diff --git a/.changelog/12519.txt b/.changelog/12519.txt
new file mode 100644
index 0000000000..d00f23afba
--- /dev/null
+++ b/.changelog/12519.txt
@@ -0,0 +1,6 @@
+```release-note:enhancement
+networkconnectivity: added support for updating `linked_vpn_tunnels.include_import_ranges`, `linked_interconnect_attachments.include_import_ranges`, `linked_router_appliance_instances. instances` and `linked_router_appliance_instances.include_import_ranges` in `google_network_connectivity_spoke`
+```
+```release-note:bug
+networkconnectivity: fixed `linked_router_appliance_instances.instances.virtual_machine` and `linked_router_appliance_instances.instances.ip_address` attributes in `google_network_connectivity_spoke` to be correctly marked as required. Otherwise the request to create the resource will fail.
+```
\ No newline at end of file
diff --git a/google-beta/services/networkconnectivity/resource_network_connectivity_spoke.go b/google-beta/services/networkconnectivity/resource_network_connectivity_spoke.go
index f922fcbe4a..40586c6e49 100644
--- a/google-beta/services/networkconnectivity/resource_network_connectivity_spoke.go
+++ b/google-beta/services/networkconnectivity/resource_network_connectivity_spoke.go
@@ -92,7 +92,6 @@ Please refer to the field 'effective_labels' for all of the labels present on th
"linked_interconnect_attachments": {
Type: schema.TypeList,
Optional: true,
- ForceNew: true,
Description: `A collection of VLAN attachment resources. These resources should be redundant attachments that all advertise the same prefixes to Google Cloud. Alternatively, in active/passive configurations, all attachments should be capable of advertising the same prefixes.`,
MaxItems: 1,
Elem: &schema.Resource{
@@ -176,7 +175,6 @@ The only allowed value for now is "ALL_IPV4_RANGES".`,
"linked_router_appliance_instances": {
Type: schema.TypeList,
Optional: true,
- ForceNew: true,
Description: `The URIs of linked Router appliance resources`,
MaxItems: 1,
Elem: &schema.Resource{
@@ -190,13 +188,13 @@ The only allowed value for now is "ALL_IPV4_RANGES".`,
Schema: map[string]*schema.Schema{
"ip_address": {
Type: schema.TypeString,
- Optional: true,
+ Required: true,
ForceNew: true,
Description: `The IP address on the VM to use for peering.`,
},
"virtual_machine": {
Type: schema.TypeString,
- Optional: true,
+ Required: true,
ForceNew: true,
DiffSuppressFunc: tpgresource.CompareSelfLinkOrResourceName,
Description: `The URI of the virtual machine resource`,
@@ -263,7 +261,6 @@ The only allowed value for now is "ALL_IPV4_RANGES".`,
"linked_vpn_tunnels": {
Type: schema.TypeList,
Optional: true,
- ForceNew: true,
Description: `The URIs of linked VPN tunnel resources`,
MaxItems: 1,
Elem: &schema.Resource{
@@ -573,6 +570,24 @@ func resourceNetworkConnectivitySpokeUpdate(d *schema.ResourceData, meta interfa
} else if v, ok := d.GetOkExists("description"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, descriptionProp)) {
obj["description"] = descriptionProp
}
+ linkedVpnTunnelsProp, err := expandNetworkConnectivitySpokeLinkedVpnTunnels(d.Get("linked_vpn_tunnels"), d, config)
+ if err != nil {
+ return err
+ } else if v, ok := d.GetOkExists("linked_vpn_tunnels"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, linkedVpnTunnelsProp)) {
+ obj["linkedVpnTunnels"] = linkedVpnTunnelsProp
+ }
