vpc_service_control_attach_dry_run not supported

[eeaton]

TL;DR

Trying to add the vpc_service_control_attach_dry_run argument to an otherwise working implementation of the project factory module fails, it appears that that it's not exposed to the module.

You can also see that this variable is not listed as an input at the provider page, even though this variable appears supported in this repo.

Expected behavior

https://github.com/terraform-google-modules/terraform-google-project-factory/blob/58c4c7dbf00c5f39987b49706b215cf0c3b32e8f/variables.tf#L292

Setting vpc_service_control_attach_dry_run in the module should allow me to add a project to the dry-run configuration of a perimeter only. (Equivalent of setting use_explicit_dry_run_specs if I were working directly with the google_access_context_manager_service_perimeter resources.

Observed behavior

When I add the variable vpc_service_control_attach_dry_run = true to the module arguments and then run terraform plan, I get an error like

  on ../../modules/single_project/main.tf line 66, in module "project":
│   66:   vpc_service_control_attach_dry_run = "true"
│ 
│ An argument named "vpc_service_control_attach_dry_run" is not expected here.

This is the same error I get when adding nonsense variables to test, whereas I'm able to add other arbitrary variables defined in this repo to my code without the error.

Terraform Configuration

module "project" {
  source  = "terraform-google-modules/project-factory/google"
  version = "~> 14.1"

  random_project_id        = true
  random_project_id_length = 4
  activate_apis            = distinct(concat(var.activate_apis, ["billingbudgets.googleapis.com"]))
  name                     = "${var.project_prefix}-${local.env_code}-${var.business_code}-${var.project_suffix}"
  org_id                   = var.org_id
  billing_account          = var.billing_account
  folder_id                = var.folder_id

  svpc_host_project_id = var.shared_vpc_host_project_id
  shared_vpc_subnets   = var.shared_vpc_subnets # Optional: To enable subnetting, replace to "module.networking_project.subnetwork_self_link"

  # vpc_service_control_attach_enabled = var.vpc_service_control_attach_enabled
  vpc_service_control_attach_dry_run = true
  vpc_service_control_perimeter_name = var.vpc_service_control_perimeter_name
  vpc_service_control_sleep_duration = var.vpc_service_control_sleep_duration

  labels = {
    environment       = var.environment
    application_name  = var.application_name
    billing_code      = var.billing_code
    primary_contact   = element(split("@", var.primary_contact), 0)
    secondary_contact = element(split("@", var.secondary_contact), 0)
    business_code     = var.business_code
    env_code          = local.env_code
    vpc               = var.vpc
  }
  budget_alert_pubsub_topic   = var.project_budget.alert_pubsub_topic
  budget_alert_spent_percents = var.project_budget.alert_spent_percents
  budget_amount               = var.project_budget.budget_amount
  budget_alert_spend_basis    = var.project_budget.alert_spend_basis
}

Terraform Version

Terraform v1.6.5
on linux_amd64
+ provider registry.terraform.io/hashicorp/google v5.27.0
+ provider registry.terraform.io/hashicorp/google-beta v5.27.0
+ provider registry.terraform.io/hashicorp/null v3.2.2
+ provider registry.terraform.io/hashicorp/random v3.6.1
+ provider registry.terraform.io/hashicorp/time v0.11.1

Your version of Terraform is out of date! The latest version
is 1.8.2. You can update by downloading from https://www.terraform.io/downloads.html

Additional information

Comparing it's usage to other valid arguments from this repo, it appears that this variable has not been correctly exposed in the metadata.yaml file

[eeaton]

Fixed in https://github.com/terraform-google-modules/terraform-google-project-factory/pull/905