Add directory services config field to Filestore instance in beta (#13727) (#9919)

[upstream:85e697c16f11c2edd1f77975c98eb009a6a4df0e]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

google-beta/services/filestore/resource_filestore_instance.go

@@ -234,6 +234,65 @@ Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD
 				Optional:    true,
 				Description: `A description of the instance.`,
 			},
+			"directory_services": {
+				Type:     schema.TypeList,
+				Optional: true,
+				ForceNew: true,
+				Description: `Directory Services configuration.
+Should only be set if protocol is "NFS_V4_1".`,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"ldap": {
+							Type:        schema.TypeList,
+							Optional:    true,
+							ForceNew:    true,
+							Description: `Configuration for LDAP servers.`,
+							MaxItems:    1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"domain": {
+										Type:        schema.TypeString,
+										Required:    true,
+										ForceNew:    true,
+										Description: `The LDAP domain name in the format of 'my-domain.com'.`,
+									},
+									"servers": {
+										Type:     schema.TypeList,
+										Required: true,
+										ForceNew: true,
+										Description: `The servers names are used for specifying the LDAP servers names.
+The LDAP servers names can come with two formats:
+1. DNS name, for example: 'ldap.example1.com', 'ldap.example2.com'.
+2. IP address, for example: '10.0.0.1', '10.0.0.2', '10.0.0.3'.
+All servers names must be in the same format: either all DNS names or all
+IP addresses.`,
+										Elem: &schema.Schema{
+											Type: schema.TypeString,
+										},
+									},
+									"groups_ou": {
+										Type:     schema.TypeString,
+										Optional: true,
+										ForceNew: true,
+										Description: `The groups Organizational Unit (OU) is optional. This parameter is a hint
+to allow faster lookup in the LDAP namespace. In case that this parameter
+is not provided, Filestore instance will query the whole LDAP namespace.`,
+									},
+									"users_ou": {
+										Type:     schema.TypeString,
+										Optional: true,
+										ForceNew: true,
+										Description: `The users Organizational Unit (OU) is optional. This parameter is a hint
+to allow faster lookup in the LDAP namespace. In case that this parameter
+is not provided, Filestore instance will query the whole LDAP namespace.`,
+									},
+								},
+							},
+						},
+					},
+				},
+			},
 			"initial_replication": {
 				Type:     schema.TypeList,
 				Optional: true,
@@ -518,6 +577,12 @@ func resourceFilestoreInstanceCreate(d *schema.ResourceData, meta interface{}) e
 	} else if v, ok := d.GetOkExists("tags"); !tpgresource.IsEmptyValue(reflect.ValueOf(tagsProp)) && (ok || !reflect.DeepEqual(v, tagsProp)) {
 		obj["tags"] = tagsProp
 	}
+	directoryServicesProp, err := expandFilestoreInstanceDirectoryServices(d.Get("directory_services"), d, config)
+	if err != nil {
+		return err
+	} else if v, ok := d.GetOkExists("directory_services"); !tpgresource.IsEmptyValue(reflect.ValueOf(directoryServicesProp)) && (ok || !reflect.DeepEqual(v, directoryServicesProp)) {
+		obj["directoryServices"] = directoryServicesProp
+	}
 	labelsProp, err := expandFilestoreInstanceEffectiveLabels(d.Get("effective_labels"), d, config)
 	if err != nil {
 		return err
@@ -691,6 +756,9 @@ func resourceFilestoreInstanceRead(d *schema.ResourceData, meta interface{}) err
 	if err := d.Set("effective_replication", flattenFilestoreInstanceEffectiveReplication(res["replication"], d, config)); err != nil {
 		return fmt.Errorf("Error reading Instance: %s", err)
 	}
+	if err := d.Set("directory_services", flattenFilestoreInstanceDirectoryServices(res["directoryServices"], d, config)); err != nil {
+		return fmt.Errorf("Error reading Instance: %s", err)
+	}
 	if err := d.Set("terraform_labels", flattenFilestoreInstanceTerraformLabels(res["labels"], d, config)); err != nil {
 		return fmt.Errorf("Error reading Instance: %s", err)
 	}
@@ -1238,6 +1306,54 @@ func flattenFilestoreInstanceEffectiveReplicationReplicasLastActiveSyncTime(v in
 	return v
 }
 