+ linkedInterconnectAttachmentsProp, err := expandNetworkConnectivitySpokeLinkedInterconnectAttachments(d.Get("linked_interconnect_attachments"), d, config)
+ if err != nil {
+ return err
+ } else if v, ok := d.GetOkExists("linked_interconnect_attachments"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, linkedInterconnectAttachmentsProp)) {
+ obj["linkedInterconnectAttachments"] = linkedInterconnectAttachmentsProp
+ }
+ linkedRouterApplianceInstancesProp, err := expandNetworkConnectivitySpokeLinkedRouterApplianceInstances(d.Get("linked_router_appliance_instances"), d, config)
+ if err != nil {
+ return err
+ } else if v, ok := d.GetOkExists("linked_router_appliance_instances"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, linkedRouterApplianceInstancesProp)) {
+ obj["linkedRouterApplianceInstances"] = linkedRouterApplianceInstancesProp
+ }
labelsProp, err := expandNetworkConnectivitySpokeEffectiveLabels(d.Get("effective_labels"), d, config)
if err != nil {
return err
@@ -593,6 +608,19 @@ func resourceNetworkConnectivitySpokeUpdate(d *schema.ResourceData, meta interfa
updateMask = append(updateMask, "description")
}
+ if d.HasChange("linked_vpn_tunnels") {
+ updateMask = append(updateMask, "linkedVpnTunnels.includeImportRanges")
+ }
+
+ if d.HasChange("linked_interconnect_attachments") {
+ updateMask = append(updateMask, "linkedInterconnectAttachments.includeImportRanges")
+ }
+
+ if d.HasChange("linked_router_appliance_instances") {
+ updateMask = append(updateMask, "linkedRouterApplianceInstances.instances",
+ "linkedRouterApplianceInstances.includeImportRanges")
+ }
+
if d.HasChange("effective_labels") {
updateMask = append(updateMask, "labels")
}
diff --git a/google-beta/services/networkconnectivity/resource_network_connectivity_spoke_test.go b/google-beta/services/networkconnectivity/resource_network_connectivity_spoke_test.go
index cd8bb38b22..a34bb6d11f 100644
--- a/google-beta/services/networkconnectivity/resource_network_connectivity_spoke_test.go
+++ b/google-beta/services/networkconnectivity/resource_network_connectivity_spoke_test.go
@@ -114,6 +114,15 @@ func TestAccNetworkConnectivitySpoke_RouterApplianceHandWritten(t *testing.T) {
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"labels", "terraform_labels"},
},
+ {
+ Config: testAccNetworkConnectivitySpoke_RouterApplianceHandWrittenUpdate1(context),
+ },
+ {
+ ResourceName: "google_network_connectivity_spoke.primary",
+ ImportState: true,
+ ImportStateVerify: true,
+ ImportStateVerifyIgnore: []string{"labels", "terraform_labels"},
+ },
},
})
}
@@ -150,9 +159,91 @@ func TestAccNetworkConnectivitySpoke_RouterApplianceHandWrittenLongForm(t *testi
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"labels", "terraform_labels"},
},
+ {
+ Config: testAccNetworkConnectivitySpoke_RouterApplianceHandWrittenUpdate1LongForm(context),
+ },
+ {
+ ResourceName: "google_network_connectivity_spoke.primary",
+ ImportState: true,
+ ImportStateVerify: true,
+ ImportStateVerifyIgnore: []string{"labels", "terraform_labels"},
+ },
},
})
}
+
+func TestAccNetworkConnectivitySpoke_VPNTunnelHandWrittenHandWritten(t *testing.T) {
+ t.Parallel()
+
+ context := map[string]interface{}{
+ "project_name": envvar.GetTestProjectFromEnv(),
+ "region": envvar.GetTestRegionFromEnv(),
+ "random_suffix": acctest.RandString(t, 10),
+ }
+
+ acctest.VcrTest(t, resource.TestCase{
+ PreCheck: func() { acctest.AccTestPreCheck(t) },
+ ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+ CheckDestroy: testAccCheckNetworkConnectivitySpokeDestroyProducer(t),
+ Steps: []resource.TestStep{
+ {
+ Config: testAccNetworkConnectivitySpoke_VPNTunnelHandWrittenHandWritten(context),
+ },
+ {
+ ResourceName: "google_network_connectivity_spoke.primary",
+ ImportState: true,
+ ImportStateVerify: true,
+ ImportStateVerifyIgnore: []string{"labels", "terraform_labels"},
+ },
+ {
+ Config: testAccNetworkConnectivitySpoke_VPNTunnelHandWrittenHandWrittenUpdate0(context),
+ },
+ {
+ ResourceName: "google_network_connectivity_spoke.primary",
+ ImportState: true,
+ ImportStateVerify: true,
+ ImportStateVerifyIgnore: []string{"labels", "terraform_labels"},
+ },
+ },
+ })
+}
+
+func TestAccNetworkConnectivitySpoke_InterconnectAttachmentHandWrittenHandWritten(t *testing.T) {
+ t.Parallel()
+
+ context := map[string]interface{}{
+ "project_name": envvar.GetTestProjectFromEnv(),
+ "region": envvar.GetTestRegionFromEnv(),
+ "random_suffix": acctest.RandString(t, 10),
+ }
+
+ acctest.VcrTest(t, resource.TestCase{
+ PreCheck: func() { acctest.AccTestPreCheck(t) },
+ ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+ CheckDestroy: testAccCheckNetworkConnectivitySpokeDestroyProducer(t),
+ Steps: []resource.TestStep{
+ {
+ Config: testAccNetworkConnectivitySpoke_InterconnectAttachmentHandWrittenHandWritten(context),
+ },
+ {
+ ResourceName: "google_network_connectivity_spoke.primary",
+ ImportState: true,
+ ImportStateVerify: true,
+ ImportStateVerifyIgnore: []string{"labels", "terraform_labels"},
+ },
+ {
+ Config: testAccNetworkConnectivitySpoke_InterconnectAttachmentHandWrittenHandWrittenUpdate0(context),
+ },
+ {
+ ResourceName: "google_network_connectivity_spoke.primary",
+ ImportState: true,
+ ImportStateVerify: true,
+ ImportStateVerifyIgnore: []string{"labels", "terraform_labels"},
+ },
+ },
+ })
+}
+
func testAccNetworkConnectivitySpoke_LinkedVPCNetworkHandWritten(context map[string]interface{}) string {
return acctest.Nprintf(`
@@ -246,8 +337,8 @@ resource "google_compute_subnetwork" "subnetwork" {
network = google_compute_network.network.self_link
}
-resource "google_compute_instance" "instance" {
- name = "tf-test-instance%{random_suffix}"
+resource "google_compute_instance" "router-instance1" {
+ name = "tf-test-router-instance1%{random_suffix}"
machine_type = "e2-medium"
can_ip_forward = true
zone = "%{zone}"
@@ -278,14 +369,14 @@ resource "google_network_connectivity_hub" "basic_hub" {
resource "google_network_connectivity_spoke" "primary" {
name = "tf-test-name%{random_suffix}"
location = "%{region}"
- description = "A sample spoke with a linked routher appliance instance"
+ description = "A sample spoke with a single linked routher appliance instance"
labels = {
label-one = "value-one"
}
hub = google_network_connectivity_hub.basic_hub.id
linked_router_appliance_instances {
instances {
- virtual_machine = google_compute_instance.instance.self_link
+ virtual_machine = google_compute_instance.router-instance1.self_link
ip_address = "10.0.0.2"
}
site_to_site_data_transfer = true
@@ -309,8 +400,8 @@ resource "google_compute_subnetwork" "subnetwork" {
network = google_compute_network.network.self_link
}
-resource "google_compute_instance" "instance" {
- name = "tf-test-instance%{random_suffix}"
+resource "google_compute_instance" "router-instance1" {
