permit deny update and docs

ibm-vpc · Sep 6, 2024 · c52308b · c52308b
1 parent fc9fdbb
commit c52308b
Show file tree

Hide file tree

Showing 5 changed files with 192 additions and 1 deletion.
diff --git a/ibm/service/vpc/data_source_ibm_is_private_path_service_gateway.go b/ibm/service/vpc/data_source_ibm_is_private_path_service_gateway.go
@@ -359,7 +359,9 @@ func dataSourceIBMIsPrivatePathServiceGatewayRead(context context.Context, d *sc
 	if err = d.Set("resource_type", privatePathServiceGateway.ResourceType); err != nil {
 		return diag.FromErr(fmt.Errorf("Error setting resource_type: %s", err))
 	}
-
+	if err = d.Set("service_endpoints", privatePathServiceGateway.ServiceEndpoints); err != nil {
+		return diag.FromErr(fmt.Errorf("Error setting service_endpoints: %s", err))
+	}
 	vpc := []map[string]interface{}{}
 	if privatePathServiceGateway.VPC != nil {
 		modelMap, err := dataSourceIBMIsPrivatePathServiceGatewayVPCReferenceToMap(privatePathServiceGateway.VPC)

diff --git a/...e/vpc/resource_ibm_is_private_path_service_gateway_endpoint_gateway_binging_operations.go b/...e/vpc/resource_ibm_is_private_path_service_gateway_endpoint_gateway_binging_operations.go
@@ -93,6 +93,40 @@ func resourceIBMIsPrivatePathServiceGatewayEndpointGatewayBindingOperationsRead(
 }
 
 func resourceIBMIsPrivatePathServiceGatewayEndpointGatewayBindingOperationsUpdate(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	vpcClient, err := meta.(conns.ClientSession).VpcV1API()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	ppsgId := d.Get("private_path_service_gateway").(string)
+	egwbindingId := d.Get("endpoint_gateway_binding").(string)
+	if d.HasChange("access_policy") {
+		_, newAccessPolicy := d.GetChange("access_policy")
+		accessPolicy := newAccessPolicy.(string)
+		if accessPolicy == AccessPolicyEnumPermit {
+			permitPrivatePathServiceGatewayEndpointGatewayBindingOptions := &vpcv1.PermitPrivatePathServiceGatewayEndpointGatewayBindingOptions{}
+
+			permitPrivatePathServiceGatewayEndpointGatewayBindingOptions.SetPrivatePathServiceGatewayID(ppsgId)
+			permitPrivatePathServiceGatewayEndpointGatewayBindingOptions.SetID(egwbindingId)
+
+			response, err := vpcClient.PermitPrivatePathServiceGatewayEndpointGatewayBindingWithContext(context, permitPrivatePathServiceGatewayEndpointGatewayBindingOptions)
+			if err != nil {
+				log.Printf("[DEBUG] PermitPrivatePathServiceGatewayEndpointGatewayBindingWithContext failed %s\n%s", err, response)
+				return diag.FromErr(fmt.Errorf("PermitPrivatePathServiceGatewayEndpointGatewayBindingWithContext failed %s\n%s", err, response))
+			}
+		} else {
+			denyPrivatePathServiceGatewayEndpointGatewayBindingOptions := &vpcv1.DenyPrivatePathServiceGatewayEndpointGatewayBindingOptions{}
+
+			denyPrivatePathServiceGatewayEndpointGatewayBindingOptions.SetPrivatePathServiceGatewayID(ppsgId)
+			denyPrivatePathServiceGatewayEndpointGatewayBindingOptions.SetID(egwbindingId)
+
+			response, err := vpcClient.DenyPrivatePathServiceGatewayEndpointGatewayBindingWithContext(context, denyPrivatePathServiceGatewayEndpointGatewayBindingOptions)
+			if err != nil {
+				log.Printf("[DEBUG] DenyPrivatePathServiceGatewayEndpointGatewayBindingWithContext failed %s\n%s", err, response)
+				return diag.FromErr(fmt.Errorf("DenyPrivatePathServiceGatewayEndpointGatewayBindingWithContext failed %s\n%s", err, response))
+			}
+		}
+
+	}
 
 	return resourceIBMIsPrivatePathServiceGatewayEndpointGatewayBindingOperationsRead(context, d, meta)
 }

