From 00d6594bc7b551c91dde407e89201a414ab5a00d Mon Sep 17 00:00:00 2001
From: Bin Wu <46450037+wu-bin@users.noreply.github.com>
Date: Fri, 21 Jun 2024 14:14:59 -0400
Subject: [PATCH] Add tlsEarlyData support to TargetHttpsProxy. (#10954)

---
 mmv1/products/compute/TargetHttpsProxy.yaml          | 12 ++++++++++++
 .../resource_compute_target_https_proxy_test.go.erb  |  1 +
 2 files changed, 13 insertions(+)

diff --git a/mmv1/products/compute/TargetHttpsProxy.yaml b/mmv1/products/compute/TargetHttpsProxy.yaml
index 50d1983c027b..a22e5c8cc870 100644
--- a/mmv1/products/compute/TargetHttpsProxy.yaml
+++ b/mmv1/products/compute/TargetHttpsProxy.yaml
@@ -130,6 +130,18 @@ properties:
     update_url: 'projects/{{project}}/global/targetHttpsProxies/{{name}}/setQuicOverride'
     default_value: :NONE
     custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb'
+  - !ruby/object:Api::Type::Enum
+    name: 'tlsEarlyData'
+    description: |
+      Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service.
+      Early Data allows a TLS resumption handshake to include the initial application payload
+      (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”.
+      This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3).
+    values:
+      - :STRICT
+      - :PERMISSIVE
+      - :DISABLED
+    default_from_api: true
   - !ruby/object:Api::Type::Array
     name: 'certificateManagerCertificates'
     description: |
diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_target_https_proxy_test.go.erb b/mmv1/third_party/terraform/services/compute/resource_compute_target_https_proxy_test.go.erb
index bb973d853080..6ff35b6b607c 100644
--- a/mmv1/third_party/terraform/services/compute/resource_compute_target_https_proxy_test.go.erb
+++ b/mmv1/third_party/terraform/services/compute/resource_compute_target_https_proxy_test.go.erb
@@ -226,6 +226,7 @@ resource "google_compute_target_https_proxy" "foobar" {
     google_compute_ssl_certificate.foobar2.self_link,
   ]
   quic_override = "ENABLE"
+  tls_early_data = "STRICT"
 }
 
 resource "google_compute_backend_service" "foobar" {