From 456a6d91235792ab3ee91be05fb01e0f5e515a3c Mon Sep 17 00:00:00 2001
From: cdunbar13 <139253655+cdunbar13@users.noreply.github.com>
Date: Wed, 11 Dec 2024 12:05:57 -0500
Subject: [PATCH] feat!: Add network_profile setting to network, update network
 resource provider (#584)

---
 README.md                    |  1 +
 docs/upgrading_to_v10.0.0.md |  2 +-
 main.tf                      |  1 +
 modules/vpc/README.md        |  1 +
 modules/vpc/main.tf          |  2 ++
 modules/vpc/variables.tf     | 12 ++++++++++++
 modules/vpc/versions.tf      |  2 +-
 variables.tf                 | 12 ++++++++++++
 8 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 95cc0d60..b88c9cb7 100644
--- a/README.md
+++ b/README.md
@@ -117,6 +117,7 @@ Then perform the following commands on the root folder:
 | mtu | The network MTU (If set to 0, meaning MTU is unset - defaults to '1460'). Recommended values: 1460 (default for historic reasons), 1500 (Internet default), or 8896 (for Jumbo packets). Allowed are all values in the range 1300 to 8896, inclusively. | `number` | `0` | no |
 | network\_firewall\_policy\_enforcement\_order | Set the order that Firewall Rules and Firewall Policies are evaluated. Valid values are `BEFORE_CLASSIC_FIREWALL` and `AFTER_CLASSIC_FIREWALL`. (default null or equivalent to `AFTER_CLASSIC_FIREWALL`) | `string` | `null` | no |
 | network\_name | The name of the network being created | `string` | n/a | yes |
+| network\_profile | "A full or partial URL of the network profile to apply to this network.<br>This field can be set only at resource creation time. For example, the<br>following are valid URLs:<br>  * https://www.googleapis.com/compute/beta/projects/{projectId}/global/networkProfiles/{network_profile_name}<br>  * projects/{projectId}/global/networkProfiles/{network\_profile\_name} | `string` | `null` | no |
 | project\_id | The ID of the project where this VPC will be created | `string` | n/a | yes |
 | routes | List of routes being created in this VPC | `list(map(string))` | `[]` | no |
 | routing\_mode | The network routing mode (default 'GLOBAL') | `string` | `"GLOBAL"` | no |
diff --git a/docs/upgrading_to_v10.0.0.md b/docs/upgrading_to_v10.0.0.md
index 28357282..ca155002 100644
--- a/docs/upgrading_to_v10.0.0.md
+++ b/docs/upgrading_to_v10.0.0.md
@@ -2,4 +2,4 @@
 
 The v10.0 release contains backwards-incompatible changes.
 
-This update requires upgrading the minimum provider version of `hashicorp/google` from `3.50` to `5.8` and `hashicorp/google-beta` from `3.50` to `5.8`.
+This update requires upgrading the minimum provider version of `hashicorp/google` from `3.50` to `5.8` and `hashicorp/google-beta` from `3.50` to `6.13`.
diff --git a/main.tf b/main.tf
index 2dcb49bb..46b1e2f8 100644
--- a/main.tf
+++ b/main.tf
@@ -30,6 +30,7 @@ module "vpc" {
   enable_ipv6_ula                           = var.enable_ipv6_ula
   internal_ipv6_range                       = var.internal_ipv6_range
   network_firewall_policy_enforcement_order = var.network_firewall_policy_enforcement_order
+  network_profile                           = var.network_profile
 }
 
 /******************************************
diff --git a/modules/vpc/README.md b/modules/vpc/README.md
index 3643a14a..17711c1b 100644
--- a/modules/vpc/README.md
+++ b/modules/vpc/README.md
@@ -36,6 +36,7 @@ module "vpc" {
 | mtu | The network MTU (If set to 0, meaning MTU is unset - defaults to '1460'). Recommended values: 1460 (default for historic reasons), 1500 (Internet default), or 8896 (for Jumbo packets). Allowed are all values in the range 1300 to 8896, inclusively. | `number` | `0` | no |
 | network\_firewall\_policy\_enforcement\_order | Set the order that Firewall Rules and Firewall Policies are evaluated. Valid values are `BEFORE_CLASSIC_FIREWALL` and `AFTER_CLASSIC_FIREWALL`. (default null or equivalent to `AFTER_CLASSIC_FIREWALL`) | `string` | `null` | no |
 | network\_name | The name of the network being created | `string` | n/a | yes |
+| network\_profile | "A full or partial URL of the network profile to apply to this network.<br>This field can be set only at resource creation time. For example, the<br>following are valid URLs:<br>  * https://www.googleapis.com/compute/beta/projects/{projectId}/global/networkProfiles/{network_profile_name}<br>  * projects/{projectId}/global/networkProfiles/{network\_profile\_name} | `string` | `null` | no |
 | project\_id | The ID of the project where this VPC will be created | `string` | n/a | yes |
 | routing\_mode | The network routing mode (default 'GLOBAL') | `string` | `"GLOBAL"` | no |
 | shared\_vpc\_host | Makes this project a Shared VPC host if 'true' (default 'false') | `bool` | `false` | no |
diff --git a/modules/vpc/main.tf b/modules/vpc/main.tf
index 2b9019f0..52721b2a 100644
--- a/modules/vpc/main.tf
+++ b/modules/vpc/main.tf
@@ -18,6 +18,7 @@
 	VPC configuration
  *****************************************/
 resource "google_compute_network" "network" {
+  provider                                  = google-beta
   name                                      = var.network_name
   auto_create_subnetworks                   = var.auto_create_subnetworks
   routing_mode                              = var.routing_mode
@@ -28,6 +29,7 @@ resource "google_compute_network" "network" {
   enable_ula_internal_ipv6                  = var.enable_ipv6_ula
   internal_ipv6_range                       = var.internal_ipv6_range
   network_firewall_policy_enforcement_order = var.network_firewall_policy_enforcement_order
+  network_profile                           = var.network_profile
 }
 
 /******************************************
diff --git a/modules/vpc/variables.tf b/modules/vpc/variables.tf
index 74e16b11..e0755307 100644
--- a/modules/vpc/variables.tf
+++ b/modules/vpc/variables.tf
@@ -77,3 +77,15 @@ variable "network_firewall_policy_enforcement_order" {
   default     = null
   description = "Set the order that Firewall Rules and Firewall Policies are evaluated. Valid values are `BEFORE_CLASSIC_FIREWALL` and `AFTER_CLASSIC_FIREWALL`. (default null or equivalent to `AFTER_CLASSIC_FIREWALL`)"
 }
+
+variable "network_profile" {
+  type        = string
+  default     = null
+  description = <<-EOT
+    "A full or partial URL of the network profile to apply to this network.
+    This field can be set only at resource creation time. For example, the
+    following are valid URLs:
+      * https://www.googleapis.com/compute/beta/projects/{projectId}/global/networkProfiles/{network_profile_name}
+      * projects/{projectId}/global/networkProfiles/{network_profile_name}
+    EOT
+}
diff --git a/modules/vpc/versions.tf b/modules/vpc/versions.tf
index 027e3a16..943e5dba 100644
--- a/modules/vpc/versions.tf
+++ b/modules/vpc/versions.tf
@@ -24,7 +24,7 @@ terraform {
     }
     google-beta = {
       source  = "hashicorp/google-beta"
-      version = ">= 4.64, < 7"
+      version = ">= 6.13, < 7"
     }
   }
 
diff --git a/variables.tf b/variables.tf
index 76c0bdc3..8cbb4fb4 100644
--- a/variables.tf
+++ b/variables.tf
@@ -199,3 +199,15 @@ variable "network_firewall_policy_enforcement_order" {
   default     = null
   description = "Set the order that Firewall Rules and Firewall Policies are evaluated. Valid values are `BEFORE_CLASSIC_FIREWALL` and `AFTER_CLASSIC_FIREWALL`. (default null or equivalent to `AFTER_CLASSIC_FIREWALL`)"
 }
+
+variable "network_profile" {
+  type        = string
+  default     = null
+  description = <<-EOT
+    "A full or partial URL of the network profile to apply to this network.
+    This field can be set only at resource creation time. For example, the
+    following are valid URLs:
+      * https://www.googleapis.com/compute/beta/projects/{projectId}/global/networkProfiles/{network_profile_name}
+      * projects/{projectId}/global/networkProfiles/{network_profile_name}
+    EOT
+}