Google Git
Sign in
third-party-mirror / terraform-provider-google-beta / 7018e2f3f116fdacfd66c03551fbf0c3db62170a / . / v5.18.0 / google-beta / services / securityposture / resource_securityposture_posture.go
blob: 9ad1739692df4681fdb3a9ba2f22249bc4dc7829 [file] [log] [blame]
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
// ----------------------------------------------------------------------------
//
// *** AUTO GENERATED CODE *** Type: MMv1 ***
//
// ----------------------------------------------------------------------------
//
// This file is automatically generated by Magic Modules and manual
// changes will be clobbered when the file is regenerated.
//
// Please read more about how to change this file in
// .github/CONTRIBUTING.md.
//
// ----------------------------------------------------------------------------
package securityposture
import (
"context"
"fmt"
"log"
"reflect"
"strings"
"time"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-provider-google-beta/google-beta/tpgresource"
transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport"
"github.com/hashicorp/terraform-provider-google-beta/google-beta/verify"
)
// Compute revision_id for changes in posture fields.
func revisionIdCustomizeDiff(ctx context.Context, d *schema.ResourceDiff, meta interface{}) error {
if d.HasChanges("description", "state", "policy_sets") {
err := d.SetNewComputed("revision_id")
if err != nil {
return fmt.Errorf("Error re-setting revision_id: %s", err)
}
}
return nil
}
func ResourceSecurityposturePosture() *schema.Resource {
return &schema.Resource{
Create: resourceSecurityposturePostureCreate,
Read: resourceSecurityposturePostureRead,
Update: resourceSecurityposturePostureUpdate,
Delete: resourceSecurityposturePostureDelete,
Importer: &schema.ResourceImporter{
State: resourceSecurityposturePostureImport,
},
Timeouts: &schema.ResourceTimeout{
Create: schema.DefaultTimeout(20 * time.Minute),
Update: schema.DefaultTimeout(20 * time.Minute),
Delete: schema.DefaultTimeout(20 * time.Minute),
},
CustomizeDiff: customdiff.All(
revisionIdCustomizeDiff,
),
Schema: map[string]*schema.Schema{
"location": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
Description: `Location of the resource, eg: global.`,
},
"parent": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
Description: `The parent of the resource, an organization. Format should be 'organizations/{organization_id}'.`,
},
"policy_sets": {
Type: schema.TypeList,
Required: true,
Description: `List of policy sets for the posture.`,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"policies": {
Type: schema.TypeList,
Required: true,
Description: `List of security policy`,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"constraint": {
Type: schema.TypeList,
Required: true,
Description: `Policy constraint definition.It can have the definition of one of following constraints: orgPolicyConstraint orgPolicyConstraintCustom securityHealthAnalyticsModule securityHealthAnalyticsCustomModule`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"org_policy_constraint": {
Type: schema.TypeList,
Optional: true,
Description: `Organization policy canned constraint definition.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"canned_constraint_id": {
Type: schema.TypeString,
Required: true,
Description: `Organization policy canned constraint Id`,
},
"policy_rules": {
Type: schema.TypeList,
Required: true,
Description: `Definition of policy rules`,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"allow_all": {
Type: schema.TypeBool,
Optional: true,
Description: `Setting this to true means that all values are allowed. This field can be set only in policies for list constraints.`,
Default: false,
},
"condition": {
Type: schema.TypeList,
Optional: true,
Description: `Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language.
This page details the objects and attributes that are used to the build the CEL expressions for
custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"expression": {
Type: schema.TypeString,
Required: true,
Description: `Textual representation of an expression in Common Expression Language syntax.`,
},
"description": {
Type: schema.TypeString,
Optional: true,
Description: `Description of the expression`,
},
"location": {
Type: schema.TypeString,
Optional: true,
Description: `String indicating the location of the expression for error reporting, e.g. a file name and a position in the file`,
},
"title": {
Type: schema.TypeString,
Optional: true,
Description: `Title for the expression, i.e. a short string describing its purpose.`,
},
},
},
},
"deny_all": {
Type: schema.TypeBool,
Optional: true,
Description: `Setting this to true means that all values are denied. This field can be set only in policies for list constraints.`,
Default: false,
},
"enforce": {
Type: schema.TypeBool,
Optional: true,
Description: `If 'true', then the policy is enforced. If 'false', then any configuration is acceptable.
This field can be set only in policies for boolean constraints.`,
},
"values": {
Type: schema.TypeList,
Optional: true,
Description: `List of values to be used for this policy rule. This field can be set only in policies for list constraints.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"allowed_values": {
Type: schema.TypeList,
Optional: true,
Description: `List of values allowed at this resource.`,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
"denied_values": {
Type: schema.TypeList,
Optional: true,
Description: `List of values denied at this resource.`,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
},
},
},
},
},
},
},
},
},
"org_policy_constraint_custom": {
Type: schema.TypeList,
Optional: true,
Description: `Organization policy custom constraint policy definition.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"policy_rules": {
Type: schema.TypeList,
Required: true,
Description: `Definition of policy rules`,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"allow_all": {
Type: schema.TypeBool,
Optional: true,
Description: `Setting this to true means that all values are allowed. This field can be set only in policies for list constraints.`,
Default: false,
},
"condition": {
Type: schema.TypeList,
Optional: true,
Description: `Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language.
