Skip to content

Commit 5542d78

Browse files
Add kmskeyname to datastore (#14161) (#23469)
[upstream:898f47c4fd9efd9d69094dc105f9ec42835abda7] Signed-off-by: Modular Magician <[email protected]>
1 parent a990718 commit 5542d78

File tree

5 files changed

+111
-5
lines changed

5 files changed

+111
-5
lines changed

.changelog/14161.txt

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
```release-note:enhancement
2+
discoveryengine: added `kms_key_name` field to `google_discovery_engine_data_store` resource
3+
```

google/services/discoveryengine/resource_discovery_engine_data_store.go

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -268,6 +268,16 @@ config will be applied to all file types for Document parsing.`,
268268
},
269269
},
270270
},
271+
"kms_key_name": {
272+
Type: schema.TypeString,
273+
Optional: true,
274+
Description: `KMS key resource name which will be used to encrypt resources:
275+
'/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}'
276+
The KMS key to be used to protect this DataStore at creation time. Must be
277+
set for requests that need to comply with CMEK Org Policy protections.
278+
If this field is set and processed successfully, the DataStore will be
279+
protected by the KMS key, as indicated in the cmek_config field.`,
280+
},
271281
"skip_default_schema_creation": {
272282
Type: schema.TypeBool,
273283
Optional: true,
@@ -357,6 +367,12 @@ func resourceDiscoveryEngineDataStoreCreate(d *schema.ResourceData, meta interfa
357367
} else if v, ok := d.GetOkExists("advanced_site_search_config"); !tpgresource.IsEmptyValue(reflect.ValueOf(advancedSiteSearchConfigProp)) && (ok || !reflect.DeepEqual(v, advancedSiteSearchConfigProp)) {
358368
obj["advancedSiteSearchConfig"] = advancedSiteSearchConfigProp
359369
}
370+
kmsKeyNameProp, err := expandDiscoveryEngineDataStoreKmsKeyName(d.Get("kms_key_name"), d, config)
371+
if err != nil {
372+
return err
373+
} else if v, ok := d.GetOkExists("kms_key_name"); !tpgresource.IsEmptyValue(reflect.ValueOf(kmsKeyNameProp)) && (ok || !reflect.DeepEqual(v, kmsKeyNameProp)) {
374+
obj["kmsKeyName"] = kmsKeyNameProp
375+
}
360376
documentProcessingConfigProp, err := expandDiscoveryEngineDataStoreDocumentProcessingConfig(d.Get("document_processing_config"), d, config)
361377
if err != nil {
362378
return err
@@ -515,6 +531,12 @@ func resourceDiscoveryEngineDataStoreUpdate(d *schema.ResourceData, meta interfa
515531
} else if v, ok := d.GetOkExists("display_name"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, displayNameProp)) {
516532
obj["displayName"] = displayNameProp
517533
}
534+
kmsKeyNameProp, err := expandDiscoveryEngineDataStoreKmsKeyName(d.Get("kms_key_name"), d, config)
535+
if err != nil {
536+
return err
537+
} else if v, ok := d.GetOkExists("kms_key_name"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, kmsKeyNameProp)) {
538+
obj["kmsKeyName"] = kmsKeyNameProp
539+
}
518540

519541
url, err := tpgresource.ReplaceVars(d, config, "{{DiscoveryEngineBasePath}}projects/{{project}}/locations/{{location}}/collections/default_collection/dataStores/{{data_store_id}}")
520542
if err != nil {
@@ -528,6 +550,10 @@ func resourceDiscoveryEngineDataStoreUpdate(d *schema.ResourceData, meta interfa
528550
if d.HasChange("display_name") {
529551
updateMask = append(updateMask, "displayName")
530552
}
553+
554+
if d.HasChange("kms_key_name") {
555+
updateMask = append(updateMask, "kmsKeyName")
556+
}
531557
// updateMask is a URL parameter but not present in the schema, so ReplaceVars
532558
// won't set it
533559
url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")})
@@ -910,6 +936,10 @@ func expandDiscoveryEngineDataStoreAdvancedSiteSearchConfigDisableAutomaticRefre
910936
return v, nil
911937
}
912938

939+
func expandDiscoveryEngineDataStoreKmsKeyName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
940+
return v, nil
941+
}
942+
913943
func expandDiscoveryEngineDataStoreDocumentProcessingConfig(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
914944
l := v.([]interface{})
915945
if len(l) == 0 || l[0] == nil {

google/services/discoveryengine/resource_discovery_engine_data_store_generated_meta.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ fields:
2727
- field: 'document_processing_config.parsing_config_overrides.parsing_config_overrides.layout_parsing_config'
2828
- field: 'document_processing_config.parsing_config_overrides.parsing_config_overrides.ocr_parsing_config.use_native_text'
2929
- field: 'industry_vertical'
30+
- field: 'kms_key_name'
3031
- field: 'location'
3132
provider_only: true
3233
- field: 'name'

google/services/discoveryengine/resource_discovery_engine_data_store_generated_test.go

Lines changed: 47 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ func TestAccDiscoveryEngineDataStore_discoveryengineDatastoreBasicExample(t *tes
4949
ResourceName: "google_discovery_engine_data_store.basic",
5050
ImportState: true,
5151
ImportStateVerify: true,
52-
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "location", "skip_default_schema_creation"},
52+
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "kms_key_name", "location", "skip_default_schema_creation"},
5353
},
5454
},
5555
})
@@ -70,6 +70,48 @@ resource "google_discovery_engine_data_store" "basic" {
7070
`, context)
7171
}
7272

