Promote VPC Flow Logs Terraform API to GA (#12579) (#872)

[upstream:5e6616b9bfa37e9c5b1e2937215a7f2db3a2c0da]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

network_management_vpc_flow_logs_config_interconnect_basic/backing_file.tf

@@ -0,0 +1,15 @@
+# This file has some scaffolding to make sure that names are unique and that
+# a region and zone are selected when you try to create your Terraform resources.
+
+locals {
+  name_suffix = "${random_pet.suffix.id}"
+}
+
+resource "random_pet" "suffix" {
+  length = 2
+}
+
+provider "google" {
+  region = "us-central1"
+  zone   = "us-central1-c"
+}

network_management_vpc_flow_logs_config_interconnect_basic/main.tf

@@ -0,0 +1,29 @@
+data "google_project" "project" {
+}
+
+resource "google_network_management_vpc_flow_logs_config" "interconnect-test" {
+  vpc_flow_logs_config_id = "basic-interconnect-test-id-${local.name_suffix}"
+  location                = "global"
+  interconnect_attachment = "projects/${data.google_project.project.number}/regions/us-east4/interconnectAttachments/${google_compute_interconnect_attachment.attachment.name}"
+}
+
+resource "google_compute_network" "network" {
+  name     = "basic-interconnect-test-network-${local.name_suffix}"
+}
+
+resource "google_compute_router" "router" {
+  name    = "basic-interconnect-test-router-${local.name_suffix}"
+  network = google_compute_network.network.name
+  bgp {
+    asn = 16550
+  }
+}
+
+resource "google_compute_interconnect_attachment" "attachment" {
+  name                     = "basic-interconnect-test-id-${local.name_suffix}"
+  edge_availability_domain = "AVAILABILITY_DOMAIN_1"
+  type                     = "PARTNER"
+  router                   = google_compute_router.router.id
+  mtu                      = 1500
+}
+

network_management_vpc_flow_logs_config_interconnect_basic/motd

@@ -0,0 +1,7 @@
+===
+
+These examples use real resources that will be billed to the
+Google Cloud Platform project you use - so make sure that you
+run "terraform destroy" before quitting!
+
+===

network_management_vpc_flow_logs_config_interconnect_basic/tutorial.md

@@ -0,0 +1,79 @@
+# Network Management Vpc Flow Logs Config Interconnect Basic - Terraform
+
+## Setup
+
+<walkthrough-author name="[email protected]" analyticsId="UA-125550242-1" tutorialName="network_management_vpc_flow_logs_config_interconnect_basic" repositoryUrl="https://github.com/terraform-google-modules/docs-examples"></walkthrough-author>
+
+Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform.
+
+<walkthrough-project-billing-setup></walkthrough-project-billing-setup>
+
+Terraform provisions real GCP resources, so anything you create in this session will be billed against this project.
+
+## Terraforming!
+
+Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command
+to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up
+the project name from the environment variable.
+
+```bash
+export GOOGLE_CLOUD_PROJECT={{project-id}}
+```
+
+After that, let's get Terraform started. Run the following to pull in the providers.
+
+```bash
+terraform init
+```
+
+With the providers downloaded and a project set, you're ready to use Terraform. Go ahead!
+
+```bash
+terraform apply
+```
+
+Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan.
+
+```bash
+yes
+```
+
+
+## Post-Apply
+
+### Editing your config
+
+Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed.
+
+```bash
+terraform plan
+```
+
+So let's make a change! Try editing a number, or appending a value to the name in the editor. Then,
+run a 'plan' again.
+
+```bash
+terraform plan
+```
+
+Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes
+at the 'yes' prompt.
+
+```bash
+terraform apply
+```
+
+```bash
+yes
+```
+
+## Cleanup
+
+Run the following to remove the resources Terraform provisioned:
+
+```bash
+terraform destroy
+```
+```bash
+yes
+```

network_management_vpc_flow_logs_config_interconnect_full/backing_file.tf

@@ -0,0 +1,15 @@
+# This file has some scaffolding to make sure that names are unique and that
+# a region and zone are selected when you try to create your Terraform resources.
+
+locals {
+  name_suffix = "${random_pet.suffix.id}"
+}
+
+resource "random_pet" "suffix" {
+  length = 2
+}
+
+provider "google" {
+  region = "us-central1"
+  zone   = "us-central1-c"
+}

network_management_vpc_flow_logs_config_interconnect_full/main.tf

@@ -0,0 +1,34 @@
+data "google_project" "project" {
+}
+
+resource "google_network_management_vpc_flow_logs_config" "interconnect-test" {
+  vpc_flow_logs_config_id = "full-interconnect-test-id-${local.name_suffix}"
+  location                = "global"
+  interconnect_attachment = "projects/${data.google_project.project.number}/regions/us-east4/interconnectAttachments/${google_compute_interconnect_attachment.attachment.name}"
+  state                   = "ENABLED"
+  aggregation_interval    = "INTERVAL_5_SEC"
+  description             = "VPC Flow Logs over a VPN Gateway."
+  flow_sampling           = 0.5
+  metadata                = "INCLUDE_ALL_METADATA"
+}
+
+resource "google_compute_network" "network" {
+  name     = "full-interconnect-test-network-${local.name_suffix}"
+}
+
+resource "google_compute_router" "router" {
+  name    = "full-interconnect-test-router-${local.name_suffix}"
+  network = google_compute_network.network.name
+  bgp {
+    asn = 16550
+  }
+}
+
+resource "google_compute_interconnect_attachment" "attachment" {
+  name                     = "full-interconnect-test-id-${local.name_suffix}"
+  edge_availability_domain = "AVAILABILITY_DOMAIN_1"
+  type                     = "PARTNER"
+  router                   = google_compute_router.router.id
+  mtu                      = 1500
+}
+

network_management_vpc_flow_logs_config_interconnect_full/motd

@@ -0,0 +1,7 @@
+===
+
+These examples use real resources that will be billed to the
+Google Cloud Platform project you use - so make sure that you
+run "terraform destroy" before quitting!
+
+===

network_management_vpc_flow_logs_config_interconnect_full/tutorial.md

@@ -0,0 +1,79 @@
+# Network Management Vpc Flow Logs Config Interconnect Full - Terraform
+
+## Setup
+
+<walkthrough-author name="[email protected]" analyticsId="UA-125550242-1" tutorialName="network_management_vpc_flow_logs_config_interconnect_full" repositoryUrl="https://github.com/terraform-google-modules/docs-examples"></walkthrough-author>
+
+Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform.
+
+<walkthrough-project-billing-setup></walkthrough-project-billing-setup>
+
+Terraform provisions real GCP resources, so anything you create in this session will be billed against this project.
+
+## Terraforming!
+
+Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command
+to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up
+the project name from the environment variable.
+
+```bash
+export GOOGLE_CLOUD_PROJECT={{project-id}}
+```
+
+After that, let's get Terraform started. Run the following to pull in the providers.
+
+```bash
+terraform init
+```
+
+With the providers downloaded and a project set, you're ready to use Terraform. Go ahead!
+
+```bash
+terraform apply
+```
+
+Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan.
+
+```bash
+yes
+```
+
+
+## Post-Apply
+
+### Editing your config
+
+Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed.
+
+```bash
+terraform plan
+```
+
+So let's make a change! Try editing a number, or appending a value to the name in the editor. Then,
+run a 'plan' again.
+
+```bash
+terraform plan
+```
+
+Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes
+at the 'yes' prompt.
+
+```bash
+terraform apply
+```
+
+```bash
+yes
+```
+
+## Cleanup
+
+Run the following to remove the resources Terraform provisioned:
+
+```bash
+terraform destroy
+```
+```bash
+yes
+```

network_management_vpc_flow_logs_config_vpn_basic/backing_file.tf

@@ -0,0 +1,15 @@
+# This file has some scaffolding to make sure that names are unique and that
+# a region and zone are selected when you try to create your Terraform resources.
+
+locals {
+  name_suffix = "${random_pet.suffix.id}"
+}
+
+resource "random_pet" "suffix" {
+  length = 2
+}
+
+provider "google" {
+  region = "us-central1"
+  zone   = "us-central1-c"
+}

network_management_vpc_flow_logs_config_vpn_basic/main.tf

@@ -0,0 +1,65 @@
+data "google_project" "project" {
+}
+
+resource "google_network_management_vpc_flow_logs_config" "vpn-test" {
+  vpc_flow_logs_config_id = "basic-test-id-${local.name_suffix}"
+  location                = "global"
+  vpn_tunnel              = "projects/${data.google_project.project.number}/regions/us-central1/vpnTunnels/${google_compute_vpn_tunnel.tunnel.name}"
+}
+
+resource "google_compute_vpn_tunnel" "tunnel" {
+  name               = "basic-test-tunnel-${local.name_suffix}"
+  peer_ip            = "15.0.0.120"
+  shared_secret      = "a secret message"
+  target_vpn_gateway = google_compute_vpn_gateway.target_gateway.id
+
+  depends_on = [
+    google_compute_forwarding_rule.fr_esp,
+    google_compute_forwarding_rule.fr_udp500,
+    google_compute_forwarding_rule.fr_udp4500,
+  ]
+}
+
+resource "google_compute_vpn_gateway" "target_gateway" {
+  name     = "basic-test-gateway-${local.name_suffix}"
+  network  = google_compute_network.network.id
+}
+
+resource "google_compute_network" "network" {
+  name     = "basic-test-network-${local.name_suffix}"
+}
+
+resource "google_compute_address" "vpn_static_ip" {
+  name     = "basic-test-address-${local.name_suffix}"
+}
+
+resource "google_compute_forwarding_rule" "fr_esp" {
+  name        = "basic-test-fresp-${local.name_suffix}"
+  ip_protocol = "ESP"
+  ip_address  = google_compute_address.vpn_static_ip.address
+  target      = google_compute_vpn_gateway.target_gateway.id
+}
+
+resource "google_compute_forwarding_rule" "fr_udp500" {
+  name        = "basic-test-fr500-${local.name_suffix}"
+  ip_protocol = "UDP"
+  port_range  = "500"
+  ip_address  = google_compute_address.vpn_static_ip.address
+  target      = google_compute_vpn_gateway.target_gateway.id
+}
+
+resource "google_compute_forwarding_rule" "fr_udp4500" {
+  name        = "basic-test-fr4500-${local.name_suffix}"
+  ip_protocol = "UDP"
+  port_range  = "4500"
+  ip_address  = google_compute_address.vpn_static_ip.address
+  target      = google_compute_vpn_gateway.target_gateway.id
+}
+
+resource "google_compute_route" "route" {
+  name                = "basic-test-route-${local.name_suffix}"
+  network             = google_compute_network.network.name
+  dest_range          = "15.0.0.0/24"
+  priority            = 1000
+  next_hop_vpn_tunnel = google_compute_vpn_tunnel.tunnel.id
+}