSecurityposturePostureDeployment(), + "google_endpoints_service_iam_binding": tpgiamresource.ResourceIamBinding(servicemanagement.ServiceManagementServiceIamSchema, servicemanagement.ServiceManagementServiceIamUpdaterProducer, servicemanagement.ServiceManagementServiceIdParseFunc), + "google_endpoints_service_iam_member": tpgiamresource.ResourceIamMember(servicemanagement.ServiceManagementServiceIamSchema, servicemanagement.ServiceManagementServiceIamUpdaterProducer, servicemanagement.ServiceManagementServiceIdParseFunc), + "google_endpoints_service_iam_policy": tpgiamresource.ResourceIamPolicy(servicemanagement.ServiceManagementServiceIamSchema, servicemanagement.ServiceManagementServiceIamUpdaterProducer, servicemanagement.ServiceManagementServiceIdParseFunc), + "google_endpoints_service_consumers_iam_binding": tpgiamresource.ResourceIamBinding(servicemanagement.ServiceManagementServiceConsumersIamSchema, servicemanagement.ServiceManagementServiceConsumersIamUpdaterProducer, servicemanagement.ServiceManagementServiceConsumersIdParseFunc), + "google_endpoints_service_consumers_iam_member": tpgiamresource.ResourceIamMember(servicemanagement.ServiceManagementServiceConsumersIamSchema, servicemanagement.ServiceManagementServiceConsumersIamUpdaterProducer, servicemanagement.ServiceManagementServiceConsumersIdParseFunc), + "google_endpoints_service_consumers_iam_policy": tpgiamresource.ResourceIamPolicy(servicemanagement.ServiceManagementServiceConsumersIamSchema, servicemanagement.ServiceManagementServiceConsumersIamUpdaterProducer, servicemanagement.ServiceManagementServiceConsumersIdParseFunc), + "google_sourcerepo_repository": sourcerepo.ResourceSourceRepoRepository(), + "google_sourcerepo_repository_iam_binding": tpgiamresource.ResourceIamBinding(sourcerepo.SourceRepoRepositoryIamSchema, sourcerepo.SourceRepoRepositoryIamUpdaterProducer, sourcerepo.SourceRepoRepositoryIdParseFunc), + "google_sourcerepo_repository_iam_member": tpgiamresource.ResourceIamMember(sourcerepo.SourceRepoRepositoryIamSchema, sourcerepo.SourceRepoRepositoryIamUpdaterProducer, sourcerepo.SourceRepoRepositoryIdParseFunc), + "google_sourcerepo_repository_iam_policy": tpgiamresource.ResourceIamPolicy(sourcerepo.SourceRepoRepositoryIamSchema, sourcerepo.SourceRepoRepositoryIamUpdaterProducer, sourcerepo.SourceRepoRepositoryIdParseFunc), + "google_spanner_database": spanner.ResourceSpannerDatabase(), + "google_spanner_instance": spanner.ResourceSpannerInstance(), + "google_sql_database": sql.ResourceSQLDatabase(), + "google_sql_source_representation_instance": sql.ResourceSQLSourceRepresentationInstance(), + "google_storage_bucket_iam_binding": tpgiamresource.ResourceIamBinding(storage.StorageBucketIamSchema, storage.StorageBucketIamUpdaterProducer, storage.StorageBucketIdParseFunc), + "google_storage_bucket_iam_member": tpgiamresource.ResourceIamMember(storage.StorageBucketIamSchema, storage.StorageBucketIamUpdaterProducer, storage.StorageBucketIdParseFunc), + "google_storage_bucket_iam_policy": tpgiamresource.ResourceIamPolicy(storage.StorageBucketIamSchema, storage.StorageBucketIamUpdaterProducer, storage.StorageBucketIdParseFunc), + "google_storage_bucket_access_control": storage.ResourceStorageBucketAccessControl(), + "google_storage_default_object_access_control": storage.ResourceStorageDefaultObjectAccessControl(), + "google_storage_hmac_key": storage.ResourceStorageHmacKey(), + "google_storage_object_access_control": storage.ResourceStorageObjectAccessControl(), + "google_storage_insights_report_config": storageinsights.ResourceStorageInsightsReportConfig(), + "google_storage_transfer_agent_pool": storagetransfer.ResourceStorageTransferAgentPool(), + "google_tags_tag_binding": tags.ResourceTagsTagBinding(), + "google_tags_tag_key": tags.ResourceTagsTagKey(), + "google_tags_tag_key_iam_binding": tpgiamresource.ResourceIamBinding(tags.TagsTagKeyIamSchema, tags.TagsTagKeyIamUpdaterProducer, tags.TagsTagKeyIdParseFunc), + "google_tags_tag_key_iam_member": tpgiamresource.ResourceIamMember(tags.TagsTagKeyIamSchema, tags.TagsTagKeyIamUpdaterProducer, tags.TagsTagKeyIdParseFunc), + "google_tags_tag_key_iam_policy": tpgiamresource.ResourceIamPolicy(tags.TagsTagKeyIamSchema, tags.TagsTagKeyIamUpdaterProducer, tags.TagsTagKeyIdParseFunc), + "google_tags_tag_value": tags.ResourceTagsTagValue(), + "google_tags_tag_value_iam_binding": tpgiamresource.ResourceIamBinding(tags.TagsTagValueIamSchema, tags.TagsTagValueIamUpdaterProducer, tags.TagsTagValueIdParseFunc), + "google_tags_tag_value_iam_member": tpgiamresource.ResourceIamMember(tags.TagsTagValueIamSchema, tags.TagsTagValueIamUpdaterProducer, tags.TagsTagValueIdParseFunc), + "google_tags_tag_value_iam_policy": tpgiamresource.ResourceIamPolicy(tags.TagsTagValueIamSchema, tags.TagsTagValueIamUpdaterProducer, tags.TagsTagValueIdParseFunc), + "google_tpu_node": tpu.ResourceTPUNode(), + "google_vertex_ai_dataset": vertexai.ResourceVertexAIDataset(), + "google_vertex_ai_endpoint": vertexai.ResourceVertexAIEndpoint(), + "google_vertex_ai_feature_group": vertexai.ResourceVertexAIFeatureGroup(), + "google_vertex_ai_feature_group_feature": vertexai.ResourceVertexAIFeatureGroupFeature(), + "google_vertex_ai_feature_online_store": vertexai.ResourceVertexAIFeatureOnlineStore(), + "google_vertex_ai_feature_online_store_featureview": vertexai.ResourceVertexAIFeatureOnlineStoreFeatureview(), + "google_vertex_ai_featurestore": vertexai.ResourceVertexAIFeaturestore(), + "google_vertex_ai_featurestore_entitytype": vertexai.ResourceVertexAIFeaturestoreEntitytype(), + "google_vertex_ai_featurestore_entitytype_feature": vertexai.ResourceVertexAIFeaturestoreEntitytypeFeature(), + "google_vertex_ai_index": vertexai.ResourceVertexAIIndex(), + "google_vertex_ai_index_endpoint": vertexai.ResourceVertexAIIndexEndpoint(), + "google_vertex_ai_tensorboard": vertexai.ResourceVertexAITensorboard(), + "google_vmwareengine_cluster": vmwareengine.ResourceVmwareengineCluster(), + "google_vmwareengine_external_access_rule": vmwareengine.ResourceVmwareengineExternalAccessRule(), + "google_vmwareengine_external_address": vmwareengine.ResourceVmwareengineExternalAddress(), + "google_vmwareengine_network": vmwareengine.ResourceVmwareengineNetwork(), + "google_vmwareengine_network_peering": vmwareengine.ResourceVmwareengineNetworkPeering(), + "google_vmwareengine_network_policy": vmwareengine.ResourceVmwareengineNetworkPolicy(), + "google_vmwareengine_private_cloud": vmwareengine.ResourceVmwareenginePrivateCloud(), + "google_vmwareengine_subnet": vmwareengine.ResourceVmwareengineSubnet(), + "google_vpc_access_connector": vpcaccess.ResourceVPCAccessConnector(), + "google_workbench_instance": workbench.ResourceWorkbenchInstance(), + "google_workbench_instance_iam_binding": tpgiamresource.ResourceIamBinding(workbench.WorkbenchInstanceIamSchema, workbench.WorkbenchInstanceIamUpdaterProducer, workbench.WorkbenchInstanceIdParseFunc), + "google_workbench_instance_iam_member": tpgiamresource.ResourceIamMember(workbench.WorkbenchInstanceIamSchema, workbench.WorkbenchInstanceIamUpdaterProducer, workbench.WorkbenchInstanceIdParseFunc), + "google_workbench_instance_iam_policy": tpgiamresource.ResourceIamPolicy(workbench.WorkbenchInstanceIamSchema, workbench.WorkbenchInstanceIamUpdaterProducer, workbench.WorkbenchInstanceIdParseFunc), + "google_workflows_workflow": workflows.ResourceWorkflowsWorkflow(), } var handwrittenResources = map[string]*schema.Resource{ diff --git a/google/services/accesscontextmanager/resource_access_context_manager_access_policy_test.go b/google/services/accesscontextmanager/resource_access_context_manager_access_policy_test.go index 403e57ab2cc..5a27e4bf4e4 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_access_policy_test.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_access_policy_test.go @@ -18,21 +18,22 @@ import ( // can exist, they need to be run serially func TestAccAccessContextManager(t *testing.T) { testCases := map[string]func(t *testing.T){ - "access_policy": testAccAccessContextManagerAccessPolicy_basicTest, - "access_policy_scoped": testAccAccessContextManagerAccessPolicy_scopedTest, - "service_perimeter": testAccAccessContextManagerServicePerimeter_basicTest, - "service_perimeter_update": testAccAccessContextManagerServicePerimeter_updateTest, - "service_perimeter_resource": testAccAccessContextManagerServicePerimeterResource_basicTest, - "access_level": testAccAccessContextManagerAccessLevel_basicTest, - "access_level_full": testAccAccessContextManagerAccessLevel_fullTest, - "access_level_custom": testAccAccessContextManagerAccessLevel_customTest, - "access_levels": testAccAccessContextManagerAccessLevels_basicTest, - "access_level_condition": testAccAccessContextManagerAccessLevelCondition_basicTest, - "service_perimeter_egress_policy": testAccAccessContextManagerServicePerimeterEgressPolicy_basicTest, - "service_perimeter_ingress_policy": testAccAccessContextManagerServicePerimeterIngressPolicy_basicTest, - "service_perimeters": testAccAccessContextManagerServicePerimeters_basicTest, - "gcp_user_access_binding": testAccAccessContextManagerGcpUserAccessBinding_basicTest, - "authorized_orgs_desc": testAccAccessContextManagerAuthorizedOrgsDesc_basicTest, + "access_policy": testAccAccessContextManagerAccessPolicy_basicTest, + "access_policy_scoped": testAccAccessContextManagerAccessPolicy_scopedTest, + "service_perimeter": testAccAccessContextManagerServicePerimeter_basicTest, + "service_perimeter_update": testAccAccessContextManagerServicePerimeter_updateTest, + "service_perimeter_resource": testAccAccessContextManagerServicePerimeterResource_basicTest, + "service_perimeter_dry_run_resource": testAccAccessContextManagerServicePerimeterResource_basicTest, + "access_level": testAccAccessContextManagerAccessLevel_basicTest, + "access_level_full": testAccAccessContextManagerAccessLevel_fullTest, + "access_level_custom": testAccAccessContextManagerAccessLevel_customTest, + "access_levels": testAccAccessContextManagerAccessLevels_basicTest, + "access_level_condition": testAccAccessContextManagerAccessLevelCondition_basicTest, + "service_perimeter_egress_policy": testAccAccessContextManagerServicePerimeterEgressPolicy_basicTest, + "service_perimeter_ingress_policy": testAccAccessContextManagerServicePerimeterIngressPolicy_basicTest, + "service_perimeters": testAccAccessContextManagerServicePerimeters_basicTest, + "gcp_user_access_binding": testAccAccessContextManagerGcpUserAccessBinding_basicTest, + "authorized_orgs_desc": testAccAccessContextManagerAuthorizedOrgsDesc_basicTest, } for name, tc := range testCases { diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource.go new file mode 100644 index 00000000000..8465f0755e7 --- /dev/null +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource.go @@ -0,0 +1,473 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package accesscontextmanager + +import ( + "fmt" + "log" + "reflect" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/hashicorp/terraform-provider-google/google/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" +) + +func ResourceAccessContextManagerServicePerimeterDryRunResource() *schema.Resource { + return &schema.Resource{ + Create: resourceAccessContextManagerServicePerimeterDryRunResourceCreate, + Read: resourceAccessContextManagerServicePerimeterDryRunResourceRead, + Delete: resourceAccessContextManagerServicePerimeterDryRunResourceDelete, + + Importer: &schema.ResourceImporter{ + State: resourceAccessContextManagerServicePerimeterDryRunResourceImport, + }, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(20 * time.Minute), + Delete: schema.DefaultTimeout(20 * time.Minute), + }, + + Schema: map[string]*schema.Schema{ + "perimeter_name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + DiffSuppressFunc: tpgresource.CompareSelfLinkOrResourceName, + Description: `The name of the Service Perimeter to add this resource to.`, + }, + "resource": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: `A GCP resource that is inside of the service perimeter. +Currently only projects are allowed. +Format: projects/{project_number}`, + }, + }, + UseJSONNumber: true, + } +} + +func resourceAccessContextManagerServicePerimeterDryRunResourceCreate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + obj := make(map[string]interface{}) + resourceProp, err := expandNestedAccessContextManagerServicePerimeterDryRunResourceResource(d.Get("resource"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("resource"); !tpgresource.IsEmptyValue(reflect.ValueOf(resourceProp)) && (ok || !reflect.DeepEqual(v, resourceProp)) { + obj["resource"] = resourceProp + } + + lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter_name}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{perimeter_name}}") + if err != nil { + return err + } + + log.Printf("[DEBUG] Creating new ServicePerimeterDryRunResource: %#v", obj) + + obj, err = resourceAccessContextManagerServicePerimeterDryRunResourcePatchCreateEncoder(d, meta, obj) + if err != nil { + return err + } + url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": "spec.resources"}) + if err != nil { + return err + } + billingProject := "" + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + obj["use_explicit_dry_run_spec"] = true + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "PATCH", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutCreate), + }) + if err != nil { + return fmt.Errorf("Error creating ServicePerimeterDryRunResource: %s", err) + } + + // Store the ID now + id, err := tpgresource.ReplaceVars(d, config, "{{perimeter_name}}/{{resource}}") + if err != nil { + return fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + // Use the resource in the operation response to populate + // identity fields and d.Id() before read + var opRes map[string]interface{} + err = AccessContextManagerOperationWaitTimeWithResponse( + config, res, &opRes, "Creating ServicePerimeterDryRunResource", userAgent, + d.Timeout(schema.TimeoutCreate)) + if err != nil { + // The resource didn't actually create + d.SetId("") + + return fmt.Errorf("Error waiting to create ServicePerimeterDryRunResource: %s", err) + } + + if _, ok := opRes["spec"]; ok { + opRes, err = flattenNestedAccessContextManagerServicePerimeterDryRunResource(d, meta, opRes) + if err != nil { + return fmt.Errorf("Error getting nested object from operation response: %s", err) + } + if opRes == nil { + // Object isn't there any more - remove it from the state. + return fmt.Errorf("Error decoding response from operation, could not find nested object") + } + } + if err := d.Set("resource", flattenNestedAccessContextManagerServicePerimeterDryRunResourceResource(opRes["resource"], d, config)); err != nil { + return err + } + + // This may have caused the ID to update - update it if so. + id, err = tpgresource.ReplaceVars(d, config, "{{perimeter_name}}/{{resource}}") + if err != nil { + return fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + log.Printf("[DEBUG] Finished creating ServicePerimeterDryRunResource %q: %#v", d.Id(), res) + + return resourceAccessContextManagerServicePerimeterDryRunResourceRead(d, meta) +} + +func resourceAccessContextManagerServicePerimeterDryRunResourceRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{perimeter_name}}") + if err != nil { + return err + } + + billingProject := "" + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + }) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("AccessContextManagerServicePerimeterDryRunResource %q", d.Id())) + } + + res, err = flattenNestedAccessContextManagerServicePerimeterDryRunResource(d, meta, res) + if err != nil { + return err + } + + if res == nil { + // Object isn't there any more - remove it from the state. + log.Printf("[DEBUG] Removing AccessContextManagerServicePerimeterDryRunResource because it couldn't be matched.") + d.SetId("") + return nil + } + + if err := d.Set("resource", flattenNestedAccessContextManagerServicePerimeterDryRunResourceResource(res["resource"], d, config)); err != nil { + return fmt.Errorf("Error reading ServicePerimeterDryRunResource: %s", err) + } + + return nil +} + +func resourceAccessContextManagerServicePerimeterDryRunResourceDelete(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + billingProject := "" + + lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter_name}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{perimeter_name}}") + if err != nil { + return err + } + + var obj map[string]interface{} + + obj, err = resourceAccessContextManagerServicePerimeterDryRunResourcePatchDeleteEncoder(d, meta, obj) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, "ServicePerimeterDryRunResource") + } + url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": "spec.resources"}) + if err != nil { + return err + } + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + obj["use_explicit_dry_run_spec"] = true + + log.Printf("[DEBUG] Deleting ServicePerimeterDryRunResource %q", d.Id()) + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "PATCH", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutDelete), + }) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, "ServicePerimeterDryRunResource") + } + + err = AccessContextManagerOperationWaitTime( + config, res, "Deleting ServicePerimeterDryRunResource", userAgent, + d.Timeout(schema.TimeoutDelete)) + + if err != nil { + return err + } + + log.Printf("[DEBUG] Finished deleting ServicePerimeterDryRunResource %q: %#v", d.Id(), res) + return nil +} + +func resourceAccessContextManagerServicePerimeterDryRunResourceImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + config := meta.(*transport_tpg.Config) + + // current import_formats can't import fields with forward slashes in their value + parts, err := tpgresource.GetImportIdQualifiers([]string{"accessPolicies/(?P[^/]+)/servicePerimeters/(?P[^/]+)/(?P.+)"}, d, config, d.Id()) + if err != nil { + return nil, err + } + + if err := d.Set("perimeter_name", fmt.Sprintf("accessPolicies/%s/servicePerimeters/%s", parts["accessPolicy"], parts["perimeter"])); err != nil { + return nil, fmt.Errorf("Error setting perimeter_name: %s", err) + } + if err := d.Set("resource", parts["resource"]); err != nil { + return nil, fmt.Errorf("Error setting resource: %s", err) + } + return []*schema.ResourceData{d}, nil +} + +func flattenNestedAccessContextManagerServicePerimeterDryRunResourceResource(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func expandNestedAccessContextManagerServicePerimeterDryRunResourceResource(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func flattenNestedAccessContextManagerServicePerimeterDryRunResource(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { + var v interface{} + var ok bool + + v, ok = res["spec"] + if !ok || v == nil { + return nil, nil + } + res = v.(map[string]interface{}) + + v, ok = res["resources"] + if !ok || v == nil { + return nil, nil + } + + switch v.(type) { + case []interface{}: + break + case map[string]interface{}: + // Construct list out of single nested resource + v = []interface{}{v} + default: + return nil, fmt.Errorf("expected list or map for value spec.resources. Actual value: %v", v) + } + + _, item, err := resourceAccessContextManagerServicePerimeterDryRunResourceFindNestedObjectInList(d, meta, v.([]interface{})) + if err != nil { + return nil, err + } + return item, nil +} + +func resourceAccessContextManagerServicePerimeterDryRunResourceFindNestedObjectInList(d *schema.ResourceData, meta interface{}, items []interface{}) (index int, item map[string]interface{}, err error) { + expectedResource, err := expandNestedAccessContextManagerServicePerimeterDryRunResourceResource(d.Get("resource"), d, meta.(*transport_tpg.Config)) + if err != nil { + return -1, nil, err + } + expectedFlattenedResource := flattenNestedAccessContextManagerServicePerimeterDryRunResourceResource(expectedResource, d, meta.(*transport_tpg.Config)) + + // Search list for this resource. + for idx, itemRaw := range items { + if itemRaw == nil { + continue + } + // List response only contains the ID - construct a response object. + item := map[string]interface{}{ + "resource": itemRaw, + } + + itemResource := flattenNestedAccessContextManagerServicePerimeterDryRunResourceResource(item["resource"], d, meta.(*transport_tpg.Config)) + // IsEmptyValue check so that if one is nil and the other is "", that's considered a match + if !(tpgresource.IsEmptyValue(reflect.ValueOf(itemResource)) && tpgresource.IsEmptyValue(reflect.ValueOf(expectedFlattenedResource))) && !reflect.DeepEqual(itemResource, expectedFlattenedResource) { + log.Printf("[DEBUG] Skipping item with resource= %#v, looking for %#v)", itemResource, expectedFlattenedResource) + continue + } + log.Printf("[DEBUG] Found item for resource %q: %#v)", d.Id(), item) + return idx, item, nil + } + return -1, nil, nil +} + +// PatchCreateEncoder handles creating request data to PATCH parent resource +// with list including new object. +func resourceAccessContextManagerServicePerimeterDryRunResourcePatchCreateEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + currItems, err := resourceAccessContextManagerServicePerimeterDryRunResourceListForPatch(d, meta) + if err != nil { + return nil, err + } + + _, found, err := resourceAccessContextManagerServicePerimeterDryRunResourceFindNestedObjectInList(d, meta, currItems) + if err != nil { + return nil, err + } + + // Return error if item already created. + if found != nil { + return nil, fmt.Errorf("Unable to create ServicePerimeterDryRunResource, existing object already found: %+v", found) + } + + // Return list with the resource to create appended + res := map[string]interface{}{ + "resources": append(currItems, obj["resource"]), + } + wrapped := map[string]interface{}{ + "spec": res, + } + res = wrapped + + return res, nil +} + +// PatchDeleteEncoder handles creating request data to PATCH parent resource +// with list excluding object to delete. +func resourceAccessContextManagerServicePerimeterDryRunResourcePatchDeleteEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { + currItems, err := resourceAccessContextManagerServicePerimeterDryRunResourceListForPatch(d, meta) + if err != nil { + return nil, err + } + + idx, item, err := resourceAccessContextManagerServicePerimeterDryRunResourceFindNestedObjectInList(d, meta, currItems) + if err != nil { + return nil, err + } + if item == nil { + // Spoof 404 error for proper handling by Delete (i.e. no-op) + return nil, tpgresource.Fake404("nested", "AccessContextManagerServicePerimeterDryRunResource") + } + + updatedItems := append(currItems[:idx], currItems[idx+1:]...) + res := map[string]interface{}{ + "resources": updatedItems, + } + wrapped := map[string]interface{}{ + "spec": res, + } + res = wrapped + + return res, nil +} + +// ListForPatch handles making API request to get parent resource and +// extracting list of objects. +func resourceAccessContextManagerServicePerimeterDryRunResourceListForPatch(d *schema.ResourceData, meta interface{}) ([]interface{}, error) { + config := meta.(*transport_tpg.Config) + url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{perimeter_name}}") + if err != nil { + return nil, err + } + + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return nil, err + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + RawURL: url, + UserAgent: userAgent, + }) + if err != nil { + return nil, err + } + + var v interface{} + var ok bool + if v, ok = res["spec"]; ok && v != nil { + res = v.(map[string]interface{}) + } else { + return nil, nil + } + + v, ok = res["resources"] + if ok && v != nil { + ls, lsOk := v.([]interface{}) + if !lsOk { + return nil, fmt.Errorf(`expected list for nested field "resources"`) + } + return ls, nil + } + return nil, nil +} diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource_test.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource_test.go new file mode 100644 index 00000000000..8002bc00b0c --- /dev/null +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_dry_run_resource_test.go @@ -0,0 +1,141 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 +package accesscontextmanager_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/hashicorp/terraform-provider-google/google/acctest" + "github.com/hashicorp/terraform-provider-google/google/envvar" + "github.com/hashicorp/terraform-provider-google/google/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" +) + +// Since each test here is acting on the same organization and only one AccessPolicy +// can exist, they need to be run serially. See AccessPolicy for the test runner. + +func testAccAccessContextManagerServicePerimeterDryRunResource_basicTest(t *testing.T) { + // Multiple fine-grained resources + acctest.SkipIfVcr(t) + org := envvar.GetTestOrgFromEnv(t) + projects := acctest.BootstrapServicePerimeterProjects(t, 2) + policyTitle := "my policy" + perimeterTitle := "perimeter" + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccAccessContextManagerServicePerimeterDryRunResource_basic(org, policyTitle, perimeterTitle, projects[0].ProjectNumber, projects[1].ProjectNumber), + }, + { + ResourceName: "google_access_context_manager_service_perimeter_dry_run_resource.test-access1", + ImportState: true, + ImportStateVerify: true, + }, + { + ResourceName: "google_access_context_manager_service_perimeter_dry_run_resource.test-access2", + ImportState: true, + ImportStateVerify: true, + }, + // Use a separate TestStep rather than a CheckDestroy because we need the service perimeter to still exist + { + Config: testAccAccessContextManagerServicePerimeterDryRunResource_destroy(org, policyTitle, perimeterTitle), + Check: testAccCheckAccessContextManagerServicePerimeterDryRunResourceDestroyProducer(t), + }, + }, + }) +} + +func testAccCheckAccessContextManagerServicePerimeterDryRunResourceDestroyProducer(t *testing.T) func(s *terraform.State) error { + return func(s *terraform.State) error { + for _, rs := range s.RootModule().Resources { + if rs.Type != "google_access_context_manager_service_perimeter_dry_run_resource" { + continue + } + + config := acctest.GoogleProviderConfig(t) + + url, err := tpgresource.ReplaceVarsForTest(config, rs, "{{AccessContextManagerBasePath}}{{perimeter_name}}") + if err != nil { + return err + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + RawURL: url, + UserAgent: config.UserAgent, + }) + if err != nil { + return err + } + + v, ok := res["spec"] + if !ok || v == nil { + return nil + } + + res = v.(map[string]interface{}) + v, ok = res["resources"] + if !ok || v == nil { + return nil + } + + resources := v.([]interface{}) + if len(resources) == 0 { + return nil + } + + return fmt.Errorf("expected 0 resources in perimeter, found %d: %v", len(resources), resources) + } + + return nil + } +} + +func testAccAccessContextManagerServicePerimeterDryRunResource_basic(org, policyTitle, perimeterTitleName string, projectNumber1, projectNumber2 int64) string { + return fmt.Sprintf(` +%s + +resource "google_access_context_manager_service_perimeter_dry_run_resource" "test-access1" { + perimeter_name = google_access_context_manager_service_perimeter.test-access.name + resource = "projects/%d" +} + +resource "google_access_context_manager_service_perimeter_dry_run_resource" "test-access2" { + perimeter_name = google_access_context_manager_service_perimeter.test-access.name + resource = "projects/%d" +} +`, testAccAccessContextManagerServicePerimeterDryRunResource_destroy(org, policyTitle, perimeterTitleName), projectNumber1, projectNumber2) +} + +func testAccAccessContextManagerServicePerimeterDryRunResource_destroy(org, policyTitle, perimeterTitleName string) string { + return fmt.Sprintf(` +resource "google_access_context_manager_access_policy" "test-access" { + parent = "organizations/%s" + title = "%s" +} + +resource "google_access_context_manager_service_perimeter" "test-access" { + parent = "accessPolicies/${google_access_context_manager_access_policy.test-access.name}" + name = "accessPolicies/${google_access_context_manager_access_policy.test-access.name}/servicePerimeters/%s" + title = "%s" + perimeter_type = "PERIMETER_TYPE_REGULAR" + status { + restricted_services = ["storage.googleapis.com"] + } + spec { + restricted_services = ["storage.googleapis.com"] + } + use_explicit_dry_run_spec = true + lifecycle { + ignore_changes = [spec[0].resources] + } +} +`, org, policyTitle, perimeterTitleName, perimeterTitleName) +} diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_egress_policy.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_egress_policy.go index ac46e8d84fa..43834955770 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_egress_policy.