From bf6c9794822f528fa33b4621143425376f6dca6a Mon Sep 17 00:00:00 2001 From: The Magician Date: Tue, 2 Aug 2022 09:25:35 -0700 Subject: [PATCH] Add missing output fields to Certificate resource. (#6322) (#4548) Co-authored-by: Pawel Krawczyk Signed-off-by: Modular Magician Co-authored-by: Pawel Krawczyk --- .changelog/6322.txt | 3 + ...esource_certificate_manager_certificate.go | 261 ++++++++++++++++-- ...rce_certificate_manager_certificate_map.go | 2 +- ...rtificate_manager_certificate_map_entry.go | 22 +- ...e_certificate_manager_dns_authorization.go | 9 +- ...tificate_manager_certificate.html.markdown | 54 +++- ...cate_manager_certificate_map.html.markdown | 2 +- ...anager_certificate_map_entry.html.markdown | 7 +- ...te_manager_dns_authorization.html.markdown | 7 +- 9 files changed, 308 insertions(+), 59 deletions(-) create mode 100644 .changelog/6322.txt diff --git a/.changelog/6322.txt b/.changelog/6322.txt new file mode 100644 index 0000000000..ffd65551ee --- /dev/null +++ b/.changelog/6322.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +certificatemanager: added `state`, `authorization_attempt_info` and `provisioning_issue` output fields to `google_certificate_manager_certificate` +``` diff --git a/google-beta/resource_certificate_manager_certificate.go b/google-beta/resource_certificate_manager_certificate.go index 515ac34931..d4d8ecfee9 100644 --- a/google-beta/resource_certificate_manager_certificate.go +++ b/google-beta/resource_certificate_manager_certificate.go @@ -65,7 +65,7 @@ and all following characters must be a dash, underscore, letter or digit.`, "labels": { Type: schema.TypeMap, Optional: true, - Description: `Set of label tags associated with the EdgeCache resource.`, + Description: `Set of label tags associated with the Certificate resource.`, Elem: &schema.Schema{Type: schema.TypeString}, }, "managed": { @@ -97,10 +97,63 @@ Wildcard domains are only supported with DNS challenge resolution`, Type: schema.TypeString, }, }, + "authorization_attempt_info": { + Type: schema.TypeList, + Computed: true, + Description: `Detailed state of the latest authorization attempt for each domain +specified for this Managed Certificate.`, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "details": { + Type: schema.TypeString, + Computed: true, + Description: `Human readable explanation for reaching the state. Provided to help +address the configuration issues. +Not guaranteed to be stable. For programmatic access use 'failure_reason' field.`, + }, + "domain": { + Type: schema.TypeString, + Computed: true, + Description: `Domain name of the authorization attempt.`, + }, + "failure_reason": { + Type: schema.TypeString, + Computed: true, + Description: `Reason for failure of the authorization attempt for the domain.`, + }, + "state": { + Type: schema.TypeString, + Computed: true, + Description: `State of the domain for managed certificate issuance.`, + }, + }, + }, + }, + "provisioning_issue": { + Type: schema.TypeList, + Computed: true, + Description: `Information about issues with provisioning this Managed Certificate.`, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "details": { + Type: schema.TypeString, + Computed: true, + Description: `Human readable explanation about the issue. Provided to help address +the configuration issues. +Not guaranteed to be stable. For programmatic access use 'reason' field.`, + }, + "reason": { + Type: schema.TypeString, + Computed: true, + Description: `Reason for provisioning failures.`, + }, + }, + }, + }, "state": { Type: schema.TypeString, Computed: true, - Description: `State of the managed certificate resource.`, + Description: `A state of this Managed Certificate.`, }, }, }, @@ -110,16 +163,15 @@ Wildcard domains are only supported with DNS challenge resolution`, Type: schema.TypeString, Optional: true, ForceNew: true, - ValidateFunc: validateEnum([]string{"DEFAULT", "EDGE_CACHE", ""}), DiffSuppressFunc: certManagerDefaultScopeDiffSuppress, Description: `The scope of the certificate. -Certificates with default scope are served from core Google data centers. +DEFAULT: Certificates with default scope are served from core Google data centers. If unsure, choose this option. -Certificates with scope EDGE_CACHE are special-purposed certificates, +EDGE_CACHE: Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers. -Currently allowed only for managed certificates. Default value: "DEFAULT" Possible values: ["DEFAULT", "EDGE_CACHE"]`, +Currently allowed only for managed certificates.`, Default: "DEFAULT", }, "self_managed": { @@ -483,24 +535,88 @@ func flattenCertificateManagerCertificateManaged(v interface{}, d *schema.Resour return nil } transformed := make(map[string]interface{}) - transformed["state"] = - flattenCertificateManagerCertificateManagedState(original["state"], d, config) transformed["domains"] = flattenCertificateManagerCertificateManagedDomains(original["domains"], d, config) transformed["dns_authorizations"] = flattenCertificateManagerCertificateManagedDnsAuthorizations(original["dnsAuthorizations"], d, config) + transformed["state"] = + flattenCertificateManagerCertificateManagedState(original["state"], d, config) + transformed["provisioning_issue"] = + flattenCertificateManagerCertificateManagedProvisioningIssue(original["provisioningIssue"], d, config) + transformed["authorization_attempt_info"] = + flattenCertificateManagerCertificateManagedAuthorizationAttemptInfo(original["authorizationAttemptInfo"], d, config) return []interface{}{transformed} } +func flattenCertificateManagerCertificateManagedDomains(v interface{}, d *schema.ResourceData, config *Config) interface{} { + return v +} + +func flattenCertificateManagerCertificateManagedDnsAuthorizations(v interface{}, d *schema.ResourceData, config *Config) interface{} { + return d.Get("managed.0.dns_authorizations") +} + func flattenCertificateManagerCertificateManagedState(v interface{}, d *schema.ResourceData, config *Config) interface{} { return v } -func flattenCertificateManagerCertificateManagedDomains(v interface{}, d *schema.ResourceData, config *Config) interface{} { +func flattenCertificateManagerCertificateManagedProvisioningIssue(v interface{}, d *schema.ResourceData, config *Config) interface{} { + if v == nil { + return nil + } + original := v.(map[string]interface{}) + if len(original) == 0 { + return nil + } + transformed := make(map[string]interface{}) + transformed["reason"] = + flattenCertificateManagerCertificateManagedProvisioningIssueReason(original["reason"], d, config) + transformed["details"] = + flattenCertificateManagerCertificateManagedProvisioningIssueDetails(original["details"], d, config) + return []interface{}{transformed} +} +func flattenCertificateManagerCertificateManagedProvisioningIssueReason(v interface{}, d *schema.ResourceData, config *Config) interface{} { return v } -func flattenCertificateManagerCertificateManagedDnsAuthorizations(v interface{}, d *schema.ResourceData, config *Config) interface{} { - return d.Get("managed.0.dns_authorizations") +func flattenCertificateManagerCertificateManagedProvisioningIssueDetails(v interface{}, d *schema.ResourceData, config *Config) interface{} { + return v +} + +func flattenCertificateManagerCertificateManagedAuthorizationAttemptInfo(v interface{}, d *schema.ResourceData, config *Config) interface{} { + if v == nil { + return v + } + l := v.([]interface{}) + transformed := make([]interface{}, 0, len(l)) + for _, raw := range l { + original := raw.(map[string]interface{}) + if len(original) < 1 { + // Do not include empty json objects coming back from the api + continue + } + transformed = append(transformed, map[string]interface{}{ + "domain": flattenCertificateManagerCertificateManagedAuthorizationAttemptInfoDomain(original["domain"], d, config), + "state": flattenCertificateManagerCertificateManagedAuthorizationAttemptInfoState(original["state"], d, config), + "failure_reason": flattenCertificateManagerCertificateManagedAuthorizationAttemptInfoFailureReason(original["failureReason"], d, config), + "details": flattenCertificateManagerCertificateManagedAuthorizationAttemptInfoDetails(original["details"], d, config), + }) + } + return transformed +} +func flattenCertificateManagerCertificateManagedAuthorizationAttemptInfoDomain(v interface{}, d *schema.ResourceData, config *Config) interface{} { + return v +} + +func