Added - Support for Desktop as a Service: Private Access

Author: Marcel Casado

examples/desktops/desktop_pool/main.tf

@@ -63,6 +63,14 @@ resource "oci_desktops_desktop_pool" "test_desktop_pool" {
   #  nsg_ids              = var.desktop_pool_nsg_ids
   #  time_start_scheduled = var.desktop_pool_time_start_scheduled
   #  time_stop_scheduled  = var.desktop_pool_time_stop_scheduled
+  #  private_access_details {
+    #    #Required
+    #    subnet_id = var.desktop_pool_private_access_details_subnet_id
+    #
+    #    #Optional
+    #    nsg_ids    = var.desktop_pool_private_access_details_nsg_ids
+    #    private_ip = var.desktop_pool_private_access_details_private_ip
+    #  }
 }
 
 data "oci_desktops_desktop_pools" "test_desktop_pools_datasource" {

examples/desktops/desktop_pool/private_access/desktops-private-access-phx.auto.tfvars.example

@@ -0,0 +1,19 @@
+# OCI config profile
+config_file_profile="terraform-federation-test"
+
+# region (us-phoenix-1, ca-toronto-1, etc)
+region="us-phoenix-1"
+
+# Secure Desktops Example Configuration
+
+compartment_id                                  = "<compartment_ocid>"
+
+desktop_pool_vcn_id                             = "<vcn_ocid>"
+desktop_pool_subnet_id                          = "<subnet_ocid>"
+desktop_pool_image_id                           = "<image_ocid>"
+desktop_pool_image_name                         = "<image_name>"
+desktop_pool_backup_policy_id                   = "<volume_backup_policy_ocid>"
+desktop_pool_contact_details                    = "test%40example.com"
+desktop_pool_private_access_details_subnet_id   = "<private_access_subnet_ocid>"
+desktop_pool_private_access_details_nsg_ids     = "[<private_access_nsg_ids>]"
+desktop_pool_private_access_details_private_ip  = "<private_access_private_ip>"

examples/desktops/desktop_pool/private_access/main.tf

@@ -0,0 +1,123 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+
+resource "oci_desktops_desktop_pool" "test_desktop_pool" {
+  #Required
+  compartment_id  = var.compartment_id
+  display_name    = var.desktop_pool_display_name
+  contact_details = var.desktop_pool_contact_details
+
+  are_privileged_users = var.desktop_pool_are_privileged_users
+  availability_domain  = data.oci_identity_availability_domain.ad.name
+
+  network_configuration {
+    #Required
+    subnet_id = var.desktop_pool_subnet_id
+    vcn_id    = var.desktop_pool_vcn_id
+  }
+
+  device_policy {
+    #Required
+    audio_mode          = var.desktop_pool_device_policy_audio_mode
+    cdm_mode            = var.desktop_pool_device_policy_cdm_mode
+    clipboard_mode      = var.desktop_pool_device_policy_clipboard_mode
+    is_display_enabled  = var.desktop_pool_device_policy_is_display_enabled
+    is_keyboard_enabled = var.desktop_pool_device_policy_is_keyboard_enabled
+    is_pointer_enabled  = var.desktop_pool_device_policy_is_pointer_enabled
+    is_printing_enabled = var.desktop_pool_device_policy_is_printing_enabled
+  }
+
+  image {
+    #Required
+    image_id   = var.desktop_pool_image_id
+    image_name = var.desktop_pool_image_name
+  }
+
+  availability_policy {
+    #Required
+    start_schedule {
+      #Required
+      cron_expression = var.desktop_pool_start_schedule_cron_expr
+      timezone        = var.desktop_pool_start_schedule_timezone
+    }
+    stop_schedule {
+      #Required
+      cron_expression = var.desktop_pool_stop_schedule_cron_expr
+      timezone        = var.desktop_pool_stop_schedule_timezone
+    }
+  }
+
+  is_storage_enabled       = var.desktop_pool_is_storage_enabled
+  storage_backup_policy_id = var.desktop_pool_backup_policy_id
+  storage_size_in_gbs      = var.desktop_pool_storage_size_in_gbs
+
+  shape_name   = var.desktop_pool_shape_name
+  standby_size = var.desktop_pool_standby_size
+  maximum_size = var.desktop_pool_maximum_size
+
+  #Optional
+  #  defined_tags         = map(oci_identity_tag_namespace.tag-namespace1.name.oci_identity_tag.tag1.name, var.desktop_pool_defined_tags_value)
+  #  description          = var.desktop_pool_description
+  #  freeform_tags        = var.desktop_pool_freeform_tags
+  #  nsg_ids              = var.desktop_pool_nsg_ids
+  #  time_start_scheduled = var.desktop_pool_time_start_scheduled
+  #  time_stop_scheduled  = var.desktop_pool_time_stop_scheduled
+  private_access_details {
+      #Required
+      subnet_id = var.desktop_pool_private_access_details_subnet_id
+
+      #Optional
+      nsg_ids    = var.desktop_pool_private_access_details_nsg_ids
+      private_ip = var.desktop_pool_private_access_details_private_ip
+    }
+}
+
+data "oci_desktops_desktop_pools" "test_desktop_pools_datasource" {
+  #Required
+  compartment_id = var.compartment_id
+
+  #Optional
+  #  availability_domain = data.oci_identity_availability_domain.ad.name
+  #  display_name        = var.desktop_pool_display_name
+  #  id                  = var.desktop_pool_id
+  #  state               = var.desktop_pool_state
+}
+
+data "oci_desktops_desktop_pool" "test_desktop_pool_datasource" {
+  #Required
+  desktop_pool_id = oci_desktops_desktop_pool.test_desktop_pool.id
+}
+
+data "oci_desktops_desktop_pool_desktops" "test_desktop_pool_desktops_datasource" {
+  availability_domain = data.oci_identity_availability_domain.ad.name
+  compartment_id = var.compartment_id
+  desktop_pool_id = oci_desktops_desktop_pool.test_desktop_pool.id
+}
+
+data "oci_desktops_desktop_pool_volumes" "test_desktop_pool_volumes_datasource" {
+  availability_domain = data.oci_identity_availability_domain.ad.name
+  compartment_id = var.compartment_id
+  desktop_pool_id = oci_desktops_desktop_pool.test_desktop_pool.id
+  #Optional
+  #  display_name = var.desktop_pool_display_name
+  #  state = var.desktop_pool_state
+}
+
+data "oci_identity_availability_domain" "ad" {
+  compartment_id = var.tenancy_ocid
+  ad_number      = 1
+}
+
+data "oci_desktops_desktops" "test_desktops_datasource" {
+  availability_domain = data.oci_identity_availability_domain.ad.name
+  compartment_id = var.compartment_id
+  desktop_pool_id = oci_desktops_desktop_pool.test_desktop_pool.id
+  state = "ACTIVE"
+}
+
+data "oci_desktops_desktop" "test_desktop_datasource" {
+  desktop_id = data.oci_desktops_desktop_pool_desktops.test_desktop_pool_desktops_datasource.desktop_pool_desktop_collection.0.items.0.desktop_id
+}
+
+

examples/desktops/desktop_pool/private_access/outputs.tf

@@ -0,0 +1 @@
+../outputs.tf

examples/desktops/desktop_pool/private_access/provider.tf

@@ -0,0 +1 @@
+../provider.tf

examples/desktops/desktop_pool/private_access/variables.tf

@@ -0,0 +1 @@
+../variables.tf

examples/desktops/desktop_pool/osdstack-phx.auto.tfvars.example renamed to examples/desktops/desktop_pool/secure-desktops-phx.auto.tfvars.example

@@ -144,8 +144,21 @@ variable "desktop_pool_stop_schedule_timezone" {
   default = "MST"
 }
 
+variable "desktop_pool_private_access_details_subnet_id" {
+}
+
+variable "desktop_pool_private_access_details_nsg_ids" {
+  type    = list(string)
+  default = []
+}
+
+variable "desktop_pool_private_access_details_private_ip" {
+  description = ""
+}
+
 variable "desktop_pool_state" {
   description = ""
   default = "ACTIVE"
 }
 
+

examples/desktops/desktop_pool/variables.tf

@@ -66,6 +66,7 @@ var (
 		"description":              acctest.Representation{RepType: acctest.Optional, Create: `description`, Update: `description2`},
 		"freeform_tags":            acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"Department": "Finance"}, Update: map[string]string{"Department": "Accounting"}},
 		"nsg_ids":                  acctest.Representation{RepType: acctest.Optional, Create: []string{`${var.test_nsg_id}`}},
+		"private_access_details":   acctest.RepresentationGroup{RepType: acctest.Optional, Group: DesktopsDesktopPoolPrivateAccessDetailsRepresentation},
 	}
 	DesktopsDesktopPoolAvailabilityPolicyRepresentation = map[string]interface{}{
 		"start_schedule": acctest.RepresentationGroup{RepType: acctest.Required, Group: DesktopsDesktopPoolAvailabilityPolicyStartScheduleRepresentation},
@@ -88,6 +89,11 @@ var (
 		"subnet_id": acctest.Representation{RepType: acctest.Required, Create: `${var.test_subnet_id}`},
 		"vcn_id":    acctest.Representation{RepType: acctest.Required, Create: `${var.test_vcn_id}`},
 	}
+	DesktopsDesktopPoolPrivateAccessDetailsRepresentation = map[string]interface{}{
+		"subnet_id":  acctest.Representation{RepType: acctest.Required, Create: `${var.test_private_access_subnet_id}`},
+		"nsg_ids":    acctest.Representation{RepType: acctest.Optional, Create: []string{`${var.test_private_access_nsg_id}`}},
+		"private_ip": acctest.Representation{RepType: acctest.Optional, Create: `${var.test_private_access_private_ip}`},
+	}
 	DesktopsDesktopPoolAvailabilityPolicyStartScheduleRepresentation = map[string]interface{}{
 		"cron_expression": acctest.Representation{RepType: acctest.Required, Create: `${var.test_start_schedule_cron_expr_create}`, Update: `${var.test_start_schedule_cron_expr_update}`},
 		"timezone":        acctest.Representation{RepType: acctest.Required, Create: `${var.test_start_schedule_timezone_create}`, Update: `${var.test_start_schedule_timezone_update}`},
@@ -142,6 +148,15 @@ var (
 	test_nsg_id      = utils.GetEnvSettingWithBlankDefault("test_nsg_id")
 	nsgIdVariableStr = fmt.Sprintf("variable \"test_nsg_id\" { default = \"%s\" }\n", test_nsg_id)
 
+	test_private_access_subnet_id    = utils.GetEnvSettingWithBlankDefault("test_private_access_subnet_id")
+	privateAccessSubnetIdVariableStr = fmt.Sprintf("variable \"test_private_access_subnet_id\" { default = \"%s\" }\n", test_private_access_subnet_id)
+
+	test_private_access_nsg_id    = utils.GetEnvSettingWithBlankDefault("test_private_access_nsg_id")
+	privateAccessNsgIdVariableStr = fmt.Sprintf("variable \"test_private_access_nsg_id\" { default = \"%s\" }\n", test_private_access_nsg_id)
+
+	test_private_access_private_ip    = utils.GetEnvSettingWithBlankDefault("test_private_access_private_ip")
+	privateAccessPrivateIpVariableStr = fmt.Sprintf("variable \"test_private_access_private_ip\" { default = \"%s\" }\n", test_private_access_private_ip)
+
 	DesktopsDesktopPoolResourceDependencies = vcnIdVariableStr +
 		subnetIdVariableStr +
 		shapeNameVariableStr +
@@ -157,6 +172,9 @@ var (
 		stopScheduleTimezoneCreateVariableStr +
 		stopScheduleTimezoneUpdateVariableStr +
 		nsgIdVariableStr +
+		privateAccessSubnetIdVariableStr +
+		privateAccessNsgIdVariableStr +
+		privateAccessPrivateIpVariableStr +
 		AvailabilityDomainConfig
 )
 
@@ -268,6 +286,10 @@ func TestDesktopsDesktopPoolResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttr(resourceName, "network_configuration.#", "1"),
 				resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.subnet_id"),
 				resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.vcn_id"),
+				resource.TestCheckResourceAttr(resourceName, "private_access_details.#", "1"),
+				resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.private_ip"),
+				resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.subnet_id"),
+				resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.vcn_id"),
 				resource.TestCheckResourceAttrSet(resourceName, "shape_name"),
 				resource.TestCheckResourceAttr(resourceName, "standby_size", "2"),
 				resource.TestCheckResourceAttrSet(resourceName, "state"),
@@ -326,6 +348,10 @@ func TestDesktopsDesktopPoolResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttr(resourceName, "network_configuration.#", "1"),
 				resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.subnet_id"),
 				resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.vcn_id"),
+				resource.TestCheckResourceAttr(resourceName, "private_access_details.#", "1"),
+				resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.private_ip"),
+				resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.subnet_id"),
+				resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.vcn_id"),
 				resource.TestCheckResourceAttrSet(resourceName, "shape_name"),
 				resource.TestCheckResourceAttr(resourceName, "standby_size", "2"),
 				resource.TestCheckResourceAttrSet(resourceName, "state"),
@@ -379,6 +405,10 @@ func TestDesktopsDesktopPoolResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttr(resourceName, "network_configuration.#", "1"),
 				resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.subnet_id"),
 				resource.TestCheckResourceAttrSet(resourceName, "network_configuration.0.vcn_id"),
+				resource.TestCheckResourceAttr(resourceName, "private_access_details.#", "1"),
+				resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.private_ip"),
+				resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.subnet_id"),
+				resource.TestCheckResourceAttrSet(resourceName, "private_access_details.0.vcn_id"),
 				resource.TestCheckResourceAttrSet(resourceName, "shape_name"),
 				resource.TestCheckResourceAttr(resourceName, "standby_size", "3"),
 				resource.TestCheckResourceAttrSet(resourceName, "state"),
@@ -455,6 +485,10 @@ func TestDesktopsDesktopPoolResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttr(singularDatasourceName, "is_storage_enabled", "true"),
 				resource.TestCheckResourceAttr(singularDatasourceName, "maximum_size", "11"),
 				resource.TestCheckResourceAttr(singularDatasourceName, "network_configuration.#", "1"),
+				resource.TestCheckResourceAttr(singularDatasourceName, "private_access_details.#", "1"),
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "private_access_details.0.endpoint_fqdn"),
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "private_access_details.0.private_ip"),
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "private_access_details.0.vcn_id"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "shape_name"),
 				resource.TestCheckResourceAttr(singularDatasourceName, "standby_size", "3"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "state"),

internal/integrationtest/desktops_desktop_pool_test.go

@@ -131,6 +131,12 @@ func (s *DesktopsDesktopPoolDataSourceCrud) SetData() error {
 
 	s.D.Set("nsg_ids", s.Res.NsgIds)
 
+	if s.Res.PrivateAccessDetails != nil {
+		s.D.Set("private_access_details", []interface{}{DesktopPoolPrivateAccessDetailsToMap(s.Res.PrivateAccessDetails, true)})
+	} else {
+		s.D.Set("private_access_details", nil)
+	}
+
 	if s.Res.ShapeName != nil {
 		s.D.Set("shape_name", *s.Res.ShapeName)
 	}