adding feedback resource (#15886)

Co-authored-by: Meng Yang <[email protected]>
Co-authored-by: Chris Hawk <[email protected]>

Author: 3 people

mmv1/products/apigee/SecurityFeedback.yaml

@@ -0,0 +1,118 @@
+# Copyright 2024 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+name: 'SecurityFeedback'
+description: |
+  Represents a feedback report from an Advanced API Security customer.
+  Manages customer feedback about ML models.
+references:
+  guides:
+    'Create a SecurityFeedback': 'https://docs.cloud.google.com/apigee/docs/api-security/abuse-detection#exclude-traffic-from-abuse-detection'
+  api: 'https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.securityFeedback/create'
+base_url: '{{org_id}}/securityFeedback'
+self_link: '{{org_id}}/securityFeedback/{{feedback_id}}'
+create_url: '{{org_id}}/securityFeedback?security_feedback_id={{feedback_id}}'
+update_verb: 'PATCH'
+import_format:
+  - '{{org_id}}/securityFeedback/{{feedback_id}}'
+  - '{{org_id}}/{{feedback_id}}'
+custom_code:
+  custom_import: "templates/terraform/custom_import/apigee_security_feedback.go.tmpl"
+examples:
+  - name: 'apigee_security_feedback_basic'
+    vars:
+      security_feedback_id: 'my-feedback'
+    exclude_test: true
+  - name: 'apigee_security_feedback_basic_test'
+    primary_resource_id: 'security_feedback'
+    test_env_vars:
+      org_id: 'ORG_ID'
+      billing_account: 'BILLING_ACCT'
+    exclude_docs: true
+    external_providers: ["time"]
+parameters:
+  - name: 'orgId'
+    type: String
+    description: |
+      The Apigee Organization associated with the Apigee Security Feedback,
+      in the format `organizations/{{org_name}}`.
+    url_param_only: true
+    required: true
+    immutable: true
+  - name: 'feedbackId'
+    type: String
+    description: |
+      Resource ID of the security feedback.
+    required: true
+    immutable: true
+    url_param_only: true
+properties:
+  - name: 'name'
+    type: String
+    description: |
+      Name of the security feedback resource,
+      in the format `organizations/{{org_name}}/securityFeedback/{{feedback_id}}`.
+    output: true
+  - name: 'displayName'
+    type: String
+    description: The display name of the feedback.
+  - name: 'feedbackContexts'
+    type: Array
+    description: |
+      One or more attribute/value pairs for constraining the feedback.
+    required: true
+    item_type:
+      type: NestedObject
+      properties:
+        - name: attribute
+          type: Enum
+          description: |
+            The attribute the user is providing feedback about.
+          required: true
+          enum_values:
+            - 'ATTRIBUTE_ENVIRONMENTS'
+            - 'ATTRIBUTE_IP_ADDRESS_RANGES'
+        - name: values
+          type: Array
+          description: |
+            The values of the attribute the user is providing feedback about, separated by commas.
+          required: true
+          item_type:
+            type: String
+  - name: 'feedbackType'
+    type: Enum
+    description: The type of feedback being submitted.
+    required: true
+    enum_values:
+      - 'EXCLUDED_DETECTION'
+  - name: 'createTime'
+    type: String
+    description: The time when this specific feedback id was created.
+    output: true
+  - name: 'updateTime'
+    type: String
+    description: The time when this specific feedback id was updated.
+    output: true
+  - name: 'reason'
+    type: Enum
+    description: The reason for the feedback.
+    enum_values:
+      - 'INTERNAL_SYSTEM'
+      - 'NON_RISK_CLIENT'
+      - 'NAT'
+      - 'PENETRATION_TEST'
+      - 'OTHER'
+  - name: 'comment'
+    type: String
+    description: Optional text the user can provide for additional, unstructured context.

mmv1/templates/terraform/custom_import/apigee_security_feedback.go.tmpl

@@ -0,0 +1,32 @@
+config := meta.(*transport_tpg.Config)
+
+// current import_formats cannot import fields with forward slashes in their value
+if err := tpgresource.ParseImportId([]string{"(?P<name>.+)"}, d, config); err != nil {
+	return nil, err
+}
+
+nameParts := strings.Split(d.Get("name").(string), "/")
+if len(nameParts) == 4 {
+    // `organizations/{{"{{"}}org_name{{"}}"}}/securityFeedback/{{"{{"}}feedback_id{{"}}"}}`
+    orgId := fmt.Sprintf("organizations/%s", nameParts[1])
+    if err := d.Set("org_id", orgId); err != nil {
+            return nil, fmt.Errorf("Error setting org_id: %s", err)
+    }
+    if err := d.Set("feedback_id", nameParts[3]); err != nil {
+            return nil, fmt.Errorf("Error setting feedback_id: %s", err)
+    }
+} else {
+    return nil, fmt.Errorf(
+        "Saw %s when the name is expected to have shape %s",
+        d.Get("name"),
+        "organizations/{{"{{"}}org_name{{"}}"}}/securityFeedback/{{"{{"}}name{{"}}"}}")
+}
+
+// Replace import id for the resource id
+id, err := tpgresource.ReplaceVars(d, config, "{{"{{"}}org_id{{"}}"}}/securityFeedback/{{"{{"}}feedback_id{{"}}"}}")
+if err != nil {
+        return nil, fmt.Errorf("Error constructing id: %s", err)
+}
+d.SetId(id)
+
+return []*schema.ResourceData{d}, nil