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_egress_policy.go @@ -21,7 +21,6 @@ import ( "fmt" "log" "reflect" - "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -35,7 +34,6 @@ func ResourceAccessContextManagerServicePerimeterEgressPolicy() *schema.Resource return &schema.Resource{ Create: resourceAccessContextManagerServicePerimeterEgressPolicyCreate, Read: resourceAccessContextManagerServicePerimeterEgressPolicyRead, - Update: resourceAccessContextManagerServicePerimeterEgressPolicyUpdate, Delete: resourceAccessContextManagerServicePerimeterEgressPolicyDelete, Importer: &schema.ResourceImporter{ @@ -44,7 +42,6 @@ func ResourceAccessContextManagerServicePerimeterEgressPolicy() *schema.Resource Timeouts: &schema.ResourceTimeout{ Create: schema.DefaultTimeout(20 * time.Minute), - Update: schema.DefaultTimeout(20 * time.Minute), Delete: schema.DefaultTimeout(20 * time.Minute), }, @@ -59,6 +56,7 @@ func ResourceAccessContextManagerServicePerimeterEgressPolicy() *schema.Resource "egress_from": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `Defines conditions on the source of a request causing this 'EgressPolicy' to apply.`, MaxItems: 1, Elem: &schema.Resource{ @@ -66,6 +64,7 @@ func ResourceAccessContextManagerServicePerimeterEgressPolicy() *schema.Resource "identities": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `A list of identities that are allowed access through this 'EgressPolicy'. Should be in the format of an email address. The email address should represent an individual user, service account, or Google group.`, @@ -76,6 +75,7 @@ represent an individual user, service account, or Google group.`, "identity_type": { Type: schema.TypeString, Optional: true, + ForceNew: true, ValidateFunc: verify.ValidateEnum([]string{"ANY_IDENTITY", "ANY_USER_ACCOUNT", "ANY_SERVICE_ACCOUNT", ""}), Description: `Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of 'identities' field will @@ -84,18 +84,21 @@ be allowed access. Possible values: ["ANY_IDENTITY", "ANY_USER_ACCOUNT", "ANY_SE "source_restriction": { Type: schema.TypeString, Optional: true, + ForceNew: true, ValidateFunc: verify.ValidateEnum([]string{"SOURCE_RESTRICTION_UNSPECIFIED", "SOURCE_RESTRICTION_ENABLED", "SOURCE_RESTRICTION_DISABLED", ""}), Description: `Whether to enforce traffic restrictions based on 'sources' field. If the 'sources' field is non-empty, then this field must be set to 'SOURCE_RESTRICTION_ENABLED'. Possible values: ["SOURCE_RESTRICTION_UNSPECIFIED", "SOURCE_RESTRICTION_ENABLED", "SOURCE_RESTRICTION_DISABLED"]`, }, "sources": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `Sources that this EgressPolicy authorizes access from.`, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "access_level": { Type: schema.TypeString, Optional: true, + ForceNew: true, Description: `An AccessLevel resource name that allows resources outside the ServicePerimeter to be accessed from the inside.`, }, }, @@ -107,6 +110,7 @@ be allowed access. Possible values: ["ANY_IDENTITY", "ANY_USER_ACCOUNT", "ANY_SE "egress_to": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `Defines the conditions on the 'ApiOperation' and destination resources that cause this 'EgressPolicy' to apply.`, MaxItems: 1, @@ -115,6 +119,7 @@ cause this 'EgressPolicy' to apply.`, "external_resources": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `A list of external resources that are allowed to be accessed. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed.`, @@ -125,6 +130,7 @@ s3://bucket/path). Currently '*' is not allowed.`, "operations": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `A list of 'ApiOperations' that this egress rule applies to. A request matches if it contains an operation/service in this list.`, Elem: &schema.Resource{ @@ -132,6 +138,7 @@ if it contains an operation/service in this list.`, "method_selectors": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `API methods or permissions to allow. Method or permission must belong to the service specified by 'serviceName' field. A single MethodSelector entry with '*' specified for the 'method' field will allow all methods @@ -141,6 +148,7 @@ AND permissions for the service specified in 'serviceName'.`, "method": { Type: schema.TypeString, Optional: true, + ForceNew: true, Description: `Value for 'method' should be a valid method name for the corresponding 'serviceName' in 'ApiOperation'. If '*' used as value for method, then ALL methods and permissions are allowed.`, @@ -148,6 +156,7 @@ then ALL methods and permissions are allowed.`, "permission": { Type: schema.TypeString, Optional: true, + ForceNew: true, Description: `Value for permission should be a valid Cloud IAM permission for the corresponding 'serviceName' in 'ApiOperation'.`, }, @@ -157,6 +166,7 @@ corresponding 'serviceName' in 'ApiOperation'.`, "service_name": { Type: schema.TypeString, Optional: true, + ForceNew: true, Description: `The name of the API whose methods or permissions the 'IngressPolicy' or 'EgressPolicy' want to allow. A single 'ApiOperation' with serviceName field set to '*' will allow all methods AND permissions for all services.`, @@ -167,6 +177,7 @@ field set to '*' will allow all methods AND permissions for all services.`, "resources": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `A list of resources, currently only projects in the form 'projects/', that match this to stanza. A request matches if it contains a resource in this list. If * is specified for resources, @@ -348,98 +359,6 @@ func resourceAccessContextManagerServicePerimeterEgressPolicyRead(d *schema.Reso return nil } -func resourceAccessContextManagerServicePerimeterEgressPolicyUpdate(d *schema.ResourceData, meta interface{}) error { - config := meta.(*transport_tpg.Config) - userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) - if err != nil { - return err - } - - billingProject := "" - - obj := make(map[string]interface{}) - egressFromProp, err := expandNestedAccessContextManagerServicePerimeterEgressPolicyEgressFrom(d.Get("egress_from"), d, config) - if err != nil { - return err - } else if v, ok := d.GetOkExists("egress_from"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, egressFromProp)) { - obj["egressFrom"] = egressFromProp - } - egressToProp, err := expandNestedAccessContextManagerServicePerimeterEgressPolicyEgressTo(d.Get("egress_to"), d, config) - if err != nil { - return err - } else if v, ok := d.GetOkExists("egress_to"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, egressToProp)) { - obj["egressTo"] = egressToProp - } - - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") - if err != nil { - return err - } - transport_tpg.MutexStore.Lock(lockName) - defer transport_tpg.MutexStore.Unlock(lockName) - - url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{perimeter}}") - if err != nil { - return err - } - - log.Printf("[DEBUG] Updating ServicePerimeterEgressPolicy %q: %#v", d.Id(), obj) - updateMask := []string{} - - if d.HasChange("egress_from") { - updateMask = append(updateMask, "egressFrom") - } - - if d.HasChange("egress_to") { - updateMask = append(updateMask, "egressTo") - } - // updateMask is a URL parameter but not present in the schema, so ReplaceVars - // won't set it - url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")}) - if err != nil { - return err - } - - obj, err = resourceAccessContextManagerServicePerimeterEgressPolicyPatchUpdateEncoder(d, meta, obj) - if err != nil { - return err - } - - // err == nil indicates that the billing_project value was found - if bp, err := tpgresource.GetBillingProject(d, config); err == nil { - billingProject = bp - } - - // if updateMask is empty we are not updating anything so skip the post - if len(updateMask) > 0 { - res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ - Config: config, - Method: "PUT", - Project: billingProject, - RawURL: url, - UserAgent: userAgent, - Body: obj, - Timeout: d.Timeout(schema.TimeoutUpdate), - }) - - if err != nil { - return fmt.Errorf("Error updating ServicePerimeterEgressPolicy %q: %s", d.Id(), err) - } else { - log.Printf("[DEBUG] Finished updating ServicePerimeterEgressPolicy %q: %#v", d.Id(), res) - } - - err = AccessContextManagerOperationWaitTime( - config, res, "Updating ServicePerimeterEgressPolicy", userAgent, - d.Timeout(schema.TimeoutUpdate)) - - if err != nil { - return err - } - } - - return resourceAccessContextManagerServicePerimeterEgressPolicyRead(d, meta) -} - func resourceAccessContextManagerServicePerimeterEgressPolicyDelete(d *schema.ResourceData, meta interface{}) error { config := meta.(*transport_tpg.Config) userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) @@ -934,42 +853,6 @@ func resourceAccessContextManagerServicePerimeterEgressPolicyPatchCreateEncoder( return res, nil } -// PatchUpdateEncoder handles creating request data to PATCH parent resource -// with list including updated object. -func resourceAccessContextManagerServicePerimeterEgressPolicyPatchUpdateEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { - items, err := resourceAccessContextManagerServicePerimeterEgressPolicyListForPatch(d, meta) - if err != nil { - return nil, err - } - - idx, item, err := resourceAccessContextManagerServicePerimeterEgressPolicyFindNestedObjectInList(d, meta, items) - if err != nil { - return nil, err - } - - // Return error if item to update does not exist. - if item == nil { - return nil, fmt.Errorf("Unable to update ServicePerimeterEgressPolicy %q - not found in list", d.Id()) - } - - // Merge new object into old. - for k, v := range obj { - item[k] = v - } - items[idx] = item - - // Return list with new item added - res := map[string]interface{}{ - "egressPolicies": items, - } - wrapped := map[string]interface{}{ - "status": res, - } - res = wrapped - - return res, nil -} - // PatchDeleteEncoder handles creating request data to PATCH parent resource // with list excluding object to delete. func resourceAccessContextManagerServicePerimeterEgressPolicyPatchDeleteEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { diff --git a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_ingress_policy.go b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_ingress_policy.go index c7ee8091a65..c337806813e 100644 --- a/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_ingress_policy.go +++ b/google/services/accesscontextmanager/resource_access_context_manager_service_perimeter_ingress_policy.go @@ -21,7 +21,6 @@ import ( "fmt" "log" "reflect" - "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -35,7 +34,6 @@ func ResourceAccessContextManagerServicePerimeterIngressPolicy() *schema.Resourc return &schema.Resource{ Create: resourceAccessContextManagerServicePerimeterIngressPolicyCreate, Read: resourceAccessContextManagerServicePerimeterIngressPolicyRead, - Update: resourceAccessContextManagerServicePerimeterIngressPolicyUpdate, Delete: resourceAccessContextManagerServicePerimeterIngressPolicyDelete, Importer: &schema.ResourceImporter{ @@ -44,7 +42,6 @@ func ResourceAccessContextManagerServicePerimeterIngressPolicy() *schema.Resourc Timeouts: &schema.ResourceTimeout{ Create: schema.DefaultTimeout(20 * time.Minute), - Update: schema.DefaultTimeout(20 * time.Minute), Delete: schema.DefaultTimeout(20 * time.Minute), }, @@ -59,6 +56,7 @@ func ResourceAccessContextManagerServicePerimeterIngressPolicy() *schema.Resourc "ingress_from": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `Defines the conditions on the source of a request causing this 'IngressPolicy' to apply.`, MaxItems: 1, @@ -67,6 +65,7 @@ to apply.`, "identities": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `A list of identities that are allowed access through this 'IngressPolicy'. Should be in the format of an email address. The email address should represent an individual user, service account, or Google group.`, @@ -77,6 +76,7 @@ an individual user, service account, or Google group.`, "identity_type": { Type: schema.TypeString, Optional: true, + ForceNew: true, ValidateFunc: verify.ValidateEnum([]string{"ANY_IDENTITY", "ANY_USER_ACCOUNT", "ANY_SERVICE_ACCOUNT", ""}), Description: `Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of 'identities' field will be @@ -85,12 +85,14 @@ allowed access. Possible values: ["ANY_IDENTITY", "ANY_USER_ACCOUNT", "ANY_SERVI "sources": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `Sources that this 'IngressPolicy' authorizes access from.`, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "access_level": { Type: schema.TypeString, Optional: true, + ForceNew: true, Description: `An 'AccessLevel' resource name that allow resources within the 'ServicePerimeters' to be accessed from the internet. 'AccessLevels' listed must be in the same policy as this 'ServicePerimeter'. Referencing a nonexistent @@ -103,6 +105,7 @@ If * is specified, then all IngressSources will be allowed.`, "resource": { Type: schema.TypeString, Optional: true, + ForceNew: true, Description: `A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects are allowed. Format 'projects/{project_number}' @@ -119,6 +122,7 @@ of allowing all Google Cloud resources only is not supported.`, "ingress_to": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `Defines the conditions on the 'ApiOperation' and request destination that cause this 'IngressPolicy' to apply.`, MaxItems: 1, @@ -127,6 +131,7 @@ this 'IngressPolicy' to apply.`, "operations": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `A list of 'ApiOperations' the sources specified in corresponding 'IngressFrom' are allowed to perform in this 'ServicePerimeter'.`, Elem: &schema.Resource{ @@ -134,6 +139,7 @@ are allowed to perform in this 'ServicePerimeter'.`, "method_selectors": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `API methods or permissions to allow. Method or permission must belong to the service specified by serviceName field. A single 'MethodSelector' entry with '*' specified for the method field will allow all methods AND @@ -143,6 +149,7 @@ permissions for the service specified in 'serviceName'.`, "method": { Type: schema.TypeString, Optional: true, + ForceNew: true, Description: `Value for method should be a valid method name for the corresponding serviceName in 'ApiOperation'. If '*' used as value for 'method', then ALL methods and permissions are allowed.`, @@ -150,6 +157,7 @@ ALL methods and permissions are allowed.`, "permission": { Type: schema.TypeString, Optional: true, + ForceNew: true, Description: `Value for permission should be a valid Cloud IAM permission for the corresponding 'serviceName' in 'ApiOperation'.`, }, @@ -159,6 +167,7 @@ corresponding 'serviceName' in 'ApiOperation'.`, "service_name": { Type: schema.TypeString, Optional: true, + ForceNew: true, Description: `The name of the API whose methods or permissions the 'IngressPolicy' or 'EgressPolicy' want to allow. A single 'ApiOperation' with 'serviceName' field set to '*' will allow all methods AND permissions for all services.`, @@ -169,6 +178,7 @@ field set to '*' will allow all methods AND permissions for all services.`, "resources": { Type: schema.TypeList, Optional: true, + ForceNew: true, Description: `A list of resources, currently only projects in the form 'projects/', protected by this 'ServicePerimeter' that are allowed to be accessed by sources defined in the @@ -353,98 +363,6 @@ func resourceAccessContextManagerServicePerimeterIngressPolicyRead(d *schema.Res return nil } -func resourceAccessContextManagerServicePerimeterIngressPolicyUpdate(d *schema.ResourceData, meta interface{}) error { - config := meta.(*transport_tpg.Config) - userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) - if err != nil { - return err - } - - billingProject := "" - - obj := make(map[string]interface{}) - ingressFromProp, err := expandNestedAccessContextManagerServicePerimeterIngressPolicyIngressFrom(d.Get("ingress_from"), d, config) - if err != nil { - return err - } else if v, ok := d.GetOkExists("ingress_from"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, ingressFromProp)) { - obj["ingressFrom"] = ingressFromProp - } - ingressToProp, err := expandNestedAccessContextManagerServicePerimeterIngressPolicyIngressTo(d.Get("ingress_to"), d, config) - if err != nil { - return err - } else if v, ok := d.GetOkExists("ingress_to"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, ingressToProp)) { - obj["ingressTo"] = ingressToProp - } - - lockName, err := tpgresource.ReplaceVars(d, config, "{{perimeter}}") - if err != nil { - return err - } - transport_tpg.MutexStore.Lock(lockName) - defer transport_tpg.MutexStore.Unlock(lockName) - - url, err := tpgresource.ReplaceVars(d, config, "{{AccessContextManagerBasePath}}{{perimeter}}") - if err != nil { - return err - } - - log.Printf("[DEBUG] Updating ServicePerimeterIngressPolicy %q: %#v", d.Id(), obj) - updateMask := []string{} - - if d.HasChange("ingress_from") { - updateMask = append(updateMask, "ingressFrom") - } - - if d.HasChange("ingress_to") { - updateMask = append(updateMask, "ingressTo") - } - // updateMask is a URL parameter but not present in the schema, so ReplaceVars - // won't set it - url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")}) - if err != nil { - return err - } - - obj, err = resourceAccessContextManagerServicePerimeterIngressPolicyPatchUpdateEncoder(d, meta, obj) - if err != nil { - return err - } - - // err == nil indicates that the billing_project value was found - if bp, err := tpgresource.GetBillingProject(d, config); err == nil { - billingProject = bp - } - - // if updateMask is empty we are not updating anything so skip the post - if len(updateMask) > 0 { - res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ - Config: config, - Method: "PUT", - Project: billingProject, - RawURL: url, - UserAgent: userAgent, - Body: obj, - Timeout: d.Timeout(schema.TimeoutUpdate), - }) - - if err != nil { - return fmt.Errorf("Error updating ServicePerimeterIngressPolicy %q: %s", d.Id(), err) - } else { - log.Printf("[DEBUG] Finished updating ServicePerimeterIngressPolicy %q: %#v", d.Id(), res) - } - - err = AccessContextManagerOperationWaitTime( - config, res, "Updating ServicePerimeterIngressPolicy", userAgent, - d.Timeout(schema.TimeoutUpdate)) - - if err != nil { - return err - } - } - - return resourceAccessContextManagerServicePerimeterIngressPolicyRead(d, meta) -} - func resourceAccessContextManagerServicePerimeterIngressPolicyDelete(d *schema.ResourceData, meta interface{}) error { config := meta.(*transport_tpg.Config) userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) @@ -921,42 +839,6 @@ func resourceAccessContextManagerServicePerimeterIngressPolicyPatchCreateEncoder return res, nil } -// PatchUpdateEncoder handles creating request data to PATCH parent resource -// with list including updated object. -func resourceAccessContextManagerServicePerimeterIngressPolicyPatchUpdateEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { - items, err := resourceAccessContextManagerServicePerimeterIngressPolicyListForPatch(d, meta) - if err != nil { - return nil, err - } - - idx, item, err := resourceAccessContextManagerServicePerimeterIngressPolicyFindNestedObjectInList(d, meta, items) - if err != nil { - return nil, err - } - - // Return error if item to update does not exist. - if item == nil { - return nil, fmt.Errorf("Unable to update ServicePerimeterIngressPolicy %q - not found in list", d.Id()) - } - - // Merge new object into old. - for k, v := range obj { - item[k] = v - } - items[idx] = item - - // Return list with new item added - res := map[string]interface{}{ - "ingressPolicies": items, - } - wrapped := map[string]interface{}{ - "status": res, - } - res = wrapped - - return res, nil -} - // PatchDeleteEncoder handles creating request data to PATCH parent resource // with list excluding object to delete. func resourceAccessContextManagerServicePerimeterIngressPolicyPatchDeleteEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) { diff --git a/google/services/bigquery/resource_bigquery_table.go b/google/services/bigquery/resource_bigquery_table.go index 8ed2de978da..0db6dc9bf06 100644 --- a/google/services/bigquery/resource_bigquery_table.go +++ b/google/services/bigquery/resource_bigquery_table.go @@ -624,6 +624,13 @@ func ResourceBigQueryTable() *schema.Resource { }, }, + "json_extension": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringInSlice([]string{"GEOJSON"}, false), + Description: `Load option to be used together with sourceFormat newline-delimited JSON to indicate that a variant of JSON is being loaded. To load newline-delimited GeoJSON, specify GEOJSON (and sourceFormat must be set to NEWLINE_DELIMITED_JSON).`, + }, + "parquet_options": { Type: schema.TypeList, Optional: true, @@ -1786,6 +1793,10 @@ func expandExternalDataConfiguration(cfg interface{}) (*bigquery.ExternalDataCon edc.Compression = v.(string) } + if v, ok := raw["json_extension"]; ok { + edc.JsonExtension = v.(string) + } + if v, ok := raw["csv_options"]; ok { edc.CsvOptions = expandCsvOptions(v) } @@ -1853,6 +1864,10 @@ func flattenExternalDataConfiguration(edc *bigquery.ExternalDataConfiguration) ( result["compression"] = edc.Compression } + if edc.JsonExtension != "" { + result["json_extension"] = edc.JsonExtension + } + if edc.CsvOptions != nil { result["csv_options"] = flattenCsvOptions(edc.CsvOptions) } diff --git a/google/services/bigquery/resource_bigquery_table_test.go b/google/services/bigquery/resource_bigquery_table_test.go index 6c4b87de8db..77d191c167e 100644 --- a/google/services/bigquery/resource_bigquery_table_test.go +++ b/google/services/bigquery/resource_bigquery_table_test.go @@ -2955,6 +2955,8 @@ resource "google_bigquery_table" "test" { encoding = "%s" } + json_extension = "GEOJSON" + hive_partitioning_options { mode = "CUSTOM" source_uri_prefix = "gs://${google_storage_bucket.test.name}/{key1:STRING}" diff --git a/google/services/cloudquotas/data_source_google_cloud_quotas_quota_infos.go b/google/services/cloudquotas/data_source_google_cloud_quotas_quota_infos.go new file mode 100644 index 00000000000..98bf12609bf --- /dev/null +++ b/google/services/cloudquotas/data_source_google_cloud_quotas_quota_infos.go @@ -0,0 +1,217 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 +package cloudquotas + +import ( + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-provider-google/google/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" +) + +func DataSourceGoogleCloudQuotasQuotaInfos() *schema.Resource { + return &schema.Resource{ + Read: dataSourceGoogleCloudQuotasQuotaInfosRead, + + Schema: map[string]*schema.Schema{ + "parent": { + Type: schema.TypeString, + Required: true, + }, + "service": { + Type: schema.TypeString, + Required: true, + }, + "quota_infos": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "service": { + Type: schema.TypeString, + Computed: true, + }, + "quota_id": { + Type: schema.TypeString, + Computed: true, + }, + "name": { + Type: schema.TypeString, + Computed: true, + }, + "metric": { + Type: schema.TypeString, + Computed: true, + }, + "is_precise": { + Type: schema.TypeBool, + Computed: true, + }, + "refresh_interval": { + Type: schema.TypeString, + Computed: true, + }, + "container_type": { + Type: schema.TypeString, + Computed: true, + }, + "dimensions": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "metric_display_name": { + Type: schema.TypeString, + Computed: true, + }, + "quota_display_name": { + Type: schema.TypeString, + Computed: true, + }, + "metric_unit": { + Type: schema.TypeString, + Computed: true, + }, + "quota_increase_eligibility": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "is_eligible": { + Type: schema.TypeBool, + Computed: true, + }, + "ineligibility_reason": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "is_fixed": { + Type: schema.TypeBool, + Computed: true, + }, + "dimensions_infos": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "dimensions": { + Type: schema.TypeMap, + Computed: true, + }, + "details": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "value": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "applicable_locations": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + }, + }, + }, + "is_concurrent": { + Type: schema.TypeBool, + Computed: true, + }, + "service_request_quota_uri": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + UseJSONNumber: true, + } +} + +func dataSourceGoogleCloudQuotasQuotaInfosRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + url, err := tpgresource.ReplaceVars(d, config, "{{CloudQuotasBasePath}}{{parent}}/locations/global/services/{{service}}/quotaInfos") + if err != nil { + return fmt.Errorf("error setting api endpoint") + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + RawURL: url, + UserAgent: userAgent, + }) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("CloudQuotasQuotaInfo %q", d.Id())) + } + + var quotaInfos []map[string]interface{} + for { + fetchedQuotaInfos := res["quotaInfos"].([]interface{}) + for _, rawQuotaInfo := range fetchedQuotaInfos { + quotaInfos = append(quotaInfos, flattenCloudQuotasQuotaInfo(rawQuotaInfo.(map[string]interface{}), d, config)) + } + + if res["nextPageToken"] == nil || res["nextPageToken"].(string) == "" { + break + } + url, err = tpgresource.ReplaceVars(d, config, "{{CloudQuotasBasePath}}{{parent}}/locations/global/services/{{service}}/quotaInfos?pageToken="+res["nextPageToken"].(string)) + if err != nil { + return fmt.Errorf("error setting api endpoint") + } + res, err = transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + RawURL: url, + UserAgent: userAgent, + }) + if err != nil { + return transport_tpg.HandleDataSourceNotFoundError(err, d, fmt.Sprintf("CloudQuotasQuotaInfo %q", d.Id()), url) + } + } + + if err := d.Set("quota_infos", quotaInfos); err != nil { + return fmt.Errorf("error reading quota infos : %s", err) + } + + d.SetId(url) + return nil +} + +func flattenCloudQuotasQuotaInfo(rawQuotaInfo map[string]interface{}, d *schema.ResourceData, config *transport_tpg.Config) map[string]interface{} { + quotaInfo := make(map[string]interface{}) + + quotaInfo["name"] = rawQuotaInfo["name"] + quotaInfo["quota_id"] = rawQuotaInfo["quotaId"] + quotaInfo["metric"] = rawQuotaInfo["metric"] + quotaInfo["service"] = rawQuotaInfo["service"] + quotaInfo["is_precise"] = rawQuotaInfo["isPrecise"] + quotaInfo["refresh_interval"] = rawQuotaInfo["refreshInterval"] + quotaInfo["container_type"] = rawQuotaInfo["containerType"] + quotaInfo["dimensions"] = rawQuotaInfo["dimensions"] + quotaInfo["metric_display_name"] = rawQuotaInfo["metricDisplayName"] + quotaInfo["quota_display_name"] = rawQuotaInfo["quotaDisplayName"] + quotaInfo["metric_unit"] = rawQuotaInfo["metricUnit"] + quotaInfo["quota_increase_eligibility"] = flattenCloudQuotasQuotaInfoQuotaIncreaseEligibility(rawQuotaInfo["quotaIncreaseEligibility"], d, config) + quotaInfo["is_fixed"] = rawQuotaInfo["isFixed"] + quotaInfo["dimensions_infos"] = flattenCloudQuotasQuotaInfoDimensionsInfos(rawQuotaInfo["dimensionsInfos"], d, config) + quotaInfo["is_concurrent"] = rawQuotaInfo["isConcurrent"] + quotaInfo["service_request_quota_uri"] = rawQuotaInfo["serviceRequestQuotaUri"] + + return quotaInfo +} diff --git a/google/services/cloudquotas/data_source_google_cloud_quotas_quota_infos_test.go b/google/services/cloudquotas/data_source_google_cloud_quotas_quota_infos_test.go new file mode 100644 index 00000000000..e7ad06be804 --- /dev/null +++ b/google/services/cloudquotas/data_source_google_cloud_quotas_quota_infos_test.go @@ -0,0 +1,53 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 +package cloudquotas_test + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-provider-google/google/acctest" + "github.com/hashicorp/terraform-provider-google/google/envvar" +) + +func TestAccDataSourceGoogleQuotaInfos_basic(t *testing.T) { + t.Parallel() + + resourceName := "data.google_cloud_quotas_quota_infos.my_quota_infos" + service := "compute.googleapis.com" + + context := map[string]interface{}{ + "project": envvar.GetTestProjectFromEnv(), + "service": service, + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccDataSourceGoogleQuotaInfos_basic(context), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet(resourceName, "quota_infos.0.name"), + resource.TestCheckResourceAttrSet(resourceName, "quota_infos.0.quota_id"), + resource.TestCheckResourceAttrSet(resourceName, "quota_infos.0.metric"), + resource.TestCheckResourceAttr(resourceName, "quota_infos.0.service", service), + resource.TestCheckResourceAttrSet(resourceName, "quota_infos.0.is_precise"), + resource.TestCheckResourceAttrSet(resourceName, "quota_infos.0.container_type"), + resource.TestCheckResourceAttrSet(resourceName, "quota_infos.0.quota_increase_eligibility.0.is_eligible"), + resource.TestCheckResourceAttrSet(resourceName, "quota_infos.0.dimensions_infos.0.details.0.value"), + resource.TestCheckResourceAttrSet(resourceName, "quota_infos.0.dimensions_infos.0.applicable_locations.0"), + ), + }, + }, + }) +} + +func testAccDataSourceGoogleQuotaInfos_basic(context map[string]interface{}) string { + return acctest.Nprintf(` + data "google_cloud_quotas_quota_infos" "my_quota_infos" { + parent = "projects/%{project}" + service = "%{service}" + } + `, context) +} diff --git a/google/services/cloudquotas/resource_cloud_quotas_quota_preference.go b/google/services/cloudquotas/resource_cloud_quotas_quota_preference.go new file mode 100644 index 00000000000..b756ff8c804 --- /dev/null +++ b/google/services/cloudquotas/resource_cloud_quotas_quota_preference.go @@ -0,0 +1,676 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package cloudquotas + +import ( + "fmt" + "log" + "reflect" + "strings" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/hashicorp/terraform-provider-google/google/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" + "github.com/hashicorp/terraform-provider-google/google/verify" +) + +func ResourceCloudQuotasQuotaPreference() *schema.Resource { + return &schema.Resource{ + Create: resourceCloudQuotasQuotaPreferenceCreate, + Read: resourceCloudQuotasQuotaPreferenceRead, + Update: resourceCloudQuotasQuotaPreferenceUpdate, + Delete: resourceCloudQuotasQuotaPreferenceDelete, + + Importer: &schema.ResourceImporter{ + State: resourceCloudQuotasQuotaPreferenceImport, + }, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(20 * time.Minute), + Update: schema.DefaultTimeout(20 * time.Minute), + Delete: schema.DefaultTimeout(20 * time.Minute), + }, + + Schema: map[string]*schema.Schema{ + "parent": { + Type: schema.TypeString, + Computed: true, + Optional: true, + ForceNew: true, + Description: `The parent of the quota preference. Allowed parents are "projects/[project-id / number]" or "folders/[folder-id / number]" or "organizations/[org-id / number]".