+func flattenFilestoreInstanceDirectoryServices(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	if v == nil {
+		return nil
+	}
+	original := v.(map[string]interface{})
+	if len(original) == 0 {
+		return nil
+	}
+	transformed := make(map[string]interface{})
+	transformed["ldap"] =
+		flattenFilestoreInstanceDirectoryServicesLdap(original["ldap"], d, config)
+	return []interface{}{transformed}
+}
+func flattenFilestoreInstanceDirectoryServicesLdap(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	if v == nil {
+		return nil
+	}
+	original := v.(map[string]interface{})
+	if len(original) == 0 {
+		return nil
+	}
+	transformed := make(map[string]interface{})
+	transformed["domain"] =
+		flattenFilestoreInstanceDirectoryServicesLdapDomain(original["domain"], d, config)
+	transformed["servers"] =
+		flattenFilestoreInstanceDirectoryServicesLdapServers(original["servers"], d, config)
+	transformed["users_ou"] =
+		flattenFilestoreInstanceDirectoryServicesLdapUsersOu(original["usersOu"], d, config)
+	transformed["groups_ou"] =
+		flattenFilestoreInstanceDirectoryServicesLdapGroupsOu(original["groupsOu"], d, config)
+	return []interface{}{transformed}
+}
+func flattenFilestoreInstanceDirectoryServicesLdapDomain(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenFilestoreInstanceDirectoryServicesLdapServers(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenFilestoreInstanceDirectoryServicesLdapUsersOu(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenFilestoreInstanceDirectoryServicesLdapGroupsOu(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenFilestoreInstanceTerraformLabels(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	if v == nil {
 		return v
@@ -1559,6 +1675,81 @@ func expandFilestoreInstanceTags(v interface{}, d tpgresource.TerraformResourceD
 	return m, nil
 }
 
+func expandFilestoreInstanceDirectoryServices(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	l := v.([]interface{})
+	if len(l) == 0 || l[0] == nil {
+		return nil, nil
+	}
+	raw := l[0]
+	original := raw.(map[string]interface{})
+	transformed := make(map[string]interface{})
+
+	transformedLdap, err := expandFilestoreInstanceDirectoryServicesLdap(original["ldap"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedLdap); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["ldap"] = transformedLdap
+	}
+
+	return transformed, nil
+}
+
+func expandFilestoreInstanceDirectoryServicesLdap(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	l := v.([]interface{})
+	if len(l) == 0 || l[0] == nil {
+		return nil, nil
+	}
+	raw := l[0]
+	original := raw.(map[string]interface{})
+	transformed := make(map[string]interface{})
+
+	transformedDomain, err := expandFilestoreInstanceDirectoryServicesLdapDomain(original["domain"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedDomain); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["domain"] = transformedDomain
+	}
+
+	transformedServers, err := expandFilestoreInstanceDirectoryServicesLdapServers(original["servers"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedServers); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["servers"] = transformedServers
+	}
+
+	transformedUsersOu, err := expandFilestoreInstanceDirectoryServicesLdapUsersOu(original["users_ou"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedUsersOu); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["usersOu"] = transformedUsersOu
+	}
+
+	transformedGroupsOu, err := expandFilestoreInstanceDirectoryServicesLdapGroupsOu(original["groups_ou"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedGroupsOu); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["groupsOu"] = transformedGroupsOu
+	}
+
+	return transformed, nil
+}
+
+func expandFilestoreInstanceDirectoryServicesLdapDomain(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandFilestoreInstanceDirectoryServicesLdapServers(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandFilestoreInstanceDirectoryServicesLdapUsersOu(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandFilestoreInstanceDirectoryServicesLdapGroupsOu(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandFilestoreInstanceEffectiveLabels(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (map[string]string, error) {
 	if v == nil {
 		return map[string]string{}, nil

google-beta/services/filestore/resource_filestore_instance_generated_meta.yaml

@@ -9,6 +9,10 @@ fields:
   - field: 'deletion_protection_enabled'
   - field: 'deletion_protection_reason'
   - field: 'description'
+  - field: 'directory_services.ldap.domain'
+  - field: 'directory_services.ldap.groups_ou'
+  - field: 'directory_services.ldap.servers'
+  - field: 'directory_services.ldap.users_ou'
   - field: 'effective_labels'
     provider_only: true
   - field: 'effective_replication.replicas.last_active_sync_time'

