feat: Support for VPCs in dry-run mode (#117)

Author: kirantejaj

modules/regular_service_perimeter/README.md

@@ -110,8 +110,8 @@ module "regular_service_perimeter_1" {
 | restricted\_services | GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. | `list(string)` | `[]` | no |
 | restricted\_services\_dry\_run | (Dry-run) GCP services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.  If set, a dry-run policy will be set. | `list(string)` | `[]` | no |
 | shared\_resources | A map of lists of resources to share in a Bridge perimeter module. Each list should contain all or a subset of the perimeters resources | `object({ all = list(string) })` | <pre>{<br>  "all": []<br>}</pre> | no |
-| vpc\_accessible\_services | A list of [VPC Accessible Services](https://cloud.google.com/vpc-service-controls/docs/vpc-accessible-services) that will be restricted within the VPC Network. Use ["\*"] to allow any service (disable VPC Accessible Services); Use ["RESTRICTED-SERVICES"] to match the restricted services list; Use [] to not allow any service. | `list(string)` | <pre>[<br>  "*"<br>]</pre> | no |
-| vpc\_accessible\_services\_dry\_run | (Dry-run) A list of [VPC Accessible Services](https://cloud.google.com/vpc-service-controls/docs/vpc-accessible-services) that will be restricted within the VPC Network. Use ["\*"] to allow any service (disable VPC Accessible Services); Use ["RESTRICTED-SERVICES"] to match the restricted services list; Use [] to not allow any service. | `list(string)` | <pre>[<br>  "*"<br>]</pre> | no |
+| vpc\_accessible\_services | A list of [VPC Accessible Services](https://cloud.google.com/vpc-service-controls/docs/vpc-accessible-services) that will be restricted within the VPC Network. Use ["*"] to allow any service (disable VPC Accessible Services); Use ["RESTRICTED-SERVICES"] to match the restricted services list; Use [] to not allow any service. | `list(string)` | <pre>[<br>  "*"<br>]</pre> | no |
+| vpc\_accessible\_services\_dry\_run | (Dry-run) A list of [VPC Accessible Services](https://cloud.google.com/vpc-service-controls/docs/vpc-accessible-services) that will be restricted within the VPC Network. Use ["*"] to allow any service (disable VPC Accessible Services); Use ["RESTRICTED-SERVICES"] to match the restricted services list; Use [] to not allow any service. | `list(string)` | <pre>[<br>  "*"<br>]</pre> | no |
 
 ## Outputs
 

modules/regular_service_perimeter/main.tf

@@ -112,7 +112,7 @@ resource "google_access_context_manager_service_perimeter" "regular_service_peri
     for_each = local.dry_run ? ["dry-run"] : []
     content {
       restricted_services = var.restricted_services_dry_run
-      resources           = formatlist("projects/%s", var.resources_dry_run)
+      resources           = [for item in var.resources_dry_run : can(regex("global/networks", item)) ? format("//compute.googleapis.com/%s", item) : format("projects/%s", item)]
       access_levels = formatlist(
         "accessPolicies/${var.policy}/accessLevels/%s",
         var.access_levels_dry_run