CDPCP-9879 - GCP Environment resource Create/Read/Destroy

docs/resources/datalake_azure_datalake.md

@@ -35,7 +35,6 @@ A Data Lake is a service which provides a protective ring around the data stored
 
 - `certificate_expiration_state` (String)
 - `cloud_storage_base_location` (String)
-- `cloudbreak_version` (String)
 - `cloudera_manager` (Attributes) (see [below for nested schema](#nestedatt--cloudera_manager))
 - `creation_date` (String)
 - `credential_crn` (String)
@@ -106,31 +105,17 @@ Read-Only:
 
 Read-Only:
 
-- `ambari_server` (Boolean)
 - `discovery_fqdn` (String)
 - `id` (String)
 - `instance_group` (String)
 - `instance_status` (String)
 - `instance_type_val` (String)
-- `life_cycle` (String)
-- `mounted_volumes` (Attributes Set) (see [below for nested schema](#nestedatt--instance_groups--instances--mounted_volumes))
 - `private_ip` (String)
 - `public_ip` (String)
 - `ssh_port` (Number)
 - `state` (String)
 - `status_reason` (String)
 
-<a id="nestedatt--instance_groups--instances--mounted_volumes"></a>
-### Nested Schema for `instance_groups.instances.mounted_volumes`
-
-Read-Only:
-
-- `device` (String)
-- `volume_id` (String)
-- `volume_size` (String)
-- `volume_type` (String)
-
-
 
 
 <a id="nestedatt--product_versions"></a>

docs/resources/environments_azure_environment.md

@@ -92,6 +92,7 @@ output "crn" {
 - `enable_tunnel` (Boolean)
 - `encryption_key_resource_group_name` (String)
 - `encryption_key_url` (String)
+- `endpoint_access_gateway_scheme` (String) The scheme for the endpoint gateway. PUBLIC creates an external endpoint that can be accessed over the Internet. Defaults to PRIVATE which restricts the traffic to be internal to the VPC.
 - `existing_network_params` (Attributes) (see [below for nested schema](#nestedatt--existing_network_params))
 - `freeipa` (Attributes) (see [below for nested schema](#nestedatt--freeipa))
 - `new_network_params` (Attributes) (see [below for nested schema](#nestedatt--new_network_params))

docs/resources/environments_gcp_environment.md

@@ -0,0 +1,159 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "cdp_environments_gcp_environment Resource - terraform-provider-cdp"
+subcategory: ""
+description: |-
+  The environment is a logical entity that represents the association of your user account with multiple compute resources using which you can provision and manage workloads.
+---
+
+# cdp_environments_gcp_environment (Resource)
+
+The environment is a logical entity that represents the association of your user account with multiple compute resources using which you can provision and manage workloads.
+
+## Example Usage
+
+```terraform
+## Copyright 2023 Cloudera. All Rights Reserved.
+#
+# This file is licensed under the Apache License Version 2.0 (the "License").
+# You may not use this file except in compliance with the License.
+# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+#
+# This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+# OF ANY KIND, either express or implied. Refer to the License for the specific
+# permissions and limitations governing your use of the file.
+
+terraform {
+  required_providers {
+    cdp = {
+      source = "registry.terraform.io/cloudera/cdp"
+    }
+  }
+}
+
+resource "cdp_environments_gcp_environment" "example" {
+  environment_name        = "<value>"
+  credential_name         = "<value>"
+  region                  = "<value>"
+  public_key              = "<value>"
+  use_public_ip           = false // or true, depends on the requirements/configurations
+  existing_network_params = {
+    network_name      = "<value>"
+    subnet_names      = ["<value>", "<value2>", "..."] // one or more entries accepted
+    shared_project_id = "<value>"
+  }
+}
+
+output "environment_name" {
+  value = cdp_environments_gcp_environment.example.environment_name
+}
+
+output "credential_name" {
+  value = cdp_environments_gcp_environment.example.credential_name
+}
+
+output "region" {
+  value = cdp_environments_gcp_environment.example.region
+}
+
+output "public_key" {
+  value = cdp_environments_gcp_environment.example.public_key
+}
+
+output "use_public_ip" {
+  value = cdp_environments_gcp_environment.example.use_public_ip
+}
+
+output "existing_network_params" {
+  value = cdp_environments_gcp_environment.example.existing_network_params
+}
+
+output "network_name" {
+  value = cdp_environments_gcp_environment.example.existing_network_params.network_name
+}
+
+output "subnet_names" {
+  value = cdp_environments_gcp_environment.example.existing_network_params.subnet_names
+}
+
+output "shared_project_id" {
+  value = cdp_environments_gcp_environment.example.existing_network_params.shared_project_id
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `credential_name` (String) Name of the credential to use for the environment.
+- `environment_name` (String) The name of the environment. Must contain only lowercase letters, numbers and hyphens.
+- `existing_network_params` (Attributes) Parameters needed to use an existing VPC and Subnets. For now only existing network params is supported. (see [below for nested schema](#nestedatt--existing_network_params))
+- `public_key` (String) Public SSH key string. The associated private key can be used to get root-level access to the Data Lake instance and Data Hub cluster instances.
+- `region` (String) The region of the environment.
+- `use_public_ip` (Boolean) Whether to associate public IPs to the resources within the network or not.
+
+### Optional
+
+- `availability_zones` (List of String) The zones of the environment in the given region. Multi-zone selection is not supported in GCP yet. It accepts only one zone until support is added.
+- `description` (String) A description of the environment.
+- `enable_tunnel` (Boolean) Whether to enable SSH tunneling for the environment.
+- `encryption_key` (String) Key Resource ID of the customer managed encryption key to encrypt GCP resources.
+- `endpoint_access_gateway_scheme` (String) The scheme for the endpoint gateway. PUBLIC creates an external endpoint that can be accessed over the Internet. Defaults to PRIVATE which restricts the traffic to be internal to the VPC.
+- `freeipa` (Attributes) The FreeIPA creation request for the environment. (see [below for nested schema](#nestedatt--freeipa))
+- `log_storage` (Attributes) GCP storage configuration for cluster and audit logs. (see [below for nested schema](#nestedatt--log_storage))
+- `proxy_config_name` (String) Name of the proxy config to use for the environment.
+- `report_deployment_logs` (Boolean) When true, this will report additional diagnostic information back to Cloudera.
+- `security_access` (Attributes) Firewall rules for FreeIPA, Data Lake and Data Hub deployment. (see [below for nested schema](#nestedatt--security_access))
+- `tags` (Map of String) Tags that can be attached to GCP resources. Please refer to Google documentation for the rules https://cloud.google.com/compute/docs/labeling-resources#label_format.
+- `workload_analytics` (Boolean) When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.
+
+### Read-Only
+
+- `crn` (String) The CRN of the environment resource.
+- `id` (String) The ID of this resource.
+- `status` (String) The last known status for the environment.
+- `status_reason` (String) The last known detailed status reason for the environment.
+
+<a id="nestedatt--existing_network_params"></a>
+### Nested Schema for `existing_network_params`
+
+Required:
+
+- `network_name` (String) The name of the GCP VPC.
+- `shared_project_id` (String) The ID of the Google project associated with the VPC.
+- `subnet_names` (List of String) One or more subnet names within the VPC. Google VPCs are global, please give subnets from single geographic region only to reduce latency.
+
+
+<a id="nestedatt--freeipa"></a>
+### Nested Schema for `freeipa`
+
+Optional:
+
+- `instance_count_by_group` (Number) The number of FreeIPA instances to create per group when creating FreeIPA in the environment.
+- `instance_type` (String) Custom instance type of FreeIPA instances.
+- `recipes` (Set of String) The recipes for the FreeIPA cluster.
+
+
+<a id="nestedatt--log_storage"></a>
+### Nested Schema for `log_storage`
+
+Required:
+
+- `service_account_email` (String) Email id of the service account to be associated with the instances. This service account should have "storage.ObjectCreator" role on the given storage bucket.
+- `storage_location_base` (String) The Google storage bucket to use. This should be a gs:// url.
+
+Optional:
+
+- `backup_storage_location_base` (String) The Google storage bucket to use. This should be a gs:// url.
+
+
+<a id="nestedatt--security_access"></a>
+### Nested Schema for `security_access`
+
+Optional:
+
+- `default_security_group_id` (String) Firewall rule for other hosts.
+- `security_group_id_for_knox` (String) Firewall rule for Knox hosts.
+
+

examples/resources/cdp_environments_gcp_environment/resource.tf

@@ -0,0 +1,66 @@
+## Copyright 2023 Cloudera. All Rights Reserved.
+#
+# This file is licensed under the Apache License Version 2.0 (the "License").
+# You may not use this file except in compliance with the License.
+# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+#
+# This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+# OF ANY KIND, either express or implied. Refer to the License for the specific
+# permissions and limitations governing your use of the file.
+
+terraform {
+  required_providers {
+    cdp = {
+      source = "registry.terraform.io/cloudera/cdp"
+    }
+  }
+}
+
+resource "cdp_environments_gcp_environment" "example" {
+  environment_name        = "<value>"
+  credential_name         = "<value>"
+  region                  = "<value>"
+  public_key              = "<value>"
+  use_public_ip           = false // or true, depends on the requirements/configurations
+  existing_network_params = {
+    network_name      = "<value>"
+    subnet_names      = ["<value>", "<value2>", "..."] // one or more entries accepted
+    shared_project_id = "<value>"
+  }
+}
+
+output "environment_name" {
+  value = cdp_environments_gcp_environment.example.environment_name
+}
+
+output "credential_name" {
+  value = cdp_environments_gcp_environment.example.credential_name
+}
+
+output "region" {
+  value = cdp_environments_gcp_environment.example.region
+}
+
+output "public_key" {
+  value = cdp_environments_gcp_environment.example.public_key
+}
+
+output "use_public_ip" {
+  value = cdp_environments_gcp_environment.example.use_public_ip
+}
+
+output "existing_network_params" {
+  value = cdp_environments_gcp_environment.example.existing_network_params
+}
+
+output "network_name" {
+  value = cdp_environments_gcp_environment.example.existing_network_params.network_name
+}
+
+output "subnet_names" {
+  value = cdp_environments_gcp_environment.example.existing_network_params.subnet_names
+}
+
+output "shared_project_id" {
+  value = cdp_environments_gcp_environment.example.existing_network_params.shared_project_id
+}

provider/provider.go

@@ -217,6 +217,7 @@ func (p *CdpProvider) Resources(_ context.Context) []func() resource.Resource {
 		environments.NewIDBrokerMappingsResource,
 		environments.NewAzureCredentialResource,
 		environments.NewAzureEnvironmentResource,
+		environments.NewGcpEnvironmentResource,
 		datalake.NewAwsDatalakeResource,
 		datalake.NewAzureDatalakeResource,
 		iam.NewGroupResource,