`, + }, + "quota_config": { + Type: schema.TypeList, + Required: true, + Description: `The preferred quota configuration.`, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "preferred_value": { + Type: schema.TypeString, + Required: true, + Description: `The preferred value. Must be greater than or equal to -1. If set to -1, it means the value is "unlimited".`, + }, + "annotations": { + Type: schema.TypeMap, + Optional: true, + Description: `The annotations map for clients to store small amounts of arbitrary data. Do not put PII or other sensitive information here. See https://google.aip.dev/128#annotations. + +An object containing a list of "key: value" pairs. Example: '{ "name": "wrench", "mass": "1.3kg", "count": "3" }'.`, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "granted_value": { + Type: schema.TypeString, + Computed: true, + Description: `Granted quota value.`, + }, + "request_origin": { + Type: schema.TypeString, + Computed: true, + Description: `The origin of the quota preference request.`, + }, + "state_detail": { + Type: schema.TypeString, + Computed: true, + Description: `Optional details about the state of this quota preference.`, + }, + "trace_id": { + Type: schema.TypeString, + Computed: true, + Description: `The trace id that the Google Cloud uses to provision the requested quota. This trace id may be used by the client to contact Cloud support to track the state of a quota preference request. The trace id is only produced for increase requests and is unique for each request. The quota decrease requests do not have a trace id.`, + }, + }, + }, + }, + "quota_id": { + Type: schema.TypeString, + Computed: true, + Optional: true, + Description: `The id of the quota to which the quota preference is applied. A quota id is unique in the service. +Example: 'CPUS-per-project-region'.`, + }, + "service": { + Type: schema.TypeString, + Computed: true, + Optional: true, + Description: `The name of the service to which the quota preference is applied.`, + }, + "contact_email": { + Type: schema.TypeString, + Optional: true, + Description: `An email address that can be used for quota related communication between the Google Cloud and the user in case the Google Cloud needs further information to make a decision on whether the user preferred quota can be granted. + +The Google account for the email address must have quota update permission for the project, folder or organization this quota preference is for.`, + }, + "dimensions": { + Type: schema.TypeMap, + Computed: true, + Optional: true, + Description: `The dimensions that this quota preference applies to. The key of the map entry is the name of a dimension, such as "region", "zone", "network_id", and the value of the map entry is the dimension value. If a dimension is missing from the map of dimensions, the quota preference applies to all the dimension values except for those that have other quota preferences configured for the specific value. + +NOTE: QuotaPreferences can only be applied across all values of "user" and "resource" dimension. Do not set values for "user" or "resource" in the dimension map. + +Example: '{"provider": "Foo Inc"}' where "provider" is a service specific dimension.`, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "ignore_safety_checks": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: verify.ValidateEnum([]string{"QUOTA_SAFETY_CHECK_UNSPECIFIED", "QUOTA_DECREASE_BELOW_USAGE", "QUOTA_DECREASE_PERCENTAGE_TOO_HIGH", ""}), + Description: `The list of quota safety checks to be ignored. Default value: "QUOTA_SAFETY_CHECK_UNSPECIFIED" Possible values: ["QUOTA_SAFETY_CHECK_UNSPECIFIED", "QUOTA_DECREASE_BELOW_USAGE", "QUOTA_DECREASE_PERCENTAGE_TOO_HIGH"]`, + Default: "QUOTA_SAFETY_CHECK_UNSPECIFIED", + }, + "justification": { + Type: schema.TypeString, + Optional: true, + Description: `The reason / justification for this quota preference.`, + }, + "name": { + Type: schema.TypeString, + Computed: true, + Optional: true, + DiffSuppressFunc: tpgresource.CompareSelfLinkOrResourceName, + Description: `The resource name of the quota preference. Required except in the CREATE requests.`, + }, + "create_time": { + Type: schema.TypeString, + Computed: true, + Description: `Create time stamp. +A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.`, + }, + "etag": { + Type: schema.TypeString, + Computed: true, + Description: `The current etag of the quota preference. If an etag is provided on update and does not match the current server's etag of the quota preference, the request will be blocked and an ABORTED error will be returned. See https://google.aip.dev/134#etags for more details on etags.`, + }, + "reconciling": { + Type: schema.TypeBool, + Computed: true, + Description: `Is the quota preference pending Google Cloud approval and fulfillment.`, + }, + "update_time": { + Type: schema.TypeString, + Computed: true, + Description: `Update time stamp. +A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: '2014-10-02T15:01:23Z' and '2014-10-02T15:01:23.045123456Z'.`, + }, + }, + UseJSONNumber: true, + } +} + +func resourceCloudQuotasQuotaPreferenceCreate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + obj := make(map[string]interface{}) + nameProp, err := expandCloudQuotasQuotaPreferenceName(d.Get("name"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("name"); !tpgresource.IsEmptyValue(reflect.ValueOf(nameProp)) && (ok || !reflect.DeepEqual(v, nameProp)) { + obj["name"] = nameProp + } + serviceProp, err := expandCloudQuotasQuotaPreferenceService(d.Get("service"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("service"); !tpgresource.IsEmptyValue(reflect.ValueOf(serviceProp)) && (ok || !reflect.DeepEqual(v, serviceProp)) { + obj["service"] = serviceProp + } + quotaIdProp, err := expandCloudQuotasQuotaPreferenceQuotaId(d.Get("quota_id"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("quota_id"); !tpgresource.IsEmptyValue(reflect.ValueOf(quotaIdProp)) && (ok || !reflect.DeepEqual(v, quotaIdProp)) { + obj["quotaId"] = quotaIdProp + } + quotaConfigProp, err := expandCloudQuotasQuotaPreferenceQuotaConfig(d.Get("quota_config"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("quota_config"); !tpgresource.IsEmptyValue(reflect.ValueOf(quotaConfigProp)) && (ok || !reflect.DeepEqual(v, quotaConfigProp)) { + obj["quotaConfig"] = quotaConfigProp + } + dimensionsProp, err := expandCloudQuotasQuotaPreferenceDimensions(d.Get("dimensions"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("dimensions"); !tpgresource.IsEmptyValue(reflect.ValueOf(dimensionsProp)) && (ok || !reflect.DeepEqual(v, dimensionsProp)) { + obj["dimensions"] = dimensionsProp + } + justificationProp, err := expandCloudQuotasQuotaPreferenceJustification(d.Get("justification"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("justification"); !tpgresource.IsEmptyValue(reflect.ValueOf(justificationProp)) && (ok || !reflect.DeepEqual(v, justificationProp)) { + obj["justification"] = justificationProp + } + contactEmailProp, err := expandCloudQuotasQuotaPreferenceContactEmail(d.Get("contact_email"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("contact_email"); !tpgresource.IsEmptyValue(reflect.ValueOf(contactEmailProp)) && (ok || !reflect.DeepEqual(v, contactEmailProp)) { + obj["contactEmail"] = contactEmailProp + } + + url, err := tpgresource.ReplaceVars(d, config, "{{CloudQuotasBasePath}}{{parent}}/locations/global/quotaPreferences?quotaPreferenceId={{name}}&ignoreSafetyChecks={{ignore_safety_checks}}") + if err != nil { + return err + } + + log.Printf("[DEBUG] Creating new QuotaPreference: %#v", obj) + billingProject := "" + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "POST", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutCreate), + }) + if err != nil { + return fmt.Errorf("Error creating QuotaPreference: %s", err) + } + + // Store the ID now + id, err := tpgresource.ReplaceVars(d, config, "{{parent}}/locations/global/quotaPreferences/{{name}}") + if err != nil { + return fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + log.Printf("[DEBUG] Finished creating QuotaPreference %q: %#v", d.Id(), res) + + return resourceCloudQuotasQuotaPreferenceRead(d, meta) +} + +func resourceCloudQuotasQuotaPreferenceRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + url, err := tpgresource.ReplaceVars(d, config, "{{CloudQuotasBasePath}}{{parent}}/locations/global/quotaPreferences/{{name}}") + if err != nil { + return err + } + + billingProject := "" + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + }) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("CloudQuotasQuotaPreference %q", d.Id())) + } + + if err := d.Set("name", flattenCloudQuotasQuotaPreferenceName(res["name"], d, config)); err != nil { + return fmt.Errorf("Error reading QuotaPreference: %s", err) + } + if err := d.Set("service", flattenCloudQuotasQuotaPreferenceService(res["service"], d, config)); err != nil { + return fmt.Errorf("Error reading QuotaPreference: %s", err) + } + if err := d.Set("quota_id", flattenCloudQuotasQuotaPreferenceQuotaId(res["quotaId"], d, config)); err != nil { + return fmt.Errorf("Error reading QuotaPreference: %s", err) + } + if err := d.Set("quota_config", flattenCloudQuotasQuotaPreferenceQuotaConfig(res["quotaConfig"], d, config)); err != nil { + return fmt.Errorf("Error reading QuotaPreference: %s", err) + } + if err := d.Set("dimensions", flattenCloudQuotasQuotaPreferenceDimensions(res["dimensions"], d, config)); err != nil { + return fmt.Errorf("Error reading QuotaPreference: %s", err) + } + if err := d.Set("etag", flattenCloudQuotasQuotaPreferenceEtag(res["etag"], d, config)); err != nil { + return fmt.Errorf("Error reading QuotaPreference: %s", err) + } + if err := d.Set("create_time", flattenCloudQuotasQuotaPreferenceCreateTime(res["createTime"], d, config)); err != nil { + return fmt.Errorf("Error reading QuotaPreference: %s", err) + } + if err := d.Set("update_time", flattenCloudQuotasQuotaPreferenceUpdateTime(res["updateTime"], d, config)); err != nil { + return fmt.Errorf("Error reading QuotaPreference: %s", err) + } + if err := d.Set("reconciling", flattenCloudQuotasQuotaPreferenceReconciling(res["reconciling"], d, config)); err != nil { + return fmt.Errorf("Error reading QuotaPreference: %s", err) + } + + return nil +} + +func resourceCloudQuotasQuotaPreferenceUpdate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + billingProject := "" + + obj := make(map[string]interface{}) + nameProp, err := expandCloudQuotasQuotaPreferenceName(d.Get("name"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("name"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, nameProp)) { + obj["name"] = nameProp + } + serviceProp, err := expandCloudQuotasQuotaPreferenceService(d.Get("service"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("service"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, serviceProp)) { + obj["service"] = serviceProp + } + quotaIdProp, err := expandCloudQuotasQuotaPreferenceQuotaId(d.Get("quota_id"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("quota_id"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, quotaIdProp)) { + obj["quotaId"] = quotaIdProp + } + quotaConfigProp, err := expandCloudQuotasQuotaPreferenceQuotaConfig(d.Get("quota_config"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("quota_config"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, quotaConfigProp)) { + obj["quotaConfig"] = quotaConfigProp + } + dimensionsProp, err := expandCloudQuotasQuotaPreferenceDimensions(d.Get("dimensions"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("dimensions"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, dimensionsProp)) { + obj["dimensions"] = dimensionsProp + } + justificationProp, err := expandCloudQuotasQuotaPreferenceJustification(d.Get("justification"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("justification"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, justificationProp)) { + obj["justification"] = justificationProp + } + contactEmailProp, err := expandCloudQuotasQuotaPreferenceContactEmail(d.Get("contact_email"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("contact_email"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, contactEmailProp)) { + obj["contactEmail"] = contactEmailProp + } + + url, err := tpgresource.ReplaceVars(d, config, "{{CloudQuotasBasePath}}{{parent}}/locations/global/quotaPreferences/{{name}}?ignoreSafetyChecks={{ignore_safety_checks}}") + if err != nil { + return err + } + + log.Printf("[DEBUG] Updating QuotaPreference %q: %#v", d.Id(), obj) + updateMask := []string{} + + if d.HasChange("name") { + updateMask = append(updateMask, "name") + } + + if d.HasChange("service") { + updateMask = append(updateMask, "service") + } + + if d.HasChange("quota_id") { + updateMask = append(updateMask, "quotaId") + } + + if d.HasChange("quota_config") { + updateMask = append(updateMask, "quotaConfig") + } + + if d.HasChange("dimensions") { + updateMask = append(updateMask, "dimensions") + } + + if d.HasChange("justification") { + updateMask = append(updateMask, "justification") + } + + if d.HasChange("contact_email") { + updateMask = append(updateMask, "contactEmail") + } + // updateMask is a URL parameter but not present in the schema, so ReplaceVars + // won't set it + url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")}) + if err != nil { + return err + } + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + // if updateMask is empty we are not updating anything so skip the post + if len(updateMask) > 0 { + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "PATCH", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutUpdate), + }) + + if err != nil { + return fmt.Errorf("Error updating QuotaPreference %q: %s", d.Id(), err) + } else { + log.Printf("[DEBUG] Finished updating QuotaPreference %q: %#v", d.Id(), res) + } + + } + + return resourceCloudQuotasQuotaPreferenceRead(d, meta) +} + +func resourceCloudQuotasQuotaPreferenceDelete(d *schema.ResourceData, meta interface{}) error { + log.Printf("[WARNING] CloudQuotas QuotaPreference resources"+ + " cannot be deleted from Google Cloud. The resource %s will be removed from Terraform"+ + " state, but will still be present on Google Cloud.", d.Id()) + d.SetId("") + + return nil +} + +func resourceCloudQuotasQuotaPreferenceImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + config := meta.(*transport_tpg.Config) + if err := tpgresource.ParseImportId([]string{ + "^(?P.+)/locations/global/quotaPreferences/(?P[^/]+)$", + }, d, config); err != nil { + return nil, err + } + + // Replace import id for the resource id + id, err := tpgresource.ReplaceVars(d, config, "{{parent}}/locations/global/quotaPreferences/{{name}}") + if err != nil { + return nil, fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + return []*schema.ResourceData{d}, nil +} + +func flattenCloudQuotasQuotaPreferenceName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + if v == nil { + return v + } + return tpgresource.NameFromSelfLinkStateFunc(v) +} + +func flattenCloudQuotasQuotaPreferenceService(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceQuotaId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceQuotaConfig(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + if v == nil { + return nil + } + original := v.(map[string]interface{}) + if len(original) == 0 { + return nil + } + transformed := make(map[string]interface{}) + transformed["preferred_value"] = + flattenCloudQuotasQuotaPreferenceQuotaConfigPreferredValue(original["preferredValue"], d, config) + transformed["state_detail"] = + flattenCloudQuotasQuotaPreferenceQuotaConfigStateDetail(original["stateDetail"], d, config) + transformed["granted_value"] = + flattenCloudQuotasQuotaPreferenceQuotaConfigGrantedValue(original["grantedValue"], d, config) + transformed["trace_id"] = + flattenCloudQuotasQuotaPreferenceQuotaConfigTraceId(original["traceId"], d, config) + transformed["annotations"] = + flattenCloudQuotasQuotaPreferenceQuotaConfigAnnotations(original["annotations"], d, config) + transformed["request_origin"] = + flattenCloudQuotasQuotaPreferenceQuotaConfigRequestOrigin(original["requestOrigin"], d, config) + return []interface{}{transformed} +} +func flattenCloudQuotasQuotaPreferenceQuotaConfigPreferredValue(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceQuotaConfigStateDetail(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceQuotaConfigGrantedValue(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceQuotaConfigTraceId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceQuotaConfigAnnotations(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + // ignore read on this field + return d.Get("quota_config.0.annotations") +} + +func flattenCloudQuotasQuotaPreferenceQuotaConfigRequestOrigin(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceDimensions(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceEtag(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceCreateTime(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceUpdateTime(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenCloudQuotasQuotaPreferenceReconciling(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func expandCloudQuotasQuotaPreferenceName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return tpgresource.GetResourceNameFromSelfLink(v.(string)), nil +} + +func expandCloudQuotasQuotaPreferenceService(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandCloudQuotasQuotaPreferenceQuotaId(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandCloudQuotasQuotaPreferenceQuotaConfig(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + l := v.([]interface{}) + if len(l) == 0 || l[0] == nil { + return nil, nil + } + raw := l[0] + original := raw.(map[string]interface{}) + transformed := make(map[string]interface{}) + + transformedPreferredValue, err := expandCloudQuotasQuotaPreferenceQuotaConfigPreferredValue(original["preferred_value"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedPreferredValue); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["preferredValue"] = transformedPreferredValue + } + + transformedStateDetail, err := expandCloudQuotasQuotaPreferenceQuotaConfigStateDetail(original["state_detail"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedStateDetail); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["stateDetail"] = transformedStateDetail + } + + transformedGrantedValue, err := expandCloudQuotasQuotaPreferenceQuotaConfigGrantedValue(original["granted_value"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedGrantedValue); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["grantedValue"] = transformedGrantedValue + } + + transformedTraceId, err := expandCloudQuotasQuotaPreferenceQuotaConfigTraceId(original["trace_id"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedTraceId); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["traceId"] = transformedTraceId + } + + transformedAnnotations, err := expandCloudQuotasQuotaPreferenceQuotaConfigAnnotations(original["annotations"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedAnnotations); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["annotations"] = transformedAnnotations + } + + transformedRequestOrigin, err := expandCloudQuotasQuotaPreferenceQuotaConfigRequestOrigin(original["request_origin"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedRequestOrigin); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["requestOrigin"] = transformedRequestOrigin + } + + return transformed, nil +} + +func expandCloudQuotasQuotaPreferenceQuotaConfigPreferredValue(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandCloudQuotasQuotaPreferenceQuotaConfigStateDetail(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandCloudQuotasQuotaPreferenceQuotaConfigGrantedValue(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandCloudQuotasQuotaPreferenceQuotaConfigTraceId(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandCloudQuotasQuotaPreferenceQuotaConfigAnnotations(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (map[string]string, error) { + if v == nil { + return map[string]string{}, nil + } + m := make(map[string]string) + for k, val := range v.(map[string]interface{}) { + m[k] = val.(string) + } + return m, nil +} + +func expandCloudQuotasQuotaPreferenceQuotaConfigRequestOrigin(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandCloudQuotasQuotaPreferenceDimensions(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (map[string]string, error) { + if v == nil { + return map[string]string{}, nil + } + m := make(map[string]string) + for k, val := range v.(map[string]interface{}) { + m[k] = val.(string) + } + return m, nil +} + +func expandCloudQuotasQuotaPreferenceJustification(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandCloudQuotasQuotaPreferenceContactEmail(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} diff --git a/google/services/cloudquotas/resource_cloud_quotas_quota_preference_test.go b/google/services/cloudquotas/resource_cloud_quotas_quota_preference_test.go new file mode 100644 index 00000000000..1e278b188f3 --- /dev/null +++ b/google/services/cloudquotas/resource_cloud_quotas_quota_preference_test.go @@ -0,0 +1,182 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 +package cloudquotas_test + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/hashicorp/terraform-provider-google/google/acctest" + "github.com/hashicorp/terraform-provider-google/google/envvar" +) + +func TestAccCloudQuotasQuotaPreference_cloudquotasQuotaPreferenceBasicExample_update(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "org_id": envvar.GetTestOrgFromEnv(t), + "billing_account": envvar.GetTestBillingAccountFromEnv(t), + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + ExternalProviders: map[string]resource.ExternalProvider{ + "time": {}, + }, + Steps: []resource.TestStep{ + { + Config: testAccCloudQuotasQuotaPreference_cloudquotasQuotaPreferenceBasicExample_basic(context), + }, + { + ResourceName: "google_cloud_quotas_quota_preference.my_preference", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"parent", "quota_preference_id", "ignore_safety_checks", "contact_email"}, + }, + { + Config: testAccCloudQuotasQuotaPreference_cloudquotasQuotaPreferenceBasicExample_increaseQuota(context), + }, + { + ResourceName: "google_cloud_quotas_quota_preference.my_preference", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"parent", "quota_preference_id", "ignore_safety_checks", "contact_email", "justification", "quota_config.0.annotations"}, + }, + { + Config: testAccCloudQuotasQuotaPreference_cloudquotasQuotaPreferenceBasicExample_decreaseQuota(context), + }, + { + ResourceName: "google_cloud_quotas_quota_preference.my_preference", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"parent", "quota_preference_id", "ignore_safety_checks", "contact_email", "justification", "quota_config.0.annotations"}, + }, + }, + }) +} + +func testAccCloudQuotasQuotaPreference_cloudquotasQuotaPreferenceBasicExample_basic(context map[string]interface{}) string { + return acctest.Nprintf(` + resource "google_project" "new_project" { + project_id = "tf-test%{random_suffix}" + name = "tf-test%{random_suffix}" + org_id = "%{org_id}" + billing_account = "%{billing_account}" + } + + resource "google_project_service" "cloudquotas" { + project = google_project.new_project.project_id + service = "cloudquotas.googleapis.com" + } + + resource "google_project_service" "compute" { + project = google_project.new_project.project_id + service = "compute.googleapis.com" + depends_on = [google_project_service.cloudquotas] + } + + resource "google_project_service" "billing" { + project = google_project.new_project.project_id + service = "cloudbilling.googleapis.com" + depends_on = [google_project_service.compute] + } + + resource "time_sleep" "wait_120_seconds" { + create_duration = "120s" + depends_on = [google_project_service.billing] + } + + resource "google_cloud_quotas_quota_preference" "my_preference"{ + parent = "projects/${google_project.new_project.project_id}" + name = "compute_googleapis_com-CPUS-per-project_us-central1" + dimensions = { region = "us-central1" } + service = "compute.googleapis.com" + quota_id = "CPUS-per-project-region" + contact_email = "testuser@gmail.com" + quota_config { + preferred_value = 70 + } + ignore_safety_checks = "QUOTA_DECREASE_PERCENTAGE_TOO_HIGH" + depends_on = [ + time_sleep.wait_120_seconds + ] + } + `, context) +} + +func testAccCloudQuotasQuotaPreference_cloudquotasQuotaPreferenceBasicExample_increaseQuota(context map[string]interface{}) string { + return acctest.Nprintf(` + resource "google_project" "new_project" { + project_id = "tf-test%{random_suffix}" + name = "tf-test%{random_suffix}" + org_id = "%{org_id}" + billing_account = "%{billing_account}" + } + + resource "google_project_service" "cloudquotas" { + project = google_project.new_project.project_id + service = "cloudquotas.googleapis.com" + } + + resource "google_project_service" "compute" { + project = google_project.new_project.project_id + service = "compute.googleapis.com" + depends_on = [google_project_service.cloudquotas] + } + + resource "google_project_service" "billing" { + project = google_project.new_project.project_id + service = "cloudbilling.googleapis.com" + depends_on = [google_project_service.compute] + } + + resource "google_cloud_quotas_quota_preference" "my_preference"{ + contact_email = "testinguser2@google.com" + justification = "Ignore. Increase quota for Terraform testing." + quota_config { + preferred_value = 72 + annotations = { label = "terraform" } + } + depends_on = [google_project_service.billing] + } + `, context) +} + +func testAccCloudQuotasQuotaPreference_cloudquotasQuotaPreferenceBasicExample_decreaseQuota(context map[string]interface{}) string { + return acctest.Nprintf(` + resource "google_project" "new_project" { + project_id = "tf-test%{random_suffix}" + name = "tf-test%{random_suffix}" + org_id = "%{org_id}" + billing_account = "%{billing_account}" + } + + resource "google_project_service" "cloudquotas" { + project = google_project.new_project.project_id + service = "cloudquotas.googleapis.com" + } + + resource "google_project_service" "compute" { + project = google_project.new_project.project_id + service = "compute.googleapis.com" + depends_on = [google_project_service.cloudquotas] + } + + resource "google_project_service" "billing" { + project = google_project.new_project.project_id + service = "cloudbilling.googleapis.com" + depends_on = [google_project_service.compute] + } + + resource "google_cloud_quotas_quota_preference" "my_preference"{ + ignore_safety_checks = "QUOTA_DECREASE_PERCENTAGE_TOO_HIGH" + quota_config { + preferred_value = 65 + } + depends_on = [google_project_service.billing] + } + `, context) +} diff --git a/google/services/cloudrunv2/resource_cloud_run_v2_service.go b/google/services/cloudrunv2/resource_cloud_run_v2_service.go index 43353baf5a6..8f298dbd5de 100644 --- a/google/services/cloudrunv2/resource_cloud_run_v2_service.go +++ b/google/services/cloudrunv2/resource_cloud_run_v2_service.go @@ -301,6 +301,7 @@ is the value of container.ports[0].containerPort.