diff --git a/..._private_path_service_gateway_endpoint_gateway_binding_operations.html.markdown b/..._private_path_service_gateway_endpoint_gateway_binding_operations.html.markdown
@@ -0,0 +1,53 @@
+---
+layout: "ibm"
+page_title: "IBM : ibm_is_private_path_service_gateway_endpoint_gateway_binding_operations"
+description: |-
+  Manages PrivatePathServiceGateway endpoint gateway bindings.
+subcategory: "VPC infrastructure"
+---
+
+# ibm_is_private_path_service_gateway_endpoint_gateway_binding_operations
+
+Provides a resource for ibm_is_private_path_service_gateway_endpoint_gateway_binding_operations. This allows permitting or denying endpoint gateway bindings.
+
+## Example Usage. Permit all the pending endpoint gateway bindings
+
+```hcl
+resource "ibm_is_private_path_service_gateway" "example" {
+  default_access_policy = "review"
+  name = "my-example-ppsg"
+  load_balancer = ibm_is_lb.testacc_LB.id
+  zonal_affinity = true
+  service_endpoints = ["myexamplefqdn"]
+}
+data "ibm_is_private_path_service_gateway_endpoint_gateway_bindings" "bindings" {
+    account = "7f75c7b025e54bc5635f754b2f888665"
+    status = "pending"
+    private_path_service_gateway = ibm_is_private_path_service_gateway.ppsg.id
+}
+resource "ibm_is_private_path_service_gateway_endpoint_gateway_binding_operations" "policy" {
+  count = length(data.ibm_is_private_path_service_gateway_endpoint_gateway_bindings.bindings.endpoint_gateway_bindings)
+  access_policy = "permit"
+  endpoint_gateway_binding = data.ibm_is_private_path_service_gateway_endpoint_gateway_bindings.bindings.endpoint_gateway_bindings[count.index].id
+  private_path_service_gateway = ibm_is_private_path_service_gateway.ppsg.id
+}
+```
+
+## Argument Reference
+
+Review the argument reference that you can specify for your resource.
+
+- `access_policy` - (Required, String) The access policy for the endpoint gateway binding:- permit: access will be permitted- deny:  access will be denied. Allowable values are: `deny`, `permit`. 
+- `private_path_service_gateway` - (Required, Forces new resource, String) The private path service gateway 
+identifier.
+- `endpoint_gateway_binding` - (Required, Forces new resource, String) ID of the endpoint gateway binding
+
+## Attribute Reference
+
+In addition to all argument references listed, you can access the following attribute references after your resource is created.
+
+- `access_policy` - (String) The access policy for the endpoint gateway binding:- permit: access will be permitted- deny:  access will be denied. Allowable values are: `deny`, `permit`. 
+- `private_path_service_gateway` - (String) The private path service gateway 
+identifier.
+- `endpoint_gateway_binding` - (String) ID of the endpoint gateway binding
+
diff --git a/website/docs/r/is_private_path_service_gateway_operations.html.markdown b/website/docs/r/is_private_path_service_gateway_operations.html.markdown
@@ -0,0 +1,59 @@
+---
+layout: "ibm"
+page_title: "IBM : ibm_is_private_path_service_gateway_operations"
+description: |-
+  Manages PrivatePathServiceGateway publish and unpublish.
+subcategory: "VPC infrastructure"
+---
+
+# ibm_is_private_path_service_gateway_operations
+
+Provides a resource for ibm_is_private_path_service_gateway_operations. This allows publishing or unpublishing the PPSG.
+
+## Example Usage. Publish a PPSG.
+
+```hcl
+resource "ibm_is_private_path_service_gateway" "example" {
+  default_access_policy = "review"
+  name = "my-example-ppsg"
+  load_balancer = ibm_is_lb.testacc_LB.id
+  zonal_affinity = true
+  service_endpoints = ["myexamplefqdn"]
+}
+resource "ibm_is_private_path_service_gateway_operations" "publish" {
+  published = true
+  private_path_service_gateway = ibm_is_private_path_service_gateway.ppsg.id
+}
+```
+## Example Usage. Unpublish a PPSG.
+
+```hcl
+resource "ibm_is_private_path_service_gateway" "example" {
+  default_access_policy = "review"
+  name = "my-example-ppsg"
+  load_balancer = ibm_is_lb.testacc_LB.id
+  zonal_affinity = true
+  service_endpoints = ["myexamplefqdn"]
+}
+resource "ibm_is_private_path_service_gateway_operations" "publish" {
+  published = false
+  private_path_service_gateway = ibm_is_private_path_service_gateway.ppsg.id
+}
+```
+
+## Argument Reference
+
+Review the argument reference that you can specify for your resource.
+
+- `published` - (Required, Boolean) Boolean to specify whether to publish or unpublish the PPSG.
+- `private_path_service_gateway` - (Required, Forces new resource, String) The private path service gateway 
+identifier.
+
+## Attribute Reference
+
+In addition to all argument references listed, you can access the following attribute references after your resource is created.
+
+- `published` - (Boolean) Boolean to specify whether to publish or unpublish the PPSG.
+- `private_path_service_gateway` - (String) The private path service gateway 
+identifier.
+
diff --git a/website/docs/r/is_private_path_service_gateway_revoke_account.html.markdown b/website/docs/r/is_private_path_service_gateway_revoke_account.html.markdown
@@ -0,0 +1,43 @@
+---
+layout: "ibm"
+page_title: "IBM : ibm_is_private_path_service_gateway_revoke_account"
+description: |-
+  Manages PrivatePathServiceGateway revoke account.
+subcategory: "VPC infrastructure"
+---
+
+# ibm_is_private_path_service_gateway_operations
+
+Provides a resource for ibm_is_private_path_service_gateway_revoke_account. This revokes the access to provided account.
+
+## Example Usage.
+```hcl
+resource "ibm_is_private_path_service_gateway" "example" {
+  default_access_policy = "review"
+  name = "my-example-ppsg"
+  load_balancer = ibm_is_lb.testacc_LB.id
+  zonal_affinity = true
+  service_endpoints = ["myexamplefqdn"]
+}
+ resource "ibm_is_private_path_service_gateway_revoke_account" "example" {
+  account = "7f75c7b025e54bc5635f754b2f888665"
+  private_path_service_gateway = ibm_is_private_path_service_gateway.example.id
+}
+```
+
+## Argument Reference
+
+Review the argument reference that you can specify for your resource.
+
+- `account` - (Required, String) Account ID to revoke.
+- `private_path_service_gateway` - (Required, Forces new resource, String) The private path service gateway 
+identifier.
+
+## Attribute Reference
+
+In addition to all argument references listed, you can access the following attribute references after your resource is created.
+
+- `account` - (Required, String) Account ID to revoke.
+- `private_path_service_gateway` - (String) The private path service gateway 
+identifier.
+