+ name = "tf-test-router-instance1%{random_suffix}"
machine_type = "e2-medium"
can_ip_forward = true
zone = "%{zone}"
@@ -341,14 +432,14 @@ resource "google_network_connectivity_hub" "basic_hub" {
resource "google_network_connectivity_spoke" "primary" {
name = "tf-test-name%{random_suffix}"
location = "%{region}"
- description = "An UPDATED sample spoke with a linked routher appliance instance"
+ description = "An UPDATED sample spoke with a single linked routher appliance instance"
labels = {
label-two = "value-two"
}
hub = google_network_connectivity_hub.basic_hub.id
linked_router_appliance_instances {
instances {
- virtual_machine = google_compute_instance.instance.self_link
+ virtual_machine = google_compute_instance.router-instance1.self_link
ip_address = "10.0.0.2"
}
site_to_site_data_transfer = true
@@ -356,6 +447,96 @@ resource "google_network_connectivity_spoke" "primary" {
}
`, context)
}
+
+func testAccNetworkConnectivitySpoke_RouterApplianceHandWrittenUpdate1(context map[string]interface{}) string {
+ return acctest.Nprintf(`
+
+resource "google_compute_network" "network" {
+ name = "tf-test-network%{random_suffix}"
+ auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "subnetwork" {
+ name = "tf-test-subnet%{random_suffix}"
+ ip_cidr_range = "10.0.0.0/28"
+ region = "%{region}"
+ network = google_compute_network.network.self_link
+}
+
+resource "google_compute_instance" "router-instance1" {
+ name = "tf-test-router-instance1%{random_suffix}"
+ machine_type = "e2-medium"
+ can_ip_forward = true
+ zone = "%{zone}"
+
+ boot_disk {
+ initialize_params {
+ image = "projects/debian-cloud/global/images/debian-10-buster-v20210817"
+ }
+ }
+
+ network_interface {
+ subnetwork = google_compute_subnetwork.subnetwork.name
+ network_ip = "10.0.0.2"
+ access_config {
+ network_tier = "PREMIUM"
+ }
+ }
+}
+
+resource "google_compute_instance" "router-instance2" {
+ name = "tf-test-router-instance2%{random_suffix}"
+ machine_type = "e2-medium"
+ can_ip_forward = true
+ zone = "%{zone}"
+
+ boot_disk {
+ initialize_params {
+ image = "projects/debian-cloud/global/images/debian-10-buster-v20210817"
+ }
+ }
+
+ network_interface {
+ subnetwork = google_compute_subnetwork.subnetwork.name
+ network_ip = "10.0.0.3"
+ access_config {
+ network_tier = "PREMIUM"
+ }
+ }
+}
+
+resource "google_network_connectivity_hub" "basic_hub" {
+ name = "tf-test-hub%{random_suffix}"
+ description = "A sample hub"
+ labels = {
+ label-two = "value-one"
+ }
+}
+
+resource "google_network_connectivity_spoke" "primary" {
+ name = "tf-test-name%{random_suffix}"
+ location = "%{region}"
+ description = "An UPDATED sample spoke with two linked routher appliance instances"
+ labels = {
+ label-two = "value-two"
+ }
+ hub = google_network_connectivity_hub.basic_hub.id
+ linked_router_appliance_instances {
+ instances {
+ virtual_machine = google_compute_instance.router-instance1.self_link
+ ip_address = "10.0.0.2"
+ }
+ instances {
+ virtual_machine = google_compute_instance.router-instance2.self_link
+ ip_address = "10.0.0.3"
+ }
+ include_import_ranges = ["ALL_IPV4_RANGES"]
+ site_to_site_data_transfer = true
+ }
+}
+`, context)
+}
+
func testAccNetworkConnectivitySpoke_LinkedVPCNetworkHandWrittenLongForm(context map[string]interface{}) string {
return acctest.Nprintf(`
@@ -449,8 +630,8 @@ resource "google_compute_subnetwork" "subnetwork" {
