Adding support for posture resource in terraform provider (#9516) (#6890)

* add posture converter

* modify posture.yaml

* add create test

* add SHA mapping

* add create test

* fix create test

* add update test

* fix field description

* fix update posture

* add comments to diff-suppress function

* modify comments

* modify posture

* update posture exactly_one_of fields

* fix exactly-one field

* add locations field

* remove exactly_one_of field

* fix example formatting

* change posture id description

* modify update test

* address review comments

* add reference

* add revision diff

* fix custom constraint diff

---------


[upstream:015ee2e68a94e10e5b63686772fe6cb879fceedc]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/9516.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+`google_securityposture_posture`
+```

.teamcity/components/generated/services.kt

@@ -566,6 +566,11 @@ var services = mapOf(
         "displayName" to "Securitycenter",
         "path" to "./google-beta/services/securitycenter"
     ),
+    "securityposture" to mapOf(
+        "name" to "securityposture",
+        "displayName" to "Securityposture",
+        "path" to "./google-beta/services/securityposture"
+    ),
     "securityscanner" to mapOf(
         "name" to "securityscanner",
         "displayName" to "Securityscanner",

google-beta/fwmodels/provider_model.go

@@ -128,6 +128,7 @@ type ProviderModel struct {
 	SecretManagerCustomEndpoint            types.String `tfsdk:"secret_manager_custom_endpoint"`
 	SecureSourceManagerCustomEndpoint      types.String `tfsdk:"secure_source_manager_custom_endpoint"`
 	SecurityCenterCustomEndpoint           types.String `tfsdk:"security_center_custom_endpoint"`
+	SecuritypostureCustomEndpoint          types.String `tfsdk:"securityposture_custom_endpoint"`
 	SecurityScannerCustomEndpoint          types.String `tfsdk:"security_scanner_custom_endpoint"`
 	ServiceDirectoryCustomEndpoint         types.String `tfsdk:"service_directory_custom_endpoint"`
 	ServiceManagementCustomEndpoint        types.String `tfsdk:"service_management_custom_endpoint"`

google-beta/fwprovider/framework_provider.go

@@ -749,6 +749,12 @@ func (p *FrameworkProvider) Schema(_ context.Context, _ provider.SchemaRequest,
 					transport_tpg.CustomEndpointValidator(),
 				},
 			},
+			"securityposture_custom_endpoint": &schema.StringAttribute{
+				Optional: true,
+				Validators: []validator.String{
+					transport_tpg.CustomEndpointValidator(),
+				},
+			},
 			"security_scanner_custom_endpoint": &schema.StringAttribute{
 				Optional: true,
 				Validators: []validator.String{

google-beta/fwtransport/framework_config.go

@@ -153,6 +153,7 @@ type FrameworkProviderConfig struct {
 	SecretManagerBasePath            string
 	SecureSourceManagerBasePath      string
 	SecurityCenterBasePath           string
+	SecuritypostureBasePath          string
 	SecurityScannerBasePath          string
 	ServiceDirectoryBasePath         string
 	ServiceManagementBasePath        string
@@ -313,6 +314,7 @@ func (p *FrameworkProviderConfig) LoadAndValidateFramework(ctx context.Context,
 	p.SecretManagerBasePath = data.SecretManagerCustomEndpoint.ValueString()
 	p.SecureSourceManagerBasePath = data.SecureSourceManagerCustomEndpoint.ValueString()
 	p.SecurityCenterBasePath = data.SecurityCenterCustomEndpoint.ValueString()
+	p.SecuritypostureBasePath = data.SecuritypostureCustomEndpoint.ValueString()
 	p.SecurityScannerBasePath = data.SecurityScannerCustomEndpoint.ValueString()
 	p.ServiceDirectoryBasePath = data.ServiceDirectoryCustomEndpoint.ValueString()
 	p.ServiceManagementBasePath = data.ServiceManagementCustomEndpoint.ValueString()
@@ -1275,6 +1277,14 @@ func (p *FrameworkProviderConfig) HandleDefaults(ctx context.Context, data *fwmo
 			data.SecurityCenterCustomEndpoint = types.StringValue(customEndpoint.(string))
 		}
 	}
+	if data.SecuritypostureCustomEndpoint.IsNull() {
+		customEndpoint := transport_tpg.MultiEnvDefault([]string{
+			"GOOGLE_SECURITYPOSTURE_CUSTOM_ENDPOINT",
+		}, transport_tpg.DefaultBasePaths[transport_tpg.SecuritypostureBasePathKey])
+		if customEndpoint != nil {
+			data.SecuritypostureCustomEndpoint = types.StringValue(customEndpoint.(string))
+		}
+	}
 	if data.SecurityScannerCustomEndpoint.IsNull() {
 		customEndpoint := transport_tpg.MultiEnvDefault([]string{
 			"GOOGLE_SECURITY_SCANNER_CUSTOM_ENDPOINT",

