docs: add gcp peering example

Author: ianaya89

docs/resources/env_aws.md

@@ -196,11 +196,6 @@ data "altinitycloud_env_aws_status" "this" {
   name                           = altinitycloud_env_aws.this.name
   wait_for_applied_spec_revision = altinitycloud_env_aws.this.spec_revision
 }
-
-resource "aws_vpc_peering_connection_accepter" "peer" {
-  vpc_peering_connection_id = data.altinitycloud_env_aws_status.this.peering_connections[0].id
-  auto_accept               = true
-}
 ```
 
 <!-- schema generated by tfplugindocs -->

docs/resources/env_gcp.md

@@ -188,6 +188,234 @@ Optional:
 
 
 
+<a id="nestedatt--maintenance_windows"></a>
+### Nested Schema for `maintenance_windows`
+
+Required:
+
+- `days` (List of String) Days on which maintenance can take place.
+
+		Possible values:
+		- "MONDAY"
+		- "TUESDAY"
+		- "WEDNESDAY"
+		- "THURSDAY"
+		- "FRIDAY"
+		- "SATURDAY"
+		- "SUNDAY"
+- `hour` (Number) Hour of the day in [0, 23] range.
+- `length_in_hours` (Number) Maintenance window length in hours. 4h min, 24h max.
+- `name` (String) Maintenance window identifier
+
+Optional:
+
+- `enabled` (Boolean) Set to `true` if maintenance window is enabled, `false` otherwise. (default `false`)
+
+
+<a id="nestedatt--peering_connections"></a>
+### Nested Schema for `peering_connections`
+
+Required:
+
+- `network_name` (String) Target network name.
+
+Optional:
+
+- `project_id` (String) Target network's project ID.
+
+### GCP environment with Network peering:
+```terraform
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 4.0"
+    }
+    altinitycloud = {
+      source = "altinity/altinitycloud"
+    }
+  }
+}
+
+provider "google" {
+}
+
+resource "google_project" "this" {
+  project_id          = "YYYYYYYYYYYYYYYYYY"
+  name                = "ZZZZZZZZZZZZZZZZZZ"
+  auto_create_network = false
+}
+
+resource "google_project_iam_member" "this" {
+  for_each = toset([
+    # https://cloud.google.com/iam/docs/understanding-roles
+    "roles/compute.admin",
+    "roles/container.admin",
+    "roles/dns.admin",
+    "roles/storage.admin",
+    "roles/storage.hmacKeyAdmin",
+    "roles/iam.serviceAccountAdmin",
+    "roles/iam.serviceAccountKeyAdmin",
+    "roles/iam.serviceAccountTokenCreator",
+    "roles/iam.serviceAccountUser",
+    "roles/iam.workloadIdentityPoolAdmin",
+    "roles/serviceusage.serviceUsageAdmin",
+    "roles/resourcemanager.projectIamAdmin",
+    "roles/iap.tunnelResourceAccessor"
+  ])
+  project = google_project.this.id
+  role    = each.key
+  member  = "group:[email protected]"
+}
+
+resource "altinitycloud_env_gcp" "this" {
+  name           = "acme-staging"
+  gcp_project_id = google_project.this.project_id
+  region         = "us-east1"
+  zones          = ["us-east1-b", "us-east1-d"]
+  cidr           = "10.67.0.0/21"
+
+  load_balancers = {
+    private = {
+      enabled = true
+    }
+  }
+
+  node_groups = [
+    {
+      node_type         = "e2-standard-2"
+      capacity_per_zone = 10
+      reservations      = ["SYSTEM", "ZOOKEEPER"]
+    },
+    {
+      node_type         = "n2d-standard-2"
+      capacity_per_zone = 10
+      reservations      = ["CLICKHOUSE"]
+    }
+  ]
+
+  peering_connections = {
+    project_id   = "peering-project-id"  # Replace with actual peering project ID
+    network_name = "peering-network-name"  # Replace with actual peering network name
+  }
+}
+
+// Since the environment provisioning is an async process, this data source is used to wait for environment to be fully provisioned.
+data "altinitycloud_env_gcp_status" "this" {
+  name                           = altinitycloud_env_gcp.this.name
+  wait_for_applied_spec_revision = altinitycloud_env_gcp.this.spec_revision
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `cidr` (String) VPC CIDR block from the private IPv4 address ranges as specified in RFC 1918 (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). At least /21 required. **[IMMUTABLE]**
+
+		Examples:
+		- "10.136.0.0/21"
+		- "172.20.0.0/21"
+- `gcp_project_id` (String) ID of the GCP project ([docs](https://support.google.com/googleapi/answer/7014113?hl=en#:~:text=The%20project%20ID%20is%20a,ID%20or%20create%20your%20own.)) in which to provision GCP resources. **[IMMUTABLE]**
+- `name` (String) A globally-unique environment identifier. **[IMMUTABLE]**
+
+		- All environment names must start with your account name as prefix.
+		- ⚠️ Changing environment name after creation will force a resource replacement.
+
+		Examples:
+		- "acme-staging" (where "acme" is your account name)
+- `node_groups` (Attributes List) List of node groups. At least one required. (see [below for nested schema](#nestedatt--node_groups))
+- `region` (String) GCP region ([docs](https://cloud.google.com/about/locations)). **[IMMUTABLE]**
+
+		Examples:
+		- "us-west1".
+
+### Optional
+
+- `allow_delete_while_disconnected` (Boolean) Set to `true` to allow deletion of the environment while it is disconnected from the cloud connect. If the the environment is not connected during the deletion process you will end up in a delete timeout (default `false`).
+- `custom_domain` (String) Custom domain.
+
+		Examples:
+		- "example.com"
+		- "foo.bar.com"
+
+		Before specifying custom domain, please create the following DNS records:
+		- CNAME _acme-challenge.example.com. $env_name.altinity.cloud.
+		- (optional, public load balancer)
+			CNAME *.example.com. _.$env_name.altinity.cloud.
+		- (optional, internal load balancer)
+			CNAME *.internal.example.com. _.internal.$env_name.altinity.cloud.
+		- (optional, vpce)
+			CNAME *.vpce.example.com. _.vpce.$env_name.altinity.cloud.
+- `force_destroy` (Boolean) Locks the environment for accidental deletion when running `terraform destroy` command. Your environment will be deleted, only when setting this parameter to `true`. Once this parameter is set to `true`, there must be a successful `terraform apply` run (before running the `terraform destroy`) to update this value in the state. Without a successful `terraform apply` after this parameter is set, this flag will have no effect. (default `false`)
+- `force_destroy_clusters` (Boolean) By default, the destroy operation will not delete any provisioned clusters and the deletion will fail until the clusters get removed. Set to `true` to remove all provisioned clusters as part of the environment deletion process.
+- `load_balancers` (Attributes) Load balancers configuration. (see [below for nested schema](#nestedatt--load_balancers))
+- `load_balancing_strategy` (String) Load balancing strategy for the environment.
+
+		Possible Values:
+		- "ROUND_ROBIN": load balance traffic across all zones in round-robin fashion (default)
+		- "ZONE_BEST_EFFORT": keep traffic within same zone
+- `maintenance_windows` (Attributes List) List of maintenance windows during which automatic maintenance is permitted. By default updates are applied as soon as they are available. (see [below for nested schema](#nestedatt--maintenance_windows))
+- `peering_connections` (Attributes List) Network peering configuration. (see [below for nested schema](#nestedatt--peering_connections))
+- `private_service_consumers` (List of String) List of project IDs representing the network's private service consumers.
+- `skip_deprovision_on_destroy` (Boolean) Set to `true` will delete without waiting for environment deprovisioning. Use this with precaution, it may end up with dangling resources in your cloud provider (default `false`).
+- `zones` (List of String) Explicit list of GCP zones. At least 2 required.
+		Examples:
+		- ["us-west1a", "us-west1b"]
+
+### Read-Only
+
+- `id` (String) ID of the environment (automatically generated based on the name)
+- `spec_revision` (Number) Spec revision
+
+<a id="nestedatt--node_groups"></a>
+### Nested Schema for `node_groups`
+
+Required:
+
+- `capacity_per_zone` (Number) Maximum number of instances per availability zone.
+- `node_type` (String) List of node groups. At least one required.
+- `reservations` (Set of String) Types of workload that are allowed to be scheduled onto the nodes that belong to this group.
+
+		Possible values:
+		- "SYSTEM" (at least one node group must include a SYSTEM reservation)
+		- "CLICKHOUSE"
+		- "ZOOKEEPER"
+
+Optional:
+
+- `name` (String) Unique (among environment node groups) node group identifier.