This page details the objects and attributes that are used to the build the CEL expressions for
custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"expression": {
Type: schema.TypeString,
Required: true,
Description: `Textual representation of an expression in Common Expression Language syntax.`,
},
"description": {
Type: schema.TypeString,
Optional: true,
Description: `Description of the expression`,
},
"location": {
Type: schema.TypeString,
Optional: true,
Description: `String indicating the location of the expression for error reporting, e.g. a file name and a position in the file`,
},
"title": {
Type: schema.TypeString,
Optional: true,
Description: `Title for the expression, i.e. a short string describing its purpose.`,
},
},
},
},
"deny_all": {
Type: schema.TypeBool,
Optional: true,
Description: `Setting this to true means that all values are denied. This field can be set only in policies for list constraints.`,
Default: false,
},
"enforce": {
Type: schema.TypeBool,
Optional: true,
Description: `If 'true', then the policy is enforced. If 'false', then any configuration is acceptable.
This field can be set only in policies for boolean constraints.`,
},
"values": {
Type: schema.TypeList,
Optional: true,
Description: `List of values to be used for this policy rule. This field can be set only in policies for list constraints.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"allowed_values": {
Type: schema.TypeList,
Optional: true,
Description: `List of values allowed at this resource.`,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
"denied_values": {
Type: schema.TypeList,
Optional: true,
Description: `List of values denied at this resource.`,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
},
},
},
},
},
},
"custom_constraint": {
Type: schema.TypeList,
Optional: true,
Description: `Organization policy custom constraint definition.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"action_type": {
Type: schema.TypeString,
Required: true,
ValidateFunc: verify.ValidateEnum([]string{"ALLOW", "DENY"}),
Description: `The action to take if the condition is met. Possible values: ["ALLOW", "DENY"]`,
},
"condition": {
Type: schema.TypeString,
Required: true,
Description: `A CEL condition that refers to a supported service resource, for example 'resource.management.autoUpgrade == false'. For details about CEL usage, see [Common Expression Language](https://cloud.google.com/resource-manager/docs/organization-policy/creating-managing-custom-constraints#common_expression_language).`,
},
"method_types": {
Type: schema.TypeList,
Required: true,
Description: `A list of RESTful methods for which to enforce the constraint. Can be 'CREATE', 'UPDATE', or both. Not all Google Cloud services support both methods. To see supported methods for each service, find the service in [Supported services](https://cloud.google.com/resource-manager/docs/organization-policy/custom-constraint-supported-services).`,
MinItems: 1,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
"name": {
Type: schema.TypeString,
Required: true,
Description: `Immutable. The name of the custom constraint. This is unique within the organization.`,
},
"resource_types": {
Type: schema.TypeList,
Required: true,
Description: `Immutable. The fully qualified name of the Google Cloud REST resource containing the object and field you want to restrict. For example, 'container.googleapis.com/NodePool'.`,
MinItems: 1,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
"description": {
Type: schema.TypeString,
Optional: true,
Description: `A human-friendly description of the constraint to display as an error message when the policy is violated.`,
},
"display_name": {
Type: schema.TypeString,
Optional: true,
Description: `A human-friendly name for the constraint.`,
},
},
},
},
},
},
},
"security_health_analytics_custom_module": {
Type: schema.TypeList,
Optional: true,
Description: `Definition of Security Health Analytics Custom Module.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"config": {
Type: schema.TypeList,
Required: true,
Description: `Custom module details.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"predicate": {
Type: schema.TypeList,
Required: true,
Description: `The CEL expression to evaluate to produce findings.When the expression
evaluates to true against a resource, a finding is generated.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"expression": {
Type: schema.TypeString,
Required: true,
Description: `Textual representation of an expression in Common Expression Language syntax.`,
},
"description": {
Type: schema.TypeString,
Optional: true,
Description: `Description of the expression`,
},
"location": {
Type: schema.TypeString,
Optional: true,
Description: `String indicating the location of the expression for error reporting, e.g. a file name and a position in the file`,
},
"title": {
Type: schema.TypeString,
Optional: true,
Description: `Title for the expression, i.e. a short string describing its purpose.`,
},
},
},
},
"resource_selector": {
Type: schema.TypeList,
Required: true,
Description: `The resource types that the custom module operates on. Each custom module
can specify up to 5 resource types.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"resource_types": {
Type: schema.TypeList,
Required: true,
Description: `The resource types to run the detector on.`,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
},
},
},
"severity": {
Type: schema.TypeString,
Required: true,
ValidateFunc: verify.ValidateEnum([]string{"SEVERITY_UNSPECIFIED", "CRITICAL", "HIGH", "MEDIUM", "LOW"}),
Description: `The severity to assign to findings generated by the module. Possible values: ["SEVERITY_UNSPECIFIED", "CRITICAL", "HIGH", "MEDIUM", "LOW"]`,
},
"custom_output": {
Type: schema.TypeList,
Optional: true,
Description: `Custom output properties. A set of optional name-value pairs that define custom source properties to
return with each finding that is generated by the custom module. The custom
source properties that are defined here are included in the finding JSON
under 'sourceProperties'.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"properties": {
Type: schema.TypeList,
Optional: true,
Description: `A list of custom output properties to add to the finding.`,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"name": {
Type: schema.TypeString,
Required: true,
Description: `Name of the property for the custom output.`,
},
"value_expression": {
Type: schema.TypeList,
Optional: true,
Description: `The CEL expression for the custom output. A resource property can be
specified to return the value of the property or a text string enclosed
in quotation marks.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"expression": {
Type: schema.TypeString,
Required: true,
Description: `Textual representation of an expression in Common Expression Language syntax.`,
},
"description": {
Type: schema.TypeString,
Optional: true,
Description: `Description of the expression`,
},
"location": {
Type: schema.TypeString,
Optional: true,
Description: `String indicating the location of the expression for error reporting, e.g. a file name and a position in the file`,
},
"title": {
Type: schema.TypeString,
Optional: true,
Description: `Title for the expression, i.e. a short string describing its purpose.`,
},
},
},
},
},
},
},
},
},
},
"description": {
Type: schema.TypeString,
Optional: true,
Description: `Text that describes the vulnerability or misconfiguration that the custom
module detects.`,
},
"recommendation": {
Type: schema.TypeString,
Optional: true,
Description: `An explanation of the recommended steps that security teams can take to
resolve the detected issue`,
},
},
},
},
"display_name": {
Type: schema.TypeString,
Optional: true,
Description: `The display name of the Security Health Analytics custom module. This
display name becomes the finding category for all findings that are
returned by this custom module.`,
},
"module_enablement_state": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: verify.ValidateEnum([]string{"ENABLEMENT_STATE_UNSPECIFIED", "ENABLED", "DISABLED", ""}),
Description: `The state of enablement for the module at its level of the resource hierarchy. Possible values: ["ENABLEMENT_STATE_UNSPECIFIED", "ENABLED", "DISABLED"]`,
},
"id": {
Type: schema.TypeString,
Computed: true,
Description: `A server generated id of custom module.`,
},
},
},
},
"security_health_analytics_module": {
Type: schema.TypeList,
Optional: true,
Description: `Security Health Analytics built-in detector definition.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"module_name": {
Type: schema.TypeString,
Required: true,
Description: `The name of the module eg: BIGQUERY_TABLE_CMEK_DISABLED.`,
},
"module_enablement_state": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: verify.ValidateEnum([]string{"ENABLEMENT_STATE_UNSPECIFIED", "ENABLED", "DISABLED", ""}),
Description: `The state of enablement for the module at its level of the resource hierarchy. Possible values: ["ENABLEMENT_STATE_UNSPECIFIED", "ENABLED", "DISABLED"]`,
},
},
},
},
},
},
},
