Migrate google_compute_firewall_policy_association resource from DCL to MMv1 (#11358) (#20214)

[upstream:3850a583f7d4839598b5bd5e73bbb3163df398c8]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/11358.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+compute: `google_compute_firewall_policy_association` now uses MMv1 engine instead of DCL.
+```

google/services/compute/resource_compute_firewall_policy_association_test.go

@@ -64,3 +64,53 @@ resource "google_compute_firewall_policy_association" "default" {
 }
 `, context)
 }
+
+func TestAccComputeFirewallPolicyAssociation_organization(t *testing.T) {
+	t.Parallel()
+
+	context := map[string]interface{}{
+		"random_suffix": acctest.RandString(t, 10),
+		"org_name":      fmt.Sprintf("organizations/%s", envvar.GetTestOrgFromEnv(t)),
+	}
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		ExternalProviders: map[string]resource.ExternalProvider{
+			"time": {},
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: testAccComputeFirewallPolicyAssociation_organization(context),
+			},
+			{
+				ResourceName:            "google_compute_firewall_policy_association.default",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"firewall_policy"},
+			},
+		},
+	})
+}
+
+func testAccComputeFirewallPolicyAssociation_organization(context map[string]interface{}) string {
+	return acctest.Nprintf(`
+resource "google_folder" "folder" {
+  display_name = "tf-test-my-folder-%{random_suffix}"
+  parent       = "%{org_name}"
+  deletion_protection = false
+}
+
+resource "google_compute_firewall_policy" "policy" {
+  parent      = "%{org_name}"
+  short_name  = "tf-test-my-policy-%{random_suffix}"
+  description = "Example Resource"
+}
+
+resource "google_compute_firewall_policy_association" "default" {
+  firewall_policy = google_compute_firewall_policy.policy.id
+  attachment_target = google_folder.folder.name
+  name = "tf-test-my-association-%{random_suffix}"
+}
+`, context)
+}

website/docs/r/compute_firewall_policy_association.html.markdown

@@ -1,62 +1,73 @@
 ---
 # ----------------------------------------------------------------------------
 #
-#     ***     AUTO GENERATED CODE    ***    Type: DCL     ***
+#     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
 #
 # ----------------------------------------------------------------------------
 #
-#     This file is managed by Magic Modules (https:#github.com/GoogleCloudPlatform/magic-modules)
-#     and is based on the DCL (https:#github.com/GoogleCloudPlatform/declarative-resource-client-library).
-#     Changes will need to be made to the DCL or Magic Modules instead of here.
+#     This file is automatically generated by Magic Modules and manual
+#     changes will be clobbered when the file is regenerated.
 #
-#     We are not currently able to accept contributions to this file. If changes
-#     are required, please file an issue at https:#github.com/hashicorp/terraform-provider-google/issues/new/choose
+#     Please read more about how to change this file in
+#     .github/CONTRIBUTING.md.
 #
 # ----------------------------------------------------------------------------
 subcategory: "Compute Engine"
 description: |-
-  Applies a hierarchical firewall policy to a target resource
+  Allows associating hierarchical firewall policies with the target where they are applied.
 ---
 
 # google_compute_firewall_policy_association
 
 Allows associating hierarchical firewall policies with the target where they are applied. This allows creating policies and rules in a different location than they are applied.
+For more information on applying hierarchical firewall policies see the [official documentation](https://cloud.google.com/firewall/docs/firewall-policies#managing_hierarchical_firewall_policy_resources)
 
-For more information on applying hierarchical firewall policies see the [official documentation](https://cloud.google.com/vpc/docs/firewall-policies#managing_hierarchical_firewall_policy_resources)
+~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider.
+See [Provider Versions](https://terraform.io/docs/providers/google/guides/provider_versions.html) for more details on beta resources.
+
+To get more information about FirewallPolicyAssociation, see:
+
+* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/firewallPolicies/addAssociation)
+
+## Example Usage - Firewall Policy Association
 
-## Example Usage
 
 ```hcl
-resource "google_compute_firewall_policy" "default" {
-  parent      = "organizations/12345"
+resource "google_folder" "folder" {
+  display_name = "my-folder"
+  parent       = "organizations/123456789"
+  deletion_protection = false
+}
+
+resource "google_compute_firewall_policy" "policy" {
+  parent      = "organizations/123456789"
   short_name  = "my-policy"
   description = "Example Resource"
 }
 
 resource "google_compute_firewall_policy_association" "default" {
-  firewall_policy = google_compute_firewall_policy.default.id
+  firewall_policy = google_compute_firewall_policy.policy.id
   attachment_target = google_folder.folder.name
   name = "my-association"
 }
 ```
 
-
 ## Argument Reference
 
 The following arguments are supported:
 
+
+* `name` -
+  (Required)
+  The name for an association.
+
 * `attachment_target` -
   (Required)
   The target that the firewall policy is attached to.
-  
+
 * `firewall_policy` -
   (Required)
-  The firewall policy ID of the association.
-  
-* `name` -
-  (Required)
-  The name for an association.
-  
+  The firewall policy of the resource.
 
 
 - - -
@@ -71,22 +82,25 @@ In addition to the arguments listed above, the following computed attributes are
 
 * `short_name` -
   The short name of the firewall policy of the association.
-  
+
+
 ## Timeouts
 
 This resource provides the following
-[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: configuration options:
+[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:
 
 - `create` - Default is 20 minutes.
 - `delete` - Default is 20 minutes.
 
 ## Import
 
+
 FirewallPolicyAssociation can be imported using any of these accepted formats:
 
 * `locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}`
 * `{{firewall_policy}}/{{name}}`
 
+
 In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import FirewallPolicyAssociation using one of the formats above. For example:
 
 ```tf
@@ -102,6 +116,3 @@ When using the [`terraform import` command](https://developer.hashicorp.com/terr
 $ terraform import google_compute_firewall_policy_association.default locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}
 $ terraform import google_compute_firewall_policy_association.default {{firewall_policy}}/{{name}}
 ```
-
-
-