├── .ci ├── cloudbuild-tests-go-licenses.yaml ├── cloudbuild-tests-integration.yaml └── cloudbuild-tests-unit.yaml ├── .github ├── CODEOWNERS └── ISSUE_TEMPLATE │ ├── bug.md │ └── enhancement.md ├── .gitignore ├── CONTRIBUTING.md ├── LICENSE ├── Makefile ├── README.md ├── cai2hcl ├── common │ ├── converter.go │ ├── hcl_write.go │ ├── utils.go │ └── utils_test.go ├── convert.go ├── convert_test.go ├── converter_map.go ├── services │ ├── compute │ │ ├── compute_backend_service.go │ │ ├── compute_backend_service_test.go │ │ ├── compute_forwarding_rule.go │ │ ├── compute_forwarding_rule_test.go │ │ ├── compute_instance.go │ │ ├── compute_instance_test.go │ │ ├── compute_region_backend_service.go │ │ ├── compute_region_backend_service_test.go │ │ ├── compute_region_health_check.go │ │ ├── compute_region_health_check_test.go │ │ └── testdata │ │ │ ├── compute_backend_service.json │ │ │ ├── compute_backend_service.tf │ │ │ ├── compute_forwarding_rule.json │ │ │ ├── compute_forwarding_rule.tf │ │ │ ├── compute_instance_iam.json │ │ │ ├── compute_instance_iam.tf │ │ │ ├── compute_region_backend_service.json │ │ │ ├── compute_region_backend_service.tf │ │ │ ├── compute_region_health_check.json │ │ │ ├── compute_region_health_check.tf │ │ │ ├── full_compute_instance.json │ │ │ └── full_compute_instance.tf │ └── resourcemanager │ │ ├── project.go │ │ ├── project_test.go │ │ └── testdata │ │ ├── project_create.json │ │ ├── project_create.tf │ │ ├── project_iam.json │ │ └── project_iam.tf └── testing │ └── assert_test_files.go ├── caiasset └── asset.go ├── cmd ├── tfplan2cai │ ├── convert.go │ ├── convert_test.go │ ├── list_supported_resources.go │ ├── logger.go │ ├── logger_test.go │ ├── main.go │ └── root.go └── tgc │ ├── cai2hcl │ ├── cai2hcl.go │ ├── convert.go │ └── convert_test.go │ ├── common │ ├── logger.go │ ├── logger_test.go │ └── root_options.go │ ├── main.go │ ├── root.go │ └── tfplan2cai │ ├── convert.go │ ├── convert_test.go │ └── tfplan2cai.go ├── config-tf-dev-override.sh ├── docs ├── contributing │ ├── add_new_resource.md │ └── index.md └── supported_resources.md ├── go.mod ├── go.sum ├── pkg ├── cai2hcl │ ├── convert.go │ ├── converters │ │ ├── convert_resource.go │ │ ├── resource_converters.go │ │ ├── services │ │ │ ├── compute │ │ │ │ ├── compute_instance.go │ │ │ │ ├── compute_instance_helpers.go │ │ │ │ └── compute_instance_helpers_tgc.go │ │ │ └── resourcemanager │ │ │ │ └── project.go │ │ └── utils │ │ │ ├── utils.go │ │ │ └── utils_test.go │ └── models │ │ ├── converter.go │ │ └── hcl_block.go ├── caiasset │ └── asset.go ├── provider │ ├── mtls_util.go │ ├── provider.go │ ├── provider_mmv1_resources.go │ └── provider_validators.go ├── tfplan2cai │ ├── ancestrymanager │ │ ├── ancestrymanager.go │ │ └── ancestryutil.go │ ├── convert.go │ ├── converters │ │ ├── cai │ │ │ ├── cai.go │ │ │ ├── constants.go │ │ │ ├── json_map.go │ │ │ └── resource_converter.go │ │ ├── convert_resource.go │ │ ├── resource_converters.go │ │ └── services │ │ │ ├── compute │ │ │ ├── compute_address.go │ │ │ ├── compute_instance.go │ │ │ ├── compute_instance_helpers.go │ │ │ ├── disk_type.go │ │ │ ├── image.go │ │ │ └── metadata.go │ │ │ └── resourcemanager │ │ │ └── project.go │ ├── models │ │ ├── fake_resource_data.go │ │ ├── fake_resource_data_with_meta.go │ │ └── fake_resource_data_with_meta_test.go │ ├── resolvers │ │ └── default_pre_resolver.go │ ├── tfplan │ │ ├── json_plan.go │ │ └── json_plan_test.go │ └── transport │ │ └── getconfig.go ├── tpgresource │ ├── common_diff_suppress.go │ ├── field_helpers.go │ ├── hashcode.go │ ├── regional_utils.go │ ├── self_link_helpers.go │ ├── service_scope.go │ └── utils.go ├── transport │ ├── batcher.go │ ├── bigtable_client_factory.go │ ├── config.go │ ├── error_retry_predicates.go │ ├── header_transport.go │ ├── provider_handwritten_endpoint.go │ ├── retry_transport.go │ ├── retry_utils.go │ └── transport.go ├── verify │ ├── path_or_contents.go │ └── validation.go └── version │ └── version.go ├── release.sh ├── test ├── assert_test_files.go ├── setup.go └── utils.go └── tfplan2cai ├── ancestrymanager ├── ancestrymanager.go ├── ancestrymanager_test.go ├── ancestryutil.go └── ancestryutil_test.go ├── converters └── google │ ├── convert.go │ ├── convert_test.go │ └── resources │ ├── cai.go │ ├── cai │ ├── cai.go │ ├── cai_test.go │ ├── constants.go │ ├── iam_helpers.go │ ├── iam_helpers_test.go │ ├── json_map.go │ └── string_helpers.go │ ├── constants.go │ ├── getconfig.go │ ├── getconfig_test.go │ ├── resource_converters.go │ └── services │ ├── accessapproval │ ├── accessapproval_folder_settings.go │ ├── accessapproval_organization_settings.go │ └── accessapproval_project_settings.go │ ├── accesscontextmanager │ ├── accesscontextmanager_access_level.go │ ├── accesscontextmanager_access_levels.go │ ├── accesscontextmanager_access_policy.go │ ├── accesscontextmanager_access_policy_iam.go │ ├── accesscontextmanager_authorized_orgs_desc.go │ ├── accesscontextmanager_service_perimeter.go │ ├── accesscontextmanager_service_perimeters.go │ └── iam_accesscontextmanager_access_policy.go │ ├── activedirectory │ ├── activedirectory_domain.go │ ├── activedirectory_domain_trust.go │ └── activedirectory_peering.go │ ├── alloydb │ ├── alloydb_backup.go │ ├── alloydb_cluster.go │ ├── alloydb_instance.go │ └── alloydb_user.go │ ├── apigateway │ ├── apigateway_api.go │ ├── apigateway_api_config.go │ ├── apigateway_api_config_iam.go │ ├── apigateway_api_iam.go │ ├── apigateway_gateway.go │ ├── apigateway_gateway_iam.go │ ├── iam_apigateway_api.go │ ├── iam_apigateway_api_config.go │ └── iam_apigateway_gateway.go │ ├── apigee │ ├── apigee_addons_config.go │ ├── apigee_app_group.go │ ├── apigee_control_plane_access.go │ ├── apigee_developer.go │ ├── apigee_dns_zone.go │ ├── apigee_endpoint_attachment.go │ ├── apigee_env_keystore.go │ ├── apigee_env_references.go │ ├── apigee_envgroup.go │ ├── apigee_envgroup_attachment.go │ ├── apigee_environment.go │ ├── apigee_environment_addons_config.go │ ├── apigee_environment_iam.go │ ├── apigee_environment_keyvaluemaps.go │ ├── apigee_environment_keyvaluemaps_entries.go │ ├── apigee_instance.go │ ├── apigee_instance_attachment.go │ ├── apigee_keystores_aliases_self_signed_cert.go │ ├── apigee_nat_address.go │ ├── apigee_organization.go │ ├── apigee_security_monitoring_condition.go │ ├── apigee_security_profile_v2.go │ ├── apigee_sync_authorization.go │ ├── apigee_target_server.go │ └── iam_apigee_environment.go │ ├── apihub │ ├── apihub_api_hub_instance.go │ ├── apihub_curation.go │ └── apihub_host_project_registration.go │ ├── apikeys │ └── apikeys_key.go │ ├── appengine │ ├── appengine_application.go │ ├── appengine_application_url_dispatch_rules.go │ ├── appengine_domain_mapping.go │ ├── appengine_firewall_rule.go │ ├── appengine_flexible_app_version.go │ ├── appengine_service_network_settings.go │ ├── appengine_service_split_traffic.go │ ├── appengine_standard_app_version.go │ └── appengine_standard_version.go │ ├── apphub │ ├── apphub_application.go │ ├── apphub_service.go │ ├── apphub_service_project_attachment.go │ └── apphub_workload.go │ ├── artifactregistry │ ├── artifactregistry_repository.go │ ├── artifactregistry_repository_iam.go │ ├── artifactregistry_vpcsc_config.go │ └── iam_artifactregistry_repository.go │ ├── backupdr │ ├── backupdr_backup_plan.go │ ├── backupdr_backup_plan_association.go │ ├── backupdr_backup_vault.go │ └── backupdr_management_server.go │ ├── beyondcorp │ ├── beyondcorp_app_connection.go │ ├── beyondcorp_app_connector.go │ ├── beyondcorp_app_gateway.go │ ├── beyondcorp_application.go │ ├── beyondcorp_application_iam.go │ ├── beyondcorp_security_gateway.go │ ├── beyondcorp_security_gateway_application.go │ ├── beyondcorp_security_gateway_application_iam.go │ ├── beyondcorp_security_gateway_iam.go │ ├── iam_beyondcorp_application.go │ ├── iam_beyondcorp_security_gateway.go │ └── iam_beyondcorp_security_gateway_application.go │ ├── biglake │ ├── biglake_catalog.go │ ├── biglake_database.go │ └── biglake_table.go │ ├── bigquery │ ├── bigquery_dataset.go │ ├── bigquery_dataset_iam.go │ ├── bigquery_job.go │ ├── bigquery_routine.go │ ├── bigquery_row_access_policy.go │ ├── bigquery_table.go │ ├── bigquery_table_iam.go │ ├── iam_bigquery_dataset.go │ └── iam_bigquery_table.go │ ├── bigqueryanalyticshub │ ├── bigqueryanalyticshub_data_exchange.go │ ├── bigqueryanalyticshub_data_exchange_iam.go │ ├── bigqueryanalyticshub_listing.go │ ├── bigqueryanalyticshub_listing_iam.go │ ├── bigqueryanalyticshub_listing_subscription.go │ ├── iam_bigqueryanalyticshub_data_exchange.go │ └── iam_bigqueryanalyticshub_listing.go │ ├── bigqueryconnection │ ├── bigqueryconnection_connection.go │ ├── bigqueryconnection_connection_iam.go │ └── iam_bigqueryconnection_connection.go │ ├── bigquerydatapolicy │ ├── bigquerydatapolicy_data_policy.go │ ├── bigquerydatapolicy_data_policy_iam.go │ └── iam_bigquerydatapolicy_data_policy.go │ ├── bigquerydatatransfer │ └── bigquerydatatransfer_config.go │ ├── bigqueryreservation │ ├── bigqueryreservation_bi_reservation.go │ ├── bigqueryreservation_capacity_commitment.go │ ├── bigqueryreservation_reservation.go │ └── bigqueryreservation_reservation_assignment.go │ ├── bigtable │ ├── bigtable_app_profile.go │ ├── bigtable_cluster.go │ ├── bigtable_instance.go │ ├── bigtable_logical_view.go │ └── bigtable_materialized_view.go │ ├── billing │ └── billing_budget.go │ ├── binaryauthorization │ ├── binaryauthorization_attestor.go │ ├── binaryauthorization_attestor_iam.go │ ├── binaryauthorization_policy.go │ └── iam_binaryauthorization_attestor.go │ ├── blockchainnodeengine │ └── blockchainnodeengine_blockchain_nodes.go │ ├── certificatemanager │ ├── certificatemanager_certificate.go │ ├── certificatemanager_certificate_issuance_config.go │ ├── certificatemanager_certificate_map.go │ ├── certificatemanager_certificate_map_entry.go │ ├── certificatemanager_dns_authorization.go │ └── certificatemanager_trust_config.go │ ├── chronicle │ ├── chronicle_data_access_label.go │ ├── chronicle_data_access_scope.go │ ├── chronicle_reference_list.go │ ├── chronicle_retrohunt.go │ ├── chronicle_rule.go │ ├── chronicle_rule_deployment.go │ └── chronicle_watchlist.go │ ├── cloudasset │ ├── cloudasset_folder_feed.go │ ├── cloudasset_organization_feed.go │ └── cloudasset_project_feed.go │ ├── cloudbuild │ ├── cloudbuild_bitbucket_server_config.go │ └── cloudbuild_trigger.go │ ├── clouddeploy │ ├── clouddeploy_automation.go │ ├── clouddeploy_custom_target_type.go │ ├── clouddeploy_custom_target_type_iam.go │ ├── clouddeploy_delivery_pipeline_iam.go │ ├── clouddeploy_deploy_policy.go │ ├── clouddeploy_target_iam.go │ ├── iam_clouddeploy_custom_target_type.go │ ├── iam_clouddeploy_delivery_pipeline.go │ └── iam_clouddeploy_target.go │ ├── clouddomains │ └── clouddomains_registration.go │ ├── cloudfunctions │ ├── cloudfunctions_cloud_function.go │ ├── cloudfunctions_cloud_function_iam.go │ ├── cloudfunctions_function.go │ └── iam_cloudfunctions_cloud_function.go │ ├── cloudfunctions2 │ ├── cloudfunctions2_function.go │ ├── cloudfunctions2_function_iam.go │ └── iam_cloudfunctions2_function.go │ ├── cloudidentity │ ├── cloudidentity_group.go │ └── cloudidentity_group_membership.go │ ├── cloudids │ └── cloudids_endpoint.go │ ├── cloudquotas │ ├── cloudquotas_quota_adjuster_settings.go │ └── cloudquotas_quota_preference.go │ ├── cloudrun │ ├── cloudrun_domain_mapping.go │ ├── cloudrun_service.go │ ├── cloudrun_service_iam.go │ └── iam_cloudrun_service.go │ ├── cloudrunv2 │ ├── cloudrunv2_job.go │ ├── cloudrunv2_job_iam.go │ ├── cloudrunv2_service.go │ ├── cloudrunv2_service_iam.go │ ├── cloudrunv2_worker_pool.go │ ├── cloudrunv2_worker_pool_iam.go │ ├── iam_cloudrunv2_job.go │ ├── iam_cloudrunv2_service.go │ └── iam_cloudrunv2_worker_pool.go │ ├── cloudscheduler │ └── cloudscheduler_job.go │ ├── cloudtasks │ ├── cloudtasks_queue.go │ ├── cloudtasks_queue_iam.go │ └── iam_cloudtasks_queue.go │ ├── colab │ ├── colab_notebook_execution.go │ ├── colab_runtime.go │ ├── colab_runtime_template.go │ ├── colab_runtime_template_iam.go │ ├── colab_schedule.go │ └── iam_colab_runtime_template.go │ ├── composer │ ├── composer_environment.go │ └── composer_user_workloads_config_map.go │ ├── compute │ ├── commitment.go │ ├── compute_address.go │ ├── compute_autoscaler.go │ ├── compute_backend_bucket.go │ ├── compute_backend_bucket_iam.go │ ├── compute_backend_service.go │ ├── compute_backend_service_iam.go │ ├── compute_cross_site_network.go │ ├── compute_disk.go │ ├── compute_disk_iam.go │ ├── compute_disk_resource_policy_attachment.go │ ├── compute_external_vpn_gateway.go │ ├── compute_firewall.go │ ├── compute_firewall_policy.go │ ├── compute_firewall_policy_association.go │ ├── compute_firewall_policy_rule.go │ ├── compute_firewall_policy_with_rules.go │ ├── compute_forwarding_rule.go │ ├── compute_future_reservation.go │ ├── compute_global_address.go │ ├── compute_global_forwarding_rule.go │ ├── compute_global_network_endpoint_group.go │ ├── compute_ha_vpn_gateway.go │ ├── compute_health_check.go │ ├── compute_http_health_check.go │ ├── compute_https_health_check.go │ ├── compute_image.go │ ├── compute_image_iam.go │ ├── compute_instance.go │ ├── compute_instance_group.go │ ├── compute_instance_group_named_port.go │ ├── compute_instance_helpers.go │ ├── compute_instance_iam.go │ ├── compute_instance_settings.go │ ├── compute_instance_template_iam.go │ ├── compute_instant_snapshot.go │ ├── compute_instant_snapshot_iam.go │ ├── compute_interconnect.go │ ├── compute_interconnect_attachment.go │ ├── compute_interconnect_attachment_group.go │ ├── compute_interconnect_group.go │ ├── compute_machine_image.go │ ├── compute_machine_image_iam.go │ ├── compute_managed_ssl_certificate.go │ ├── compute_network.go │ ├── compute_network_attachment.go │ ├── compute_network_edge_security_service.go │ ├── compute_network_endpoint_group.go │ ├── compute_network_firewall_policy.go │ ├── compute_network_firewall_policy_association.go │ ├── compute_network_firewall_policy_packet_mirroring_rule.go │ ├── compute_network_firewall_policy_rule.go │ ├── compute_network_firewall_policy_with_rules.go │ ├── compute_network_peering_routes_config.go │ ├── compute_node_group.go │ ├── compute_node_template.go │ ├── compute_organization_security_policy.go │ ├── compute_organization_security_policy_association.go │ ├── compute_organization_security_policy_rule.go │ ├── compute_packet_mirroring.go │ ├── compute_project_cloud_armor_tier.go │ ├── compute_public_advertised_prefix.go │ ├── compute_public_delegated_prefix.go │ ├── compute_region_autoscaler.go │ ├── compute_region_backend_service.go │ ├── compute_region_backend_service_iam.go │ ├── compute_region_commitment.go │ ├── compute_region_disk.go │ ├── compute_region_disk_iam.go │ ├── compute_region_disk_resource_policy_attachment.go │ ├── compute_region_health_check.go │ ├── compute_region_network_endpoint_group.go │ ├── compute_region_network_firewall_policy.go │ ├── compute_region_network_firewall_policy_association.go │ ├── compute_region_network_firewall_policy_rule.go │ ├── compute_region_network_firewall_policy_with_rules.go │ ├── compute_region_resize_request.go │ ├── compute_region_security_policy.go │ ├── compute_region_security_policy_rule.go │ ├── compute_region_ssl_certificate.go │ ├── compute_region_ssl_policy.go │ ├── compute_region_target_http_proxy.go │ ├── compute_region_target_https_proxy.go │ ├── compute_region_target_tcp_proxy.go │ ├── compute_region_url_map.go │ ├── compute_reservation.go │ ├── compute_resize_request.go │ ├── compute_resource_policy.go │ ├── compute_resource_policy_attachment.go │ ├── compute_route.go │ ├── compute_router.go │ ├── compute_router_route_policy.go │ ├── compute_security_policy.go │ ├── compute_security_policy_rule.go │ ├── compute_service_attachment.go │ ├── compute_snapshot.go │ ├── compute_snapshot_iam.go │ ├── compute_snapshot_settings.go │ ├── compute_ssl_certificate.go │ ├── compute_ssl_policy.go │ ├── compute_storage_pool.go │ ├── compute_storage_pool_iam.go │ ├── compute_subnetwork.go │ ├── compute_subnetwork_iam.go │ ├── compute_target_grpc_proxy.go │ ├── compute_target_http_proxy.go │ ├── compute_target_https_proxy.go │ ├── compute_target_instance.go │ ├── compute_target_pool.go │ ├── compute_target_ssl_proxy.go │ ├── compute_target_tcp_proxy.go │ ├── compute_url_map.go │ ├── compute_vpn_gateway.go │ ├── compute_vpn_tunnel.go │ ├── disk_type.go │ ├── iam_compute_backend_bucket.go │ ├── iam_compute_backend_service.go │ ├── iam_compute_disk.go │ ├── iam_compute_image.go │ ├── iam_compute_instance.go │ ├── iam_compute_instance_template.go │ ├── iam_compute_instant_snapshot.go │ ├── iam_compute_machine_image.go │ ├── iam_compute_region_backend_service.go │ ├── iam_compute_region_disk.go │ ├── iam_compute_snapshot.go │ ├── iam_compute_storage_pool.go │ ├── iam_compute_subnetwork.go │ ├── image.go │ └── metadata.go │ ├── container │ └── container.go │ ├── containeranalysis │ ├── containeranalysis_note.go │ ├── containeranalysis_note_iam.go │ ├── containeranalysis_occurrence.go │ └── iam_containeranalysis_note.go │ ├── containerattached │ └── containerattached_cluster.go │ ├── corebilling │ └── corebilling_project_info.go │ ├── databasemigrationservice │ ├── databasemigrationservice_connection_profile.go │ ├── databasemigrationservice_migration_job.go │ └── databasemigrationservice_private_connection.go │ ├── datacatalog │ ├── datacatalog_entry.go │ ├── datacatalog_entry_group.go │ ├── datacatalog_entry_group_iam.go │ ├── datacatalog_policy_tag.go │ ├── datacatalog_policy_tag_iam.go │ ├── datacatalog_tag.go │ ├── datacatalog_tag_template.go │ ├── datacatalog_tag_template_iam.go │ ├── datacatalog_taxonomy.go │ ├── datacatalog_taxonomy_iam.go │ ├── iam_datacatalog_entry_group.go │ ├── iam_datacatalog_policy_tag.go │ ├── iam_datacatalog_tag_template.go │ └── iam_datacatalog_taxonomy.go │ ├── dataflow │ └── job.go │ ├── dataform │ ├── dataform_repository.go │ ├── dataform_repository_iam.go │ ├── dataform_repository_release_config.go │ ├── dataform_repository_workflow_config.go │ └── iam_dataform_repository.go │ ├── datafusion │ ├── datafusion_instance.go │ ├── datafusion_instance_iam.go │ └── iam_datafusion_instance.go │ ├── datalossprevention │ ├── datalossprevention_deidentify_template.go │ ├── datalossprevention_discovery_config.go │ ├── datalossprevention_inspect_template.go │ ├── datalossprevention_job_trigger.go │ └── datalossprevention_stored_info_type.go │ ├── datapipeline │ └── datapipeline_pipeline.go │ ├── dataplex │ ├── dataplex_aspect_type.go │ ├── dataplex_aspect_type_iam.go │ ├── dataplex_asset_iam.go │ ├── dataplex_datascan.go │ ├── dataplex_datascan_iam.go │ ├── dataplex_entry.go │ ├── dataplex_entry_group.go │ ├── dataplex_entry_group_iam.go │ ├── dataplex_entry_type.go │ ├── dataplex_entry_type_iam.go │ ├── dataplex_glossary.go │ ├── dataplex_glossary_category.go │ ├── dataplex_glossary_iam.go │ ├── dataplex_glossary_term.go │ ├── dataplex_lake_iam.go │ ├── dataplex_task.go │ ├── dataplex_task_iam.go │ ├── dataplex_zone_iam.go │ ├── iam_dataplex_aspect_type.go │ ├── iam_dataplex_asset.go │ ├── iam_dataplex_datascan.go │ ├── iam_dataplex_entry_group.go │ ├── iam_dataplex_entry_type.go │ ├── iam_dataplex_glossary.go │ ├── iam_dataplex_lake.go │ ├── iam_dataplex_task.go │ └── iam_dataplex_zone.go │ ├── dataproc │ ├── dataproc_autoscaling_policy.go │ ├── dataproc_autoscaling_policy_iam.go │ ├── dataproc_batch.go │ ├── dataproc_cluster.go │ └── iam_dataproc_autoscaling_policy.go │ ├── dataprocgdc │ ├── dataprocgdc_application_environment.go │ ├── dataprocgdc_service_instance.go │ └── dataprocgdc_spark_application.go │ ├── dataprocmetastore │ ├── dataprocmetastore_database_iam.go │ ├── dataprocmetastore_federation.go │ ├── dataprocmetastore_federation_iam.go │ ├── dataprocmetastore_service.go │ ├── dataprocmetastore_service_iam.go │ ├── dataprocmetastore_table_iam.go │ ├── iam_dataprocmetastore_database.go │ ├── iam_dataprocmetastore_federation.go │ ├── iam_dataprocmetastore_service.go │ └── iam_dataprocmetastore_table.go │ ├── datastream │ ├── datastream_connection_profile.go │ ├── datastream_private_connection.go │ └── datastream_stream.go │ ├── deploymentmanager │ └── deploymentmanager_deployment.go │ ├── developerconnect │ ├── developerconnect_account_connector.go │ ├── developerconnect_connection.go │ └── developerconnect_git_repository_link.go │ ├── dialogflow │ ├── dialogflow_agent.go │ ├── dialogflow_entity_type.go │ ├── dialogflow_fulfillment.go │ └── dialogflow_intent.go │ ├── dialogflowcx │ ├── dialogflowcx_agent.go │ ├── dialogflowcx_entity_type.go │ ├── dialogflowcx_environment.go │ ├── dialogflowcx_flow.go │ ├── dialogflowcx_intent.go │ ├── dialogflowcx_page.go │ ├── dialogflowcx_security_settings.go │ ├── dialogflowcx_test_case.go │ ├── dialogflowcx_version.go │ └── dialogflowcx_webhook.go │ ├── discoveryengine │ ├── discoveryengine_chat_engine.go │ ├── discoveryengine_data_store.go │ ├── discoveryengine_schema.go │ ├── discoveryengine_search_engine.go │ ├── discoveryengine_sitemap.go │ └── discoveryengine_target_site.go │ ├── dns │ ├── dns_managed_zone.go │ ├── dns_managed_zone_iam.go │ ├── dns_policy.go │ ├── dns_response_policy.go │ ├── dns_response_policy_rule.go │ └── iam_dns_managed_zone.go │ ├── documentai │ ├── documentai_processor.go │ └── documentai_processor_default_version.go │ ├── documentaiwarehouse │ ├── documentaiwarehouse_document_schema.go │ └── documentaiwarehouse_location.go │ ├── edgecontainer │ ├── edgecontainer_cluster.go │ ├── edgecontainer_node_pool.go │ └── edgecontainer_vpn_connection.go │ ├── edgenetwork │ ├── edgenetwork_interconnect_attachment.go │ ├── edgenetwork_network.go │ └── edgenetwork_subnet.go │ ├── essentialcontacts │ └── essentialcontacts_contact.go │ ├── eventarc │ ├── eventarc_channel.go │ ├── eventarc_enrollment.go │ ├── eventarc_google_api_source.go │ ├── eventarc_google_channel_config.go │ ├── eventarc_message_bus.go │ ├── eventarc_pipeline.go │ ├── eventarc_trigger.go │ └── eventarc_utils.go │ ├── filestore │ ├── filestore_backup.go │ ├── filestore_instance.go │ └── filestore_snapshot.go │ ├── firebase │ ├── firebase_android_app.go │ ├── firebase_apple_app.go │ ├── firebase_project.go │ └── firebase_web_app.go │ ├── firebaseappcheck │ ├── firebaseappcheck_app_attest_config.go │ ├── firebaseappcheck_debug_token.go │ ├── firebaseappcheck_device_check_config.go │ ├── firebaseappcheck_play_integrity_config.go │ ├── firebaseappcheck_recaptcha_enterprise_config.go │ ├── firebaseappcheck_recaptcha_v3_config.go │ └── firebaseappcheck_service_config.go │ ├── firebaseapphosting │ ├── firebaseapphosting_backend.go │ ├── firebaseapphosting_build.go │ ├── firebaseapphosting_default_domain.go │ ├── firebaseapphosting_domain.go │ └── firebaseapphosting_traffic.go │ ├── firebasedatabase │ └── firebasedatabase_instance.go │ ├── firebasedataconnect │ └── firebasedataconnect_service.go │ ├── firebaseextensions │ └── firebaseextensions_instance.go │ ├── firebasehosting │ ├── firebasehosting_channel.go │ ├── firebasehosting_custom_domain.go │ ├── firebasehosting_release.go │ ├── firebasehosting_site.go │ └── firebasehosting_version.go │ ├── firebasestorage │ └── firebasestorage_bucket.go │ ├── firestore │ ├── firestore_backup_schedule.go │ ├── firestore_database.go │ ├── firestore_document.go │ ├── firestore_field.go │ └── firestore_index.go │ ├── gemini │ ├── gemini_code_repository_index.go │ ├── gemini_code_tools_setting.go │ ├── gemini_code_tools_setting_binding.go │ ├── gemini_data_sharing_with_google_setting.go │ ├── gemini_data_sharing_with_google_setting_binding.go │ ├── gemini_gemini_gcp_enablement_setting.go │ ├── gemini_gemini_gcp_enablement_setting_binding.go │ ├── gemini_logging_setting.go │ ├── gemini_logging_setting_binding.go │ ├── gemini_release_channel_setting.go │ ├── gemini_release_channel_setting_binding.go │ ├── gemini_repository_group.go │ ├── gemini_repository_group_iam.go │ └── iam_gemini_repository_group.go │ ├── gkebackup │ ├── gkebackup_backup_channel.go │ ├── gkebackup_backup_plan.go │ ├── gkebackup_backup_plan_iam.go │ ├── gkebackup_restore_channel.go │ ├── gkebackup_restore_plan.go │ ├── gkebackup_restore_plan_iam.go │ ├── iam_gkebackup_backup_plan.go │ └── iam_gkebackup_restore_plan.go │ ├── gkehub │ ├── gkehub_membership.go │ ├── gkehub_membership_iam.go │ └── iam_gkehub_membership.go │ ├── gkehub2 │ ├── gkehub2_feature.go │ ├── gkehub2_feature_iam.go │ ├── gkehub2_fleet.go │ ├── gkehub2_membership_binding.go │ ├── gkehub2_membership_rbac_role_binding.go │ ├── gkehub2_namespace.go │ ├── gkehub2_scope.go │ ├── gkehub2_scope_iam.go │ ├── gkehub2_scope_rbac_role_binding.go │ ├── iam_gkehub2_feature.go │ └── iam_gkehub2_scope.go │ ├── gkeonprem │ ├── gkeonprem_bare_metal_admin_cluster.go │ ├── gkeonprem_bare_metal_cluster.go │ ├── gkeonprem_bare_metal_node_pool.go │ ├── gkeonprem_vmware_admin_cluster.go │ ├── gkeonprem_vmware_cluster.go │ └── gkeonprem_vmware_node_pool.go │ ├── healthcare │ ├── healthcare_consent_store.go │ ├── healthcare_consent_store_iam.go │ ├── healthcare_dataset.go │ ├── healthcare_dicom_store.go │ ├── healthcare_fhir_store.go │ ├── healthcare_hl7_v2_store.go │ ├── healthcare_pipeline_job.go │ ├── healthcare_workspace.go │ └── iam_healthcare_consent_store.go │ ├── iam2 │ ├── iam2_access_boundary_policy.go │ └── iam2_deny_policy.go │ ├── iam3 │ ├── iam3_folders_policy_binding.go │ ├── iam3_organizations_policy_binding.go │ ├── iam3_principal_access_boundary_policy.go │ └── iam3_projects_policy_binding.go │ ├── iambeta │ ├── iam_iambeta_workload_identity_pool.go │ ├── iambeta_workload_identity_pool.go │ ├── iambeta_workload_identity_pool_iam.go │ ├── iambeta_workload_identity_pool_managed_identity.go │ ├── iambeta_workload_identity_pool_namespace.go │ └── iambeta_workload_identity_pool_provider.go │ ├── iamworkforcepool │ ├── iamworkforcepool_oauth_client.go │ ├── iamworkforcepool_oauth_client_credential.go │ ├── iamworkforcepool_workforce_pool.go │ ├── iamworkforcepool_workforce_pool_provider.go │ └── iamworkforcepool_workforce_pool_provider_key.go │ ├── iap │ ├── iam_iap_tunnel.go │ ├── iam_iap_tunnel_dest_group.go │ ├── iam_iap_tunnel_instance.go │ ├── iam_iap_web.go │ ├── iap_brand.go │ ├── iap_client.go │ ├── iap_settings.go │ ├── iap_tunnel_dest_group.go │ ├── iap_tunnel_dest_group_iam.go │ ├── iap_tunnel_iam.go │ ├── iap_tunnel_instance_iam.go │ └── iap_web_iam.go │ ├── identityplatform │ ├── identityplatform_config.go │ ├── identityplatform_default_supported_idp_config.go │ ├── identityplatform_inbound_saml_config.go │ ├── identityplatform_oauth_idp_config.go │ ├── identityplatform_tenant.go │ ├── identityplatform_tenant_default_supported_idp_config.go │ ├── identityplatform_tenant_inbound_saml_config.go │ └── identityplatform_tenant_oauth_idp_config.go │ ├── integrationconnectors │ ├── integrationconnectors_connection.go │ ├── integrationconnectors_endpoint_attachment.go │ └── integrationconnectors_managed_zone.go │ ├── integrations │ ├── integrations_auth_config.go │ └── integrations_client.go │ ├── kms │ ├── iam_kms_crypto_key.go │ ├── iam_kms_ekm_connection.go │ ├── iam_kms_key_ring.go │ ├── kms_autokey_config.go │ ├── kms_crypto_key.go │ ├── kms_crypto_key_iam.go │ ├── kms_crypto_key_version.go │ ├── kms_ekm_connection.go │ ├── kms_ekm_connection_iam.go │ ├── kms_key_handle.go │ ├── kms_key_ring.go │ ├── kms_key_ring_iam.go │ ├── kms_key_ring_import_job.go │ └── kms_utils.go │ ├── logging │ ├── iam_logging_log_view.go │ ├── logging_billing_account_bucket_config.go │ ├── logging_folder_bucket_config.go │ ├── logging_folder_settings.go │ ├── logging_linked_dataset.go │ ├── logging_log_scope.go │ ├── logging_log_view.go │ ├── logging_log_view_iam.go │ ├── logging_metric.go │ ├── logging_organization_bucket_config.go │ ├── logging_organization_settings.go │ └── logging_project_bucket_config.go │ ├── looker │ └── looker_instance.go │ ├── lustre │ └── lustre_instance.go │ ├── managedkafka │ ├── managedkafka_acl.go │ ├── managedkafka_cluster.go │ ├── managedkafka_connect_cluster.go │ ├── managedkafka_connector.go │ └── managedkafka_topic.go │ ├── memcache │ └── memcache_instance.go │ ├── memorystore │ ├── memorystore_instance.go │ └── memorystore_instance_desired_user_created_endpoints.go │ ├── migrationcenter │ ├── migrationcenter_group.go │ └── migrationcenter_preference_set.go │ ├── mlengine │ └── mlengine_model.go │ ├── monitoring │ ├── monitoring_alert_policy.go │ ├── monitoring_generic_service.go │ ├── monitoring_group.go │ ├── monitoring_metric_descriptor.go │ ├── monitoring_monitored_project.go │ ├── monitoring_notification_channel.go │ ├── monitoring_service.go │ ├── monitoring_slo.go │ ├── monitoring_slo_helper.go │ └── monitoring_uptime_check_config.go │ ├── netapp │ ├── netapp_active_directory.go │ ├── netapp_backup.go │ ├── netapp_backup_policy.go │ ├── netapp_backup_vault.go │ ├── netapp_kmsconfig.go │ ├── netapp_storage_pool.go │ ├── netapp_volume.go │ ├── netapp_volume_quota_rule.go │ ├── netapp_volume_replication.go │ └── netapp_volume_snapshot.go │ ├── networkconnectivity │ ├── networkconnectivity_group.go │ ├── networkconnectivity_hub.go │ ├── networkconnectivity_internal_range.go │ ├── networkconnectivity_policy_based_route.go │ ├── networkconnectivity_regional_endpoint.go │ ├── networkconnectivity_service_connection_policy.go │ └── networkconnectivity_spoke.go │ ├── networkmanagement │ ├── networkmanagement_connectivity_test.go │ └── networkmanagement_vpc_flow_logs_config.go │ ├── networksecurity │ ├── networksecurity_address_group.go │ ├── networksecurity_authorization_policy.go │ ├── networksecurity_authz_policy.go │ ├── networksecurity_backend_authentication_config.go │ ├── networksecurity_client_tls_policy.go │ ├── networksecurity_firewall_endpoint.go │ ├── networksecurity_firewall_endpoint_association.go │ ├── networksecurity_gateway_security_policy.go │ ├── networksecurity_gateway_security_policy_rule.go │ ├── networksecurity_intercept_deployment.go │ ├── networksecurity_intercept_deployment_group.go │ ├── networksecurity_intercept_endpoint_group.go │ ├── networksecurity_intercept_endpoint_group_association.go │ ├── networksecurity_mirroring_deployment.go │ ├── networksecurity_mirroring_deployment_group.go │ ├── networksecurity_mirroring_endpoint_group.go │ ├── networksecurity_mirroring_endpoint_group_association.go │ ├── networksecurity_security_profile.go │ ├── networksecurity_security_profile_group.go │ ├── networksecurity_server_tls_policy.go │ ├── networksecurity_tls_inspection_policy.go │ └── networksecurity_url_lists.go │ ├── networkservices │ ├── networkservices_authz_extension.go │ ├── networkservices_edge_cache_keyset.go │ ├── networkservices_edge_cache_origin.go │ ├── networkservices_edge_cache_service.go │ ├── networkservices_endpoint_policy.go │ ├── networkservices_gateway.go │ ├── networkservices_grpc_route.go │ ├── networkservices_http_route.go │ ├── networkservices_lb_route_extension.go │ ├── networkservices_lb_traffic_extension.go │ ├── networkservices_mesh.go │ ├── networkservices_service_binding.go │ ├── networkservices_service_lb_policies.go │ ├── networkservices_tcp_route.go │ └── networkservices_tls_route.go │ ├── notebooks │ ├── iam_notebooks_instance.go │ ├── iam_notebooks_runtime.go │ ├── notebooks_environment.go │ ├── notebooks_instance.go │ ├── notebooks_instance_iam.go │ ├── notebooks_location.go │ ├── notebooks_runtime.go │ └── notebooks_runtime_iam.go │ ├── oracledatabase │ ├── oracledatabase_autonomous_database.go │ ├── oracledatabase_cloud_exadata_infrastructure.go │ └── oracledatabase_cloud_vm_cluster.go │ ├── orgpolicy │ ├── orgpolicy_custom_constraint.go │ └── orgpolicy_policy.go │ ├── osconfig │ ├── osconfig_guest_policies.go │ └── osconfig_patch_deployment.go │ ├── osconfigv2 │ ├── osconfigv2_policy_orchestrator.go │ ├── osconfigv2_policy_orchestrator_for_folder.go │ └── osconfigv2_policy_orchestrator_for_organization.go │ ├── oslogin │ └── oslogin_ssh_public_key.go │ ├── parallelstore │ └── parallelstore_instance.go │ ├── parametermanager │ ├── parametermanager_parameter.go │ └── parametermanager_parameter_version.go │ ├── parametermanagerregional │ ├── parametermanagerregional_regional_parameter.go │ └── parametermanagerregional_regional_parameter_version.go │ ├── privateca │ ├── iam_privateca_ca_pool.go │ ├── iam_privateca_certificate_template.go │ ├── privateca_ca_pool.go │ ├── privateca_ca_pool_iam.go │ ├── privateca_certificate.go │ ├── privateca_certificate_authority.go │ ├── privateca_certificate_template.go │ ├── privateca_certificate_template_iam.go │ └── privateca_utils.go │ ├── privilegedaccessmanager │ └── privilegedaccessmanager_entitlement.go │ ├── pubsub │ ├── iam_pubsub_schema.go │ ├── iam_pubsub_subscription.go │ ├── iam_pubsub_topic.go │ ├── pubsub_schema.go │ ├── pubsub_schema_iam.go │ ├── pubsub_subscription.go │ ├── pubsub_subscription_iam.go │ ├── pubsub_topic.go │ ├── pubsub_topic_iam.go │ └── pubsub_utils.go │ ├── pubsublite │ ├── pubsublite_reservation.go │ ├── pubsublite_subscription.go │ └── pubsublite_topic.go │ ├── redis │ ├── redis_cluster.go │ ├── redis_cluster_user_created_connections.go │ └── redis_instance.go │ ├── resourcemanager │ ├── folder.go │ ├── folder_iam.go │ ├── folder_organization_policy.go │ ├── iam_folder.go │ ├── iam_organization.go │ ├── iam_project.go │ ├── org_policy_policy.go │ ├── organization_iam.go │ ├── organization_iam_custom_role.go │ ├── organization_policy.go │ ├── project.go │ ├── project_iam.go │ ├── project_iam_custom_role.go │ ├── project_organization_policy.go │ ├── project_service.go │ ├── resourcemanager_lien.go │ ├── service_account.go │ └── service_account_key.go │ ├── resourcemanager3 │ └── resourcemanager3_capability.go │ ├── secretmanager │ ├── iam_secretmanager_secret.go │ ├── secretmanager_secret.go │ ├── secretmanager_secret_iam.go │ └── secretmanager_secret_version.go │ ├── secretmanagerregional │ ├── iam_secretmanagerregional_regional_secret.go │ ├── secretmanagerregional_regional_secret.go │ ├── secretmanagerregional_regional_secret_iam.go │ └── secretmanagerregional_regional_secret_version.go │ ├── securesourcemanager │ ├── iam_securesourcemanager_instance.go │ ├── iam_securesourcemanager_repository.go │ ├── securesourcemanager_branch_rule.go │ ├── securesourcemanager_instance.go │ ├── securesourcemanager_instance_iam.go │ ├── securesourcemanager_repository.go │ └── securesourcemanager_repository_iam.go │ ├── securitycenter │ ├── iam_securitycenter_source.go │ ├── securitycenter_event_threat_detection_custom_module.go │ ├── securitycenter_folder_custom_module.go │ ├── securitycenter_folder_notification_config.go │ ├── securitycenter_folder_scc_big_query_export.go │ ├── securitycenter_mute_config.go │ ├── securitycenter_notification_config.go │ ├── securitycenter_organization_custom_module.go │ ├── securitycenter_organization_scc_big_query_export.go │ ├── securitycenter_project_custom_module.go │ ├── securitycenter_project_notification_config.go │ ├── securitycenter_project_scc_big_query_export.go │ ├── securitycenter_source.go │ └── securitycenter_source_iam.go │ ├── securitycentermanagement │ ├── securitycentermanagement_folder_security_health_analytics_custom_module.go │ ├── securitycentermanagement_organization_event_threat_detection_custom_module.go │ ├── securitycentermanagement_organization_security_health_analytics_custom_module.go │ └── securitycentermanagement_project_security_health_analytics_custom_module.go │ ├── securitycenterv2 │ ├── iam_securitycenterv2_organization_source.go │ ├── securitycenterv2_folder_mute_config.go │ ├── securitycenterv2_folder_notification_config.go │ ├── securitycenterv2_folder_scc_big_query_export.go │ ├── securitycenterv2_organization_mute_config.go │ ├── securitycenterv2_organization_notification_config.go │ ├── securitycenterv2_organization_scc_big_query_export.go │ ├── securitycenterv2_organization_scc_big_query_exports.go │ ├── securitycenterv2_organization_source.go │ ├── securitycenterv2_organization_source_iam.go │ ├── securitycenterv2_project_mute_config.go │ ├── securitycenterv2_project_notification_config.go │ └── securitycenterv2_project_scc_big_query_export.go │ ├── securityposture │ ├── securityposture_posture.go │ └── securityposture_posture_deployment.go │ ├── securityscanner │ └── securityscanner_scan_config.go │ ├── servicedirectory │ ├── iam_servicedirectory_namespace.go │ ├── iam_servicedirectory_service.go │ ├── servicedirectory_endpoint.go │ ├── servicedirectory_namespace.go │ ├── servicedirectory_namespace_iam.go │ ├── servicedirectory_service.go │ └── servicedirectory_service_iam.go │ ├── servicemanagement │ ├── iam_servicemanagement_service.go │ ├── iam_servicemanagement_service_consumers.go │ ├── servicemanagement_service_consumers_iam.go │ └── servicemanagement_service_iam.go │ ├── serviceusage │ └── serviceusage_consumer_quota_override.go │ ├── siteverification │ └── siteverification_web_resource.go │ ├── sourcerepo │ └── source_repo_utils.go │ ├── spanner │ ├── iam_spanner_database.go │ ├── iam_spanner_instance.go │ ├── spanner_backup_schedule.go │ ├── spanner_database.go │ ├── spanner_database_iam.go │ ├── spanner_instance.go │ ├── spanner_instance_iam.go │ └── spanner_instance_partition.go │ ├── sql │ ├── sql_database.go │ ├── sql_database_instance.go │ └── sql_source_representation_instance.go │ ├── storage │ ├── iam_storage_bucket.go │ ├── storage_anywhere_cache.go │ ├── storage_bucket.go │ ├── storage_bucket_access_control.go │ ├── storage_bucket_iam.go │ ├── storage_default_object_access_control.go │ ├── storage_folder.go │ ├── storage_hmac_key.go │ ├── storage_managed_folder.go │ └── storage_object_access_control.go │ ├── storagebatchoperations │ └── storagebatchoperations_job.go │ ├── storagecontrol │ ├── storagecontrol_folder_intelligence_config.go │ ├── storagecontrol_organization_intelligence_config.go │ └── storagecontrol_project_intelligence_config.go │ ├── storageinsights │ └── storageinsights_report_config.go │ ├── storagetransfer │ └── storagetransfer_agent_pool.go │ ├── tags │ └── tags_tag_binding.go │ ├── tpu │ └── tpu_node.go │ ├── tpuv2 │ ├── tpuv2_queued_resource.go │ └── tpuv2_vm.go │ ├── transcoder │ ├── transcoder_job.go │ └── transcoder_job_template.go │ ├── vertexai │ ├── iam_vertexai_endpoint.go │ ├── iam_vertexai_feature_group.go │ ├── iam_vertexai_feature_online_store.go │ ├── iam_vertexai_feature_online_store_featureview.go │ ├── iam_vertexai_featurestore.go │ ├── iam_vertexai_featurestore_entitytype.go │ ├── vertexai_dataset.go │ ├── vertexai_deployment_resource_pool.go │ ├── vertexai_endpoint.go │ ├── vertexai_endpoint_iam.go │ ├── vertexai_feature_group.go │ ├── vertexai_feature_group_feature.go │ ├── vertexai_feature_group_iam.go │ ├── vertexai_feature_online_store.go │ ├── vertexai_feature_online_store_featureview.go │ ├── vertexai_feature_online_store_featureview_iam.go │ ├── vertexai_feature_online_store_iam.go │ ├── vertexai_featurestore.go │ ├── vertexai_featurestore_entitytype.go │ ├── vertexai_featurestore_entitytype_feature.go │ ├── vertexai_featurestore_entitytype_iam.go │ ├── vertexai_featurestore_iam.go │ ├── vertexai_index.go │ ├── vertexai_index_endpoint.go │ ├── vertexai_index_endpoint_deployed_index.go │ ├── vertexai_metadata_store.go │ └── vertexai_tensorboard.go │ ├── vmwareengine │ ├── vmwareengine_cluster.go │ ├── vmwareengine_external_access_rule.go │ ├── vmwareengine_external_address.go │ ├── vmwareengine_network.go │ ├── vmwareengine_network_peering.go │ ├── vmwareengine_network_policy.go │ ├── vmwareengine_private_cloud.go │ └── vmwareengine_subnet.go │ ├── vpcaccess │ └── vpcaccess_connector.go │ ├── workbench │ ├── iam_workbench_instance.go │ ├── workbench_instance.go │ └── workbench_instance_iam.go │ ├── workflows │ └── workflows_workflow.go │ └── workstations │ ├── iam_workstations_workstation.go │ ├── iam_workstations_workstation_config.go │ ├── workstations_workstation.go │ ├── workstations_workstation_cluster.go │ ├── workstations_workstation_config.go │ ├── workstations_workstation_config_iam.go │ └── workstations_workstation_iam.go ├── test ├── cli_test.go ├── environment_test.go ├── iam_test.go ├── init_test.go ├── read_test.go └── utils_test.go ├── testdata ├── compute_instance_iam.json ├── compute_instance_iam.tf ├── empty-0.13.7.tfplan.json ├── full_compute_instance.json ├── full_compute_instance.tf ├── project_create.json ├── project_create.tf ├── project_iam.json ├── project_iam.tf └── templates │ ├── bucket.json │ ├── bucket.tf │ ├── disk.json │ ├── disk.tf │ ├── example_access_context_manager_access_policy.json │ ├── example_access_context_manager_access_policy.tf │ ├── example_access_context_manager_service_perimeter.json │ ├── example_access_context_manager_service_perimeter.tf │ ├── example_alloydb_instance.json │ ├── example_alloydb_instance.tf │ ├── example_apikeys_key.json │ ├── example_apikeys_key.tf │ ├── example_app_engine_application.json │ ├── example_app_engine_application.tf │ ├── example_artifact_registry_repository.json │ ├── example_artifact_registry_repository.tf │ ├── example_bigquery_dataset.json │ ├── example_bigquery_dataset.tf │ ├── example_bigquery_dataset_iam_binding.json │ ├── example_bigquery_dataset_iam_binding.tf │ ├── example_bigquery_dataset_iam_member.json │ ├── example_bigquery_dataset_iam_member.tf │ ├── example_bigquery_dataset_iam_policy.json │ ├── example_bigquery_dataset_iam_policy.tf │ ├── example_bigquery_dataset_iam_policy_empty_policy_data.json │ ├── example_bigquery_dataset_iam_policy_empty_policy_data.tf │ ├── example_bigquery_table.json │ ├── example_bigquery_table.tf │ ├── example_bigtable_instance.json │ ├── example_bigtable_instance.tf │ ├── example_cloud_run_mapping.json │ ├── example_cloud_run_mapping.tf │ ├── example_cloud_run_service.json │ ├── example_cloud_run_service.tf │ ├── example_cloud_run_service_iam_binding.json │ ├── example_cloud_run_service_iam_binding.tf │ ├── example_cloud_run_service_iam_member.json │ ├── example_cloud_run_service_iam_member.tf │ ├── example_cloud_run_service_iam_policy.json │ ├── example_cloud_run_service_iam_policy.tf │ ├── example_cloud_run_v2_job.json │ ├── example_cloud_run_v2_job.tf │ ├── example_cloud_tasks_queue.json │ ├── example_cloud_tasks_queue.tf │ ├── example_compute_address.json │ ├── example_compute_address.tf │ ├── example_compute_disk.json │ ├── example_compute_disk.tf │ ├── example_compute_disk_empty_image.json │ ├── example_compute_disk_empty_image.tf │ ├── example_compute_firewall.json │ ├── example_compute_firewall.tf │ ├── example_compute_forwarding_rule.json │ ├── example_compute_forwarding_rule.tf │ ├── example_compute_global_address.json │ ├── example_compute_global_address.tf │ ├── example_compute_global_forwarding_rule.json │ ├── example_compute_global_forwarding_rule.tf │ ├── example_compute_health_check.json │ ├── example_compute_health_check.tf │ ├── example_compute_instance_iam_binding.json │ ├── example_compute_instance_iam_binding.tf │ ├── example_compute_instance_iam_member.json │ ├── example_compute_instance_iam_member.tf │ ├── example_compute_instance_iam_policy.json │ ├── example_compute_instance_iam_policy.tf │ ├── example_compute_network.json │ ├── example_compute_network.tf │ ├── example_compute_route.json │ ├── example_compute_route.tf │ ├── example_compute_security_policy.json │ ├── example_compute_security_policy.tf │ ├── example_compute_snapshot.json │ ├── example_compute_snapshot.tf │ ├── example_compute_ssl_policy.json │ ├── example_compute_ssl_policy.tf │ ├── example_compute_subnetwork.json │ ├── example_compute_subnetwork.tf │ ├── example_compute_target_https_proxy.json │ ├── example_compute_target_https_proxy.tf │ ├── example_compute_target_ssl_proxy.json │ ├── example_compute_target_ssl_proxy.tf │ ├── example_compute_url_map.json │ ├── example_compute_url_map.tf │ ├── example_compute_vpn_tunnel.json │ ├── example_compute_vpn_tunnel.tf │ ├── example_container_cluster.json │ ├── example_container_cluster.tf │ ├── example_dns_managed_zone.json │ ├── example_dns_managed_zone.tf │ ├── example_dns_policy.json │ ├── example_dns_policy.tf │ ├── example_filestore_instance.json │ ├── example_filestore_instance.tf │ ├── example_folder_iam_binding.json │ ├── example_folder_iam_binding.tf │ ├── example_folder_iam_member.json │ ├── example_folder_iam_member.tf │ ├── example_folder_iam_member_empty_folder.json │ ├── example_folder_iam_member_empty_folder.tf │ ├── example_folder_iam_policy.json │ ├── example_folder_iam_policy.tf │ ├── example_folder_organization_policy.json │ ├── example_folder_organization_policy.tf │ ├── example_gke_hub_feature.json │ ├── example_gke_hub_feature.tf │ ├── example_google_app_engine_standard_app_version.json │ ├── example_google_app_engine_standard_app_version.tf │ ├── example_google_cloudfunctions_function.json │ ├── example_google_cloudfunctions_function.tf │ ├── example_google_composer_environment.json │ ├── example_google_composer_environment.tf │ ├── example_google_compute_autoscaler.json │ ├── example_google_compute_autoscaler.tf │ ├── example_google_compute_instance_group.json │ ├── example_google_compute_instance_group.tf │ ├── example_google_compute_network_endpoint_group.json │ ├── example_google_compute_network_endpoint_group.tf │ ├── example_google_compute_node_group.json │ ├── example_google_compute_node_group.tf │ ├── example_google_compute_node_template.json │ ├── example_google_compute_node_template.tf │ ├── example_google_compute_region_commitment.json │ ├── example_google_compute_region_commitment.tf │ ├── example_google_compute_resource_policy.json │ ├── example_google_compute_resource_policy.tf │ ├── example_google_compute_router.json │ ├── example_google_compute_router.tf │ ├── example_google_compute_ssl_certificate.json │ ├── example_google_compute_ssl_certificate.tf │ ├── example_google_compute_target_http_proxy.json │ ├── example_google_compute_target_http_proxy.tf │ ├── example_google_compute_target_pool.json │ ├── example_google_compute_target_pool.tf │ ├── example_google_dataflow_job.json │ ├── example_google_dataflow_job.tf │ ├── example_google_dataproc_autoscaling_policy.json │ ├── example_google_dataproc_autoscaling_policy.tf │ ├── example_google_dataproc_cluster.json │ ├── example_google_dataproc_cluster.tf │ ├── example_google_datastream_connection_profile.json │ ├── example_google_datastream_connection_profile.tf │ ├── example_google_datastream_private_connection.json │ ├── example_google_datastream_private_connection.tf │ ├── example_google_datastream_stream.json │ ├── example_google_datastream_stream.tf │ ├── example_google_datastream_stream_append_only.json │ ├── example_google_datastream_stream_append_only.tf │ ├── example_google_firebase_project.json │ ├── example_google_firebase_project.tf │ ├── example_google_gke_hub_membership.json │ ├── example_google_gke_hub_membership.tf │ ├── example_google_logging_billing_account_bucket_config.json │ ├── example_google_logging_billing_account_bucket_config.tf │ ├── example_google_logging_folder_bucket_config.json │ ├── example_google_logging_folder_bucket_config.tf │ ├── example_google_logging_organization_bucket_config.json │ ├── example_google_logging_organization_bucket_config.tf │ ├── example_google_logging_project_bucket_config.json │ ├── example_google_logging_project_bucket_config.tf │ ├── example_google_sql_database.json │ ├── example_google_sql_database.tf │ ├── example_kms_crypto_key.json │ ├── example_kms_crypto_key.tf │ ├── example_kms_crypto_key_iam_binding.json │ ├── example_kms_crypto_key_iam_binding.tf │ ├── example_kms_crypto_key_iam_member.json │ ├── example_kms_crypto_key_iam_member.tf │ ├── example_kms_crypto_key_iam_policy.json │ ├── example_kms_crypto_key_iam_policy.tf │ ├── example_kms_import_job.json │ ├── example_kms_import_job.tf │ ├── example_kms_key_ring.json │ ├── example_kms_key_ring.tf │ ├── example_kms_key_ring_iam_binding.json │ ├── example_kms_key_ring_iam_binding.tf │ ├── example_kms_key_ring_iam_member.json │ ├── example_kms_key_ring_iam_member.tf │ ├── example_kms_key_ring_iam_policy.json │ ├── example_kms_key_ring_iam_policy.tf │ ├── example_logging_metric.json │ ├── example_logging_metric.tf │ ├── example_monitoring_alert_policy.json │ ├── example_monitoring_alert_policy.tf │ ├── example_monitoring_notification_channel.json │ ├── example_monitoring_notification_channel.tf │ ├── example_org_policy_custom_constraint.json │ ├── example_org_policy_custom_constraint.tf │ ├── example_org_policy_policy.json │ ├── example_org_policy_policy.tf │ ├── example_organization_iam_binding.json │ ├── example_organization_iam_binding.tf │ ├── example_organization_iam_custom_role.json │ ├── example_organization_iam_custom_role.tf │ ├── example_organization_iam_member.json │ ├── example_organization_iam_member.tf │ ├── example_organization_iam_policy.json │ ├── example_organization_iam_policy.tf │ ├── example_organization_policy.json │ ├── example_organization_policy.tf │ ├── example_project_create.json │ ├── example_project_create.tf │ ├── example_project_create_empty_project_id.json │ ├── example_project_create_empty_project_id.tf │ ├── example_project_create_empty_project_id_without_default_project.json │ ├── example_project_iam.json │ ├── example_project_iam.tf │ ├── example_project_iam_binding.json │ ├── example_project_iam_binding.tf │ ├── example_project_iam_custom_role.json │ ├── example_project_iam_custom_role.tf │ ├── example_project_iam_member.json │ ├── example_project_iam_member.tf │ ├── example_project_iam_member_empty_project.json │ ├── example_project_iam_member_empty_project.tf │ ├── example_project_iam_member_empty_project_without_default_project.json │ ├── example_project_iam_policy.json │ ├── example_project_iam_policy.tf │ ├── example_project_in_folder.json │ ├── example_project_in_folder.tf │ ├── example_project_in_org.json │ ├── example_project_in_org.tf │ ├── example_project_organization_policy.json │ ├── example_project_organization_policy.tf │ ├── example_project_service.json │ ├── example_project_service.tf │ ├── example_project_update.json │ ├── example_project_update.tf │ ├── example_project_update.tfstate │ ├── example_pubsub_lite_reservation.json │ ├── example_pubsub_lite_reservation.tf │ ├── example_pubsub_lite_subscription.json │ ├── example_pubsub_lite_subscription.tf │ ├── example_pubsub_lite_topic.json │ ├── example_pubsub_lite_topic.tf │ ├── example_pubsub_schema.json │ ├── example_pubsub_schema.tf │ ├── example_pubsub_subscription.json │ ├── example_pubsub_subscription.tf │ ├── example_pubsub_subscription_iam_binding.json │ ├── example_pubsub_subscription_iam_binding.tf │ ├── example_pubsub_subscription_iam_member.json │ ├── example_pubsub_subscription_iam_member.tf │ ├── example_pubsub_subscription_iam_policy.json │ ├── example_pubsub_subscription_iam_policy.tf │ ├── example_pubsub_topic.json │ ├── example_pubsub_topic.tf │ ├── example_redis_instance.json │ ├── example_redis_instance.tf │ ├── example_secret_manager_secret_iam_binding.json │ ├── example_secret_manager_secret_iam_binding.tf │ ├── example_secret_manager_secret_iam_member.json │ ├── example_secret_manager_secret_iam_member.tf │ ├── example_secret_manager_secret_iam_policy.json │ ├── example_secret_manager_secret_iam_policy.tf │ ├── example_service_account.json │ ├── example_service_account.tf │ ├── example_service_account_key.json │ ├── example_service_account_key.tf │ ├── example_service_account_update.json │ ├── example_service_account_update.tf │ ├── example_service_account_update.tfstate │ ├── example_spanner_database.json │ ├── example_spanner_database.tf │ ├── example_spanner_database_iam_binding.json │ ├── example_spanner_database_iam_binding.tf │ ├── example_spanner_database_iam_member.json │ ├── example_spanner_database_iam_member.tf │ ├── example_spanner_database_iam_policy.json │ ├── example_spanner_database_iam_policy.tf │ ├── example_spanner_instance_iam_binding.json │ ├── example_spanner_instance_iam_binding.tf │ ├── example_spanner_instance_iam_member.json │ ├── example_spanner_instance_iam_member.tf │ ├── example_spanner_instance_iam_policy.json │ ├── example_spanner_instance_iam_policy.tf │ ├── example_sql_database_instance.json │ ├── example_sql_database_instance.tf │ ├── example_storage_bucket.json │ ├── example_storage_bucket.tf │ ├── example_storage_bucket_empty_project_id.json │ ├── example_storage_bucket_empty_project_id.tf │ ├── example_storage_bucket_empty_project_id_without_default_project.json │ ├── example_storage_bucket_iam_binding.json │ ├── example_storage_bucket_iam_binding.tf │ ├── example_storage_bucket_iam_member.json │ ├── example_storage_bucket_iam_member.tf │ ├── example_storage_bucket_iam_member_random_suffix.json │ ├── example_storage_bucket_iam_member_random_suffix.tf │ ├── example_storage_bucket_iam_policy.json │ ├── example_storage_bucket_iam_policy.tf │ ├── example_vertex_ai_dataset.json │ ├── example_vertex_ai_dataset.tf │ ├── example_vpc_access_connector.json │ ├── example_vpc_access_connector.tf │ ├── firewall.json │ ├── firewall.tf │ ├── full_compute_firewall.json │ ├── full_compute_firewall.tf │ ├── full_compute_instance.json │ ├── full_compute_instance.tf │ ├── full_container_cluster.json │ ├── full_container_cluster.tf │ ├── full_container_node_pool.json │ ├── full_container_node_pool.tf │ ├── full_spanner_instance.json │ ├── full_spanner_instance.tf │ ├── full_sql_database_instance.json │ ├── full_sql_database_instance.tf │ ├── full_storage_bucket.json │ ├── full_storage_bucket.tf │ ├── instance.json │ ├── instance.tf │ ├── sql.json │ └── sql.tf ├── tfdata ├── fake_resource_data.go └── fake_resource_data_test.go ├── tfplan ├── json_plan.go └── json_plan_test.go ├── tfplan2cai.go └── tfplan_to_cai_test.go /.ci/cloudbuild-tests-go-licenses.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2023 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # See cloud-foundation-cicd project 16 | 17 | timeout: 1800s 18 | steps: 19 | - id: test-go-licenses 20 | name: "gcr.io/graphite-docker-images/go-plus" 21 | entrypoint: /usr/bin/make 22 | args: ["test-go-licenses"] 23 | tags: 24 | - "ci" 25 | options: 26 | machineType: "N1_HIGHCPU_8" 27 | -------------------------------------------------------------------------------- /.ci/cloudbuild-tests-integration.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2023 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # See cloud-foundation-cicd project 16 | 17 | timeout: 3600s 18 | steps: 19 | - id: test-integration 20 | name: "gcr.io/graphite-docker-images/go-plus" 21 | entrypoint: /bin/sh 22 | args: 23 | [ 24 | "-c", 25 | "/usr/bin/make test-integration", 26 | ] 27 | env: 28 | - TEST_PROJECT=$_TEST_PROJECT 29 | - TEST_FOLDER_ID=$_TEST_FOLDER 30 | - TEST_ANCESTRY=$_TEST_ANCESTRY 31 | - TEST_ORG_ID=$_TEST_ORG 32 | tags: 33 | - "ci" 34 | - "integration" 35 | options: 36 | machineType: "N1_HIGHCPU_8" 37 | -------------------------------------------------------------------------------- /.ci/cloudbuild-tests-unit.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2023 Google LLC 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # https://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # See cloud-foundation-cicd project 16 | 17 | timeout: 1800s 18 | steps: 19 | - id: test 20 | name: "gcr.io/graphite-docker-images/go-plus" 21 | entrypoint: /usr/bin/make 22 | args: ["test"] 23 | tags: 24 | - "ci" 25 | options: 26 | machineType: "N1_HIGHCPU_8" 27 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @GoogleCloudPlatform/terraform-validator-reviewers -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Sensitive 2 | credentials.json 3 | 4 | # Terraform (possibly sensitive) 5 | .terraform/ 6 | *.tfplan 7 | examples/*.tfstate* 8 | 9 | # Visual Studio Code 10 | .vscode/ 11 | # Intellij Golang 12 | .idea/ 13 | 14 | # Mac OSX 15 | .DS_Store 16 | 17 | # binary 18 | ./cmd 19 | bin/ 20 | 21 | # terraform config file for integration test 22 | tf-dev-override.tfrc 23 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # How to Contribute 2 | 3 | We'd love to accept your patches and contributions to this project. There are 4 | just a few small guidelines you need to follow. 5 | 6 | ## Contributor License Agreement 7 | 8 | Contributions to this project must be accompanied by a Contributor License 9 | Agreement. You (or your employer) retain the copyright to your contribution; 10 | this simply gives us permission to use and redistribute your contributions as 11 | part of the project. Head over to to see 12 | your current agreements on file or to sign a new one. 13 | 14 | You generally only need to submit a CLA once, so if you've already submitted one 15 | (even if it was for a different project), you probably don't need to do it 16 | again. 17 | 18 | ## Code reviews 19 | 20 | All submissions, including submissions by project members, require review. We 21 | use GitHub pull requests for this purpose. Consult 22 | [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more 23 | information on using pull requests. 24 | 25 | ## Community Guidelines 26 | 27 | This project follows 28 | [Google's Open Source Community Guidelines](https://opensource.google.com/conduct/). 29 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # terraform-google-conversion 2 | 3 | `terraform-google-conversion` is a Golang library which provides functions convert between Terraform resource data and Google Cloud Platform's native API inventory format, as described by the [Cloud Asset Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview). 4 | 5 | The library is generated using [Magic Modules](https://github.com/GoogleCloudPlatform/magic-modules). 6 | 7 | ## Disclaimer 8 | 9 | This is not an officially supported Google product. 10 | -------------------------------------------------------------------------------- /cai2hcl/common/converter.go: -------------------------------------------------------------------------------- 1 | package common 2 | 3 | import ( 4 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/caiasset" 5 | "github.com/zclconf/go-cty/cty" 6 | ) 7 | 8 | // Converter interface for resources. 9 | type Converter interface { 10 | // Convert turns assets into hcl blocks. 11 | Convert(asset []*caiasset.Asset) ([]*HCLResourceBlock, error) 12 | } 13 | 14 | // HCLResourceBlock identifies the HCL block's labels and content. 15 | type HCLResourceBlock struct { 16 | Labels []string 17 | Value cty.Value 18 | } 19 | -------------------------------------------------------------------------------- /cai2hcl/convert_test.go: -------------------------------------------------------------------------------- 1 | package cai2hcl_test 2 | 3 | import ( 4 | "testing" 5 | 6 | cai2hclTesting "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/cai2hcl/testing" 7 | ) 8 | 9 | func TestConvertCompute(t *testing.T) { 10 | cai2hclTesting.AssertTestFiles( 11 | t, 12 | "./services/compute/testdata", 13 | []string{ 14 | "full_compute_instance", 15 | }) 16 | } 17 | 18 | func TestConvertResourcemanager(t *testing.T) { 19 | cai2hclTesting.AssertTestFiles( 20 | t, 21 | "./services/resourcemanager/testdata", 22 | []string{ 23 | "project_create", 24 | }) 25 | } 26 | -------------------------------------------------------------------------------- /cai2hcl/services/compute/compute_backend_service_test.go: -------------------------------------------------------------------------------- 1 | package compute_test 2 | 3 | import ( 4 | "testing" 5 | 6 | cai2hcl_testing "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/cai2hcl/testing" 7 | ) 8 | 9 | func TestComputeBackendService(t *testing.T) { 10 | cai2hcl_testing.AssertTestFiles( 11 | t, 12 | "./testdata", 13 | []string{"compute_backend_service"}) 14 | } 15 | -------------------------------------------------------------------------------- /cai2hcl/services/compute/compute_forwarding_rule_test.go: -------------------------------------------------------------------------------- 1 | package compute_test 2 | 3 | import ( 4 | "testing" 5 | 6 | cai2hcl_testing "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/cai2hcl/testing" 7 | ) 8 | 9 | func TestComputeForwardingRule(t *testing.T) { 10 | cai2hcl_testing.AssertTestFiles( 11 | t, 12 | "./testdata", 13 | []string{"compute_forwarding_rule"}) 14 | } 15 | -------------------------------------------------------------------------------- /cai2hcl/services/compute/compute_instance_test.go: -------------------------------------------------------------------------------- 1 | package compute_test 2 | 3 | import ( 4 | "testing" 5 | 6 | cai2hclTesting "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/cai2hcl/testing" 7 | ) 8 | 9 | func TestComputeInstance(t *testing.T) { 10 | cai2hclTesting.AssertTestFiles( 11 | t, 12 | "./testdata", 13 | []string{ 14 | "full_compute_instance", 15 | "compute_instance_iam", 16 | }) 17 | } 18 | -------------------------------------------------------------------------------- /cai2hcl/services/compute/compute_region_backend_service_test.go: -------------------------------------------------------------------------------- 1 | package compute_test 2 | 3 | import ( 4 | "testing" 5 | 6 | cai2hcl_testing "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/cai2hcl/testing" 7 | ) 8 | 9 | func TestComputeRegionBackendService(t *testing.T) { 10 | cai2hcl_testing.AssertTestFiles( 11 | t, 12 | "./testdata", 13 | []string{"compute_region_backend_service"}) 14 | } 15 | -------------------------------------------------------------------------------- /cai2hcl/services/compute/compute_region_health_check_test.go: -------------------------------------------------------------------------------- 1 | package compute_test 2 | 3 | import ( 4 | "testing" 5 | 6 | cai2hcl_testing "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/cai2hcl/testing" 7 | ) 8 | 9 | func TestComputeRegionHealthCheck(t *testing.T) { 10 | cai2hcl_testing.AssertTestFiles( 11 | t, 12 | "./testdata", 13 | []string{"compute_region_health_check"}) 14 | } 15 | -------------------------------------------------------------------------------- /cai2hcl/services/compute/testdata/compute_forwarding_rule.tf: -------------------------------------------------------------------------------- 1 | resource "google_compute_forwarding_rule" "test-1" { 2 | all_ports = true 3 | allow_global_access = false 4 | description = "test description" 5 | ip_address = "10.128.0.62" 6 | ip_protocol = "TCP" 7 | load_balancing_scheme = "INTERNAL_MANAGED" 8 | name = "test-1" 9 | network_tier = "PREMIUM" 10 | port_range = "80-82" 11 | region = "us-central1" 12 | subnetwork = "projects/myproj/regions/us-central1/subnetworks/default" 13 | target = "projects/myproj/regions/us-central1/targetHttpProxies/test1-target-proxy" 14 | } 15 | 16 | resource "google_compute_forwarding_rule" "test-2" { 17 | backend_service = "projects/myproj/regions/us-central1/backendServices/test-bs-1" 18 | ip_address = "projects/myproj/regions/us-central1/addresses/test-ip-1" 19 | ip_protocol = "TCP" 20 | ip_version = "IPV6" 21 | load_balancing_scheme = "EXTERNAL" 22 | name = "test-2" 23 | ports = ["80", "81"] 24 | region = "us-central1" 25 | } 26 | -------------------------------------------------------------------------------- /cai2hcl/services/compute/testdata/compute_instance_iam.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/test-project/zones/example_zone/instances/example_instance", 4 | "asset_type": "compute.googleapis.com/Instance", 5 | "ancestry_path": "organizations/123/folders/456/project/test-project", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/compute.osLogin", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /cai2hcl/services/compute/testdata/compute_instance_iam.tf: -------------------------------------------------------------------------------- 1 | resource "google_compute_instance_iam_policy" "example_instance_iam_policy" { 2 | instance_name = "example_instance" 3 | policy_data = "{\"bindings\":[{\"role\":\"roles/compute.osLogin\",\"members\":[\"user:jane@example.com\"]}]}" 4 | project = "test-project" 5 | zone = "example_zone" 6 | } 7 | -------------------------------------------------------------------------------- /cai2hcl/services/compute/testdata/compute_region_health_check.tf: -------------------------------------------------------------------------------- 1 | resource "google_compute_region_health_check" "hc" { 2 | check_interval_sec = 5 3 | healthy_threshold = 2 4 | 5 | log_config { 6 | enable = false 7 | } 8 | 9 | name = "hc" 10 | region = "us-central1" 11 | 12 | tcp_health_check { 13 | port = 80 14 | proxy_header = "NONE" 15 | } 16 | 17 | timeout_sec = 5 18 | type = "TCP" 19 | unhealthy_threshold = 2 20 | } 21 | 22 | resource "google_compute_region_health_check" "hc" { 23 | check_interval_sec = 5 24 | description = "descr" 25 | healthy_threshold = 2 26 | 27 | log_config { 28 | enable = false 29 | } 30 | 31 | name = "hc" 32 | region = "us-central1" 33 | 34 | tcp_health_check { 35 | port = 8 36 | proxy_header = "PROXY_V1" 37 | request = "a" 38 | response = "b" 39 | } 40 | 41 | timeout_sec = 5 42 | type = "TCP" 43 | unhealthy_threshold = 2 44 | } 45 | -------------------------------------------------------------------------------- /cai2hcl/services/resourcemanager/project_test.go: -------------------------------------------------------------------------------- 1 | package resourcemanager_test 2 | 3 | import ( 4 | "testing" 5 | 6 | cai2hclTesting "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/cai2hcl/testing" 7 | ) 8 | 9 | func TestComputeInstance(t *testing.T) { 10 | cai2hclTesting.AssertTestFiles( 11 | t, 12 | "./testdata", 13 | []string{ 14 | "project_create", 15 | "project_iam", 16 | }) 17 | } 18 | -------------------------------------------------------------------------------- /cai2hcl/services/resourcemanager/testdata/project_create.tf: -------------------------------------------------------------------------------- 1 | resource "google_project" "example-project" { 2 | billing_account = "example-account" 3 | folder_id = "456" 4 | 5 | labels = { 6 | project-label-key-a = "project-label-val-a" 7 | } 8 | 9 | name = "My Project" 10 | project_id = "example-project" 11 | } 12 | -------------------------------------------------------------------------------- /cai2hcl/services/resourcemanager/testdata/project_iam.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/example-project", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "organizations/123/folders/456/project/example-project", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:example-a@google.com", 12 | "user:example-b@google.com" 13 | ] 14 | }, 15 | { 16 | "role": "roles/storage.admin", 17 | "members": [ 18 | "user:example-a@google.com", 19 | "user:example-b@google.com" 20 | ] 21 | }, 22 | { 23 | "role": "roles/owner", 24 | "members": [ 25 | "user:example-a@google.com" 26 | ] 27 | }, 28 | { 29 | "role": "roles/viewer", 30 | "members": [ 31 | "user:example-a@google.com", 32 | "user:example-b@google.com" 33 | ] 34 | } 35 | ] 36 | } 37 | } 38 | ] 39 | -------------------------------------------------------------------------------- /cai2hcl/services/resourcemanager/testdata/project_iam.tf: -------------------------------------------------------------------------------- 1 | resource "google_project_iam_policy" "example-project_iam_policy" { 2 | policy_data = "{\"bindings\":[{\"role\":\"roles/editor\",\"members\":[\"user:example-a@google.com\",\"user:example-b@google.com\"]},{\"role\":\"roles/storage.admin\",\"members\":[\"user:example-a@google.com\",\"user:example-b@google.com\"]},{\"role\":\"roles/owner\",\"members\":[\"user:example-a@google.com\"]},{\"role\":\"roles/viewer\",\"members\":[\"user:example-a@google.com\",\"user:example-b@google.com\"]}]}" 3 | project = "example-project" 4 | } 5 | -------------------------------------------------------------------------------- /cmd/tfplan2cai/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "flag" 5 | ) 6 | 7 | func main() { 8 | // Workaround for "ERROR: logging before flag.Parse" 9 | fs := flag.NewFlagSet("", flag.ContinueOnError) 10 | _ = fs.Parse([]string{}) 11 | flag.CommandLine = fs 12 | 13 | Execute() 14 | } 15 | -------------------------------------------------------------------------------- /cmd/tgc/common/root_options.go: -------------------------------------------------------------------------------- 1 | package common 2 | 3 | import "go.uber.org/zap" 4 | 5 | type RootOptions struct { 6 | Verbosity string 7 | ErrorLogger *zap.Logger 8 | OutputLogger *zap.Logger 9 | UseStructuredLogging bool 10 | } 11 | -------------------------------------------------------------------------------- /cmd/tgc/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "flag" 5 | ) 6 | 7 | // Undergoing development 8 | func main() { 9 | // Workaround for "ERROR: logging before flag.Parse" 10 | fs := flag.NewFlagSet("", flag.ContinueOnError) 11 | _ = fs.Parse([]string{}) 12 | flag.CommandLine = fs 13 | 14 | Execute() 15 | } 16 | -------------------------------------------------------------------------------- /docs/supported_resources.md: -------------------------------------------------------------------------------- 1 | # Supported Resources 2 | 3 | If you want to add support for a resource, please [open an enhancement request](https://github.com/GoogleCloudPlatform/terraform-google-conversion/issues/new?assignees=&labels=enhancement&template=enhancement.md) and consider [contributing code](./contributing/index.md). 4 | 5 | The full list of supported resources converting from tfplan to CAI asset can be found in our [GCP Terraform docs](https://cloud.google.com/docs/terraform/policy-validation/create-cai-constraints#supported_resources). 6 | 7 | The only resource supported from converting CAI to tfplan is google_compute_instance. 8 | -------------------------------------------------------------------------------- /pkg/cai2hcl/convert.go: -------------------------------------------------------------------------------- 1 | package cai2hcl 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/cai2hcl/converters" 7 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/cai2hcl/models" 8 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/caiasset" 9 | "go.uber.org/zap" 10 | ) 11 | 12 | // Struct for options so that adding new options does not 13 | // require updating function signatures all along the pipe. 14 | type Options struct { 15 | ErrorLogger *zap.Logger 16 | } 17 | 18 | // Converts CAI Assets into HCL string. 19 | func Convert(assets []caiasset.Asset, options *Options) ([]byte, error) { 20 | if options == nil || options.ErrorLogger == nil { 21 | return nil, fmt.Errorf("logger is not initialized") 22 | } 23 | 24 | // TODO: add resolvers to resolve the assets into single resource assets 25 | 26 | allBlocks := []*models.TerraformResourceBlock{} 27 | for _, asset := range assets { 28 | newBlocks, err := converters.ConvertResource(asset) 29 | if err != nil { 30 | return nil, err 31 | } 32 | 33 | if newBlocks != nil { 34 | allBlocks = append(allBlocks, newBlocks...) 35 | } 36 | } 37 | 38 | t, err := models.HclWriteBlocks(allBlocks) 39 | 40 | return t, err 41 | } 42 | -------------------------------------------------------------------------------- /pkg/cai2hcl/converters/convert_resource.go: -------------------------------------------------------------------------------- 1 | package converters 2 | 3 | import ( 4 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/cai2hcl/models" 5 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/caiasset" 6 | ) 7 | 8 | func ConvertResource(asset caiasset.Asset) ([]*models.TerraformResourceBlock, error) { 9 | converter, ok := ConverterMap[asset.Type] 10 | if !ok { 11 | return nil, nil 12 | } 13 | return converter.Convert(asset) 14 | } 15 | -------------------------------------------------------------------------------- /pkg/cai2hcl/models/converter.go: -------------------------------------------------------------------------------- 1 | package models 2 | 3 | import ( 4 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/caiasset" 5 | ) 6 | 7 | // Converter interface for resources. 8 | type Converter interface { 9 | // Convert turns asset into hcl blocks. 10 | Convert(asset caiasset.Asset) ([]*TerraformResourceBlock, error) 11 | } 12 | -------------------------------------------------------------------------------- /pkg/provider/provider_mmv1_resources.go: -------------------------------------------------------------------------------- 1 | package provider 2 | 3 | import ( 4 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 5 | 6 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/tfplan2cai/converters/services/compute" 7 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/tfplan2cai/converters/services/resourcemanager" 8 | ) 9 | 10 | var handwrittenTfplan2caiResources = map[string]*schema.Resource{ 11 | // ####### START handwritten resources ########### 12 | "google_compute_instance": compute.ResourceComputeInstance(), 13 | "google_project": resourcemanager.ResourceGoogleProject(), 14 | // ####### END handwritten resources ########### 15 | } 16 | -------------------------------------------------------------------------------- /pkg/tfplan2cai/converters/cai/cai.go: -------------------------------------------------------------------------------- 1 | package cai 2 | 3 | import ( 4 | "regexp" 5 | 6 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/tpgresource" 7 | transport_tpg "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/transport" 8 | ) 9 | 10 | // AssetName templates an asset.name by looking up and replacing all instances 11 | // of {{field}}. In the case where a field would resolve to an empty string, "null" will be used. 12 | func AssetName(d tpgresource.TerraformResourceData, config *transport_tpg.Config, linkTmpl string) (string, error) { 13 | re := regexp.MustCompile("{{([%[:word:]]+)}}") 14 | f, err := tpgresource.BuildReplacementFunc(re, d, config, linkTmpl, false) 15 | if err != nil { 16 | return "", err 17 | } 18 | 19 | fWithPlaceholder := func(key string) string { 20 | val := f(key) 21 | if val == "" { 22 | val = "null" 23 | } 24 | return val 25 | } 26 | 27 | return re.ReplaceAllStringFunc(linkTmpl, fWithPlaceholder), nil 28 | } 29 | -------------------------------------------------------------------------------- /pkg/tfplan2cai/converters/cai/constants.go: -------------------------------------------------------------------------------- 1 | package cai 2 | 3 | import ( 4 | "errors" 5 | ) 6 | 7 | // ErrNoConversion can be returned if a conversion is unable to be returned. 8 | 9 | // because of the current state of the system. 10 | // Example: The conversion requires that the resource has already been created 11 | // and is now being updated). 12 | var ErrNoConversion = errors.New("no conversion") 13 | 14 | // ErrEmptyIdentityField can be returned when fetching a resource is not possible 15 | // due to the identity field of that resource returning empty. 16 | var ErrEmptyIdentityField = errors.New("empty identity field") 17 | 18 | // ErrResourceInaccessible can be returned when fetching an IAM resource 19 | // on a project that has not yet been created or if the service account 20 | // lacks sufficient permissions 21 | var ErrResourceInaccessible = errors.New("resource does not exist or service account is lacking sufficient permissions") 22 | -------------------------------------------------------------------------------- /pkg/tfplan2cai/converters/cai/json_map.go: -------------------------------------------------------------------------------- 1 | package cai 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | ) 7 | 8 | // JsonMap converts a given value to a map[string]interface{} that 9 | // matches its JSON format. 10 | func JsonMap(x interface{}) (map[string]interface{}, error) { 11 | jsn, err := json.Marshal(x) 12 | if err != nil { 13 | return nil, fmt.Errorf("marshalling: %v", err) 14 | } 15 | 16 | m := make(map[string]interface{}) 17 | if err := json.Unmarshal(jsn, &m); err != nil { 18 | return nil, fmt.Errorf("unmarshalling: %v", err) 19 | } 20 | 21 | return m, nil 22 | } 23 | -------------------------------------------------------------------------------- /pkg/tfplan2cai/converters/cai/resource_converter.go: -------------------------------------------------------------------------------- 1 | package cai 2 | 3 | import ( 4 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/caiasset" 5 | 6 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/tpgresource" 7 | transport_tpg "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/transport" 8 | ) 9 | 10 | type ConvertFunc func(d tpgresource.TerraformResourceData, config *transport_tpg.Config) ([]caiasset.Asset, error) 11 | 12 | // FetchFullResourceFunc allows initial data for a resource to be fetched from the API and merged 13 | // with the planned changes. This is useful for resources that are only partially managed 14 | // by Terraform, like IAM policies managed with member/binding resources. 15 | type FetchFullResourceFunc func(d tpgresource.TerraformResourceData, config *transport_tpg.Config) (caiasset.Asset, error) 16 | 17 | type ResourceConverter struct { 18 | Convert ConvertFunc 19 | FetchFullResource FetchFullResourceFunc 20 | } 21 | -------------------------------------------------------------------------------- /pkg/tfplan2cai/converters/resource_converters.go: -------------------------------------------------------------------------------- 1 | // ---------------------------------------------------------------------------- 2 | // 3 | // *** AUTO GENERATED CODE *** Type: MMv1 *** 4 | // 5 | // ---------------------------------------------------------------------------- 6 | // 7 | // This file is automatically generated by Magic Modules and manual 8 | // changes will be clobbered when the file is regenerated. 9 | // 10 | // Please read more about how to change this file in 11 | // .github/CONTRIBUTING.md. 12 | // 13 | // ---------------------------------------------------------------------------- 14 | package converters 15 | 16 | import ( 17 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/tfplan2cai/converters/cai" 18 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/tfplan2cai/converters/services/compute" 19 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/tfplan2cai/converters/services/resourcemanager" 20 | ) 21 | 22 | var ConverterMap = map[string]cai.ResourceConverter{ 23 | "google_project": resourcemanager.ResourceConverterProject(), 24 | "google_compute_instance": compute.ResourceConverterComputeInstance(), 25 | } 26 | -------------------------------------------------------------------------------- /pkg/tfplan2cai/converters/services/compute/disk_type.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | import ( 4 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/tpgresource" 5 | transport_tpg "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/pkg/transport" 6 | ) 7 | 8 | // readDiskType finds the disk type with the given name. 9 | func readDiskType(c *transport_tpg.Config, d tpgresource.TerraformResourceData, name string) (*tpgresource.ZonalFieldValue, error) { 10 | return tpgresource.ParseZonalFieldValue("diskTypes", name, "project", "zone", d, c, false) 11 | } 12 | 13 | // readRegionDiskType finds the disk type with the given name. 14 | func readRegionDiskType(c *transport_tpg.Config, d tpgresource.TerraformResourceData, name string) (*tpgresource.RegionalFieldValue, error) { 15 | return tpgresource.ParseRegionalFieldValue("diskTypes", name, "project", "region", "zone", d, c, false) 16 | } 17 | -------------------------------------------------------------------------------- /pkg/tpgresource/hashcode.go: -------------------------------------------------------------------------------- 1 | package tpgresource 2 | 3 | import ( 4 | "hash/crc32" 5 | ) 6 | 7 | // Hashcode hashes a string to a unique hashcode. 8 | // 9 | // crc32 returns a uint32, but for our use we need 10 | // and non negative integer. Here we cast to an integer 11 | // and invert it if the result is negative. 12 | func Hashcode(s string) int { 13 | v := int(crc32.ChecksumIEEE([]byte(s))) 14 | if v >= 0 { 15 | return v 16 | } 17 | if -v >= 0 { 18 | return -v 19 | } 20 | // v == MinInt 21 | return 0 22 | } 23 | -------------------------------------------------------------------------------- /pkg/transport/header_transport.go: -------------------------------------------------------------------------------- 1 | package transport 2 | 3 | import ( 4 | "net/http" 5 | ) 6 | 7 | // adapted from https://stackoverflow.com/questions/51325704/adding-a-default-http-header-in-go 8 | type headerTransportLayer struct { 9 | http.Header 10 | baseTransit http.RoundTripper 11 | } 12 | 13 | func NewTransportWithHeaders(baseTransit http.RoundTripper) headerTransportLayer { 14 | if baseTransit == nil { 15 | baseTransit = http.DefaultTransport 16 | } 17 | 18 | headers := make(http.Header) 19 | 20 | return headerTransportLayer{Header: headers, baseTransit: baseTransit} 21 | } 22 | 23 | func (h headerTransportLayer) RoundTrip(req *http.Request) (*http.Response, error) { 24 | for key, value := range h.Header { 25 | // only set headers that are not previously defined 26 | if _, ok := req.Header[key]; !ok { 27 | req.Header[key] = value 28 | } 29 | } 30 | return h.baseTransit.RoundTrip(req) 31 | } 32 | -------------------------------------------------------------------------------- /pkg/verify/path_or_contents.go: -------------------------------------------------------------------------------- 1 | package verify 2 | 3 | import ( 4 | "io/ioutil" 5 | "os" 6 | 7 | "github.com/mitchellh/go-homedir" 8 | ) 9 | 10 | // If the argument is a path, pathOrContents loads it and returns the contents, 11 | // otherwise the argument is assumed to be the desired contents and is simply 12 | // returned. 13 | // 14 | // The boolean second return value can be called `wasPath` - it indicates if a 15 | // path was detected and a file loaded. 16 | func PathOrContents(poc string) (string, bool, error) { 17 | if len(poc) == 0 { 18 | return poc, false, nil 19 | } 20 | 21 | path := poc 22 | if path[0] == '~' { 23 | var err error 24 | path, err = homedir.Expand(path) 25 | if err != nil { 26 | return path, true, err 27 | } 28 | } 29 | 30 | if _, err := os.Stat(path); err == nil { 31 | contents, err := ioutil.ReadFile(path) 32 | if err != nil { 33 | return string(contents), true, err 34 | } 35 | return string(contents), true, nil 36 | } 37 | 38 | return poc, false, nil 39 | } 40 | -------------------------------------------------------------------------------- /pkg/version/version.go: -------------------------------------------------------------------------------- 1 | package version 2 | 3 | var ( 4 | // ProviderVersion is set during the release process to the release version of the binary 5 | ProviderVersion = "dev6" 6 | ) 7 | -------------------------------------------------------------------------------- /release.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | if [ $# -eq 0 ] 6 | then 7 | echo "No version supplied. Run \`make release VERSION=X.X\`" 8 | exit 1 9 | fi 10 | 11 | version=$1 12 | 13 | if ! echo $version | grep -Eq "^[0-9]+\.[0-9]+\.[0-9]+$" 14 | then 15 | echo "Invalid version: ${version}" 16 | echo "Please specify a semantic version with no prefix (e.g. X.X.X)." 17 | exit 1 18 | fi 19 | 20 | echo "Listing supported resources to ${version}-resources.txt" 21 | make build 22 | ./bin/tfplan2cai list-supported-resources > tgc-${version}-resources.txt 23 | 24 | echo "Creating Github tag v${version}" 25 | git tag "v${version}" 26 | git push origin "v${version}" 27 | echo "Github tag v${version} created" 28 | 29 | echo "Create a new release by visiting https://github.com/GoogleCloudPlatform/terraform-google-conversion/releases/new?tag=v${version}&title=v${version}" 30 | -------------------------------------------------------------------------------- /tfplan2cai/converters/google/resources/cai/constants.go: -------------------------------------------------------------------------------- 1 | package cai 2 | 3 | import ( 4 | "errors" 5 | 6 | transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport" 7 | ) 8 | 9 | // ErrNoConversion can be returned if a conversion is unable to be returned. 10 | 11 | // because of the current state of the system. 12 | // Example: The conversion requires that the resource has already been created 13 | // and is now being updated). 14 | var ErrNoConversion = errors.New("no conversion") 15 | 16 | // ErrEmptyIdentityField can be returned when fetching a resource is not possible 17 | // due to the identity field of that resource returning empty. 18 | var ErrEmptyIdentityField = errors.New("empty identity field") 19 | 20 | // ErrResourceInaccessible can be returned when fetching an IAM resource 21 | // on a project that has not yet been created or if the service account 22 | // lacks sufficient permissions 23 | var ErrResourceInaccessible = errors.New("resource does not exist or service account is lacking sufficient permissions") 24 | 25 | // Global MutexKV 26 | // 27 | // Deprecated: For backward compatibility mutexKV is still working, 28 | // but all new code should use MutexStore in the transport_tpg package instead. 29 | var mutexKV = transport_tpg.MutexStore 30 | -------------------------------------------------------------------------------- /tfplan2cai/converters/google/resources/cai/json_map.go: -------------------------------------------------------------------------------- 1 | package cai 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | ) 7 | 8 | // JsonMap converts a given value to a map[string]interface{} that 9 | // matches its JSON format. 10 | func JsonMap(x interface{}) (map[string]interface{}, error) { 11 | jsn, err := json.Marshal(x) 12 | if err != nil { 13 | return nil, fmt.Errorf("marshalling: %v", err) 14 | } 15 | 16 | m := make(map[string]interface{}) 17 | if err := json.Unmarshal(jsn, &m); err != nil { 18 | return nil, fmt.Errorf("unmarshalling: %v", err) 19 | } 20 | 21 | return m, nil 22 | } 23 | -------------------------------------------------------------------------------- /tfplan2cai/converters/google/resources/cai/string_helpers.go: -------------------------------------------------------------------------------- 1 | package cai 2 | 3 | func ConvertInterfaceToStringArray(values []interface{}) []string { 4 | stringArray := make([]string, len(values)) 5 | for i, v := range values { 6 | stringArray[i] = v.(string) 7 | } 8 | return stringArray 9 | } 10 | -------------------------------------------------------------------------------- /tfplan2cai/converters/google/resources/constants.go: -------------------------------------------------------------------------------- 1 | package google 2 | 3 | import ( 4 | "github.com/GoogleCloudPlatform/terraform-google-conversion/v6/tfplan2cai/converters/google/resources/cai" 5 | transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport" 6 | ) 7 | 8 | // ErrNoConversion can be returned if a conversion is unable to be returned. 9 | 10 | // because of the current state of the system. 11 | // Example: The conversion requires that the resource has already been created 12 | // and is now being updated). 13 | var ErrNoConversion = cai.ErrNoConversion 14 | 15 | // ErrEmptyIdentityField can be returned when fetching a resource is not possible 16 | // due to the identity field of that resource returning empty. 17 | var ErrEmptyIdentityField = cai.ErrEmptyIdentityField 18 | 19 | // ErrResourceInaccessible can be returned when fetching an IAM resource 20 | // on a project that has not yet been created or if the service account 21 | // lacks sufficient permissions 22 | var ErrResourceInaccessible = cai.ErrResourceInaccessible 23 | 24 | // Global MutexKV 25 | // 26 | // Deprecated: For backward compatibility mutexKV is still working, 27 | // but all new code should use MutexStore in the transport_tpg package instead. 28 | var mutexKV = transport_tpg.MutexStore 29 | -------------------------------------------------------------------------------- /tfplan2cai/converters/google/resources/getconfig.go: -------------------------------------------------------------------------------- 1 | package google 2 | 3 | import ( 4 | "context" 5 | "net/http" 6 | 7 | "github.com/pkg/errors" 8 | 9 | transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport" 10 | ) 11 | 12 | func NewConfig(ctx context.Context, project, zone, region string, offline bool, userAgent string, client *http.Client) (*transport_tpg.Config, error) { 13 | cfg := &transport_tpg.Config{ 14 | Project: project, 15 | Zone: zone, 16 | Region: region, 17 | UserAgent: userAgent, 18 | } 19 | 20 | // Search for default credentials 21 | cfg.Credentials = transport_tpg.MultiEnvSearch([]string{ 22 | "GOOGLE_CREDENTIALS", 23 | "GOOGLE_CLOUD_KEYFILE_JSON", 24 | "GCLOUD_KEYFILE_JSON", 25 | }) 26 | 27 | cfg.AccessToken = transport_tpg.MultiEnvSearch([]string{ 28 | "GOOGLE_OAUTH_ACCESS_TOKEN", 29 | }) 30 | 31 | cfg.ImpersonateServiceAccount = transport_tpg.MultiEnvSearch([]string{ 32 | "GOOGLE_IMPERSONATE_SERVICE_ACCOUNT", 33 | }) 34 | 35 | transport_tpg.ConfigureBasePaths(cfg) 36 | if !offline { 37 | if err := cfg.LoadAndValidate(ctx); err != nil { 38 | return nil, errors.Wrap(err, "load and validate config") 39 | } 40 | if client != nil { 41 | cfg.Client = client 42 | } 43 | } 44 | 45 | return cfg, nil 46 | } 47 | -------------------------------------------------------------------------------- /tfplan2cai/converters/google/resources/services/compute/disk_type.go: -------------------------------------------------------------------------------- 1 | package compute 2 | 3 | import ( 4 | "github.com/hashicorp/terraform-provider-google-beta/google-beta/tpgresource" 5 | transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport" 6 | ) 7 | 8 | // readDiskType finds the disk type with the given name. 9 | func readDiskType(c *transport_tpg.Config, d tpgresource.TerraformResourceData, name string) (*tpgresource.ZonalFieldValue, error) { 10 | return tpgresource.ParseZonalFieldValue("diskTypes", name, "project", "zone", d, c, false) 11 | } 12 | 13 | // readRegionDiskType finds the disk type with the given name. 14 | func readRegionDiskType(c *transport_tpg.Config, d tpgresource.TerraformResourceData, name string) (*tpgresource.RegionalFieldValue, error) { 15 | return tpgresource.ParseRegionalFieldValue("diskTypes", name, "project", "region", "zone", d, c, false) 16 | } 17 | -------------------------------------------------------------------------------- /tfplan2cai/converters/google/resources/services/monitoring/monitoring_slo_helper.go: -------------------------------------------------------------------------------- 1 | package monitoring 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/hashicorp/terraform-provider-google-beta/google-beta/tpgresource" 7 | transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport" 8 | ) 9 | 10 | func expandMonitoringSloRollingPeriodDays(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { 11 | if v == nil { 12 | return nil, nil 13 | } 14 | i, ok := v.(int) 15 | if !ok { 16 | return nil, fmt.Errorf("unexpected value is not int: %v", v) 17 | } 18 | if i == 0 { 19 | return "", nil 20 | } 21 | // Day = 86400s 22 | return fmt.Sprintf("%ds", i*86400), nil 23 | } 24 | -------------------------------------------------------------------------------- /tfplan2cai/converters/google/resources/services/pubsub/pubsub_utils.go: -------------------------------------------------------------------------------- 1 | package pubsub 2 | 3 | import ( 4 | "fmt" 5 | "regexp" 6 | ) 7 | 8 | const PubsubTopicRegex = "projects\\/.*\\/topics\\/.*" 9 | 10 | func GetComputedSubscriptionName(project, subscription string) string { 11 | match, _ := regexp.MatchString("projects\\/.*\\/subscriptions\\/.*", subscription) 12 | if match { 13 | return subscription 14 | } 15 | return fmt.Sprintf("projects/%s/subscriptions/%s", project, subscription) 16 | } 17 | 18 | func GetComputedTopicName(project, topic string) string { 19 | match, _ := regexp.MatchString(PubsubTopicRegex, topic) 20 | if match { 21 | return topic 22 | } 23 | return fmt.Sprintf("projects/%s/topics/%s", project, topic) 24 | } 25 | -------------------------------------------------------------------------------- /tfplan2cai/converters/google/resources/services/sourcerepo/source_repo_utils.go: -------------------------------------------------------------------------------- 1 | package sourcerepo 2 | 3 | import ( 4 | "regexp" 5 | 6 | "github.com/hashicorp/terraform-provider-google-beta/google-beta/services/pubsub" 7 | "github.com/hashicorp/terraform-provider-google-beta/google-beta/tpgresource" 8 | transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport" 9 | ) 10 | 11 | func expandSourceRepoRepositoryPubsubConfigsTopic(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (string, error) { 12 | // short-circuit if the topic is a full uri so we don't need to GetProject 13 | ok, err := regexp.MatchString(pubsub.PubsubTopicRegex, v.(string)) 14 | if err != nil { 15 | return "", err 16 | } 17 | 18 | if ok { 19 | return v.(string), nil 20 | } 21 | 22 | project, err := tpgresource.GetProject(d, config) 23 | if err != nil { 24 | return "", err 25 | } 26 | 27 | return pubsub.GetComputedTopicName(project, v.(string)), err 28 | } 29 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/compute_instance_iam.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/test-project/zones/example_zone/instances/example_instance", 4 | "asset_type": "compute.googleapis.com/Instance", 5 | "ancestry_path": "organizations/123/folders/456/project/test-project", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/compute.osLogin", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/compute_instance_iam.tf: -------------------------------------------------------------------------------- 1 | resource "google_compute_instance_iam_policy" "example_instance_iam_policy" { 2 | instance_name = "example_instance" 3 | policy_data = "{\"bindings\":[{\"role\":\"roles/compute.osLogin\",\"members\":[\"user:jane@example.com\"]}]}" 4 | project = "test-project" 5 | zone = "example_zone" 6 | } 7 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/empty-0.13.7.tfplan.json: -------------------------------------------------------------------------------- 1 | { 2 | "format_version": "0.1", 3 | "terraform_version": "0.13.7", 4 | "planned_values": { 5 | "root_module": {} 6 | }, 7 | "configuration": { 8 | "root_module": {} 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/project_create.tf: -------------------------------------------------------------------------------- 1 | resource "google_project" "example-project" { 2 | billing_account = "example-account" 3 | folder_id = "456" 4 | 5 | labels = { 6 | project-label-key-a = "project-label-val-a" 7 | } 8 | 9 | name = "My Project" 10 | project_id = "example-project" 11 | } 12 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/project_iam.