Added propagatedConnectionLimit and connectedEndpoints output fields to ServiceAttachment (#11625)

matheusaleixo-cit · web-flow · commit 2094dcd7d3b1 · 2024-09-09T14:23:45.000-07:00
diff --git a/mmv1/products/compute/ServiceAttachment.yaml b/mmv1/products/compute/ServiceAttachment.yaml
@@ -156,6 +156,22 @@ properties:
           description: |
             The status of the connection from the consumer forwarding rule to
             this service attachment.
+        - !ruby/object:Api::Type::String
+          name: 'consumerNetwork'
+          output: true
+          description: |
+            The url of the consumer network.
+        - !ruby/object:Api::Type::String
+          name: 'pscConnectionId'
+          output: true
+          description: |
+            The PSC connection id of the connected endpoint.
+        - !ruby/object:Api::Type::Integer
+          name: 'propagatedConnectionCount'
+          min_version: 'beta'
+          output: true
+          description: |
+            The number of consumer Network Connectivity Center spokes that the connected Private Service Connect endpoint has propagated to.
   - !ruby/object:Api::Type::String
     name: targetService
     required: true
@@ -237,3 +253,15 @@ properties:
 
       If false, connection policy update will only affect existing PENDING PSC endpoints. Existing ACCEPTED/REJECTED endpoints will remain untouched regardless how the connection policy is modified .
       If true, update will affect both PENDING and ACCEPTED/REJECTED PSC endpoints. For example, an ACCEPTED PSC endpoint will be moved to REJECTED if its project is added to the reject list.
+  - !ruby/object:Api::Type::Integer
+    name: 'propagatedConnectionLimit'
+    min_version: 'beta'
+    default_from_api: true
+    description: |
+      The number of consumer spokes that connected Private Service Connect endpoints can be propagated to through Network Connectivity Center.
+      This limit lets the service producer limit how many propagated Private Service Connect connections can be established to this service attachment from a single consumer.
+
+      If the connection preference of the service attachment is ACCEPT_MANUAL, the limit applies to each project or network that is listed in the consumer accept list.
+      If the connection preference of the service attachment is ACCEPT_AUTOMATIC, the limit applies to each project that contains a connected endpoint.
+
+      If unspecified, the default propagated connection limit is 250.
diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_service_attachment_test.go.erb b/mmv1/third_party/terraform/services/compute/resource_compute_service_attachment_test.go.erb
@@ -1,3 +1,4 @@
+<% autogen_exception -%>
 package compute_test
 
 import (
@@ -50,6 +51,54 @@ func TestAccComputeServiceAttachment_serviceAttachmentBasicExampleUpdate(t *test
 	})
 }
 
+<% unless version == "ga" -%>
+func TestAccComputeServiceAttachment_serviceAttachmentConnectedEndpointsOutput(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"random_suffix": acctest.RandString(t, 10),
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		CheckDestroy:             testAccCheckComputeServiceAttachmentDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccComputeServiceAttachment_serviceAttachmentBasicExampleConnectedEndpointsOutput(context, true),
+			},
+			{
+				ResourceName:            "google_compute_service_attachment.psc_ilb_service_attachment",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"target_service", "region"},
+			},
+			{
+				Config: testAccComputeServiceAttachment_serviceAttachmentBasicExampleConnectedEndpointsOutput(context, false),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet(
+						"google_compute_service_attachment.psc_ilb_service_attachment", "connected_endpoints.0.endpoint"),
+					resource.TestCheckResourceAttrSet(
+						"google_compute_service_attachment.psc_ilb_service_attachment", "connected_endpoints.0.status"),
+					resource.TestCheckResourceAttrSet(
+						"google_compute_service_attachment.psc_ilb_service_attachment", "connected_endpoints.0.consumer_network"),
+					resource.TestCheckResourceAttrSet(
+						"google_compute_service_attachment.psc_ilb_service_attachment", "connected_endpoints.0.psc_connection_id"),
+					resource.TestCheckResourceAttrSet(
+						"google_compute_service_attachment.psc_ilb_service_attachment", "connected_endpoints.0.propagated_connection_count"),
+				),
+			},
+			{
+				ResourceName:            "google_compute_service_attachment.psc_ilb_service_attachment",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"target_service", "region"},
+			},
+		},
+	})
+}
+<% end -%>
+
 func testAccComputeServiceAttachment_serviceAttachmentBasicExampleFork(context map[string]interface{}) string {
 	return acctest.Nprintf(`
 resource "google_compute_service_attachment" "psc_ilb_service_attachment" {
@@ -232,6 +281,118 @@ resource "google_compute_subnetwork" "psc_ilb_nat" {
 `, context)
 }
 
