Merge pull request #1972 from GlennChia/d-improve_network_insights_ac…

…cess_scope docs: ec2_network_insights_access_scope
hashicorp · Sep 3, 2024 · b73a959 · b73a959
2 parents fbee2fe + 54e7060
commit b73a959
Show file tree

Hide file tree

Showing 5 changed files with 256 additions and 2 deletions.
diff --git a/docs/resources/ec2_network_insights_access_scope.md b/docs/resources/ec2_network_insights_access_scope.md
@@ -1,5 +1,4 @@
 ---
-# generated by https://github.com/hashicorp/terraform-plugin-docs
 page_title: "awscc_ec2_network_insights_access_scope Resource - terraform-provider-awscc"
 subcategory: ""
 description: |-
@@ -10,7 +9,124 @@ description: |-
 
 Resource schema for AWS::EC2::NetworkInsightsAccessScope
 
+## Example Usage
+
+### With `resources` and `resource_types` within `match_paths`
+
+Paths from a specific VPC by specifying its ID to any Internet Gateway.
+
+```terraform
+resource "awscc_ec2_network_insights_access_scope" "example" {
+  match_paths = [{
+    source = {
+      resource_statement = {
+        resources = [
+          aws_vpc.example.id
+        ]
+      }
+    }
+    destination = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::InternetGateway"
+        ]
+      }
+    }
+  }]
+
+  tags = [{
+    key   = "Name"
+    value = "source-vpc-id-to-dest-igw"
+  }]
+}
+```
 