flattenCertificateManagerCertificateManagedAuthorizationAttemptInfoState(v interface{}, d *schema.ResourceData, config *Config) interface{} { + return v +} + +func flattenCertificateManagerCertificateManagedAuthorizationAttemptInfoFailureReason(v interface{}, d *schema.ResourceData, config *Config) interface{} { + return v +} + +func flattenCertificateManagerCertificateManagedAuthorizationAttemptInfoDetails(v interface{}, d *schema.ResourceData, config *Config) interface{} { + return v } func expandCertificateManagerCertificateDescription(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { @@ -565,6 +681,20 @@ func expandCertificateManagerCertificateManaged(v interface{}, d TerraformResour original := raw.(map[string]interface{}) transformed := make(map[string]interface{}) + transformedDomains, err := expandCertificateManagerCertificateManagedDomains(original["domains"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedDomains); val.IsValid() && !isEmptyValue(val) { + transformed["domains"] = transformedDomains + } + + transformedDnsAuthorizations, err := expandCertificateManagerCertificateManagedDnsAuthorizations(original["dns_authorizations"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedDnsAuthorizations); val.IsValid() && !isEmptyValue(val) { + transformed["dnsAuthorizations"] = transformedDnsAuthorizations + } + transformedState, err := expandCertificateManagerCertificateManagedState(original["state"], d, config) if err != nil { return nil, err @@ -572,31 +702,124 @@ func expandCertificateManagerCertificateManaged(v interface{}, d TerraformResour transformed["state"] = transformedState } - transformedDomains, err := expandCertificateManagerCertificateManagedDomains(original["domains"], d, config) + transformedProvisioningIssue, err := expandCertificateManagerCertificateManagedProvisioningIssue(original["provisioning_issue"], d, config) if err != nil { return nil, err - } else if val := reflect.ValueOf(transformedDomains); val.IsValid() && !isEmptyValue(val) { - transformed["domains"] = transformedDomains + } else if val := reflect.ValueOf(transformedProvisioningIssue); val.IsValid() && !isEmptyValue(val) { + transformed["provisioningIssue"] = transformedProvisioningIssue } - transformedDnsAuthorizations, err := expandCertificateManagerCertificateManagedDnsAuthorizations(original["dns_authorizations"], d, config) + transformedAuthorizationAttemptInfo, err := expandCertificateManagerCertificateManagedAuthorizationAttemptInfo(original["authorization_attempt_info"], d, config) if err != nil { return nil, err - } else if val := reflect.ValueOf(transformedDnsAuthorizations); val.IsValid() && !isEmptyValue(val) { - transformed["dnsAuthorizations"] = transformedDnsAuthorizations + } else if val := reflect.ValueOf(transformedAuthorizationAttemptInfo); val.IsValid() && !isEmptyValue(val) { + transformed["authorizationAttemptInfo"] = transformedAuthorizationAttemptInfo } return transformed, nil } +func expandCertificateManagerCertificateManagedDomains(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { + return v, nil +} + +func expandCertificateManagerCertificateManagedDnsAuthorizations(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { + return v, nil +} + func expandCertificateManagerCertificateManagedState(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { return v, nil } -func expandCertificateManagerCertificateManagedDomains(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { +func expandCertificateManagerCertificateManagedProvisioningIssue(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { + l := v.([]interface{}) + if len(l) == 0 || l[0] == nil { + return nil, nil + } + raw := l[0] + original := raw.