network = google_compute_network.network.self_link
}
-resource "google_compute_instance" "instance" {
- name = "tf-test-instance%{random_suffix}"
+resource "google_compute_instance" "router-instance1" {
+ name = "tf-test-router-instance1%{random_suffix}"
machine_type = "e2-medium"
can_ip_forward = true
zone = "%{zone}"
@@ -481,14 +662,14 @@ resource "google_network_connectivity_hub" "basic_hub" {
resource "google_network_connectivity_spoke" "primary" {
name = "tf-test-name%{random_suffix}"
location = "%{region}"
- description = "A sample spoke with a linked routher appliance instance"
+ description = "A sample spoke with a single linked routher appliance instance"
labels = {
label-one = "value-one"
}
hub = google_network_connectivity_hub.basic_hub.id
linked_router_appliance_instances {
instances {
- virtual_machine = google_compute_instance.instance.self_link
+ virtual_machine = google_compute_instance.router-instance1.self_link
ip_address = "10.0.0.2"
}
site_to_site_data_transfer = true
@@ -512,8 +693,71 @@ resource "google_compute_subnetwork" "subnetwork" {
network = google_compute_network.network.self_link
}
-resource "google_compute_instance" "instance" {
- name = "tf-test-instance%{random_suffix}"
+resource "google_compute_instance" "router-instance1" {
+ name = "tf-test-router-instance1%{random_suffix}"
+ machine_type = "e2-medium"
+ can_ip_forward = true
+ zone = "%{zone}"
+
+ boot_disk {
+ initialize_params {
+ image = "projects/debian-cloud/global/images/debian-10-buster-v20210817"
+ }
+ }
+
+ network_interface {
+ subnetwork = google_compute_subnetwork.subnetwork.name
+ network_ip = "10.0.0.2"
+ access_config {
+ network_tier = "PREMIUM"
+ }
+ }
+}
+
+resource "google_network_connectivity_hub" "basic_hub" {
+ name = "tf-test-hub%{random_suffix}"
+ description = "A sample hub"
+ labels = {
+ label-two = "value-one"
+ }
+}
+
+resource "google_network_connectivity_spoke" "primary" {
+ name = "tf-test-name%{random_suffix}"
+ location = "%{region}"
+ description = "An UPDATED sample spoke with a single linked routher appliance instance"
+ labels = {
+ label-two = "value-two"
+ }
+ hub = google_network_connectivity_hub.basic_hub.id
+ linked_router_appliance_instances {
+ instances {
+ virtual_machine = google_compute_instance.router-instance1.self_link
+ ip_address = "10.0.0.2"
+ }
+ site_to_site_data_transfer = true
+ }
+}
+`, context)
+}
+
+func testAccNetworkConnectivitySpoke_RouterApplianceHandWrittenUpdate1LongForm(context map[string]interface{}) string {
+ return acctest.Nprintf(`
+
+resource "google_compute_network" "network" {
+ name = "tf-test-network%{random_suffix}"
+ auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "subnetwork" {
+ name = "tf-test-subnet%{random_suffix}"
+ ip_cidr_range = "10.0.0.0/28"
+ region = "%{region}"
+ network = google_compute_network.network.self_link
+}
+
+resource "google_compute_instance" "router-instance1" {
+ name = "tf-test-router-instance1%{random_suffix}"
machine_type = "e2-medium"
can_ip_forward = true
zone = "%{zone}"
@@ -533,6 +777,27 @@ resource "google_compute_instance" "instance" {
}
}
+resource "google_compute_instance" "router-instance2" {
+ name = "tf-test-router-instance2%{random_suffix}"
+ machine_type = "e2-medium"
+ can_ip_forward = true
+ zone = "%{zone}"
+
+ boot_disk {
+ initialize_params {
+ image = "projects/debian-cloud/global/images/debian-10-buster-v20210817"
