From 654c366349b29b3a78a95fab42bc8cd387d0a7ce Mon Sep 17 00:00:00 2001
From: Joaquin <91717108+joaquinza@users.noreply.github.com>
Date: Wed, 3 Jan 2024 22:16:24 +0900
Subject: [PATCH] fix: src_threat_intelligences is missing from the variable
 object definition. (#530)

Co-authored-by: Imran Nayer <imrannayer@google.com>
---
 modules/network-firewall-policy/README.md    | 2 +-
 modules/network-firewall-policy/variables.tf | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/network-firewall-policy/README.md b/modules/network-firewall-policy/README.md
index 40f996d5..35a464a2 100644
--- a/modules/network-firewall-policy/README.md
+++ b/modules/network-firewall-policy/README.md
@@ -135,7 +135,7 @@ module "firewall_rules" {
 | policy\_name | User-provided name of the Network firewall policy | `string` | n/a | yes |
 | policy\_region | Location of the firewall policy. Needed for regional firewall policies. Default is null (Global firewall policy) | `string` | `null` | no |
 | project\_id | Project ID of the Network firewall policy | `string` | n/a | yes |
-| rules | List of Ingress/Egress rules | <pre>list(object({<br>    priority                = number<br>    direction               = string<br>    action                  = string<br>    rule_name               = optional(string)<br>    disabled                = optional(bool)<br>    description             = optional(string)<br>    enable_logging          = optional(bool)<br>    target_secure_tags      = optional(list(string))<br>    target_service_accounts = optional(list(string))<br>    match = object({<br>      src_ip_ranges             = optional(list(string), [])<br>      src_fqdns                 = optional(list(string), [])<br>      src_region_codes          = optional(list(string), [])<br>      src_secure_tags           = optional(list(string), [])<br>      src_address_groups        = optional(list(string), [])<br>      dest_ip_ranges            = optional(list(string), [])<br>      dest_fqdns                = optional(list(string), [])<br>      dest_region_codes         = optional(list(string), [])<br>      dest_threat_intelligences = optional(list(string), [])<br>      dest_address_groups       = optional(list(string), [])<br>      layer4_configs = optional(list(object({<br>        ip_protocol = optional(string, "all")<br>        ports       = optional(list(string), [])<br>      })), [{}])<br>    })<br>  }))</pre> | `[]` | no |
+| rules | List of Ingress/Egress rules | <pre>list(object({<br>    priority                = number<br>    direction               = string<br>    action                  = string<br>    rule_name               = optional(string)<br>    disabled                = optional(bool)<br>    description             = optional(string)<br>    enable_logging          = optional(bool)<br>    target_secure_tags      = optional(list(string))<br>    target_service_accounts = optional(list(string))<br>    match = object({<br>      src_ip_ranges             = optional(list(string), [])<br>      src_fqdns                 = optional(list(string), [])<br>      src_region_codes          = optional(list(string), [])<br>      src_secure_tags           = optional(list(string), [])<br>      src_threat_intelligences  = optional(list(string), [])<br>      src_address_groups        = optional(list(string), [])<br>      dest_ip_ranges            = optional(list(string), [])<br>      dest_fqdns                = optional(list(string), [])<br>      dest_region_codes         = optional(list(string), [])<br>      dest_threat_intelligences = optional(list(string), [])<br>      dest_address_groups       = optional(list(string), [])<br>      layer4_configs = optional(list(object({<br>        ip_protocol = optional(string, "all")<br>        ports       = optional(list(string), [])<br>      })), [{}])<br>    })<br>  }))</pre> | `[]` | no |
 | target\_vpcs | List of target VPC IDs that the firewall policy will be attached to | `list(string)` | `[]` | no |
 
 ## Outputs
diff --git a/modules/network-firewall-policy/variables.tf b/modules/network-firewall-policy/variables.tf
index f8fd67c8..ca74e753 100644
--- a/modules/network-firewall-policy/variables.tf
+++ b/modules/network-firewall-policy/variables.tf
@@ -63,6 +63,7 @@ variable "rules" {
       src_fqdns                 = optional(list(string), [])
       src_region_codes          = optional(list(string), [])
       src_secure_tags           = optional(list(string), [])
+      src_threat_intelligences  = optional(list(string), [])
       src_address_groups        = optional(list(string), [])
       dest_ip_ranges            = optional(list(string), [])
       dest_fqdns                = optional(list(string), [])