[#20905] Add network scope and src network fields to fw policy rules

[LucaPrete]

Adds network scope and src network fields to firewall policy rules.

Fixes hashicorp/terraform-provider-google/issues/20905

Release Note Template for Downstream PRs (will be copied)

See Write release notes for guidance.

compute: added `dest_network_scope`, `src_network_scope` and `src_networks` fields to `google_compute_firewall_policy_rule` resource (beta)

compute: added `dest_network_scope`, `src_network_scope` and `src_networks` fields to `google_compute_firewall_policy_with_rules` resource (beta)

compute: added `dest_network_scope`, `src_network_scope` and `src_networks` fields to `google_compute_network_firewall_policy_rule` resource (beta)

compute: added `dest_network_scope`, `src_network_scope` and `src_networks` fields to `google_compute_network_firewall_policy_with_rules` resource (beta)

compute: added `dest_network_scope`, `src_network_scope` and `src_networks` fields to `google_compute_region_network_firewall_policy_rule` resource (beta)

compute: added `dest_network_scope`, `src_network_scope` and `src_networks` fields to `google_compute_region_network_firewall_policy_with_rules` resource (beta)

[github-actions]

Hello! I am a robot. Tests will require approval from a repository maintainer to run.

@hao-nan-li, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 9 files changed, 637 insertions(+), 98 deletions(-))
google-beta provider: Diff ( 18 files changed, 1213 insertions(+), 135 deletions(-))
terraform-google-conversion: Diff ( 6 files changed, 198 insertions(+))
Open in Cloud Shell: Diff ( 4 files changed, 142 insertions(+))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_compute_network_firewall_policy_rule (14 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
  }
}

Resource: google_compute_region_network_firewall_policy_rule (11 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_region_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
    src_networks       = # value needed
  }
}

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 9 files changed, 637 insertions(+), 98 deletions(-))
google-beta provider: Diff ( 18 files changed, 1213 insertions(+), 135 deletions(-))
terraform-google-conversion: Diff ( 6 files changed, 198 insertions(+))
Open in Cloud Shell: Diff ( 4 files changed, 142 insertions(+))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_compute_network_firewall_policy_rule (14 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
  }
}

Resource: google_compute_region_network_firewall_policy_rule (11 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_region_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
    src_networks       = # value needed
  }
}

[modular-magician]

Tests analytics

Total tests: 1083
Passed tests: 1001
Skipped tests: 73
Affected tests: 9

Click here to see the affected service packages

• compute

Action taken

Found 9 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeFirewallPolicyRule_firewallPolicyRuleExample
• TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample
• TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample
• TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleExample
• TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeExample
• TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample
• TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeExample
• TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample
• TestAccComputeRegionPerInstanceConfig_removeInstanceOnDestroy

Get to know how VCR tests work

[modular-magician]

Tests analytics

Total tests: 1083
Passed tests: 1002
Skipped tests: 73
Affected tests: 8

Click here to see the affected service packages

• compute

Action taken

Found 8 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeFirewallPolicyRule_firewallPolicyRuleExample
• TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample
• TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample
• TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleExample
• TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeExample
• TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample
• TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeExample
• TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleExample [Debug log]
TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeExample [Debug log]
TestAccComputeRegionPerInstanceConfig_removeInstanceOnDestroy [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🔴 Tests failed during RECORDING mode:
TestAccComputeFirewallPolicyRule_firewallPolicyRuleExample [Error message] [Debug log]
TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample [Error message] [Debug log]
TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample [Error message] [Debug log]
TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample [Error message] [Debug log]
TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeExample [Error message] [Debug log]
TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleExample [Debug log]
TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeExample [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🔴 Tests failed during RECORDING mode:
TestAccComputeFirewallPolicyRule_firewallPolicyRuleExample [Error message] [Debug log]
TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample [Error message] [Debug log]
TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample [Error message] [Debug log]
TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample [Error message] [Debug log]
TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeExample [Error message] [Debug log]
TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 9 files changed, 728 insertions(+), 169 deletions(-))
google-beta provider: Diff ( 18 files changed, 1409 insertions(+), 271 deletions(-))
terraform-google-conversion: Diff ( 6 files changed, 198 insertions(+))
Open in Cloud Shell: Diff ( 4 files changed, 142 insertions(+))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_compute_network_firewall_policy_rule (14 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
  }
}