`, Description: `List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on`, + MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "container_port": { @@ -597,7 +598,7 @@ A duration in seconds with up to nine fractional digits, ending with 's'. Exampl "gcs": { Type: schema.TypeList, Optional: true, - Description: `Represents a GCS Bucket mounted as a volume.`, + Description: `Cloud Storage bucket mounted as a volume using GCSFuse. This feature is only supported in the gen2 execution environment and requires launch-stage to be set to ALPHA or BETA.`, MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ diff --git a/google/services/cloudrunv2/resource_cloud_run_v2_service_test.go b/google/services/cloudrunv2/resource_cloud_run_v2_service_test.go index c4bf864a6dd..94a9baee024 100644 --- a/google/services/cloudrunv2/resource_cloud_run_v2_service_test.go +++ b/google/services/cloudrunv2/resource_cloud_run_v2_service_test.go @@ -110,7 +110,6 @@ resource "google_service_account" "service_account" { } `, context) } - func testAccCloudRunV2Service_cloudrunv2ServiceFullUpdate(context map[string]interface{}) string { return acctest.Nprintf(` resource "google_cloud_run_v2_service" "default" { @@ -209,7 +208,6 @@ resource "google_compute_network" "custom_test" { } `, context) } - func TestAccCloudRunV2Service_cloudrunv2ServiceTCPProbesUpdate(t *testing.T) { t.Parallel() diff --git a/google/services/composer/resource_composer_environment.go b/google/services/composer/resource_composer_environment.go index 0a5be2b96c1..90136fe66fb 100644 --- a/google/services/composer/resource_composer_environment.go +++ b/google/services/composer/resource_composer_environment.go @@ -6,6 +6,7 @@ import ( "context" "fmt" "log" + "net" "regexp" "strings" "time" @@ -2669,3 +2670,17 @@ func versionValidationCustomizeDiffFunc(ctx context.Context, d *schema.ResourceD } return nil } + +func validateComposerInternalIpv4CidrBlock(v any, k string) (warns []string, errs []error) { + cidr_range := v.(string) + _, ip_net, err := net.ParseCIDR(cidr_range) + if err != nil { + errs = append(errs, fmt.Errorf("Invalid CIDR range: %s", err)) + return + } + ones, _ := ip_net.Mask.Size() + if ones != 20 { + errs = append(errs, fmt.Errorf("Composer Internal IPv4 CIDR range must have size /20")) + } + return +} diff --git a/google/services/compute/resource_compute_disk.go b/google/services/compute/resource_compute_disk.go index ebee59abd95..8f4124f2b96 100644 --- a/google/services/compute/resource_compute_disk.go +++ b/google/services/compute/resource_compute_disk.go @@ -748,8 +748,8 @@ func computeDiskGuestOsFeaturesSchema() *schema.Resource { Type: schema.TypeString, Required: true, ForceNew: true, - ValidateFunc: verify.ValidateEnum([]string{"MULTI_IP_SUBNET", "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", "WINDOWS", "GVNIC", "SEV_LIVE_MIGRATABLE", "SEV_SNP_CAPABLE", "SUSPEND_RESUME_COMPATIBLE", "TDX_CAPABLE"}), - Description: `The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. Possible values: ["MULTI_IP_SUBNET", "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", "WINDOWS", "GVNIC", "SEV_LIVE_MIGRATABLE", "SEV_SNP_CAPABLE", "SUSPEND_RESUME_COMPATIBLE", "TDX_CAPABLE"]`, + ValidateFunc: verify.ValidateEnum([]string{"MULTI_IP_SUBNET", "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", "WINDOWS", "GVNIC", "SEV_LIVE_MIGRATABLE", "SEV_SNP_CAPABLE", "SUSPEND_RESUME_COMPATIBLE", "TDX_CAPABLE", "SEV_LIVE_MIGRATABLE_V2"}), + Description: `The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. Possible values: ["MULTI_IP_SUBNET", "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", "WINDOWS", "GVNIC", "SEV_LIVE_MIGRATABLE", "SEV_SNP_CAPABLE", "SUSPEND_RESUME_COMPATIBLE", "TDX_CAPABLE", "SEV_LIVE_MIGRATABLE_V2"]`, }, }, } diff --git a/google/services/compute/resource_compute_instance_group_manager.go b/google/services/compute/resource_compute_instance_group_manager.go index a394898a5ce..8eeff91ac58 100644 --- a/google/services/compute/resource_compute_instance_group_manager.go +++ b/google/services/compute/resource_compute_instance_group_manager.go @@ -454,6 +454,11 @@ func ResourceComputeInstanceGroupManager() *schema.Resource { Computed: true, Description: `A bit indicating whether this configuration has been applied to all managed instances in the group.`, }, + "current_revision": { + Type: schema.TypeString, + Computed: true, + Description: `Current all-instances configuration revision. This value is in RFC3339 text format.`, + }, }, }, }, @@ -471,7 +476,7 @@ func ResourceComputeInstanceGroupManager() *schema.Resource { "per_instance_configs": { Type: schema.TypeList, Computed: true, - Description: `Status of per-instance configs on the instance.`, + Description: `Status of per-instance configs on the instances.`, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "all_effective": { @@ -1473,7 +1478,8 @@ func flattenStatusVersionTarget(versionTarget *compute.InstanceGroupManagerStatu func flattenStatusAllInstancesConfig(allInstancesConfig *compute.InstanceGroupManagerStatusAllInstancesConfig) []map[string]interface{} { results := []map[string]interface{}{} data := map[string]interface{}{ - "effective": allInstancesConfig.Effective, + "effective": allInstancesConfig.Effective, + "current_revision": allInstancesConfig.CurrentRevision, } results = append(results, data) return results diff --git a/google/services/compute/resource_compute_region_backend_service.go b/google/services/compute/resource_compute_region_backend_service.go index 8ea256754e8..b24b6b3cd3a 100644 --- a/google/services/compute/resource_compute_region_backend_service.go +++ b/google/services/compute/resource_compute_region_backend_service.go @@ -896,6 +896,11 @@ failed request. Default is 30 seconds. Valid range is [1, 86400].`, Description: `Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.`, }, + "generated_id": { + Type: schema.TypeInt, + Computed: true, + Description: `The unique identifier for the resource. This identifier is defined by the server.`, + }, "project": { Type: schema.TypeString, Optional: true, @@ -1357,6 +1362,9 @@ func resourceComputeRegionBackendServiceRead(d *schema.ResourceData, meta interf if err := d.Set("health_checks", flattenComputeRegionBackendServiceHealthChecks(res["healthChecks"], d, config)); err != nil { return fmt.Errorf("Error reading RegionBackendService: %s", err) } + if err := d.Set("generated_id", flattenComputeRegionBackendServiceGeneratedId(res["id"], d, config)); err != nil { + return fmt.Errorf("Error reading RegionBackendService: %s", err) + } if err := d.Set("iap", flattenComputeRegionBackendServiceIap(res["iap"], d, config)); err != nil { return fmt.Errorf("Error reading RegionBackendService: %s", err) } @@ -2332,6 +2340,23 @@ func flattenComputeRegionBackendServiceHealthChecks(v interface{}, d *schema.Res return tpgresource.ConvertAndMapStringArr(v.([]interface{}), tpgresource.ConvertSelfLinkToV1) } +func flattenComputeRegionBackendServiceGeneratedId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + // Handles the string fixed64 format + if strVal, ok := v.(string); ok { + if intVal, err := tpgresource.StringToFixed64(strVal); err == nil { + return intVal + } + } + + // number values are represented as float64 + if floatVal, ok := v.(float64); ok { + intVal := int(floatVal) + return intVal + } + + return v // let terraform core handle it otherwise +} + func flattenComputeRegionBackendServiceIap(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { if v == nil { return nil diff --git a/google/services/compute/resource_compute_region_instance_group_manager.go b/google/services/compute/resource_compute_region_instance_group_manager.go index 5ee1d82c8f3..cb980262898 100644 --- a/google/services/compute/resource_compute_region_instance_group_manager.go +++ b/google/services/compute/resource_compute_region_instance_group_manager.go @@ -481,6 +481,11 @@ func ResourceComputeRegionInstanceGroupManager() *schema.Resource { Computed: true, Description: `A bit indicating whether this configuration has been applied to all managed instances in the group.`, }, + "current_revision": { + Type: schema.TypeString, + Computed: true, + Description: `Current all-instances configuration revision. This value is in RFC3339 text format.`, + }, }, }, }, @@ -498,7 +503,7 @@ func ResourceComputeRegionInstanceGroupManager() *schema.Resource { "per_instance_configs": { Type: schema.TypeList, Computed: true, - Description: `Status of per-instance configs on the instance.`, + Description: `Status of per-instance configs on the instances.`, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "all_effective": { diff --git a/google/services/dataflow/resource_dataflow_job_test.go b/google/services/dataflow/resource_dataflow_job_test.go index 7874edc8fbe..776a5e9b256 100644 --- a/google/services/dataflow/resource_dataflow_job_test.go +++ b/google/services/dataflow/resource_dataflow_job_test.go @@ -34,7 +34,7 @@ func TestAccDataflowJob_basic(t *testing.T) { randStr := acctest.RandString(t, 10) bucket := "tf-test-dataflow-gcs-" + randStr job := "tf-test-dataflow-job-" + randStr - zone := "us-central1-f" + zone := "us-east5-b" acctest.VcrTest(t, resource.TestCase{ PreCheck: func() { acctest.AccTestPreCheck(t) }, @@ -66,7 +66,7 @@ func TestAccDataflowJobSkipWait_basic(t *testing.T) { randStr := acctest.RandString(t, 10) bucket := "tf-test-dataflow-gcs-" + randStr job := "tf-test-dataflow-job-" + randStr - zone := "us-central1-f" + zone := "us-east5-b" acctest.VcrTest(t, resource.TestCase{ PreCheck: func() { acctest.AccTestPreCheck(t) }, @@ -263,7 +263,7 @@ func TestAccDataflowJob_withProviderDefaultLabels(t *testing.T) { randStr := acctest.RandString(t, 10) bucket := "tf-test-dataflow-gcs-" + randStr job := "tf-test-dataflow-job-" + randStr - zone := "us-central1-f" + zone := "us-east5-b" acctest.VcrTest(t, resource.TestCase{ PreCheck: func() { acctest.AccTestPreCheck(t) }, @@ -417,7 +417,7 @@ func TestAccDataflowJob_withKmsKey(t *testing.T) { crypto_key := "tf-test-dataflow-kms-key-" + randStr bucket := "tf-test-dataflow-gcs-" + randStr job := "tf-test-dataflow-job-" + randStr - zone := "us-central1-f" + zone := "us-east5-b" if acctest.BootstrapPSARole(t, "service-", "compute-system", "roles/cloudkms.cryptoKeyEncrypterDecrypter") { t.Fatal("Stopping the test because a role was added to the policy.") @@ -867,7 +867,7 @@ resource "google_storage_bucket" "temp" { resource "google_dataflow_job" "big_data" { name = "%s" - + zone = "%s" machine_type = "e2-standard-2" @@ -892,7 +892,7 @@ resource "google_storage_bucket" "temp" { resource "google_dataflow_job" "big_data" { name = "%s" - + zone = "%s" machine_type = "e2-standard-2" @@ -1026,7 +1026,7 @@ resource "google_project_iam_member" "dataflow-worker" { resource "google_dataflow_job" "big_data" { name = "%s" depends_on = [ - google_storage_bucket_iam_member.dataflow-gcs, + google_storage_bucket_iam_member.dataflow-gcs, google_project_iam_member.dataflow-worker ] @@ -1223,7 +1223,7 @@ resource "google_storage_bucket" "temp" { resource "google_dataflow_job" "big_data" { name = "%s" - + zone = "%s" machine_type = "e2-standard-2" diff --git a/google/services/dataproc/resource_dataproc_cluster_test.go b/google/services/dataproc/resource_dataproc_cluster_test.go index 1d7cbc8d140..64575012754 100644 --- a/google/services/dataproc/resource_dataproc_cluster_test.go +++ b/google/services/dataproc/resource_dataproc_cluster_test.go @@ -2125,7 +2125,7 @@ resource "google_dataproc_cluster" "with_endpoint_config" { } endpoint_config { - enable_http_port_access = "true" + enable_http_port_access = true } } } diff --git a/google/services/dataprocmetastore/resource_dataproc_metastore_service.go b/google/services/dataprocmetastore/resource_dataproc_metastore_service.go index 9ac2658f79b..e5184be32d9 100644 --- a/google/services/dataprocmetastore/resource_dataproc_metastore_service.go +++ b/google/services/dataprocmetastore/resource_dataproc_metastore_service.go @@ -333,6 +333,38 @@ There must be at least one IP address available in the subnet's primary range. T }, }, }, + "scheduled_backup": { + Type: schema.TypeList, + Optional: true, + Description: `The configuration of scheduled backup for the metastore service.`, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "backup_location": { + Type: schema.TypeString, + Required: true, + Description: `A Cloud Storage URI of a folder, in the format gs:///. A sub-folder containing backup files will be stored below it.`, + }, + "cron_schedule": { + Type: schema.TypeString, + Optional: true, + Description: `The scheduled interval in Cron format, see https://en.wikipedia.org/wiki/Cron The default is empty: scheduled backup is not enabled. Must be specified to enable scheduled backups.`, + }, + "enabled": { + Type: schema.TypeBool, + Computed: true, + Optional: true, + Description: `Defines whether the scheduled backup is enabled. The default value is false.`, + }, + "time_zone": { + Type: schema.TypeString, + Computed: true, + Optional: true, + Description: `Specifies the time zone to be used when interpreting cronSchedule. Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), e.g. America/Los_Angeles or Africa/Abidjan. If left unspecified, the default is UTC.`, + }, + }, + }, + }, "telemetry_config": { Type: schema.TypeList, Computed: true, @@ -445,6 +477,12 @@ func resourceDataprocMetastoreServiceCreate(d *schema.ResourceData, meta interfa } else if v, ok := d.GetOkExists("scaling_config"); !tpgresource.IsEmptyValue(reflect.ValueOf(scalingConfigProp)) && (ok || !reflect.DeepEqual(v, scalingConfigProp)) { obj["scalingConfig"] = scalingConfigProp } + scheduledBackupProp, err := expandDataprocMetastoreServiceScheduledBackup(d.Get("scheduled_backup"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("scheduled_backup"); !tpgresource.IsEmptyValue(reflect.ValueOf(scheduledBackupProp)) && (ok || !reflect.DeepEqual(v, scheduledBackupProp)) { + obj["scheduledBackup"] = scheduledBackupProp + } maintenanceWindowProp, err := expandDataprocMetastoreServiceMaintenanceWindow(d.Get("maintenance_window"), d, config) if err != nil { return err @@ -624,6 +662,9 @@ func resourceDataprocMetastoreServiceRead(d *schema.ResourceData, meta interface if err := d.Set("scaling_config", flattenDataprocMetastoreServiceScalingConfig(res["scalingConfig"], d, config)); err != nil { return fmt.Errorf("Error reading Service: %s", err) } + if err := d.Set("scheduled_backup", flattenDataprocMetastoreServiceScheduledBackup(res["scheduledBackup"], d, config)); err != nil { + return fmt.Errorf("Error reading Service: %s", err) + } if err := d.Set("maintenance_window", flattenDataprocMetastoreServiceMaintenanceWindow(res["maintenanceWindow"], d, config)); err != nil { return fmt.Errorf("Error reading Service: %s", err) } @@ -695,6 +736,12 @@ func resourceDataprocMetastoreServiceUpdate(d *schema.ResourceData, meta interfa } else if v, ok := d.GetOkExists("scaling_config"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, scalingConfigProp)) { obj["scalingConfig"] = scalingConfigProp } + scheduledBackupProp, err := expandDataprocMetastoreServiceScheduledBackup(d.Get("scheduled_backup"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("scheduled_backup"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, scheduledBackupProp)) { + obj["scheduledBackup"] = scheduledBackupProp + } maintenanceWindowProp, err := expandDataprocMetastoreServiceMaintenanceWindow(d.Get("maintenance_window"), d, config) if err != nil { return err @@ -752,6 +799,10 @@ func resourceDataprocMetastoreServiceUpdate(d *schema.ResourceData, meta interfa updateMask = append(updateMask, "scalingConfig") } + if d.HasChange("scheduled_backup") { + updateMask = append(updateMask, "scheduledBackup") + } + if d.HasChange("maintenance_window") { updateMask = append(updateMask, "maintenanceWindow") } @@ -973,6 +1024,41 @@ func flattenDataprocMetastoreServiceScalingConfigScalingFactor(v interface{}, d return v } +func flattenDataprocMetastoreServiceScheduledBackup(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + if v == nil { + return nil + } + original := v.(map[string]interface{}) + if len(original) == 0 { + return nil + } + transformed := make(map[string]interface{}) + transformed["enabled"] = + flattenDataprocMetastoreServiceScheduledBackupEnabled(original["enabled"], d, config) + transformed["cron_schedule"] = + flattenDataprocMetastoreServiceScheduledBackupCronSchedule(original["cronSchedule"], d, config) + transformed["time_zone"] = + flattenDataprocMetastoreServiceScheduledBackupTimeZone(original["timeZone"], d, config) + transformed["backup_location"] = + flattenDataprocMetastoreServiceScheduledBackupBackupLocation(original["backupLocation"], d, config) + return []interface{}{transformed} +} +func flattenDataprocMetastoreServiceScheduledBackupEnabled(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenDataprocMetastoreServiceScheduledBackupCronSchedule(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenDataprocMetastoreServiceScheduledBackupTimeZone(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenDataprocMetastoreServiceScheduledBackupBackupLocation(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + func flattenDataprocMetastoreServiceMaintenanceWindow(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { if v == nil { return nil @@ -1289,6 +1375,62 @@ func expandDataprocMetastoreServiceScalingConfigScalingFactor(v interface{}, d t return v, nil } +func expandDataprocMetastoreServiceScheduledBackup(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + l := v.([]interface{}) + if len(l) == 0 || l[0] == nil { + return nil, nil + } + raw := l[0] + original := raw.(map[string]interface{}) + transformed := make(map[string]interface{}) + + transformedEnabled, err := expandDataprocMetastoreServiceScheduledBackupEnabled(original["enabled"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedEnabled); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["enabled"] = transformedEnabled + } + + transformedCronSchedule, err := expandDataprocMetastoreServiceScheduledBackupCronSchedule(original["cron_schedule"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedCronSchedule); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["cronSchedule"] = transformedCronSchedule + } + + transformedTimeZone, err := expandDataprocMetastoreServiceScheduledBackupTimeZone(original["time_zone"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedTimeZone); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["timeZone"] = transformedTimeZone + } + + transformedBackupLocation, err := expandDataprocMetastoreServiceScheduledBackupBackupLocation(original["backup_location"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedBackupLocation); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["backupLocation"] = transformedBackupLocation + } + + return transformed, nil +} + +func expandDataprocMetastoreServiceScheduledBackupEnabled(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandDataprocMetastoreServiceScheduledBackupCronSchedule(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandDataprocMetastoreServiceScheduledBackupTimeZone(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandDataprocMetastoreServiceScheduledBackupBackupLocation(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + func expandDataprocMetastoreServiceMaintenanceWindow(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { l := v.([]interface{}) if len(l) == 0 || l[0] == nil { diff --git a/google/services/dataprocmetastore/resource_dataproc_metastore_service_generated_test.go b/google/services/dataprocmetastore/resource_dataproc_metastore_service_generated_test.go index 96ba6770f42..b783195d4b5 100644 --- a/google/services/dataprocmetastore/resource_dataproc_metastore_service_generated_test.go +++ b/google/services/dataprocmetastore/resource_dataproc_metastore_service_generated_test.go @@ -428,6 +428,67 @@ resource "google_dataproc_metastore_service" "dpms2_scaling_factor_lt1" { `, context) } +func TestAccDataprocMetastoreService_dataprocMetastoreServiceScheduledBackupExample(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + CheckDestroy: testAccCheckDataprocMetastoreServiceDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccDataprocMetastoreService_dataprocMetastoreServiceScheduledBackupExample(context), + }, + { + ResourceName: "google_dataproc_metastore_service.backup", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"service_id", "location", "labels", "terraform_labels"}, + }, + }, + }) +} + +func testAccDataprocMetastoreService_dataprocMetastoreServiceScheduledBackupExample(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_dataproc_metastore_service" "backup" { + service_id = "backup%{random_suffix}" + location = "us-central1" + port = 9080 + tier = "DEVELOPER" + + maintenance_window { + hour_of_day = 2 + day_of_week = "SUNDAY" + } + + hive_metastore_config { + version = "2.3.6" + } + + scheduled_backup { + enabled = true + cron_schedule = "0 0 * * *" + time_zone = "UTC" + backup_location = "gs://${google_storage_bucket.bucket.name}" + } + + labels = { + env = "test" + } +} + +resource "google_storage_bucket" "bucket" { + name = "backup%{random_suffix}" + location = "us-central1" +} +`, context) +} + func testAccCheckDataprocMetastoreServiceDestroyProducer(t *testing.T) func(s *terraform.State) error { return func(s *terraform.State) error { for name, rs := range s.RootModule().Resources { diff --git a/google/services/dataprocmetastore/resource_dataproc_metastore_service_test.go b/google/services/dataprocmetastore/resource_dataproc_metastore_service_test.go index 6916b31fb7c..0616f6da3ca 100644 --- a/google/services/dataprocmetastore/resource_dataproc_metastore_service_test.go +++ b/google/services/dataprocmetastore/resource_dataproc_metastore_service_test.go @@ -54,6 +54,34 @@ resource "google_dataproc_metastore_service" "my_metastore" { `, name, tier) } +func TestAccDataprocMetastoreService_dataprocMetastoreServiceScheduledBackupExampleUpdate(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + CheckDestroy: testAccCheckDataprocMetastoreServiceDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccDataprocMetastoreService_dataprocMetastoreServiceScheduledBackupExample(context), + }, + { + ResourceName: "google_dataproc_metastore_service.backup", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"service_id", "location", "labels", "terraform_labels"}, + }, + { + Config: testAccDataprocMetastoreService_dataprocMetastoreServiceScheduledBackupExampleUpdate(context), + }, + }, + }) +} + func TestAccDataprocMetastoreService_PrivateServiceConnect(t *testing.T) { t.Skip("Skipping due to https://github.com/hashicorp/terraform-provider-google/issues/13710") t.Parallel() @@ -105,3 +133,39 @@ resource "google_dataproc_metastore_service" "default" { } `, context) } + +func testAccDataprocMetastoreService_dataprocMetastoreServiceScheduledBackupExampleUpdate(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_dataproc_metastore_service" "backup" { + service_id = "tf-test-backup%{random_suffix}" + location = "us-central1" + port = 9080 + tier = "DEVELOPER" + + maintenance_window { + hour_of_day = 2 + day_of_week = "SUNDAY" + } + + hive_metastore_config { + version = "2.3.6" + } + + scheduled_backup { + enabled = true + cron_schedule = "0 0 * * 0" + time_zone = "America/Los_Angeles" + backup_location = "gs://${google_storage_bucket.bucket.name}" + } + + labels = { + env = "test" + } +} + +resource "google_storage_bucket" "bucket" { + name = "tf-test-backup%{random_suffix}" + location = "us-central1" +} +`, context) +} diff --git a/google/services/datastream/resource_datastream_private_connection_sweeper.go b/google/services/datastream/resource_datastream_private_connection_sweeper.go index 0333c3af63e..979ea34bdc8 100644 --- a/google/services/datastream/resource_datastream_private_connection_sweeper.go +++ b/google/services/datastream/resource_datastream_private_connection_sweeper.go @@ -1,20 +1,5 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: MPL-2.0 - -// ---------------------------------------------------------------------------- -// -// *** AUTO GENERATED CODE *** Type: MMv1 *** -// -// ---------------------------------------------------------------------------- -// -// This file is automatically generated by Magic Modules and manual -// changes will be clobbered when the file is regenerated. -// -// Please read more about how to change this file in -// .github/CONTRIBUTING.md. -// -// ---------------------------------------------------------------------------- - package datastream import ( @@ -118,7 +103,7 @@ func testSweepDatastreamPrivateConnection(region string) error { log.Printf("[INFO][SWEEPER_LOG] error preparing delete url: %s", err) return nil } - deleteUrl = deleteUrl + name + deleteUrl = deleteUrl + name + "?force=true" // Don't wait on operations as we may have a lot to delete _, err = transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ diff --git a/google/services/firebaseappcheck/resource_firebase_app_check_service_config_generated_test.go b/google/services/firebaseappcheck/resource_firebase_app_check_service_config_generated_test.go index 5d598ec47e9..95532d2d1d0 100644 --- a/google/services/firebaseappcheck/resource_firebase_app_check_service_config_generated_test.go +++ b/google/services/firebaseappcheck/resource_firebase_app_check_service_config_generated_test.go @@ -125,7 +125,7 @@ func TestAccFirebaseAppCheckServiceConfig_firebaseAppCheckServiceConfigUnenforce context := map[string]interface{}{ "project_id": envvar.GetTestProjectFromEnv(), - "service_id": "firebasedatabase.googleapis.com", + "service_id": "identitytoolkit.googleapis.com", "random_suffix": acctest.RandString(t, 10), } diff --git a/google/services/firebaseappcheck/resource_firebase_app_check_service_config_test.go b/google/services/firebaseappcheck/resource_firebase_app_check_service_config_test.go index e13c42217fb..8341f7be70f 100644 --- a/google/services/firebaseappcheck/resource_firebase_app_check_service_config_test.go +++ b/google/services/firebaseappcheck/resource_firebase_app_check_service_config_test.go @@ -1,57 +1,5 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: MPL-2.0 +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 package firebaseappcheck_test - -import ( - "testing" - - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" - - "github.com/hashicorp/terraform-provider-google/google/acctest" - "github.com/hashicorp/terraform-provider-google/google/envvar" -) - -func TestAccFirebaseAppCheckServiceConfig_firebaseAppCheckServiceConfigUpdate(t *testing.T) { - t.Parallel() - - context := map[string]interface{}{ - "project_id": envvar.GetTestProjectFromEnv(), - "service_id": "identitytoolkit.googleapis.com", - "random_suffix": acctest.RandString(t, 10), - } - - acctest.VcrTest(t, resource.TestCase{ - PreCheck: func() { acctest.AccTestPreCheck(t) }, - ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), - CheckDestroy: testAccCheckFirebaseAppCheckServiceConfigDestroyProducer(t), - Steps: []resource.TestStep{ - { - Config: testAccFirebaseAppCheckServiceConfig_firebaseAppCheckServiceConfigUnenforcedExample(context), - }, - { - ResourceName: "google_firebase_app_check_service_config.default", - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"service_id"}, - }, - { - Config: testAccFirebaseAppCheckServiceConfig_firebaseAppCheckServiceConfigOffExample(context), - }, - { - ResourceName: "google_firebase_app_check_service_config.default", - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"service_id"}, - }, - { - Config: testAccFirebaseAppCheckServiceConfig_firebaseAppCheckServiceConfigEnforcedExample(context), - }, - { - ResourceName: "google_firebase_app_check_service_config.default", - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"service_id"}, - }, - }, - }) -} diff --git a/google/services/firestore/resource_firestore_index_generated_test.go b/google/services/firestore/resource_firestore_index_generated_test.go index e1c1bfe348e..3a616b8a9b0 100644 --- a/google/services/firestore/resource_firestore_index_generated_test.go +++ b/google/services/firestore/resource_firestore_index_generated_test.go @@ -35,7 +35,7 @@ func TestAccFirestoreIndex_firestoreIndexBasicExample(t *testing.T) { t.Parallel() context := map[string]interface{}{ - "org_id": envvar.GetTestOrgFromEnv(t), + "project_id": envvar.GetTestProjectFromEnv(), "random_suffix": acctest.RandString(t, 10), } @@ -63,48 +63,20 @@ func TestAccFirestoreIndex_firestoreIndexBasicExample(t *testing.T) { func testAccFirestoreIndex_firestoreIndexBasicExample(context map[string]interface{}) string { return acctest.Nprintf(` -resource "google_project" "project" { - project_id = "tf-test-project-id%{random_suffix}" - name = "tf-test-project-id%{random_suffix}" - org_id = "%{org_id}" -} - -resource "time_sleep" "wait_60_seconds" { - depends_on = [google_project.project] - - create_duration = "60s" -} - -resource "google_project_service" "firestore" { - project = google_project.project.project_id - service = "firestore.googleapis.com" - - # Needed for CI tests for permissions to propagate, should not be needed for actual usage - depends_on = [time_sleep.wait_60_seconds] -} - resource "google_firestore_database" "database" { - project = google_project.project.project_id - name = "(default)" + project = "%{project_id}" + name = "tf-test-database-id%{random_suffix}" location_id = "nam5" type = "FIRESTORE_NATIVE" - depends_on = [google_project_service.firestore] -} - -# Creating a document also creates its collection -resource "google_firestore_document" "document" { - project = google_project.project.project_id - database = google_firestore_database.database.name - collection = "somenewcollection" - document_id = "" - fields = "{\"something\":{\"mapValue\":{\"fields\":{\"akey\":{\"stringValue\":\"avalue\"}}}}}" + delete_protection_state = "DELETE_PROTECTION_DISABLED" + deletion_policy = "DELETE" } resource "google_firestore_index" "my-index" { - project = google_project.project.project_id + project = "%{project_id}" database = google_firestore_database.database.name - collection = google_firestore_document.document.collection + collection = "atestcollection" fields { field_path = "name" @@ -115,7 +87,6 @@ resource "google_firestore_index" "my-index" { field_path = "description" order = "DESCENDING" } - } `, context) } @@ -124,7 +95,7 @@ func TestAccFirestoreIndex_firestoreIndexDatastoreModeExample(t *testing.T) { t.Parallel() context := map[string]interface{}{ - "project_id": envvar.GetTestFirestoreProjectFromEnv(t), + "project_id": envvar.GetTestProjectFromEnv(), "random_suffix": acctest.RandString(t, 10), } @@ -148,10 +119,20 @@ func TestAccFirestoreIndex_firestoreIndexDatastoreModeExample(t *testing.T) { func testAccFirestoreIndex_firestoreIndexDatastoreModeExample(context map[string]interface{}) string { return acctest.Nprintf(` +resource "google_firestore_database" "database" { + project = "%{project_id}" + name = "tf-test-database-id-dm%{random_suffix}" + location_id = "nam5" + type = "DATASTORE_MODE" + + delete_protection_state = "DELETE_PROTECTION_DISABLED" + deletion_policy = "DELETE" +} + resource "google_firestore_index" "my-index" { - project = "%{project_id}" - database = "(default)" - collection = "chatrooms" + project = "%{project_id}" + database = google_firestore_database.database.name + collection = "atestcollection" query_scope = "COLLECTION_RECURSIVE" api_scope = "DATASTORE_MODE_API" diff --git a/google/services/iambeta/data_source_iam_beta_workload_identity_pool.go b/google/services/iambeta/data_source_iam_workload_identity_pool.go similarity index 100% rename from google/services/iambeta/data_source_iam_beta_workload_identity_pool.go rename to google/services/iambeta/data_source_iam_workload_identity_pool.go diff --git a/google/services/iambeta/data_source_iam_beta_workload_identity_pool_provider.go b/google/services/iambeta/data_source_iam_workload_identity_pool_provider.go similarity index 100% rename from google/services/iambeta/data_source_iam_beta_workload_identity_pool_provider.go rename to google/services/iambeta/data_source_iam_workload_identity_pool_provider.go diff --git a/google/services/iambeta/data_source_iam_beta_workload_identity_pool_provider_test.go b/google/services/iambeta/data_source_iam_workload_identity_pool_provider_test.go similarity index 100% rename from google/services/iambeta/data_source_iam_beta_workload_identity_pool_provider_test.go rename to google/services/iambeta/data_source_iam_workload_identity_pool_provider_test.go diff --git a/google/services/iambeta/data_source_iam_beta_workload_identity_pool_test.go b/google/services/iambeta/data_source_iam_workload_identity_pool_test.go similarity index 100% rename from google/services/iambeta/data_source_iam_beta_workload_identity_pool_test.go rename to google/services/iambeta/data_source_iam_workload_identity_pool_test.go diff --git a/google/services/iambeta/resource_iam_beta_workload_identity_pool_id_test.go b/google/services/iambeta/resource_iam_workload_identity_pool_id_test.go similarity index 100% rename from google/services/iambeta/resource_iam_beta_workload_identity_pool_id_test.go rename to google/services/iambeta/resource_iam_workload_identity_pool_id_test.go diff --git a/google/services/iambeta/resource_iam_beta_workload_identity_pool_provider_id_test.go b/google/services/iambeta/resource_iam_workload_identity_pool_provider_id_test.go similarity index 100% rename from google/services/iambeta/resource_iam_beta_workload_identity_pool_provider_id_test.go rename to google/services/iambeta/resource_iam_workload_identity_pool_provider_id_test.go diff --git a/google/services/integrations/resource_integrations_client.go b/google/services/integrations/resource_integrations_client.go new file mode 100644 index 00000000000..fb201aecaf1 --- /dev/null +++ b/google/services/integrations/resource_integrations_client.go @@ -0,0 +1,287 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package integrations + +import ( + "fmt" + "log" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/hashicorp/terraform-provider-google/google/tpgresource" + transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" +) + +func ResourceIntegrationsClient() *schema.Resource { + return &schema.Resource{ + Create: resourceIntegrationsClientCreate, + Read: resourceIntegrationsClientRead, + Delete: resourceIntegrationsClientDelete, + + Importer: &schema.ResourceImporter{ + State: resourceIntegrationsClientImport, + }, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(20 * time.Minute), + Delete: schema.DefaultTimeout(20 * time.Minute), + }, + + CustomizeDiff: customdiff.All( + tpgresource.DefaultProviderProject, + ), + + Schema: map[string]*schema.Schema{ + "location": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: `Location in which client needs to be provisioned.`, + }, + "cloud_kms_config": { + Type: schema.TypeList, + Optional: true, + ForceNew: true, + Description: `Cloud KMS config for AuthModule to encrypt/decrypt credentials.`, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "key": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: `A Cloud KMS key is a named object containing one or more key versions, along +with metadata for the key. A key exists on exactly one key ring tied to a +specific location.`, + }, + "kms_location": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: `Location name of the key ring, e.g. "us-west1".`, + }, + "kms_ring": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: `A key ring organizes keys in a specific Google Cloud location and allows you to +manage access control on groups of keys. A key ring's name does not need to be +unique across a Google Cloud project, but must be unique within a given location.`, + }, + "key_version": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Description: `Each version of a key contains key material used for encryption or signing. +A key's version is represented by an integer, starting at 1. To decrypt data +or verify a signature, you must use the same key version that was used to +encrypt or sign the data.`, + }, + "kms_project_id": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Description: `The Google Cloud project id of the project where the kms key stored. If empty, +the kms key is stored at the same project as customer's project and ecrypted +with CMEK, otherwise, the kms key is stored in the tenant project and +encrypted with GMEK.`, + }, + }, + }, + }, + "create_sample_workflows": { + Type: schema.TypeBool, + Optional: true, + ForceNew: true, + Description: `Indicates if sample workflow should be created along with provisioning.`, + }, + "provision_gmek": { + Type: schema.TypeBool, + Optional: true, + ForceNew: true, + Description: `Indicates provision with GMEK or CMEK.`, + }, + "run_as_service_account": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Description: `User input run-as service account, if empty, will bring up a new default service account.`, + }, + "project": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, + }, + UseJSONNumber: true, + } +} + +func resourceIntegrationsClientCreate(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + obj := make(map[string]interface{}) + + lockName, err := tpgresource.ReplaceVars(d, config, "Client/{{location}}") + if err != nil { + return err + } + transport_tpg.MutexStore.Lock(lockName) + defer transport_tpg.MutexStore.Unlock(lockName) + + url, err := tpgresource.ReplaceVars(d, config, "{{IntegrationsBasePath}}projects/{{project}}/locations/{{location}}/clients:provision") + if err != nil { + return err + } + + log.Printf("[DEBUG] Creating new Client: %#v", obj) + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for Client: %s", err) + } + billingProject = project + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "POST", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + Body: obj, + Timeout: d.Timeout(schema.TimeoutCreate), + }) + if err != nil { + return fmt.Errorf("Error creating Client: %s", err) + } + + // Store the ID now + id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/locations/{{location}}/clients") + if err != nil { + return fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + log.Printf("[DEBUG] Finished creating Client %q: %#v", d.Id(), res) + + return resourceIntegrationsClientRead(d, meta) +} + +func resourceIntegrationsClientRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*transport_tpg.Config) + userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) + if err != nil { + return err + } + + url, err := tpgresource.ReplaceVars(d, config, "{{IntegrationsBasePath}}projects/{{project}}/locations/{{location}}/clients") + if err != nil { + return err + } + + billingProject := "" + + project, err := tpgresource.GetProject(d, config) + if err != nil { + return fmt.Errorf("Error fetching project for Client: %s", err) + } + billingProject = project + + // err == nil indicates that the billing_project value was found + if bp, err := tpgresource.GetBillingProject(d, config); err == nil { + billingProject = bp + } + + res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ + Config: config, + Method: "GET", + Project: billingProject, + RawURL: url, + UserAgent: userAgent, + }) + if err != nil { + return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("IntegrationsClient %q", d.Id())) + } + + res, err = resourceIntegrationsClientDecoder(d, meta, res) + if err != nil { + return err + } + + if res == nil { + // Decoding the object has resulted in it being gone. It may be marked deleted + log.Printf("[DEBUG] Removing IntegrationsClient because it no longer exists.") + d.SetId("") + return nil + } + + if err := d.Set("project", project); err != nil { + return fmt.Errorf("Error reading Client: %s", err) + } + + return nil +} + +func resourceIntegrationsClientDelete(d *schema.ResourceData, meta interface{}) error { + log.Printf("[WARNING] Integrations Client resources"+ + " cannot be deleted from Google Cloud. The resource %s will be removed from Terraform"+ + " state, but will still be present on Google Cloud.", d.Id()) + d.SetId("") + + return nil +} + +func resourceIntegrationsClientImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + config := meta.(*transport_tpg.Config) + if err := tpgresource.ParseImportId([]string{ + "^projects/(?P[^/]+)/locations/(?P[^/]+)/clients$", + "^(?P[^/]+)/(?P[^/]+)$", + "^(?P[^/]+)$", + }, d, config); err != nil { + return nil, err + } + + // Replace import id for the resource id + id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/locations/{{location}}/clients") + if err != nil { + return nil, fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + + return []*schema.ResourceData{d}, nil +} + +func resourceIntegrationsClientDecoder(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) { + // Since Client resource doesnt have any properties, + // Adding this decoder as placeholder else the linter will + // complain that the returned `res` is never used afterwards. + return res, nil +} diff --git a/google/services/integrations/resource_integrations_client_generated_test.go b/google/services/integrations/resource_integrations_client_generated_test.go new file mode 100644 index 00000000000..11dbd70dfa9 --- /dev/null +++ b/google/services/integrations/resource_integrations_client_generated_test.go @@ -0,0 +1,122 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package integrations_test + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + "github.com/hashicorp/terraform-provider-google/google/acctest" +) + +func TestAccIntegrationsClient_integrationsClientBasicExample(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccIntegrationsClient_integrationsClientBasicExample(context), + }, + { + ResourceName: "google_integrations_client.example", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"cloud_kms_config", "create_sample_workflows", "provision_gmek", "run_as_service_account", "location"}, + }, + }, + }) +} + +func testAccIntegrationsClient_integrationsClientBasicExample(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_integrations_client" "example" { + location = "us-central1" +} +`, context) +} + +func TestAccIntegrationsClient_integrationsClientAdvanceExample(t *testing.T) { + acctest.SkipIfVcr(t) + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccIntegrationsClient_integrationsClientAdvanceExample(context), + }, + { + ResourceName: "google_integrations_client.example", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"cloud_kms_config", "create_sample_workflows", "provision_gmek", "run_as_service_account", "location"}, + }, + }, + }) +} + +func testAccIntegrationsClient_integrationsClientAdvanceExample(context map[string]interface{}) string { + return acctest.Nprintf(` +data "google_project" "test_project" { +} + +resource "google_kms_key_ring" "keyring" { + name = "tf-test-my-keyring%{random_suffix}" + location = "us-central1" +} + +resource "google_kms_crypto_key" "cryptokey" { + name = "crypto-key-example" + key_ring = google_kms_key_ring.keyring.id + rotation_period = "7776000s" + depends_on = [google_kms_key_ring.keyring] +} + +resource "google_kms_crypto_key_version" "test_key" { + crypto_key = google_kms_crypto_key.cryptokey.id + depends_on = [google_kms_crypto_key.cryptokey] +} + +resource "google_integrations_client" "example" { + location = "us-central1" + create_sample_workflows = true + provision_gmek = true + run_as_service_account = "radndom-service-account" + cloud_kms_config { + kms_location = "us-central1" + kms_ring = google_kms_key_ring.keyring.id + key = google_kms_crypto_key.cryptokey.id + key_version = google_kms_crypto_key_version.test_key.id + kms_project_id = data.google_project.test_project.id + } + depends_on = [google_kms_crypto_key_version.test_key] +} +`, context) +} diff --git a/google/services/monitoring/resource_monitoring_alert_policy.go b/google/services/monitoring/resource_monitoring_alert_policy.go index 065aaef446d..ee7b7cd489e 100644 --- a/google/services/monitoring/resource_monitoring_alert_policy.go +++ b/google/services/monitoring/resource_monitoring_alert_policy.go @@ -890,9 +890,10 @@ This limit is not implemented for alert policies that are not log-based.`, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "period": { - Type: schema.TypeString, - Optional: true, - Description: `Not more than one notification per period.`, + Type: schema.TypeString, + Optional: true, + Description: `Not more than one notification per period. +A duration in seconds with up to nine fractional digits, terminated by 's'. Example "60.5s".`, }, }, }, diff --git a/google/services/netapp/resource_netapp_kmsconfig_test.go b/google/services/netapp/resource_netapp_kmsconfig_test.go index 79b6e5da7a8..2bc16a00653 100644 --- a/google/services/netapp/resource_netapp_kmsconfig_test.go +++ b/google/services/netapp/resource_netapp_kmsconfig_test.go @@ -3,20 +3,6 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: MPL-2.0 -// ---------------------------------------------------------------------------- -// -// *** AUTO GENERATED CODE *** Type: MMv1 *** -// -// ---------------------------------------------------------------------------- -// -// This file is automatically generated by Magic Modules and manual -// changes will be clobbered when the file is regenerated. -// -// Please read more about how to change this file in -// .github/CONTRIBUTING.md. -// -// ---------------------------------------------------------------------------- - package netapp_test import ( @@ -65,7 +51,7 @@ func testAccNetappkmsconfig_kmsConfigCreateExample_Full(context map[string]inter return acctest.Nprintf(` resource "google_kms_key_ring" "keyring" { name = "tf-test-key-ring%{random_suffix}" - location = "us-central1" + location = "us-east4" } resource "google_kms_crypto_key" "crypto_key" { @@ -77,7 +63,7 @@ func testAccNetappkmsconfig_kmsConfigCreateExample_Full(context map[string]inter name = "tf-test-kms-test%{random_suffix}" description="this is a test description" crypto_key_name=google_kms_crypto_key.crypto_key.id - location="us-central1" + location="us-east4" } `, context) } @@ -86,7 +72,7 @@ func testAccNetappkmsconfig_kmsConfigCreateExample_Update(context map[string]int return acctest.Nprintf(` resource "google_kms_key_ring" "keyring" { name = "tf-test-key-ring%{random_suffix}" - location = "us-central1" + location = "us-east4" } resource "google_kms_crypto_key" "crypto_key" { @@ -98,7 +84,7 @@ func testAccNetappkmsconfig_kmsConfigCreateExample_Update(context map[string]int name = "tf-test-kms-test%{random_suffix}" description="kmsconfig update" crypto_key_name=google_kms_crypto_key.crypto_key.id - location="us-central1" + location="us-east4" labels = { "foo": "bar", } diff --git a/google/services/pubsub/resource_pubsub_topic.go b/google/services/pubsub/resource_pubsub_topic.go index 20f4d8b2fe6..24a5191576f 100644 --- a/google/services/pubsub/resource_pubsub_topic.go +++ b/google/services/pubsub/resource_pubsub_topic.go @@ -62,6 +62,53 @@ func ResourcePubsubTopic() *schema.Resource { DiffSuppressFunc: tpgresource.CompareSelfLinkOrResourceName, Description: `Name of the topic.`, }, + "ingestion_data_source_settings": { + Type: schema.TypeList, + Optional: true, + Description: `Settings for ingestion from a data source into this topic.`, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "aws_kinesis": { + Type: schema.TypeList, + Optional: true, + Description: `Settings for ingestion from Amazon Kinesis Data Streams.`, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "aws_role_arn": { + Type: schema.TypeString, + Required: true, + Description: `AWS role ARN to be used for Federated Identity authentication with +Kinesis. Check the Pub/Sub docs for how to set up this role and the +required permissions that need to be attached to it.`, + }, + "consumer_arn": { + Type: schema.TypeString, + Required: true, + Description: `The Kinesis consumer ARN to used for ingestion in +Enhanced Fan-Out mode. The consumer must be already +created and ready to be used.`, + }, + "gcp_service_account": { + Type: schema.TypeString, + Required: true, + Description: `The GCP service account to be used for Federated Identity authentication +with Kinesis (via a 'AssumeRoleWithWebIdentity' call for the provided +role). The 'awsRoleArn' must be set up with 'accounts.google.com:sub' +equals to this service account number.`, + }, + "stream_arn": { + Type: schema.TypeString, + Required: true, + Description: `The Kinesis stream ARN to ingest data from.`, + }, + }, + }, + }, + }, + }, + }, "kms_key_name": { Type: schema.TypeString, Optional: true, @@ -207,6 +254,12 @@ func resourcePubsubTopicCreate(d *schema.ResourceData, meta interface{}) error { } else if v, ok := d.GetOkExists("message_retention_duration"); !tpgresource.IsEmptyValue(reflect.ValueOf(messageRetentionDurationProp)) && (ok || !reflect.DeepEqual(v, messageRetentionDurationProp)) { obj["messageRetentionDuration"] = messageRetentionDurationProp } + ingestionDataSourceSettingsProp, err := expandPubsubTopicIngestionDataSourceSettings(d.Get("ingestion_data_source_settings"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("ingestion_data_source_settings"); !tpgresource.IsEmptyValue(reflect.ValueOf(ingestionDataSourceSettingsProp)) && (ok || !reflect.DeepEqual(v, ingestionDataSourceSettingsProp)) { + obj["ingestionDataSourceSettings"] = ingestionDataSourceSettingsProp + } labelsProp, err := expandPubsubTopicEffectiveLabels(d.Get("effective_labels"), d, config) if err != nil { return err @@ -371,6 +424,9 @@ func resourcePubsubTopicRead(d *schema.ResourceData, meta interface{}) error { if err := d.Set("message_retention_duration", flattenPubsubTopicMessageRetentionDuration(res["messageRetentionDuration"], d, config)); err != nil { return fmt.Errorf("Error reading Topic: %s", err) } + if err := d.Set("ingestion_data_source_settings", flattenPubsubTopicIngestionDataSourceSettings(res["ingestionDataSourceSettings"], d, config)); err != nil { + return fmt.Errorf("Error reading Topic: %s", err) + } if err := d.Set("terraform_labels", flattenPubsubTopicTerraformLabels(res["labels"], d, config)); err != nil { return fmt.Errorf("Error reading Topic: %s", err) } @@ -421,6 +477,12 @@ func resourcePubsubTopicUpdate(d *schema.ResourceData, meta interface{}) error { } else if v, ok := d.GetOkExists("message_retention_duration"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, messageRetentionDurationProp)) { obj["messageRetentionDuration"] = messageRetentionDurationProp } + ingestionDataSourceSettingsProp, err := expandPubsubTopicIngestionDataSourceSettings(d.Get("ingestion_data_source_settings"), d, config) + if err != nil { + return err + } else if v, ok := d.GetOkExists("ingestion_data_source_settings"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, ingestionDataSourceSettingsProp)) { + obj["ingestionDataSourceSettings"] = ingestionDataSourceSettingsProp + } labelsProp, err := expandPubsubTopicEffectiveLabels(d.Get("effective_labels"), d, config) if err != nil { return err @@ -457,6 +519,10 @@ func resourcePubsubTopicUpdate(d *schema.ResourceData, meta interface{}) error { updateMask = append(updateMask, "messageRetentionDuration") } + if d.HasChange("ingestion_data_source_settings") { + updateMask = append(updateMask, "ingestionDataSourceSettings") + } + if d.HasChange("effective_labels") { updateMask = append(updateMask, "labels") } @@ -632,6 +698,54 @@ func flattenPubsubTopicMessageRetentionDuration(v interface{}, d *schema.Resourc return v } +func flattenPubsubTopicIngestionDataSourceSettings(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + if v == nil { + return nil + } + original := v.(map[string]interface{}) + if len(original) == 0 { + return nil + } + transformed := make(map[string]interface{}) + transformed["aws_kinesis"] = + flattenPubsubTopicIngestionDataSourceSettingsAwsKinesis(original["awsKinesis"], d, config) + return []interface{}{transformed} +} +func flattenPubsubTopicIngestionDataSourceSettingsAwsKinesis(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + if v == nil { + return nil + } + original := v.(map[string]interface{}) + if len(original) == 0 { + return nil + } + transformed := make(map[string]interface{}) + transformed["stream_arn"] = + flattenPubsubTopicIngestionDataSourceSettingsAwsKinesisStreamArn(original["streamArn"], d, config) + transformed["consumer_arn"] = + flattenPubsubTopicIngestionDataSourceSettingsAwsKinesisConsumerArn(original["consumerArn"], d, config) + transformed["aws_role_arn"] = + flattenPubsubTopicIngestionDataSourceSettingsAwsKinesisAwsRoleArn(original["awsRoleArn"], d, config) + transformed["gcp_service_account"] = + flattenPubsubTopicIngestionDataSourceSettingsAwsKinesisGcpServiceAccount(original["gcpServiceAccount"], d, config) + return []interface{}{transformed} +} +func flattenPubsubTopicIngestionDataSourceSettingsAwsKinesisStreamArn(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenPubsubTopicIngestionDataSourceSettingsAwsKinesisConsumerArn(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenPubsubTopicIngestionDataSourceSettingsAwsKinesisAwsRoleArn(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + +func flattenPubsubTopicIngestionDataSourceSettingsAwsKinesisGcpServiceAccount(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { + return v +} + func flattenPubsubTopicTerraformLabels(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { if v == nil { return v @@ -720,6 +834,81 @@ func expandPubsubTopicMessageRetentionDuration(v interface{}, d tpgresource.Terr return v, nil } +func expandPubsubTopicIngestionDataSourceSettings(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + l := v.([]interface{}) + if len(l) == 0 || l[0] == nil { + return nil, nil + } + raw := l[0] + original := raw.(map[string]interface{}) + transformed := make(map[string]interface{}) + + transformedAwsKinesis, err := expandPubsubTopicIngestionDataSourceSettingsAwsKinesis(original["aws_kinesis"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedAwsKinesis); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["awsKinesis"] = transformedAwsKinesis + } + + return transformed, nil +} + +func expandPubsubTopicIngestionDataSourceSettingsAwsKinesis(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + l := v.([]interface{}) + if len(l) == 0 || l[0] == nil { + return nil, nil + } + raw := l[0] + original := raw.