google-beta/provider/provider.go

@@ -645,6 +645,11 @@ func Provider() *schema.Provider {
 				Optional:     true,
 				ValidateFunc: transport_tpg.ValidateCustomEndpoint,
 			},
+			"securityposture_custom_endpoint": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: transport_tpg.ValidateCustomEndpoint,
+			},
 			"security_scanner_custom_endpoint": {
 				Type:         schema.TypeString,
 				Optional:     true,
@@ -1043,6 +1048,7 @@ func ProviderConfigure(ctx context.Context, d *schema.ResourceData, p *schema.Pr
 	config.SecretManagerBasePath = d.Get("secret_manager_custom_endpoint").(string)
 	config.SecureSourceManagerBasePath = d.Get("secure_source_manager_custom_endpoint").(string)
 	config.SecurityCenterBasePath = d.Get("security_center_custom_endpoint").(string)
+	config.SecuritypostureBasePath = d.Get("securityposture_custom_endpoint").(string)
 	config.SecurityScannerBasePath = d.Get("security_scanner_custom_endpoint").(string)
 	config.ServiceDirectoryBasePath = d.Get("service_directory_custom_endpoint").(string)
 	config.ServiceManagementBasePath = d.Get("service_management_custom_endpoint").(string)

google-beta/provider/provider_mmv1_resources.go

@@ -107,6 +107,7 @@ import (
 	"github.com/hashicorp/terraform-provider-google-beta/google-beta/services/secretmanager"
 	"github.com/hashicorp/terraform-provider-google-beta/google-beta/services/securesourcemanager"
 	"github.com/hashicorp/terraform-provider-google-beta/google-beta/services/securitycenter"
+	"github.com/hashicorp/terraform-provider-google-beta/google-beta/services/securityposture"
 	"github.com/hashicorp/terraform-provider-google-beta/google-beta/services/securityscanner"
 	"github.com/hashicorp/terraform-provider-google-beta/google-beta/services/servicedirectory"
 	"github.com/hashicorp/terraform-provider-google-beta/google-beta/services/servicemanagement"
@@ -423,9 +424,9 @@ var handwrittenIAMDatasources = map[string]*schema.Resource{
 }
 
 // Resources
-// Generated resources: 423
+// Generated resources: 424
 // Generated IAM resources: 255
-// Total generated resources: 678
+// Total generated resources: 679
 var generatedResources = map[string]*schema.Resource{
 	"google_folder_access_approval_settings":                         accessapproval.ResourceAccessApprovalFolderSettings(),
 	"google_organization_access_approval_settings":                   accessapproval.ResourceAccessApprovalOrganizationSettings(),
@@ -1015,6 +1016,7 @@ var generatedResources = map[string]*schema.Resource{
 	"google_scc_source_iam_binding":                                  tpgiamresource.ResourceIamBinding(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc),
 	"google_scc_source_iam_member":                                   tpgiamresource.ResourceIamMember(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc),
 	"google_scc_source_iam_policy":                                   tpgiamresource.ResourceIamPolicy(securitycenter.SecurityCenterSourceIamSchema, securitycenter.SecurityCenterSourceIamUpdaterProducer, securitycenter.SecurityCenterSourceIdParseFunc),
+	"google_securityposture_posture":                                 securityposture.ResourceSecurityposturePosture(),
 	"google_security_scanner_scan_config":                            securityscanner.ResourceSecurityScannerScanConfig(),
 	"google_service_directory_endpoint":                              servicedirectory.ResourceServiceDirectoryEndpoint(),
 	"google_service_directory_namespace":                             servicedirectory.ResourceServiceDirectoryNamespace(),