diff --git a/.changelog/6572.txt b/.changelog/6572.txt new file mode 100644 index 00000000000..5cdcc5cb0e6 --- /dev/null +++ b/.changelog/6572.txt @@ -0,0 +1,3 @@ +```release-note:bug +compute: fixed unable to manage Cloud Armor `adaptive_protection_config` on `google_compute_security_policy` +``` diff --git a/google/resource_compute_security_policy.go b/google/resource_compute_security_policy.go index 29c08abd495..50fa7ac8a4e 100644 --- a/google/resource_compute_security_policy.go +++ b/google/resource_compute_security_policy.go @@ -857,8 +857,9 @@ func expandLayer7DdosDefenseConfig(configured []interface{}) *compute.SecurityPo data := configured[0].(map[string]interface{}) return &compute.SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig{ - Enable: data["enable"].(bool), - RuleVisibility: data["rule_visibility"].(string), + Enable: data["enable"].(bool), + RuleVisibility: data["rule_visibility"].(string), + ForceSendFields: []string{"Enable"}, } } diff --git a/google/resource_compute_security_policy_test.go b/google/resource_compute_security_policy_test.go index ab2c4672145..99f444afa3f 100644 --- a/google/resource_compute_security_policy_test.go +++ b/google/resource_compute_security_policy_test.go @@ -176,6 +176,14 @@ func TestAccComputeSecurityPolicy_withAdaptiveProtection(t *testing.T) { ImportState: true, ImportStateVerify: true, }, + { + Config: testAccComputeSecurityPolicy_withAdaptiveProtectionUpdate(spName), + }, + { + ResourceName: "google_compute_security_policy.policy", + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -453,6 +461,22 @@ resource "google_compute_security_policy" "policy" { `, spName) } +func testAccComputeSecurityPolicy_withAdaptiveProtectionUpdate(spName string) string { + return fmt.Sprintf(` +resource "google_compute_security_policy" "policy" { + name = "%s" + description = "updated description" + + adaptive_protection_config { + layer_7_ddos_defense_config { + enable = false + rule_visibility = "STANDARD" + } + } +} +`, spName) +} + func testAccComputeSecurityPolicy_withRateLimitOptions(spName string) string { return fmt.Sprintf(` resource "google_compute_security_policy" "policy" {