+<% unless version == "ga" -%>
+func testAccComputeServiceAttachment_serviceAttachmentBasicExampleConnectedEndpointsOutput(context map[string]interface{}, preventDestroy bool) string {
+	context["lifecycle_block"] = ""
+	if preventDestroy {
+		context["lifecycle_block"] = `
+		lifecycle {
+			prevent_destroy = true
+		}`
+	}
+
+	return acctest.Nprintf(`
+resource "google_compute_service_attachment" "psc_ilb_service_attachment" {
+  provider    = google-beta
+  name        = "tf-test-my-psc-ilb%{random_suffix}"
+  region      = "us-west2"
+  description = "A service attachment configured with Terraforms"
+
+  enable_proxy_protocol    = true
+  connection_preference    = "ACCEPT_MANUAL"
+  nat_subnets              = [google_compute_subnetwork.psc_ilb_nat.id]
+  target_service           = google_compute_forwarding_rule.psc_ilb_target_service.id
+
+  consumer_reject_lists = ["673497134629", "482878270665"]
+  consumer_accept_lists {
+    project_id_or_num = "658859330310"
+    connection_limit  = 4
+  }
+
+  propagated_connection_limit = 175
+  reconcile_connections = false
+}
+
+resource "google_compute_address" "psc_ilb_consumer_address" {
+  provider    = google-beta
+  name        = "tf-test-psc-ilb-consumer-address%{random_suffix}"
+  region      = "us-west2"
+
+  subnetwork   = "default"
+  address_type = "INTERNAL"
+}
+
+resource "google_compute_forwarding_rule" "psc_ilb_consumer" {
+  provider    = google-beta
+  name        = "tf-test-psc-ilb-consumer-forwarding-rule%{random_suffix}"
+  region      = "us-west2"
+
+  target                = google_compute_service_attachment.psc_ilb_service_attachment.id
+  load_balancing_scheme = "" # need to override EXTERNAL default when target is a service attachment
+  network               = "default"
+  ip_address            = google_compute_address.psc_ilb_consumer_address.id
+}
+
+resource "google_compute_forwarding_rule" "psc_ilb_target_service" {
+  provider    = google-beta
+  name        = "tf-test-producer-forwarding-rule%{random_suffix}"
+  region      = "us-west2"
+
+  load_balancing_scheme = "INTERNAL"
+  backend_service       = google_compute_region_backend_service.producer_service_backend.id
+  all_ports             = true
+  allow_global_access   = true
+  network               = google_compute_network.psc_ilb_network.name
+  subnetwork            = google_compute_subnetwork.psc_ilb_producer_subnetwork.name
+}
+
+resource "google_compute_region_backend_service" "producer_service_backend" {
+  provider    = google-beta
+  name        = "tf-test-producer-service%{random_suffix}"
+  region      = "us-west2"
+
+  health_checks = [google_compute_health_check.producer_service_health_check.id]
+}
+
+resource "google_compute_health_check" "producer_service_health_check" {
+  provider    = google-beta
+  name        = "tf-test-producer-service-health-check%{random_suffix}"
+
+  check_interval_sec = 1
+  timeout_sec        = 1
+  tcp_health_check {
+    port = "80"
+  }
+}
+
+resource "google_compute_network" "psc_ilb_network" {
+  provider = google-beta
+  name = "tf-test-psc-ilb-network%{random_suffix}"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "psc_ilb_producer_subnetwork" {
+  provider    = google-beta
+  name        = "tf-test-psc-ilb-producer-subnetwork%{random_suffix}"
+  region      = "us-west2"
+
+  network       = google_compute_network.psc_ilb_network.id
+  ip_cidr_range = "10.0.0.0/16"
+}
+
+resource "google_compute_subnetwork" "psc_ilb_nat" {
+  provider    = google-beta
+  name        = "tf-test-psc-ilb-nat%{random_suffix}"
+  region      = "us-west2"
+
+  network       = google_compute_network.psc_ilb_network.id
+  purpose       =  "PRIVATE_SERVICE_CONNECT"
+  ip_cidr_range = "10.1.0.0/16"
+}
+`, context)
+}
+<% end -%>
+
 func TestAccComputeServiceAttachment_serviceAttachmentBasicExampleGateway(t *testing.T) {
 	t.Parallel()
 