"policy_id": {
Type: schema.TypeString,
Required: true,
Description: `ID of the policy.`,
},
"compliance_standards": {
Type: schema.TypeList,
Optional: true,
Description: `Mapping for policy to security standards and controls.`,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"control": {
Type: schema.TypeString,
Optional: true,
Description: `Mapping of security controls for the policy.`,
},
"standard": {
Type: schema.TypeString,
Optional: true,
Description: `Mapping of compliance standards for the policy.`,
},
},
},
},
"description": {
Type: schema.TypeString,
Optional: true,
Description: `Description of the policy.`,
},
},
},
},
"policy_set_id": {
Type: schema.TypeString,
Required: true,
Description: `ID of the policy set.`,
},
"description": {
Type: schema.TypeString,
Optional: true,
Description: `Description of the policy set.`,
},
},
},
},
"posture_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
Description: `Id of the posture. It is an immutable field.`,
},
"state": {
Type: schema.TypeString,
Required: true,
ValidateFunc: verify.ValidateEnum([]string{"DEPRECATED", "DRAFT", "ACTIVE"}),
Description: `State of the posture. Update to state field should not be triggered along with
with other field updates. Possible values: ["DEPRECATED", "DRAFT", "ACTIVE"]`,
},
"description": {
Type: schema.TypeString,
Optional: true,
Description: `Description of the posture.`,
},
"create_time": {
Type: schema.TypeString,
Computed: true,
Description: `Time the Posture was created in UTC.`,
},
"etag": {
Type: schema.TypeString,
Computed: true,
Description: `For Resource freshness validation (https://google.aip.dev/154)`,
},
"name": {
Type: schema.TypeString,
Computed: true,
Description: `Name of the posture.`,
},
"reconciling": {
Type: schema.TypeBool,
Computed: true,
Description: `If set, there are currently changes in flight to the posture.`,
},
"revision_id": {
Type: schema.TypeString,
Computed: true,
Description: `Revision_id of the posture.`,
},
"update_time": {
Type: schema.TypeString,
Computed: true,
Description: `Time the Posture was updated in UTC.`,
},
},
UseJSONNumber: true,
}
}
func resourceSecurityposturePostureCreate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*transport_tpg.Config)
userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
if err != nil {
return err
}
obj := make(map[string]interface{})
stateProp, err := expandSecurityposturePostureState(d.Get("state"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("state"); !tpgresource.IsEmptyValue(reflect.ValueOf(stateProp)) && (ok || !reflect.DeepEqual(v, stateProp)) {
obj["state"] = stateProp
}
descriptionProp, err := expandSecurityposturePostureDescription(d.Get("description"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("description"); !tpgresource.IsEmptyValue(reflect.ValueOf(descriptionProp)) && (ok || !reflect.DeepEqual(v, descriptionProp)) {
obj["description"] = descriptionProp
}
etagProp, err := expandSecurityposturePostureEtag(d.Get("etag"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("etag"); !tpgresource.IsEmptyValue(reflect.ValueOf(etagProp)) && (ok || !reflect.DeepEqual(v, etagProp)) {
obj["etag"] = etagProp
}
policySetsProp, err := expandSecurityposturePosturePolicySets(d.Get("policy_sets"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("policy_sets"); !tpgresource.IsEmptyValue(reflect.ValueOf(policySetsProp)) && (ok || !reflect.DeepEqual(v, policySetsProp)) {
obj["policySets"] = policySetsProp
}
url, err := tpgresource.ReplaceVars(d, config, "{{SecuritypostureBasePath}}{{parent}}/locations/{{location}}/postures?postureId={{posture_id}}")
if err != nil {
return err
}
log.Printf("[DEBUG] Creating new Posture: %#v", obj)
billingProject := ""
// err == nil indicates that the billing_project value was found
if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
billingProject = bp
}
res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
Config: config,
Method: "POST",
Project: billingProject,
RawURL: url,
UserAgent: userAgent,
Body: obj,
Timeout: d.Timeout(schema.TimeoutCreate),
})
if err != nil {
return fmt.Errorf("Error creating Posture: %s", err)
}
// Store the ID now
id, err := tpgresource.ReplaceVars(d, config, "{{parent}}/locations/{{location}}/postures/{{posture_id}}")
if err != nil {
return fmt.Errorf("Error constructing id: %s", err)
}
d.SetId(id)
err = SecuritypostureOperationWaitTime(
config, res, "Creating Posture", userAgent,
d.Timeout(schema.TimeoutCreate))
if err != nil {
// The resource didn't actually create
d.SetId("")
return fmt.Errorf("Error waiting to create Posture: %s", err)
}
log.Printf("[DEBUG] Finished creating Posture %q: %#v", d.Id(), res)
return resourceSecurityposturePostureRead(d, meta)
}
func resourceSecurityposturePostureRead(d *schema.ResourceData, meta interface{}) error {
config := meta.(*transport_tpg.Config)
userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
if err != nil {
return err
}
url, err := tpgresource.ReplaceVars(d, config, "{{SecuritypostureBasePath}}{{parent}}/locations/{{location}}/postures/{{posture_id}}")
if err != nil {
return err
}
billingProject := ""
// err == nil indicates that the billing_project value was found
if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
billingProject = bp
}
res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
Config: config,
Method: "GET",
Project: billingProject,
RawURL: url,
UserAgent: userAgent,
})
if err != nil {
return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("SecurityposturePosture %q", d.Id()))
}
if err := d.Set("name", flattenSecurityposturePostureName(res["name"], d, config)); err != nil {
return fmt.Errorf("Error reading Posture: %s", err)
}
if err := d.Set("state", flattenSecurityposturePostureState(res["state"], d, config)); err != nil {
return fmt.Errorf("Error reading Posture: %s", err)
}
if err := d.Set("revision_id", flattenSecurityposturePostureRevisionId(res["revisionId"], d, config)); err != nil {
return fmt.Errorf("Error reading Posture: %s", err)
}
if err := d.Set("create_time", flattenSecurityposturePostureCreateTime(res["createTime"], d, config)); err != nil {
return fmt.Errorf("Error reading Posture: %s", err)
}
if err := d.Set("update_time", flattenSecurityposturePostureUpdateTime(res["updateTime"], d, config)); err != nil {
return fmt.Errorf("Error reading Posture: %s", err)
}
if err := d.Set("description", flattenSecurityposturePostureDescription(res["description"], d, config)); err != nil {
return fmt.Errorf("Error reading Posture: %s", err)
}
if err := d.Set("etag", flattenSecurityposturePostureEtag(res["etag"], d, config)); err != nil {
return fmt.Errorf("Error reading Posture: %s", err)
}
if err := d.Set("reconciling", flattenSecurityposturePostureReconciling(res["reconciling"], d, config)); err != nil {
return fmt.Errorf("Error reading Posture: %s", err)
}
if err := d.Set("policy_sets", flattenSecurityposturePosturePolicySets(res["policySets"], d, config)); err != nil {
return fmt.Errorf("Error reading Posture: %s", err)
}
return nil
}
func resourceSecurityposturePostureUpdate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*transport_tpg.Config)
userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
if err != nil {
return err
}
billingProject := ""
obj := make(map[string]interface{})
stateProp, err := expandSecurityposturePostureState(d.Get("state"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("state"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, stateProp)) {
obj["state"] = stateProp
}
descriptionProp, err := expandSecurityposturePostureDescription(d.Get("description"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("description"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, descriptionProp)) {
obj["description"] = descriptionProp
}
etagProp, err := expandSecurityposturePostureEtag(d.Get("etag"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("etag"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, etagProp)) {
obj["etag"] = etagProp
}
policySetsProp, err := expandSecurityposturePosturePolicySets(d.Get("policy_sets"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("policy_sets"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, policySetsProp)) {
obj["policySets"] = policySetsProp
}
url, err := tpgresource.ReplaceVars(d, config, "{{SecuritypostureBasePath}}{{parent}}/locations/{{location}}/postures/{{posture_id}}?revisionId={{revision_id}}")
if err != nil {
return err
}
log.Printf("[DEBUG] Updating Posture %q: %#v", d.Id(), obj)
updateMask := []string{}
if d.HasChange("state") {
updateMask = append(updateMask, "state")
}
if d.HasChange("description") {
updateMask = append(updateMask, "description")
}
if d.HasChange("etag") {
updateMask = append(updateMask, "etag")
}
if d.HasChange("policy_sets") {
updateMask = append(updateMask, "policySets")
}
// updateMask is a URL parameter but not present in the schema, so ReplaceVars
// won't set it
url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")})
if err != nil {
return err
}
// err == nil indicates that the billing_project value was found
if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
