[AlloyDB] Support for PSA Allocated IP Range Override (#14247) (#23330)

[upstream:7cf7472660eebcce2b88b5f6b6db7d912f4e596c]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/14247.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+alloydb: added `network_config.allocated_ip_range_override` field to `google_alloydb_instance` resource
+```

google/services/alloydb/resource_alloydb_instance.go

@@ -213,6 +213,14 @@ E.g. "n2-highmem-4", "n2-highmem-8", "c4a-highmem-4-lssd".
 				MaxItems:    1,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
+						"allocated_ip_range_override": {
+							Type:     schema.TypeString,
+							Optional: true,
+							ForceNew: true,
+							Description: `Name of the allocated IP range for the private IP AlloyDB instance, for example: "google-managed-services-default".
+If set, the instance IPs will be created from this allocated range and will override the IP range used by the parent cluster.
+The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?.`,
+						},
 						"authorized_external_networks": {
 							Type:     schema.TypeList,
 							Optional: true,
@@ -1353,6 +1361,8 @@ func flattenAlloydbInstanceNetworkConfig(v interface{}, d *schema.ResourceData,
 		flattenAlloydbInstanceNetworkConfigEnablePublicIp(original["enablePublicIp"], d, config)
 	transformed["enable_outbound_public_ip"] =
 		flattenAlloydbInstanceNetworkConfigEnableOutboundPublicIp(original["enableOutboundPublicIp"], d, config)
+	transformed["allocated_ip_range_override"] =
+		flattenAlloydbInstanceNetworkConfigAllocatedIpRangeOverride(original["allocatedIpRangeOverride"], d, config)
 	return []interface{}{transformed}
 }
 func flattenAlloydbInstanceNetworkConfigAuthorizedExternalNetworks(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
@@ -1385,6 +1395,10 @@ func flattenAlloydbInstanceNetworkConfigEnableOutboundPublicIp(v interface{}, d
 	return v
 }
 
+func flattenAlloydbInstanceNetworkConfigAllocatedIpRangeOverride(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
+	return v
+}
+
 func flattenAlloydbInstancePublicIpAddress(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
 	return v
 }
@@ -1798,6 +1812,13 @@ func expandAlloydbInstanceNetworkConfig(v interface{}, d tpgresource.TerraformRe
 		transformed["enableOutboundPublicIp"] = transformedEnableOutboundPublicIp
 	}
 
+	transformedAllocatedIpRangeOverride, err := expandAlloydbInstanceNetworkConfigAllocatedIpRangeOverride(original["allocated_ip_range_override"], d, config)
+	if err != nil {
+		return nil, err
+	} else if val := reflect.ValueOf(transformedAllocatedIpRangeOverride); val.IsValid() && !tpgresource.IsEmptyValue(val) {
+		transformed["allocatedIpRangeOverride"] = transformedAllocatedIpRangeOverride
+	}
+
 	return transformed, nil
 }
 
@@ -1835,6 +1856,10 @@ func expandAlloydbInstanceNetworkConfigEnableOutboundPublicIp(v interface{}, d t
 	return v, nil
 }
 
+func expandAlloydbInstanceNetworkConfigAllocatedIpRangeOverride(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
+	return v, nil
+}
+
 func expandAlloydbInstanceEffectiveLabels(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (map[string]string, error) {
 	if v == nil {
 		return map[string]string{}, nil

google/services/alloydb/resource_alloydb_instance_generated_meta.yaml

@@ -28,6 +28,7 @@ fields:
   - field: 'machine_config.cpu_count'
   - field: 'machine_config.machine_type'
   - field: 'name'
+  - field: 'network_config.allocated_ip_range_override'
   - field: 'network_config.authorized_external_networks.cidr_range'
   - field: 'network_config.enable_outbound_public_ip'
   - field: 'network_config.enable_public_ip'

google/services/alloydb/resource_alloydb_instance_test.go

@@ -1098,3 +1098,66 @@ resource "google_alloydb_cluster" "default" {
 data "google_project" "project" {}
 `, context)
 }
+
+func TestAccAlloydbInstance_createPrimaryAndReadPoolInstanceWithAllocatedIpRangeOverride(t *testing.T) {
+	t.Parallel()
+
+	testId := "alloydb-1"
+	context := map[string]interface{}{
+		"random_suffix": acctest.RandString(t, 10),
+		"address_name":  acctest.BootstrapSharedTestGlobalAddress(t, testId),
+		"network_name":  acctest.BootstrapSharedServiceNetworkingConnection(t, testId),
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		CheckDestroy:             testAccCheckAlloydbInstanceDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAlloydbInstance_createPrimaryAndReadPoolInstanceWithAllocatedIpRangeOverride(context),
+			},
+		},
+	})
+}
+
+func testAccAlloydbInstance_createPrimaryAndReadPoolInstanceWithAllocatedIpRangeOverride(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_alloydb_instance" "primary" {
+  cluster       = google_alloydb_cluster.default.name
+  instance_id   = "tf-test-alloydb-instance%{random_suffix}"
+  instance_type = "PRIMARY"
+}
+
+resource "google_alloydb_instance" "read_pool" {
+  cluster       = google_alloydb_cluster.default.name
+  instance_id   = "tf-test-alloydb-instance%{random_suffix}-read"
+  instance_type = "READ_POOL"
+  read_pool_config {
+    node_count = 4
+  }
+  network_config {
+	allocated_ip_range_override = data.google_compute_global_address.private_ip_alloc.name
+  }
+  depends_on = [google_alloydb_instance.primary]
+}
+
+resource "google_alloydb_cluster" "default" {
+  cluster_id = "tf-test-alloydb-cluster%{random_suffix}"
+  location   = "us-central1"
+  network_config {
+    network = data.google_compute_network.default.id
+  }
+}
+
+data "google_project" "project" {}
+
+data "google_compute_network" "default" {
+  name = "%{network_name}"
+}
+
+data "google_compute_global_address" "private_ip_alloc" {
+  name =  "%{address_name}"
+}
+`, context)
+}

website/docs/r/alloydb_instance.html.markdown

@@ -456,6 +456,12 @@ The following arguments are supported:
   (Optional)
   Enabling outbound public ip for the instance.
 
+* `allocated_ip_range_override` -
+  (Optional)
+  Name of the allocated IP range for the private IP AlloyDB instance, for example: "google-managed-services-default".
+  If set, the instance IPs will be created from this allocated range and will override the IP range used by the parent cluster.
+  The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?.
+
 
 <a name="nested_network_config_authorized_external_networks"></a>The `authorized_external_networks` block supports: