mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-10-01 16:21:06 +00:00
Adding datasources for folder and project org policy (#3137)
<!-- This change is generated by MagicModules. --> /cc @chrisst
This commit is contained in:
parent
4c7763c4a2
commit
9fa1d462d2
27
google/data_source_google_folder_organization_policy.go
Normal file
27
google/data_source_google_folder_organization_policy.go
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
package google
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
|
||||||
|
"github.com/hashicorp/terraform/helper/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
func dataSourceGoogleFolderOrganizationPolicy() *schema.Resource {
|
||||||
|
// Generate datasource schema from resource
|
||||||
|
dsSchema := datasourceSchemaFromResourceSchema(resourceGoogleFolderOrganizationPolicy().Schema)
|
||||||
|
|
||||||
|
addRequiredFieldsToSchema(dsSchema, "folder")
|
||||||
|
addRequiredFieldsToSchema(dsSchema, "constraint")
|
||||||
|
|
||||||
|
return &schema.Resource{
|
||||||
|
Read: datasourceGoogleFolderOrganizationPolicyRead,
|
||||||
|
Schema: dsSchema,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func datasourceGoogleFolderOrganizationPolicyRead(d *schema.ResourceData, meta interface{}) error {
|
||||||
|
|
||||||
|
d.SetId(fmt.Sprintf("%s:%s", d.Get("folder"), d.Get("constraint")))
|
||||||
|
|
||||||
|
return resourceGoogleFolderOrganizationPolicyRead(d, meta)
|
||||||
|
}
|
91
google/data_source_google_folder_organization_policy_test.go
Normal file
91
google/data_source_google_folder_organization_policy_test.go
Normal file
@ -0,0 +1,91 @@
|
|||||||
|
package google
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/hashicorp/terraform/helper/acctest"
|
||||||
|
"github.com/hashicorp/terraform/helper/resource"
|
||||||
|
"github.com/hashicorp/terraform/terraform"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestAccDataSourceGoogleFolderOrganizationPolicy_basic(t *testing.T) {
|
||||||
|
folder := acctest.RandomWithPrefix("tf-test")
|
||||||
|
org := getTestOrgFromEnv(t)
|
||||||
|
|
||||||
|
resource.Test(t, resource.TestCase{
|
||||||
|
PreCheck: func() { testAccPreCheck(t) },
|
||||||
|
Providers: testAccProviders,
|
||||||
|
Steps: []resource.TestStep{
|
||||||
|
{
|
||||||
|
Config: testAccDataSourceGoogleFolderOrganizationPolicy_basic(org, folder),
|
||||||
|
Check: testAccDataSourceGoogleOrganizationPolicyCheck(
|
||||||
|
"data.google_folder_organization_policy.data",
|
||||||
|
"google_folder_organization_policy.resource"),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func testAccDataSourceGoogleOrganizationPolicyCheck(dataSourceName string, resourceName string) resource.TestCheckFunc {
|
||||||
|
return func(s *terraform.State) error {
|
||||||
|
ds, ok := s.RootModule().Resources[dataSourceName]
|
||||||
|
if !ok {
|
||||||
|
return fmt.Errorf("root module has no resource called %s", dataSourceName)
|
||||||
|
}
|
||||||
|
|
||||||
|
rs, ok := s.RootModule().Resources[resourceName]
|
||||||
|
if !ok {
|
||||||
|
return fmt.Errorf("can't find %s in state", resourceName)
|
||||||
|
}
|
||||||
|
|
||||||
|
dsAttr := ds.Primary.Attributes
|
||||||
|
rsAttr := rs.Primary.Attributes
|
||||||
|
|
||||||
|
cloudFuncAttrToCheck := []string{
|
||||||
|
"name",
|
||||||
|
"folder",
|
||||||
|
"constraint",
|
||||||
|
"version",
|
||||||
|
"list_policy",
|
||||||
|
"restore_policy",
|
||||||
|
"boolean_policy",