billingProject = bp
}
// if updateMask is empty we are not updating anything so skip the post
if len(updateMask) > 0 {
res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
Config: config,
Method: "PATCH",
Project: billingProject,
RawURL: url,
UserAgent: userAgent,
Body: obj,
Timeout: d.Timeout(schema.TimeoutUpdate),
})
if err != nil {
return fmt.Errorf("Error updating Posture %q: %s", d.Id(), err)
} else {
log.Printf("[DEBUG] Finished updating Posture %q: %#v", d.Id(), res)
}
err = SecuritypostureOperationWaitTime(
config, res, "Updating Posture", userAgent,
d.Timeout(schema.TimeoutUpdate))
if err != nil {
return err
}
}
return resourceSecurityposturePostureRead(d, meta)
}
func resourceSecurityposturePostureDelete(d *schema.ResourceData, meta interface{}) error {
config := meta.(*transport_tpg.Config)
userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
if err != nil {
return err
}
billingProject := ""
url, err := tpgresource.ReplaceVars(d, config, "{{SecuritypostureBasePath}}{{parent}}/locations/{{location}}/postures/{{posture_id}}")
if err != nil {
return err
}
var obj map[string]interface{}
log.Printf("[DEBUG] Deleting Posture %q", d.Id())
// err == nil indicates that the billing_project value was found
if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
billingProject = bp
}
res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
Config: config,
Method: "DELETE",
Project: billingProject,
RawURL: url,
UserAgent: userAgent,
Body: obj,
Timeout: d.Timeout(schema.TimeoutDelete),
})
if err != nil {
return transport_tpg.HandleNotFoundError(err, d, "Posture")
}
err = SecuritypostureOperationWaitTime(
config, res, "Deleting Posture", userAgent,
d.Timeout(schema.TimeoutDelete))
if err != nil {
return err
}
log.Printf("[DEBUG] Finished deleting Posture %q: %#v", d.Id(), res)
return nil
}
func resourceSecurityposturePostureImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
config := meta.(*transport_tpg.Config)
if err := tpgresource.ParseImportId([]string{
"^(?P<parent>.+)/locations/(?P<location>[^/]+)/postures/(?P<posture_id>[^/]+)$",
}, d, config); err != nil {
return nil, err
}
// Replace import id for the resource id
id, err := tpgresource.ReplaceVars(d, config, "{{parent}}/locations/{{location}}/postures/{{posture_id}}")
if err != nil {
return nil, fmt.Errorf("Error constructing id: %s", err)
}
d.SetId(id)
return []*schema.ResourceData{d}, nil
}
func flattenSecurityposturePostureName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePostureState(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePostureRevisionId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePostureCreateTime(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePostureUpdateTime(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePostureDescription(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePostureEtag(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePostureReconciling(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySets(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return v
}
l := v.([]interface{})
transformed := make([]interface{}, 0, len(l))
for _, raw := range l {
original := raw.(map[string]interface{})
if len(original) < 1 {
// Do not include empty json objects coming back from the api
continue
}
transformed = append(transformed, map[string]interface{}{
"policy_set_id": flattenSecurityposturePosturePolicySetsPolicySetId(original["policySetId"], d, config),
"description": flattenSecurityposturePosturePolicySetsDescription(original["description"], d, config),
"policies": flattenSecurityposturePosturePolicySetsPolicies(original["policies"], d, config),
})
}
return transformed
}
func flattenSecurityposturePosturePolicySetsPolicySetId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsDescription(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPolicies(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return v
}
l := v.([]interface{})
transformed := make([]interface{}, 0, len(l))
for _, raw := range l {
original := raw.(map[string]interface{})
if len(original) < 1 {
// Do not include empty json objects coming back from the api
continue
}
transformed = append(transformed, map[string]interface{}{
"policy_id": flattenSecurityposturePosturePolicySetsPoliciesPolicyId(original["policyId"], d, config),
"description": flattenSecurityposturePosturePolicySetsPoliciesDescription(original["description"], d, config),
"compliance_standards": flattenSecurityposturePosturePolicySetsPoliciesComplianceStandards(original["complianceStandards"], d, config),
"constraint": flattenSecurityposturePosturePolicySetsPoliciesConstraint(original["constraint"], d, config),
})
}
return transformed
}
func flattenSecurityposturePosturePolicySetsPoliciesPolicyId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesDescription(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesComplianceStandards(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return v
}
l := v.([]interface{})
transformed := make([]interface{}, 0, len(l))
for _, raw := range l {
original := raw.(map[string]interface{})
if len(original) < 1 {
// Do not include empty json objects coming back from the api
continue
}
transformed = append(transformed, map[string]interface{}{
"standard": flattenSecurityposturePosturePolicySetsPoliciesComplianceStandardsStandard(original["standard"], d, config),
"control": flattenSecurityposturePosturePolicySetsPoliciesComplianceStandardsControl(original["control"], d, config),
})
}
return transformed
}
func flattenSecurityposturePosturePolicySetsPoliciesComplianceStandardsStandard(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesComplianceStandardsControl(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraint(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["org_policy_constraint"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraint(original["orgPolicyConstraint"], d, config)
transformed["org_policy_constraint_custom"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustom(original["orgPolicyConstraintCustom"], d, config)
transformed["security_health_analytics_module"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModule(original["securityHealthAnalyticsModule"], d, config)
transformed["security_health_analytics_custom_module"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModule(original["securityHealthAnalyticsCustomModule"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraint(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["canned_constraint_id"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCannedConstraintId(original["cannedConstraintId"], d, config)
transformed["policy_rules"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRules(original["policyRules"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCannedConstraintId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRules(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return v
}
l := v.([]interface{})
transformed := make([]interface{}, 0, len(l))
for _, raw := range l {
original := raw.(map[string]interface{})
if len(original) < 1 {
// Do not include empty json objects coming back from the api
continue
}
transformed = append(transformed, map[string]interface{}{
"values": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValues(original["values"], d, config),
"allow_all": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesAllowAll(original["allowAll"], d, config),
"deny_all": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesDenyAll(original["denyAll"], d, config),
"enforce": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesEnforce(original["enforce"], d, config),
"condition": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesCondition(original["condition"], d, config),
})
}
return transformed
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValues(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["allowed_values"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValuesAllowedValues(original["allowedValues"], d, config)
transformed["denied_values"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValuesDeniedValues(original["deniedValues"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValuesAllowedValues(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValuesDeniedValues(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesAllowAll(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesDenyAll(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesEnforce(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesCondition(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["expression"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionExpression(original["expression"], d, config)
transformed["title"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionTitle(original["title"], d, config)
transformed["description"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionDescription(original["description"], d, config)
