Added new resource "Project Cloud Armor Tier"

[matheusaleixo-cit]

Adds a new resource "google_compute_project_cloud_armor_tier" allowing the management Cloud Armor Tier configuration in a similar function as the "google_compute_project_default_network_tier" resource

Fixes: hashicorp/terraform-provider-google#17658

Release Note Template for Downstream PRs (will be copied)

`google_compute_project_cloud_armor_tier`

[github-actions]

Hello! I am a robot. Tests will require approval from a repository maintainer to run.

@c2thorn, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

[c2thorn]

Thank you for contributing this! I'm running our CI now. In the meantime, would you mind adding an example block? Instructions are here: https://googlecloudplatform.github.io/magic-modules/develop/test/test/#add-a-create-test

You've already added the update test which is usually more work, but that does not appear in the documentation like an example would. Thanks!

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 4 files changed, 555 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 4 files changed, 555 insertions(+), 2 deletions(-))
terraform-google-conversion: Diff ( 1 file changed, 69 insertions(+))

[modular-magician]

Tests analytics

Total tests: 925
Passed tests: 850
Skipped tests: 72
Affected tests: 3

Click here to see the affected service packages

• compute

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccComputeProjectCloudArmorTier_basic|TestAccComputeProjectCloudArmorTier_modify|TestAccComputeProjectCloudArmorTier_withProjectSet

Get to know how VCR tests work

[modular-magician]

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccComputeProjectCloudArmorTier_withProjectSet[Debug log]

$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$

---

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccComputeProjectCloudArmorTier_basic[Error message] [Debug log]
TestAccComputeProjectCloudArmorTier_modify[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

[matheusaleixo-cit]

Tests passed during RECORDING mode: TestAccComputeProjectCloudArmorTier_withProjectSet[Debug log]

No issues found for passed tests after REPLAYING rerun.

Tests failed during RECORDING mode: TestAccComputeProjectCloudArmorTier_basic[Error message] [Debug log] TestAccComputeProjectCloudArmorTier_modify[Error message] [Debug log]

Please fix these to complete your PR. View the build log or the debug log for each test

Hi @c2thorn! Can you show me the logs for the two tests that are failing? I can't access them and these tests are passing for me when I run them locally.

[github-actions]

This PR has been waiting for review for 2 weekdays. Please take a look! Use the label disable-review-reminders to disable these notifications.

[c2thorn]

Hi @c2thorn! Can you show me the logs for the two tests that are failing? I can't access them and these tests are passing for me when I run them locally.

        Error: Error waiting to create ProjectCloudArmorTier: Invalid value for field 'cloudArmorTier': 'CA_STANDARD'. Setting the managed protection tier for projects enrolled in Cloud Armor Enterprise Annual Subscription is currently not supported. Please use the cloud console instead.

Our test project probably needs to be enrolled for some other features. Could we just avoid testing CA_STANDARD?

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 742 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 5 files changed, 742 insertions(+), 2 deletions(-))
terraform-google-conversion: Diff ( 1 file changed, 69 insertions(+))
Open in Cloud Shell: Diff ( 4 files changed, 104 insertions(+))

[modular-magician]

Tests analytics

Total tests: 938
Passed tests: 862
Skipped tests: 72
Affected tests: 4

Click here to see the affected service packages

• compute

Action taken

Found 4 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccComputeProjectCloudArmorTier_basic|TestAccComputeProjectCloudArmorTier_computeProjectCloudArmorTierBasicExample|TestAccComputeProjectCloudArmorTier_computeProjectCloudArmorTierProjectSetExample|TestAccComputeProjectCloudArmorTier_modify

Get to know how VCR tests work

[modular-magician]

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccComputeProjectCloudArmorTier_basic[Error message] [Debug log]
TestAccComputeProjectCloudArmorTier_computeProjectCloudArmorTierBasicExample[Error message] [Debug log]
TestAccComputeProjectCloudArmorTier_computeProjectCloudArmorTierProjectSetExample[Error message] [Debug log]
TestAccComputeProjectCloudArmorTier_modify[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

[matheusaleixo-cit]

Hi @c2thorn! Can you show me the logs for the two tests that are failing? I can't access them and these tests are passing for me when I run them locally.

