Add support for network_firewall_policy_association and region_networ…

…k_firewall_policy_association (GoogleCloudPlatform#6796) Co-authored-by: Riley Karson <rileykarson@google.com> Co-authored-by: Ghaleb Al-habian <galhabian@google.com>
hao-nan-li · Dec 6, 2022 · 338f466 · 338f466
1 parent af076c6
commit 338f466
Show file tree

Hide file tree

Showing 9 changed files with 188 additions and 0 deletions.
diff --git a/tpgtools/overrides/compute/beta/network_firewall_policy_association.yaml b/tpgtools/overrides/compute/beta/network_firewall_policy_association.yaml
@@ -0,0 +1,33 @@
+- type: CUSTOM_RESOURCE_NAME
+  details:
+    title: region_network_firewall_policy_association
+  location: region
+- type: EXCLUDE
+  field: location
+  location: global
+- type: EXCLUDE
+  field: region
+- type: CUSTOM_NAME
+  details:
+    name: region
+  field: location
+- type: CUSTOM_ID
+  details:
+    id: "projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/associations/{{name}}"
+  location: region
+- type: CUSTOM_ID
+  details:
+    id: "projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}"
+  location: global  
+- type: IMPORT_FORMAT
+  details:
+    formats:
+    - "projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/associations/{{name}}"
+    - "{{project}}/{{region}}/{{firewall_policy}}/{{name}}"
+  location: region
+- type: IMPORT_FORMAT
+  details:
+    formats:
+    - "projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}"
+    - "{{project}}/{{firewall_policy}}/{{name}}"
+  location: global 
diff --git a/tpgtools/overrides/compute/network_firewall_policy_association.yaml b/tpgtools/overrides/compute/network_firewall_policy_association.yaml
@@ -0,0 +1,33 @@
+- type: CUSTOM_RESOURCE_NAME
+  details:
+    title: region_network_firewall_policy_association
+  location: region
+- type: EXCLUDE
+  field: location
+  location: global
+- type: EXCLUDE
+  field: region
+- type: CUSTOM_NAME
+  details:
+    name: region
+  field: location
+- type: CUSTOM_ID
+  details:
+    id: "projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/associations/{{name}}"
+  location: region
+- type: CUSTOM_ID
+  details:
+    id: "projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}"
+  location: global  
+- type: IMPORT_FORMAT
+  details:
+    formats:
+    - "projects/{{project}}/regions/{{region}}/firewallPolicies/{{firewall_policy}}/associations/{{name}}"
+    - "{{project}}/{{region}}/{{firewall_policy}}/{{name}}"
+  location: region
+- type: IMPORT_FORMAT
+  details:
+    formats:
+    - "projects/{{project}}/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}"
+    - "{{project}}/{{firewall_policy}}/{{name}}"
+  location: global 
diff --git a/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/global.tf.tmpl b/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/global.tf.tmpl
@@ -0,0 +1,16 @@
+resource "google_compute_network_firewall_policy" "network_firewall_policy" {
+  name = "{{policy}}"
+  project = "{{project}}"
+  description = "Sample global network firewall policy"
+}
+
+resource "google_compute_network" "network" {
+  name = "{{network}}"
+}
+
+resource "google_compute_network_firewall_policy_association" "primary" {
+  name = "{{association}}"
+  attachment_target = google_compute_network.network.id
+  firewall_policy =  google_compute_network_firewall_policy.network_firewall_policy.name
+  project =  "{{project}}"
+}
diff --git a/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/global.yaml b/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/global.yaml
@@ -0,0 +1,11 @@
+updates:
+- resource: ./global_update.tf.tmpl
+variables:
+- name: association
+  type: resource_name
+- name: policy
+  type: resource_name
+- name: network
+  type: resource_name
+- name: project
+  type: project
diff --git a/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/global_update.tf.tmpl b/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/global_update.tf.tmpl
@@ -0,0 +1,20 @@
+resource "google_compute_network_firewall_policy" "network_firewall_policy" {
+  name = "{{policy}}"
+  project = "{{project}}"
+  description = "Sample global network firewall policy"
+}
+
+resource "google_compute_network" "network" {
+  name = "{{network}}"
+}
+
+resource "google_compute_network" "network2" {
+  name = "update-{{network}}"
+}
+
+resource "google_compute_network_firewall_policy_association" "primary" {
+  name = "{{association}}"
+  attachment_target = google_compute_network.network2.id
+  firewall_policy =  google_compute_network_firewall_policy.network_firewall_policy.name
+  project =  "{{project}}"
+}
diff --git a/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/meta.yaml b/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/meta.yaml
@@ -0,0 +1,22 @@
+# meta.yaml
+# this is a shared config file that all the tests merge with
+#
+doc_hide:
+  - global_network_firewall_policy_association.yaml
+  - basic_regional_network_firewall_policy_association.yaml
+
+doc_hide_conditional:
+  - location: global
+    file_name: regional.tf.tmpl
+  - location: region
+    file_name: global.tf.tmpl
+
+test_hide:
+  - global_network_firewall_policy_association.yaml
+  - basic_regional_network_firewall_policy_association.yaml
+
+test_hide_conditional:
+  - location: global
+    file_name: regional.tf.tmpl
+  - location: region
+    file_name: global.tf.tmpl
diff --git a/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/regional.tf.tmpl b/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/regional.tf.tmpl
@@ -0,0 +1,18 @@
+resource "google_compute_region_network_firewall_policy" "basic_regional_network_firewall_policy" {
+  name = "{{policy}}"
+  project = "{{project}}"
+  description = "Sample global network firewall policy"
+  region = "{{region}}"
+}
+
+resource "google_compute_network" "basic_network" {
+  name = "{{network}}"
+}
+
+resource "google_compute_region_network_firewall_policy_association" "primary" {
+  name = "{{association}}"
+  attachment_target = google_compute_network.basic_network.id
+  firewall_policy =  google_compute_region_network_firewall_policy.basic_regional_network_firewall_policy.name
+  project =  "{{project}}"
+  region = "{{region}}"
+}
diff --git a/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/regional.yaml b/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/regional.yaml
@@ -0,0 +1,13 @@
+updates:
+- resource: ./regional_update.tf.tmpl
+variables:
+- name: association
+  type: resource_name
+- name: policy
+  type: resource_name
+- name: network
+  type: resource_name
+- name: project
+  type: project
+- name: region 
+  type: region
diff --git a/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/regional_update.tf.tmpl b/tpgtools/overrides/compute/samples/networkfirewallpolicyassociation/regional_update.tf.tmpl
@@ -0,0 +1,22 @@
+resource "google_compute_region_network_firewall_policy" "basic_regional_network_firewall_policy" {
+  name = "{{policy}}"
+  project = "{{project}}"
+  description = "Sample global network firewall policy"
+  region = "{{region}}"
+}
+
+resource "google_compute_network" "basic_network" {
+  name = "{{network}}"
+}
+
+resource "google_compute_network" "basic_network2" {
+  name = "update-{{network}}"
+}
+
+resource "google_compute_region_network_firewall_policy_association" "primary" {
+  name = "{{association}}"
+  attachment_target = google_compute_network.basic_network2.id
+  firewall_policy =  google_compute_region_network_firewall_policy.basic_regional_network_firewall_policy.name
+  project =  "{{project}}"
+  region = "{{region}}"
+}