Adds IPsec tunnel health_check_direction & health_check_rate paramete…

…rs to cloudflare_ipsec_tunnel

.changelog/3112.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+cloudflare_ipsec_tunnel: Adds IPsec tunnel health_check_direction & health_check_rate parameters
+```

docs/resources/ipsec_tunnel.md

@@ -45,6 +45,8 @@ resource "cloudflare_ipsec_tunnel" "example" {
 - `health_check_enabled` (Boolean) Specifies if ICMP tunnel health checks are enabled. Default: `true`.
 - `health_check_target` (String) The IP address of the customer endpoint that will receive tunnel health checks. Default: `<customer_gre_endpoint>`.
 - `health_check_type` (String) Specifies the ICMP echo type for the health check (`request` or `reply`). Available values: `request`, `reply` Default: `reply`.
+- `health_check_direction` (String) Specifies the direction for the health check  (`unidirectional` or `bidirectional`). Available values: `unidirectional`, `bidirectional` Default: `unidirectional`.
+- `health_check_rate` (String) Specifies the ICMP rate for the health check (`low`, `mid` or `high`). Available values: `low`, `mid`, `high` Default: `mid`.
 - `hex_id` (String) `remote_id` as a hex string. This value is generated by cloudflare.
 - `psk` (String, Sensitive) Pre shared key to be used with the IPsec tunnel. If left unset, it will be autogenerated.
 - `remote_id` (String) ID to be used while setting up the IPsec tunnel. This value is generated by cloudflare.

internal/sdkv2provider/resource_cloudflare_ipsec_tunnel.go

@@ -100,6 +100,8 @@ func resourceCloudflareIPsecTunnelRead(ctx context.Context, d *schema.ResourceDa
 	d.Set("health_check_enabled", tunnel.HealthCheck.Enabled)
 	d.Set("health_check_target", tunnel.HealthCheck.Target)
 	d.Set("health_check_type", tunnel.HealthCheck.Type)
+	d.Set("health_check_direction", tunnel.HealthCheck.Direction)
+	d.Set("health_check_rate", tunnel.HealthCheck.Rate)
 	d.Set("allow_null_cipher", tunnel.AllowNullCipher)
 
 	// Set Remote Identities
@@ -176,5 +178,45 @@ func IPsecTunnelFromResource(d *schema.ResourceData) cloudflare.MagicTransitIPse
 		tunnel.AllowNullCipher = allowNullCipher.(bool)
 	}
 
+	healthcheck := IPsecTunnelHealthcheckFromResource(d)
+	if healthcheck != nil {
+		tunnel.HealthCheck = healthcheck
+	}
+
 	return tunnel
 }
+
+func IPsecTunnelHealthcheckFromResource(d *schema.ResourceData) *cloudflare.MagicTransitTunnelHealthcheck {
+	healthcheck := cloudflare.MagicTransitTunnelHealthcheck{}
+
+	healthcheckEnabled, healthcheckEnabledOk := d.GetOk("health_check_enabled")
+	if healthcheckEnabledOk {
+		healthcheck.Enabled = healthcheckEnabled.(bool)
+	}
+
+	healthcheckTarget, healthcheckTargetOk := d.GetOk("health_check_target")
+	if healthcheckTargetOk {
+		healthcheck.Target = healthcheckTarget.(string)
+	}
+
+	healthcheckType, healthcheckTypeOk := d.GetOk("health_check_type")
+	if healthcheckTypeOk {
+		healthcheck.Type = healthcheckType.(string)
+	}
+
+	healthcheckDirection, healthcheckDirectionOk := d.GetOk("health_check_direction")
+	if healthcheckDirectionOk {
+		healthcheck.Direction = healthcheckDirection.(string)
+	}
+
+	healthcheckRate, healthcheckRateOk := d.GetOk("health_check_rate")
+	if healthcheckRateOk {
+		healthcheck.Rate = healthcheckRate.(string)
+	}
+
+	if healthcheckEnabledOk || healthcheckTargetOk || healthcheckTypeOk || healthcheckDirectionOk || healthcheckRateOk {
+		return &healthcheck
+	}
+
+	return nil
+}

internal/sdkv2provider/resource_cloudflare_ipsec_tunnel_test.go

@@ -39,6 +39,8 @@ func TestAccCloudflareIPsecTunnelExists(t *testing.T) {
 					resource.TestCheckResourceAttr(name, "health_check_enabled", "true"),
 					resource.TestCheckResourceAttr(name, "health_check_target", "203.0.113.1"),
 					resource.TestCheckResourceAttr(name, "health_check_type", "request"),
+					resource.TestCheckResourceAttr(name, "health_check_direction", "unidirectional"),
+					resource.TestCheckResourceAttr(name, "health_check_rate", "mid"),
 					resource.TestCheckResourceAttr(name, "psk", "asdf1234"),
 					resource.TestCheckResourceAttr(name, "allowNullCipher", "false"),
 				),
@@ -140,13 +142,15 @@ func testAccCheckCloudflareIPsecTunnelSimple(ID, description, accountID, psk str
   resource "cloudflare_ipsec_tunnel" "%[1]s" {
 	account_id = "%[3]s"
 	name = "%[2]s"
-	customer_endpoint = "203.0.113.1"
-	cloudflare_endpoint = "162.159.64.41"
+	customer_endpoint = "1.2.3.4"
+	cloudflare_endpoint = "162.159.66.49"
 	interface_address = "10.212.0.9/31"
 	description = "%[2]s"
 	health_check_enabled = true
 	health_check_target = "203.0.113.1"
 	health_check_type = "request"
+    health_check_direction = "unidirectional"
+    health_check_rate = "mid"
 	psk = "%[4]s"
 	allow_null_cipher = false
   }`, ID, description, accountID, psk)

internal/sdkv2provider/schema_cloudflare_ipsec_tunnel.go

@@ -60,6 +60,20 @@ func resourceCloudflareIPsecTunnelSchema() map[string]*schema.Schema {
 			ValidateFunc: validation.StringInSlice([]string{"request", "reply"}, false),
 			Description:  fmt.Sprintf("Specifies the ICMP echo type for the health check (`request` or `reply`). %s Default: `reply`.", renderAvailableDocumentationValuesStringSlice([]string{"request", "reply"})),
 		},
+		"health_check_direction": {
+			Type:         schema.TypeString,
+			Optional:     true,
+			Computed:     true,
+			ValidateFunc: validation.StringInSlice([]string{"unidirectional", "bidirectional"}, false),
+			Description:  fmt.Sprintf("Specifies the direction for the health check (`unidirectional` or `bidirectional`). %s Default: `unidirectional`.", renderAvailableDocumentationValuesStringSlice([]string{"unidirectional", "bidirectional"})),
+		},
+		"health_check_rate": {
+			Type:         schema.TypeString,
+			Optional:     true,
+			Computed:     true,
+			ValidateFunc: validation.StringInSlice([]string{"low", "mid", "high"}, false),
+			Description:  fmt.Sprintf("Specifies the ICMP rate for the health check (`low`, `mid` or `high`). %s Default: `mid`.", renderAvailableDocumentationValuesStringSlice([]string{"low", "mid", "high"})),
+		},
 		"psk": {
 			Type:        schema.TypeString,
 			Optional:    true,