73+
func TestAccDiscoveryEngineDataStore_discoveryengineDatastoreKmsKeyNameExample(t *testing.T) {
74+
t.Parallel()
75+
76+
context := map[string]interface{}{
77+
"kms_key_name": acctest.BootstrapKMSKeyInLocation(t, "us").CryptoKey.Name,
78+
"random_suffix": acctest.RandString(t, 10),
79+
}
80+
81+
acctest.VcrTest(t, resource.TestCase{
82+
PreCheck: func() { acctest.AccTestPreCheck(t) },
83+
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
84+
CheckDestroy: testAccCheckDiscoveryEngineDataStoreDestroyProducer(t),
85+
Steps: []resource.TestStep{
86+
{
87+
Config: testAccDiscoveryEngineDataStore_discoveryengineDatastoreKmsKeyNameExample(context),
88+
},
89+
{
90+
ResourceName: "google_discovery_engine_data_store.kms_key_name",
91+
ImportState: true,
92+
ImportStateVerify: true,
93+
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "kms_key_name", "location", "skip_default_schema_creation"},
94+
},
95+
},
96+
})
97+
}
98+
99+
func testAccDiscoveryEngineDataStore_discoveryengineDatastoreKmsKeyNameExample(context map[string]interface{}) string {
100+
return acctest.Nprintf(`
101+
resource "google_discovery_engine_data_store" "kms_key_name" {
102+
location = "us"
103+
data_store_id = "tf-test-data-store-id%{random_suffix}"
104+
display_name = "tf-test-structured-datastore"
105+
industry_vertical = "GENERIC"
106+
content_config = "NO_CONTENT"
107+
solution_types = ["SOLUTION_TYPE_SEARCH"]
108+
kms_key_name = "%{kms_key_name}"
109+
create_advanced_site_search = false
110+
skip_default_schema_creation = false
111+
}
112+
`, context)
113+
}
114+
73115
func TestAccDiscoveryEngineDataStore_discoveryengineDatastoreDocumentProcessingConfigExample(t *testing.T) {
74116
t.Parallel()
75117

@@ -89,7 +131,7 @@ func TestAccDiscoveryEngineDataStore_discoveryengineDatastoreDocumentProcessingC
89131
ResourceName: "google_discovery_engine_data_store.document_processing_config",
90132
ImportState: true,
91133
ImportStateVerify: true,
92-
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "location", "skip_default_schema_creation"},
134+
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "kms_key_name", "location", "skip_default_schema_creation"},
93135
},
94136
},
95137
})
@@ -139,7 +181,7 @@ func TestAccDiscoveryEngineDataStore_discoveryengineDatastoreDocumentProcessingC
139181
ResourceName: "google_discovery_engine_data_store.document_processing_config_ocr",
140182
ImportState: true,
141183
ImportStateVerify: true,
142-
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "location", "skip_default_schema_creation"},
184+
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "kms_key_name", "location", "skip_default_schema_creation"},
143185
},
144186
},
145187
})
@@ -185,7 +227,7 @@ func TestAccDiscoveryEngineDataStore_discoveryengineDatastoreDocumentProcessingC
185227
ResourceName: "google_discovery_engine_data_store.document_processing_config_layout",
186228
ImportState: true,
187229
ImportStateVerify: true,
188-
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "location", "skip_default_schema_creation"},
230+
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "kms_key_name", "location", "skip_default_schema_creation"},
189231
},
190232
},
191233
})
@@ -235,7 +277,7 @@ func TestAccDiscoveryEngineDataStore_discoveryengineDatastoreAdvancedSiteSearchC
235277
ResourceName: "google_discovery_engine_data_store.advanced_site_search_config",
236278
ImportState: true,
237279
ImportStateVerify: true,
238-
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "location", "skip_default_schema_creation"},
280+
ImportStateVerifyIgnore: []string{"create_advanced_site_search", "data_store_id", "kms_key_name", "location", "skip_default_schema_creation"},
239281
},
240282
},
241283
})

website/docs/r/discovery_engine_data_store.html.markdown

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,27 @@ resource "google_discovery_engine_data_store" "basic" {
5353
skip_default_schema_creation = false
5454
}
5555
```
56+
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
57+
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md&cloudshell_working_dir=discoveryengine_datastore_kms_key_name&open_in_editor=main.tf" target="_blank">
58+
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
59+
</a>
60+
</div>
61+
## Example Usage - Discoveryengine Datastore Kms Key Name
62+
63+
64+
```hcl
65+
resource "google_discovery_engine_data_store" "kms_key_name" {
66+
location = "us"
67+
data_store_id = "data-store-id"
68+
display_name = "tf-test-structured-datastore"
69+
industry_vertical = "GENERIC"
70+
content_config = "NO_CONTENT"
71+
solution_types = ["SOLUTION_TYPE_SEARCH"]
72+
kms_key_name = "kms-key"
73+
create_advanced_site_search = false
74+
skip_default_schema_creation = false
75+
}
76+
```
5677
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
5778
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md&cloudshell_working_dir=discoveryengine_datastore_document_processing_config&open_in_editor=main.tf" target="_blank">
5879
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
@@ -152,6 +173,15 @@ The following arguments are supported:
152173
Configuration data for advance site search.
153174
Structure is [documented below](#nested_advanced_site_search_config).
154175

176+
* `kms_key_name` -
177+
(Optional)
178+
KMS key resource name which will be used to encrypt resources:
179+
`/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{keyId}`
180+
The KMS key to be used to protect this DataStore at creation time. Must be
181+
set for requests that need to comply with CMEK Org Policy protections.
182+
If this field is set and processed successfully, the DataStore will be
183+
protected by the KMS key, as indicated in the cmek_config field.
184+
155185
* `document_processing_config` -
156186
(Optional)
157187
Configuration for Document understanding and enrichment.

0 commit comments

Comments
 (0)