vertexai: add psc_automation_configs argument to google_vertex_ai_endpoint (#15515) (#24870)

[upstream:fb4f6bc1b6227eb1221188015c1c148ef4016ef9]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/15515.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+vertexai: added `psc_automation_configs` field to `google_vertex_ai_endpoint` resource
+```

google/services/vertexai/resource_vertex_ai_endpoint.go

@@ -177,6 +177,45 @@ Please refer to the field 'effective_labels' for all of the labels present on th
 								Type: schema.TypeString,
 							},
 						},
+						"psc_automation_configs": {
+							Type:        schema.TypeList,
+							Optional:    true,
+							Description: `List of projects and networks where the PSC endpoints will be created. This field is used by Online Inference(Prediction) only.`,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"network": {
+										Type:        schema.TypeString,
+										Required:    true,
+										Description: `The full name of the Google Compute Engine [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks). [Format](https://cloud.google.com/compute/docs/reference/rest/v1/networks/get): projects/{project}/global/networks/{network}.`,
+									},
+									"project_id": {
+										Type:        schema.TypeString,
+										Required:    true,
+										Description: `Project id used to create forwarding rule.`,
+									},
+									"error_message": {
+										Type:        schema.TypeString,
+										Computed:    true,
+										Description: `Error message if the PSC service automation failed.`,
+									},
+									"forwarding_rule": {
+										Type:        schema.TypeString,
+										Computed:    true,
+										Description: `Forwarding rule created by the PSC service automation.`,
+									},
+									"ip_address": {
+										Type:        schema.TypeString,
+										Computed:    true,
+										Description: `IP address rule created by the PSC service automation.`,
+									},
+									"state": {
+										Type:        schema.TypeString,
+										Computed:    true,
+										Description: `The state of the PSC service automation.`,
+									},
+								},
+							},
+						},
 					},
 				},
 				ConflictsWith: []string{"network", "dedicated_endpoint_enabled"},
@@ -1195,6 +1234,8 @@ func flattenVertexAIEndpointPrivateServiceConnectConfig(v interface{}, d *schema
 		flattenVertexAIEndpointPrivateServiceConnectConfigEnablePrivateServiceConnect(original["enablePrivateServiceConnect"], d, config)
 	transformed["project_allowlist"] =
 		flattenVertexAIEndpointPrivateServiceConnectConfigProjectAllowlist(original["projectAllowlist"], d, config)
+	transformed["psc_automation_configs"] =
+		flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigs(original["pscAutomationConfigs"], d, config)
 	return []interface{}{transformed}
 }
 func flattenVertexAIEndpointPrivateServiceConnectConfigEnablePrivateServiceConnect(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
@@ -1205,6 +1246,53 @@ func flattenVertexAIEndpointPrivateServiceConnectConfigProjectAllowlist(v interf
 	return v
 }
 
+func flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigs(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	if v == nil {
+		return v
+	}
+	l := v.([]interface{})
+	transformed := make([]interface{}, 0, len(l))
+	for _, raw := range l {
+		original := raw.(map[string]interface{})
+		if len(original) < 1 {
+			// Do not include empty json objects coming back from the api
+			continue
+		}
+		transformed = append(transformed, map[string]interface{}{
+			"project_id":      flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsProjectId(original["projectId"], d, config),
+			"network":         flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsNetwork(original["network"], d, config),
+			"ip_address":      flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsIpAddress(original["ipAddress"], d, config),
+			"forwarding_rule": flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsForwardingRule(original["forwardingRule"], d, config),
+			"state":           flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsState(original["state"], d, config),
+			"error_message":   flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsErrorMessage(original["errorMessage"], d, config),
+		})
+	}
+	return transformed
+}
+func flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsProjectId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsNetwork(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsIpAddress(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsForwardingRule(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsState(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
+func flattenVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsErrorMessage(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenVertexAIEndpointModelDeploymentMonitoringJob(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	return v
 }
@@ -1354,6 +1442,13 @@ func expandVertexAIEndpointPrivateServiceConnectConfig(v interface{}, d tpgresou
 		transformed["projectAllowlist"] = transformedProjectAllowlist
 	}
 
+	transformedPscAutomationConfigs, err := expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigs(original["psc_automation_configs"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedPscAutomationConfigs); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["pscAutomationConfigs"] = transformedPscAutomationConfigs
+	}
+
 	return transformed, nil
 }
 
@@ -1365,6 +1460,90 @@ func expandVertexAIEndpointPrivateServiceConnectConfigProjectAllowlist(v interfa
 	return v, nil
 }
 
