From a4aa795eec0a416a2671308050b32c70df63c6b9 Mon Sep 17 00:00:00 2001
From: Brad <broswen@gmail.com>
Date: Tue, 31 Oct 2023 23:20:00 -0500
Subject: [PATCH] cloudflare_notification_policy: add incident_alert type

---
 .changelog/todo.txt                           |   3 +
 docs/resources/notification_policy.md         |   3 +-
 .../schema_cloudflare_notification_policy.go  | 176 ++++++++----------
 3 files changed, 79 insertions(+), 103 deletions(-)
 create mode 100644 .changelog/todo.txt

diff --git a/.changelog/todo.txt b/.changelog/todo.txt
new file mode 100644
index 00000000000..c7f00ecb7f2
--- /dev/null
+++ b/.changelog/todo.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/cloudflare_notification_policy: Add support for `incident_alert` type
+```
diff --git a/docs/resources/notification_policy.md b/docs/resources/notification_policy.md
index 9f8f5305104..cb5b457776d 100644
--- a/docs/resources/notification_policy.md
+++ b/docs/resources/notification_policy.md
@@ -68,7 +68,7 @@ resource "cloudflare_notification_policy" "example" {
 ### Required
 
 - `account_id` (String) The account identifier to target for the resource.
-- `alert_type` (String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`.
+- `alert_type` (String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `pages_event_alert`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`.
 - `enabled` (Boolean) The status of the notification policy.
 - `name` (String) The name of the notification policy.
 
@@ -112,6 +112,7 @@ Optional:
 - `event_type` (Set of String) Stream event type to alert on.
 - `group_by` (Set of String) Alert grouping.
 - `health_check_id` (Set of String) Identifier health check. Required when using `filters.0.status`.
+- `incident_impact` (Set of String) The incident impact level that will trigger the dispatch of a notification. Available values: `INCIDENT_IMPACT_NONE`, `INCIDENT_IMPACT_MINOR`, `INCIDENT_IMPACT_MAJOR`, `INCIDENT_IMPACT_CRITICAL`.
 - `input_id` (Set of String) Stream input id to alert on.
 - `limit` (Set of String) A numerical limit. Example: `100`.
 - `megabits_per_second` (Set of String) Megabits per second threshold for dos alert.
diff --git a/internal/sdkv2provider/schema_cloudflare_notification_policy.go b/internal/sdkv2provider/schema_cloudflare_notification_policy.go
index 47c0791d481..3dab3cdc44a 100644
--- a/internal/sdkv2provider/schema_cloudflare_notification_policy.go
+++ b/internal/sdkv2provider/schema_cloudflare_notification_policy.go
@@ -3,11 +3,71 @@ package sdkv2provider
 import (
 	"fmt"
 
-	"github.com/cloudflare/terraform-provider-cloudflare/internal/consts"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+
+	"github.com/cloudflare/terraform-provider-cloudflare/internal/consts"
 )
 
