add autoNetworkTier to Router NAT (#9379) (#7333)

[upstream:f8831fb24cf0875492c4d141499a6a628daf838a] Signed-off-by: Modular Magician <[email protected]>
hashicorp · May 8, 2024 · b01f01d · b01f01d
1 parent a238694
commit b01f01d
Show file tree

Hide file tree

Showing 3 changed files with 122 additions and 42 deletions.
diff --git a/google-beta/services/compute/resource_compute_router_nat.go b/google-beta/services/compute/resource_compute_router_nat.go
@@ -243,6 +243,15 @@ ranges in every Subnetwork are allowed to Nat.
 contains ALL_SUBNETWORKS_ALL_IP_RANGES or
 ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any
 other RouterNat section in any Router for this network in this region. Possible values: ["ALL_SUBNETWORKS_ALL_IP_RANGES", "ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES", "LIST_OF_SUBNETWORKS"]`,
+			},
+			"auto_network_tier": {
+				Type:         schema.TypeString,
+				Computed:     true,
+				Optional:     true,
+				ValidateFunc: verify.ValidateEnum([]string{"PREMIUM", "STANDARD", ""}),
+				Description: `The network tier to use when automatically reserving NAT IP addresses.
+Must be one of: PREMIUM, STANDARD. If not specified, then the current
+project-level default tier is used. Possible values: ["PREMIUM", "STANDARD"]`,
 			},
 			"drain_nat_ips": {
 				Type:     schema.TypeSet,
@@ -673,6 +682,12 @@ func resourceComputeRouterNatCreate(d *schema.ResourceData, meta interface{}) er
 	} else if v, ok := d.GetOkExists("type"); !tpgresource.IsEmptyValue(reflect.ValueOf(typeProp)) && (ok || !reflect.DeepEqual(v, typeProp)) {
 		obj["type"] = typeProp
 	}
+	autoNetworkTierProp, err := expandNestedComputeRouterNatAutoNetworkTier(d.Get("auto_network_tier"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("auto_network_tier"); !tpgresource.IsEmptyValue(reflect.ValueOf(autoNetworkTierProp)) && (ok || !reflect.DeepEqual(v, autoNetworkTierProp)) {
+		obj["autoNetworkTier"] = autoNetworkTierProp
+	}
 
 	lockName, err := tpgresource.ReplaceVars(d, config, "router/{{region}}/{{router}}")
 	if err != nil {
@@ -880,6 +895,9 @@ func resourceComputeRouterNatRead(d *schema.ResourceData, meta interface{}) erro
 	if err := d.Set("type", flattenNestedComputeRouterNatType(res["type"], d, config)); err != nil {
 		return fmt.Errorf("Error reading RouterNat: %s", err)
 	}
+	if err := d.Set("auto_network_tier", flattenNestedComputeRouterNatAutoNetworkTier(res["autoNetworkTier"], d, config)); err != nil {
+		return fmt.Errorf("Error reading RouterNat: %s", err)
+	}
 
 	return nil
 }
@@ -996,6 +1014,12 @@ func resourceComputeRouterNatUpdate(d *schema.ResourceData, meta interface{}) er
 	} else if v, ok := d.GetOkExists("enable_endpoint_independent_mapping"); ok || !reflect.DeepEqual(v, enableEndpointIndependentMappingProp) {
 		obj["enableEndpointIndependentMapping"] = enableEndpointIndependentMappingProp
 	}
+	autoNetworkTierProp, err := expandNestedComputeRouterNatAutoNetworkTier(d.Get("auto_network_tier"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("auto_network_tier"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, autoNetworkTierProp)) {
+		obj["autoNetworkTier"] = autoNetworkTierProp
+	}
 
 	lockName, err := tpgresource.ReplaceVars(d, config, "router/{{region}}/{{router}}")
 	if err != nil {
@@ -1469,6 +1493,10 @@ func flattenNestedComputeRouterNatType(v interface{}, d *schema.ResourceData, co
 	return v
 }
 
+func flattenNestedComputeRouterNatAutoNetworkTier(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func expandNestedComputeRouterNatName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	return v, nil
 }
@@ -1812,6 +1840,10 @@ func expandNestedComputeRouterNatType(v interface{}, d tpgresource.TerraformReso
 	return v, nil
 }
 
+func expandNestedComputeRouterNatAutoNetworkTier(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func flattenNestedComputeRouterNat(d *schema.ResourceData, meta interface{}, res map[string]interface{}) (map[string]interface{}, error) {
 	var v interface{}
 	var ok bool

diff --git a/google-beta/services/compute/resource_compute_router_nat_test.go b/google-beta/services/compute/resource_compute_router_nat_test.go
@@ -466,6 +466,31 @@ func TestAccComputeRouterNat_withEndpointTypes(t *testing.T) {
 	})
 }
 
+func TestAccComputeRouterNat_AutoNetworkTier(t *testing.T) {
+	t.Parallel()
+
+	testId := acctest.RandString(t, 10)
+	routerName := fmt.Sprintf("tf-test-router-private-nat-%s", testId)
+	hubName := fmt.Sprintf("%s-hub", routerName)
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		CheckDestroy:             testAccCheckComputeRouterNatDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccComputeRouterNatWitAutoNetworkTier(routerName, hubName),
+			},
+			{
+				// implicitly full ImportStateId
+				ResourceName:      "google_compute_router_nat.foobar",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func TestAccComputeRouterNat_withPrivateNat(t *testing.T) {
 	t.Parallel()
 
@@ -1665,44 +1690,6 @@ resource "google_compute_router_nat" "foobar" {
 `, routerName, routerName, routerName, routerName)
 }
 
-func testAccComputeRouterNatPrivateType(routerName string) string {
-	return fmt.Sprintf(`
-resource "google_compute_network" "foobar" {
-  name                    = "%s-net"
-  auto_create_subnetworks = false
-}
-
-resource "google_compute_subnetwork" "foobar" {
-  name          = "%s-subnet"
-  network       = google_compute_network.foobar.self_link
-  ip_cidr_range = "10.0.0.0/16"
-  region        = "us-central1"
-  purpose          = "PRIVATE_NAT"
-}
-
-resource "google_compute_router" "foobar" {
-  name    = "%s"
-  region  = google_compute_subnetwork.foobar.region
-  network = google_compute_network.foobar.self_link
-}
-
-resource "google_compute_router_nat" "foobar" {
-  name                               = "%s"
-  router                             = google_compute_router.foobar.name
-  region                             = google_compute_router.foobar.region
-  source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
-  type = "PRIVATE" 
-  enable_dynamic_port_allocation = false
-  enable_endpoint_independent_mapping = false
-  min_ports_per_vm = 32
-  subnetwork {
-    name                    = google_compute_subnetwork.foobar.id
-    source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
-  }
-}
-`, routerName, routerName, routerName, routerName)
-}
-
 func testAccComputeRouterNatBaseResourcesWithPrivateNatSubnetworks(routerName, hubName string) string {
 	return fmt.Sprintf(`
 resource "google_compute_network" "foobar" {
@@ -1771,6 +1758,44 @@ resource "google_compute_router" "foobar" {
 `, routerName, routerName, routerName, routerName, routerName, hubName, routerName, routerName)
 }
 