+ }
+ }
+
+ network_interface {
+ subnetwork = google_compute_subnetwork.subnetwork.name
+ network_ip = "10.0.0.3"
+ access_config {
+ network_tier = "PREMIUM"
+ }
+ }
+}
+
resource "google_network_connectivity_hub" "basic_hub" {
name = "tf-test-hub%{random_suffix}"
description = "A sample hub"
@@ -544,17 +809,309 @@ resource "google_network_connectivity_hub" "basic_hub" {
resource "google_network_connectivity_spoke" "primary" {
name = "tf-test-name%{random_suffix}"
location = "%{region}"
- description = "An UPDATED sample spoke with a linked routher appliance instance"
+ description = "An UPDATED sample spoke with two linked routher appliance instances"
labels = {
label-two = "value-two"
}
hub = google_network_connectivity_hub.basic_hub.id
linked_router_appliance_instances {
instances {
- virtual_machine = google_compute_instance.instance.self_link
+ virtual_machine = google_compute_instance.router-instance1.self_link
ip_address = "10.0.0.2"
}
+ instances {
+ virtual_machine = google_compute_instance.router-instance2.self_link
+ ip_address = "10.0.0.3"
+ }
+ include_import_ranges = ["ALL_IPV4_RANGES"]
+ site_to_site_data_transfer = true
+ }
+}
+`, context)
+}
+
+func testAccNetworkConnectivitySpoke_VPNTunnelHandWrittenHandWritten(context map[string]interface{}) string {
+ return acctest.Nprintf(`
+
+resource "google_compute_network" "network" {
+ name = "tf-test-network%{random_suffix}"
+ auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "subnetwork" {
+ name = "tf-test-subnet%{random_suffix}"
+ ip_cidr_range = "10.0.0.0/28"
+ region = "%{region}"
+ network = google_compute_network.network.self_link
+}
+
+resource "google_compute_ha_vpn_gateway" "gateway" {
+ name = "tf-test-gw%{random_suffix}"
+ network = google_compute_network.network.id
+}
+
+resource "google_compute_external_vpn_gateway" "external_vpn_gw" {
+ name = "tf-test-external-gw%{random_suffix}"
+ redundancy_type = "SINGLE_IP_INTERNALLY_REDUNDANT"
+ description = "An externally managed VPN gateway"
+ interface {
+ id = 0
+ ip_address = "8.8.8.8"
+ }
+}
+
+resource "google_compute_router" "router" {
+ name = "tf-test-router%{random_suffix}"
+ region = "%{region}"
+ network = google_compute_network.network.name
+ bgp {
+ asn = 64514
+ }
+}
+
+resource "google_compute_vpn_tunnel" "tunnel" {
+ name = "tf-test-tunnel%{random_suffix}"
+ region = "%{region}"
+ vpn_gateway = google_compute_ha_vpn_gateway.gateway.id
+ peer_external_gateway = google_compute_external_vpn_gateway.external_vpn_gw.id
+ peer_external_gateway_interface = 0
+ shared_secret = "a secret message"
+ router = google_compute_router.router.id
+ vpn_gateway_interface = 0
+}
+
+resource "google_compute_router_interface" "router_interface" {
+ name = "tf-test-ri%{random_suffix}"
+ router = google_compute_router.router.name
+ region = "%{region}"
+ ip_range = "169.254.0.1/30"
+ vpn_tunnel = google_compute_vpn_tunnel.tunnel.name
+}
+
+resource "google_compute_router_peer" "router_peer" {
+ name = "tf-test-peer%{random_suffix}"
+ router = google_compute_router.router.name
+ region = "%{region}"
+ peer_ip_address = "169.254.0.2"
+ peer_asn = 64515
+ advertised_route_priority = 100
+ interface = google_compute_router_interface.router_interface.name
+}
+
+resource "google_network_connectivity_hub" "basic_hub" {
+ name = "tf-test-hub%{random_suffix}"
+ description = "A sample hub"