(map[string]interface{}) + transformed := make(map[string]interface{}) + + transformedReason, err := expandCertificateManagerCertificateManagedProvisioningIssueReason(original["reason"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedReason); val.IsValid() && !isEmptyValue(val) { + transformed["reason"] = transformedReason + } + + transformedDetails, err := expandCertificateManagerCertificateManagedProvisioningIssueDetails(original["details"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedDetails); val.IsValid() && !isEmptyValue(val) { + transformed["details"] = transformedDetails + } + + return transformed, nil +} + +func expandCertificateManagerCertificateManagedProvisioningIssueReason(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { return v, nil } -func expandCertificateManagerCertificateManagedDnsAuthorizations(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { +func expandCertificateManagerCertificateManagedProvisioningIssueDetails(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { + return v, nil +} + +func expandCertificateManagerCertificateManagedAuthorizationAttemptInfo(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { + l := v.([]interface{}) + req := make([]interface{}, 0, len(l)) + for _, raw := range l { + if raw == nil { + continue + } + original := raw.(map[string]interface{}) + transformed := make(map[string]interface{}) + + transformedDomain, err := expandCertificateManagerCertificateManagedAuthorizationAttemptInfoDomain(original["domain"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedDomain); val.IsValid() && !isEmptyValue(val) { + transformed["domain"] = transformedDomain + } + + transformedState, err := expandCertificateManagerCertificateManagedAuthorizationAttemptInfoState(original["state"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedState); val.IsValid() && !isEmptyValue(val) { + transformed["state"] = transformedState + } + + transformedFailureReason, err := expandCertificateManagerCertificateManagedAuthorizationAttemptInfoFailureReason(original["failure_reason"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedFailureReason); val.IsValid() && !isEmptyValue(val) { + transformed["failureReason"] = transformedFailureReason + } + + transformedDetails, err := expandCertificateManagerCertificateManagedAuthorizationAttemptInfoDetails(original["details"], d, config) + if err != nil { + return nil, err + } else if val := reflect.ValueOf(transformedDetails); val.IsValid() && !isEmptyValue(val) { + transformed["details"] = transformedDetails + } + + req = append(req, transformed) + } + return req, nil +} + +func expandCertificateManagerCertificateManagedAuthorizationAttemptInfoDomain(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { + return v, nil +} + +func expandCertificateManagerCertificateManagedAuthorizationAttemptInfoState(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { + return v, nil +} + +func expandCertificateManagerCertificateManagedAuthorizationAttemptInfoFailureReason(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { + return v, nil +} + +func expandCertificateManagerCertificateManagedAuthorizationAttemptInfoDetails(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) { return v, nil } diff --git a/google-beta/resource_certificate_manager_certificate_map.go b/google-beta/resource_certificate_manager_certificate_map.go index e8900852f3..cb8d7098d7 100644 --- a/google-beta/resource_certificate_manager_certificate_map.go +++ b/google-beta/resource_certificate_manager_certificate_map.go @@ -52,7 +52,7 @@ globally and match the pattern 'projects/*/locations/*/certificateMaps/*'.`, "description": { Type: schema.TypeString, Optional: true, - Description: `One or more paragraphs of text description of a certificate map entry.`, + Description: `A human-readable description of the resource.`, }, "labels": { Type: schema.TypeMap, diff --git a/google-beta/resource_certificate_manager_certificate_map_entry.go b/google-beta/resource_certificate_manager_certificate_map_entry.go index 64cc097c8f..99f16ffcaf 100644 --- a/google-beta/resource_certificate_manager_certificate_map_entry.go +++ b/google-beta/resource_certificate_manager_certificate_map_entry.go @@ -69,10 +69,9 @@ names must be unique globally and match pattern 'projects/*/locations/*/certificateMaps/*/certificateMapEntries/*'`, }, "description": { - Type: schema.TypeString, - Optional: true, - Description: `CertificateMapEntry is a list of certificate configurations, -that have been issued for a particular hostname`, + Type: schema.TypeString, + Optional: true, + Description: `A human-readable description of the resource.`, }, "hostname": { Type: schema.TypeString, @@ -94,8 +93,7 @@ Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.