Add new Resource Cloudids Endpoint

mmv1/products/cloudids/api.yaml

@@ -0,0 +1,108 @@
+# Copyright 2022 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+--- !ruby/object:Api::Product
+name: CloudIds
+display_name: Cloud Intrusion Detection Service
+versions:
+  - !ruby/object:Api::Product::Version
+    name: ga
+    base_url: https://ids.googleapis.com/v1/
+scopes:
+  - https://www.googleapis.com/auth/cloudids
+apis_required:
+  - !ruby/object:Api::Product::ApiReference
+    name: Cloud Key Management Service (KMS) API
+    url: https://console.cloud.google.com/apis/library/ids.googleapis.com/
+async: !ruby/object:Api::OpAsync
+  operation: !ruby/object:Api::OpAsync::Operation
+    path: 'name'
+    base_url: '{{op_id}}'
+    wait_ms: 1000
+  result: !ruby/object:Api::OpAsync::Result
+    path: 'response'
+    resource_inside_response: true
+  status: !ruby/object:Api::OpAsync::Status
+    path: 'done'
+    complete: true
+    allowed:
+      - true
+      - false
+  error: !ruby/object:Api::OpAsync::Error
+    path: 'error'
+    message: 'message'
+objects:
+  - !ruby/object:Api::Resource
+    name: 'Endpoint'
+    base_url: 'projects/{{project}}/locations/{{location}}/endpoints'
+    create_url: 'projects/{{project}}/locations/{{location}}/endpoints?endpointId={{name}}'
+    self_link: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}'
+    create_verb: :POST
+    description: |
+      Cloud IDS is an intrusion detection service that provides threat detection for intrusions, malware, spyware, and command-and-control attacks on your network.
+    references: !ruby/object:Api::Resource::ReferenceLinks
+      api: 'https://cloud.google.com/intrusion-detection-system/docs/configuring-ids'
+    parameters:
+      - !ruby/object:Api::Type::String
+        name: 'location'
+        required: true
+        url_param_only: true
+        description: |
+          The location for the endpoint.
+    properties:
+      - !ruby/object:Api::Type::String
+        name: 'name'
+        required: true
+        input: true
+        description: |
+          Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.
+      - !ruby/object:Api::Type::String
+        name: 'createTime'
+        output: true
+        description: |
+          Creation timestamp in RFC 3339 text format.
+      - !ruby/object:Api::Type::String
+        name: 'updateTime'
+        output: true
+        description: |
+          Last update timestamp in RFC 3339 text format.
+      - !ruby/object:Api::Type::String
+        name: 'network'
+        required: true
+        description: |
+          Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").
+      - !ruby/object:Api::Type::String
+        name: 'description'
+        description: |
+          An optional description of the endpoint.
+      - !ruby/object:Api::Type::String
+        name: 'endpoint_forwarding_rule'
+        output: true
+        description: |
+          URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.
+      - !ruby/object:Api::Type::String
+        name: 'endpoint'
+        output: true
+        description: |
+          Internal IP address of the endpoint's network entry point.
+      - !ruby/object:Api::Type::Enum
+        name: 'severity'
+        required: true
+        description: |
+          The minimum alert severity level that is reported by the endpoint.
+        values:
+          - :INFORMATIONAL
+          - :LOW
+          - :MEDIUM
+          - :HIGH
+          - :CRITICAL

mmv1/products/cloudids/terraform.yaml

@@ -0,0 +1,31 @@
+# Copyright 2022 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+--- !ruby/object:Provider::Terraform::Config
+overrides: !ruby/object:Overrides::ResourceOverrides
+  Endpoint:  !ruby/object:Overrides::Terraform::ResourceOverride
+    id_format: 'projects/{{project}}/locations/{{location}}/endpoints/{{name}}'
+    base_url: projects/{{project}}/locations/{{location}}/endpoints
+    import_format: ["projects/{{project}}/locations/{{location}}/endpoints/{{name}}"]
+    autogen_async: true
+    examples:
+      - !ruby/object:Provider::Terraform::Examples
+        name: "cloudids_endpoint"
+        primary_resource_id: "example-endpoint"
+        skip_test: true
+    properties:
+      location: !ruby/object:Overrides::Terraform::PropertyOverride
+        ignore_read: true
+      name: !ruby/object:Overrides::Terraform::PropertyOverride
+        custom_flatten: 'templates/terraform/custom_flatten/name_from_self_link.erb'
+        custom_expand: 'templates/terraform/custom_expand/shortname_to_url.go.erb'