(map[string]interface{}) + transformed := make(map[string]interface{}) + + transformedStreamArn, err := expandPubsubTopicIngestionDataSourceSettingsAwsKinesisStreamArn(original["stream_arn"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedStreamArn); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["streamArn"] = transformedStreamArn + } + + transformedConsumerArn, err := expandPubsubTopicIngestionDataSourceSettingsAwsKinesisConsumerArn(original["consumer_arn"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedConsumerArn); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["consumerArn"] = transformedConsumerArn + } + + transformedAwsRoleArn, err := expandPubsubTopicIngestionDataSourceSettingsAwsKinesisAwsRoleArn(original["aws_role_arn"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedAwsRoleArn); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["awsRoleArn"] = transformedAwsRoleArn + } + + transformedGcpServiceAccount, err := expandPubsubTopicIngestionDataSourceSettingsAwsKinesisGcpServiceAccount(original["gcp_service_account"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedGcpServiceAccount); val.IsValid() && !tpgresource.IsEmptyValue(val) { + transformed["gcpServiceAccount"] = transformedGcpServiceAccount + } + + return transformed, nil +} + +func expandPubsubTopicIngestionDataSourceSettingsAwsKinesisStreamArn(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandPubsubTopicIngestionDataSourceSettingsAwsKinesisConsumerArn(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandPubsubTopicIngestionDataSourceSettingsAwsKinesisAwsRoleArn(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + +func expandPubsubTopicIngestionDataSourceSettingsAwsKinesisGcpServiceAccount(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + return v, nil +} + func expandPubsubTopicEffectiveLabels(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (map[string]string, error) { if v == nil { return map[string]string{}, nil diff --git a/google/services/pubsub/resource_pubsub_topic_generated_test.go b/google/services/pubsub/resource_pubsub_topic_generated_test.go index ef71e8b2b79..9f14070f4ab 100644 --- a/google/services/pubsub/resource_pubsub_topic_generated_test.go +++ b/google/services/pubsub/resource_pubsub_topic_generated_test.go @@ -155,6 +155,49 @@ resource "google_pubsub_topic" "example" { `, context) } +func TestAccPubsubTopic_pubsubTopicIngestionKinesisExample(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + CheckDestroy: testAccCheckPubsubTopicDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccPubsubTopic_pubsubTopicIngestionKinesisExample(context), + }, + { + ResourceName: "google_pubsub_topic.example", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"labels", "terraform_labels"}, + }, + }, + }) +} + +func testAccPubsubTopic_pubsubTopicIngestionKinesisExample(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_pubsub_topic" "example" { + name = "tf-test-example-topic%{random_suffix}" + + # Outside of automated terraform-provider-google CI tests, these values must be of actual AWS resources for the test to pass. + ingestion_data_source_settings { + aws_kinesis { + stream_arn = "arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name" + consumer_arn = "arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111" + aws_role_arn = "arn:aws:iam::111111111111:role/fake-role-name" + gcp_service_account = "fake-service-account@fake-gcp-project.iam.gserviceaccount.com" + } + } +} +`, context) +} + func testAccCheckPubsubTopicDestroyProducer(t *testing.T) func(s *terraform.State) error { return func(s *terraform.State) error { for name, rs := range s.RootModule().Resources { diff --git a/google/services/pubsub/resource_pubsub_topic_test.go b/google/services/pubsub/resource_pubsub_topic_test.go index 01caeebd6ce..9ec619ff1af 100644 --- a/google/services/pubsub/resource_pubsub_topic_test.go +++ b/google/services/pubsub/resource_pubsub_topic_test.go @@ -142,6 +142,38 @@ func TestAccPubsubTopic_migration(t *testing.T) { }) } +func TestAccPubsubTopic_kinesisIngestionUpdate(t *testing.T) { + t.Parallel() + + topic := fmt.Sprintf("tf-test-topic-%s", acctest.RandString(t, 10)) + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + CheckDestroy: testAccCheckPubsubTopicDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccPubsubTopic_updateWithKinesisIngestionSettings(topic), + }, + { + ResourceName: "google_pubsub_topic.foo", + ImportStateId: topic, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccPubsubTopic_updateWithUpdatedKinesisIngestionSettings(topic), + }, + { + ResourceName: "google_pubsub_topic.foo", + ImportStateId: topic, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func testAccPubsubTopic_update(topic, key, value string) string { return fmt.Sprintf(` resource "google_pubsub_topic" "foo" { @@ -214,3 +246,39 @@ resource "google_pubsub_topic" "bar" { } `, schema, topic) } + +func testAccPubsubTopic_updateWithKinesisIngestionSettings(topic string) string { + return fmt.Sprintf(` +resource "google_pubsub_topic" "foo" { + name = "%s" + + # Outside of automated terraform-provider-google CI tests, these values must be of actual AWS resources for the test to pass. + ingestion_data_source_settings { + aws_kinesis { + stream_arn = "arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name" + consumer_arn = "arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111" + aws_role_arn = "arn:aws:iam::111111111111:role/fake-role-name" + gcp_service_account = "fake-service-account@fake-gcp-project.iam.gserviceaccount.com" + } + } +} +`, topic) +} + +func testAccPubsubTopic_updateWithUpdatedKinesisIngestionSettings(topic string) string { + return fmt.Sprintf(` +resource "google_pubsub_topic" "foo" { + name = "%s" + + # Outside of automated terraform-provider-google CI tests, these values must be of actual AWS resources for the test to pass. + ingestion_data_source_settings { + aws_kinesis { + stream_arn = "arn:aws:kinesis:us-west-2:111111111111:stream/updated-fake-stream-name" + consumer_arn = "arn:aws:kinesis:us-west-2:111111111111:stream/updated-fake-stream-name/consumer/consumer-1:1111111111" + aws_role_arn = "arn:aws:iam::111111111111:role/updated-fake-role-name" + gcp_service_account = "updated-fake-service-account@fake-gcp-project.iam.gserviceaccount.com" + } + } +} +`, topic) +} diff --git a/google/services/spanner/resource_spanner_database.go b/google/services/spanner/resource_spanner_database.go index 5bdaa391a93..c25b5c30e87 100644 --- a/google/services/spanner/resource_spanner_database.go +++ b/google/services/spanner/resource_spanner_database.go @@ -22,8 +22,6 @@ import ( "fmt" "log" "reflect" - "regexp" - "strconv" "strings" "time" @@ -67,44 +65,6 @@ func resourceSpannerDBDdlCustomDiff(_ context.Context, diff *schema.ResourceDiff return resourceSpannerDBDdlCustomDiffFunc(diff) } -func ValidateDatabaseRetentionPeriod(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - valueError := fmt.Errorf("version_retention_period should be in range [1h, 7d], in a format resembling 1d, 24h, 1440m, or 86400s") - - r := regexp.MustCompile("^(\\d{1}d|\\d{1,3}h|\\d{2,5}m|\\d{4,6}s)$") - if !r.MatchString(value) { - errors = append(errors, valueError) - return - } - - unit := value[len(value)-1:] - multiple := value[:len(value)-1] - num, err := strconv.Atoi(multiple) - if err != nil { - errors = append(errors, valueError) - return - } - - if unit == "d" && (num < 1 || num > 7) { - errors = append(errors, valueError) - return - } - if unit == "h" && (num < 1 || num > 7*24) { - errors = append(errors, valueError) - return - } - if unit == "m" && (num < 1*60 || num > 7*24*60) { - errors = append(errors, valueError) - return - } - if unit == "s" && (num < 1*60*60 || num > 7*24*60*60) { - errors = append(errors, valueError) - return - } - - return -} - func resourceSpannerDBVirtualUpdate(d *schema.ResourceData, resourceSchema map[string]*schema.Schema) bool { // deletion_protection is the only virtual field if d.HasChange("deletion_protection") { @@ -210,10 +170,9 @@ in the same location as the Spanner Database.`, }, }, "version_retention_period": { - Type: schema.TypeString, - Computed: true, - Optional: true, - ValidateFunc: ValidateDatabaseRetentionPeriod, + Type: schema.TypeString, + Computed: true, + Optional: true, Description: `The retention period for the database. The retention period must be between 1 hour and 7 days, and can be specified in days, hours, minutes, or seconds. For example, the values 1d, 24h, 1440m, and 86400s are equivalent. Default value is 1h. diff --git a/google/services/spanner/resource_spanner_database_test.go b/google/services/spanner/resource_spanner_database_test.go index 8aa4f83df63..30ea901800c 100644 --- a/google/services/spanner/resource_spanner_database_test.go +++ b/google/services/spanner/resource_spanner_database_test.go @@ -10,7 +10,6 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-provider-google/google/acctest" "github.com/hashicorp/terraform-provider-google/google/envvar" - "github.com/hashicorp/terraform-provider-google/google/services/spanner" ) func TestAccSpannerDatabase_basic(t *testing.T) { @@ -467,77 +466,6 @@ resource "google_spanner_database" "basic" { `, instanceName, instanceName, databaseName) } -// Unit Tests for validation of retention period argument -func TestValidateDatabaseRetentionPeriod(t *testing.T) { - t.Parallel() - testCases := map[string]struct { - input string - expectError bool - }{ - // Not valid input - "empty_string": { - input: "", - expectError: true, - }, - "number_with_no_unit": { - input: "1", - expectError: true, - }, - "less_than_1h": { - input: "59m", - expectError: true, - }, - "more_than_7days": { - input: "8d", - expectError: true, - }, - // Valid input - "1_hour_in_secs": { - input: "3600s", - expectError: false, - }, - "1_hour_in_mins": { - input: "60m", - expectError: false, - }, - "1_hour_in_hours": { - input: "1h", - expectError: false, - }, - "7_days_in_secs": { - input: fmt.Sprintf("%ds", 7*24*60*60), - expectError: false, - }, - "7_days_in_mins": { - input: fmt.Sprintf("%dm", 7*24*60), - expectError: false, - }, - "7_days_in_hours": { - input: fmt.Sprintf("%dh", 7*24), - expectError: false, - }, - "7_days_in_days": { - input: "7d", - expectError: false, - }, - } - - for tn, tc := range testCases { - t.Run(tn, func(t *testing.T) { - _, errs := spanner.ValidateDatabaseRetentionPeriod(tc.input, "foobar") - var wantErrCount string - if tc.expectError { - wantErrCount = "1+" - } else { - wantErrCount = "0" - } - if (len(errs) > 0 && tc.expectError == false) || (len(errs) == 0 && tc.expectError == true) { - t.Errorf("failed, expected `%s` test case validation to have %s errors", tn, wantErrCount) - } - }) - } -} - func TestAccSpannerDatabase_deletionProtection(t *testing.T) { acctest.SkipIfVcr(t) t.Parallel() diff --git a/google/services/storage/resource_storage_bucket.go b/google/services/storage/resource_storage_bucket.go index 16f0611343d..df31dd13e0d 100644 --- a/google/services/storage/resource_storage_bucket.go +++ b/google/services/storage/resource_storage_bucket.go @@ -483,6 +483,28 @@ func ResourceStorageBucket() *schema.Resource { Computed: true, Description: `Prevents public access to a bucket.`, }, + "soft_delete_policy": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Computed: true, + Description: `The bucket's soft delete policy, which defines the period of time that soft-deleted objects will be retained, and cannot be permanently deleted. If it is not provided, by default Google Cloud Storage sets this to default soft delete policy`, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "retention_duration_seconds": { + Type: schema.TypeInt, + Default: 604800, + Optional: true, + Description: `The duration in seconds that soft-deleted objects in the bucket will be retained and cannot be permanently deleted. Default value is 604800.`, + }, + "effective_time": { + Type: schema.TypeString, + Computed: true, + Description: `Server-determined value that indicates the time from which the policy, or one with a greater retention, was effective. This value is in RFC 3339 format.`, + }, + }, + }, + }, }, UseJSONNumber: true, } @@ -613,6 +635,10 @@ func resourceStorageBucketCreate(d *schema.ResourceData, meta interface{}) error sb.Rpo = v.(string) } + if v, ok := d.GetOk("soft_delete_policy"); ok { + sb.SoftDeletePolicy = expandBucketSoftDeletePolicy(v.([]interface{})) + } + var res *storage.Bucket err = transport_tpg.Retry(transport_tpg.RetryOptions{ @@ -785,6 +811,12 @@ func resourceStorageBucketUpdate(d *schema.ResourceData, meta interface{}) error } } + if d.HasChange("soft_delete_policy") { + if v, ok := d.GetOk("soft_delete_policy"); ok { + sb.SoftDeletePolicy = expandBucketSoftDeletePolicy(v.([]interface{})) + } + } + res, err := config.NewStorageClient(userAgent).Buckets.Patch(d.Get("name").(string), sb).Do() if err != nil { return err @@ -1167,6 +1199,32 @@ func flattenBucketObjectRetention(bucketObjectRetention *storage.BucketObjectRet return false } +func expandBucketSoftDeletePolicy(configured interface{}) *storage.BucketSoftDeletePolicy { + configuredSoftDeletePolicies := configured.([]interface{}) + if len(configuredSoftDeletePolicies) == 0 { + return nil + } + configuredSoftDeletePolicy := configuredSoftDeletePolicies[0].(map[string]interface{}) + softDeletePolicy := &storage.BucketSoftDeletePolicy{ + RetentionDurationSeconds: int64(configuredSoftDeletePolicy["retention_duration_seconds"].(int)), + } + softDeletePolicy.ForceSendFields = append(softDeletePolicy.ForceSendFields, "RetentionDurationSeconds") + return softDeletePolicy +} + +func flattenBucketSoftDeletePolicy(softDeletePolicy *storage.BucketSoftDeletePolicy) []map[string]interface{} { + policies := make([]map[string]interface{}, 0, 1) + if softDeletePolicy == nil { + return policies + } + policy := map[string]interface{}{ + "retention_duration_seconds": softDeletePolicy.RetentionDurationSeconds, + "effective_time": softDeletePolicy.EffectiveTime, + } + policies = append(policies, policy) + return policies +} + func expandBucketVersioning(configured interface{}) *storage.BucketVersioning { versionings := configured.([]interface{}) if len(versionings) == 0 { @@ -1718,6 +1776,9 @@ func setStorageBucket(d *schema.ResourceData, config *transport_tpg.Config, res return fmt.Errorf("Error setting RPO setting : %s", err) } } + if err := d.Set("soft_delete_policy", flattenBucketSoftDeletePolicy(res.SoftDeletePolicy)); err != nil { + return fmt.Errorf("Error setting soft_delete_policy: %s", err) + } if res.IamConfiguration != nil && res.IamConfiguration.UniformBucketLevelAccess != nil { if err := d.Set("uniform_bucket_level_access", res.IamConfiguration.UniformBucketLevelAccess.Enabled); err != nil { return fmt.Errorf("Error setting uniform_bucket_level_access: %s", err) diff --git a/google/services/storage/resource_storage_bucket_test.go b/google/services/storage/resource_storage_bucket_test.go index c04894751d1..ada7678e921 100644 --- a/google/services/storage/resource_storage_bucket_test.go +++ b/google/services/storage/resource_storage_bucket_test.go @@ -1339,6 +1339,66 @@ func TestAccStorageBucket_retentionPolicyLocked(t *testing.T) { }) } +func TestAccStorageBucket_SoftDeletePolicy(t *testing.T) { + t.Parallel() + + var bucket storage.Bucket + bucketName := fmt.Sprintf("tf-test-acc-bucket-%d", acctest.RandInt(t)) + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + CheckDestroy: testAccStorageBucketDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccStorageBucket_basic(bucketName), + Check: resource.ComposeTestCheckFunc( + testAccCheckStorageBucketExists( + t, "google_storage_bucket.bucket", bucketName, &bucket), + resource.TestCheckResourceAttr( + "google_storage_bucket.bucket", "soft_delete_policy.0.retention_duration_seconds", "604800"), + ), + }, + { + ResourceName: "google_storage_bucket.bucket", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"force_destroy"}, + }, + { + Config: testAccStorageBucket_SoftDeletePolicy(bucketName, 7776000), + Check: resource.ComposeTestCheckFunc( + testAccCheckStorageBucketExists( + t, "google_storage_bucket.bucket", bucketName, &bucket), + resource.TestCheckResourceAttr( + "google_storage_bucket.bucket", "soft_delete_policy.0.retention_duration_seconds", "7776000"), + ), + }, + { + ResourceName: "google_storage_bucket.bucket", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"force_destroy"}, + }, + { + Config: testAccStorageBucket_SoftDeletePolicy(bucketName, 0), + Check: resource.ComposeTestCheckFunc( + testAccCheckStorageBucketExists( + t, "google_storage_bucket.bucket", bucketName, &bucket), + resource.TestCheckResourceAttr( + "google_storage_bucket.bucket", "soft_delete_policy.0.retention_duration_seconds", "0"), + ), + }, + { + ResourceName: "google_storage_bucket.bucket", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"force_destroy"}, + }, + }, + }) +} + func testAccCheckStorageBucketExists(t *testing.T, n string, bucketName string, bucket *storage.Bucket) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -2265,6 +2325,20 @@ resource "google_storage_bucket" "bucket" { `, bucketName) } +func testAccStorageBucket_SoftDeletePolicy(bucketName string, duration int) string { + return fmt.Sprintf(` +resource "google_storage_bucket" "bucket" { + name = "%s" + location = "US" + force_destroy = true + + soft_delete_policy { + retention_duration_seconds = %d + } +} +`, bucketName, duration) +} + func testAccStorageBucket_websiteNoAttributes(bucketName string) string { return fmt.Sprintf(` resource "google_storage_bucket" "website" { diff --git a/google/services/vpcaccess/resource_vpc_access_connector.go b/google/services/vpcaccess/resource_vpc_access_connector.go index 33b23a940d3..47be473cf5e 100644 --- a/google/services/vpcaccess/resource_vpc_access_connector.go +++ b/google/services/vpcaccess/resource_vpc_access_connector.go @@ -72,34 +72,41 @@ func ResourceVPCAccessConnector() *schema.Resource { Default: "e2-micro", }, "max_instances": { - Type: schema.TypeInt, - Computed: true, - Optional: true, - ForceNew: true, - Description: `Maximum value of instances in autoscaling group underlying the connector.`, + Type: schema.TypeInt, + Computed: true, + Optional: true, + ForceNew: true, + Description: `Maximum value of instances in autoscaling group underlying the connector. Value must be between 3 and 10, inclusive. Must be +higher than the value specified by min_instances.`, }, "max_throughput": { Type: schema.TypeInt, Optional: true, ForceNew: true, ValidateFunc: validation.IntBetween(200, 1000), - Description: `Maximum throughput of the connector in Mbps, must be greater than 'min_throughput'. Default is 300.`, - Default: 300, + Description: `Maximum throughput of the connector in Mbps, must be greater than 'min_throughput'. Default is 300. Refers to the expected throughput +when using an e2-micro machine type. Value must be a multiple of 100 from 300 through 1000. Must be higher than the value specified by +min_throughput. If both max_throughput and max_instances are provided, max_instances takes precedence over max_throughput. The use of +max_throughput is discouraged in favor of max_instances.`, + Default: 300, }, "min_instances": { - Type: schema.TypeInt, - Computed: true, - Optional: true, - ForceNew: true, - Description: `Minimum value of instances in autoscaling group underlying the connector.`, + Type: schema.TypeInt, + Computed: true, + Optional: true, + ForceNew: true, + Description: `Minimum value of instances in autoscaling group underlying the connector. Value must be between 2 and 9, inclusive. Must be +lower than the value specified by max_instances.`, }, "min_throughput": { Type: schema.TypeInt, Optional: true, ForceNew: true, ValidateFunc: validation.IntBetween(200, 1000), - Description: `Minimum throughput of the connector in Mbps. Default and min is 200.`, - Default: 200, + Description: `Minimum throughput of the connector in Mbps. Default and min is 200. Refers to the expected throughput when using an e2-micro machine type. +Value must be a multiple of 100 from 200 through 900. Must be lower than the value specified by max_throughput. If both min_throughput and +min_instances are provided, min_instances takes precedence over min_throughput. The use of min_throughput is discouraged in favor of min_instances.`, + Default: 200, }, "network": { Type: schema.TypeString, diff --git a/google/sweeper/gcp_sweeper_test.go b/google/sweeper/gcp_sweeper_test.go index 8dddf252e4c..97ea26dec77 100644 --- a/google/sweeper/gcp_sweeper_test.go +++ b/google/sweeper/gcp_sweeper_test.go @@ -80,6 +80,7 @@ import ( _ "github.com/hashicorp/terraform-provider-google/google/services/iap" _ "github.com/hashicorp/terraform-provider-google/google/services/identityplatform" _ "github.com/hashicorp/terraform-provider-google/google/services/integrationconnectors" + _ "github.com/hashicorp/terraform-provider-google/google/services/integrations" _ "github.com/hashicorp/terraform-provider-google/google/services/kms" _ "github.com/hashicorp/terraform-provider-google/google/services/logging" _ "github.com/hashicorp/terraform-provider-google/google/services/looker" diff --git a/google/transport/config.go b/google/transport/config.go index 709003b16cc..ca35bf630c4 100644 --- a/google/transport/config.go +++ b/google/transport/config.go @@ -260,6 +260,7 @@ type Config struct { IapBasePath string IdentityPlatformBasePath string IntegrationConnectorsBasePath string + IntegrationsBasePath string KMSBasePath string LoggingBasePath string LookerBasePath string @@ -395,6 +396,7 @@ const IAMWorkforcePoolBasePathKey = "IAMWorkforcePool" const IapBasePathKey = "Iap" const IdentityPlatformBasePathKey = "IdentityPlatform" const IntegrationConnectorsBasePathKey = "IntegrationConnectors" +const IntegrationsBasePathKey = "Integrations" const KMSBasePathKey = "KMS" const LoggingBasePathKey = "Logging" const LookerBasePathKey = "Looker" @@ -524,6 +526,7 @@ var DefaultBasePaths = map[string]string{ IapBasePathKey: "https://iap.googleapis.com/v1/", IdentityPlatformBasePathKey: "https://identitytoolkit.googleapis.com/v2/", IntegrationConnectorsBasePathKey: "https://connectors.googleapis.com/v1/", + IntegrationsBasePathKey: "https://integrations.googleapis.com/v1/", KMSBasePathKey: "https://cloudkms.googleapis.com/v1/", LoggingBasePathKey: "https://logging.googleapis.com/v2/", LookerBasePathKey: "https://looker.googleapis.com/v1/", @@ -1016,6 +1019,11 @@ func SetEndpointDefaults(d *schema.ResourceData) error { "GOOGLE_INTEGRATION_CONNECTORS_CUSTOM_ENDPOINT", }, DefaultBasePaths[IntegrationConnectorsBasePathKey])) } + if d.Get("integrations_custom_endpoint") == "" { + d.Set("integrations_custom_endpoint", MultiEnvDefault([]string{ + "GOOGLE_INTEGRATIONS_CUSTOM_ENDPOINT", + }, DefaultBasePaths[IntegrationsBasePathKey])) + } if d.Get("kms_custom_endpoint") == "" { d.Set("kms_custom_endpoint", MultiEnvDefault([]string{ "GOOGLE_KMS_CUSTOM_ENDPOINT", @@ -2154,6 +2162,7 @@ func ConfigureBasePaths(c *Config) { c.IapBasePath = DefaultBasePaths[IapBasePathKey] c.IdentityPlatformBasePath = DefaultBasePaths[IdentityPlatformBasePathKey] c.IntegrationConnectorsBasePath = DefaultBasePaths[IntegrationConnectorsBasePathKey] + c.IntegrationsBasePath = DefaultBasePaths[IntegrationsBasePathKey] c.KMSBasePath = DefaultBasePaths[KMSBasePathKey] c.LoggingBasePath = DefaultBasePaths[LoggingBasePathKey] c.LookerBasePath = DefaultBasePaths[LookerBasePathKey] diff --git a/website/docs/d/apphub_discovered_service.html.markdown b/website/docs/d/apphub_discovered_service.html.markdown index 272491b8d08..8f899ad1f20 100644 --- a/website/docs/d/apphub_discovered_service.html.markdown +++ b/website/docs/d/apphub_discovered_service.html.markdown @@ -1,5 +1,5 @@ --- -subcategory: "Apphub" +subcategory: "App Hub" description: |- Get information about a discovered service. --- @@ -49,4 +49,4 @@ In addition to the arguments listed above, the following computed attributes are * `location` - The location that the underlying resource resides in. -* `zone` - The location that the underlying resource resides in if it is zonal. \ No newline at end of file +* `zone` - The location that the underlying resource resides in if it is zonal. diff --git a/website/docs/d/apphub_discovered_workload.html.markdown b/website/docs/d/apphub_discovered_workload.html.markdown index d9fc574eaff..6dafead5393 100644 --- a/website/docs/d/apphub_discovered_workload.html.markdown +++ b/website/docs/d/apphub_discovered_workload.html.markdown @@ -1,5 +1,5 @@ --- -subcategory: "Apphub" +subcategory: "App Hub" description: |- Get information about a discovered workload. --- diff --git a/website/docs/d/cloud_quotas_quota_info.html.markdown b/website/docs/d/cloud_quotas_quota_info.html.markdown index 77e97d36489..2f88f3c3abd 100644 --- a/website/docs/d/cloud_quotas_quota_info.html.markdown +++ b/website/docs/d/cloud_quotas_quota_info.html.markdown @@ -53,7 +53,6 @@ The following attributes are exported: The `dimensions_infos` block supports: * `dimensions` - The map of dimensions for this dimensions info. The key of a map entry is "region", "zone" or the name of a service specific dimension, and the value of a map entry is the value of the dimension. If a dimension does not appear in the map of dimensions, the dimensions info applies to all the dimension values except for those that have another DimenisonInfo instance configured for the specific value. Example: {"provider" : "Foo Inc"} where "provider" is a service specific dimension of a quota. - An object containing a list of "key": value pairs, for example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. * `details` - The quota details for a map of dimensions. * `applicable_locations` - The applicable regions or zones of this dimensions info. The field will be set to `['global']` for quotas that are not per region or per zone. Otherwise, it will be set to the list of locations this dimension info is applicable to. diff --git a/website/docs/d/cloud_quotas_quota_infos.html.markdown b/website/docs/d/cloud_quotas_quota_infos.html.markdown new file mode 100644 index 00000000000..b160791ce1c --- /dev/null +++ b/website/docs/d/cloud_quotas_quota_infos.html.markdown @@ -0,0 +1,62 @@ +--- +subcategory: "Cloud Quotas" +--- + +# google\_cloud\_quotas\_quota\_infos + +Provides information about all quotas for a given project, folder or organization. + +## Example Usage + +```hcl +data "google_cloud_quotas_quota_infos" "my_quota_infos" { + parent = "projects/my-project" + service = "compute.googleapis.com" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `parent` - (Required) Parent value of QuotaInfo resources. Listing across different resource containers (such as 'projects/-') is not allowed. Allowed parents are "projects/[project-id / number]" or "folders/[folder-id / number]" or "organizations/[org-id / number]. + +* `service` - (Required) The name of the service in which the quotas are defined. + + +## Attributes Reference + +The following attributes are exported: + +* `quota_infos` - (Output) The list of QuotaInfo. + + The `quota_infos` block supports: + +* `name` - (Output) Resource name of this QuotaInfo, for example: `projects/123/locations/global/services/compute.googleapis.com/quotaInfos/CpusPerProjectPerRegion`. +* `metric` - (Output) The metric of the quota. It specifies the resources consumption the quota is defined for, for example: `compute.googleapis.com/cpus`. +* `is_precise` - (Output) Whether this is a precise quota. A precise quota is tracked with absolute precision. In contrast, an imprecise quota is not tracked with precision. +* `refresh_interval` - (Output) The reset time interval for the quota. Refresh interval applies to rate quota only. Example: "minute" for per minute, "day" for per day, or "10 seconds" for every 10 seconds. +* `container_type` - (Output) The container type of the QuotaInfo. +* `dimensions` - (Output) The dimensions the quota is defined on. +* `metric_display_name` - (Output) The display name of the quota metric. +* `quota_display_name` - (Output) The display name of the quota. +* `metric_unit` - (Output) The unit in which the metric value is reported, e.g., `MByte`. +* `quota_increase_eligibility` - (Output) Whether it is eligible to request a higher quota value for this quota. +* `is_fixed` - (Output) Whether the quota value is fixed or adjustable. +* `dimensions_infos` - (Output) The collection of dimensions info ordered by their dimensions from more specific ones to less specific ones. +* `is_concurrent` - (Output) Whether the quota is a concurrent quota. Concurrent quotas are enforced on the total number of concurrent operations in flight at any given time. +* `service_request_quota_uri` - (Output) URI to the page where users can request more quota for the cloud service, for example: `https://console.cloud.google.com/iam-admin/quotas`. + + The `quota_increase_eligibility` block supports: + +* `is_eligible` - Whether a higher quota value can be requested for the quota. +* `ineligibility_reason` - The enumeration of reasons when it is ineligible to request increase adjustment. + + The `dimensions_infos` block supports: +* `dimensions` - The map of dimensions for this dimensions info. The key of a map entry is "region", "zone" or the name of a service specific dimension, and the value of a map entry is the value of the dimension. If a dimension does not appear in the map of dimensions, the dimensions info applies to all the dimension values except for those that have another DimenisonInfo instance configured for the specific value. Example: {"provider" : "Foo Inc"} where "provider" is a service specific dimension of a quota. + +* `details` - The quota details for a map of dimensions. +* `applicable_locations` - The applicable regions or zones of this dimensions info. The field will be set to `['global']` for quotas that are not per region or per zone. Otherwise, it will be set to the list of locations this dimension info is applicable to. + + The `details` block supports: +* `value` - The value currently in effect and being enforced. diff --git a/website/docs/d/dataform_repository_iam_policy.html.markdown b/website/docs/d/dataform_repository_iam_policy.html.markdown index f3e9303e58c..63765e3cf68 100644 --- a/website/docs/d/dataform_repository_iam_policy.html.markdown +++ b/website/docs/d/dataform_repository_iam_policy.html.markdown @@ -30,9 +30,9 @@ See [Provider Versions](https://terraform.io/docs/providers/google/guides/provid ```hcl data "google_dataform_repository_iam_policy" "policy" { provider = google-beta - project = google_dataform_repository.dataform_respository.project - region = google_dataform_repository.dataform_respository.region - repository = google_dataform_repository.dataform_respository.name + project = google_dataform_repository.dataform_repository.project + region = google_dataform_repository.dataform_repository.region + repository = google_dataform_repository.dataform_repository.name } ``` diff --git a/website/docs/r/access_context_manager_service_perimeter_dry_run_resource.html.markdown b/website/docs/r/access_context_manager_service_perimeter_dry_run_resource.html.markdown new file mode 100644 index 00000000000..fb809f186d7 --- /dev/null +++ b/website/docs/r/access_context_manager_service_perimeter_dry_run_resource.html.markdown @@ -0,0 +1,129 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in +# .github/CONTRIBUTING.md. +# +# ---------------------------------------------------------------------------- +subcategory: "Access Context Manager (VPC Service Controls)" +description: |- + Allows configuring a single GCP resource that should be inside of the `spec` block of a dry run service perimeter. +--- + +# google\_access\_context\_manager\_service\_perimeter\_dry\_run\_resource + +Allows configuring a single GCP resource that should be inside of the `spec` block of a dry run service perimeter. +This resource is intended to be used in cases where it is not possible to compile a full list +of projects to include in a `google_access_context_manager_service_perimeter` resource, +to enable them to be added separately. +If your perimeter is NOT in dry-run mode use `google_access_context_manager_service_perimeter_resource` instead. + +~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, +the service perimeter resource must have a `lifecycle` block with `ignore_changes = [spec[0].resources]` so +they don't fight over which resources should be in the policy. + + +To get more information about ServicePerimeterDryRunResource, see: + +* [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters) +* How-to Guides + * [Service Perimeter Quickstart](https://cloud.google.com/vpc-service-controls/docs/quickstart) + +~> **Warning:** If you are using User ADCs (Application Default Credentials) with this resource, +you must specify a `billing_project` and set `user_project_override` to true +in the provider configuration. Otherwise the ACM API will return a 403 error. +Your account must have the `serviceusage.services.use` permission on the +`billing_project` you defined. + +## Example Usage - Access Context Manager Service Perimeter Dry Run Resource Basic + + +```hcl +resource "google_access_context_manager_service_perimeter_dry_run_resource" "service-perimeter-dry-run-resource" { + perimeter_name = google_access_context_manager_service_perimeter.service-perimeter-dry-run-resource.name + resource = "projects/987654321" +} + +resource "google_access_context_manager_service_perimeter" "service-perimeter-dry-run-resource" { + parent = "accessPolicies/${google_access_context_manager_access_policy.access-policy.name}" + name = "accessPolicies/${google_access_context_manager_access_policy.access-policy.name}/servicePerimeters/restrict_all" + title = "restrict_all" + spec { + restricted_services = ["storage.googleapis.com"] + } + use_explicit_dry_run_spec = true + lifecycle { + ignore_changes = [spec[0].resources] + } +} + +resource "google_access_context_manager_access_policy" "access-policy" { + parent = "organizations/123456789" + title = "my policy" +} +``` + +## Argument Reference + +The following arguments are supported: + + +* `resource` - + (Required) + A GCP resource that is inside of the service perimeter. + Currently only projects are allowed. + Format: projects/{project_number} + +* `perimeter_name` - + (Required) + The name of the Service Perimeter to add this resource to. + + +- - - + + + +## Attributes Reference + +In addition to the arguments listed above, the following computed attributes are exported: + +* `id` - an identifier for the resource with format `{{perimeter_name}}/{{resource}}` + + +## Timeouts + +This resource provides the following +[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: + +- `create` - Default is 20 minutes. +- `delete` - Default is 20 minutes. + +## Import + + +ServicePerimeterDryRunResource can be imported using any of these accepted formats: + +* `{{perimeter_name}}/{{resource}}` + + +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import ServicePerimeterDryRunResource using one of the formats above. For example: + +```tf +import { + id = "{{perimeter_name}}/{{resource}}" + to = google_access_context_manager_service_perimeter_dry_run_resource.default +} +``` + +When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), ServicePerimeterDryRunResource can be imported using one of the formats above. For example: + +``` +$ terraform import google_access_context_manager_service_perimeter_dry_run_resource.default {{perimeter_name}}/{{resource}} +``` diff --git a/website/docs/r/access_context_manager_service_perimeter_egress_policy.html.markdown b/website/docs/r/access_context_manager_service_perimeter_egress_policy.html.markdown index bbbb1eb0a41..4dd2220dc63 100644 --- a/website/docs/r/access_context_manager_service_perimeter_egress_policy.html.markdown +++ b/website/docs/r/access_context_manager_service_perimeter_egress_policy.html.markdown @@ -27,11 +27,57 @@ within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset). +~> **Note:** By default, updates to this resource will remove the EgressPolicy from the +from the perimeter and add it back in a non-atomic manner. To ensure that the new EgressPolicy +is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. + To get more information about ServicePerimeterEgressPolicy, see: * [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#egresspolicy) +## Example Usage - Access Context Manager Service Perimeter Egress Policy + + +```hcl +resource "google_access_context_manager_service_perimeter" "storage-perimeter" { + parent = "accesspolicies/${google_access_context_manager_access_policy.access-policy.name}" + name = "accesspolicies/${google_access_context_manager_access_policy.access-policy.name}/serviceperimeters/storage-perimeter" + title = "Storage Perimeter" + status { + restricted_services = ["storage.googleapis.com"] + } + lifecycle { + ignore_changes = [status[0].resources] + } +} + +resource "google_access_context_manager_service_perimeter_egress_policy" "egress_policy" { + perimeter = "${google_access_context_manager_service_perimeter.storage-perimeter.name}" + egress_from { + identity_type = "ANY_IDENTITY" + } + egress_to { + resources = ["*"] + operations { + service_name = "bigquery.googleapis.com" + method_selectors { + method = "*" + } + } + } + lifecycle { + create_before_destroy = true + } +} + + +resource "google_access_context_manager_access_policy" "access-policy" { + parent = "organizations/123456789" + title = "Storage Policy" +} +``` + ## Argument Reference The following arguments are supported: @@ -155,7 +201,6 @@ This resource provides the following [Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: - `create` - Default is 20 minutes. -- `update` - Default is 20 minutes. - `delete` - Default is 20 minutes. ## Import diff --git a/website/docs/r/access_context_manager_service_perimeter_ingress_policy.html.markdown b/website/docs/r/access_context_manager_service_perimeter_ingress_policy.html.markdown index dcaafbe53c4..d0fe35b9445 100644 --- a/website/docs/r/access_context_manager_service_perimeter_ingress_policy.html.markdown +++ b/website/docs/r/access_context_manager_service_perimeter_ingress_policy.html.markdown @@ -28,11 +28,60 @@ For access from private networks, using the project of the hosting network is re Individual ingress policies can be limited by restricting which services and/ or actions they match using the ingressTo field. +~> **Note:** By default, updates to this resource will remove the IngressPolicy from the +from the perimeter and add it back in a non-atomic manner. To ensure that the new IngressPolicy +is added before the old one is removed, add a `lifecycle` block with `create_before_destroy = true` to this resource. + To get more information about ServicePerimeterIngressPolicy, see: * [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.servicePerimeters#ingresspolicy) +## Example Usage - Access Context Manager Service Perimeter Ingress Policy + + +```hcl +resource "google_access_context_manager_service_perimeter" "storage-perimeter" { + parent = "accesspolicies/${google_access_context_manager_access_policy.access-policy.name}" + name = "accesspolicies/${google_access_context_manager_access_policy.access-policy.name}/serviceperimeters/storage-perimeter" + title = "Storage Perimeter" + status { + restricted_services = ["storage.googleapis.com"] + } + lifecycle { + ignore_changes = [status[0].resources] + } +} + +resource "google_access_context_manager_service_perimeter_ingress_policy" "ingress_policy" { + perimeter = "${google_access_context_manager_service_perimeter.storage-perimeter.name}" + ingress_from { + identity_type = "any_identity" + sources { + access_level = "*" + } + } + ingress_to { + resources = ["*"] + operations { + service_name = "bigquery.googleapis.com" + method_selectors { + method = "*" + } + } + } + lifecycle { + create_before_destroy = true + } +} + + +resource "google_access_context_manager_access_policy" "access-policy" { + parent = "organizations/123456789" + title = "Storage Policy" +} +``` + ## Argument Reference The following arguments are supported: @@ -165,7 +214,6 @@ This resource provides the following [Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: - `create` - Default is 20 minutes. -- `update` - Default is 20 minutes. - `delete` - Default is 20 minutes. ## Import diff --git a/website/docs/r/access_context_manager_service_perimeter_resource.html.markdown b/website/docs/r/access_context_manager_service_perimeter_resource.html.markdown index e0fec1e6608..e499fd9a69f 100644 --- a/website/docs/r/access_context_manager_service_perimeter_resource.html.markdown +++ b/website/docs/r/access_context_manager_service_perimeter_resource.html.markdown @@ -14,15 +14,16 @@ # ---------------------------------------------------------------------------- subcategory: "Access Context Manager (VPC Service Controls)" description: |- - Allows configuring a single GCP resource that should be inside of a service perimeter. + Allows configuring a single GCP resource that should be inside the `status` block of a service perimeter. --- # google\_access\_context\_manager\_service\_perimeter\_resource -Allows configuring a single GCP resource that should be inside of a service perimeter. +Allows configuring a single GCP resource that should be inside the `status` block of a service perimeter. This resource is intended to be used in cases where it is not possible to compile a full list of projects to include in a `google_access_context_manager_service_perimeter` resource, to enable them to be added separately. +If your perimeter is in dry-run mode use `google_access_context_manager_service_perimeter_dry_run_resource` instead. ~> **Note:** If this resource is used alongside a `google_access_context_manager_service_perimeter` resource, the service perimeter resource must have a `lifecycle` block with `ignore_changes = [status[0].resources]` so diff --git a/website/docs/r/bigquery_table.html.markdown b/website/docs/r/bigquery_table.html.markdown index 525f395d8a8..dc0c5df595c 100644 --- a/website/docs/r/bigquery_table.html.markdown +++ b/website/docs/r/bigquery_table.html.markdown @@ -190,6 +190,8 @@ in Terraform state, a `terraform destroy` or `terraform apply` that would delete * `json_options` (Optional) - Additional properties to set if `source_format` is set to "JSON". Structure is [documented below](#nested_json_options). +* `json_extension` (Optional) - Used to indicate that a JSON variant, rather than normal JSON, is being used as the sourceFormat. This should only be used in combination with the `JSON` source format. Valid values are: `GEOJSON`. + * `parquet_options` (Optional) - Additional properties to set if `source_format` is set to "PARQUET". Structure is [documented below](#nested_parquet_options). diff --git a/website/docs/r/cloud_quotas_quota_preference.html.markdown b/website/docs/r/cloud_quotas_quota_preference.html.markdown new file mode 100644 index 00000000000..15f0dc09e92 --- /dev/null +++ b/website/docs/r/cloud_quotas_quota_preference.html.markdown @@ -0,0 +1,179 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in +# .github/CONTRIBUTING.md. +# +# ---------------------------------------------------------------------------- +subcategory: "Cloud Quotas" +description: |- + QuotaPreference represents the preferred quota configuration specified for a project, folder or organization. +--- + +# google\_cloud\_quotas\_quota\_preference + +QuotaPreference represents the preferred quota configuration specified for a project, folder or organization. There is only one QuotaPreference resource for a quota value targeting a unique set of dimensions. + + +To get more information about QuotaPreference, see: + +* [API documentation](https://cloud.google.com/docs/quotas/reference/rest/v1/projects.locations.quotaPreferences) +* How-to Guides + * [Cloud Quotas Overview](https://cloud.google.com/docs/quotas/overview) + +## Example Usage - Cloudquotas Quota Preference Basic + + +```hcl +resource "google_cloud_quotas_quota_preference" "preference" { + parent = "projects/my-project-name" + name = "compute_googleapis_com-CPUS-per-project_us-east1" + dimensions = { region = "us-east1" } + service = "compute.googleapis.com" + quota_id = "CPUS-per-project-region" + contact_email = "testuser@gmail.com" + quota_config { + preferred_value = 200 + } +} +``` + +## Argument Reference + +The following arguments are supported: + + +* `service` - + (Required) + The name of the service to which the quota preference is applied. + +* `quota_id` - + (Required) + The id of the quota to which the quota preference is applied. A quota id is unique in the service. + Example: `CPUS-per-project-region`. + +* `quota_config` - + (Required) + The preferred quota configuration. + Structure is [documented below](#nested_quota_config). + +* `parent` - + (Required) + The parent of the quota preference. Allowed parents are "projects/[project-id / number]" or "folders/[folder-id / number]" or "organizations/[org-id / number]". + + +The `quota_config` block supports: + +* `preferred_value` - + (Required) + The preferred value. Must be greater than or equal to -1. If set to -1, it means the value is "unlimited". + +* `state_detail` - + (Output) + Optional details about the state of this quota preference. + +* `granted_value` - + (Output) + Granted quota value. + +* `trace_id` - + (Output) + The trace id that the Google Cloud uses to provision the requested quota. This trace id may be used by the client to contact Cloud support to track the state of a quota preference request. The trace id is only produced for increase requests and is unique for each request. The quota decrease requests do not have a trace id. + +* `annotations` - + (Optional) + The annotations map for clients to store small amounts of arbitrary data. Do not put PII or other sensitive information here. See https://google.aip.dev/128#annotations. + An object containing a list of "key: value" pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`. + +* `request_origin` - + (Output) + The origin of the quota preference request. + +- - - + + +* `name` - + (Optional) + The resource name of the quota preference. Required except in the CREATE requests. + +* `dimensions` - + (Optional) + The dimensions that this quota preference applies to. The key of the map entry is the name of a dimension, such as "region", "zone", "network_id", and the value of the map entry is the dimension value. If a dimension is missing from the map of dimensions, the quota preference applies to all the dimension values except for those that have other quota preferences configured for the specific value. + NOTE: QuotaPreferences can only be applied across all values of "user" and "resource" dimension. Do not set values for "user" or "resource" in the dimension map. + Example: `{"provider": "Foo Inc"}` where "provider" is a service specific dimension. + +* `justification` - + (Optional) + The reason / justification for this quota preference. + +* `contact_email` - + (Optional) + An email address that can be used for quota related communication between the Google Cloud and the user in case the Google Cloud needs further information to make a decision on whether the user preferred quota can be granted. + The Google account for the email address must have quota update permission for the project, folder or organization this quota preference is for. + +* `ignore_safety_checks` - + (Optional) + The list of quota safety checks to be ignored. + Default value is `QUOTA_SAFETY_CHECK_UNSPECIFIED`. + Possible values are: `QUOTA_SAFETY_CHECK_UNSPECIFIED`, `QUOTA_DECREASE_BELOW_USAGE`, `QUOTA_DECREASE_PERCENTAGE_TOO_HIGH`. + + +## Attributes Reference + +In addition to the arguments listed above, the following computed attributes are exported: + +* `id` - an identifier for the resource with format `{{parent}}/locations/global/quotaPreferences/{{name}}` + +* `etag` - + The current etag of the quota preference. If an etag is provided on update and does not match the current server's etag of the quota preference, the request will be blocked and an ABORTED error will be returned. See https://google.aip.dev/134#etags for more details on etags. + +* `create_time` - + Create time stamp. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. + +* `update_time` - + Update time stamp. + A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2014-10-02T15:01:23Z` and `2014-10-02T15:01:23.045123456Z`. + +* `reconciling` - + Is the quota preference pending Google Cloud approval and fulfillment. + + +## Timeouts + +This resource provides the following +[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: + +- `create` - Default is 20 minutes. +- `update` - Default is 20 minutes. +- `delete` - Default is 20 minutes. + +## Import + + +QuotaPreference can be imported using any of these accepted formats: + +* `{{parent}}/locations/global/quotaPreferences/{{name}}` + + +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import QuotaPreference using one of the formats above. For example: + +```tf +import { + id = "{{parent}}/locations/global/quotaPreferences/{{name}}" + to = google_cloud_quotas_quota_preference.default +} +``` + +When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), QuotaPreference can be imported using one of the formats above. For example: + +``` +$ terraform import google_cloud_quotas_quota_preference.default {{parent}}/locations/global/quotaPreferences/{{name}} +``` diff --git a/website/docs/r/cloud_run_v2_job.html.markdown b/website/docs/r/cloud_run_v2_job.html.markdown index 90d74c2cba0..5e5ff42b775 100644 --- a/website/docs/r/cloud_run_v2_job.html.markdown +++ b/website/docs/r/cloud_run_v2_job.html.markdown @@ -556,6 +556,11 @@ The following arguments are supported: Ephemeral storage used as a shared volume. Structure is [documented below](#nested_empty_dir). +* `gcs` - + (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)) + Cloud Storage bucket mounted as a volume using GCSFuse. This feature requires the launch stage to be set to ALPHA or BETA. + Structure is [documented below](#nested_gcs). + The `secret` block supports: @@ -605,6 +610,16 @@ The following arguments are supported: (Optional) Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir. +The `gcs` block supports: + +* `bucket` - + (Required) + Name of the cloud storage bucket to back the volume. The resource service account must have permission to access the bucket. + +* `read_only` - + (Optional) + If true, mount this volume as read-only in all mounts. If false, mount this volume as read-write. + The `vpc_access` block supports: * `connector` - diff --git a/website/docs/r/cloud_run_v2_service.html.markdown b/website/docs/r/cloud_run_v2_service.html.markdown index e308ab7a26f..78df38e6532 100644 --- a/website/docs/r/cloud_run_v2_service.html.markdown +++ b/website/docs/r/cloud_run_v2_service.html.markdown @@ -927,7 +927,7 @@ The following arguments are supported: * `gcs` - (Optional) - Represents a GCS Bucket mounted as a volume. + Cloud Storage bucket mounted as a volume using GCSFuse. This feature is only supported in the gen2 execution environment and requires launch-stage to be set to ALPHA or BETA. Structure is [documented below](#nested_gcs). * `nfs` - diff --git a/website/docs/r/composer_environment.html.markdown b/website/docs/r/composer_environment.html.markdown index 81865ec3790..e46ad1f6a9e 100644 --- a/website/docs/r/composer_environment.html.markdown +++ b/website/docs/r/composer_environment.html.markdown @@ -1371,7 +1371,7 @@ The `worker` block supports: (Optional) The amount of memory (GB) for a single Airflow worker. -* `float storage_gb` +* `storage_gb` (Optional) The amount of storage (GB) for a single Airflow worker. @@ -1396,7 +1396,7 @@ The `dag_processor` block supports: (Optional) Memory (GB) request and limit for DAG processor. -* `float storage_gb` +* `storage_gb` (Optional) Storage (GB) request and limit for DAG processor. diff --git a/website/docs/r/compute_disk.html.markdown b/website/docs/r/compute_disk.html.markdown index 2daca63a131..69974d96557 100644 --- a/website/docs/r/compute_disk.html.markdown +++ b/website/docs/r/compute_disk.html.markdown @@ -319,7 +319,7 @@ The following arguments are supported: * `type` - (Required) The type of supported feature. Read [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features) to see a list of available options. - Possible values are: `MULTI_IP_SUBNET`, `SECURE_BOOT`, `SEV_CAPABLE`, `UEFI_COMPATIBLE`, `VIRTIO_SCSI_MULTIQUEUE`, `WINDOWS`, `GVNIC`, `SEV_LIVE_MIGRATABLE`, `SEV_SNP_CAPABLE`, `SUSPEND_RESUME_COMPATIBLE`, `TDX_CAPABLE`. + Possible values are: `MULTI_IP_SUBNET`, `SECURE_BOOT`, `SEV_CAPABLE`, `UEFI_COMPATIBLE`, `VIRTIO_SCSI_MULTIQUEUE`, `WINDOWS`, `GVNIC`, `SEV_LIVE_MIGRATABLE`, `SEV_SNP_CAPABLE`, `SUSPEND_RESUME_COMPATIBLE`, `TDX_CAPABLE`, `SEV_LIVE_MIGRATABLE_V2`. The `source_image_encryption_key` block supports: diff --git a/website/docs/r/compute_instance_group_manager.html.markdown b/website/docs/r/compute_instance_group_manager.html.markdown index 04f576cb43c..b76ff773958 100644 --- a/website/docs/r/compute_instance_group_manager.html.markdown +++ b/website/docs/r/compute_instance_group_manager.html.markdown @@ -329,17 +329,25 @@ The `status` block holds: * `version_target` - A status of consistency of Instances' versions with their target version specified by version field on Instance Group Manager. +* `all_instances_config` - Status of all-instances configuration on the group. + +* `stateful` - Stateful status of the given Instance Group Manager. + The `version_target` block holds: * `version_target` - A bit indicating whether version target has been reached in this managed instance group, i.e. all instances are in their target version. Instances' target version are specified by version field on Instance Group Manager. -* `stateful` - Stateful status of the given Instance Group Manager. +The `all_instances_config` block holds: + +* `effective` - A bit indicating whether this configuration has been applied to all managed instances in the group. + +* `current_revision` - Current all-instances configuration revision. This value is in RFC3339 text format. The `stateful` block holds: * `has_stateful_config` - A bit indicating whether the managed instance group has stateful configuration, that is, if you have configured any items in a stateful policy or in per-instance configs. The group might report that it has no stateful config even when there is still some preserved state on a managed instance, for example, if you have deleted all PICs but not yet applied those deletions. -* `per_instance_configs` - Status of per-instance configs on the instance. +* `per_instance_configs` - Status of per-instance configs on the instances. The `per_instance_configs` block holds: diff --git a/website/docs/r/compute_region_backend_service.html.markdown b/website/docs/r/compute_region_backend_service.html.markdown index a24677719a7..c5d4b8662e9 100644 --- a/website/docs/r/compute_region_backend_service.html.markdown +++ b/website/docs/r/compute_region_backend_service.html.markdown @@ -1119,6 +1119,9 @@ In addition to the arguments listed above, the following computed attributes are * `fingerprint` - Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. + +* `generated_id` - + The unique identifier for the resource. This identifier is defined by the server. * `self_link` - The URI of the created resource. diff --git a/website/docs/r/compute_region_instance_group_manager.html.markdown b/website/docs/r/compute_region_instance_group_manager.html.markdown index eeab8434471..052747cdee7 100644 --- a/website/docs/r/compute_region_instance_group_manager.html.markdown +++ b/website/docs/r/compute_region_instance_group_manager.html.markdown @@ -336,19 +336,27 @@ The `status` block holds: * `is_stable` - A bit indicating whether the managed instance group is in a stable state. A stable state means that: none of the instances in the managed instance group is currently undergoing any type of change (for example, creation, restart, or deletion); no future changes are scheduled for instances in the managed instance group; and the managed instance group itself is not being modified. +* `all_instances_config` - Status of all-instances configuration on the group. + +* `stateful` - Stateful status of the given Instance Group Manager. + * `version_target` - A status of consistency of Instances' versions with their target version specified by version field on Instance Group Manager. The `version_target` block holds: * `version_target` - A bit indicating whether version target has been reached in this managed instance group, i.e. all instances are in their target version. Instances' target version are specified by version field on Instance Group Manager. -* `stateful` - Stateful status of the given Instance Group Manager. +The `all_instances_config` block holds: + +* `effective` - A bit indicating whether this configuration has been applied to all managed instances in the group. + +* `current_revision` - Current all-instances configuration revision. This value is in RFC3339 text format. The `stateful` block holds: * `has_stateful_config` - A bit indicating whether the managed instance group has stateful configuration, that is, if you have configured any items in a stateful policy or in per-instance configs. The group might report that it has no stateful config even when there is still some preserved state on a managed instance, for example, if you have deleted all PICs but not yet applied those deletions. -* `per_instance_configs` - Status of per-instance configs on the instance. +* `per_instance_configs` - Status of per-instance configs on the instances. The `per_instance_configs` block holds: diff --git a/website/docs/r/dataform_repository.html.markdown b/website/docs/r/dataform_repository.html.markdown index 706d4d7581c..1fcef3d3deb 100644 --- a/website/docs/r/dataform_repository.html.markdown +++ b/website/docs/r/dataform_repository.html.markdown @@ -30,20 +30,10 @@ To get more information about Repository, see: * How-to Guides * [Official Documentation](https://cloud.google.com/dataform/docs/) -
- - Open in Cloud Shell - -
## Example Usage - Dataform Repository ```hcl -resource "google_sourcerepo_repository" "git_repository" { - provider = google-beta - name = "my/repository" -} - resource "google_secret_manager_secret" "secret" { provider = google-beta secret_id = "my-secret" @@ -60,7 +50,7 @@ resource "google_secret_manager_secret_version" "secret_version" { secret_data = "secret-data" } -resource "google_dataform_repository" "dataform_respository" { +resource "google_dataform_repository" "dataform_repository" { provider = google-beta name = "dataform_repository" display_name = "dataform_repository" @@ -71,7 +61,7 @@ resource "google_dataform_repository" "dataform_respository" { } git_remote_settings { - url = google_sourcerepo_repository.git_repository.url + url = "https://github.com/OWNER/REPOSITORY.git" default_branch = "main" authentication_token_secret_version = google_secret_manager_secret_version.secret_version.id } @@ -83,58 +73,6 @@ resource "google_dataform_repository" "dataform_respository" { } } ``` -
- - Open in Cloud Shell - -