transformed["location"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionLocation(original["location"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionExpression(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionTitle(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionDescription(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionLocation(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustom(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["custom_constraint"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraint(original["customConstraint"], d, config)
transformed["policy_rules"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRules(original["policyRules"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraint(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["name"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintName(original["name"], d, config)
transformed["display_name"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintDisplayName(original["displayName"], d, config)
transformed["description"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintDescription(original["description"], d, config)
transformed["condition"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintCondition(original["condition"], d, config)
transformed["action_type"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintActionType(original["actionType"], d, config)
transformed["method_types"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintMethodTypes(original["methodTypes"], d, config)
transformed["resource_types"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintResourceTypes(original["resourceTypes"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return v
}
revisionIdLength := 8
name := v.(string)
name = name[:len(name)-revisionIdLength]
return name
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintDisplayName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintDescription(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintCondition(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintActionType(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintMethodTypes(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintResourceTypes(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRules(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return v
}
l := v.([]interface{})
transformed := make([]interface{}, 0, len(l))
for _, raw := range l {
original := raw.(map[string]interface{})
if len(original) < 1 {
// Do not include empty json objects coming back from the api
continue
}
transformed = append(transformed, map[string]interface{}{
"values": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValues(original["values"], d, config),
"allow_all": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesAllowAll(original["allowAll"], d, config),
"deny_all": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesDenyAll(original["denyAll"], d, config),
"enforce": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesEnforce(original["enforce"], d, config),
"condition": flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesCondition(original["condition"], d, config),
})
}
return transformed
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValues(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["allowed_values"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValuesAllowedValues(original["allowedValues"], d, config)
transformed["denied_values"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValuesDeniedValues(original["deniedValues"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValuesAllowedValues(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValuesDeniedValues(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesAllowAll(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesDenyAll(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesEnforce(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesCondition(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["expression"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionExpression(original["expression"], d, config)
transformed["title"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionTitle(original["title"], d, config)
transformed["description"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionDescription(original["description"], d, config)
transformed["location"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionLocation(original["location"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionExpression(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionTitle(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionDescription(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionLocation(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModule(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["module_name"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModuleModuleName(original["moduleName"], d, config)
transformed["module_enablement_state"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModuleModuleEnablementState(original["moduleEnablementState"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModuleModuleName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModuleModuleEnablementState(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModule(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["id"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleId(original["id"], d, config)
transformed["display_name"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleDisplayName(original["displayName"], d, config)
transformed["module_enablement_state"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleModuleEnablementState(original["moduleEnablementState"], d, config)
transformed["config"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfig(original["config"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleId(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleDisplayName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleModuleEnablementState(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfig(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["predicate"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicate(original["predicate"], d, config)
transformed["custom_output"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutput(original["customOutput"], d, config)
transformed["resource_selector"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigResourceSelector(original["resourceSelector"], d, config)
transformed["severity"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigSeverity(original["severity"], d, config)
transformed["description"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigDescription(original["description"], d, config)
transformed["recommendation"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigRecommendation(original["recommendation"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicate(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["expression"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateExpression(original["expression"], d, config)
transformed["title"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateTitle(original["title"], d, config)
transformed["description"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateDescription(original["description"], d, config)
transformed["location"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateLocation(original["location"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateExpression(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateTitle(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateDescription(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateLocation(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutput(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["properties"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputProperties(original["properties"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputProperties(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return v
}
l := v.([]interface{})
transformed := make([]interface{}, 0, len(l))
for _, raw := range l {
original := raw.(map[string]interface{})
if len(original) < 1 {
// Do not include empty json objects coming back from the api
continue
}
transformed = append(transformed, map[string]interface{}{
"name": flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesName(original["name"], d, config),
"value_expression": flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpression(original["valueExpression"], d, config),
})
}
return transformed
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpression(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["expression"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionExpression(original["expression"], d, config)
transformed["title"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionTitle(original["title"], d, config)
transformed["description"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionDescription(original["description"], d, config)
transformed["location"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionLocation(original["location"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionExpression(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionTitle(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionDescription(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionLocation(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigResourceSelector(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["resource_types"] =
flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigResourceSelectorResourceTypes(original["resourceTypes"], d, config)
return []interface{}{transformed}
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigResourceSelectorResourceTypes(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigSeverity(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigDescription(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func flattenSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigRecommendation(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}
func expandSecurityposturePostureState(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePostureDescription(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePostureEtag(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySets(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
req := make([]interface{}, 0, len(l))
for _, raw := range l {
if raw == nil {
continue
}
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedPolicySetId, err := expandSecurityposturePosturePolicySetsPolicySetId(original["policy_set_id"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedPolicySetId); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["policySetId"] = transformedPolicySetId
}
transformedDescription, err := expandSecurityposturePosturePolicySetsDescription(original["description"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDescription); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["description"] = transformedDescription
}
transformedPolicies, err := expandSecurityposturePosturePolicySetsPolicies(original["policies"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedPolicies); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["policies"] = transformedPolicies
}
req = append(req, transformed)
}
return req, nil
}
func expandSecurityposturePosturePolicySetsPolicySetId(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsDescription(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPolicies(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
req := make([]interface{}, 0, len(l))
for _, raw := range l {
if raw == nil {
continue
}
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedPolicyId, err := expandSecurityposturePosturePolicySetsPoliciesPolicyId(original["policy_id"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedPolicyId); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["policyId"] = transformedPolicyId
}
transformedDescription, err := expandSecurityposturePosturePolicySetsPoliciesDescription(original["description"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDescription); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["description"] = transformedDescription
}
transformedComplianceStandards, err := expandSecurityposturePosturePolicySetsPoliciesComplianceStandards(original["compliance_standards"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedComplianceStandards); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["complianceStandards"] = transformedComplianceStandards
}
transformedConstraint, err := expandSecurityposturePosturePolicySetsPoliciesConstraint(original["constraint"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedConstraint); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["constraint"] = transformedConstraint
}
req = append(req, transformed)
}
return req, nil
}
func expandSecurityposturePosturePolicySetsPoliciesPolicyId(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesDescription(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesComplianceStandards(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
req := make([]interface{}, 0, len(l))
for _, raw := range l {
if raw == nil {
continue
}
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedStandard, err := expandSecurityposturePosturePolicySetsPoliciesComplianceStandardsStandard(original["standard"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedStandard); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["standard"] = transformedStandard
}
transformedControl, err := expandSecurityposturePosturePolicySetsPoliciesComplianceStandardsControl(original["control"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedControl); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["control"] = transformedControl
}
req = append(req, transformed)
}
return req, nil
}
func expandSecurityposturePosturePolicySetsPoliciesComplianceStandardsStandard(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesComplianceStandardsControl(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraint(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedOrgPolicyConstraint, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraint(original["org_policy_constraint"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedOrgPolicyConstraint); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["orgPolicyConstraint"] = transformedOrgPolicyConstraint
}
transformedOrgPolicyConstraintCustom, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustom(original["org_policy_constraint_custom"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedOrgPolicyConstraintCustom); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["orgPolicyConstraintCustom"] = transformedOrgPolicyConstraintCustom
}
transformedSecurityHealthAnalyticsModule, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModule(original["security_health_analytics_module"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedSecurityHealthAnalyticsModule); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["securityHealthAnalyticsModule"] = transformedSecurityHealthAnalyticsModule
}
transformedSecurityHealthAnalyticsCustomModule, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModule(original["security_health_analytics_custom_module"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedSecurityHealthAnalyticsCustomModule); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["securityHealthAnalyticsCustomModule"] = transformedSecurityHealthAnalyticsCustomModule
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraint(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedCannedConstraintId, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCannedConstraintId(original["canned_constraint_id"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedCannedConstraintId); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["cannedConstraintId"] = transformedCannedConstraintId
}
transformedPolicyRules, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRules(original["policy_rules"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedPolicyRules); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["policyRules"] = transformedPolicyRules
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCannedConstraintId(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRules(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
req := make([]interface{}, 0, len(l))
for _, raw := range l {
if raw == nil {
continue
}
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedValues, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValues(original["values"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedValues); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["values"] = transformedValues
}
transformedAllowAll, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesAllowAll(original["allow_all"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedAllowAll); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["allowAll"] = transformedAllowAll
}
transformedDenyAll, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesDenyAll(original["deny_all"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDenyAll); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["denyAll"] = transformedDenyAll
}
transformedEnforce, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesEnforce(original["enforce"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedEnforce); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["enforce"] = transformedEnforce
}
transformedCondition, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesCondition(original["condition"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedCondition); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["condition"] = transformedCondition
}
req = append(req, transformed)
}
return req, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValues(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedAllowedValues, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValuesAllowedValues(original["allowed_values"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedAllowedValues); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["allowedValues"] = transformedAllowedValues
}
transformedDeniedValues, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValuesDeniedValues(original["denied_values"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDeniedValues); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["deniedValues"] = transformedDeniedValues
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValuesAllowedValues(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesValuesDeniedValues(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesAllowAll(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesDenyAll(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesEnforce(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesCondition(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedExpression, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionExpression(original["expression"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedExpression); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["expression"] = transformedExpression
}
transformedTitle, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionTitle(original["title"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedTitle); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["title"] = transformedTitle
}
transformedDescription, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionDescription(original["description"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDescription); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["description"] = transformedDescription
}
transformedLocation, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionLocation(original["location"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedLocation); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["location"] = transformedLocation
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionExpression(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionTitle(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionDescription(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintPolicyRulesConditionLocation(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustom(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedCustomConstraint, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraint(original["custom_constraint"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedCustomConstraint); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["customConstraint"] = transformedCustomConstraint
}
transformedPolicyRules, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRules(original["policy_rules"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedPolicyRules); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["policyRules"] = transformedPolicyRules
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraint(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedName, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintName(original["name"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedName); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["name"] = transformedName
}
transformedDisplayName, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintDisplayName(original["display_name"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDisplayName); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["displayName"] = transformedDisplayName
}
transformedDescription, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintDescription(original["description"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDescription); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["description"] = transformedDescription
}
transformedCondition, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintCondition(original["condition"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedCondition); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["condition"] = transformedCondition
}
transformedActionType, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintActionType(original["action_type"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedActionType); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["actionType"] = transformedActionType
}
transformedMethodTypes, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintMethodTypes(original["method_types"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedMethodTypes); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["methodTypes"] = transformedMethodTypes
}
transformedResourceTypes, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintResourceTypes(original["resource_types"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedResourceTypes); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["resourceTypes"] = transformedResourceTypes
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintDisplayName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintDescription(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintCondition(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintActionType(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintMethodTypes(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomCustomConstraintResourceTypes(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRules(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
req := make([]interface{}, 0, len(l))
for _, raw := range l {
if raw == nil {
continue
}
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedValues, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValues(original["values"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedValues); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["values"] = transformedValues
}
transformedAllowAll, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesAllowAll(original["allow_all"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedAllowAll); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["allowAll"] = transformedAllowAll
}
transformedDenyAll, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesDenyAll(original["deny_all"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDenyAll); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["denyAll"] = transformedDenyAll
}
transformedEnforce, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesEnforce(original["enforce"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedEnforce); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["enforce"] = transformedEnforce
}
transformedCondition, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesCondition(original["condition"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedCondition); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["condition"] = transformedCondition
}
req = append(req, transformed)
}
return req, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValues(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedAllowedValues, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValuesAllowedValues(original["allowed_values"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedAllowedValues); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["allowedValues"] = transformedAllowedValues
}
transformedDeniedValues, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValuesDeniedValues(original["denied_values"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDeniedValues); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["deniedValues"] = transformedDeniedValues
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValuesAllowedValues(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesValuesDeniedValues(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesAllowAll(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesDenyAll(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesEnforce(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesCondition(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedExpression, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionExpression(original["expression"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedExpression); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["expression"] = transformedExpression
}
transformedTitle, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionTitle(original["title"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedTitle); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["title"] = transformedTitle
}
transformedDescription, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionDescription(original["description"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDescription); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["description"] = transformedDescription
}
transformedLocation, err := expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionLocation(original["location"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedLocation); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["location"] = transformedLocation
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionExpression(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionTitle(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionDescription(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintOrgPolicyConstraintCustomPolicyRulesConditionLocation(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModule(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedModuleName, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModuleModuleName(original["module_name"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedModuleName); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["moduleName"] = transformedModuleName
}
transformedModuleEnablementState, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModuleModuleEnablementState(original["module_enablement_state"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedModuleEnablementState); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["moduleEnablementState"] = transformedModuleEnablementState
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModuleModuleName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsModuleModuleEnablementState(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModule(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedId, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleId(original["id"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedId); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["id"] = transformedId
}
transformedDisplayName, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleDisplayName(original["display_name"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDisplayName); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["displayName"] = transformedDisplayName
}
transformedModuleEnablementState, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleModuleEnablementState(original["module_enablement_state"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedModuleEnablementState); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["moduleEnablementState"] = transformedModuleEnablementState
}
transformedConfig, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfig(original["config"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedConfig); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["config"] = transformedConfig
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleId(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleDisplayName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleModuleEnablementState(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfig(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedPredicate, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicate(original["predicate"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedPredicate); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["predicate"] = transformedPredicate
}
transformedCustomOutput, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutput(original["custom_output"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedCustomOutput); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["customOutput"] = transformedCustomOutput
}
transformedResourceSelector, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigResourceSelector(original["resource_selector"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedResourceSelector); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["resourceSelector"] = transformedResourceSelector
}
transformedSeverity, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigSeverity(original["severity"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedSeverity); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["severity"] = transformedSeverity
}
transformedDescription, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigDescription(original["description"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDescription); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["description"] = transformedDescription
}
transformedRecommendation, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigRecommendation(original["recommendation"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedRecommendation); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["recommendation"] = transformedRecommendation
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicate(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedExpression, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateExpression(original["expression"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedExpression); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["expression"] = transformedExpression
}
transformedTitle, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateTitle(original["title"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedTitle); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["title"] = transformedTitle
}
transformedDescription, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateDescription(original["description"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDescription); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["description"] = transformedDescription
}
transformedLocation, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateLocation(original["location"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedLocation); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["location"] = transformedLocation
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateExpression(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateTitle(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateDescription(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigPredicateLocation(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutput(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedProperties, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputProperties(original["properties"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedProperties); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["properties"] = transformedProperties
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputProperties(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
req := make([]interface{}, 0, len(l))
for _, raw := range l {
if raw == nil {
continue
}
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedName, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesName(original["name"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedName); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["name"] = transformedName
}
transformedValueExpression, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpression(original["value_expression"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedValueExpression); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["valueExpression"] = transformedValueExpression
}
req = append(req, transformed)
}
return req, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesName(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpression(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedExpression, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionExpression(original["expression"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedExpression); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["expression"] = transformedExpression
}
transformedTitle, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionTitle(original["title"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedTitle); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["title"] = transformedTitle
}
transformedDescription, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionDescription(original["description"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDescription); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["description"] = transformedDescription
}
transformedLocation, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionLocation(original["location"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedLocation); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["location"] = transformedLocation
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionExpression(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionTitle(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionDescription(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigCustomOutputPropertiesValueExpressionLocation(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigResourceSelector(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})
transformedResourceTypes, err := expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigResourceSelectorResourceTypes(original["resource_types"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedResourceTypes); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["resourceTypes"] = transformedResourceTypes
}
return transformed, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigResourceSelectorResourceTypes(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigSeverity(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigDescription(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
func expandSecurityposturePosturePolicySetsPoliciesConstraintSecurityHealthAnalyticsCustomModuleConfigRecommendation(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}