Fixed GA NetworkSecurity tests (#10656)

[upstream:636d31676ab74cd9d4c48bdb4725a89f5dd6e9d7]

Signed-off-by: Modular Magician <magic-modules@google.com>

Author: modular-magician

google/services/networksecurity/resource_network_security_firewall_endpoint_association_test.go

@@ -31,7 +31,7 @@ func TestAccNetworkSecurityFirewallEndpointAssociations_basic(t *testing.T) {
 
 	acctest.VcrTest(t, resource.TestCase{
 		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
-		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
 		CheckDestroy:             testAccCheckNetworkSecurityFirewallEndpointDestroyProducer(t),
 		Steps: []resource.TestStep{
 			{
@@ -69,7 +69,7 @@ func TestAccNetworkSecurityFirewallEndpointAssociations_disabled(t *testing.T) {
 
 	acctest.VcrTest(t, resource.TestCase{
 		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
-		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
 		CheckDestroy:             testAccCheckNetworkSecurityFirewallEndpointDestroyProducer(t),
 		Steps: []resource.TestStep{
 			{
@@ -120,13 +120,11 @@ func testContextMapDisabledField(context map[string]interface{}, disabled bool)
 func testAccNetworkSecurityFirewallEndpointAssociation_basic(context map[string]interface{}) string {
 	return acctest.Nprintf(`
 resource "google_compute_network" "foobar" {
-  provider                = google-beta
   name                    = "tf-test-my-vpc%{randomSuffix}"
   auto_create_subnetworks = false
 }
 
 resource "google_network_security_firewall_endpoint" "foobar" {
-  provider           = google-beta
   name               = "tf-test-my-firewall-endpoint%{randomSuffix}"
   parent             = "organizations/%{orgId}"
   location           = "us-central1-a"
@@ -135,7 +133,6 @@ resource "google_network_security_firewall_endpoint" "foobar" {
 
 # TODO: add tlsInspectionPolicy once resource is ready
 resource "google_network_security_firewall_endpoint_association" "foobar" {
-  provider          = google-beta
   name              = "tf-test-my-firewall-endpoint-association%{randomSuffix}"
   parent            = "projects/%{billingProjectId}"
   location          = "us-central1-a"
@@ -152,13 +149,11 @@ resource "google_network_security_firewall_endpoint_association" "foobar" {
 func testAccNetworkSecurityFirewallEndpointAssociation_update(context map[string]interface{}) string {
 	return acctest.Nprintf(`
 resource "google_compute_network" "foobar" {
-  provider                = google-beta
   name                    = "tf-test-my-vpc%{randomSuffix}"
   auto_create_subnetworks = false
 }
 
 resource "google_network_security_firewall_endpoint" "foobar" {
-  provider           = google-beta
   name               = "tf-test-my-firewall-endpoint%{randomSuffix}"
   parent             = "organizations/%{orgId}"
   location           = "us-central1-a"
@@ -167,7 +162,6 @@ resource "google_network_security_firewall_endpoint" "foobar" {
 
 # TODO: add tlsInspectionPolicy once resource is ready
 resource "google_network_security_firewall_endpoint_association" "foobar" {
-  provider          = google-beta
   name              = "tf-test-my-firewall-endpoint-association%{randomSuffix}"
   parent            = "projects/%{billingProjectId}"
   location          = "us-central1-a"

google/services/networksecurity/resource_network_security_firewall_endpoint_test.go