`, "matcher": { Type: schema.TypeString, Optional: true, - ValidateFunc: validateEnum([]string{"MATCHER_UNSPECIFIED", "PRIMARY", ""}), - Description: `A predefined matcher for particular cases, other than SNI selection Possible values: ["MATCHER_UNSPECIFIED", "PRIMARY"]`, + Description: `A predefined matcher for particular cases, other than SNI selection`, ExactlyOneOf: []string{"hostname", "matcher"}, }, "create_time": { @@ -106,15 +104,9 @@ with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".`, }, "state": { - Type: schema.TypeString, - Computed: true, - Description: `A serving state of this Certificate Map Entry. - -The status is undefined. - -The configuration is serving. - -Update is in progress. Some frontends may serve this configuration.`, + Type: schema.TypeString, + Computed: true, + Description: `A serving state of this Certificate Map Entry.`, }, "update_time": { Type: schema.TypeString, diff --git a/google-beta/resource_certificate_manager_dns_authorization.go b/google-beta/resource_certificate_manager_dns_authorization.go index dcfed30c3e..193d4a9767 100644 --- a/google-beta/resource_certificate_manager_dns_authorization.go +++ b/google-beta/resource_certificate_manager_dns_authorization.go @@ -66,7 +66,7 @@ and all following characters must be a dash, underscore, letter or digit.`, "labels": { Type: schema.TypeMap, Optional: true, - Description: `Set of label tags associated with the EdgeCache resource.`, + Description: `Set of label tags associated with the DNS Authorization resource.`, Elem: &schema.Schema{Type: schema.TypeString}, }, "dns_resource_record": { @@ -83,9 +83,10 @@ certificate.`, Description: `Data of the DNS Resource Record.`, }, "name": { - Type: schema.TypeString, - Computed: true, - Description: `Fully qualified name of the DNS Resource Record.`, + Type: schema.TypeString, + Computed: true, + Description: `Fully qualified name of the DNS Resource Record. +E.g. '_acme-challenge.example.com'.`, }, "type": { Type: schema.TypeString, diff --git a/website/docs/r/certificate_manager_certificate.html.markdown b/website/docs/r/certificate_manager_certificate.html.markdown index 8accbf5bef..07b5a51d20 100644 --- a/website/docs/r/certificate_manager_certificate.html.markdown +++ b/website/docs/r/certificate_manager_certificate.html.markdown @@ -15,12 +15,12 @@ subcategory: "Certificate manager" page_title: "Google: google_certificate_manager_certificate" description: |- - Certificate represents a HTTP-reachable backend for an Certificate. + Certificate represents a HTTP-reachable backend for a Certificate. --- # google\_certificate\_manager\_certificate -Certificate represents a HTTP-reachable backend for an Certificate. +Certificate represents a HTTP-reachable backend for a Certificate. @@ -89,18 +89,16 @@ The following arguments are supported: * `labels` - (Optional) - Set of label tags associated with the EdgeCache resource. + Set of label tags associated with the Certificate resource. * `scope` - (Optional) The scope of the certificate. - Certificates with default scope are served from core Google data centers. + DEFAULT: Certificates with default scope are served from core Google data centers. If unsure, choose this option. - Certificates with scope EDGE_CACHE are special-purposed certificates, + EDGE_CACHE: Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers. Currently allowed only for managed certificates. - Default value is `DEFAULT`. - Possible values are `DEFAULT` and `EDGE_CACHE`. * `self_managed` - (Optional) @@ -135,9 +133,6 @@ The following arguments are supported: The `managed` block supports: -* `state` - - State of the managed certificate resource. - * `domains` - (Optional) The domains for which a managed SSL certificate will be generated. @@ -147,6 +142,45 @@ The following arguments are supported: (Optional) Authorizations that will be used for performing domain authorization +* `state` - + A state of this Managed Certificate. + +* `provisioning_issue` - + Information about issues with provisioning this Managed Certificate. + Structure is [documented below](#nested_provisioning_issue). + +* `authorization_attempt_info` - + Detailed state of the latest authorization attempt for each domain + specified for this Managed Certificate. + Structure is [documented below](#nested_authorization_attempt_info). + + +The `provisioning_issue` block contains: + +* `reason` - + Reason for provisioning failures. + +* `details` - + Human readable explanation about the issue. Provided to help address + the configuration issues. + Not guaranteed to be stable. For programmatic access use `reason` field. + +The `authorization_attempt_info` block contains: + +* `domain` - + Domain name of the authorization attempt. + +* `state` - + State of the domain for managed certificate issuance. + +* `failure_reason` - + Reason for failure of the authorization attempt for the domain. + +* `details` - + Human readable explanation for reaching the state. Provided to help + address the configuration issues. + Not guaranteed to be stable. For programmatic access use `failure_reason` field. + ## Attributes Reference In addition to the arguments listed above, the following computed attributes are exported: diff --git a/website/docs/r/certificate_manager_certificate_map.html.markdown b/website/docs/r/certificate_manager_certificate_map.html.markdown index 1c81f38e2b..5f2fd557db 100644 --- a/website/docs/r/certificate_manager_certificate_map.html.markdown +++ b/website/docs/r/certificate_manager_certificate_map.html.markdown @@ -63,7 +63,7 @@ The following arguments are supported: * `description` - (Optional) - One or more paragraphs of text description of a certificate map entry. + A human-readable description of the resource. * `labels` - (Optional) diff --git a/website/docs/r/certificate_manager_certificate_map_entry.html.markdown b/website/docs/r/certificate_manager_certificate_map_entry.html.markdown index c2d82bd6a4..c8efacdd6d 100644 --- a/website/docs/r/certificate_manager_certificate_map_entry.html.markdown +++ b/website/docs/r/certificate_manager_certificate_map_entry.html.markdown @@ -115,8 +115,7 @@ The following arguments are supported: * `description` - (Optional) - CertificateMapEntry is a list of certificate configurations, - that have been issued for a particular hostname + A human-readable description of the resource. * `labels` - (Optional) @@ -133,7 +132,6 @@ The following arguments are supported: * `matcher` - (Optional) A predefined matcher for particular cases, other than SNI selection - Possible values are `MATCHER_UNSPECIFIED` and `PRIMARY`. * `project` - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used. @@ -157,9 +155,6 @@ In addition to the arguments listed above, the following computed attributes are * `state` - A serving state of this Certificate Map Entry. - The status is undefined. - The configuration is serving. - Update is in progress. Some frontends may serve this configuration. ## Timeouts diff --git a/website/docs/r/certificate_manager_dns_authorization.html.markdown b/website/docs/r/certificate_manager_dns_authorization.html.markdown index cdd80448e0..60b3deeeb4 100644 --- a/website/docs/r/certificate_manager_dns_authorization.html.markdown +++ b/website/docs/r/certificate_manager_dns_authorization.html.markdown @@ -15,12 +15,12 @@ subcategory: "Certificate manager" page_title: "Google: google_certificate_manager_dns_authorization" description: |- - DnsAuthorization represents a HTTP-reachable backend for an DnsAuthorization. + DnsAuthorization represents a HTTP-reachable backend for a DnsAuthorization. --- # google\_certificate\_manager\_dns\_authorization -DnsAuthorization represents a HTTP-reachable backend for an DnsAuthorization. +DnsAuthorization represents a HTTP-reachable backend for a DnsAuthorization. @@ -81,7 +81,7 @@ The following arguments are supported: * `labels` - (Optional) - Set of label tags associated with the EdgeCache resource. + Set of label tags associated with the DNS Authorization resource. * `project` - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used. @@ -104,6 +104,7 @@ In addition to the arguments listed above, the following computed attributes are * `name` - Fully qualified name of the DNS Resource Record. + E.g. `_acme-challenge.example.com`. * `type` - Type of the DNS Resource Record.