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, attr := range cloudFuncAttrToCheck {
|
||||||
|
if dsAttr[attr] != rsAttr[attr] {
|
||||||
|
return fmt.Errorf(
|
||||||
|
"%s is %s; want %s",
|
||||||
|
attr,
|
||||||
|
dsAttr[attr],
|
||||||
|
rsAttr[attr],
|
||||||
|
)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func testAccDataSourceGoogleFolderOrganizationPolicy_basic(org, folder string) string {
|
||||||
|
return fmt.Sprintf(`
|
||||||
|
resource "google_folder" "orgpolicy" {
|
||||||
|
display_name = "%s"
|
||||||
|
parent = "%s"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "google_folder_organization_policy" "resource" {
|
||||||
|
folder = "${google_folder.orgpolicy.name}"
|
||||||
|
constraint = "serviceuser.services"
|
||||||
|
|
||||||
|
restore_policy {
|
||||||
|
default = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
data "google_folder_organization_policy" "data" {
|
||||||
|
folder = "${google_folder.orgpolicy.name}"
|
||||||
|
constraint = "serviceuser.services"
|
||||||
|
}
|
||||||
|
`, folder, "organizations/"+org)
|
||||||
|
}
|
27
google/data_source_google_project_organization_policy.go
Normal file
27
google/data_source_google_project_organization_policy.go
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
package google
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
|
||||||
|
"github.com/hashicorp/terraform/helper/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
func dataSourceGoogleProjectOrganizationPolicy() *schema.Resource {
|
||||||
|
// Generate datasource schema from resource
|
||||||
|
dsSchema := datasourceSchemaFromResourceSchema(resourceGoogleProjectOrganizationPolicy().Schema)
|
||||||
|
|
||||||
|
addRequiredFieldsToSchema(dsSchema, "project")
|
||||||
|
addRequiredFieldsToSchema(dsSchema, "constraint")
|
||||||
|
|
||||||
|
return &schema.Resource{
|
||||||
|
Read: datasourceGoogleProjectOrganizationPolicyRead,
|
||||||
|
Schema: dsSchema,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func datasourceGoogleProjectOrganizationPolicyRead(d *schema.ResourceData, meta interface{}) error {
|
||||||
|
|
||||||
|
d.SetId(fmt.Sprintf("%s:%s", d.Get("project"), d.Get("constraint")))
|
||||||
|
|
||||||
|
return resourceGoogleProjectOrganizationPolicyRead(d, meta)
|
||||||
|
}
|
@ -0,0 +1,47 @@
|
|||||||
|
package google
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/hashicorp/terraform/helper/resource"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestAccDataSourceGoogleProjectOrganizationPolicy_basic(t *testing.T) {
|
||||||
|
project := getTestProjectFromEnv()
|
||||||
|
|
||||||
|
resource.Test(t, resource.TestCase{
|
||||||
|
PreCheck: func() { testAccPreCheck(t) },
|
||||||
|
Providers: testAccProviders,
|
||||||
|
Steps: []resource.TestStep{
|
||||||
|
{
|
||||||
|
Config: testAccDataSourceGoogleProjectOrganizationPolicy_basic(project),
|
||||||
|
Check: testAccDataSourceGoogleOrganizationPolicyCheck(
|
||||||
|
"data.google_project_organization_policy.data",
|
||||||
|
"google_project_organization_policy.resource"),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func testAccDataSourceGoogleProjectOrganizationPolicy_basic(project string) string {
|
||||||
|
return fmt.Sprintf(`
|
||||||
|
|
||||||
|
|
||||||
|
resource "google_project_organization_policy" "resource" {
|
||||||
|
project = "%s"
|
||||||
|
constraint = "constraints/compute.trustedImageProjects"
|
||||||
|
|
||||||
|
list_policy {
|
||||||
|
allow {
|
||||||
|
all = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
data "google_project_organization_policy" "data" {
|
||||||
|
project = "%s"
|
||||||
|
constraint = "constraints/compute.trustedImageProjects"
|
||||||
|
}
|
||||||
|
`, project, project)
|
||||||
|
}
|
@ -109,10 +109,12 @@ func Provider() terraform.ResourceProvider {
|
|||||||
"google_kms_key_ring": dataSourceGoogleKmsKeyRing(),
|
"google_kms_key_ring": dataSourceGoogleKmsKeyRing(),
|
||||||
"google_kms_crypto_key": dataSourceGoogleKmsCryptoKey(),
|
"google_kms_crypto_key": dataSourceGoogleKmsCryptoKey(),
|
||||||
"google_folder": dataSourceGoogleFolder(),
|
"google_folder": dataSourceGoogleFolder(),
|
||||||
|
"google_folder_organization_policy": dataSourceGoogleFolderOrganizationPolicy(),
|
||||||
"google_netblock_ip_ranges": dataSourceGoogleNetblockIpRanges(),
|
"google_netblock_ip_ranges": dataSourceGoogleNetblockIpRanges(),
|
||||||
"google_organization": dataSourceGoogleOrganization(),
|
"google_organization": dataSourceGoogleOrganization(),
|
||||||
"google_project": dataSourceGoogleProject(),
|
"google_project": dataSourceGoogleProject(),
|
||||||
"google_projects": dataSourceGoogleProjects(),
|
"google_projects": dataSourceGoogleProjects(),
|
||||||
|
"google_project_organization_policy": dataSourceGoogleProjectOrganizationPolicy(),
|
||||||
"google_project_services": dataSourceGoogleProjectServices(),
|
"google_project_services": dataSourceGoogleProjectServices(),
|
||||||
"google_service_account": dataSourceGoogleServiceAccount(),
|
"google_service_account": dataSourceGoogleServiceAccount(),
|
||||||
"google_service_account_key": dataSourceGoogleServiceAccountKey(),
|
"google_service_account_key": dataSourceGoogleServiceAccountKey(),
|
||||||
|
@ -0,0 +1,39 @@
|
|||||||
|
---
|
||||||
|
layout: "google"
|
||||||
|
page_title: "Google: google_folder_organization_policy"
|
||||||
|
sidebar_current: "docs-google-datasource-folder-organization-policy"
|
||||||
|
description: |-
|
||||||
|
Retrieve Organization policies for a Google Folder
|
||||||
|
---
|
||||||
|
|
||||||
|
# google\_folder\_organization\_policy
|
||||||
|
|
||||||
|
Allows management of Organization policies for a Google Folder. For more information see
|
||||||
|
[the official
|
||||||
|
documentation](https://cloud.google.com/resource-manager/docs/organization-policy/overview)
|
||||||
|
|
||||||
|
## Example Usage
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
data "google_folder_organization_policy" "policy" {
|
||||||
|
folder = "folders/folderid"
|
||||||
|
constraint = "constraints/compute.trustedImageProjects"
|
||||||
|
}
|
||||||
|
|
||||||
|
output "version" {
|
||||||
|
value = "${data.google_folder_organization_policy.policy.version}"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
## Argument Reference
|
||||||
|
|
||||||
|
The following arguments are supported:
|
||||||
|
|
||||||
|
* `folder` - (Required) The resource name of the folder to set the policy for. Its format is folders/{folder_id}.
|
||||||
|
|
||||||
|
* `constraint` - (Required) (Required) The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
|
||||||
|
|
||||||
|
|
||||||
|
## Attributes Reference
|
||||||
|
|
||||||
|
See [google_folder_organization_policy](https://www.terraform.io/docs/providers/google/r/google_folder_organization_policy.html) resource for details of the available attributes.
|
@ -0,0 +1,40 @@
|
|||||||
|
---
|
||||||
|
layout: "google"
|
||||||
|
page_title: "Google: google_project_organization_policy"
|
||||||
|
sidebar_current: "docs-google-datasource-project-organization-policy"
|
||||||
|
description: |-
|
||||||
|
Retrieve Organization policies for a Google Project.
|
||||||
|
---
|
||||||
|
|
||||||
|
# google\_project\_organization\_policy
|
||||||
|
|
||||||
|
Allows management of Organization policies for a Google Project. For more information see
|
||||||
|
[the official
|
||||||
|
documentation](https://cloud.google.com/resource-manager/docs/organization-policy/overview)
|
||||||
|
|
||||||
|
## Example Usage
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
data "google_project_organization_policy" "policy" {
|
||||||
|
project = "project-id"
|
||||||
|
constraint = "constraints/serviceuser.services"
|
||||||
|
}
|
||||||
|
|
||||||
|
output "version" {
|
||||||
|
value = "${data.google_project_organization_policy.policy.version}"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
## Argument Reference
|
||||||
|
|
||||||
|
The following arguments are supported:
|
||||||
|
|
||||||
|
* `project` - (Required) The project ID.
|
||||||
|
|
||||||
|
* `constraint` - (Required) (Required) The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
|
||||||
|
|
||||||
|
|
||||||
|
## Attributes Reference
|
||||||
|
|
||||||
|
See [google_project_organization_policy](https://www.terraform.io/docs/providers/google/r/google_project.html) resource for details of the available attributes.
|
||||||
|
|
@ -78,6 +78,9 @@
|
|||||||
<li<%= sidebar_current("docs-google-datasource-compute-region-instance-group") %>>
|
<li<%= sidebar_current("docs-google-datasource-compute-region-instance-group") %>>
|
||||||
<a href="/docs/providers/google/d/datasource_compute_region_instance_group.html">google_compute_region_instance_group</a>
|
<a href="/docs/providers/google/d/datasource_compute_region_instance_group.html">google_compute_region_instance_group</a>
|
||||||
</li>
|
</li>
|
||||||
|
<li<%= sidebar_current("docs-google-datasource-project-organization-policy") %>>
|
||||||
|
<a href="/docs/providers/google/d/datasource_google_project_organization_policy.html">google_project_organization_policy</a>
|
||||||
|
</li>
|
||||||
<li<%= sidebar_current("docs-google-datasource-project-services") %>>
|
<li<%= sidebar_current("docs-google-datasource-project-services") %>>
|
||||||
<a href="/docs/providers/google/d/google_project_services.html">google_project_services</a>
|
<a href="/docs/providers/google/d/google_project_services.html">google_project_services</a>
|
||||||
</li>
|
</li>
|
||||||
@ -114,6 +117,9 @@
|
|||||||
<li<%= sidebar_current("docs-google-datasource-folder") %>>
|
<li<%= sidebar_current("docs-google-datasource-folder") %>>
|
||||||
<a href="/docs/providers/google/d/google_folder.html">google_folder</a>
|
<a href="/docs/providers/google/d/google_folder.html">google_folder</a>
|
||||||
</li>
|
</li>
|
||||||
|
<li<%= sidebar_current("docs-google-datasource-folder-organization-policy") %>>
|
||||||
|
<a href="/docs/providers/google/d/datasource_google_folder_organization_policy.html">datasource_google_folder_organization_policy</a>
|
||||||
|
</li>
|
||||||
<li<%= sidebar_current("docs-google-datasource-iam-policy") %>>
|
<li<%= sidebar_current("docs-google-datasource-iam-policy") %>>
|
||||||
<a href="/docs/providers/google/d/google_iam_policy.html">google_iam_policy</a>
|
<a href="/docs/providers/google/d/google_iam_policy.html">google_iam_policy</a>
|
||||||
</li>
|
</li>
|
||||||
|
Loading…
Reference in New Issue
Block a user