@@ -26,7 +26,7 @@ func TestAccNetworkSecurityFirewallEndpoints_basic(t *testing.T) {
 
 	acctest.VcrTest(t, resource.TestCase{
 		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
-		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
 		CheckDestroy:             testAccCheckNetworkSecurityFirewallEndpointDestroyProducer(t),
 		Steps: []resource.TestStep{
 			{
@@ -54,8 +54,6 @@ func TestAccNetworkSecurityFirewallEndpoints_basic(t *testing.T) {
 func testAccNetworkSecurityFirewallEndpoints_basic(orgId string, billingProjectId string, randomSuffix string) string {
 	return fmt.Sprintf(`
 resource "google_network_security_firewall_endpoint" "foobar" {
-  provider = google-beta
-
   name     = "tf-test-my-firewall-endpoint%[1]s"
   parent   = "organizations/%[2]s"
   location = "us-central1-a"
@@ -71,8 +69,6 @@ resource "google_network_security_firewall_endpoint" "foobar" {
 func testAccNetworkSecurityFirewallEndpoints_update(orgId string, billingProjectId string, randomSuffix string) string {
 	return fmt.Sprintf(`
 resource "google_network_security_firewall_endpoint" "foobar" {
-  provider = google-beta
-
   name     = "tf-test-my-firewall-endpoint%[1]s"
   parent   = "organizations/%[2]s"
   location = "us-central1-a"

google/services/networksecurity/resource_network_security_security_profile_group_test.go

@@ -19,7 +19,7 @@ func TestAccNetworkSecuritySecurityProfileGroups_update(t *testing.T) {
 
 	acctest.VcrTest(t, resource.TestCase{
 		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
-		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
 		CheckDestroy:             testAccCheckNetworkSecuritySecurityProfileGroupDestroyProducer(t),
 		Steps: []resource.TestStep{
 			{
@@ -47,15 +47,13 @@ func TestAccNetworkSecuritySecurityProfileGroups_update(t *testing.T) {
 func testAccNetworkSecuritySecurityProfileGroups_basic(orgId string, randomSuffix string) string {
 	return fmt.Sprintf(`
 resource "google_network_security_security_profile" "foobar" {
-    provider    = google-beta
     name        = "tf-test-my-security-profile%s"
     type        = "THREAT_PREVENTION"
     parent      = "organizations/%s"
     location    = "global"
 }
 
 resource "google_network_security_security_profile_group" "foobar" {
-    provider                  = google-beta
     name                      = "tf-test-my-security-profile-group%s"
     parent                    = "organizations/%s"
     location                  = "global"
@@ -72,23 +70,20 @@ resource "google_network_security_security_profile_group" "foobar" {
 func testAccNetworkSecuritySecurityProfileGroups_update(orgId string, randomSuffix string) string {
 	return fmt.Sprintf(`
 resource "google_network_security_security_profile" "foobar" {
-    provider    = google-beta
     name        = "tf-test-my-security-profile%s"
     type        = "THREAT_PREVENTION"
     parent      = "organizations/%s"
     location    = "global"
 }
 
 resource "google_network_security_security_profile" "foobar_updated" {
-    provider    = google-beta
     name        = "tf-test-my-security-profile-updated%s"
     type        = "THREAT_PREVENTION"
     parent      = "organizations/%s"
     location    = "global"
 }
 
 resource "google_network_security_security_profile_group" "foobar" {
-    provider                  = google-beta
     name                      = "tf-test-my-security-profile-group%s"
     parent                    = "organizations/%s"
     location                  = "global"

google/services/networksecurity/resource_network_security_security_profile_test.go

@@ -19,7 +19,7 @@ func TestAccNetworkSecuritySecurityProfiles_update(t *testing.T) {
 
 	acctest.VcrTest(t, resource.TestCase{
 		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
-		ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
 		CheckDestroy:             testAccCheckNetworkSecuritySecurityProfileDestroyProducer(t),
 		Steps: []resource.TestStep{
 			{
@@ -47,7 +47,6 @@ func TestAccNetworkSecuritySecurityProfiles_update(t *testing.T) {
 func testAccNetworkSecuritySecurityProfiles_basic(orgId string, randomSuffix string) string {
 	return fmt.Sprintf(`
 resource "google_network_security_security_profile" "foobar" {
-    provider    = google-beta
     name        = "tf-test-my-security-profile%s"
     parent      = "organizations/%s"
     location    = "global"
@@ -64,7 +63,6 @@ resource "google_network_security_security_profile" "foobar" {
 func testAccNetworkSecuritySecurityProfiles_update(orgId string, randomSuffix string) string {
 	return fmt.Sprintf(`
 resource "google_network_security_security_profile" "foobar" {
-    provider    = google-beta
     name        = "tf-test-my-security-profile%s"
     parent      = "organizations/%s"
     location    = "global"

google/services/networksecurity/resource_network_security_tls_inspection_policy_generated_test.go

@@ -117,14 +117,13 @@ resource "google_privateca_certificate_authority" "default" {
   }
 }
 
-resource "google_project_service_identity" "ns_sa" {
-  service = "networksecurity.googleapis.com"
-}
+
+data "google_project" "project" {}
 
 resource "google_privateca_ca_pool_iam_member" "tls_inspection_permission" {
   ca_pool = google_privateca_ca_pool.default.id
   role    = "roles/privateca.certificateManager"
-  member  = "serviceAccount:${google_project_service_identity.ns_sa.email}"
+  member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-networksecurity.iam.gserviceaccount.com"
 }
 
 resource "google_network_security_tls_inspection_policy" "default" {

google/services/networksecurity/resource_network_security_tls_inspection_policy_test.go

@@ -105,14 +105,12 @@ resource "google_privateca_certificate_authority" "default" {
   }
 }
 
-resource "google_project_service_identity" "ns_sa" {
-  service = "networksecurity.googleapis.com"
-}
+data "google_project" "project" {}
 
 resource "google_privateca_ca_pool_iam_member" "tls_inspection_permission" {
   ca_pool = google_privateca_ca_pool.default.id
   role = "roles/privateca.certificateManager"
-  member = "serviceAccount:${google_project_service_identity.ns_sa.email}"
+  member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-networksecurity.iam.gserviceaccount.com"
 }
 
 resource "google_network_security_tls_inspection_policy" "foobar" {
@@ -187,14 +185,12 @@ resource "google_privateca_certificate_authority" "default" {
   }
 }
 
-resource "google_project_service_identity" "ns_sa" {
-  service = "networksecurity.googleapis.com"
-}
+data "google_project" "project" {}
 
 resource "google_privateca_ca_pool_iam_member" "tls_inspection_permission" {
   ca_pool = google_privateca_ca_pool.default.id
   role = "roles/privateca.certificateManager"
-  member = "serviceAccount:${google_project_service_identity.ns_sa.email}"
+  member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-networksecurity.iam.gserviceaccount.com"
 }
 
 resource "google_network_security_tls_inspection_policy" "foobar" {

website/docs/r/network_security_gateway_security_policy.html.markdown

@@ -113,18 +113,16 @@ resource "google_privateca_certificate_authority" "default" {
   }
 }
 
-resource "google_project_service_identity" "ns_sa" {
+data "google_project" "project" {
   provider = google-beta
-
-  service = "networksecurity.googleapis.com"
 }
 
 resource "google_privateca_ca_pool_iam_member" "tls_inspection_permission" {
   provider = google-beta
 
   ca_pool = google_privateca_ca_pool.default.id
   role = "roles/privateca.certificateManager"
-  member = "serviceAccount:${google_project_service_identity.ns_sa.email}"
+  member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-networksecurity.iam.gserviceaccount.com"
 }
 
 resource "google_network_security_tls_inspection_policy" "default" {

website/docs/r/network_security_tls_inspection_policy.html.markdown

@@ -97,14 +97,13 @@ resource "google_privateca_certificate_authority" "default" {
   }
 }
 
-resource "google_project_service_identity" "ns_sa" {
-  service = "networksecurity.googleapis.com"
-}
+
+data "google_project" "project" {}
 
 resource "google_privateca_ca_pool_iam_member" "tls_inspection_permission" {
   ca_pool = google_privateca_ca_pool.default.id
   role    = "roles/privateca.certificateManager"
-  member  = "serviceAccount:${google_project_service_identity.ns_sa.email}"
+  member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-networksecurity.iam.gserviceaccount.com"
 }
 
 resource "google_network_security_tls_inspection_policy" "default" {