google-beta/services/filestore/resource_filestore_instance_test.go

@@ -529,3 +529,66 @@ resource "google_filestore_instance" "replica-instance" {
 }
 `, context)
 }
+
+func TestAccFilestoreInstance_directoryServices(t *testing.T) {
+	t.Parallel()
+
+	name := fmt.Sprintf("tf-test-%d", acctest.RandInt(t))
+	location := "us-central1"
+	tier := "REGIONAL"
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		CheckDestroy:             testAccCheckFilestoreInstanceDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccFilestoreInstance_ldap(name, location, tier),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("google_filestore_instance.instance", "directory_services.0.ldap.0.domain", "my-domain.com"),
+					resource.TestCheckResourceAttr("google_filestore_instance.instance", "directory_services.0.ldap.0.servers.0", "ldap.example1.com"),
+					resource.TestCheckResourceAttr("google_filestore_instance.instance", "directory_services.0.ldap.0.users_ou", "users"),
+					resource.TestCheckResourceAttr("google_filestore_instance.instance", "directory_services.0.ldap.0.groups_ou", "groups"),
+				),
+			},
+			{
+				ResourceName:            "google_filestore_instance.instance",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"zone"},
+			},
+		},
+	})
+}
+
+func testAccFilestoreInstance_ldap(name, location, tier string) string {
+	return fmt.Sprintf(`
+resource "google_filestore_instance" "instance" {
+  provider    = google-beta
+  name        = "%s"
+  location    = "%s"
+  tier        = "%s"
+  description = "An instance created during testing."
+  protocol    = "NFS_V4_1"
+
+  file_shares {
+    capacity_gb = 1024
+    name        = "share"
+  }
+
+  networks {
+    network = "default"
+		modes   = ["MODE_IPV4"]
+  }
+
+  directory_services {
+    ldap {
+      domain = "my-domain.com"
+      servers = ["ldap.example1.com"]
+      users_ou = "users"
+      groups_ou = "groups"
+    }
+  }
+}
+`, name, location, tier)
+}

website/docs/r/filestore_instance.html.markdown

@@ -330,6 +330,12 @@ The following arguments are supported:
   Addtionally this should be specified on the replica instance only, indicating the active as the peer_instance
   Structure is [documented below](#nested_initial_replication).
 
+* `directory_services` -
+  (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
+  Directory Services configuration.
+  Should only be set if protocol is "NFS_V4_1".
+  Structure is [documented below](#nested_directory_services).
+
 * `zone` -
   (Optional, Deprecated)
   The name of the Filestore zone of the instance.
@@ -397,6 +403,41 @@ The following arguments are supported:
   (Required)
   The peer instance.
 
+<a name="nested_directory_services"></a>The `directory_services` block supports:
+
+* `ldap` -
+  (Optional)
+  Configuration for LDAP servers.
+  Structure is [documented below](#nested_directory_services_ldap).
+
+
+<a name="nested_directory_services_ldap"></a>The `ldap` block supports:
+
+* `domain` -
+  (Required)
+  The LDAP domain name in the format of `my-domain.com`.
+
+* `servers` -
+  (Required)
+  The servers names are used for specifying the LDAP servers names.
+  The LDAP servers names can come with two formats:
+  1. DNS name, for example: `ldap.example1.com`, `ldap.example2.com`.
+  2. IP address, for example: `10.0.0.1`, `10.0.0.2`, `10.0.0.3`.
+  All servers names must be in the same format: either all DNS names or all
+  IP addresses.
+
+* `users_ou` -
+  (Optional)
+  The users Organizational Unit (OU) is optional. This parameter is a hint
+  to allow faster lookup in the LDAP namespace. In case that this parameter
+  is not provided, Filestore instance will query the whole LDAP namespace.
+
+* `groups_ou` -
+  (Optional)
+  The groups Organizational Unit (OU) is optional. This parameter is a hint
+  to allow faster lookup in the LDAP namespace. In case that this parameter
+  is not provided, Filestore instance will query the whole LDAP namespace.
+
 ## Attributes Reference
 
 In addition to the arguments listed above, the following computed attributes are exported: