hashicorp · modular-magician · Feb 7, 2025 · Feb 7, 2025
@@ -0,0 +1,3 @@
+```release-note:enhancement
+accesscontextmanager: added `title` field to policy blocks under `google_access_context_manager_service_perimeter ` and variants
+```
@@ -368,6 +368,11 @@ the perimeter.`,
 											},
 										},
 									},
+									"title": {
+										Type:        schema.TypeString,
+										Optional:    true,
+										Description: `Human readable title. Must be unique within the perimeter. Does not affect behavior.`,
+									},
 								},
 							},
 						},
@@ -511,6 +516,11 @@ also matches the 'operations' field.`,
 											},
 										},
 									},
+									"title": {
+										Type:        schema.TypeString,
+										Optional:    true,
+										Description: `Human readable title. Must be unique within the perimeter. Does not affect behavior.`,
+									},
 								},
 							},
 						},
@@ -746,6 +756,11 @@ the perimeter.`,
 											},
 										},
 									},
+									"title": {
+										Type:        schema.TypeString,
+										Optional:    true,
+										Description: `Human readable title. Must be unique within the perimeter. Does not affect behavior.`,
+									},
 								},
 							},
 						},
@@ -894,6 +909,11 @@ also matches the 'operations' field.`,
 											},
 										},
 									},
+									"title": {
+										Type:        schema.TypeString,
+										Optional:    true,
+										Description: `Human readable title. Must be unique within the perimeter. Does not affect behavior.`,
+									},
 								},
 							},
 						},
@@ -1484,6 +1504,7 @@ func flattenAccessContextManagerServicePerimeterStatusIngressPolicies(v interfac
 		transformed = append(transformed, map[string]interface{}{
 			"ingress_from": flattenAccessContextManagerServicePerimeterStatusIngressPoliciesIngressFrom(original["ingressFrom"], d, config),
 			"ingress_to":   flattenAccessContextManagerServicePerimeterStatusIngressPoliciesIngressTo(original["ingressTo"], d, config),
+			"title":        flattenAccessContextManagerServicePerimeterStatusIngressPoliciesTitle(original["title"], d, config),
 		})
 	}
 	return transformed
@@ -1615,6 +1636,10 @@ func flattenAccessContextManagerServicePerimeterStatusIngressPoliciesIngressToOp
 	return v
 }
 
+func flattenAccessContextManagerServicePerimeterStatusIngressPoliciesTitle(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenAccessContextManagerServicePerimeterStatusEgressPolicies(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	if v == nil {
 		return v
@@ -1630,6 +1655,7 @@ func flattenAccessContextManagerServicePerimeterStatusEgressPolicies(v interface
 		transformed = append(transformed, map[string]interface{}{
 			"egress_from": flattenAccessContextManagerServicePerimeterStatusEgressPoliciesEgressFrom(original["egressFrom"], d, config),
 			"egress_to":   flattenAccessContextManagerServicePerimeterStatusEgressPoliciesEgressTo(original["egressTo"], d, config),
+			"title":       flattenAccessContextManagerServicePerimeterStatusEgressPoliciesTitle(original["title"], d, config),
 		})
 	}
 	return transformed
@@ -1776,6 +1802,10 @@ func flattenAccessContextManagerServicePerimeterStatusEgressPoliciesEgressToOper
 	return v
 }
 
+func flattenAccessContextManagerServicePerimeterStatusEgressPoliciesTitle(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenAccessContextManagerServicePerimeterSpec(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	if v == nil {
 		return nil
@@ -1861,6 +1891,7 @@ func flattenAccessContextManagerServicePerimeterSpecIngressPolicies(v interface{
 		transformed = append(transformed, map[string]interface{}{
 			"ingress_from": flattenAccessContextManagerServicePerimeterSpecIngressPoliciesIngressFrom(original["ingressFrom"], d, config),
 			"ingress_to":   flattenAccessContextManagerServicePerimeterSpecIngressPoliciesIngressTo(original["ingressTo"], d, config),
+			"title":        flattenAccessContextManagerServicePerimeterSpecIngressPoliciesTitle(original["title"], d, config),
 		})
 	}
 	return transformed
@@ -1992,6 +2023,10 @@ func flattenAccessContextManagerServicePerimeterSpecIngressPoliciesIngressToOper
 	return v
 }
 
+func flattenAccessContextManagerServicePerimeterSpecIngressPoliciesTitle(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenAccessContextManagerServicePerimeterSpecEgressPolicies(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	if v == nil {
 		return v
@@ -2007,6 +2042,7 @@ func flattenAccessContextManagerServicePerimeterSpecEgressPolicies(v interface{}
 		transformed = append(transformed, map[string]interface{}{
 			"egress_from": flattenAccessContextManagerServicePerimeterSpecEgressPoliciesEgressFrom(original["egressFrom"], d, config),
 			"egress_to":   flattenAccessContextManagerServicePerimeterSpecEgressPoliciesEgressTo(original["egressTo"], d, config),
+			"title":       flattenAccessContextManagerServicePerimeterSpecEgressPoliciesTitle(original["title"], d, config),
 		})
 	}
 	return transformed
@@ -2153,6 +2189,10 @@ func flattenAccessContextManagerServicePerimeterSpecEgressPoliciesEgressToOperat
 	return v
 }
 
