Update hierarchical firewall resource

This replaces all the `google_compute_organization_security_*`
resources with the newer `google_compute_firewall_*` resources.

tests/modules/folder/fixture/main.tf

@@ -22,7 +22,7 @@ module "test" {
   policy_boolean              = var.policy_boolean
   policy_list                 = var.policy_list
   firewall_policies           = var.firewall_policies
-  firewall_policy_attachments = var.firewall_policy_attachments
+  firewall_policy_association = var.firewall_policy_association
   logging_sinks               = var.logging_sinks
   logging_exclusions          = var.logging_exclusions
 }

tests/modules/folder/fixture/variables.tf

@@ -49,7 +49,7 @@ variable "firewall_policies" {
   default = {}
 }
 
-variable "firewall_policy_attachments" {
+variable "firewall_policy_association" {
   type    = map(string)
   default = {}
 }

tests/modules/folder/test_plan_firewall_policy.py

@@ -54,17 +54,17 @@ def test_firweall_policy(plan_runner):
     }
   }
   """
-  attachment = '{ iap_policy = "policy1" }'
+  association = '{policy1="policy1"}'
   _, resources = plan_runner(FIXTURES_DIR, firewall_policies=policy,
-                             firewall_policy_attachments=attachment)
+                             firewall_policy_association=association)
   assert len(resources) == 5
-  
+
   policies = [r for r in resources
-           if r['type'] == 'google_compute_organization_security_policy']
+           if r['type'] == 'google_compute_firewall_policy']
   assert len(policies) == 1
 
   rules = [r for r in resources
-           if r['type'] == 'google_compute_organization_security_policy_rule']
+           if r['type'] == 'google_compute_firewall_policy_rule']
   assert len(rules) == 2
 
   rule_values = []
@@ -74,22 +74,20 @@ def test_firweall_policy(plan_runner):
     action = rule['values']['action']
     direction = rule['values']['direction']
     priority = rule['values']['priority']
-    config = rule['values']['match']
-    assert len(config) == 1
-    config = config[0]['config']
-    rule_values.append((name, index, action, direction, priority, config))
+    match = rule['values']['match']
+    rule_values.append((name, index, action, direction, priority, match))
 
   assert sorted(rule_values) == sorted([
     ('rule', 'policy1-allow-ingress', 'allow', 'INGRESS', 100,[
       {
         'dest_ip_ranges': None,
-        'layer4_config': [{'ip_protocol': 'tcp', 'ports': ['22']}],
+        'layer4_configs': [{'ip_protocol': 'tcp', 'ports': ['22']}],
         'src_ip_ranges': ['10.0.0.0/8']
       }]),
     ('rule', 'policy1-deny-egress', 'deny', 'EGRESS', 200, [
       {
         'dest_ip_ranges': ['192.168.0.0/24'],
-        'layer4_config': [{'ip_protocol': 'tcp', 'ports': ['443']}],
+        'layer4_configs': [{'ip_protocol': 'tcp', 'ports': ['443']}],
         'src_ip_ranges': None
       }])
   ])

tests/modules/organization/fixture/main.tf

@@ -26,7 +26,7 @@ module "test" {
   policy_boolean              = var.policy_boolean
   policy_list                 = var.policy_list
   firewall_policies           = var.firewall_policies
-  firewall_policy_attachments = var.firewall_policy_attachments
+  firewall_policy_association = var.firewall_policy_association
   firewall_policy_factory     = var.firewall_policy_factory
   logging_sinks               = var.logging_sinks
   logging_exclusions          = var.logging_exclusions

tests/modules/organization/fixture/variables.tf

@@ -74,7 +74,7 @@ variable "firewall_policies" {
   default = {}
 }
 
-variable "firewall_policy_attachments" {
+variable "firewall_policy_association" {
   type    = map(string)
   default = {}
 }

tests/modules/organization/test_plan_firewall.py

@@ -80,9 +80,9 @@ def test_custom(plan_runner):
   _, resources = plan_runner(FIXTURES_DIR, firewall_policies=_POLICIES)
   assert len(resources) == 5
   policies = [r for r in resources
-              if r['type'] == 'google_compute_organization_security_policy']
+              if r['type'] == 'google_compute_firewall_policy']
   rules = [r for r in resources
-           if r['type'] == 'google_compute_organization_security_policy_rule']
+           if r['type'] == 'google_compute_firewall_policy_rule']
   assert set(r['index'] for r in policies) == set([
       'policy1', 'policy2'
   ])
@@ -96,9 +96,9 @@ def test_factory(plan_runner):
   _, resources = plan_runner(FIXTURES_DIR, firewall_policy_factory=_FACTORY)
   assert len(resources) == 3
   policies = [r for r in resources
-              if r['type'] == 'google_compute_organization_security_policy']
+              if r['type'] == 'google_compute_firewall_policy']
   rules = [r for r in resources
-           if r['type'] == 'google_compute_organization_security_policy_rule']
+           if r['type'] == 'google_compute_firewall_policy_rule']
   assert set(r['index'] for r in policies) == set([
       'factory-1'
   ])
@@ -113,7 +113,7 @@ def test_factory_name(plan_runner):
   _, resources = plan_runner(FIXTURES_DIR, firewall_policy_factory=factory)
   assert len(resources) == 3
   policies = [r for r in resources
-              if r['type'] == 'google_compute_organization_security_policy']
+              if r['type'] == 'google_compute_firewall_policy']
   assert set(r['index'] for r in policies) == set([
       'factory'
   ])
@@ -125,9 +125,9 @@ def test_combined(plan_runner):
                              firewall_policy_factory=_FACTORY)
   assert len(resources) == 8
   policies = [r for r in resources
-              if r['type'] == 'google_compute_organization_security_policy']
+              if r['type'] == 'google_compute_firewall_policy']
   rules = [r for r in resources
-           if r['type'] == 'google_compute_organization_security_policy_rule']
+           if r['type'] == 'google_compute_firewall_policy_rule']
   assert set(r['index'] for r in policies) == set([
       'factory-1', 'policy1', 'policy2'
   ])