+ labels = {
+ label-two = "value-one"
+ }
+}
+
+resource "google_network_connectivity_spoke" "primary" {
+ name = "tf-test-name%{random_suffix}"
+ location = "%{region}"
+ description = "A sample spoke with a linked VPN Tunnel, no include_import_ranges yet"
+ labels = {
+ label-one = "value-one"
+ }
+ hub = google_network_connectivity_hub.basic_hub.id
+ linked_vpn_tunnels {
+ uris = [google_compute_vpn_tunnel.tunnel.self_link]
+ site_to_site_data_transfer = true
+ }
+}
+`, context)
+}
+
+func testAccNetworkConnectivitySpoke_VPNTunnelHandWrittenHandWrittenUpdate0(context map[string]interface{}) string {
+ return acctest.Nprintf(`
+
+resource "google_compute_network" "network" {
+ name = "tf-test-network%{random_suffix}"
+ auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "subnetwork" {
+ name = "tf-test-subnet%{random_suffix}"
+ ip_cidr_range = "10.0.0.0/28"
+ region = "%{region}"
+ network = google_compute_network.network.self_link
+}
+
+resource "google_compute_ha_vpn_gateway" "gateway" {
+ name = "tf-test-gw%{random_suffix}"
+ network = google_compute_network.network.id
+}
+
+resource "google_compute_external_vpn_gateway" "external_vpn_gw" {
+ name = "tf-test-external-gw%{random_suffix}"
+ redundancy_type = "SINGLE_IP_INTERNALLY_REDUNDANT"
+ description = "An externally managed VPN gateway"
+ interface {
+ id = 0
+ ip_address = "8.8.8.8"
+ }
+}
+
+resource "google_compute_router" "router" {
+ name = "tf-test-router%{random_suffix}"
+ region = "%{region}"
+ network = google_compute_network.network.name
+ bgp {
+ asn = 64514
+ }
+}
+
+resource "google_compute_vpn_tunnel" "tunnel" {
+ name = "tf-test-tunnel%{random_suffix}"
+ region = "%{region}"
+ vpn_gateway = google_compute_ha_vpn_gateway.gateway.id
+ peer_external_gateway = google_compute_external_vpn_gateway.external_vpn_gw.id
+ peer_external_gateway_interface = 0
+ shared_secret = "a secret message"
+ router = google_compute_router.router.id
+ vpn_gateway_interface = 0
+}
+
+resource "google_compute_router_interface" "router_interface" {
+ name = "tf-test-ri%{random_suffix}"
+ router = google_compute_router.router.name
+ region = "%{region}"
+ ip_range = "169.254.0.1/30"
+ vpn_tunnel = google_compute_vpn_tunnel.tunnel.name
+}
+
+resource "google_compute_router_peer" "router_peer" {
+ name = "tf-test-peer%{random_suffix}"
+ router = google_compute_router.router.name
+ region = "%{region}"
+ peer_ip_address = "169.254.0.2"
+ peer_asn = 64515
+ advertised_route_priority = 100
+ interface = google_compute_router_interface.router_interface.name
+}
+
+resource "google_network_connectivity_hub" "basic_hub" {
+ name = "tf-test-hub%{random_suffix}"
+ description = "A sample hub"
+ labels = {
+ label-two = "value-one"
+ }
+}
+
+resource "google_network_connectivity_spoke" "primary" {
+ name = "tf-test-name%{random_suffix}"
+ location = "%{region}"
+ description = "An UPDATED sample spoke with a linked VPN Tunnel, now includes ALL_IPV4_RANGES"
+ labels = {
+ label-one = "value-one"
+ }
+ hub = google_network_connectivity_hub.basic_hub.id
+ linked_vpn_tunnels {
+ uris = [google_compute_vpn_tunnel.tunnel.self_link]
+ site_to_site_data_transfer = true
+ include_import_ranges = ["ALL_IPV4_RANGES"]
+ }
+}
+`, context)
+}
+
+func testAccNetworkConnectivitySpoke_InterconnectAttachmentHandWrittenHandWritten(context map[string]interface{}) string {
+ return acctest.Nprintf(`
+
