feat!: support for externally managed egress/ingress policies

[caetano-colin]

This PR adds support to manage ingress/egress policies in their own terraform resources (#180)

And solves the problem that arises when re-running the terraform code with newly added ingress and egress policies that were added without using the module. Similar to what was done for "resources" on issue #60

[caetano-colin]

Regarding the Lint fail:

the example triggering lint fails is pointing to the module "regular_service_perimeter" on version ~> 6.0, so propagating these changes to 7.0 won't take effect on it.

module-swapper is changing it to the current changes, that require TPG > 6.21, which make them fail.

see terraform providers output on examples/automatic_folder, without module-swapper:

Providers required by configuration:
.
├── provider[registry.terraform.io/hashicorp/google]
├── module.localhost_function
│   ├── provider[registry.terraform.io/hashicorp/null] >= 2.1.0, < 4.0.0
│   ├── provider[registry.terraform.io/hashicorp/archive] >= 1.2.0, < 3.0.0
│   └── provider[registry.terraform.io/hashicorp/google] >= 4.23.0, < 7.0.0
├── module.service_perimeter
│   └── provider[registry.terraform.io/hashicorp/google] >= 5.4.0, < 7.0.0
├── module.access_context_manager_policy
│   └── provider[registry.terraform.io/hashicorp/google] >= 3.62.0, < 7.0.0
├── module.access_level_members
│   └── provider[registry.terraform.io/hashicorp/google] >= 5.4.0, < 7.0.0
└── module.event_folder_log_entry
    ├── provider[registry.terraform.io/hashicorp/google] >= 3.53.0, < 7.0.0
    └── module.log_export
        └── provider[registry.terraform.io/hashicorp/google] >= 3.53.0, < 6.0.0

[caetano-colin]

Opened PR: terraform-google-modules/terraform-google-event-function#269 to address the lint issue

[apeabody]

From the LINT:

terraform_validate ./examples/automatic_folder
╷
│ Error: Failed to query available provider packages
│ 
│ Could not retrieve the list of available versions for provider
│ hashicorp/google: no available releases match the given constraints >=
│ 3.53.0, >= 3.62.0, >= 4.23.0, >= 5.4.0, < 6.0.0, >= 6.21.0, < 7.0.0
│ 
│ To see which modules are currently depending on hashicorp/google and what
│ versions are specified, run the following command:
│     terraform providers

[caetano-colin]

From the LINT:

terraform_validate ./examples/automatic_folder
╷
│ Error: Failed to query available provider packages
│ 
│ Could not retrieve the list of available versions for provider
│ hashicorp/google: no available releases match the given constraints >=
│ 3.53.0, >= 3.62.0, >= 4.23.0, >= 5.4.0, < 6.0.0, >= 6.21.0, < 7.0.0
│ 
│ To see which modules are currently depending on hashicorp/google and what
│ versions are specified, run the following command:
│     terraform providers

this is due to a version restriction in a submodule, I created a PR for the fix: terraform-google-modules/terraform-google-event-function#269

[apeabody]

From the LINT:

terraform_validate ./examples/automatic_folder
╷
│ Error: Failed to query available provider packages
│ 
│ Could not retrieve the list of available versions for provider
│ hashicorp/google: no available releases match the given constraints >=
│ 3.53.0, >= 3.62.0, >= 4.23.0, >= 5.4.0, < 6.0.0, >= 6.21.0, < 7.0.0
│ 
│ To see which modules are currently depending on hashicorp/google and what
│ versions are specified, run the following command:
│     terraform providers

this is due to a version restriction in a submodule, I created a PR for the fix: terraform-google-modules/terraform-google-event-function#269

Great - just merged that PR.

[caetano-colin]

From the LINT:

terraform_validate ./examples/automatic_folder
╷
│ Error: Failed to query available provider packages
│ 
│ Could not retrieve the list of available versions for provider
│ hashicorp/google: no available releases match the given constraints >=
│ 3.53.0, >= 3.62.0, >= 4.23.0, >= 5.4.0, < 6.0.0, >= 6.21.0, < 7.0.0
│ 
│ To see which modules are currently depending on hashicorp/google and what
│ versions are specified, run the following command:
│     terraform providers

this is due to a version restriction in a submodule, I created a PR for the fix: terraform-google-modules/terraform-google-event-function#269

Great - just merged that PR.

Great! Thanks

we will need a release, to update the offending module version: https://github.com/caetano-colin/terraform-google-vpc-service-controls/blob/support-externally-managed-policies/examples/automatic_folder/watcher.tf#L19

[apeabody]

From the LINT:

terraform_validate ./examples/automatic_folder
╷
│ Error: Failed to query available provider packages
│ 
│ Could not retrieve the list of available versions for provider
│ hashicorp/google: no available releases match the given constraints >=
│ 3.53.0, >= 3.62.0, >= 4.23.0, >= 5.4.0, < 6.0.0, >= 6.21.0, < 7.0.0
│ 
│ To see which modules are currently depending on hashicorp/google and what
│ versions are specified, run the following command:
│     terraform providers

this is due to a version restriction in a submodule, I created a PR for the fix: terraform-google-modules/terraform-google-event-function#269

Great - just merged that PR.

Great! Thanks

we will need a release, to update the offending module version: https://github.com/caetano-colin/terraform-google-vpc-service-controls/blob/support-externally-managed-policies/examples/automatic_folder/watcher.tf#L19

terraform-google-modules/terraform-google-event-function#269 only changed examples? Did some intended elements not get included?

[caetano-colin]

From the LINT:

terraform_validate ./examples/automatic_folder
╷
│ Error: Failed to query available provider packages
│ 
│ Could not retrieve the list of available versions for provider
│ hashicorp/google: no available releases match the given constraints >=
│ 3.53.0, >= 3.62.0, >= 4.23.0, >= 5.4.0, < 6.0.0, >= 6.21.0, < 7.0.0
│ 
│ To see which modules are currently depending on hashicorp/google and what
│ versions are specified, run the following command:
│     terraform providers

this is due to a version restriction in a submodule, I created a PR for the fix: terraform-google-modules/terraform-google-event-function#269

Great - just merged that PR.

Great! Thanks
we will need a release, to update the offending module version: https://github.com/caetano-colin/terraform-google-vpc-service-controls/blob/support-externally-managed-policies/examples/automatic_folder/watcher.tf#L19

terraform-google-modules/terraform-google-event-function#269 only changed examples? Did some intended elements not get included?

thanks for pointing it out, there a missing update that was missed during git revert operations, here is the PR with the missing changes: terraform-google-modules/terraform-google-event-function#271

[caetano-colin]

@apeabody could you PTAL?

[apeabody]

Thanks @caetano-colin