mmv1/templates/terraform/examples/apigee_security_feedback_basic.tf.tmpl

@@ -0,0 +1,55 @@
+data "google_client_config" "current" {}
+
+resource "google_compute_network" "apigee_network" {
+  name = "apigee-network"
+}
+
+resource "google_compute_global_address" "apigee_range" {
+  name          = "apigee-range"
+  purpose       = "VPC_PEERING"
+  address_type  = "INTERNAL"
+  prefix_length = 16
+  network       = google_compute_network.apigee_network.id
+}
+
+resource "google_service_networking_connection" "apigee_vpc_connection" {
+  network                 = google_compute_network.apigee_network.id
+  service                 = "servicenetworking.googleapis.com"
+  reserved_peering_ranges = [google_compute_global_address.apigee_range.name]
+}
+
+resource "google_apigee_organization" "apigee_org" {
+  analytics_region   = "us-central1"
+  project_id         = data.google_client_config.current.project
+  authorized_network = google_compute_network.apigee_network.id
+  depends_on         = [google_service_networking_connection.apigee_vpc_connection]
+}
+
+resource "google_apigee_addons_config" "apigee_org_security_addons_config" {
+  org = google_apigee_organization.apigee_org.name
+  addons_config {
+    api_security_config {
+      enabled = true
+    }
+  }
+}
+
+resource "google_apigee_security_feedback" "security_feedback" {
+  feedback_id  = "{{index $.Vars "security_feedback_id"}}"
+  org_id      = google_apigee_organization.apigee_org.id
+  display_name = "terraform test display name"
+  feedback_type = "EXCLUDED_DETECTION"
+  reason = "INTERNAL_SYSTEM"
+  comment = "terraform test comment"
+  feedback_contexts {
+    attribute = "ATTRIBUTE_ENVIRONMENTS"
+    values = [google_apigee_environment.apigee_environment.name]
+  }
+  feedback_contexts {
+    attribute = "ATTRIBUTE_IP_ADDRESS_RANGES"
+    values = ["10.0.0.0", "172.16.0.0/12"]
+  }
+  depends_on = [
+    google_apigee_addons_config.apigee_org_security_addons_config
+  ]
+}

mmv1/templates/terraform/examples/apigee_security_feedback_basic_test.tf.tmpl

@@ -0,0 +1,103 @@
+resource "google_project" "project" {
+  project_id      = "tf-test%{random_suffix}"
+  name            = "tf-test%{random_suffix}"
+  org_id          = "{{index $.TestEnvVars "org_id"}}"
+  billing_account = "{{index $.TestEnvVars "billing_account"}}"
+  deletion_policy = "DELETE"
+}
+
+resource "time_sleep" "wait_60_seconds" {
+  create_duration = "60s"
+  depends_on = [google_project.project]
+}
+
+resource "google_project_service" "apigee" {
+  project = google_project.project.project_id
+  service = "apigee.googleapis.com"
+  depends_on = [time_sleep.wait_60_seconds]
+}
+
+resource "google_project_service" "servicenetworking" {
+  project = google_project.project.project_id
+  service = "servicenetworking.googleapis.com"
+  depends_on = [google_project_service.apigee]
+}
+resource "time_sleep" "wait_120_seconds" {
+  create_duration = "120s"
+  depends_on = [google_project_service.servicenetworking]
+}
+resource "google_project_service" "compute" {
+  project = google_project.project.project_id
+  service = "compute.googleapis.com"
+  depends_on = [google_project_service.servicenetworking]
+}
+
+resource "google_compute_network" "apigee_network" {
+  name       = "apigee-network"
+  project    = google_project.project.project_id
+  depends_on = [google_project_service.compute, time_sleep.wait_120_seconds]
+}
+
+resource "google_compute_global_address" "apigee_range" {
+  name          = "apigee-range"
+  purpose       = "VPC_PEERING"
+  address_type  = "INTERNAL"
+  prefix_length = 16
+  network       = google_compute_network.apigee_network.id
+  project       = google_project.project.project_id
+}
+
+resource "google_service_networking_connection" "apigee_vpc_connection" {
+  network                 = google_compute_network.apigee_network.id
+  service                 = "servicenetworking.googleapis.com"
+  reserved_peering_ranges = [google_compute_global_address.apigee_range.name]
+  depends_on              = [google_project_service.servicenetworking]
+}
+
+resource "google_apigee_organization" "apigee_org" {
+  analytics_region   = "us-central1"
+  project_id         = google_project.project.project_id
+  authorized_network = google_compute_network.apigee_network.id
+  depends_on         = [
+    google_service_networking_connection.apigee_vpc_connection,
+    google_project_service.apigee,
+  ]
+}
+
+resource "google_apigee_environment" "apigee_environment" {
+  org_id       = google_apigee_organization.apigee_org.id
+  name         = "tf-test-env-%{random_suffix}"
+  description  = "Apigee Environment"
+  display_name = "environment-1"
+}
+
+resource "google_apigee_addons_config" "apigee_org_security_addons_config" {
+  org = google_apigee_organization.apigee_org.name
+  addons_config {
+    api_security_config {
+      enabled = true
+    }
+  }
+}
+
+resource "google_apigee_security_feedback" "{{$.PrimaryResourceId}}" {
+  org_id       = google_apigee_organization.apigee_org.id
+  feedback_id  = "tf-test-feedback-id"
+  display_name = "Exclude internal test systems"
+  feedback_type = "EXCLUDED_DETECTION"
+  reason = "INTERNAL_SYSTEM"
+  comment = "Excluding IP ranges and environments used by internal QA."
+
+  feedback_contexts {
+    attribute = "ATTRIBUTE_ENVIRONMENTS"
+    values = [google_apigee_environment.apigee_environment.name]
+  }
+  feedback_contexts {
+    attribute = "ATTRIBUTE_IP_ADDRESS_RANGES"
+    values = ["10.0.0.0", "172.16.0.0/12"]
+  }
+
+  depends_on = [
+    google_apigee_addons_config.apigee_org_security_addons_config
+  ]
+}