+func testAccComputeRouterNatPrivateType(routerName string) string {
+	return fmt.Sprintf(`
+resource "google_compute_network" "foobar" {
+  name                    = "%s-net"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "foobar" {
+  name          = "%s-subnet"
+  network       = google_compute_network.foobar.self_link
+  ip_cidr_range = "10.0.0.0/16"
+  region        = "us-central1"
+  purpose          = "PRIVATE_NAT"
+}
+
+resource "google_compute_router" "foobar" {
+  name    = "%s"
+  region  = google_compute_subnetwork.foobar.region
+  network = google_compute_network.foobar.self_link
+}
+
+resource "google_compute_router_nat" "foobar" {
+  name                               = "%s"
+  router                             = google_compute_router.foobar.name
+  region                             = google_compute_router.foobar.region
+  source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
+  type = "PRIVATE"
+  enable_dynamic_port_allocation = false
+  enable_endpoint_independent_mapping = false
+  min_ports_per_vm = 32
+  subnetwork {
+    name                    = google_compute_subnetwork.foobar.id
+    source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
+  }
+}
+`, routerName, routerName, routerName, routerName)
+}
+
 func testAccComputeRouterNatRulesBasic_privateNatOmitRules(routerName, hubName string) string {
 	return fmt.Sprintf(`
 %s
@@ -1780,7 +1805,7 @@ resource "google_compute_router_nat" "foobar" {
   router                              = google_compute_router.foobar.name
   region                              = google_compute_router.foobar.region
   source_subnetwork_ip_ranges_to_nat  = "LIST_OF_SUBNETWORKS"
-  type                                = "PRIVATE" 
+  type                                = "PRIVATE"
   enable_dynamic_port_allocation      = false
   enable_endpoint_independent_mapping = false
   min_ports_per_vm = 32
@@ -1801,7 +1826,7 @@ resource "google_compute_router_nat" "foobar" {
   router                              = google_compute_router.foobar.name
   region                              = google_compute_router.foobar.region
   source_subnetwork_ip_ranges_to_nat  = "LIST_OF_SUBNETWORKS"
-  type                                = "PRIVATE" 
+  type                                = "PRIVATE"
   enable_dynamic_port_allocation      = false
   enable_endpoint_independent_mapping = false
   min_ports_per_vm = 32
@@ -1832,7 +1857,7 @@ resource "google_compute_router_nat" "foobar" {
   router                              = google_compute_router.foobar.name
   region                              = google_compute_router.foobar.region
   source_subnetwork_ip_ranges_to_nat  = "LIST_OF_SUBNETWORKS"
-  type                                = "PRIVATE" 
+  type                                = "PRIVATE"
   enable_dynamic_port_allocation      = false
   enable_endpoint_independent_mapping = false
   min_ports_per_vm = 32
@@ -1860,7 +1885,7 @@ resource "google_compute_router_nat" "foobar" {
   router                              = google_compute_router.foobar.name
   region                              = google_compute_router.foobar.region
   source_subnetwork_ip_ranges_to_nat  = "LIST_OF_SUBNETWORKS"
-  type                                = "PRIVATE" 
+  type                                = "PRIVATE"
   enable_dynamic_port_allocation      = false
   enable_endpoint_independent_mapping = false
   min_ports_per_vm = 32
@@ -1880,3 +1905,19 @@ resource "google_compute_router_nat" "foobar" {
 }
 `, testAccComputeRouterNatBaseResourcesWithPrivateNatSubnetworks(routerName, hubName), routerName, ruleNumber, ruleDescription, match)
 }
+
+func testAccComputeRouterNatWitAutoNetworkTier(routerName, hubName string) string {
+	return fmt.Sprintf(`
+%s
+
+resource "google_compute_router_nat" "foobar" {
+  name                                = "%s"
+  router                              = google_compute_router.foobar.name
+  region                              = google_compute_router.foobar.region
+
+  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
+  nat_ip_allocate_option             = "AUTO_ONLY"
+  auto_network_tier                  = "PREMIUM"
+}
+`, testAccComputeRouterNatBaseResourcesWithPrivateNatSubnetworks(routerName, hubName), routerName)
+}
diff --git a/website/docs/r/compute_router_nat.html.markdown b/website/docs/r/compute_router_nat.html.markdown
@@ -377,6 +377,13 @@ The following arguments are supported:
   Default value is `PUBLIC`.
   Possible values are: `PUBLIC`, `PRIVATE`.
 
+* `auto_network_tier` -
+  (Optional)
+  The network tier to use when automatically reserving NAT IP addresses.
+  Must be one of: PREMIUM, STANDARD. If not specified, then the current
+  project-level default tier is used.
+  Possible values are: `PREMIUM`, `STANDARD`.
+
 * `region` -
   (Optional)
   Region where the router and NAT reside.