mmv1/templates/terraform/examples/cloudids_endpoint.tf.erb

@@ -0,0 +1,23 @@
+resource "google_compute_network" "default" {
+	name = "tf-test-my-network"
+}
+resource "google_compute_global_address" "service_range" {
+	name          = "address"
+	purpose       = "VPC_PEERING"
+	address_type  = "INTERNAL"
+	prefix_length = 16
+	network       = google_compute_network.default.id
+}
+resource "google_service_networking_connection" "private_service_connection" {
+	network                 = google_compute_network.default.id
+	service                 = "servicenetworking.googleapis.com"
+	reserved_peering_ranges = [google_compute_global_address.service_range.name]
+}
+
+resource "google_cloud_ids_endpoint" "<%= ctx[:primary_resource_id] %>" {
+    name     = "test"
+    location = "us-central1-f"
+    network  = google_compute_network.default.id
+    severity = "INFORMATIONAL"
+    depends_on = [google_service_networking_connection.private_service_connection]
+}

mmv1/third_party/terraform/tests/resource_cloudids_endpoint_test.go

@@ -0,0 +1,95 @@
+package google
+
+import (
+	"fmt"
+	"strings"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+)
+
+func TestCloudIdsEndpoint_basic(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"random_suffix": randString(t, 10),
+	}
+
+	vcrTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckCloudIdsEndpointDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testCloudIds_basic(context),
+			},
+			{
+				ResourceName:      "google_cloud_ids_endpoint.endpoint",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func testCloudIds_basic(context map[string]interface{}) string {
+	return Nprintf(`
+resource "google_compute_network" "default" {
+	name = "tf-test-my-network%{random_suffix}"
+}
+resource "google_compute_global_address" "service_range" {
+	name          = "address"
+	purpose       = "VPC_PEERING"
+	address_type  = "INTERNAL"
+	prefix_length = 16
+	network       = google_compute_network.default.id
+}
+resource "google_service_networking_connection" "private_service_connection" {
+	network                 = google_compute_network.default.id
+	service                 = "servicenetworking.googleapis.com"
+	reserved_peering_ranges = [google_compute_global_address.service_range.name]
+}
+
+resource "google_cloud_ids_endpoint" "endpoint" {
+	name     = "cloud-ids-test-%{random_suffix}"
+	location = "us-central1-f"
+	network  = google_compute_network.default.id
+	severity = "INFORMATIONAL"
+	depends_on = [google_service_networking_connection.private_service_connection]
+}
+`, context)
+}
+
+func testAccCheckCloudIdsEndpointDestroyProducer(t *testing.T) func(s *terraform.State) error {
+	return func(s *terraform.State) error {
+		for name, rs := range s.RootModule().Resources {
+			if rs.Type != "google_cloud_ids_endpoint" {
+				continue
+			}
+			if strings.HasPrefix(name, "data.") {
+				continue
+			}
+
+			config := googleProviderConfig(t)
+
+			url, err := replaceVarsForTest(config, rs, "{{CloudIdsBasePath}}projects/{{project}}/locations/{{location}}/endpoints/{{name}}")
+			if err != nil {
+				return err
+			}
+
+			billingProject := ""
+
+			if config.BillingProject != "" {
+				billingProject = config.BillingProject
+			}
+
+			_, err = sendRequest(config, "GET", billingProject, url, config.userAgent, nil)
+			if err == nil {
+				return fmt.Errorf("CloudIdsEndpoint still exists at %s", url)
+			}
+		}
+
+		return nil
+	}
+}