+var notificationPolicyAlertTypes = []string{
+	"advanced_http_alert_error",
+	"access_custom_certificate_expiration_type",
+	"advanced_ddos_attack_l4_alert",
+	"advanced_ddos_attack_l7_alert",
+	"bgp_hijack_notification",
+	"billing_usage_alert",
+	"block_notification_block_removed",
+	"block_notification_new_block",
+	"block_notification_review_rejected",
+	"clickhouse_alert_fw_anomaly",
+	"clickhouse_alert_fw_ent_anomaly",
+	"custom_ssl_certificate_event_type",
+	"dedicated_ssl_certificate_event_type",
+	"dos_attack_l4",
+	"dos_attack_l7",
+	"expiring_service_token_alert",
+	"failing_logpush_job_disabled_alert",
+	"fbm_auto_advertisement",
+	"fbm_dosd_attack",
+	"fbm_volumetric_attack",
+	"health_check_status_notification",
+	"hostname_aop_custom_certificate_expiration_type",
+	"http_alert_edge_error",
+	"http_alert_origin_error",
+	"incident_alert",
+	"load_balancing_health_alert",
+	"load_balancing_pool_enablement_alert",
+	"pages_event_alert",
+	"real_origin_monitoring",
+	"scriptmonitor_alert_new_code_change_detections",
+	"scriptmonitor_alert_new_hosts",
+	"scriptmonitor_alert_new_malicious_hosts",
+	"scriptmonitor_alert_new_malicious_scripts",
+	"scriptmonitor_alert_new_malicious_url",
+	"scriptmonitor_alert_new_max_length_resource_url",
+	"scriptmonitor_alert_new_resources",
+	"secondary_dns_all_primaries_failing",
+	"secondary_dns_primaries_failing",
+	"secondary_dns_zone_successfully_updated",
+	"secondary_dns_zone_validation_warning",
+	"sentinel_alert",
+	"stream_live_notifications",
+	"tunnel_health_event",
+	"tunnel_update_event",
+	"universal_ssl_event_type",
+	"web_analytics_metrics_update",
+	"weekly_account_overview",
+	"workers_alert",
+	"zone_aop_custom_certificate_expiration_type",
+}
+
+var notificationPolicyIncidentImpactLevels = []string{
+	"INCIDENT_IMPACT_NONE",
+	"INCIDENT_IMPACT_MINOR",
+	"INCIDENT_IMPACT_MAJOR",
+	"INCIDENT_IMPACT_CRITICAL",
+}
+
 func resourceCloudflareNotificationPolicySchema() map[string]*schema.Schema {
 	return map[string]*schema.Schema{
 		consts.AccountIDSchemaKey: {
@@ -31,107 +91,10 @@ func resourceCloudflareNotificationPolicySchema() map[string]*schema.Schema {
 			Description: "The status of the notification policy.",
 		},
 		"alert_type": {
-			Type:     schema.TypeString,
-			Required: true,
-			ValidateFunc: validation.StringInSlice([]string{
-				"advanced_http_alert_error",
-				"access_custom_certificate_expiration_type",
-				"advanced_ddos_attack_l4_alert",
-				"advanced_ddos_attack_l7_alert",
-				"bgp_hijack_notification",
-				"billing_usage_alert",
-				"block_notification_block_removed",
-				"block_notification_new_block",
-				"block_notification_review_rejected",
-				"clickhouse_alert_fw_anomaly",
-				"clickhouse_alert_fw_ent_anomaly",
-				"custom_ssl_certificate_event_type",
-				"dedicated_ssl_certificate_event_type",
-				"dos_attack_l4",
-				"dos_attack_l7",
-				"expiring_service_token_alert",
-				"failing_logpush_job_disabled_alert",
-				"fbm_auto_advertisement",
-				"fbm_dosd_attack",
-				"fbm_volumetric_attack",
-				"health_check_status_notification",
-				"hostname_aop_custom_certificate_expiration_type",
-				"http_alert_edge_error",
-				"http_alert_origin_error",
-				"load_balancing_health_alert",
-				"load_balancing_pool_enablement_alert",
-				"pages_event_alert",
-				"real_origin_monitoring",
-				"scriptmonitor_alert_new_code_change_detections",
-				"scriptmonitor_alert_new_hosts",
-				"scriptmonitor_alert_new_malicious_hosts",
-				"scriptmonitor_alert_new_malicious_scripts",
-				"scriptmonitor_alert_new_malicious_url",
-				"scriptmonitor_alert_new_max_length_resource_url",
-				"scriptmonitor_alert_new_resources",
-				"secondary_dns_all_primaries_failing",
-				"secondary_dns_primaries_failing",
-				"secondary_dns_zone_successfully_updated",
-				"secondary_dns_zone_validation_warning",
-				"sentinel_alert",
-				"stream_live_notifications",
-				"tunnel_health_event",
-				"tunnel_update_event",
-				"universal_ssl_event_type",
-				"web_analytics_metrics_update",
-				"weekly_account_overview",
-				"workers_alert",
-				"zone_aop_custom_certificate_expiration_type",
-			}, false),
-			Description: fmt.Sprintf("The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). %s", renderAvailableDocumentationValuesStringSlice([]string{
-				"advanced_http_alert_error",
-				"access_custom_certificate_expiration_type",
-				"advanced_ddos_attack_l4_alert",
-				"advanced_ddos_attack_l7_alert",
-				"bgp_hijack_notification",
-				"billing_usage_alert",
-				"block_notification_block_removed",
-				"block_notification_new_block",
-				"block_notification_review_rejected",
-				"clickhouse_alert_fw_anomaly",
-				"clickhouse_alert_fw_ent_anomaly",
-				"custom_ssl_certificate_event_type",
-				"dedicated_ssl_certificate_event_type",
-				"dos_attack_l4",
-				"dos_attack_l7",
-				"expiring_service_token_alert",
-				"failing_logpush_job_disabled_alert",
-				"fbm_auto_advertisement",
-				"fbm_dosd_attack",
-				"fbm_volumetric_attack",
-				"health_check_status_notification",
-				"hostname_aop_custom_certificate_expiration_type",
-				"http_alert_edge_error",
-				"http_alert_origin_error",
-				"load_balancing_health_alert",
-				"load_balancing_pool_enablement_alert",
-				"real_origin_monitoring",
-				"scriptmonitor_alert_new_code_change_detections",
-				"scriptmonitor_alert_new_hosts",
-				"scriptmonitor_alert_new_malicious_hosts",
-				"scriptmonitor_alert_new_malicious_scripts",
-				"scriptmonitor_alert_new_malicious_url",
-				"scriptmonitor_alert_new_max_length_resource_url",
-				"scriptmonitor_alert_new_resources",
-				"secondary_dns_all_primaries_failing",
-				"secondary_dns_primaries_failing",
-				"secondary_dns_zone_successfully_updated",
-				"secondary_dns_zone_validation_warning",
-				"sentinel_alert",
-				"stream_live_notifications",
-				"tunnel_health_event",
-				"tunnel_update_event",
-				"universal_ssl_event_type",
-				"web_analytics_metrics_update",
-				"weekly_account_overview",
-				"workers_alert",
-				"zone_aop_custom_certificate_expiration_type",
-			})),
+			Type:         schema.TypeString,
+			Required:     true,
+			ValidateFunc: validation.StringInSlice(notificationPolicyAlertTypes, false),
+			Description:  fmt.Sprintf("The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). %s", renderAvailableDocumentationValuesStringSlice(notificationPolicyAlertTypes)),
 		},
 		"filters": notificationPolicyFilterSchema(),
 		"created": {
@@ -395,6 +358,15 @@ func notificationPolicyFilterSchema() *schema.Schema {
 					Optional:    true,
 					Description: "Megabits per second threshold for dos alert.",
 				},
+				"incident_impact": {
+					Type: schema.TypeSet,
+					Elem: &schema.Schema{
+						Type: schema.TypeString,
+					},
+					Optional:     true,
+					ValidateFunc: validation.StringInSlice(notificationPolicyIncidentImpactLevels, false),
+					Description:  fmt.Sprintf("The incident impact level that will trigger the dispatch of a notification. %s", renderAvailableDocumentationValuesStringSlice(notificationPolicyIncidentImpactLevels)),
+				},
 			},
 		},
 	}