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/example-project", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "organizations/123/folders/456/project/example-project", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:example-a@google.com", 12 | "user:example-b@google.com" 13 | ] 14 | }, 15 | { 16 | "role": "roles/storage.admin", 17 | "members": [ 18 | "user:example-a@google.com", 19 | "user:example-b@google.com" 20 | ] 21 | }, 22 | { 23 | "role": "roles/owner", 24 | "members": [ 25 | "user:example-a@google.com" 26 | ] 27 | }, 28 | { 29 | "role": "roles/viewer", 30 | "members": [ 31 | "user:example-a@google.com", 32 | "user:example-b@google.com" 33 | ] 34 | } 35 | ] 36 | } 37 | } 38 | ] 39 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/project_iam.tf: -------------------------------------------------------------------------------- 1 | resource "google_project_iam_policy" "example-project_iam_policy" { 2 | policy_data = "{\"bindings\":[{\"role\":\"roles/editor\",\"members\":[\"user:example-a@google.com\",\"user:example-b@google.com\"]},{\"role\":\"roles/storage.admin\",\"members\":[\"user:example-a@google.com\",\"user:example-b@google.com\"]},{\"role\":\"roles/owner\",\"members\":[\"user:example-a@google.com\"]},{\"role\":\"roles/viewer\",\"members\":[\"user:example-a@google.com\",\"user:example-b@google.com\"]}]}" 3 | project = "example-project" 4 | } 5 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/bucket.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//storage.googleapis.com/test-bucket", 4 | "asset_type": "storage.googleapis.com/Bucket", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/storage/v1/rest", 9 | "discovery_name": "Bucket", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "lifecycle": { 13 | "rule": [] 14 | }, 15 | "iamConfiguration": { 16 | "uniformBucketLevelAccess": { 17 | "enabled": false 18 | } 19 | }, 20 | "location": "EU", 21 | "name": "test-bucket", 22 | "project": "{{.Provider.project}}", 23 | "storageClass": "STANDARD", 24 | "website": { 25 | "mainPageSuffix": "index.html", 26 | "notFoundPage": "404.html" 27 | } 28 | } 29 | } 30 | } 31 | ] 32 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/bucket.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_storage_bucket" "my-test-bucket" { 31 | name = "test-bucket" 32 | location = "EU" 33 | 34 | website { 35 | main_page_suffix = "index.html" 36 | not_found_page = "404.html" 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/disk.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/zones/us-central1-a/disks/my-disk", 4 | "asset_type": "compute.googleapis.com/Disk", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "Disk", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "labels": { 13 | "disk-label-key-a": "disk-label-val-a", 14 | "goog-terraform-provisioned": "true" 15 | }, 16 | "name": "my-disk", 17 | "sourceImage": "projects/debian-cloud/global/images/debian-8-jessie-v20170523", 18 | "type": "projects/{{.Provider.project}}/zones/us-central1-a/diskTypes/pd-ssd", 19 | "zone": "projects/{{.Provider.project}}/global/zones/us-central1-a" 20 | } 21 | } 22 | } 23 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/disk.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_disk" "my-disk-resource" { 31 | project = "{{.Provider.project}}" 32 | name = "my-disk" 33 | type = "pd-ssd" 34 | zone = "us-central1-a" 35 | image = "projects/debian-cloud/global/images/debian-8-jessie-v20170523" 36 | labels = { 37 | "disk-label-key-a" = "disk-label-val-a" 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_access_context_manager_access_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//accesscontextmanager.googleapis.com/accessPolicies/placeholder-BpLnfgDs", 4 | "asset_type": "accesscontextmanager.googleapis.com/AccessPolicy", 5 | "ancestry_path": "organizations/{{.OrgID}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/accesscontextmanager/v1/rest", 9 | "discovery_name": "AccessPolicy", 10 | "parent": "//cloudresourcemanager.googleapis.com/organizations/{{.OrgID}}", 11 | "data": { 12 | "parent": "organizations/{{.OrgID}}", 13 | "scopes": [ 14 | "projects/{{.Provider.project}}" 15 | ], 16 | "title": "Scoped Access Policy" 17 | } 18 | } 19 | } 20 | ] 21 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_access_context_manager_access_policy.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_access_context_manager_access_policy" "access-policy" { 31 | parent = "organizations/{{.OrgID}}" 32 | title = "Scoped Access Policy" 33 | scopes = ["projects/{{.Provider.project}}"] 34 | } 35 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_alloydb_instance.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | 15 | resource "google_alloydb_cluster" "default" { 16 | cluster_id = "alloydb-cluster" 17 | location = "us-central1" 18 | network_config { 19 | network = "default" 20 | } 21 | 22 | initial_user { 23 | password = "alloydb-cluster" 24 | } 25 | } 26 | 27 | resource "google_alloydb_instance" "default" { 28 | cluster = google_alloydb_cluster.default.cluster_id 29 | instance_id = "alloydb-instance" 30 | instance_type = "PRIMARY" 31 | 32 | machine_config { 33 | cpu_count = 2 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_apikeys_key.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//apikeys.googleapis.com/v2/projects/{{.Provider.project}}/locations/global/keys/placeholder-JHfWqOQi", 4 | "asset_type": "apikeys.googleapis.com/Key", 5 | "resource": { 6 | "version": "v2", 7 | "discovery_document_uri": "https://apikeys.googleapis.com/$discovery/rest?version=v2", 8 | "discovery_name": "Apikeyskey", 9 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 10 | "data": { 11 | "restrictions": { 12 | "android_key_restrictions": { 13 | "allowed_applications": { 14 | "package_name": "com.example.app123", 15 | "sha1_fingerprint": "1699466a142d4682a5f91b50fdf400f2358e2b0b" 16 | } 17 | }, 18 | "api_targets": { 19 | "methods": [ 20 | "GET" 21 | ], 22 | "service": "translate.googleapis.com" 23 | } 24 | } 25 | } 26 | }, 27 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 28 | "ancestors": ["organizations/{{.OrgID}}"] 29 | } 30 | ] 31 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_apikeys_key.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | 15 | resource "google_apikeys_key" "primary" { 16 | name = "key" 17 | display_name = "sample-key" 18 | project = "{{.Provider.project}}" 19 | 20 | restrictions { 21 | android_key_restrictions { 22 | allowed_applications { 23 | package_name = "com.example.app123" 24 | sha1_fingerprint = "1699466a142d4682a5f91b50fdf400f2358e2b0b" 25 | } 26 | } 27 | 28 | api_targets { 29 | service = "translate.googleapis.com" 30 | methods = ["GET"] 31 | } 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_app_engine_application.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//appengine.googleapis.com/v1/placeholder-GWJVsru5", 4 | "asset_type": "appengine.googleapis.com/Application", 5 | "resource": { 6 | "version": "v1", 7 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/appengine/v1beta/rest", 8 | "discovery_name": "Application", 9 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 10 | "data": { 11 | "location_id": "us-central" 12 | } 13 | }, 14 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 15 | "ancestors": ["organizations/{{.OrgID}}"] 16 | 17 | } 18 | ] 19 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_app_engine_application.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_app_engine_application" "app" { 15 | project = "{{.Provider.project}}" 16 | location_id = "us-central" 17 | } 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_artifact_registry_repository.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//artifactregistry.googleapis.com/projects/{{.Provider.project}}/locations/us-central1/repositories/my-repository", 4 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 5 | "asset_type": "artifactregistry.googleapis.com/Repository", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/artifactregistry/v1/rest", 9 | "discovery_name": "Repository", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "description": "example docker repository", 13 | "format": "DOCKER", 14 | "labels": { 15 | "goog-terraform-provisioned": "true" 16 | }, 17 | "mode": "STANDARD_REPOSITORY" 18 | } 19 | }, 20 | "ancestors": ["organizations/{{.OrgID}}"] 21 | } 22 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_artifact_registry_repository.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_artifact_registry_repository" "my-repo" { 15 | location = "us-central1" 16 | repository_id = "my-repository" 17 | description = "example docker repository" 18 | format = "DOCKER" 19 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_bigquery_dataset.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//bigquery.googleapis.com/projects/{{.Provider.project}}/datasets/test_dataset", 4 | "asset_type": "bigquery.googleapis.com/Dataset", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v2", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/bigquery/v2/rest", 9 | "discovery_name": "Dataset", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "friendlyName": "", 13 | "datasetReference": { 14 | "datasetId": "test_dataset" 15 | }, 16 | "labels": { 17 | "env": "dev", 18 | "goog-terraform-provisioned": "true" 19 | }, 20 | "location": "EU", 21 | "defaultTableExpirationMs": 3.6e+06 22 | } 23 | } 24 | } 25 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_bigquery_dataset.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_bigquery_dataset" "default" { 31 | dataset_id = "test_dataset" 32 | location = "EU" 33 | default_table_expiration_ms = 3600000 34 | 35 | labels = { 36 | env = "dev" 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_bigquery_dataset_iam_binding.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//bigquery.googleapis.com/projects/{{.Provider.project}}/datasets/test_dataset", 4 | "asset_type": "bigquery.googleapis.com/Dataset", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v2", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/bigquery/v2/rest", 9 | "discovery_name": "Dataset", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "datasetReference": { 13 | "datasetId": "test_dataset" 14 | }, 15 | "defaultTableExpirationMs": 3600000, 16 | "labels": { 17 | "env": "dev", 18 | "goog-terraform-provisioned": "true" 19 | }, 20 | "location": "EU", 21 | "friendlyName": "" 22 | } 23 | }, 24 | "iam_policy": { 25 | "bindings": [ 26 | { 27 | "role": "roles/bigquery.dataViewer", 28 | "members": [ 29 | "allUsers", 30 | "allAuthenticatedUsers" 31 | ] 32 | } 33 | ] 34 | } 35 | } 36 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_bigquery_dataset_iam_member.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//bigquery.googleapis.com/projects/{{.Provider.project}}/datasets/test_dataset", 4 | "asset_type": "bigquery.googleapis.com/Dataset", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v2", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/bigquery/v2/rest", 9 | "discovery_name": "Dataset", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "datasetReference": { 13 | "datasetId": "test_dataset" 14 | }, 15 | "defaultTableExpirationMs": 3600000, 16 | "labels": { 17 | "env": "dev", 18 | "goog-terraform-provisioned": "true" 19 | }, 20 | "location": "EU", 21 | "friendlyName": "" 22 | } 23 | }, 24 | "iam_policy": { 25 | "bindings": [ 26 | { 27 | "role": "roles/bigquery.dataEditor", 28 | "members": [ 29 | "allAuthenticatedUsers" 30 | ] 31 | } 32 | ] 33 | } 34 | } 35 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_bigquery_dataset_iam_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//bigquery.googleapis.com/projects/{{.Provider.project}}/datasets/test_dataset", 4 | "asset_type": "bigquery.googleapis.com/Dataset", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v2", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/bigquery/v2/rest", 9 | "discovery_name": "Dataset", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "datasetReference": { 13 | "datasetId": "test_dataset" 14 | }, 15 | "defaultTableExpirationMs": 3600000, 16 | "labels": { 17 | "env": "dev", 18 | "goog-terraform-provisioned": "true" 19 | }, 20 | "location": "EU", 21 | "friendlyName": "" 22 | } 23 | }, 24 | "iam_policy": { 25 | "bindings": [ 26 | { 27 | "role": "roles/editor", 28 | "members": [ 29 | "serviceAccount:998476993360@cloudservices.gserviceaccount.com", 30 | "allAuthenticatedUsers" 31 | ] 32 | } 33 | ] 34 | } 35 | } 36 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_bigquery_dataset_iam_policy_empty_policy_data.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//bigquery.googleapis.com/projects/{{.Provider.project}}/datasets/example_dataset", 4 | "asset_type": "bigquery.googleapis.com/Dataset", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v2", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/bigquery/v2/rest", 9 | "discovery_name": "Dataset", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "datasetReference": { 13 | "datasetId": "example_dataset" 14 | }, 15 | "labels": { 16 | "goog-terraform-provisioned": "true" 17 | }, 18 | "location": "US", 19 | "friendlyName": "" 20 | } 21 | }, 22 | "iam_policy": { 23 | "bindings": null 24 | } 25 | } 26 | ] 27 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_bigquery_table.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//bigquery.googleapis.com/projects/{{.Provider.project}}/datasets/dataset/tables/table", 4 | "asset_type": "bigquery.googleapis.com/Table", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v2", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/bigquery/v2/rest", 9 | "discovery_name": "Table", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "friendlyName": "friendly table", 13 | "tableReference": { 14 | "datasetId": "dataset", 15 | "project": "{{.Provider.project}}", 16 | "tableId": "table" 17 | } 18 | } 19 | } 20 | } 21 | ] 22 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_cloud_run_v2_job.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name":"//run.googleapis.com/projects/{{.Provider.project}}/locations/us-central1/jobs/cloudrun-job", 4 | "asset_type":"run.googleapis.com/Job", 5 | "resource":{ 6 | "version":"v2", 7 | "discovery_document_uri":"https://www.googleapis.com/discovery/v1/apis/run/v2/rest", 8 | "discovery_name":"Job", 9 | "parent":"//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 10 | "data":{ 11 | "labels": { 12 | "goog-terraform-provisioned": "true" 13 | }, 14 | "template":{ 15 | "template":{ 16 | "containers":[ 17 | { 18 | "image":"us-docker.pkg.dev/cloudrun/container/hello" 19 | } 20 | ], 21 | "maxRetries":3 22 | } 23 | } 24 | } 25 | }, 26 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 27 | "ancestors": ["organizations/{{.OrgID}}"] 28 | } 29 | ] 30 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_cloud_run_v2_job.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_cloud_run_v2_job" "default" { 15 | name = "cloudrun-job" 16 | location = "us-central1" 17 | 18 | template { 19 | template { 20 | containers { 21 | image = "us-docker.pkg.dev/cloudrun/container/hello" 22 | } 23 | } 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_cloud_tasks_queue.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name":"//cloudtasks.googleapis.com/projects/{{.Provider.project}}/locations/us-central1/queues/cloud-tasks-queue-test", 4 | "asset_type":"cloudtasks.googleapis.com/Queue", 5 | "resource":{ 6 | "version":"v2", 7 | "discovery_document_uri":"https://www.googleapis.com/discovery/v1/apis/cloudtasks/v2/rest", 8 | "discovery_name":"Queue", 9 | "parent":"//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 10 | "data":{ 11 | "name":"projects/{{.Provider.project}}/locations/us-central1/queues/cloud-tasks-queue-test", 12 | "rateLimits":{ 13 | "maxDispatchesPerSecond":10 14 | } 15 | } 16 | }, 17 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 18 | "ancestors": ["organizations/{{.OrgID}}"] 19 | } 20 | ] 21 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_cloud_tasks_queue.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | 15 | resource "google_cloud_tasks_queue" "default" { 16 | name = "cloud-tasks-queue-test" 17 | location = "us-central1" 18 | rate_limits { 19 | max_dispatches_per_second = 10 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_disk.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/zones/us-central1-a/disks/test-disk", 4 | "asset_type": "compute.googleapis.com/Disk", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "Disk", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "labels": { 13 | "environment": "dev", 14 | "goog-terraform-provisioned": "true" 15 | }, 16 | "name": "test-disk", 17 | "physicalBlockSizeBytes": 4096, 18 | "sourceImage": "projects/debian-cloud/global/images/debian-8-jessie-v20170523", 19 | "type": "projects/{{.Provider.project}}/zones/us-central1-a/diskTypes/pd-ssd", 20 | "zone": "projects/{{.Provider.project}}/global/zones/us-central1-a" 21 | } 22 | } 23 | } 24 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_disk.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_disk" "default" { 31 | name = "test-disk" 32 | type = "pd-ssd" 33 | zone = "us-central1-a" 34 | image = "projects/debian-cloud/global/images/debian-8-jessie-v20170523" 35 | labels = { 36 | environment = "dev" 37 | } 38 | physical_block_size_bytes = 4096 39 | } 40 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_disk_empty_image.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/zones/us-central1-a/disks/test-disk", 4 | "asset_type": "compute.googleapis.com/Disk", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "Disk", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "labels": { 13 | "environment": "dev", 14 | "goog-terraform-provisioned": "true" 15 | }, 16 | "name": "test-disk", 17 | "physicalBlockSizeBytes": 4096, 18 | "type": "projects/{{.Provider.project}}/zones/us-central1-a/diskTypes/pd-ssd", 19 | "zone": "projects/{{.Provider.project}}/global/zones/us-central1-a" 20 | } 21 | } 22 | } 23 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_disk_empty_image.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_disk" "default" { 31 | name = "test-disk" 32 | type = "pd-ssd" 33 | zone = "us-central1-a" 34 | image = "" 35 | labels = { 36 | environment = "dev" 37 | } 38 | physical_block_size_bytes = 4096 39 | } 40 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_forwarding_rule.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/regions/australia-southeast1/forwardingRules/test-forwarding-rule", 4 | "asset_type": "compute.googleapis.com/ForwardingRule", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "ForwardingRule", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "IPProtocol": "TCP", 13 | "allowGlobalAccess": false, 14 | "backendService": "https://compute.googleapis.com/compute/beta/projects/{{.Provider.project}}/regions/australia-southeast1/test-backend-service-id", 15 | "loadBalancingScheme": "INTERNAL_MANAGED", 16 | "name": "test-forwarding-rule", 17 | "portRange": "80", 18 | "region": "projects/{{.Provider.project}}/global/regions/australia-southeast1", 19 | "allowPscGlobalAccess": false, 20 | "noAutomateDnsZone": false 21 | } 22 | } 23 | } 24 | ] 25 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_global_address.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/addresses/global-appserver-ip", 4 | "asset_type": "compute.googleapis.com/GlobalAddress", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "GlobalAddress", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "addressType": "EXTERNAL", 13 | "labels": { 14 | "goog-terraform-provisioned": "true" 15 | }, 16 | "name": "global-appserver-ip" 17 | } 18 | } 19 | } 20 | ] 21 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_global_address.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_global_address" "default" { 31 | name = "global-appserver-ip" 32 | } 33 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_global_forwarding_rule.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/forwardingRules/test-global-rule", 4 | "asset_type": "compute.googleapis.com/GlobalForwardingRule", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "GlobalForwardingRule", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "IPProtocol": "TCP", 13 | "ipVersion": "IPV4", 14 | "loadBalancingScheme": "INTERNAL_SELF_MANAGED", 15 | "name": "test-global-rule", 16 | "portRange": "80", 17 | "target": "target-id", 18 | "noAutomateDnsZone": false 19 | } 20 | } 21 | } 22 | ] 23 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_health_check.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/healthChecks/http-health-check", 4 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 5 | "asset_type": "compute.googleapis.com/HealthCheck", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "HealthCheck", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "checkIntervalSec": 1, 13 | "description": "", 14 | "healthyThreshold": 2, 15 | "httpHealthCheck": { 16 | "port": 80, 17 | "proxyHeader": "NONE", 18 | "requestPath": "/" 19 | }, 20 | "name": "http-health-check", 21 | "timeoutSec": 1, 22 | "type": "HTTP", 23 | "unhealthyThreshold": 2 24 | } 25 | }, 26 | "ancestors": [ 27 | "organizations/{{.OrgID}}" 28 | ] 29 | } 30 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_health_check.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | resource "google_compute_health_check" "http-health-check" { 14 | name = "http-health-check" 15 | 16 | timeout_sec = 1 17 | check_interval_sec = 1 18 | 19 | http_health_check { 20 | port = 80 21 | } 22 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_network.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/networks/test-network", 4 | "asset_type": "compute.googleapis.com/Network", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "Network", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "autoCreateSubnetworks": false, 13 | "name": "test-network", 14 | "networkFirewallPolicyEnforcementOrder": "AFTER_CLASSIC_FIREWALL" 15 | } 16 | } 17 | } 18 | ] 19 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_network.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_network" "default" { 31 | name = "test-network" 32 | auto_create_subnetworks = false 33 | } 34 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_route.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/routes/my-route", 4 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 5 | "asset_type": "compute.googleapis.com/Route", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "Route", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "destRange": "10.1.0.0/16", 13 | "name": "my-route", 14 | "network": "projects/{{.Provider.project}}/global/networks/my-network", 15 | "nextHopIp": "10.0.0.1", 16 | "priority": 1000 17 | } 18 | }, 19 | "ancestors": [ 20 | "organizations/{{.OrgID}}" 21 | ] 22 | } 23 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_route.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_compute_route" "my_route" { 15 | name = "my-route" 16 | dest_range = "10.1.0.0/16" 17 | next_hop_ip = "10.0.0.1" 18 | network = "my-network" 19 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_ssl_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/sslPolicies/custom-ssl-policy", 4 | "asset_type": "compute.googleapis.com/SslPolicy", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "SslPolicy", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "customFeatures": [ 13 | "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 14 | "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" 15 | ], 16 | "minTlsVersion": "TLS_1_2", 17 | "name": "custom-ssl-policy", 18 | "profile": "CUSTOM" 19 | } 20 | } 21 | } 22 | ] 23 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_ssl_policy.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_ssl_policy" "custom-ssl-policy" { 31 | name = "custom-ssl-policy" 32 | min_tls_version = "TLS_1_2" 33 | profile = "CUSTOM" 34 | custom_features = ["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"] 35 | } 36 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_target_https_proxy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/targetHttpsProxies/target-https-proxy", 4 | "asset_type": "compute.googleapis.com/TargetHttpsProxy", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "TargetHttpsProxy", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "name": "target-https-proxy", 13 | "quicOverride": "NONE", 14 | "sslCertificates": [ 15 | "projects/{{.Provider.project}}/global/sslCertificates/ssl-certificate-id" 16 | ], 17 | "serverTlsPolicy": null, 18 | "sslPolicy": "projects/{{.Provider.project}}/global/sslPolicies/ssl-policy-id", 19 | "urlMap": "projects/{{.Provider.project}}/global/urlMaps/url-map-id" 20 | } 21 | } 22 | } 23 | ] 24 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_target_https_proxy.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_target_https_proxy" "target-https-proxy" { 31 | name = "target-https-proxy" 32 | url_map = "url-map-id" 33 | ssl_certificates = ["ssl-certificate-id"] 34 | ssl_policy = "ssl-policy-id" 35 | } 36 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_target_ssl_proxy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/targetSslProxies/target-ssl-proxy", 4 | "asset_type": "compute.googleapis.com/TargetSslProxy", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "TargetSslProxy", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "name": "target-ssl-proxy", 13 | "proxyHeader": "NONE", 14 | "service": "projects/{{.Provider.project}}/global/backendServices/backend_service_id", 15 | "sslCertificates": [ 16 | "projects/{{.Provider.project}}/global/sslCertificates/ssl_certificate_id" 17 | ], 18 | "sslPolicy": "projects/{{.Provider.project}}/global/sslPolicies/ssl-policy-id" 19 | } 20 | } 21 | } 22 | ] 23 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_target_ssl_proxy.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_target_ssl_proxy" "target-ssl-proxy" { 31 | name = "target-ssl-proxy" 32 | backend_service = "backend_service_id" 33 | ssl_certificates = ["ssl_certificate_id"] 34 | ssl_policy = "ssl-policy-id" 35 | } 36 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_url_map.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/urlMaps/urlmap", 4 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 5 | "asset_type": "compute.googleapis.com/UrlMap", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "UrlMap", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "defaultService": "projects/{{.Provider.project}}/global/backendServices/default_service", 13 | "description": "a description", 14 | "name": "urlmap" 15 | } 16 | }, 17 | "ancestors": ["organizations/{{.OrgID}}"] 18 | } 19 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_compute_url_map.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_compute_url_map" "urlmap" { 15 | name = "urlmap" 16 | description = "a description" 17 | 18 | default_service = "default_service" 19 | 20 | } 21 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_filestore_instance.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//file.googleapis.com/projects/{{.Provider.project}}/locations/us-central1-b/instances/test-instance", 4 | "asset_type": "file.googleapis.com/Instance", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1beta1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/file/v1beta1/rest", 9 | "discovery_name": "Instance", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "fileShares": [ 13 | { 14 | "capacityGb": 2660, 15 | "name": "share1" 16 | } 17 | ], 18 | "labels": { 19 | "goog-terraform-provisioned": "true" 20 | }, 21 | "networks": [ 22 | { 23 | "connectMode": "DIRECT_PEERING", 24 | "modes": [ 25 | "MODE_IPV4" 26 | ], 27 | "network": "default" 28 | } 29 | ], 30 | "protocol": "NFS_V3", 31 | "tier": "BASIC_SSD" 32 | } 33 | } 34 | } 35 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_folder_iam_binding.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/{{.FolderID}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Folder", 5 | "ancestry_path": "{{.Ancestry}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_folder_iam_binding.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2022 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_folder_iam_binding" "folder" { 31 | folder = "{{.FolderID}}" 32 | role = "roles/editor" 33 | 34 | members = [ 35 | "user:jane@example.com", 36 | ] 37 | } 38 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_folder_iam_member.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/folders/{{.FolderID}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Folder", 5 | "ancestry_path": "{{.Ancestry}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_folder_iam_member.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2022 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_folder_iam_member" "editor" { 31 | folder = "folders/{{.FolderID}}" 32 | role = "roles/editor" 33 | member = "user:jane@example.com" 34 | } 35 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_folder_iam_member_empty_folder.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/placeholder-c2WD8F2q", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Folder", 5 | "ancestry_path": "organization/unknown", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_folder_iam_member_empty_folder.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2022 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "random_string" "suffix" { 31 | length = 4 32 | upper = false 33 | special = false 34 | } 35 | 36 | resource "google_folder_iam_member" "editor" { 37 | folder = "${random_string.suffix.result}" 38 | role = "roles/editor" 39 | member = "user:jane@example.com" 40 | } 41 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_folder_iam_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/{{.FolderID}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Folder", 5 | "ancestry_path": "{{.Ancestry}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_folder_iam_policy.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2022 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_folder_iam_policy" "folder" { 31 | folder = "{{.FolderID}}" 32 | policy_data = "{\"bindings\":[{\"members\":[\"user:jane@example.com\"],\"role\":\"roles/editor\"}]}" 33 | } 34 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_folder_organization_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/folders/{{.FolderID}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Folder", 5 | "ancestry_path": "{{.Ancestry}}", 6 | "org_policy": [ 7 | { 8 | "constraint": "constraints/compute.disableSerialPortAccess", 9 | "boolean_policy": { 10 | "enforced": true 11 | }, 12 | "update_time": "{{.Time.RFC3339Nano}}" 13 | }, 14 | { 15 | "constraint": "constraints/serviceuser.services", 16 | "list_policy": { 17 | "all_values": 1 18 | }, 19 | "update_time": "{{.Time.RFC3339Nano}}" 20 | }, 21 | { 22 | "constraint": "constraints/serviceuser.services", 23 | "list_policy": { 24 | "denied_values": [ 25 | "cloudresourcemanager.googleapis.com" 26 | ], 27 | "suggested_value": "compute.googleapis.com" 28 | }, 29 | "update_time": "{{.Time.RFC3339Nano}}" 30 | }, 31 | { 32 | "constraint": "constraints/serviceuser.services", 33 | "restore_default": {}, 34 | "update_time": "{{.Time.RFC3339Nano}}" 35 | } 36 | ] 37 | } 38 | ] 39 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_gke_hub_feature.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//gkehub.googleapis.com/projects/{{.Provider.project}}/locations/global/features/multiclusterservicediscovery?return_partial_success=true", 4 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 5 | "asset_type": "gkehub.googleapis.com/Feature", 6 | "resource": { 7 | "version": "v1beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/gkehub/v1beta/rest", 9 | "discovery_name": "Feature", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "fleetDefaultMemberConfig": null, 13 | "labels": { 14 | "foo": "bar", 15 | "goog-terraform-provisioned": "true" 16 | } 17 | } 18 | }, 19 | "ancestors": ["organizations/{{.OrgID}}"] 20 | } 21 | ] 22 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_gke_hub_feature.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_gke_hub_feature" "feature" { 15 | name = "multiclusterservicediscovery" 16 | location = "global" 17 | labels = { 18 | foo = "bar" 19 | } 20 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_app_engine_standard_app_version.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//appengine.googleapis.com/apps/{{.Provider.project}}/services/default/versions/v1", 4 | "asset_type": "appengine.googleapis.com/Version", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/appengine/v1/rest", 9 | "discovery_name": "Version", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "deployment": { 13 | "zip": { 14 | "sourceUrl": "https://storage.googleapis.com/bucket-app-engine/world.zip" 15 | } 16 | }, 17 | "entrypoint": { 18 | "shell": "python3 world.py" 19 | }, 20 | "id": "v1", 21 | "project": "{{.Provider.project}}", 22 | "runtime": "python39", 23 | "service": "default" 24 | } 25 | }, 26 | "ancestors": ["organizations/{{.OrgID}}"] 27 | } 28 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_app_engine_standard_app_version.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_app_engine_standard_app_version" "my_app_v1" { 15 | version_id = "v1" 16 | service = "default" 17 | runtime = "python39" 18 | 19 | entrypoint { 20 | shell = "python3 world.py" 21 | } 22 | 23 | deployment { 24 | zip { 25 | source_url = "https://storage.googleapis.com/bucket-app-engine/world.zip" 26 | } 27 | } 28 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_instance_group.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/zones/us-central1-a/instanceGroups/placeholder-VM3roEyE", 4 | "asset_type": "compute.googleapis.com/InstanceGroup", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/v1/rest", 9 | "discovery_name": "InstanceGroup", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "description": "Terraform test instance group", 13 | "name": "terraform-test", 14 | "zone": "https://www.googleapis.com/compute/v1/projects/{{.Provider.project}}/zones/us-central1-a" 15 | } 16 | }, 17 | "ancestors": [ 18 | "organizations/{{.OrgID}}" 19 | ] 20 | } 21 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_instance_group.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_compute_instance_group" "test" { 15 | name = "terraform-test" 16 | description = "Terraform test instance group" 17 | zone = "us-central1-a" 18 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_node_group.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_compute_node_template" "soletenant-tmpl" { 15 | name = "soletenant-tmpl" 16 | region = "us-central1" 17 | node_type = "n1-node-96-624" 18 | } 19 | 20 | resource "google_compute_node_group" "nodes" { 21 | project = "{{.Provider.project}}" 22 | provider = google-beta 23 | name = "soletenant-group" 24 | zone = "us-central1-f" 25 | description = "example google_compute_node_group for Terraform Google Provider" 26 | maintenance_policy = "RESTART_IN_PLACE" 27 | maintenance_window { 28 | start_time = "08:00" 29 | } 30 | 31 | initial_size = 1 32 | node_template = google_compute_node_template.soletenant-tmpl.id 33 | autoscaling_policy { 34 | mode = "ONLY_SCALE_OUT" 35 | min_nodes = 1 36 | max_nodes = 10 37 | } 38 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_node_template.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/regions/us-central1/nodeTemplates/soletenant-tmpl", 4 | "asset_type": "compute.googleapis.com/NodeTemplate", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "NodeTemplate", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "cpuOvercommitType": "NONE", 13 | "name": "soletenant-tmpl", 14 | "nodeType": "n1-node-96-624", 15 | "region": "projects/{{.Provider.project}}/global/regions/us-central1" 16 | } 17 | }, 18 | "ancestors": [ 19 | "organizations/{{.OrgID}}" 20 | ] 21 | } 22 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_node_template.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_compute_node_template" "template" { 15 | name = "soletenant-tmpl" 16 | region = "us-central1" 17 | node_type = "n1-node-96-624" 18 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_region_commitment.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_compute_region_commitment" "foobar" { 15 | name = "my-full-commitment" 16 | description = "some description" 17 | plan = "THIRTY_SIX_MONTH" 18 | type = "MEMORY_OPTIMIZED" 19 | category = "MACHINE" 20 | auto_renew = true 21 | region = "us-east1" 22 | resources { 23 | type = "VCPU" 24 | amount = "4" 25 | } 26 | resources { 27 | type = "MEMORY" 28 | amount = "9" 29 | } 30 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_resource_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/regions/us-central1/resourcePolicies/gce-policy", 4 | "asset_type": "compute.googleapis.com/ResourcePolicy", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "ResourcePolicy", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "diskConsistencyGroupPolicy": null, 13 | "name": "gce-policy", 14 | "region": "projects/{{.Provider.project}}/global/regions/us-central1", 15 | "snapshotSchedulePolicy": { 16 | "schedule": { 17 | "dailySchedule": { 18 | "daysInCycle": 1, 19 | "startTime": "04:00" 20 | } 21 | } 22 | } 23 | } 24 | }, 25 | "ancestors": [ 26 | "organizations/{{.OrgID}}" 27 | ] 28 | } 29 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_resource_policy.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_resource_policy" "foo" { 31 | name = "gce-policy" 32 | region = "us-central1" 33 | snapshot_schedule_policy { 34 | schedule { 35 | daily_schedule { 36 | days_in_cycle = 1 37 | start_time = "04:00" 38 | } 39 | } 40 | } 41 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_ssl_certificate.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/sslCertificates/prod-webserver-cert", 4 | "asset_type": "compute.googleapis.com/SslCertificate", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "SslCertificate", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS4uLg==", 13 | "name": "prod-webserver-cert", 14 | "privateKey": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVkuLi4=" 15 | } 16 | }, 17 | "ancestors": [ 18 | "organizations/{{.OrgID}}" 19 | ] 20 | } 21 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_ssl_certificate.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_compute_ssl_certificate" "webserver_cert" { 15 | name = "prod-webserver-cert" 16 | private_key = base64encode("-----BEGIN RSA PRIVATE KEY...") 17 | certificate = base64encode("-----BEGIN CERTIFICATE...") 18 | lifecycle { 19 | create_before_destroy = true 20 | } 21 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_target_pool.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/regions/us-central1/targetPools/instance-target-pool", 4 | "asset_type": "compute.googleapis.com/TargetPool", 5 | "resource": { 6 | "version": "v1", 7 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/v1/rest", 8 | "discovery_name": "TargetPool", 9 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 10 | "data": { 11 | "instances": [ 12 | "us-central1-b/myinstance2", 13 | "us-central1-a/myinstance1" 14 | ], 15 | "name": "instance-target-pool", 16 | "region": "us-central1", 17 | "sessionAffinity": "NONE" 18 | } 19 | }, 20 | "ancestors": ["organizations/{{.OrgID}}"], 21 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}" 22 | } 23 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_compute_target_pool.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_compute_target_pool" "default" { 15 | name = "instance-target-pool" 16 | region="us-central1" 17 | instances = [ 18 | "us-central1-a/myinstance1", 19 | "us-central1-b/myinstance2", 20 | ] 21 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_dataflow_job.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//dataflow.googleapis.com/projects/{{.Provider.project}}/locations/placeholder-8lN5DQAu/jobs", 4 | "asset_type": "dataflow.googleapis.com/Job", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1beta3", 8 | "discovery_document_uri": "https://dataflow.googleapis.com/$discovery/rest?version=v1b3", 9 | "discovery_name": "Job", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "name": "my-word-count-job" 13 | } 14 | }, 15 | "ancestors": [ 16 | "organizations/{{.OrgID}}" 17 | ] 18 | } 19 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_dataflow_job.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_dataflow_job" "word_count_job" { 15 | name = "my-word-count-job" 16 | template_gcs_path = "gs://dataflow-templates/latest/Word_Count" 17 | parameters = { 18 | inputFile = "gs://dataflow_job1/data.txt" 19 | output = "gs://dataflow_job1/wordcount_output" 20 | } 21 | temp_gcs_location = "gs://dataflow_job1/tmp" 22 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_dataproc_autoscaling_policy.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_dataproc_cluster" "basic" { 15 | name = "dataproc-policy1" 16 | region = "us-central1" 17 | 18 | cluster_config { 19 | autoscaling_config { 20 | policy_uri = google_dataproc_autoscaling_policy.asp.name 21 | } 22 | } 23 | } 24 | 25 | resource "google_dataproc_autoscaling_policy" "asp" { 26 | policy_id = "dataproc-policy1" 27 | location = "us-central1" 28 | 29 | worker_config { 30 | max_instances = 3 31 | } 32 | 33 | basic_algorithm { 34 | yarn_config { 35 | graceful_decommission_timeout = "30s" 36 | 37 | scale_up_factor = 0.5 38 | scale_down_factor = 0.5 39 | } 40 | } 41 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_datastream_connection_profile.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//datastream.googleapis.com/projects/{{.Provider.project}}/locations/us-central1/connectionProfiles/my-profile", 4 | "asset_type": "datastream.googleapis.com/ConnectionProfile", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/datastream/v1/rest", 9 | "discovery_name": "ConnectionProfile", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "bigqueryProfile": null, 13 | "displayName": "Connection profile", 14 | "labels": { 15 | "goog-terraform-provisioned": "true" 16 | }, 17 | "gcsProfile": { 18 | "bucket": "my-bucket", 19 | "rootPath": "/path" 20 | } 21 | } 22 | }, 23 | "ancestors": [ 24 | "organizations/{{.OrgID}}" 25 | ] 26 | } 27 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_datastream_connection_profile.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_datastream_connection_profile" "default" { 15 | display_name = "Connection profile" 16 | location = "us-central1" 17 | connection_profile_id = "my-profile" 18 | 19 | gcs_profile { 20 | bucket = "my-bucket" 21 | root_path = "/path" 22 | } 23 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_datastream_private_connection.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_datastream_private_connection" "default" { 15 | display_name = "Connection profile" 16 | location = "us-central1" 17 | private_connection_id = "pc-connection" 18 | 19 | labels = { 20 | key = "value" 21 | } 22 | 23 | vpc_peering_config { 24 | vpc = google_compute_network.default.id 25 | subnet = "10.0.0.0/29" 26 | } 27 | } 28 | 29 | resource "google_compute_network" "default" { 30 | name = "pc-network" 31 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_firebase_project.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//firebase.googleapis.com/v1beta1/projects/{{.Provider.project}}", 4 | "asset_type": "firebase.googleapis.com/FirebaseProject", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1beta1", 8 | "discovery_document_uri": "https://firebase.googleapis.com/$discovery/rest?version=v1beta1", 9 | "discovery_name": "FirebaseProject", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "id": "projects/{{.Provider.project}}", 13 | "projectId": "{{.Provider.project}}" 14 | } 15 | }, 16 | "ancestors": [ 17 | "organizations/{{.OrgID}}" 18 | ] 19 | } 20 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_firebase_project.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_firebase_project" "default" { 15 | provider = google-beta 16 | project = "{{.Provider.project}}" 17 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_gke_hub_membership.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_gke_hub_membership" "membership" { 15 | membership_id = "basic" 16 | location = "us-west1" 17 | endpoint { 18 | gke_cluster { 19 | resource_link = "//container.googleapis.com/${google_container_cluster.primary.id}" 20 | } 21 | } 22 | authority { 23 | issuer = "https://container.googleapis.com/v1/${google_container_cluster.primary.id}" 24 | } 25 | 26 | labels = { 27 | env = "test" 28 | } 29 | } 30 | 31 | resource "google_container_cluster" "primary" { 32 | name = "basic-cluster" 33 | location = "us-central1-a" 34 | initial_node_count = 1 35 | deletion_protection = "true" 36 | network = "default" 37 | subnetwork = "default" 38 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_logging_billing_account_bucket_config.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//logging.googleapis.com/projects/{{.Provider.project}}/locations/global/buckets/_Default", 4 | "asset_type": "logging.googleapis.com/LogBucket", 5 | "resource": { 6 | "version": "v2", 7 | "discovery_document_uri": "https://logging.googleapis.com/$discovery/rest?version=v2", 8 | "discovery_name": "LogBucket", 9 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 10 | "data": { 11 | "bucketId": "_Default", 12 | "id": "projects/{{.Provider.project}}/locations/global/buckets/_Default", 13 | "location": "global", 14 | "retentionDays": 30 15 | } 16 | }, 17 | "ancestors": ["organizations/{{.OrgID}}"], 18 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}" 19 | } 20 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_logging_billing_account_bucket_config.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_logging_billing_account_bucket_config" "basic" { 15 | billing_account = "{{.Project.BillingAccountName}}" 16 | location = "global" 17 | retention_days = 30 18 | bucket_id = "_Default" 19 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_logging_folder_bucket_config.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_folder" "default" { 15 | display_name = "some-folder-name" 16 | parent = "organizations/{{.OrgID}}" 17 | deletion_protection = false 18 | } 19 | 20 | resource "google_logging_folder_bucket_config" "basic" { 21 | folder = google_folder.default.name 22 | location = "global" 23 | retention_days = 30 24 | bucket_id = "_Default" 25 | 26 | index_configs { 27 | field_path = "jsonPayload.request.status" 28 | type = "INDEX_TYPE_STRING" 29 | } 30 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_logging_organization_bucket_config.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//logging.googleapis.com/projects/{{.Provider.project}}/locations/global/buckets/_Default", 4 | "asset_type": "logging.googleapis.com/LogBucket", 5 | "resource": { 6 | "version": "v2", 7 | "discovery_document_uri": "https://logging.googleapis.com/$discovery/rest?version=v2", 8 | "discovery_name": "LogBucket", 9 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 10 | "data": { 11 | "bucketId": "_Default", 12 | "id": "organizations/{{.OrgID}}/locations/global/buckets/_Default", 13 | "indexConfigs": [ 14 | { 15 | "fieldPath": "jsonPayload.request.status", 16 | "type": "INDEX_TYPE_STRING" 17 | } 18 | ], 19 | "location": "global", 20 | "retentionDays": 30 21 | } 22 | }, 23 | "ancestors": ["organizations/{{.OrgID}}"], 24 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}" 25 | } 26 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_logging_organization_bucket_config.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_logging_organization_bucket_config" "basic" { 15 | organization = "12345" 16 | location = "global" 17 | retention_days = 30 18 | bucket_id = "_Default" 19 | 20 | index_configs { 21 | field_path = "jsonPayload.request.status" 22 | type = "INDEX_TYPE_STRING" 23 | } 24 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_logging_project_bucket_config.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//logging.googleapis.com/projects/{{.Provider.project}}/locations/global/buckets/_Default", 4 | "asset_type": "logging.googleapis.com/LogBucket", 5 | "resource": { 6 | "version": "v2", 7 | "discovery_document_uri": "https://logging.googleapis.com/$discovery/rest?version=v2", 8 | "discovery_name": "LogBucket", 9 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 10 | "data": { 11 | "bucketId": "_Default", 12 | "id": "projects/{{.Provider.project}}/locations/global/buckets/_Default", 13 | "location": "global", 14 | "retentionDays": 30 15 | } 16 | }, 17 | "ancestors": ["organizations/{{.OrgID}}"], 18 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}" 19 | } 20 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_logging_project_bucket_config.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_logging_project_bucket_config" "basic" { 15 | project = "{{.Provider.project}}" 16 | location = "global" 17 | retention_days = 30 18 | bucket_id = "_Default" 19 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_sql_database.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//sqladmin.googleapis.com/projects/{{.Provider.project}}/instances/my-database-instance/databases/my-database", 4 | "asset_type": "sqladmin.googleapis.com/Database", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1beta4", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/sqladmin/v1beta4/rest", 9 | "discovery_name": "Database", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "instance": "my-database-instance", 13 | "name": "my-database" 14 | } 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_google_sql_database.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2022 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_sql_database" "database" { 31 | name = "my-database" 32 | instance = "my-database-instance" 33 | } 34 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_crypto_key.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudkms.googleapis.com/key-ring-test/cryptoKeys/crypto-key-example", 4 | "asset_type": "cloudkms.googleapis.com/CryptoKey", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/cloudkms/v1/rest", 9 | "discovery_name": "CryptoKey", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "labels": { 13 | "goog-terraform-provisioned": "true" 14 | }, 15 | "purpose": "ENCRYPT_DECRYPT" 16 | } 17 | } 18 | } 19 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_crypto_key.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_kms_crypto_key" "test" { 31 | name = "crypto-key-example" 32 | key_ring = "key-ring-test" 33 | skip_initial_version_creation = true 34 | 35 | lifecycle { 36 | prevent_destroy = true 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_crypto_key_iam_binding.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudkms.googleapis.com/projects/{{.Provider.project}}/locations/global/keyRings/keyring-example/cryptoKeys/crypto-key-example", 4 | "asset_type": "cloudkms.googleapis.com/CryptoKey", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/cloudkms/v1/rest", 9 | "discovery_name": "CryptoKey", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "labels": { 13 | "goog-terraform-provisioned": "true" 14 | }, 15 | "purpose": "ENCRYPT_DECRYPT" 16 | } 17 | }, 18 | "iam_policy": { 19 | "bindings": [ 20 | { 21 | "role": "roles/cloudkms.admin", 22 | "members": [ 23 | "allUsers", 24 | "allAuthenticatedUsers" 25 | ] 26 | } 27 | ] 28 | } 29 | } 30 | ] 31 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_crypto_key_iam_member.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudkms.googleapis.com/projects/{{.Provider.project}}/locations/global/keyRings/keyring-example/cryptoKeys/crypto-key-example", 4 | "asset_type": "cloudkms.googleapis.com/CryptoKey", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/cloudkms/v1/rest", 9 | "discovery_name": "CryptoKey", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "labels": { 13 | "goog-terraform-provisioned": "true" 14 | }, 15 | "purpose": "ENCRYPT_DECRYPT" 16 | } 17 | }, 18 | "iam_policy": { 19 | "bindings": [ 20 | { 21 | "role": "roles/cloudkms.admin", 22 | "members": [ 23 | "allAuthenticatedUsers" 24 | ] 25 | } 26 | ] 27 | } 28 | } 29 | ] 30 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_crypto_key_iam_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudkms.googleapis.com/projects/{{.Provider.project}}/locations/global/keyRings/keyring-example/cryptoKeys/crypto-key-example", 4 | "asset_type": "cloudkms.googleapis.com/CryptoKey", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/cloudkms/v1/rest", 9 | "discovery_name": "CryptoKey", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "labels": { 13 | "goog-terraform-provisioned": "true" 14 | }, 15 | "purpose": "ENCRYPT_DECRYPT" 16 | } 17 | }, 18 | "iam_policy": { 19 | "bindings": [ 20 | { 21 | "role": "roles/cloudkms.admin", 22 | "members": [ 23 | "allAuthenticatedUsers", 24 | "serviceAccount:998476993360@cloudservices.gserviceaccount.com" 25 | ] 26 | } 27 | ] 28 | } 29 | } 30 | ] 31 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_import_job.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudkms.googleapis.com/placeholder-CTVJTU1w", 4 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 5 | "asset_type": "cloudkms.googleapis.com/KeyRingImportJob", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/cloudkms/v1/rest", 9 | "discovery_name": "KeyRingImportJob", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "importMethod": "RSA_OAEP_3072_SHA1_AES_256", 13 | "protectionLevel": "SOFTWARE" 14 | } 15 | }, 16 | "ancestors": ["organizations/{{.OrgID}}"] 17 | } 18 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_import_job.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | 15 | resource "google_kms_key_ring_import_job" "import-job" { 16 | key_ring = "keyring-id-example" 17 | import_job_id = "my-import-job" 18 | 19 | import_method = "RSA_OAEP_3072_SHA1_AES_256" 20 | protection_level = "SOFTWARE" 21 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_key_ring.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudkms.googleapis.com/projects/{{.Provider.project}}/locations/global/keyRings/keyring-example", 4 | "asset_type": "cloudkms.googleapis.com/KeyRing", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/cloudkms/v1/rest", 9 | "discovery_name": "KeyRing", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": null 12 | } 13 | } 14 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_key_ring.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_kms_key_ring" "test" { 31 | name = "keyring-example" 32 | location = "global" 33 | } 34 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_key_ring_iam_binding.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudkms.googleapis.com/projects/{{.Provider.project}}/locations/global/keyRings/keyring-example", 4 | "asset_type": "cloudkms.googleapis.com/KeyRing", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/cloudkms.cryptoKeyEncrypter", 10 | "members": [ 11 | "allUsers", 12 | "allAuthenticatedUsers" 13 | ] 14 | } 15 | ] 16 | } 17 | } 18 | ] 19 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_key_ring_iam_binding.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_kms_key_ring_iam_binding" "key_ring" { 31 | key_ring_id = "{{.Provider.project}}/global/keyring-example" 32 | role = "roles/cloudkms.cryptoKeyEncrypter" 33 | members = [ 34 | "allUsers", "allAuthenticatedUsers" 35 | ] 36 | } 37 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_key_ring_iam_member.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudkms.googleapis.com/projects/{{.Provider.project}}/locations/global/keyRings/keyring-example", 4 | "asset_type": "cloudkms.googleapis.com/KeyRing", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/cloudkms.admin", 10 | "members": [ 11 | "allAuthenticatedUsers" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_key_ring_iam_member.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_kms_key_ring_iam_member" "key_ring" { 31 | key_ring_id = "{{.Provider.project}}/global/keyring-example" 32 | role = "roles/cloudkms.admin" 33 | member = "allAuthenticatedUsers" 34 | } 35 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_kms_key_ring_iam_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudkms.googleapis.com/projects/{{.Provider.project}}/locations/global/keyRings/keyring-example", 4 | "asset_type": "cloudkms.googleapis.com/KeyRing", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/cloudkms.admin", 10 | "members": [ 11 | "allAuthenticatedUsers", 12 | "serviceAccount:998476993360@cloudservices.gserviceaccount.com" 13 | ] 14 | } 15 | ] 16 | } 17 | } 18 | ] 19 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_monitoring_notification_channel.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//monitoring.googleapis.com/placeholder-foobar", 4 | "asset_type": "monitoring.googleapis.com/NotificationChannel", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v3", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/monitoring/v3/rest", 9 | "discovery_name": "NotificationChannel", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "displayName": "monitoring notification channel", 13 | "enabled": true, 14 | "labels": { 15 | "email_address": "foo@bar.com" 16 | }, 17 | "type": "email" 18 | } 19 | } 20 | } 21 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_monitoring_notification_channel.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials}}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_monitoring_notification_channel" "monitoring_notification_channel" { 31 | project = "{{.Provider.project}}" 32 | display_name = "monitoring notification channel" 33 | type = "email" 34 | labels = { 35 | email_address = "foo@bar.com" 36 | } 37 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_org_policy_custom_constraint.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//orgpolicy.googleapis.com/organizations/12345/customConstraints/custom.disableGkeAutoUpgrade", 4 | "asset_type": "orgpolicy.googleapis.com/CustomConstraint", 5 | "ancestry_path": "organizations/12345", 6 | "resource": { 7 | "version": "v2", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/orgpolicy/v2/rest", 9 | "discovery_name": "CustomConstraint", 10 | "parent": "//cloudresourcemanager.googleapis.com/organizations/12345", 11 | "data": { 12 | "name": "organizations/12345/customConstraints/custom.disableGkeAutoUpgrade", 13 | "actionType": "ALLOW", 14 | "condition": "resource.management.autoUpgrade == false", 15 | "methodTypes": ["CREATE", "UPDATE"], 16 | "resourceTypes": ["container.googleapis.com/NodePool"] 17 | } 18 | } 19 | } 20 | ] 21 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_organization_iam_binding.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/organizations/123456789", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Organization", 5 | "ancestry_path": "organization/123456789", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/browser", 10 | "members": [ 11 | "user:alice@gmail.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_organization_iam_binding.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_organization_iam_binding" "binding" { 31 | org_id = "123456789" 32 | role = "roles/browser" 33 | 34 | members = [ 35 | "user:alice@gmail.com", 36 | ] 37 | } 38 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_organization_iam_custom_role.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//iam.googleapis.com/organizations/{{.OrgID}}/roles/myCustomRole", 4 | "asset_type": "iam.googleapis.com/Role", 5 | "ancestry_path": "organization/{{.OrgID}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://iam.googleapis.com/$discovery/rest?version=v1", 9 | "discovery_name": "Role", 10 | "parent": "//cloudresourcemanager.googleapis.com/organizations/{{.OrgID}}", 11 | "data": { 12 | "description": "A description", 13 | "includedPermissions": [ 14 | "iam.roles.delete", 15 | "iam.roles.list", 16 | "iam.roles.create" 17 | ], 18 | "stage": "GA", 19 | "title": "My Custom Role" 20 | } 21 | } 22 | } 23 | ] 24 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_organization_iam_custom_role.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials}}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_organization_iam_custom_role" "my-custom-role" { 31 | org_id = "{{.OrgID}}" 32 | role_id = "myCustomRole" 33 | title = "My Custom Role" 34 | description = "A description" 35 | permissions = ["iam.roles.list", "iam.roles.create", "iam.roles.delete"] 36 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_organization_iam_member.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/organizations/0123456789", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Organization", 5 | "ancestry_path": "organization/0123456789", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:alice@gmail.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_organization_iam_member.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_organization_iam_member" "binding" { 31 | org_id = "0123456789" 32 | role = "roles/editor" 33 | member = "user:alice@gmail.com" 34 | } 35 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_organization_iam_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/organizations/123456789", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Organization", 5 | "ancestry_path": "organization/123456789", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_organization_iam_policy.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_organization_iam_policy" "policy" { 31 | org_id = "123456789" 32 | policy_data = "{\"bindings\":[{\"members\":[\"user:jane@example.com\"],\"role\":\"roles/editor\"}]}" 33 | } 34 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_organization_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/organizations/{{.OrgID}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Organization", 5 | "ancestry_path": "organization/{{.OrgID}}", 6 | "org_policy": [ 7 | { 8 | "constraint": "constraints/compute.disableSerialPortAccess", 9 | "boolean_policy": { 10 | "enforced": true 11 | }, 12 | "update_time": "{{.Time.RFC3339Nano}}" 13 | }, 14 | { 15 | "constraint": "constraints/serviceuser.services", 16 | "list_policy": { 17 | "all_values": 1 18 | }, 19 | "update_time": "{{.Time.RFC3339Nano}}" 20 | }, 21 | { 22 | "constraint": "constraints/serviceuser.services", 23 | "list_policy": { 24 | "denied_values": [ 25 | "cloudresourcemanager.googleapis.com" 26 | ], 27 | "suggested_value": "compute.googleapis.com" 28 | }, 29 | "update_time": "{{.Time.RFC3339Nano}}" 30 | }, 31 | { 32 | "constraint": "constraints/serviceuser.services", 33 | "restore_default": {}, 34 | "update_time": "{{.Time.RFC3339Nano}}" 35 | } 36 | ] 37 | } 38 | ] 39 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:example-a@google.com", 12 | "user:example-b@google.com" 13 | ] 14 | }, 15 | { 16 | "role": "roles/storage.admin", 17 | "members": [ 18 | "user:example-a@google.com", 19 | "user:example-b@google.com" 20 | ] 21 | }, 22 | { 23 | "role": "roles/owner", 24 | "members": [ 25 | "user:example-a@google.com" 26 | ] 27 | }, 28 | { 29 | "role": "roles/viewer", 30 | "members": [ 31 | "user:example-a@google.com", 32 | "user:example-b@google.com" 33 | ] 34 | } 35 | ] 36 | } 37 | } 38 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_binding.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_binding.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | 31 | resource "google_project_iam_binding" "project" { 32 | project = "{{.Provider.project}}" 33 | role = "roles/editor" 34 | 35 | members = [ 36 | "user:jane@example.com", 37 | ] 38 | } 39 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_custom_role.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//iam.googleapis.com/projects/{{.Provider.project}}/roles/myCustomRole", 4 | "asset_type": "iam.googleapis.com/Role", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://iam.googleapis.com/$discovery/rest?version=v1", 9 | "discovery_name": "Role", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "description": "A description", 13 | "includedPermissions": [ 14 | "iam.roles.delete", 15 | "iam.roles.list", 16 | "iam.roles.create" 17 | ], 18 | "stage": "GA", 19 | "title": "My Custom Role" 20 | } 21 | } 22 | } 23 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_custom_role.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials}}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_project_iam_custom_role" "my-custom-role" { 31 | project = "{{.Provider.project}}" 32 | role_id = "myCustomRole" 33 | title = "My Custom Role" 34 | description = "A description" 35 | permissions = ["iam.roles.list", "iam.roles.create", "iam.roles.delete"] 36 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_member.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_member.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | 31 | resource "google_project_iam_member" "project" { 32 | project = "{{.Provider.project}}" 33 | role = "roles/editor" 34 | member = "user:jane@example.com" 35 | } 36 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_member_empty_project.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/owner", 10 | "members": [ 11 | "user:test-valid@domain.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_member_empty_project_without_default_project.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/placeholder-project", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "organizations/unknown", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/owner", 10 | "members": [ 11 | "user:test-valid@domain.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/editor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_iam_policy.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_project_iam_policy" "project" { 31 | project = "{{.Provider.project}}" 32 | policy_data = "{\"bindings\":[{\"members\":[\"user:jane@example.com\"],\"role\":\"roles/editor\"}]}" 33 | } 34 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_in_folder.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/foobat", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "{{.Ancestry}}/project/foobat", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/v1/rest", 9 | "discovery_name": "Project", 10 | "parent": "//cloudresourcemanager.googleapis.com/folders/{{.FolderID}}", 11 | "data": { 12 | "name": "My Project", 13 | "projectId": "foobat", 14 | "parent": { 15 | "type": "folder", 16 | "id": "{{.FolderID}}" 17 | } 18 | } 19 | } 20 | } 21 | ] 22 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_in_folder.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_project" "my_project" { 31 | name = "My Project" 32 | project_id = "foobat" 33 | folder_id = "folders/{{.FolderID}}" 34 | deletion_policy = "DELETE" 35 | } 36 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_in_org.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/foobat", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "ancestry_path": "organization/{{.OrgID}}/project/foobat", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/v1/rest", 9 | "discovery_name": "Project", 10 | "parent": "//cloudresourcemanager.googleapis.com/organizations/{{.OrgID}}", 11 | "data": { 12 | "name": "My Project", 13 | "projectId": "foobat", 14 | "parent": { 15 | "type": "organization", 16 | "id": "{{.OrgID}}" 17 | } 18 | } 19 | } 20 | } 21 | ] 22 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_in_org.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_project" "my_project" { 31 | name = "My Project" 32 | project_id = "foobat" 33 | org_id = "{{.OrgID}}" 34 | deletion_policy = "DELETE" 35 | } 36 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_organization_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 4 | "asset_type": "cloudresourcemanager.googleapis.com/Project", 5 | "org_policy": [ 6 | { 7 | "constraint": "constraints/compute.disableSerialPortAccess", 8 | "boolean_policy": { 9 | "enforced": true 10 | }, 11 | "update_time": "{{.Time.RFC3339Nano}}" 12 | }, 13 | { 14 | "constraint": "constraints/iam.disableServiceAccountCreation", 15 | "restore_default": {}, 16 | "update_time": "{{.Time.RFC3339Nano}}" 17 | }, 18 | { 19 | "constraint": "constraints/serviceuser.services", 20 | "list_policy": { 21 | "all_values": 1 22 | }, 23 | "update_time": "{{.Time.RFC3339Nano}}" 24 | } 25 | ], 26 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}" 27 | } 28 | ] 29 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_service.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//serviceusage.googleapis.com/projects/{{.Provider.project}}/services/iam.googleapis.com", 4 | "asset_type": "serviceusage.googleapis.com/Service", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "data": { 8 | "name": "iam.googleapis.com", 9 | "parent": "projects/{{.Provider.project}}", 10 | "state": "ENABLED" 11 | }, 12 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/serviceusage/v1/rest", 13 | "discovery_name": "Service", 14 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 15 | "version": "v1" 16 | } 17 | } 18 | ] 19 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_service.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | 29 | project = "{{.Provider.project}}" 30 | } 31 | 32 | resource "google_project_service" "project" { 33 | project = "{{.Provider.project}}" 34 | service = "iam.googleapis.com" 35 | 36 | disable_dependent_services = true 37 | } 38 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_project_update.tfstate: -------------------------------------------------------------------------------- 1 | { 2 | "version": 4, 3 | "terraform_version": "1.2.5", 4 | "serial": 3, 5 | "lineage": "b430721c-2a1f-e6b3-157b-733a455c961d", 6 | "outputs": {}, 7 | "resources": [ 8 | { 9 | "mode": "managed", 10 | "type": "google_project", 11 | "name": "my_project", 12 | "provider": "provider[\"registry.terraform.io/hashicorp/google-beta\"]", 13 | "instances": [ 14 | { 15 | "schema_version": 1, 16 | "attributes": { 17 | "auto_create_network": true, 18 | "billing_account": "{{.Project.BillingAccountName}}", 19 | "folder_id": "", 20 | "id": "projects/{{.Provider.project}}", 21 | "labels": { 22 | "goog-terraform-provisioned": "true", 23 | "project-label-key-a": "project-label-val-a" 24 | }, 25 | "name": "My Project", 26 | "number": "{{.Project.Number}}", 27 | "org_id": "12345", 28 | "project_id": "{{.Provider.project}}", 29 | "skip_delete": null, 30 | "timeouts": null 31 | }, 32 | "sensitive_attributes": [] 33 | } 34 | ] 35 | } 36 | ] 37 | } -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_pubsub_lite_reservation.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//pubsublite.googleapis.com/projects/{{.Provider.project}}/locations/us-central1/reservations/example-reservation", 4 | "asset_type": "pubsublite.googleapis.com/Reservation", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "admin", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/pubsublite/admin/rest", 9 | "discovery_name": "Reservation", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "throughputCapacity": 2 13 | } 14 | } 15 | } 16 | ] 17 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_pubsub_lite_reservation.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_pubsub_lite_reservation" "example" { 31 | name = "example-reservation" 32 | region = "us-central1" 33 | throughput_capacity = 2 34 | } 35 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_pubsub_lite_subscription.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//pubsublite.googleapis.com/projects/{{.Provider.project}}/locations/us-central1-a/subscriptions/example-subscription", 4 | "asset_type": "pubsublite.googleapis.com/Subscription", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "admin", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/pubsublite/admin/rest", 9 | "discovery_name": "Subscription", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "deliveryConfig": { 13 | "deliveryRequirement": "DELIVER_AFTER_STORED" 14 | }, 15 | "topic": "projects/{{.Provider.project}}/locations/us-central1-a/topics/my-topic" 16 | } 17 | } 18 | } 19 | ] 20 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_pubsub_lite_subscription.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2021 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_pubsub_lite_subscription" "example" { 31 | name = "example-subscription" 32 | topic = "my-topic" 33 | zone = "us-central1-a" 34 | delivery_config { 35 | delivery_requirement = "DELIVER_AFTER_STORED" 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_pubsub_lite_topic.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//pubsublite.googleapis.com/projects/{{.Provider.project}}/locations/us-central1-a/topics/example-topic", 4 | "asset_type": "pubsublite.googleapis.com/Topic", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "admin", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/pubsublite/admin/rest", 9 | "discovery_name": "Topic", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "partitionConfig": { 13 | "capacity": { 14 | "publishMibPerSec": 4, 15 | "subscribeMibPerSec": 8 16 | }, 17 | "count": 1 18 | }, 19 | "reservationConfig": { 20 | "throughputReservation": "projects/{{.Provider.project}}/locations/us-central1/reservations/example-reservation" 21 | }, 22 | "retentionConfig": { 23 | "perPartitionBytes": "32212254720" 24 | } 25 | } 26 | } 27 | } 28 | ] 29 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_pubsub_schema.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//pubsub.googleapis.com/projects/{{.Provider.project}}/schemas/example", 4 | "asset_type": "pubsub.googleapis.com/Schema", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/pubsub/v1/rest", 9 | "discovery_name": "Schema", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "definition": "{\n \"type\" : \"record\",\n \"name\" : \"Avro\",\n \"fields\" : [\n {\n \"name\" : \"StringField\",\n \"type\" : \"string\"\n },\n {\n \"name\" : \"IntField\",\n \"type\" : \"int\"\n }\n ]\n}\n", 13 | "name": "example", 14 | "type": "AVRO" 15 | } 16 | } 17 | } 18 | ] 19 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_pubsub_topic.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//pubsub.googleapis.com/projects/{{.Provider.project}}/topics/test", 4 | "asset_type": "pubsub.googleapis.com/Topic", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/pubsub/v1/rest", 9 | "discovery_name": "Topic", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "kmsKeyName": "projects/{{.Provider.project}}/locations/australia-southeast1/keyRings/default_kms_keyring_name/cryptoKeys/default_kms_key_name", 13 | "labels": { 14 | "goog-terraform-provisioned": "true", 15 | "test-key": "test-value" 16 | }, 17 | "messageStoragePolicy": { 18 | "allowedPersistenceRegions": [ 19 | "australia-southeast1" 20 | ] 21 | } 22 | } 23 | } 24 | } 25 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_secret_manager_secret_iam_binding.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//secretmanager.googleapis.com/projects/{{.Provider.project}}/secrets/secret", 4 | "asset_type": "secretmanager.googleapis.com/Secret", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/secretmanager.secretAccessor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_secret_manager_secret_iam_member.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//secretmanager.googleapis.com/projects/{{.Provider.project}}/secrets/secret", 4 | "asset_type": "secretmanager.googleapis.com/Secret", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/secretmanager.secretAccessor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | } 17 | ] 18 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_secret_manager_secret_iam_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//secretmanager.googleapis.com/projects/{{.Provider.project}}/secrets/secret", 4 | "asset_type": "secretmanager.googleapis.com/Secret", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "iam_policy": { 7 | "bindings": [ 8 | { 9 | "role": "roles/secretmanager.secretAccessor", 10 | "members": [ 11 | "user:jane@example.com" 12 | ] 13 | } 14 | ] 15 | } 16 | }, 17 | { 18 | "name": "//secretmanager.googleapis.com/placeholder-rywlkkLJ", 19 | "asset_type": "secretmanager.googleapis.com/SecretVersion", 20 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 21 | "resource": { 22 | "version": "v1", 23 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/secretmanager/v1/rest", 24 | "discovery_name": "SecretVersion", 25 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 26 | "data": { 27 | "payload": { 28 | "data": "c2VjcmV0LWRhdGE=" 29 | } 30 | } 31 | }, 32 | "ancestors": [ 33 | "organizations/{{.OrgID}}" 34 | ] 35 | } 36 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_service_account.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//iam.googleapis.com/projects/{{.Provider.project}}/serviceAccounts/placeholder-unique-id", 4 | "asset_type": "iam.googleapis.com/ServiceAccount", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://iam.googleapis.com/$discovery/rest", 9 | "discovery_name": "ServiceAccount", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "displayName": "Service Account", 13 | "email": "service-account-id@{{.Provider.project}}.iam.gserviceaccount.com", 14 | "description": "Service Account Description", 15 | "projectId": "{{.Provider.project}}" 16 | } 17 | } 18 | } 19 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_service_account.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2023 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_service_account" "service_account" { 31 | account_id = "service-account-id" 32 | display_name = "Service Account" 33 | description = "Service Account Description" 34 | disabled = false 35 | } 36 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_service_account_key.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | resource "google_service_account" "myaccount" { 15 | account_id = "myaccount" 16 | display_name = "My Service Account" 17 | } 18 | 19 | resource "google_service_account_key" "mykey" { 20 | service_account_id = google_service_account.myaccount.name 21 | public_key_type = "TYPE_X509_PEM_FILE" 22 | } 23 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_service_account_update.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//iam.googleapis.com/projects/{{.Provider.project}}/serviceAccounts/108592438577779299646", 4 | "asset_type": "iam.googleapis.com/ServiceAccount", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://iam.googleapis.com/$discovery/rest", 9 | "discovery_name": "ServiceAccount", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "displayName": "Service Account", 13 | "email": "service-account-id@{{.Provider.project}}.iam.gserviceaccount.com", 14 | "description": "Service Account Description", 15 | "name": "projects/{{.Provider.project}}/serviceAccounts/service-account-id@{{.Provider.project}}.iam.gserviceaccount.com", 16 | "projectId": "{{.Provider.project}}", 17 | "uniqueId": "108592438577779299646" 18 | } 19 | } 20 | } 21 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_service_account_update.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2023 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_service_account" "service_account" { 31 | account_id = "service-account-id" 32 | display_name = "Service Account" 33 | description = "Service Account Description" 34 | disabled = false 35 | } 36 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_spanner_instance_iam_binding.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//spanner.googleapis.com/projects/{{.Provider.project}}/instances/spanner-instance", 4 | "asset_type": "spanner.googleapis.com/Instance", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/spanner/v1/rest", 9 | "discovery_name": "Instance", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "instance": { 13 | "config": "projects/{{.Provider.project}}/instanceConfigs/regional-us-central1", 14 | "displayName": "spanner-instance", 15 | "labels": { 16 | "goog-terraform-provisioned": "true" 17 | }, 18 | "nodeCount": 1 19 | }, 20 | "instanceId": "spanner-instance" 21 | } 22 | }, 23 | "iam_policy": { 24 | "bindings": [ 25 | { 26 | "role": "roles/compute.networkUser", 27 | "members": [ 28 | "user:jane@example.com" 29 | ] 30 | } 31 | ] 32 | } 33 | } 34 | ] 35 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_spanner_instance_iam_member.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//spanner.googleapis.com/projects/{{.Provider.project}}/instances/spanner-instance", 4 | "asset_type": "spanner.googleapis.com/Instance", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/spanner/v1/rest", 9 | "discovery_name": "Instance", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "instance": { 13 | "config": "projects/{{.Provider.project}}/instanceConfigs/regional-us-central1", 14 | "displayName": "spanner-instance", 15 | "labels": { 16 | "goog-terraform-provisioned": "true" 17 | }, 18 | "nodeCount": 1 19 | }, 20 | "instanceId": "spanner-instance" 21 | } 22 | }, 23 | "iam_policy": { 24 | "bindings": [ 25 | { 26 | "role": "roles/compute.networkUser", 27 | "members": [ 28 | "user:jane@example.com" 29 | ] 30 | } 31 | ] 32 | } 33 | } 34 | ] 35 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_spanner_instance_iam_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//spanner.googleapis.com/projects/{{.Provider.project}}/instances/spanner-instance", 4 | "asset_type": "spanner.googleapis.com/Instance", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/spanner/v1/rest", 9 | "discovery_name": "Instance", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "instance": { 13 | "config": "projects/{{.Provider.project}}/instanceConfigs/regional-us-central1", 14 | "displayName": "spanner-instance", 15 | "labels": { 16 | "goog-terraform-provisioned": "true" 17 | }, 18 | "nodeCount": 1 19 | }, 20 | "instanceId": "spanner-instance" 21 | } 22 | }, 23 | "iam_policy": { 24 | "bindings": [ 25 | { 26 | "role": "roles/editor", 27 | "members": [ 28 | "user:jane@example.com" 29 | ] 30 | } 31 | ] 32 | } 33 | } 34 | ] 35 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_sql_database_instance.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudsql.googleapis.com/projects/{{.Provider.project}}/instances/main-instance", 4 | "asset_type": "sqladmin.googleapis.com/Instance", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1beta4", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/sqladmin/v1beta4/rest", 9 | "discovery_name": "DatabaseInstance", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "databaseVersion": "POSTGRES_9_6", 13 | "name": "main-instance", 14 | "project": "{{.Provider.project}}", 15 | "region": "us-central1", 16 | "settings": { 17 | "activationPolicy": "ALWAYS", 18 | "availabilityType": "ZONAL", 19 | "pricingPlan": "PER_USE", 20 | "storageAutoResize": true, 21 | "tier": "db-f1-micro" 22 | } 23 | } 24 | } 25 | } 26 | ] 27 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_storage_bucket.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_storage_bucket" "image-store" { 31 | name = "new-bucket-test-tf" 32 | location = "EU" 33 | 34 | public_access_prevention = "enforced" 35 | 36 | website { 37 | main_page_suffix = "index.html" 38 | not_found_page = "404.html" 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_storage_bucket_empty_project_id.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//storage.googleapis.com/image-store-bucket", 4 | "asset_type": "storage.googleapis.com/Bucket", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/storage/v1/rest", 9 | "discovery_name": "Bucket", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "iamConfiguration": { 13 | "uniformBucketLevelAccess": { 14 | "enabled": false 15 | } 16 | }, 17 | "lifecycle": { 18 | "rule": [] 19 | }, 20 | "location": "EU", 21 | "name": "image-store-bucket", 22 | "project": "{{.Provider.project}}", 23 | "storageClass": "STANDARD", 24 | "website": { 25 | "mainPageSuffix": "index.html", 26 | "notFoundPage": "404.html" 27 | } 28 | } 29 | } 30 | } 31 | ] 32 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_storage_bucket_empty_project_id_without_default_project.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//storage.googleapis.com/image-store-bucket", 4 | "asset_type": "storage.googleapis.com/Bucket", 5 | "ancestry_path": "organizations/unknown", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/storage/v1/rest", 9 | "discovery_name": "Bucket", 10 | "parent": "//cloudresourcemanager.googleapis.com/organizations/unknown", 11 | "data": { 12 | "iamConfiguration": { 13 | "uniformBucketLevelAccess": { 14 | "enabled": false 15 | } 16 | }, 17 | "lifecycle": { 18 | "rule": [] 19 | }, 20 | "location": "EU", 21 | "name": "image-store-bucket", 22 | "project": "", 23 | "storageClass": "STANDARD", 24 | "website": { 25 | "mainPageSuffix": "index.html", 26 | "notFoundPage": "404.html" 27 | } 28 | } 29 | } 30 | } 31 | ] 32 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_storage_bucket_iam_binding.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//storage.googleapis.com/fake-bucket-123456", 4 | "asset_type": "storage.googleapis.com/Bucket", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/storage/v1/rest", 9 | "discovery_name": "Bucket", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "iamConfiguration": { 13 | "uniformBucketLevelAccess": { 14 | "enabled": true 15 | } 16 | }, 17 | "lifecycle": { 18 | "rule": [] 19 | }, 20 | "location": "EU", 21 | "name": "fake-bucket-123456", 22 | "project": "{{.Provider.project}}", 23 | "storageClass": "STANDARD" 24 | } 25 | }, 26 | "iam_policy": { 27 | "bindings": [ 28 | { 29 | "role": "roles/storage.admin", 30 | "members": [ 31 | "user:jane@example.com" 32 | ] 33 | } 34 | ] 35 | } 36 | } 37 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_storage_bucket_iam_member.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//storage.googleapis.com/fake-bucket-123456", 4 | "asset_type": "storage.googleapis.com/Bucket", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/storage/v1/rest", 9 | "discovery_name": "Bucket", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "iamConfiguration": { 13 | "uniformBucketLevelAccess": { 14 | "enabled": true 15 | } 16 | }, 17 | "lifecycle": { 18 | "rule": [] 19 | }, 20 | "location": "EU", 21 | "name": "fake-bucket-123456", 22 | "project": "{{.Provider.project}}", 23 | "storageClass": "STANDARD" 24 | } 25 | }, 26 | "iam_policy": { 27 | "bindings": [ 28 | { 29 | "role": "roles/storage.admin", 30 | "members": [ 31 | "user:jane@example.com" 32 | ] 33 | } 34 | ] 35 | } 36 | } 37 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_storage_bucket_iam_policy.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//storage.googleapis.com/fake-bucket-123456", 4 | "asset_type": "storage.googleapis.com/Bucket", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/storage/v1/rest", 9 | "discovery_name": "Bucket", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "iamConfiguration": { 13 | "uniformBucketLevelAccess": { 14 | "enabled": true 15 | } 16 | }, 17 | "lifecycle": { 18 | "rule": [] 19 | }, 20 | "location": "EU", 21 | "name": "fake-bucket-123456", 22 | "project": "{{.Provider.project}}", 23 | "storageClass": "STANDARD" 24 | } 25 | }, 26 | "iam_policy": { 27 | "bindings": [ 28 | { 29 | "role": "roles/storage.admin", 30 | "members": [ 31 | "user:jane@example.com" 32 | ] 33 | } 34 | ] 35 | } 36 | } 37 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_vertex_ai_dataset.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//aiplatform.googleapis.com/placeholder-VSDAy5Fn", 4 | "asset_type": "aiplatform.googleapis.com/Dataset", 5 | "resource": { 6 | "version": "v1beta1", 7 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/aiplatform/v1beta1/rest", 8 | "discovery_name": "Dataset", 9 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 10 | "data": { 11 | "displayName": "terraform", 12 | "labels": { 13 | "env": "test", 14 | "goog-terraform-provisioned": "true" 15 | }, 16 | "metadataSchemaUri": "gs://google-cloud-aiplatform/schema/dataset/metadata/image_1.0.0.yaml" 17 | } 18 | }, 19 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 20 | "ancestors": [ 21 | "organizations/{{.OrgID}}" 22 | ] 23 | } 24 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_vertex_ai_dataset.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google-beta" 5 | version = "~> {{.Provider.version}}" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 12 | } 13 | 14 | 15 | resource "google_vertex_ai_dataset" "dataset" { 16 | display_name = "terraform" 17 | metadata_schema_uri = "gs://google-cloud-aiplatform/schema/dataset/metadata/image_1.0.0.yaml" 18 | region = "us-central1" 19 | 20 | labels = { 21 | env = "test" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_vpc_access_connector.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//vpcaccess.googleapis.com/projects/{{.Provider.project}}/locations/us-central1/connectors/vpc-con", 4 | "asset_type": "vpcaccess.googleapis.com/Connector", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1beta1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/vpcaccess/v1beta1/rest", 9 | "discovery_name": "Connector", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "ipCidrRange": "10.8.0.0/28", 13 | "minInstances": 2, 14 | "maxInstances": 3, 15 | "network": "default", 16 | "machineType": "e2-micro" 17 | } 18 | } 19 | } 20 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/example_vpc_access_connector.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2022 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | terraform { 17 | required_providers { 18 | google = { 19 | source = "hashicorp/google-beta" 20 | version = "~> {{.Provider.version}}" 21 | } 22 | } 23 | } 24 | 25 | provider "google" { 26 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 27 | } 28 | 29 | resource "google_vpc_access_connector" "connector" { 30 | name = "vpc-con" 31 | ip_cidr_range = "10.8.0.0/28" 32 | network = "default" 33 | region = "us-central1" 34 | min_instances = 2 35 | max_instances = 3 36 | } 37 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/firewall.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//compute.googleapis.com/projects/{{.Provider.project}}/global/firewalls/my-test-firewall", 4 | "asset_type": "compute.googleapis.com/Firewall", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "beta", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/compute/beta/rest", 9 | "discovery_name": "Firewall", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "allowed": [ 13 | { 14 | "IPProtocol": "icmp" 15 | }, 16 | { 17 | "IPProtocol": "tcp", 18 | "ports": [ 19 | "80", 20 | "8080", 21 | "1000-2000" 22 | ] 23 | } 24 | ], 25 | "description": "", 26 | "disabled": false, 27 | "logConfig": { 28 | "enable": false 29 | }, 30 | "name": "my-test-firewall", 31 | "network": "projects/{{.Provider.project}}/global/networks/default", 32 | "priority": 1000, 33 | "sourceTags": [ 34 | "web" 35 | ] 36 | } 37 | } 38 | } 39 | ] 40 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/firewall.tf: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright 2019 Google LLC 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | terraform { 18 | required_providers { 19 | google = { 20 | source = "hashicorp/google-beta" 21 | version = "~> {{.Provider.version}}" 22 | } 23 | } 24 | } 25 | 26 | provider "google" { 27 | {{if .Provider.credentials }}credentials = "{{.Provider.credentials}}"{{end}} 28 | } 29 | 30 | resource "google_compute_firewall" "my-test-firewall" { 31 | name = "my-test-firewall" 32 | network = "default" 33 | 34 | allow { 35 | protocol = "icmp" 36 | } 37 | 38 | allow { 39 | protocol = "tcp" 40 | ports = ["80", "8080", "1000-2000"] 41 | } 42 | 43 | source_tags = ["web"] 44 | } 45 | -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/full_spanner_instance.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//spanner.googleapis.com/projects/{{.Provider.project}}/instances/spanner-instance", 4 | "asset_type": "spanner.googleapis.com/Instance", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/spanner/v1/rest", 9 | "discovery_name": "Instance", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "instance": { 13 | "config": "projects/{{.Provider.project}}/instanceConfigs/regional-us-central1", 14 | "displayName": "spanner-instance", 15 | "labels": { 16 | "goog-terraform-provisioned": "true", 17 | "label1": "value1", 18 | "label2": "value2", 19 | "label3": "value3" 20 | }, 21 | "nodeCount": 1 22 | }, 23 | "instanceId": "spanner-instance" 24 | } 25 | } 26 | } 27 | ] -------------------------------------------------------------------------------- /tfplan2cai/testdata/templates/sql.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name": "//cloudsql.googleapis.com/projects/{{.Provider.project}}/instances/main-instance", 4 | "asset_type": "sqladmin.googleapis.com/Instance", 5 | "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}", 6 | "resource": { 7 | "version": "v1beta4", 8 | "discovery_document_uri": "https://www.googleapis.com/discovery/v1/apis/sqladmin/v1beta4/rest", 9 | "discovery_name": "DatabaseInstance", 10 | "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}", 11 | "data": { 12 | "databaseVersion": "POSTGRES_9_6", 13 | "name": "main-instance", 14 | "project": "{{.Provider.project}}", 15 | "region": "us-central1", 16 | "settings": { 17 | "activationPolicy": "ALWAYS", 18 | "availabilityType": "ZONAL", 19 | "pricingPlan": "PER_USE", 20 | "storageAutoResize": true, 21 | "tier": "db-f1-micro" 22 | } 23 | } 24 | } 25 | } 26 | ] 27 | -------------------------------------------------------------------------------- /tfplan2cai/tfplan_to_cai_test.go: -------------------------------------------------------------------------------- 1 | // Package tfplan2cai converts tfplan to CAI assets. 2 | package tfplan2cai 3 | 4 | import ( 5 | "context" 6 | "os" 7 | "testing" 8 | 9 | "github.com/stretchr/testify/assert" 10 | ) 11 | 12 | func TestConvert_noPlanJSON(t *testing.T) { 13 | ctx := context.Background() 14 | jsonPlan := []byte{} 15 | options := &Options{Offline: true} 16 | assets, err := Convert(ctx, jsonPlan, options) 17 | assert.Empty(t, assets) 18 | assert.Error(t, err) 19 | } 20 | 21 | func TestConvert_noResourceChanges(t *testing.T) { 22 | ctx := context.Background() 23 | f := "./testdata/empty-0.13.7.tfplan.json" 24 | jsonPlan, err := os.ReadFile(f) 25 | if err != nil { 26 | t.Fatalf("Error parsing %s: %s", f, err) 27 | } 28 | options := &Options{Offline: true} 29 | assets, err := Convert(ctx, jsonPlan, options) 30 | assert.Empty(t, assets) 31 | assert.Empty(t, err) 32 | } 33 | --------------------------------------------------------------------------------