+### With `packet_header_statement`
+
+From an EC2 instance within a specified subnet CIDR range to an EC2 instance within a specified destination subnet CIDR range on TCP.
+
+```terraform
+resource "awscc_ec2_network_insights_access_scope" "example" {
+  match_paths = [{
+    source = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::Instance"
+        ]
+      }
+      packet_header_statement = {
+        source_addresses = [aws_subnet.source.cidr_block]
+        protocols        = ["tcp"]
+      }
+    }
+    destination = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::Instance"
+        ]
+      }
+      packet_header_statement = {
+        destination_addresses = [aws_subnet.dest.cidr_block]
+        protocols             = ["tcp"]
+      }
+    }
+  }]
+
+  tags = [{
+    key   = "Name"
+    value = "source-ec2-tcp-to-dest-ec2-tcp"
+  }]
+}
+```
+
+### With `exclude_paths`
+
+From an EC2 instance within a specified subnet CIDR range to an EC2 instance within a specified destination subnet CIDR range on TCP port 80. Excludes paths that have a Transit Gateway Attachment.
+
+```terraform
+resource "awscc_ec2_network_insights_access_scope" "example" {
+  match_paths = [{
+    source = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::Instance"
+        ]
+      }
+      packet_header_statement = {
+        source_addresses = [aws_subnet.source.cidr_block]
+        protocols        = ["tcp"]
+      }
+    }
+    destination = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::Instance"
+        ]
+      }
+      packet_header_statement = {
+        destination_addresses = [aws_subnet.dest.cidr_block]
+        protocols             = ["tcp"]
+        destination_ports     = [80]
+      }
+    }
+  }]
+
+  exclude_paths = [{
+    through_resources = [{
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::TransitGatewayAttachment"
+        ]
+      }
+    }]
+  }]
+
+  tags = [{
+    key   = "Name"
+    value = "source-ec2-tcp-to-dest-ec2-tcp-exc-tgw-att"
+  }]
+}
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema
@@ -228,4 +344,4 @@ Import is supported using the following syntax:
 
 ```shell
 $ terraform import awscc_ec2_network_insights_access_scope.example "network_insights_access_scope_id"
-```
+```
diff --git a/...s/awscc_ec2_network_insights_access_scope/source_resource_vpc_to_dest_resourcetype_igw.tf b/...s/awscc_ec2_network_insights_access_scope/source_resource_vpc_to_dest_resourcetype_igw.tf
@@ -0,0 +1,24 @@
+
+resource "awscc_ec2_network_insights_access_scope" "example" {
+  match_paths = [{
+    source = {
+      resource_statement = {
+        resources = [
+          aws_vpc.example.id
+        ]
+      }
+    }
+    destination = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::InternetGateway"
+        ]
+      }
+    }
+  }]
+
+  tags = [{
+    key   = "Name"
+    value = "source-vpc-id-to-dest-igw"
+  }]
+}
diff --git a/...scc_ec2_network_insights_access_scope/source_resourcetype_ec2_to_dest_resourcetype_ec2.tf b/...scc_ec2_network_insights_access_scope/source_resourcetype_ec2_to_dest_resourcetype_ec2.tf
@@ -0,0 +1,31 @@
+resource "awscc_ec2_network_insights_access_scope" "example" {
+  match_paths = [{
+    source = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::Instance"
+        ]
+      }
+      packet_header_statement = {
+        source_addresses = [aws_subnet.source.cidr_block]
+        protocols        = ["tcp"]
+      }
+    }
+    destination = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::Instance"
+        ]
+      }
+      packet_header_statement = {
+        destination_addresses = [aws_subnet.dest.cidr_block]
+        protocols             = ["tcp"]
+      }
+    }
+  }]
+
+  tags = [{
+    key   = "Name"
+    value = "source-ec2-tcp-to-dest-ec2-tcp"
+  }]
+}
diff --git a/...work_insights_access_scope/source_resourcetype_ec2_to_dest_resourcetype_ec2_exc_tgwatt.tf b/...work_insights_access_scope/source_resourcetype_ec2_to_dest_resourcetype_ec2_exc_tgwatt.tf
@@ -0,0 +1,42 @@
+resource "awscc_ec2_network_insights_access_scope" "example" {
+  match_paths = [{
+    source = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::Instance"
+        ]
+      }
+      packet_header_statement = {
+        source_addresses = [aws_subnet.source.cidr_block]
+        protocols        = ["tcp"]
+      }
+    }
+    destination = {
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::Instance"
+        ]
+      }
+      packet_header_statement = {
+        destination_addresses = [aws_subnet.dest.cidr_block]
+        protocols             = ["tcp"]
+        destination_ports     = [80]
+      }
+    }
+  }]
+
+  exclude_paths = [{
+    through_resources = [{
+      resource_statement = {
+        resource_types = [
+          "AWS::EC2::TransitGatewayAttachment"
+        ]
+      }
+    }]
+  }]
+
+  tags = [{
+    key   = "Name"
+    value = "source-ec2-tcp-to-dest-ec2-tcp-exc-tgw-att"
+  }]
+}
diff --git a/templates/resources/ec2_network_insights_access_scope.md.tmpl b/templates/resources/ec2_network_insights_access_scope.md.tmpl
@@ -0,0 +1,41 @@
+---
+page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}"
+subcategory: ""
+description: |-
+{{ .Description | plainmarkdown | trimspace | prefixlines "  " }}
+---
+
+# {{.Name}} ({{.Type}})
+
+{{ .Description | trimspace }}
+
+## Example Usage
+
+### With `resources` and `resource_types` within `match_paths`
+
+Paths from a specific VPC by specifying its ID to any Internet Gateway.
+
+{{ tffile (printf "examples/resources/%s/source_resource_vpc_to_dest_resourcetype_igw.tf" .Name)}}
+
+### With `packet_header_statement`
+
+From an EC2 instance within a specified subnet CIDR range to an EC2 instance within a specified destination subnet CIDR range on TCP.
+
+{{ tffile (printf "examples/resources/%s/source_resourcetype_ec2_to_dest_resourcetype_ec2.tf" .Name)}}
+
+### With `exclude_paths`
+
+From an EC2 instance within a specified subnet CIDR range to an EC2 instance within a specified destination subnet CIDR range on TCP port 80. Excludes paths that have a Transit Gateway Attachment.
+
+{{ tffile (printf "examples/resources/%s/source_resourcetype_ec2_to_dest_resourcetype_ec2_exc_tgwatt.tf" .Name)}}
+
+{{ .SchemaMarkdown | trimspace }}
+{{- if .HasImport }}
+
+## Import
+
+Import is supported using the following syntax:
+
+{{ codefile "shell" .ImportFile }}
+
+{{- end }}