+func flattenAccessContextManagerServicePerimeterSpecEgressPoliciesTitle(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenAccessContextManagerServicePerimeterUseExplicitDryRunSpec(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	return v
 }
@@ -2301,6 +2341,13 @@ func expandAccessContextManagerServicePerimeterStatusIngressPolicies(v interface
 			transformed["ingressTo"] = transformedIngressTo
 		}
 
+		transformedTitle, err := expandAccessContextManagerServicePerimeterStatusIngressPoliciesTitle(original["title"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedTitle); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["title"] = transformedTitle
+		}
+
 		req = append(req, transformed)
 	}
 	return req, nil
@@ -2486,6 +2533,10 @@ func expandAccessContextManagerServicePerimeterStatusIngressPoliciesIngressToOpe
 	return v, nil
 }
 
+func expandAccessContextManagerServicePerimeterStatusIngressPoliciesTitle(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandAccessContextManagerServicePerimeterStatusEgressPolicies(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	l := v.([]interface{})
 	req := make([]interface{}, 0, len(l))
@@ -2510,6 +2561,13 @@ func expandAccessContextManagerServicePerimeterStatusEgressPolicies(v interface{
 			transformed["egressTo"] = transformedEgressTo
 		}
 
+		transformedTitle, err := expandAccessContextManagerServicePerimeterStatusEgressPoliciesTitle(original["title"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedTitle); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["title"] = transformedTitle
+		}
+
 		req = append(req, transformed)
 	}
 	return req, nil
@@ -2718,6 +2776,10 @@ func expandAccessContextManagerServicePerimeterStatusEgressPoliciesEgressToOpera
 	return v, nil
 }
 
+func expandAccessContextManagerServicePerimeterStatusEgressPoliciesTitle(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandAccessContextManagerServicePerimeterSpec(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	l := v.([]interface{})
 	if len(l) == 0 || l[0] == nil {
@@ -2846,6 +2908,13 @@ func expandAccessContextManagerServicePerimeterSpecIngressPolicies(v interface{}
 			transformed["ingressTo"] = transformedIngressTo
 		}
 
+		transformedTitle, err := expandAccessContextManagerServicePerimeterSpecIngressPoliciesTitle(original["title"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedTitle); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["title"] = transformedTitle
+		}
+
 		req = append(req, transformed)
 	}
 	return req, nil
@@ -3031,6 +3100,10 @@ func expandAccessContextManagerServicePerimeterSpecIngressPoliciesIngressToOpera
 	return v, nil
 }
 
+func expandAccessContextManagerServicePerimeterSpecIngressPoliciesTitle(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandAccessContextManagerServicePerimeterSpecEgressPolicies(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	l := v.([]interface{})
 	req := make([]interface{}, 0, len(l))
@@ -3055,6 +3128,13 @@ func expandAccessContextManagerServicePerimeterSpecEgressPolicies(v interface{},
 			transformed["egressTo"] = transformedEgressTo
 		}
 
+		transformedTitle, err := expandAccessContextManagerServicePerimeterSpecEgressPoliciesTitle(original["title"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedTitle); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["title"] = transformedTitle
+		}
+
 		req = append(req, transformed)
 	}
 	return req, nil
@@ -3263,6 +3343,10 @@ func expandAccessContextManagerServicePerimeterSpecEgressPoliciesEgressToOperati
 	return v, nil
 }
 
+func expandAccessContextManagerServicePerimeterSpecEgressPoliciesTitle(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandAccessContextManagerServicePerimeterUseExplicitDryRunSpec(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	return v, nil
 }

@@ -298,6 +298,12 @@ the perimeter.`,
 					},
 				},
 			},
+			"title": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				ForceNew:    true,
+				Description: `Human readable title. Must be unique within the perimeter. Does not affect behavior.`,
+			},
 			"access_policy_id": {
 				Type:        schema.TypeString,
 				Computed:    true,
@@ -328,6 +334,12 @@ func resourceAccessContextManagerServicePerimeterDryRunEgressPolicyCreate(d *sch
 	} else if v, ok := d.GetOkExists("egress_to"); !tpgresource.IsEmptyValue(reflect.ValueOf(egressToProp)) && (ok || !reflect.DeepEqual(v, egressToProp)) {
 		obj["egressTo"] = egressToProp
 	}
+	titleProp, err := expandNestedAccessContextManagerServicePerimeterDryRunEgressPolicyTitle(d.Get("title"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("title"); !tpgresource.IsEmptyValue(reflect.ValueOf(titleProp)) && (ok || !reflect.DeepEqual(v, titleProp)) {
+		obj["title"] = titleProp
+	}
 
 	obj, err = resourceAccessContextManagerServicePerimeterDryRunEgressPolicyEncoder(d, meta, obj)
 	if err != nil {
@@ -415,6 +427,9 @@ func resourceAccessContextManagerServicePerimeterDryRunEgressPolicyCreate(d *sch
 	if err := d.Set("egress_to", flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicyEgressTo(opRes["egressTo"], d, config)); err != nil {
 		return err
 	}
+	if err := d.Set("title", flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicyTitle(opRes["title"], d, config)); err != nil {
+		return err
+	}
 
