Public outbound ip (#11675) (#8156)

[upstream:477e5c94b4011b01a7f18ccd14fbcecd6d1073eb]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/11675.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+alloyDB: added `enableOutboundPublicIp` field to `google_alloydb_instance` resource
+```

google-beta/services/alloydb/resource_alloydb_instance.go

@@ -205,6 +205,11 @@ true.`,
 							},
 							RequiredWith: []string{"network_config.0.enable_public_ip"},
 						},
+						"enable_outbound_public_ip": {
+							Type:        schema.TypeBool,
+							Optional:    true,
+							Description: `Enabling outbound public ip for the instance.`,
+						},
 						"enable_public_ip": {
 							Type:     schema.TypeBool,
 							Optional: true,
@@ -373,6 +378,16 @@ The name of the resource will be in the format of
 				Computed:    true,
 				Description: `The name of the instance resource.`,
 			},
+			"outbound_public_ip_addresses": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Description: `The outbound public IP addresses for the instance. This is available ONLY when
+networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used
+for outbound connections.`,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
 			"public_ip_address": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -656,6 +671,9 @@ func resourceAlloydbInstanceRead(d *schema.ResourceData, meta interface{}) error
 	if err := d.Set("public_ip_address", flattenAlloydbInstancePublicIpAddress(res["publicIpAddress"], d, config)); err != nil {
 		return fmt.Errorf("Error reading Instance: %s", err)
 	}
+	if err := d.Set("outbound_public_ip_addresses", flattenAlloydbInstanceOutboundPublicIpAddresses(res["outboundPublicIpAddresses"], d, config)); err != nil {
+		return fmt.Errorf("Error reading Instance: %s", err)
+	}
 	if err := d.Set("terraform_labels", flattenAlloydbInstanceTerraformLabels(res["labels"], d, config)); err != nil {
 		return fmt.Errorf("Error reading Instance: %s", err)
 	}
@@ -1309,6 +1327,8 @@ func flattenAlloydbInstanceNetworkConfig(v interface{}, d *schema.ResourceData,
 		flattenAlloydbInstanceNetworkConfigAuthorizedExternalNetworks(original["authorizedExternalNetworks"], d, config)
 	transformed["enable_public_ip"] =
 		flattenAlloydbInstanceNetworkConfigEnablePublicIp(original["enablePublicIp"], d, config)
+	transformed["enable_outbound_public_ip"] =
+		flattenAlloydbInstanceNetworkConfigEnableOutboundPublicIp(original["enableOutboundPublicIp"], d, config)
 	return []interface{}{transformed}
 }
 func flattenAlloydbInstanceNetworkConfigAuthorizedExternalNetworks(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
@@ -1337,10 +1357,18 @@ func flattenAlloydbInstanceNetworkConfigEnablePublicIp(v interface{}, d *schema.
 	return v
 }
 
+func flattenAlloydbInstanceNetworkConfigEnableOutboundPublicIp(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenAlloydbInstancePublicIpAddress(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	return v
 }
 
+func flattenAlloydbInstanceOutboundPublicIpAddresses(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenAlloydbInstanceTerraformLabels(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	if v == nil {
 		return v
@@ -1714,6 +1742,13 @@ func expandAlloydbInstanceNetworkConfig(v interface{}, d tpgresource.TerraformRe
 		transformed["enablePublicIp"] = transformedEnablePublicIp
 	}
 
+	transformedEnableOutboundPublicIp, err := expandAlloydbInstanceNetworkConfigEnableOutboundPublicIp(original["enable_outbound_public_ip"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedEnableOutboundPublicIp); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["enableOutboundPublicIp"] = transformedEnableOutboundPublicIp
+	}
+
 	return transformed, nil
 }
 
@@ -1747,6 +1782,10 @@ func expandAlloydbInstanceNetworkConfigEnablePublicIp(v interface{}, d tpgresour
 	return v, nil
 }
 
+func expandAlloydbInstanceNetworkConfigEnableOutboundPublicIp(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandAlloydbInstanceEffectiveLabels(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (map[string]string, error) {
 	if v == nil {
 		return map[string]string{}, nil

google-beta/services/alloydb/resource_alloydb_instance_test.go

@@ -596,12 +596,15 @@ func TestAccAlloydbInstance_networkConfig(t *testing.T) {
 		"random_suffix":                suffix,
 		"network_name":                 networkName,
 		"enable_public_ip":             true,
+		"enable_outbound_public_ip":    true,
 		"authorized_external_networks": "",
 	}
+
 	context2 := map[string]interface{}{
-		"random_suffix":    suffix,
-		"network_name":     networkName,
-		"enable_public_ip": true,
+		"random_suffix":             suffix,
+		"network_name":              networkName,
+		"enable_public_ip":          true,
+		"enable_outbound_public_ip": false,
 		"authorized_external_networks": `
 		authorized_external_networks {
 			cidr_range = "8.8.8.8/30"
@@ -611,11 +614,13 @@ func TestAccAlloydbInstance_networkConfig(t *testing.T) {
 		}
 		`,
 	}
+
 	context3 := map[string]interface{}{
-		"random_suffix":    suffix,
-		"network_name":     networkName,
-		"enable_public_ip": true,
-		"cidr_range":       "8.8.8.8/30",
+		"random_suffix":             suffix,
+		"network_name":              networkName,
+		"enable_public_ip":          true,
+		"enable_outbound_public_ip": true,
+		"cidr_range":                "8.8.8.8/30",
 	}
 
 	acctest.VcrTest(t, resource.TestCase{
@@ -627,6 +632,8 @@ func TestAccAlloydbInstance_networkConfig(t *testing.T) {
 				Config: testAccAlloydbInstance_networkConfig(context1),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.enable_public_ip", "true"),
+					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.enable_outbound_public_ip", "true"),
+					resource.TestCheckResourceAttrSet("google_alloydb_instance.default", "outbound_public_ip_addresses.0"), // Ensure it's set
 				),
 			},
 			{
@@ -642,6 +649,8 @@ func TestAccAlloydbInstance_networkConfig(t *testing.T) {
 					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.authorized_external_networks.0.cidr_range", "8.8.8.8/30"),
 					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.authorized_external_networks.1.cidr_range", "8.8.4.4/30"),
 					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.authorized_external_networks.#", "2"),
+					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.enable_outbound_public_ip", "false"),
+					resource.TestCheckResourceAttr("google_alloydb_instance.default", "outbound_public_ip_addresses.#", "0"),
 				),
 			},
 			{
@@ -656,6 +665,8 @@ func TestAccAlloydbInstance_networkConfig(t *testing.T) {
 					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.enable_public_ip", "true"),
 					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.authorized_external_networks.0.cidr_range", "8.8.8.8/30"),
 					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.authorized_external_networks.#", "1"),
+					resource.TestCheckResourceAttr("google_alloydb_instance.default", "network_config.0.enable_outbound_public_ip", "true"),
+					resource.TestCheckResourceAttrSet("google_alloydb_instance.default", "outbound_public_ip_addresses.0"),
 				),
 			},
 			{
@@ -680,6 +691,7 @@ resource "google_alloydb_instance" "default" {
 
   network_config {
     enable_public_ip = %{enable_public_ip}
+    enable_outbound_public_ip = %{enable_outbound_public_ip}
     %{authorized_external_networks}
   }	
 }
@@ -715,6 +727,7 @@ resource "google_alloydb_instance" "default" {
 
   network_config {
     enable_public_ip = %{enable_public_ip}
+    enable_outbound_public_ip = %{enable_outbound_public_ip}
     authorized_external_networks {
       cidr_range = "%{cidr_range}"
     }

website/docs/r/alloydb_instance.html.markdown

@@ -380,6 +380,10 @@ The following arguments are supported:
   please also clear the list of the authorized external networks set on
   the same instance.
 
+* `enable_outbound_public_ip` -
+  (Optional)
+  Enabling outbound public ip for the instance.
+
 
 <a name="nested_authorized_external_networks"></a>The `authorized_external_networks` block supports:
 
@@ -419,6 +423,11 @@ In addition to the arguments listed above, the following computed attributes are
   networkConfig.enablePublicIp is set to true. This is the connection
   endpoint for an end-user application.
 
+* `outbound_public_ip_addresses` -
+  The outbound public IP addresses for the instance. This is available ONLY when
+  networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used
+  for outbound connections.
+
 * `terraform_labels` -
   The combination of labels configured directly on the resource
    and default labels configured on the provider.