        Error: Error waiting to create ProjectCloudArmorTier: Invalid value for field 'cloudArmorTier': 'CA_STANDARD'. Setting the managed protection tier for projects enrolled in Cloud Armor Enterprise Annual Subscription is currently not supported. Please use the cloud console instead.

Our test project probably needs to be enrolled for some other features. Could we just avoid testing CA_STANDARD?

I changed the examples and the basic test to use the CA_ENTERPRISE_PAYGO value, but I think the subscription used in the test project wont allow setting this cloudArmorTier configuration at all. If the tests fail again I'l change this back and set the tests to be skipped since the cloud armor tier is the only config this resource is handling.

[github-actions]

@GoogleCloudPlatform/terraform-team This PR has been waiting for review for 1 week. Please take a look! Use the label disable-review-reminders to disable these notifications.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 743 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 5 files changed, 743 insertions(+), 2 deletions(-))
terraform-google-conversion: Diff ( 1 file changed, 69 insertions(+))
Open in Cloud Shell: Diff ( 4 files changed, 104 insertions(+))

[modular-magician]

Tests analytics

Total tests: 942
Passed tests: 826
Skipped tests: 73
Affected tests: 43

Click here to see the affected service packages

• compute

Non-exercised tests

Tests were added that are skipped in VCR:

• TestAccComputeProjectCloudArmorTier_modify

Action taken

Found 43 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccComputeAutoscaler_autoscalerBasicExample|TestAccComputeAutoscaler_autoscalerSingleInstanceExample|TestAccComputeAutoscaler_multicondition|TestAccComputeAutoscaler_scaleDownControl|TestAccComputeAutoscaler_scaleInControl|TestAccComputeAutoscaler_scaleInControlFixed|TestAccComputeAutoscaler_scalingSchedule|TestAccComputeAutoscaler_update|TestAccComputeBackendService_withBackendAndIAP|TestAccComputeInstanceGroup_rename|TestAccComputeInstanceNetworkIntefaceWithSecurityPolicy|TestAccComputeInstanceTemplate_sourceImageEncryptionKey|TestAccComputeInstance_guestAccelerator|TestAccComputePerInstanceConfig_removeInstanceOnDestroy|TestAccComputePerInstanceConfig_statefulIps|TestAccComputePerInstanceConfig_update|TestAccComputeProjectCloudArmorTier_basic|TestAccComputeProjectCloudArmorTier_computeProjectCloudArmorTierBasicExample|TestAccComputeProjectCloudArmorTier_computeProjectCloudArmorTierProjectSetExample|TestAccComputeRegionAutoscaler_regionAutoscalerBasicExample|TestAccComputeRegionAutoscaler_scaleDownControl|TestAccComputeRegionAutoscaler_scaleInControl|TestAccComputeRegionAutoscaler_scalingSchedule|TestAccComputeRegionAutoscaler_update|TestAccComputeRegionInstanceTemplate_sourceImageEncryptionKey|TestAccComputeTargetPool_basic|TestAccInstanceGroupManager_autoHealingPolicies|TestAccInstanceGroupManager_basic|TestAccInstanceGroupManager_resourceManagerTags|TestAccInstanceGroupManager_self_link_unique|TestAccInstanceGroupManager_stateful|TestAccInstanceGroupManager_targetSizeZero|TestAccInstanceGroupManager_update|TestAccInstanceGroupManager_versions|TestAccInstanceGroupManager_waitForStatus|TestAccRegionInstanceGroupManager_autoHealingPolicies|TestAccRegionInstanceGroupManager_basic|TestAccRegionInstanceGroupManager_distributionPolicy|TestAccRegionInstanceGroupManager_resourceManagerTags|TestAccRegionInstanceGroupManager_stateful|TestAccRegionInstanceGroupManager_targetSizeZero|TestAccRegionInstanceGroupManager_update|TestAccRegionInstanceGroupManager_versions