+- `zones` (List of String) Availability zones. Check possible available zones in your cloud provider documentation
+
+
+<a id="nestedatt--load_balancers"></a>
+### Nested Schema for `load_balancers`
+
+Optional:
+
+- `internal` (Attributes) Internal load balancer configuration. Accessible via `*.internal.$env_name.altinity.cloud`. (see [below for nested schema](#nestedatt--load_balancers--internal))
+- `public` (Attributes) Public load balancer configuration. Accessible via `*.$env_name.altinity.cloud`. (see [below for nested schema](#nestedatt--load_balancers--public))
+
+<a id="nestedatt--load_balancers--internal"></a>
+### Nested Schema for `load_balancers.internal`
+
+Optional:
+
+- `enabled` (Boolean) Set to `true` if load balancer is enabled, `false` otherwise. (default `false`)
+- `source_ip_ranges` (List of String) IP addresses/blocks to allow traffic from (default `"0.0.0.0/0"`).
+
+
+<a id="nestedatt--load_balancers--public"></a>
+### Nested Schema for `load_balancers.public`
+
+Optional:
+
+- `enabled` (Boolean) Set to `true` if load balancer is enabled, `false` otherwise. (default `false`)
+- `source_ip_ranges` (List of String) IP addresses/blocks to allow traffic from (default `"0.0.0.0/0"`).
+
+
+
 <a id="nestedatt--maintenance_windows"></a>
 ### Nested Schema for `maintenance_windows`
 

examples/resources/altinitycloud_env_aws/peering/main.tf

@@ -57,8 +57,3 @@ data "altinitycloud_env_aws_status" "this" {
   name                           = altinitycloud_env_aws.this.name
   wait_for_applied_spec_revision = altinitycloud_env_aws.this.spec_revision
 }
-
-resource "aws_vpc_peering_connection_accepter" "peer" {
-  vpc_peering_connection_id = data.altinitycloud_env_aws_status.this.peering_connections[0].id
-  auto_accept               = true
-}

examples/resources/altinitycloud_env_gcp/peering/main.tf

@@ -0,0 +1,80 @@
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 4.0"
+    }
+    altinitycloud = {
+      source = "altinity/altinitycloud"
+    }
+  }
+}
+
+provider "google" {
+}
+
+resource "google_project" "this" {
+  project_id          = "YYYYYYYYYYYYYYYYYY"
+  name                = "ZZZZZZZZZZZZZZZZZZ"
+  auto_create_network = false
+}
+
+resource "google_project_iam_member" "this" {
+  for_each = toset([
+    # https://cloud.google.com/iam/docs/understanding-roles
+    "roles/compute.admin",
+    "roles/container.admin",
+    "roles/dns.admin",
+    "roles/storage.admin",
+    "roles/storage.hmacKeyAdmin",
+    "roles/iam.serviceAccountAdmin",
+    "roles/iam.serviceAccountKeyAdmin",
+    "roles/iam.serviceAccountTokenCreator",
+    "roles/iam.serviceAccountUser",
+    "roles/iam.workloadIdentityPoolAdmin",
+    "roles/serviceusage.serviceUsageAdmin",
+    "roles/resourcemanager.projectIamAdmin",
+    "roles/iap.tunnelResourceAccessor"
+  ])
+  project = google_project.this.id
+  role    = each.key
+  member  = "group:[email protected]"
+}
+
+resource "altinitycloud_env_gcp" "this" {
+  name           = "acme-staging"
+  gcp_project_id = google_project.this.project_id
+  region         = "us-east1"
+  zones          = ["us-east1-b", "us-east1-d"]
+  cidr           = "10.67.0.0/21"
+
+  load_balancers = {
+    private = {
+      enabled = true
+    }
+  }
+
+  node_groups = [
+    {
+      node_type         = "e2-standard-2"
+      capacity_per_zone = 10
+      reservations      = ["SYSTEM", "ZOOKEEPER"]
+    },
+    {
+      node_type         = "n2d-standard-2"
+      capacity_per_zone = 10
+      reservations      = ["CLICKHOUSE"]
+    }
+  ]
+
+  peering_connections = {
+    project_id   = "peering-project-id"  # Replace with actual peering project ID
+    network_name = "peering-network-name"  # Replace with actual peering network name
+  }
+}
+
+// Since the environment provisioning is an async process, this data source is used to wait for environment to be fully provisioned.
+data "altinitycloud_env_gcp_status" "this" {
+  name                           = altinitycloud_env_gcp.this.name
+  wait_for_applied_spec_revision = altinitycloud_env_gcp.this.spec_revision
+}

templates/resources/env_gcp.md.tmpl

@@ -16,6 +16,11 @@ description: |-
 
 {{ .SchemaMarkdown | trimspace }}
 
+### GCP environment with Network peering:
+{{tffile "examples/resources/altinitycloud_env_gcp/peering/main.tf"}}
+
+{{ .SchemaMarkdown | trimspace }}
+
 {{- if .HasImport }}
 ## Import