diff --git a/.changelog/12571.txt b/.changelog/12571.txt new file mode 100644 index 00000000000..e12ded91778 --- /dev/null +++ b/.changelog/12571.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +compute: add back the validation for `target_service` field on the `google_compute_service_attachment` resource to validade a `ForwardingRule` or `Gateway` URL. +``` \ No newline at end of file diff --git a/google/services/compute/resource_compute_service_attachment.go b/google/services/compute/resource_compute_service_attachment.go index 867defae0a1..fa9eefcb0b7 100644 --- a/google/services/compute/resource_compute_service_attachment.go +++ b/google/services/compute/resource_compute_service_attachment.go @@ -23,6 +23,7 @@ import ( "log" "net/http" "reflect" + "strings" "time" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff" @@ -887,6 +888,18 @@ func expandComputeServiceAttachmentConnectionPreference(v interface{}, d tpgreso } func expandComputeServiceAttachmentTargetService(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { + resource := strings.Split(v.(string), "/") + resourceKind := resource[len(resource)-2] + resourceBound := resource[len(resource)-4] + if len(resource) < 4 { + return nil, fmt.Errorf("invalid value for target_service") + } + + _, err := tpgresource.ParseRegionalFieldValue(resourceKind, v.(string), "project", resourceBound, "zone", d, config, true) + if err != nil { + return nil, fmt.Errorf("invalid value for target_service: %w", err) + } + return v, nil } diff --git a/google/services/compute/resource_compute_service_attachment_test.go b/google/services/compute/resource_compute_service_attachment_test.go index a189d16a7ce..72bb05e4e07 100644 --- a/google/services/compute/resource_compute_service_attachment_test.go +++ b/google/services/compute/resource_compute_service_attachment_test.go @@ -416,7 +416,7 @@ resource "google_compute_service_attachment" "default" { enable_proxy_protocol = false connection_preference = "ACCEPT_AUTOMATIC" nat_subnets = [google_compute_subnetwork.psc.id] - target_service = google_network_services_gateway.foobar.self_link + target_service = google_network_services_gateway.default.self_link } resource "google_certificate_manager_certificate" "default" { @@ -475,14 +475,14 @@ resource "google_network_security_gateway_security_policy_rule" "default" { basic_profile = "ALLOW" } -resource "google_network_services_gateway" "foobar" { +resource "google_network_services_gateway" "default" { name = "tf-test-sa-swp-%{random_suffix}" location = "us-east1" addresses = ["10.128.0.99"] type = "SECURE_WEB_GATEWAY" ports = [443] description = "my description" - scope = "%s" + scope = "serviceAttachment" certificate_urls = [google_certificate_manager_certificate.default.id] gateway_security_policy = google_network_security_gateway_security_policy.default.id network = google_compute_network.default.id