fix: small PR comments/fixes

Snowflake-Labs · May 20, 2024 · 048815f · 048815f
1 parent c86c082
commit 048815f
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 8 deletions.
diff --git a/docs/resources/network_policy.md b/docs/resources/network_policy.md
@@ -12,6 +12,10 @@ description: |-
 ## Example Usage
 
 ```terraform
+##################################
+### using network rules
+##################################
+
 resource "snowflake_network_rule" "rule" {
   name       = "rule"
   database   = "EXAMPLE_DB"
@@ -28,6 +32,19 @@ resource "snowflake_network_policy" "policy" {
 
   allowed_network_rule_list = [snowflake_network_rule.rule.qualified_name]
 }
+
+
+##################################
+### using ip lists
+##################################
+
+resource "snowflake_network_policy" "policy" {
+  name    = "policy"
+  comment = "A policy."
+
+  allowed_ip_list = ["192.168.0.100/24"]
+  blocked_ip_list = ["192.168.0.101"]
+}
 ```
 
 <!-- schema generated by tfplugindocs -->

diff --git a/examples/resources/snowflake_network_policy/resource.tf b/examples/resources/snowflake_network_policy/resource.tf
@@ -1,3 +1,7 @@
+##################################
+### using network rules
+##################################
+
 resource "snowflake_network_rule" "rule" {
   name       = "rule"
   database   = "EXAMPLE_DB"
@@ -14,3 +18,16 @@ resource "snowflake_network_policy" "policy" {
 
   allowed_network_rule_list = [snowflake_network_rule.rule.qualified_name]
 }
+
+
+##################################
+### using ip lists
+##################################
+
+resource "snowflake_network_policy" "policy" {
+  name    = "policy"
+  comment = "A policy."
+
+  allowed_ip_list = ["192.168.0.100/24"]
+  blocked_ip_list = ["192.168.0.101"]
+}
diff --git a/pkg/resources/network_policy.go b/pkg/resources/network_policy.go
@@ -5,9 +5,10 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"strings"
 
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+
 	"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/internal/provider"
 
 	"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/sdk"
@@ -132,7 +133,7 @@ func ReadContextNetworkPolicy(ctx context.Context, d *schema.ResourceData, meta
 
 	networkPolicy, err := client.NetworkPolicies.ShowByID(ctx, sdk.NewAccountObjectIdentifier(policyName))
 	if networkPolicy == nil || err != nil {
-		if errors.Is(err, sdk.ErrObjectNotExistOrAuthorized) {
+		if errors.Is(err, sdk.ErrObjectNotFound) {
 			d.SetId("")
 			return diag.Diagnostics{
 				diag.Diagnostic{
@@ -200,7 +201,6 @@ func ReadContextNetworkPolicy(ctx context.Context, d *schema.ResourceData, meta
 
 			if err = d.Set("blocked_network_rule_list", networkRulesFullyQualified); err != nil {
 				return diag.FromErr(err)
-
 			}
 		}
 	}
@@ -236,7 +236,6 @@ func UpdateContextNetworkPolicy(ctx context.Context, d *schema.ResourceData, met
 		networkRuleIdentifiers := parseNetworkRulesList(d.Get("allowed_network_rule_list"))
 		setReq := sdk.NewNetworkPolicySetRequest().WithAllowedNetworkRuleList(sdk.NewAllowedNetworkRuleListRequest().WithAllowedNetworkRuleList(networkRuleIdentifiers))
 		err := client.NetworkPolicies.Alter(ctx, baseReq.WithSet(setReq))
-
 		if err != nil {
 			return getUpdateContextDiag("updating ALLOWED_NETWORK_RULE_LIST", name, err)
 		}
@@ -247,7 +246,6 @@ func UpdateContextNetworkPolicy(ctx context.Context, d *schema.ResourceData, met
 		networkRuleIdentifiers := parseNetworkRulesList(d.Get("blocked_network_rule_list"))
 		setReq := sdk.NewNetworkPolicySetRequest().WithBlockedNetworkRuleList(sdk.NewBlockedNetworkRuleListRequest().WithBlockedNetworkRuleList(networkRuleIdentifiers))
 		err := client.NetworkPolicies.Alter(ctx, baseReq.WithSet(setReq))
-
 		if err != nil {
 			return getUpdateContextDiag("updating BLOCKED_NETWORK_RULE_LIST", name, err)
 		}
@@ -258,7 +256,6 @@ func UpdateContextNetworkPolicy(ctx context.Context, d *schema.ResourceData, met
 		ipRequests := parseIPList(d.Get("allowed_ip_list"))
 		setReq := sdk.NewNetworkPolicySetRequest().WithAllowedIpList(sdk.NewAllowedIPListRequest().WithAllowedIPList(ipRequests))
 		err := client.NetworkPolicies.Alter(ctx, baseReq.WithSet(setReq))
-
 		if err != nil {
 			return getUpdateContextDiag("updating ALLOWED_IP_LIST", name, err)
 		}
@@ -269,7 +266,6 @@ func UpdateContextNetworkPolicy(ctx context.Context, d *schema.ResourceData, met
 		ipRequests := parseIPList(d.Get("blocked_ip_list"))
 		setReq := sdk.NewNetworkPolicySetRequest().WithBlockedIpList(sdk.NewBlockedIPListRequest().WithBlockedIPList(ipRequests))
 		err := client.NetworkPolicies.Alter(ctx, baseReq.WithSet(setReq))
-
 		if err != nil {
 			return getUpdateContextDiag("updating BLOCKED_IP_LIST", name, err)
 		}

diff --git a/pkg/resources/network_rule.go b/pkg/resources/network_rule.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+
 	"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/helpers"
 	"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/internal/provider"
 	"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/sdk"
@@ -122,7 +123,7 @@ func ReadContextNetworkRule(ctx context.Context, d *schema.ResourceData, meta in
 
 	networkRule, err := client.NetworkRules.ShowByID(ctx, id)
 	if networkRule == nil || err != nil {
-		if errors.Is(err, sdk.ErrObjectNotExistOrAuthorized) {
+		if errors.Is(err, sdk.ErrObjectNotFound) {
 			d.SetId("")
 			return diag.Diagnostics{
 				diag.Diagnostic{