+func expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigs(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	if v == nil {
+		return nil, nil
+	}
+	l := v.([]interface{})
+	req := make([]interface{}, 0, len(l))
+	for _, raw := range l {
+		if raw == nil {
+			continue
+		}
+		original := raw.(map[string]interface{})
+		transformed := make(map[string]interface{})
+
+		transformedProjectId, err := expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsProjectId(original["project_id"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedProjectId); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["projectId"] = transformedProjectId
+		}
+
+		transformedNetwork, err := expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsNetwork(original["network"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedNetwork); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["network"] = transformedNetwork
+		}
+
+		transformedIpAddress, err := expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsIpAddress(original["ip_address"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedIpAddress); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["ipAddress"] = transformedIpAddress
+		}
+
+		transformedForwardingRule, err := expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsForwardingRule(original["forwarding_rule"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedForwardingRule); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["forwardingRule"] = transformedForwardingRule
+		}
+
+		transformedState, err := expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsState(original["state"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedState); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["state"] = transformedState
+		}
+
+		transformedErrorMessage, err := expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsErrorMessage(original["error_message"], d, config)
+		if err != nil {
+			return nil, err
+		} else if val := reflect.ValueOf(transformedErrorMessage); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+			transformed["errorMessage"] = transformedErrorMessage
+		}
+
+		req = append(req, transformed)
+	}
+	return req, nil
+}
+
+func expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsProjectId(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsNetwork(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsIpAddress(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsForwardingRule(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsState(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
+func expandVertexAIEndpointPrivateServiceConnectConfigPscAutomationConfigsErrorMessage(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandVertexAIEndpointPredictRequestResponseLoggingConfig(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
 	if v == nil {
 		return nil, nil

google/services/vertexai/resource_vertex_ai_endpoint_generated_meta.yaml

@@ -50,6 +50,12 @@ fields:
   - api_field: 'predictRequestResponseLoggingConfig.samplingRate'
   - api_field: 'privateServiceConnectConfig.enablePrivateServiceConnect'
   - api_field: 'privateServiceConnectConfig.projectAllowlist'
+  - api_field: 'privateServiceConnectConfig.pscAutomationConfigs.errorMessage'
+  - api_field: 'privateServiceConnectConfig.pscAutomationConfigs.forwardingRule'
+  - api_field: 'privateServiceConnectConfig.pscAutomationConfigs.ipAddress'
+  - api_field: 'privateServiceConnectConfig.pscAutomationConfigs.network'
+  - api_field: 'privateServiceConnectConfig.pscAutomationConfigs.projectId'
+  - api_field: 'privateServiceConnectConfig.pscAutomationConfigs.state'
   - field: 'region'
     provider_only: true
   - field: 'terraform_labels'

google/services/vertexai/resource_vertex_ai_endpoint_generated_test.go

@@ -57,6 +57,10 @@ func TestAccVertexAIEndpoint_vertexAiEndpointPrivateServiceConnectExample(t *tes
 
 func testAccVertexAIEndpoint_vertexAiEndpointPrivateServiceConnectExample(context map[string]interface{}) string {
 	return acctest.Nprintf(`
+resource "google_compute_network" "default" {
+  name = "tf-test-psc-network%{random_suffix}-%{random_suffix}"
+}
+
 resource "google_vertex_ai_endpoint" "endpoint" {
   name         = "endpoint-name%{random_suffix}"
   display_name = "sample-endpoint"
@@ -71,6 +75,11 @@ resource "google_vertex_ai_endpoint" "endpoint" {
     project_allowlist = [
       "${data.google_project.project.project_id}"
     ]
+
+    psc_automation_configs {
+      project_id = data.google_project.project.project_id
+      network    = google_compute_network.default.id
+    }
   }
 }
 

website/docs/r/vertex_ai_endpoint.html.markdown

@@ -106,6 +106,10 @@ data "google_project" "project" {}
 
 
 ```hcl
+resource "google_compute_network" "default" {
+  name = "psc-network-%{random_suffix}"
+}
+
 resource "google_vertex_ai_endpoint" "endpoint" {
   name         = "endpoint-name%{random_suffix}"
   display_name = "sample-endpoint"
@@ -120,6 +124,11 @@ resource "google_vertex_ai_endpoint" "endpoint" {
     project_allowlist = [
       "${data.google_project.project.project_id}"
     ]
+
+    psc_automation_configs {
+      project_id = data.google_project.project.project_id
+      network    = google_compute_network.default.id
+    }
   }
 }
 
@@ -238,6 +247,38 @@ The following arguments are supported:
   (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
   If set to true, enable secure private service connect with IAM authorization. Otherwise, private service connect will be done without authorization. Note latency will be slightly increased if authorization is enabled.
 
+* `psc_automation_configs` -
+  (Optional)
+  List of projects and networks where the PSC endpoints will be created. This field is used by Online Inference(Prediction) only.
+  Structure is [documented below](#nested_private_service_connect_config_psc_automation_configs).
+
+
+<a name="nested_private_service_connect_config_psc_automation_configs"></a>The `psc_automation_configs` block supports:
+
+* `project_id` -
+  (Required)
+  Project id used to create forwarding rule.
+
+* `network` -
+  (Required)
+  The full name of the Google Compute Engine [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks). [Format](https://cloud.google.com/compute/docs/reference/rest/v1/networks/get): projects/{project}/global/networks/{network}.
+
+* `ip_address` -
+  (Output)
+  IP address rule created by the PSC service automation.
+
+* `forwarding_rule` -
+  (Output)
+  Forwarding rule created by the PSC service automation.
+
+* `state` -
+  (Output)
+  The state of the PSC service automation.
+
+* `error_message` -
+  (Output)
+  Error message if the PSC service automation failed.
+
 <a name="nested_predict_request_response_logging_config"></a>The `predict_request_response_logging_config` block supports:
 
 * `enabled` -