Get to know how VCR tests work

[modular-magician]

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccComputeAutoscaler_autoscalerBasicExample[Debug log]
TestAccComputeAutoscaler_autoscalerSingleInstanceExample[Debug log]
TestAccComputeAutoscaler_multicondition[Debug log]
TestAccComputeAutoscaler_scaleDownControl[Debug log]
TestAccComputeAutoscaler_scaleInControl[Debug log]
TestAccComputeAutoscaler_scaleInControlFixed[Debug log]
TestAccComputeAutoscaler_scalingSchedule[Debug log]
TestAccComputeAutoscaler_update[Debug log]
TestAccComputeBackendService_withBackendAndIAP[Debug log]
TestAccComputeInstanceGroup_rename[Debug log]
TestAccComputeInstanceTemplate_sourceImageEncryptionKey[Debug log]
TestAccComputePerInstanceConfig_removeInstanceOnDestroy[Debug log]
TestAccComputePerInstanceConfig_statefulIps[Debug log]
TestAccComputePerInstanceConfig_update[Debug log]
TestAccComputeRegionAutoscaler_regionAutoscalerBasicExample[Debug log]
TestAccComputeRegionAutoscaler_scaleDownControl[Debug log]
TestAccComputeRegionAutoscaler_scaleInControl[Debug log]
TestAccComputeRegionAutoscaler_scalingSchedule[Debug log]
TestAccComputeRegionAutoscaler_update[Debug log]
TestAccComputeRegionInstanceTemplate_sourceImageEncryptionKey[Debug log]
TestAccComputeTargetPool_basic[Debug log]
TestAccInstanceGroupManager_autoHealingPolicies[Debug log]
TestAccInstanceGroupManager_basic[Debug log]
TestAccInstanceGroupManager_resourceManagerTags[Debug log]
TestAccInstanceGroupManager_self_link_unique[Debug log]
TestAccInstanceGroupManager_stateful[Debug log]
TestAccInstanceGroupManager_targetSizeZero[Debug log]
TestAccInstanceGroupManager_update[Debug log]
TestAccInstanceGroupManager_versions[Debug log]
TestAccInstanceGroupManager_waitForStatus[Debug log]
TestAccRegionInstanceGroupManager_autoHealingPolicies[Debug log]
TestAccRegionInstanceGroupManager_basic[Debug log]
TestAccRegionInstanceGroupManager_distributionPolicy[Debug log]
TestAccRegionInstanceGroupManager_resourceManagerTags[Debug log]
TestAccRegionInstanceGroupManager_stateful[Debug log]
TestAccRegionInstanceGroupManager_targetSizeZero[Debug log]
TestAccRegionInstanceGroupManager_update[Debug log]
TestAccRegionInstanceGroupManager_versions[Debug log]

$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$

---

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccComputeInstanceNetworkIntefaceWithSecurityPolicy[Error message] [Debug log]
TestAccComputeInstance_guestAccelerator[Error message] [Debug log]
TestAccComputeProjectCloudArmorTier_basic[Error message] [Debug log]
TestAccComputeProjectCloudArmorTier_computeProjectCloudArmorTierBasicExample[Error message] [Debug log]
TestAccComputeProjectCloudArmorTier_computeProjectCloudArmorTierProjectSetExample[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

[c2thorn]

I changed the examples and the basic test to use the CA_ENTERPRISE_PAYGO value, but I think the subscription used in the test project wont allow setting this cloudArmorTier configuration at all. If the tests fail again I'l change this back and set the tests to be skipped since the cloud armor tier is the only config this resource is handling.

This looks like the way to go, we got another similar error:

Error waiting to create ProjectCloudArmorTier: Invalid value for field 'cloudArmorTier': 'CA_ENTERPRISE_PAYGO'. Setting the managed protection tier for projects enrolled in Cloud Armor Enterprise Annual Subscription is currently not supported. Please use the cloud console instead.

If the previous value was a better "example" value, feel free to change it back and then also add skip_test to the skippable examples. Appreciate it.