-## Example Usage - Dataform Repository Ssh - - -```hcl -resource "google_sourcerepo_repository" "git_repository" { - provider = google-beta - name = "my/repository" -} - -resource "google_secret_manager_secret" "secret" { - provider = google-beta - secret_id = "my-secret" - - replication { - auto {} - } -} - -resource "google_secret_manager_secret_version" "secret_version" { - provider = google-beta - secret = google_secret_manager_secret.secret.id - - secret_data = "secret-data" -} - -resource "google_dataform_repository" "dataform_respository" { - provider = google-beta - name = "dataform_repository" - - git_remote_settings { - url = google_sourcerepo_repository.git_repository.url - default_branch = "main" - ssh_authentication_config { - user_private_key_secret_version = google_secret_manager_secret_version.secret_version.id - host_public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAklOUpkDHrfHY17SbrmTIpNLTGK9Tjom/BWDSU" - } - } - - workspace_compilation_overrides { - default_database = "database" - schema_suffix = "_suffix" - table_prefix = "prefix_" - } - - service_account = "1234567890-compute@developer.gserviceaccount.com" -} -``` ## Argument Reference diff --git a/website/docs/r/dataform_repository_iam.html.markdown b/website/docs/r/dataform_repository_iam.html.markdown index 8207c8fac7a..476f8170384 100644 --- a/website/docs/r/dataform_repository_iam.html.markdown +++ b/website/docs/r/dataform_repository_iam.html.markdown @@ -52,9 +52,9 @@ data "google_iam_policy" "admin" { resource "google_dataform_repository_iam_policy" "policy" { provider = google-beta - project = google_dataform_repository.dataform_respository.project - region = google_dataform_repository.dataform_respository.region - repository = google_dataform_repository.dataform_respository.name + project = google_dataform_repository.dataform_repository.project + region = google_dataform_repository.dataform_repository.region + repository = google_dataform_repository.dataform_repository.name policy_data = data.google_iam_policy.admin.policy_data } ``` @@ -64,9 +64,9 @@ resource "google_dataform_repository_iam_policy" "policy" { ```hcl resource "google_dataform_repository_iam_binding" "binding" { provider = google-beta - project = google_dataform_repository.dataform_respository.project - region = google_dataform_repository.dataform_respository.region - repository = google_dataform_repository.dataform_respository.name + project = google_dataform_repository.dataform_repository.project + region = google_dataform_repository.dataform_repository.region + repository = google_dataform_repository.dataform_repository.name role = "roles/viewer" members = [ "user:jane@example.com", @@ -79,9 +79,9 @@ resource "google_dataform_repository_iam_binding" "binding" { ```hcl resource "google_dataform_repository_iam_member" "member" { provider = google-beta - project = google_dataform_repository.dataform_respository.project - region = google_dataform_repository.dataform_respository.region - repository = google_dataform_repository.dataform_respository.name + project = google_dataform_repository.dataform_repository.project + region = google_dataform_repository.dataform_repository.region + repository = google_dataform_repository.dataform_repository.name role = "roles/viewer" member = "user:jane@example.com" } diff --git a/website/docs/r/dataproc_cluster.html.markdown b/website/docs/r/dataproc_cluster.html.markdown index a09753653a0..796a14b262f 100644 --- a/website/docs/r/dataproc_cluster.html.markdown +++ b/website/docs/r/dataproc_cluster.html.markdown @@ -926,7 +926,7 @@ cluster_config { ```hcl cluster_config { endpoint_config { - enable_http_port_access = "true" + enable_http_port_access = true } } ``` diff --git a/website/docs/r/dataproc_metastore_service.html.markdown b/website/docs/r/dataproc_metastore_service.html.markdown index a0ede5a3a8d..ba361fc43ab 100644 --- a/website/docs/r/dataproc_metastore_service.html.markdown +++ b/website/docs/r/dataproc_metastore_service.html.markdown @@ -208,6 +208,47 @@ resource "google_dataproc_metastore_service" "dpms2_scaling_factor" { } } ``` +
+ + Open in Cloud Shell + +
+## Example Usage - Dataproc Metastore Service Scheduled Backup + + +```hcl +resource "google_dataproc_metastore_service" "backup" { + service_id = "backup" + location = "us-central1" + port = 9080 + tier = "DEVELOPER" + + maintenance_window { + hour_of_day = 2 + day_of_week = "SUNDAY" + } + + hive_metastore_config { + version = "2.3.6" + } + + scheduled_backup { + enabled = true + cron_schedule = "0 0 * * *" + time_zone = "UTC" + backup_location = "gs://${google_storage_bucket.bucket.name}" + } + + labels = { + env = "test" + } +} + +resource "google_storage_bucket" "bucket" { + name = "backup" + location = "us-central1" +} +``` ## Argument Reference @@ -249,6 +290,11 @@ The following arguments are supported: Represents the scaling configuration of a metastore service. Structure is [documented below](#nested_scaling_config). +* `scheduled_backup` - + (Optional) + The configuration of scheduled backup for the metastore service. + Structure is [documented below](#nested_scheduled_backup). + * `maintenance_window` - (Optional) The one hour maintenance window of the metastore service. @@ -314,6 +360,24 @@ The following arguments are supported: (Optional) Scaling factor, in increments of 0.1 for values less than 1.0, and increments of 1.0 for values greater than 1.0. +The `scheduled_backup` block supports: + +* `enabled` - + (Optional) + Defines whether the scheduled backup is enabled. The default value is false. + +* `cron_schedule` - + (Optional) + The scheduled interval in Cron format, see https://en.wikipedia.org/wiki/Cron The default is empty: scheduled backup is not enabled. Must be specified to enable scheduled backups. + +* `time_zone` - + (Optional) + Specifies the time zone to be used when interpreting cronSchedule. Must be a time zone name from the time zone database (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), e.g. America/Los_Angeles or Africa/Abidjan. If left unspecified, the default is UTC. + +* `backup_location` - + (Required) + A Cloud Storage URI of a folder, in the format gs:///. A sub-folder containing backup files will be stored below it. + The `maintenance_window` block supports: * `hour_of_day` - diff --git a/website/docs/r/firebase_android_app.html.markdown b/website/docs/r/firebase_android_app.html.markdown index ba6ae7f2d7d..2aa73052a22 100644 --- a/website/docs/r/firebase_android_app.html.markdown +++ b/website/docs/r/firebase_android_app.html.markdown @@ -84,14 +84,14 @@ The following arguments are supported: (Required) The user-assigned display name of the AndroidApp. +* `package_name` - + (Required) + The canonical package name of the Android app as would appear in the Google Play + Developer Console. -- - - +- - - -* `package_name` - - (Optional) - Immutable. The canonical package name of the Android app as would appear in the Google Play - Developer Console. * `sha1_hashes` - (Optional) diff --git a/website/docs/r/firebase_app_check_service_config.html.markdown b/website/docs/r/firebase_app_check_service_config.html.markdown index c21b99f9e5f..49a054fe72a 100644 --- a/website/docs/r/firebase_app_check_service_config.html.markdown +++ b/website/docs/r/firebase_app_check_service_config.html.markdown @@ -75,7 +75,7 @@ resource "google_project_service" "appcheck" { resource "google_firebase_app_check_service_config" "default" { project = "my-project-name" - service_id = "firebasedatabase.googleapis.com" + service_id = "identitytoolkit.googleapis.com" enforcement_mode = "UNENFORCED" depends_on = [google_project_service.appcheck] diff --git a/website/docs/r/firestore_index.html.markdown b/website/docs/r/firestore_index.html.markdown index 9694660de22..90cafe36a05 100644 --- a/website/docs/r/firestore_index.html.markdown +++ b/website/docs/r/firestore_index.html.markdown @@ -42,48 +42,20 @@ will be the same as the App Engine location specified. ```hcl -resource "google_project" "project" { - project_id = "project-id" - name = "project-id" - org_id = "123456789" -} - -resource "time_sleep" "wait_60_seconds" { - depends_on = [google_project.project] - - create_duration = "60s" -} - -resource "google_project_service" "firestore" { - project = google_project.project.project_id - service = "firestore.googleapis.com" - - # Needed for CI tests for permissions to propagate, should not be needed for actual usage - depends_on = [time_sleep.wait_60_seconds] -} - resource "google_firestore_database" "database" { - project = google_project.project.project_id - name = "(default)" + project = "my-project-name" + name = "database-id" location_id = "nam5" type = "FIRESTORE_NATIVE" - depends_on = [google_project_service.firestore] -} - -# Creating a document also creates its collection -resource "google_firestore_document" "document" { - project = google_project.project.project_id - database = google_firestore_database.database.name - collection = "somenewcollection" - document_id = "" - fields = "{\"something\":{\"mapValue\":{\"fields\":{\"akey\":{\"stringValue\":\"avalue\"}}}}}" + delete_protection_state = "DELETE_PROTECTION_DISABLED" + deletion_policy = "DELETE" } resource "google_firestore_index" "my-index" { - project = google_project.project.project_id + project = "my-project-name" database = google_firestore_database.database.name - collection = google_firestore_document.document.collection + collection = "atestcollection" fields { field_path = "name" @@ -94,17 +66,26 @@ resource "google_firestore_index" "my-index" { field_path = "description" order = "DESCENDING" } - } ``` ## Example Usage - Firestore Index Datastore Mode ```hcl +resource "google_firestore_database" "database" { + project = "my-project-name" + name = "database-id-dm" + location_id = "nam5" + type = "DATASTORE_MODE" + + delete_protection_state = "DELETE_PROTECTION_DISABLED" + deletion_policy = "DELETE" +} + resource "google_firestore_index" "my-index" { - project = "my-project-name" - database = "(default)" - collection = "chatrooms" + project = "my-project-name" + database = google_firestore_database.database.name + collection = "atestcollection" query_scope = "COLLECTION_RECURSIVE" api_scope = "DATASTORE_MODE_API" diff --git a/website/docs/r/google_project_iam.html.markdown b/website/docs/r/google_project_iam.html.markdown index 33ee748e341..642b062ec3f 100644 --- a/website/docs/r/google_project_iam.html.markdown +++ b/website/docs/r/google_project_iam.html.markdown @@ -301,4 +301,4 @@ The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/c ``` terraform import google_project_iam_audit_config.default "{{project_id}} foo.googleapis.com" -``` \ No newline at end of file +``` diff --git a/website/docs/r/integrations_client.html.markdown b/website/docs/r/integrations_client.html.markdown new file mode 100644 index 00000000000..52efc440325 --- /dev/null +++ b/website/docs/r/integrations_client.html.markdown @@ -0,0 +1,200 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in +# .github/CONTRIBUTING.md. +# +# ---------------------------------------------------------------------------- +subcategory: "Application Integration" +description: |- + Application Integration Client. +--- + +# google\_integrations\_client + +Application Integration Client. + + +To get more information about Client, see: + +* [API documentation](https://cloud.google.com/application-integration/docs/reference/rest/v1/projects.locations.clients) +* How-to Guides + * [Official Documentation](https://cloud.google.com/application-integration/docs/overview) + * [Set up Application Integration](https://cloud.google.com/application-integration/docs/setup-application-integration) + +
+ + Open in Cloud Shell + +
+## Example Usage - Integrations Client Basic + + +```hcl +resource "google_integrations_client" "example" { + location = "us-central1" +} +``` +
+ + Open in Cloud Shell + +
+## Example Usage - Integrations Client Advance + + +```hcl +data "google_project" "test_project" { +} + +resource "google_kms_key_ring" "keyring" { + name = "my-keyring" + location = "us-central1" +} + +resource "google_kms_crypto_key" "cryptokey" { + name = "crypto-key-example" + key_ring = google_kms_key_ring.keyring.id + rotation_period = "7776000s" + depends_on = [google_kms_key_ring.keyring] +} + +resource "google_kms_crypto_key_version" "test_key" { + crypto_key = google_kms_crypto_key.cryptokey.id + depends_on = [google_kms_crypto_key.cryptokey] +} + +resource "google_integrations_client" "example" { + location = "us-central1" + create_sample_workflows = true + provision_gmek = true + run_as_service_account = "radndom-service-account" + cloud_kms_config { + kms_location = "us-central1" + kms_ring = google_kms_key_ring.keyring.id + key = google_kms_crypto_key.cryptokey.id + key_version = google_kms_crypto_key_version.test_key.id + kms_project_id = data.google_project.test_project.id + } + depends_on = [google_kms_crypto_key_version.test_key] +} +``` + +## Argument Reference + +The following arguments are supported: + + +* `location` - + (Required) + Location in which client needs to be provisioned. + + +- - - + + +* `cloud_kms_config` - + (Optional) + Cloud KMS config for AuthModule to encrypt/decrypt credentials. + Structure is [documented below](#nested_cloud_kms_config). + +* `create_sample_workflows` - + (Optional) + Indicates if sample workflow should be created along with provisioning. + +* `provision_gmek` - + (Optional) + Indicates provision with GMEK or CMEK. + +* `run_as_service_account` - + (Optional) + User input run-as service account, if empty, will bring up a new default service account. + +* `project` - (Optional) The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + + +The `cloud_kms_config` block supports: + +* `kms_location` - + (Required) + Location name of the key ring, e.g. "us-west1". + +* `kms_ring` - + (Required) + A key ring organizes keys in a specific Google Cloud location and allows you to + manage access control on groups of keys. A key ring's name does not need to be + unique across a Google Cloud project, but must be unique within a given location. + +* `key` - + (Required) + A Cloud KMS key is a named object containing one or more key versions, along + with metadata for the key. A key exists on exactly one key ring tied to a + specific location. + +* `key_version` - + (Optional) + Each version of a key contains key material used for encryption or signing. + A key's version is represented by an integer, starting at 1. To decrypt data + or verify a signature, you must use the same key version that was used to + encrypt or sign the data. + +* `kms_project_id` - + (Optional) + The Google Cloud project id of the project where the kms key stored. If empty, + the kms key is stored at the same project as customer's project and ecrypted + with CMEK, otherwise, the kms key is stored in the tenant project and + encrypted with GMEK. + +## Attributes Reference + +In addition to the arguments listed above, the following computed attributes are exported: + +* `id` - an identifier for the resource with format `projects/{{project}}/locations/{{location}}/clients` + + +## Timeouts + +This resource provides the following +[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: + +- `create` - Default is 20 minutes. +- `delete` - Default is 20 minutes. + +## Import + + +Client can be imported using any of these accepted formats: + +* `projects/{{project}}/locations/{{location}}/clients` +* `{{project}}/{{location}}` +* `{{location}}` + + +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Client using one of the formats above. For example: + +```tf +import { + id = "projects/{{project}}/locations/{{location}}/clients" + to = google_integrations_client.default +} +``` + +When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), Client can be imported using one of the formats above. For example: + +``` +$ terraform import google_integrations_client.default projects/{{project}}/locations/{{location}}/clients +$ terraform import google_integrations_client.default {{project}}/{{location}} +$ terraform import google_integrations_client.default {{location}} +``` + +## User Project Overrides + +This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override). diff --git a/website/docs/r/monitoring_alert_policy.html.markdown b/website/docs/r/monitoring_alert_policy.html.markdown index f62cf08cb7f..1f5d075d975 100644 --- a/website/docs/r/monitoring_alert_policy.html.markdown +++ b/website/docs/r/monitoring_alert_policy.html.markdown @@ -907,6 +907,7 @@ The following arguments are supported: * `period` - (Optional) Not more than one notification per period. + A duration in seconds with up to nine fractional digits, terminated by 's'. Example "60.5s". The `notification_channel_strategy` block supports: diff --git a/website/docs/r/network_security_firewall_endpoint.html.markdown b/website/docs/r/network_security_firewall_endpoint.html.markdown index e3b823ba1f5..2e6f150405b 100644 --- a/website/docs/r/network_security_firewall_endpoint.html.markdown +++ b/website/docs/r/network_security_firewall_endpoint.html.markdown @@ -35,6 +35,12 @@ To get more information about FirewallEndpoint, see: * [Firewall endpoint overview](https://cloud.google.com/firewall/docs/about-firewall-endpoints) * [Create and associate firewall endpoints](https://cloud.google.com/firewall/docs/configure-firewall-endpoints) +~> **Warning:** If you are using User ADCs (Application Default Credentials) with this resource, +you must specify a `billing_project` and set `user_project_override` to true +in the provider configuration. Otherwise the ACM API will return a 403 error. +Your account must have the `serviceusage.services.use` permission on the +`billing_project` you defined. + ## Example Usage - Network Security Firewall Endpoint Basic @@ -56,6 +62,10 @@ resource "google_network_security_firewall_endpoint" "default" { The following arguments are supported: +* `billing_project_id` - + (Required) + Project to bill on endpoint uptime usage. + * `name` - (Required) The name of the firewall endpoint resource. diff --git a/website/docs/r/pubsub_topic.html.markdown b/website/docs/r/pubsub_topic.html.markdown index 622210ed41d..3d1a678f65d 100644 --- a/website/docs/r/pubsub_topic.html.markdown +++ b/website/docs/r/pubsub_topic.html.markdown @@ -108,6 +108,29 @@ resource "google_pubsub_topic" "example" { } } ``` +
+ + Open in Cloud Shell + +
+## Example Usage - Pubsub Topic Ingestion Kinesis + + +```hcl +resource "google_pubsub_topic" "example" { + name = "example-topic" + + # Outside of automated terraform-provider-google CI tests, these values must be of actual AWS resources for the test to pass. + ingestion_data_source_settings { + aws_kinesis { + stream_arn = "arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name" + consumer_arn = "arn:aws:kinesis:us-west-2:111111111111:stream/fake-stream-name/consumer/consumer-1:1111111111" + aws_role_arn = "arn:aws:iam::111111111111:role/fake-role-name" + gcp_service_account = "fake-service-account@fake-gcp-project.iam.gserviceaccount.com" + } + } +} +``` ## Argument Reference @@ -160,6 +183,11 @@ The following arguments are supported: The rotation period has the format of a decimal number, followed by the letter `s` (seconds). Cannot be more than 31 days or less than 10 minutes. +* `ingestion_data_source_settings` - + (Optional) + Settings for ingestion from a data source into this topic. + Structure is [documented below](#nested_ingestion_data_source_settings). + * `project` - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used. @@ -190,6 +218,39 @@ The following arguments are supported: Default value is `ENCODING_UNSPECIFIED`. Possible values are: `ENCODING_UNSPECIFIED`, `JSON`, `BINARY`. +The `ingestion_data_source_settings` block supports: + +* `aws_kinesis` - + (Optional) + Settings for ingestion from Amazon Kinesis Data Streams. + Structure is [documented below](#nested_aws_kinesis). + + +The `aws_kinesis` block supports: + +* `stream_arn` - + (Required) + The Kinesis stream ARN to ingest data from. + +* `consumer_arn` - + (Required) + The Kinesis consumer ARN to used for ingestion in + Enhanced Fan-Out mode. The consumer must be already + created and ready to be used. + +* `aws_role_arn` - + (Required) + AWS role ARN to be used for Federated Identity authentication with + Kinesis. Check the Pub/Sub docs for how to set up this role and the + required permissions that need to be attached to it. + +* `gcp_service_account` - + (Required) + The GCP service account to be used for Federated Identity authentication + with Kinesis (via a `AssumeRoleWithWebIdentity` call for the provided + role). The `awsRoleArn` must be set up with `accounts.google.com:sub` + equals to this service account number. + ## Attributes Reference In addition to the arguments listed above, the following computed attributes are exported: diff --git a/website/docs/r/storage_bucket.html.markdown b/website/docs/r/storage_bucket.html.markdown index 2389ac04bf5..58e1e1cf505 100644 --- a/website/docs/r/storage_bucket.html.markdown +++ b/website/docs/r/storage_bucket.html.markdown @@ -133,6 +133,8 @@ The following arguments are supported: * `custom_placement_config` - (Optional) The bucket's custom location configuration, which specifies the individual regions that comprise a dual-region bucket. If the bucket is designated a single or multi-region, the parameters are empty. Structure is [documented below](#nested_custom_placement_config). +* `soft_delete_policy` - (Optional, Computed) The bucket's soft delete policy, which defines the period of time that soft-deleted objects will be retained, and cannot be permanently deleted. If the block is not provided, Server side value will be kept which means removal of block won't generate any terraform change. Structure is [documented below](#nested_soft_delete_policy). + The `lifecycle_rule` block supports: * `action` - (Required) The Lifecycle Rule's action configuration. A single block of this type is supported. Structure is [documented below](#nested_action). @@ -233,6 +235,12 @@ The following arguments are supported: * `data_locations` - (Required) The list of individual regions that comprise a dual-region bucket. See [Cloud Storage bucket locations](https://cloud.google.com/storage/docs/dual-regions#availability) for a list of acceptable regions. **Note**: If any of the data_locations changes, it will [recreate the bucket](https://cloud.google.com/storage/docs/locations#key-concepts). +The `soft_delete_policy` block supports: + +* `retention_duration_seconds` - (Optional, Default: 604800) The duration in seconds that soft-deleted objects in the bucket will be retained and cannot be permanently deleted. Default value is 604800. The value must be in between 604800(7 days) and 7776000(90 days). **Note**: To disable the soft delete policy on a bucket, This field must be set to 0. + +* `effective_time` - (Computed) Server-determined value that indicates the time from which the policy, or one with a greater retention, was effective. This value is in RFC 3339 format. + ## Attributes Reference In addition to the arguments listed above, the following computed attributes are diff --git a/website/docs/r/vpc_access_connector.html.markdown b/website/docs/r/vpc_access_connector.html.markdown index 846e4131f76..843310a5c95 100644 --- a/website/docs/r/vpc_access_connector.html.markdown +++ b/website/docs/r/vpc_access_connector.html.markdown @@ -100,19 +100,26 @@ The following arguments are supported: * `min_throughput` - (Optional) - Minimum throughput of the connector in Mbps. Default and min is 200. + Minimum throughput of the connector in Mbps. Default and min is 200. Refers to the expected throughput when using an e2-micro machine type. + Value must be a multiple of 100 from 200 through 900. Must be lower than the value specified by max_throughput. If both min_throughput and + min_instances are provided, min_instances takes precedence over min_throughput. The use of min_throughput is discouraged in favor of min_instances. * `min_instances` - (Optional) - Minimum value of instances in autoscaling group underlying the connector. + Minimum value of instances in autoscaling group underlying the connector. Value must be between 2 and 9, inclusive. Must be + lower than the value specified by max_instances. * `max_instances` - (Optional) - Maximum value of instances in autoscaling group underlying the connector. + Maximum value of instances in autoscaling group underlying the connector. Value must be between 3 and 10, inclusive. Must be + higher than the value specified by min_instances. * `max_throughput` - (Optional) - Maximum throughput of the connector in Mbps, must be greater than `min_throughput`. Default is 300. + Maximum throughput of the connector in Mbps, must be greater than `min_throughput`. Default is 300. Refers to the expected throughput + when using an e2-micro machine type. Value must be a multiple of 100 from 300 through 1000. Must be higher than the value specified by + min_throughput. If both max_throughput and max_instances are provided, max_instances takes precedence over max_throughput. The use of + max_throughput is discouraged in favor of max_instances. * `subnet` - (Optional) diff --git a/website/docs/r/workstations_workstation_config.html.markdown b/website/docs/r/workstations_workstation_config.html.markdown index 0cb74ccda21..9c88fb80698 100644 --- a/website/docs/r/workstations_workstation_config.html.markdown +++ b/website/docs/r/workstations_workstation_config.html.markdown @@ -406,6 +406,72 @@ resource "google_workstations_workstation_config" "default" { } } ``` +
+ + Open in Cloud Shell + +
+## Example Usage - Workstation Config Boost + + +```hcl +resource "google_compute_network" "default" { + provider = google-beta + name = "workstation-cluster" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "default" { + provider = google-beta + name = "workstation-cluster" + ip_cidr_range = "10.0.0.0/24" + region = "us-central1" + network = google_compute_network.default.name +} + +resource "google_workstations_workstation_cluster" "default" { + provider = google-beta + workstation_cluster_id = "workstation-cluster" + network = google_compute_network.default.id + subnetwork = google_compute_subnetwork.default.id + location = "us-central1" + + labels = { + "label" = "key" + } + + annotations = { + label-one = "value-one" + } +} + +resource "google_workstations_workstation_config" "default" { + provider = google-beta + workstation_config_id = "workstation-config" + workstation_cluster_id = google_workstations_workstation_cluster.default.workstation_cluster_id + location = "us-central1" + + host { + gce_instance { + machine_type = "e2-standard-4" + boot_disk_size_gb = 35 + disable_public_ip_addresses = true + boost_configs { + id = "boost-1" + machine_type = "n1-standard-2" + accelerators { + type = "nvidia-tesla-t4" + count = "1" + } + } + boost_configs { + id = "boost-1" + machine_type = "e2-standard-2" + } + } + } +} +```
Open in Cloud Shell @@ -654,6 +720,11 @@ The following arguments are supported: An accelerator card attached to the instance. Structure is [documented below](#nested_accelerators). +* `boost_configs` - + (Optional) + A list of the boost configurations that workstations created using this workstation configuration are allowed to use. + Structure is [documented below](#nested_boost_configs). + The `shielded_instance_config` block supports: @@ -677,6 +748,32 @@ The following arguments are supported: The `accelerators` block supports: +* `type` - + (Required) + Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100". + +* `count` - + (Required) + Number of accelerator cards exposed to the instance. + +The `boost_configs` block supports: + +* `id` - + (Required) + The id to be used for the boost config. + +* `machine_type` - + (Optional) + The type of machine that boosted VM instances will use—for example, e2-standard-4. For more information about machine types that Cloud Workstations supports, see the list of available machine types https://cloud.google.com/workstations/docs/available-machine-types. Defaults to e2-standard-4. + +* `accelerators` - + (Optional) + An accelerator card attached to the boost instance. + Structure is [documented below](#nested_accelerators). + + +The `accelerators` block supports: + * `type` - (Required) Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".