Resource: google_compute_region_network_firewall_policy_rule (11 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_region_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
    src_networks       = # value needed
  }
}

[modular-magician]

Tests analytics

Total tests: 1083
Passed tests: 1001
Skipped tests: 73
Affected tests: 9

Click here to see the affected service packages

• compute

Action taken

Found 9 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeFirewallPolicyRule_firewallPolicyRuleExample
• TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample
• TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample
• TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleExample
• TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeExample
• TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample
• TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleExample
• TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeExample
• TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccComputeFirewallPolicyRule_firewallPolicyRuleExample [Debug log]
TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleExample [Debug log]
TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeExample [Debug log]
TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleExample [Debug log]
TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeExample [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🔴 Tests failed during RECORDING mode:
TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample [Error message] [Debug log]
TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample [Error message] [Debug log]
TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample [Error message] [Debug log]
TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 9 files changed, 775 insertions(+), 172 deletions(-))
google-beta provider: Diff ( 18 files changed, 1463 insertions(+), 277 deletions(-))
terraform-google-conversion: Diff ( 6 files changed, 198 insertions(+))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_compute_network_firewall_policy_rule (14 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
  }
}

Resource: google_compute_region_network_firewall_policy_rule (11 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_region_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
    src_networks       = # value needed
  }
}

[modular-magician]

Tests analytics

Total tests: 1083
Passed tests: 1004
Skipped tests: 73
Affected tests: 6

Click here to see the affected service packages

• compute

Action taken

Found 6 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample
• TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample
• TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeExample
• TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample
• TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeExample
• TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample

Get to know how VCR tests work

[modular-magician]

🔴 Tests failed during RECORDING mode:
TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample [Error message] [Debug log]
TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample [Error message] [Debug log]
TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeExample [Error message] [Debug log]
TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample [Error message] [Debug log]
TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeExample [Error message] [Debug log]
TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 9 files changed, 730 insertions(+), 171 deletions(-))
google-beta provider: Diff ( 18 files changed, 1417 insertions(+), 275 deletions(-))
terraform-google-conversion: Diff ( 6 files changed, 198 insertions(+))

Missing test report

Your PR includes resource fields which are not covered by any test.

Resource: google_compute_network_firewall_policy_rule (14 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
  }
}

Resource: google_compute_region_network_firewall_policy_rule (11 total tests)
Please add an acceptance test which includes these fields. The test should include the following:

resource "google_compute_region_network_firewall_policy_rule" "primary" {
  match {
    dest_network_scope = # value needed
    src_networks       = # value needed
  }
}

[modular-magician]

Tests analytics

Total tests: 1083
Passed tests: 1006
Skipped tests: 73
Affected tests: 4

Click here to see the affected service packages

• compute

Action taken

Found 4 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample
• TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample
• TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample
• TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccComputeFirewallPolicyRule_firewallPolicyRuleNetworkScopeExample [Debug log]
TestAccComputeFirewallPolicyWithRules_computeFirewallPolicyWithRulesFullExample [Debug log]
TestAccComputeNetworkFirewallPolicyWithRules_computeNetworkFirewallPolicyWithRulesFullExample [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🔴 Tests failed during RECORDING mode:
TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 9 files changed, 910 insertions(+), 171 deletions(-))
google-beta provider: Diff ( 18 files changed, 1597 insertions(+), 275 deletions(-))
terraform-google-conversion: Diff ( 6 files changed, 198 insertions(+))

[modular-magician]

Tests analytics

Total tests: 1085
Passed tests: 1007
Skipped tests: 73
Affected tests: 5

Click here to see the affected service packages

• compute

Action taken

Found 5 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeEgressExample
• TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeIngressExample
• TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeEgressExample
• TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeIngressExample
• TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeEgressExample [Debug log]
TestAccComputeNetworkFirewallPolicyRule_networkFirewallPolicyRuleNetworkScopeIngressExample [Debug log]
TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeEgressExample [Debug log]
TestAccComputeRegionNetworkFirewallPolicyRule_regionNetworkFirewallPolicyRuleNetworkScopeIngressExample [Debug log]
TestAccComputeRegionNetworkFirewallPolicyWithRules_computeRegionNetworkFirewallPolicyWithRulesFullExample [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🟢 All tests passed!

View the build log or the debug log for each test