Add Private Service Connect to Looker (GoogleCloudPlatform#11487)

Philip-Jonany · Nov 4, 2024 · 35e7891 · 35e7891
1 parent a85cf25
commit 35e7891
Show file tree

Hide file tree

Showing 2 changed files with 73 additions and 0 deletions.
diff --git a/mmv1/products/looker/Instance.yaml b/mmv1/products/looker/Instance.yaml
@@ -89,6 +89,13 @@ examples:
       client_id: 'my-client-id'
       client_secret: 'my-client-secret'
       custom_domain: 'my-custom-domain'
+  - !ruby/object:Provider::Terraform::Examples
+    name: 'looker_instance_psc'
+    primary_resource_id: 'looker-instance'
+    vars:
+      instance_name: 'my-instance'
+      client_id: 'my-client-id'
+      client_secret: 'my-client-secret'
 parameters:
   - !ruby/object:Api::Type::String
     name: 'region'
@@ -392,6 +399,55 @@ properties:
     description: |
       Whether private IP is enabled on the Looker instance.
     default_value: false
+  # PscConfig Object
+  - !ruby/object:Api::Type::NestedObject
+    name: pscConfig
+    description: |
+      Information for Private Service Connect (PSC) setup for a Looker instance.
+    update_mask_fields:
+      - 'psc_config.allowed_vpcs'
+      - 'psc_config.service_attachments'
+    properties:
+      - !ruby/object:Api::Type::Array
+        name: 'allowedVpcs'
+        item_type: Api::Type::String
+        description: |
+          List of VPCs that are allowed ingress into the Looker instance.
+      - !ruby/object:Api::Type::String
+        name: 'lookerServiceAttachmentUri'
+        description: |
+          URI of the Looker service attachment.
+        output: true
+      - !ruby/object:Api::Type::Array
+        name: 'serviceAttachments'
+        description: |
+          List of egress service attachment configurations.
+        item_type: !ruby/object:Api::Type::NestedObject
+          properties:
+            - !ruby/object:Api::Type::Enum
+              name: connectionStatus
+              description: |
+                Status of the service attachment connection.
+              output: true
+              values:
+                - :ACCEPTED
+                - :PENDING
+                - :REJECTED
+                - :NEEDS_ATTENTION
+                - :CLOSED
+            - !ruby/object:Api::Type::String
+              name: localFqdn
+              description: |
+                Fully qualified domain name that will be used in the private DNS record created for the service attachment.
+            - !ruby/object:Api::Type::String
+              name: targetServiceAttachmentUri
+              description: |
+                URI of the service attachment to connect to.
+  # PscConfig Object - End
+  - !ruby/object:Api::Type::Boolean
+    name: pscEnabled
+    description: |
+      Whether Public Service Connect (PSC) is enabled on the Looker instance
   - !ruby/object:Api::Type::Boolean
     name: publicIpEnabled
     description: |

diff --git a/mmv1/templates/terraform/examples/looker_instance_psc.tf.erb b/mmv1/templates/terraform/examples/looker_instance_psc.tf.erb
@@ -0,0 +1,17 @@
+resource "google_looker_instance" "<%= ctx[:primary_resource_id] %>" {
+  name               = "<%= ctx[:vars]["instance_name"] %>"
+  platform_edition   = "LOOKER_CORE_ENTERPRISE_ANNUAL"
+  region             = "us-central1"
+  private_ip_enabled = false
+  public_ip_enabled  = false
+  psc_enabled        = true
+  oauth_config {
+    client_id = "<%= ctx[:vars]["client_id"] %>"
+    client_secret = "<%= ctx[:vars]["client_secret"] %>"
+  }
+  psc_config {
+    allowed_vpcs = ["projects/test-project/global/networks/test"]
+    # update only
+    # service_attachments = [{local_fqdn: "www.local-fqdn.com" target_service_attachment_uri: "projects/my-project/regions/us-east1/serviceAttachments/sa"}]
+  }
+}