 	// This may have caused the ID to update - update it if so.
 	id, err = tpgresource.ReplaceVars(d, config, "{{perimeter}}")
@@ -478,6 +493,9 @@ func resourceAccessContextManagerServicePerimeterDryRunEgressPolicyRead(d *schem
 	if err := d.Set("egress_to", flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicyEgressTo(res["egressTo"], d, config)); err != nil {
 		return fmt.Errorf("Error reading ServicePerimeterDryRunEgressPolicy: %s", err)
 	}
+	if err := d.Set("title", flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicyTitle(res["title"], d, config)); err != nil {
+		return fmt.Errorf("Error reading ServicePerimeterDryRunEgressPolicy: %s", err)
+	}
 
 	return nil
 }
@@ -728,6 +746,10 @@ func flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicyEgressTo
 	return v
 }
 
+func flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicyTitle(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func expandNestedAccessContextManagerServicePerimeterDryRunEgressPolicyEgressFrom(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	l := v.([]interface{})
 	if len(l) == 0 || l[0] == nil {
@@ -928,6 +950,10 @@ func expandNestedAccessContextManagerServicePerimeterDryRunEgressPolicyEgressToO
 	return v, nil
 }
 
+func expandNestedAccessContextManagerServicePerimeterDryRunEgressPolicyTitle(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func resourceAccessContextManagerServicePerimeterDryRunEgressPolicyEncoder(d *schema.ResourceData, meta interface{}, obj map[string]interface{}) (map[string]interface{}, error) {
 	// Set the access_policy_id field from part of the perimeter parameter.
 
@@ -982,6 +1008,11 @@ func resourceAccessContextManagerServicePerimeterDryRunEgressPolicyFindNestedObj
 		return -1, nil, err
 	}
 	expectedFlattenedEgressTo := flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicyEgressTo(expectedEgressTo, d, meta.(*transport_tpg.Config))
+	expectedTitle, err := expandNestedAccessContextManagerServicePerimeterDryRunEgressPolicyTitle(d.Get("title"), d, meta.(*transport_tpg.Config))
+	if err != nil {
+		return -1, nil, err
+	}
+	expectedFlattenedTitle := flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicyTitle(expectedTitle, d, meta.(*transport_tpg.Config))
 
 	// Search list for this resource.
 	for idx, itemRaw := range items {
@@ -1002,6 +1033,12 @@ func resourceAccessContextManagerServicePerimeterDryRunEgressPolicyFindNestedObj
 			log.Printf("[DEBUG] Skipping item with egressTo= %#v, looking for %#v)", itemEgressTo, expectedFlattenedEgressTo)
 			continue
 		}
+		itemTitle := flattenNestedAccessContextManagerServicePerimeterDryRunEgressPolicyTitle(item["title"], d, meta.(*transport_tpg.Config))
+		// IsEmptyValue check so that if one is nil and the other is "", that's considered a match
+		if !(tpgresource.IsEmptyValue(reflect.ValueOf(itemTitle)) && tpgresource.IsEmptyValue(reflect.ValueOf(expectedFlattenedTitle))) && !reflect.DeepEqual(itemTitle, expectedFlattenedTitle) {
+			log.Printf("[DEBUG] Skipping item with title= %#v, looking for %#v)", itemTitle, expectedFlattenedTitle)
+			continue
+		}
 		log.Printf("[DEBUG] Found item for resource %q: %#v)", d.Id(), item)
 		return idx, item, nil
 	}

@@ -18,3 +18,4 @@ fields:
   - field: 'egress_to.resources'
   - field: 'perimeter'
     provider_only: true
+  - field: 'title'
@@ -105,6 +105,7 @@ resource "google_access_context_manager_access_level" "test-access" {
 
 resource "google_access_context_manager_service_perimeter_dry_run_egress_policy" "test-access1" {
   perimeter = google_access_context_manager_service_perimeter.test-access.name
+	title = "egress policy title 1"
 	egress_from {
 		identity_type = "ANY_USER_ACCOUNT"
 	}
@@ -120,6 +121,7 @@ resource "google_access_context_manager_service_perimeter_dry_run_egress_policy"
 
 resource "google_access_context_manager_service_perimeter_dry_run_egress_policy" "test-access2" {
 	perimeter = google_access_context_manager_service_perimeter.test-access.name
+	title = "egress policy title 2"
 	egress_from {
 		identity_type = "ANY_USER_ACCOUNT"
 		sources {