+resource "google_network_connectivity_hub" "basic_hub" {
+ name = "tf-test-hub%{random_suffix}"
+ description = "A sample hub"
+ labels = {
+ label-two = "value-one"
+ }
+}
+
+resource "google_compute_network" "network" {
+ name = "tf-test-network%{random_suffix}"
+ auto_create_subnetworks = false
+}
+
+resource "google_compute_router" "router" {
+ name = "tf-test-router%{random_suffix}"
+ region = "%{region}"
+ network = google_compute_network.network.name
+ bgp {
+ asn = 16550
+ }
+}
+
+resource "google_compute_interconnect_attachment" "interconnect_attachment" {
+ name = "tf-test-ia%{random_suffix}"
+ edge_availability_domain = "AVAILABILITY_DOMAIN_1"
+ type = "PARTNER"
+ router = google_compute_router.router.id
+ mtu = 1500
+ region = "%{region}"
+}
+
+resource "google_network_connectivity_spoke" "primary" {
+ name = "tf-test-spoke-ia%{random_suffix}"
+ location = "%{region}"
+ description = "A sample spoke with a linked interconnect_attachment, no include_import_ranges yet"
+ labels = {
+ label-one = "value-one"
+ }
+ hub = google_network_connectivity_hub.basic_hub.id
+ linked_interconnect_attachments {
+ uris = [google_compute_interconnect_attachment.interconnect_attachment.self_link]
+ site_to_site_data_transfer = true
+ # include_import_ranges not set initially
+ }
+}
+`, context)
+}
+
+func testAccNetworkConnectivitySpoke_InterconnectAttachmentHandWrittenHandWrittenUpdate0(context map[string]interface{}) string {
+ return acctest.Nprintf(`
+
+resource "google_network_connectivity_hub" "basic_hub" {
+ name = "tf-test-hub%{random_suffix}"
+ description = "A sample hub"
+ labels = {
+ label-two = "value-one"
+ }
+}
+
+resource "google_compute_network" "network" {
+ name = "tf-test-network%{random_suffix}"
+ auto_create_subnetworks = false
+}
+
+resource "google_compute_router" "router" {
+ name = "tf-test-router%{random_suffix}"
+ region = "%{region}"
+ network = google_compute_network.network.name
+ bgp {
+ asn = 16550
+ }
+}
+
+resource "google_compute_interconnect_attachment" "interconnect_attachment" {
+ name = "tf-test-ia%{random_suffix}"
+ edge_availability_domain = "AVAILABILITY_DOMAIN_1"
+ type = "PARTNER"
+ router = google_compute_router.router.id
+ mtu = 1500
+ region = "%{region}"
+}
+
+resource "google_network_connectivity_spoke" "primary" {
+ name = "tf-test-spoke-ia%{random_suffix}"
+ location = "%{region}"
+ description = "An updated sample spoke with interconnect_attachment, now includes ALL_IPV4_RANGES"
+ labels = {
+ label-one = "value-one"
+ }
+ hub = google_network_connectivity_hub.basic_hub.id
+ linked_interconnect_attachments {
+ uris = [google_compute_interconnect_attachment.interconnect_attachment.self_link]
site_to_site_data_transfer = true
+ include_import_ranges = ["ALL_IPV4_RANGES"]
}
}
`, context)
diff --git a/website/docs/r/network_connectivity_spoke.html.markdown b/website/docs/r/network_connectivity_spoke.html.markdown
index de0d39991c..9265ce115c 100644
--- a/website/docs/r/network_connectivity_spoke.html.markdown
+++ b/website/docs/r/network_connectivity_spoke.html.markdown
@@ -506,11 +506,11 @@ The following arguments are supported:
The `instances` block supports:
* `virtual_machine` -
- (Optional)
+ (Required)
The URI of the virtual machine resource
* `ip_address` -
- (Optional)
+ (Required)
The IP address on the VM to use for peering.
The `linked_vpc_network` block supports: