Add table gcp_vpc_access_connector Closes #643 (#647)

Co-authored-by: Ved misra <[email protected]>

docs/tables/gcp_vpc_access_connector.md

@@ -0,0 +1,176 @@
+---
+title: "Steampipe Table: gcp_vpc_access_connector - Query GCP VPC Access Connectors using SQL"
+description: "Allows users to query GCP VPC Access Connectors, providing detailed information on connector configurations, associated projects, and network settings."
+---
+
+# Table: gcp_vpc_access_connector - Query GCP VPC Access Connectors using SQL
+
+Google Cloud VPC Access Connector provides a way to enable serverless applications to connect securely to your Virtual Private Cloud (VPC) network. The `gcp_vpc_access_connector` table in Steampipe allows you to query information about VPC Access Connectors in your GCP environment, including their IP ranges, network settings, and associated projects.
+
+## Table Usage Guide
+
+The `gcp_vpc_access_connector` table is useful for cloud administrators and network engineers who need to gather detailed insights into their VPC Access Connectors. You can query various aspects of the connectors, such as their machine types, throughput configurations, state, and associated projects. This table is particularly useful for managing and monitoring network configurations, ensuring secure connectivity, and optimizing resource usage.
+
+## Examples
+
+### Basic info
+Retrieve basic information about VPC Access Connectors, including their name, location, and state.
+
+```sql+postgres
+select
+  name,
+  location,
+  state,
+  network,
+  machine_type
+from
+  gcp_vpc_access_connector;
+```
+
+```sql+sqlite
+select
+  name,
+  location,
+  state,
+  network,
+  machine_type
+from
+  gcp_vpc_access_connector;
+```
+
+### List connectors with specific IP CIDR ranges
+Identify connectors that are using specific IP CIDR ranges, which can help in managing IP address allocation and avoiding conflicts.
+
+```sql+postgres
+select
+  name,
+  ip_cidr_range,
+  network,
+  location
+from
+  gcp_vpc_access_connector
+where
+  ip_cidr_range = '10.8.0.0/28';
+```
+
+```sql+sqlite
+select
+  name,
+  ip_cidr_range,
+  network,
+  location
+from
+  gcp_vpc_access_connector
+where
+  ip_cidr_range = '10.8.0.0/28';
+```
+
+### List connectors by network and throughput
+Retrieve connectors that are part of a specific VPC network and have a specific throughput configuration, which can be useful for optimizing network performance.
+
+```sql+postgres
+select
+  name,
+  network,
+  min_throughput,
+  max_throughput
+from
+  gcp_vpc_access_connector
+where
+  network = 'default'
+  and max_throughput >= 1000;
+```
+
+```sql+sqlite
+select
+  name,
+  network,
+  min_throughput,
+  max_throughput
+from
+  gcp_vpc_access_connector
+where
+  network = 'default'
+  and max_throughput >= 1000;
+```
+
+### List the projects associated with the connectors
+Identify VPC Access Connectors that are being used by specific projects, which can help in understanding project dependencies and managing access.
+
+```sql+postgres
+select
+  name,
+  jsonb_array_elements_text(connected_projects) as project_name,
+  network,
+  location
+from
+  gcp_vpc_access_connector
+where
+  connected_projects is not null;
+```
+
+```sql+sqlite
+select
+  name,
+  json_extract(connected_projects, '$[0]') as project_name,
+  network,
+  location
+from
+  gcp_vpc_access_connector
+where
+  connected_projects is not null;
+```
+
+### List connectors by state
+Retrieve a list of connectors filtered by their state and project, which can help in monitoring the status of connectors in specific environments.
+
+```sql+postgres
+select
+  name,
+  state,
+  project,
+  location
+from
+  gcp_vpc_access_connector
+where
+  state = 'READY';
+```
+
+```sql+sqlite
+select
+  name,
+  state,
+  project,
+  location
+from
+  gcp_vpc_access_connector
+where
+  state = 'READY';
+```
+
+### Connectors with their associated subnets
+Retrieve information about VPC Access Connectors and their associated subnets.
+
+```sql+postgres
+select
+  c.name as connector_name,
+  c.location,
+  c.network,
+  s ->> 'name' as subnet_name,
+  s ->> 'ipCidrRange' as subnet_ip_range
+from
+  gcp_vpc_access_connector c,
+  jsonb_array_elements(c.subnet) as s;
+```
+
+```sql+sqlite
+select
+  c.name as connector_name,
+  c.location,
+  c.network,
+  json_extract(s.value, '$.name') as subnet_name,
+  json_extract(s.value, '$.ipCidrRange') as subnet_ip_range
+from
+  gcp_vpc_access_connector c,
+  json_each(c.subnet) as s;
+```

gcp-test/tests/gcp_vpc_access_connector/test-get-expected.json

@@ -0,0 +1,8 @@
+[
+	{
+		"location": "{{ output.region_id.value }}",
+		"name": "{{ output.resource_id.value }}",
+		"network": "{{ resourceName }}",
+		"state": "READY"
+	}
+]

gcp-test/tests/gcp_vpc_access_connector/test-get-query.sql

@@ -0,0 +1,3 @@
+select name, location, state, network
+from gcp.gcp_vpc_access_connector
+where name = '{{ output.resource_id.value }}';

gcp-test/tests/gcp_vpc_access_connector/test-hydrate-expected.json

@@ -0,0 +1,7 @@
+[
+	{
+
+		"name": "{{ output.resource_id.value }}",
+		"self_link": "https://vpcaccess.googleapis.com/v1/{{ output.resource_id.value }}"
+	}
+]

gcp-test/tests/gcp_vpc_access_connector/test-hydrate-query.sql

@@ -0,0 +1,3 @@
+select name, self_link
+from gcp.gcp_vpc_access_connector
+where self_link = 'https://vpcaccess.googleapis.com/v1/{{ output.resource_id.value }}';

gcp-test/tests/gcp_vpc_access_connector/test-list-expected.json

@@ -0,0 +1,6 @@
+[
+	{
+		"name": "{{ output.resource_id.value }}",
+		"title": "{{ resourceName }}"
+	}
+]

gcp-test/tests/gcp_vpc_access_connector/test-list-query.sql

@@ -0,0 +1,3 @@
+select name, title
+from gcp.gcp_vpc_access_connector
+where akas::text = '["{{ output.resource_aka.value }}"]';

gcp-test/tests/gcp_vpc_access_connector/test-not-found-expected.json

@@ -0,0 +1 @@
+[]

gcp-test/tests/gcp_vpc_access_connector/test-not-found-query.sql

@@ -0,0 +1,3 @@
+select name, state
+from gcp.gcp_vpc_access_connector
+where name = '{{ output.resource_id.value }}-dummy';

gcp-test/tests/gcp_vpc_access_connector/test-turbot-expected.json

@@ -0,0 +1,6 @@
+[
+	{
+		"akas": ["{{ output.resource_aka.value }}"],
+		"title": "{{ resourceName }}"
+	}
+]

gcp-test/tests/gcp_vpc_access_connector/test-turbot-query.sql

@@ -0,0 +1,3 @@
+select title, akas
+from gcp.gcp_vpc_access_connector
+where name = '{{ output.resource_id.value }}';

gcp-test/tests/gcp_vpc_access_connector/variables.json

@@ -0,0 +1 @@
+{}

gcp-test/tests/gcp_vpc_access_connector/variables.tf

@@ -0,0 +1,79 @@
+variable "resource_name" {
+  type        = string
+  default     = "turbot-test-20200125-create-update"
+  description = "Name of the resource used throughout the test."
+}
+
+variable "gcp_project" {
+  type        = string
+  default     = "parker-aaa"
+  description = "GCP project used for the test."
+}
+
+variable "gcp_region" {
+  type        = string
+  default     = "us-east1"
+  description = "GCP region used for the test."
+}
+
+variable "gcp_zone" {
+  type    = string
+  default = "us-east1-b"
+}
+
+provider "google" {
+  project = var.gcp_project
+  region  = var.gcp_region
+  zone    = var.gcp_zone
+}
+
+data "google_client_config" "current" {}
+
+data "null_data_source" "resource" {
+  inputs = {
+    scope = "gcp://cloudresourcemanager.googleapis.com/projects/${data.google_client_config.current.project}"
+  }
+}
+
+resource "google_compute_network" "named_test_resource" {
+  name = var.resource_name
+  auto_create_subnetworks = false
+  project = var.gcp_project
+}
+
+resource "google_compute_subnetwork" "named_test_resource" {
+  name          = var.resource_name
+  ip_cidr_range = "10.2.0.0/28"
+  region        = var.gcp_region
+  network       = google_compute_network.named_test_resource.id
+}
+
+resource "google_vpc_access_connector" "named_test_resource" {
+  name          = var.resource_name
+  subnet {
+    name = google_compute_subnetwork.named_test_resource.name
+  }
+  machine_type = "e2-standard-4"
+  min_instances = 2
+  max_instances = 3
+}
+
+output "resource_aka" {
+  value = "gcp://vpcaccess.googleapis.com/${google_vpc_access_connector.named_test_resource.id}"
+}
+
+output "resource_name" {
+  value = var.resource_name
+}
+
+output "resource_id" {
+  value = google_vpc_access_connector.named_test_resource.id
+}
+
+output "project_id" {
+  value = var.gcp_project
+}
+
+output "region_id" {
+  value = var.gcp_region
+}

gcp/plugin.go

@@ -144,6 +144,7 @@ func Plugin(ctx context.Context) *plugin.Plugin {
 			"gcp_tag_binding":                                         tableGcpTagBinding(ctx),
 			"gcp_vertex_ai_endpoint":                                  tableGcpVertexAIEndpoint(ctx),
 			"gcp_vertex_ai_model":                                     tableGcpVertexAIModel(ctx),
+			"gcp_vpc_access_connector":                                tableGcpVPCAccessConnector(ctx),
 			/*
 				https://github.com/turbot/steampipe/issues/108
 				"gcp_compute_route":                   tableGcpComputeRoute(ctx),

gcp/service.go

@@ -32,9 +32,10 @@ import (
 	"google.golang.org/api/option"
 	"google.golang.org/api/pubsub/v1"
 	"google.golang.org/api/run/v2"
+	"google.golang.org/api/secretmanager/v1"
 	"google.golang.org/api/serviceusage/v1"
 	"google.golang.org/api/storage/v1"
-	"google.golang.org/api/secretmanager/v1"
+	"google.golang.org/api/vpcaccess/v1"
 
 	computeBeta "google.golang.org/api/compute/v0.beta"
 	sqladmin "google.golang.org/api/sqladmin/v1beta4"
@@ -758,3 +759,23 @@ func SecretManagerService(ctx context.Context, d *plugin.QueryData) (*secretmana
 	d.ConnectionManager.Cache.Set(serviceCacheKey, svc)
 	return svc, nil
 }
+
+func VPCAccessService(ctx context.Context, d *plugin.QueryData) (*vpcaccess.Service, error) {
+	// have we already created and cached the service?
+	serviceCacheKey := "VPCAccessService"
+	if cachedData, ok := d.ConnectionManager.Cache.Get(serviceCacheKey); ok {
+		return cachedData.(*vpcaccess.Service), nil
+	}
+
+	// To get config arguments from plugin config file
+	opts := setSessionConfig(ctx, d.Connection)
+
+	// so it was not in cache - create service
+	svc, err := vpcaccess.NewService(ctx, opts...)
+	if err != nil {
+		return nil, err
+	}
+
+	d.ConnectionManager.Cache.Set(serviceCacheKey, svc)
+	return svc, nil
+}