mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-07-01 07:42:40 +00:00
add inherit_from_parent to all org policy resources (#2653)
<!-- This change is generated by MagicModules. --> /cc @danawillow
This commit is contained in:
parent
ad01a747d2
commit
eca7ab673c
|
@ -2,9 +2,10 @@ package google
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/schema"
|
||||
"google.golang.org/api/cloudresourcemanager/v1"
|
||||
"strings"
|
||||
)
|
||||
|
||||
var schemaOrganizationPolicy = map[string]*schema.Schema{
|
||||
|
@ -83,6 +84,10 @@ var schemaOrganizationPolicy = map[string]*schema.Schema{
|
|||
Optional: true,
|
||||
Computed: true,
|
||||
},
|
||||
"inherit_from_parent": {
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
@ -295,7 +300,10 @@ func flattenListOrganizationPolicy(policy *cloudresourcemanager.ListPolicy) []ma
|
|||
return lPolicies
|
||||
}
|
||||
|
||||
listPolicy := map[string]interface{}{}
|
||||
listPolicy := map[string]interface{}{
|
||||
"suggested_value": policy.SuggestedValue,
|
||||
"inherit_from_parent": policy.InheritFromParent,
|
||||
}
|
||||
switch {
|
||||
case policy.AllValues == "ALLOW":
|
||||
listPolicy["allow"] = []interface{}{map[string]interface{}{
|
||||
|
@ -363,6 +371,8 @@ func expandListOrganizationPolicy(configured []interface{}) (*cloudresourcemanag
|
|||
AllowedValues: allowedValues,
|
||||
DeniedValues: deniedValues,
|
||||
SuggestedValue: listPolicy["suggested_value"].(string),
|
||||
InheritFromParent: listPolicy["inherit_from_parent"].(bool),
|
||||
ForceSendFields: []string{"InheritFromParent"},
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
|
|
@ -25,6 +25,7 @@ func TestAccOrganizationPolicy(t *testing.T) {
|
|||
"list_allowSome": testAccOrganizationPolicy_list_allowSome,
|
||||
"list_denySome": testAccOrganizationPolicy_list_denySome,
|
||||
"list_update": testAccOrganizationPolicy_list_update,
|
||||
"list_inheritFromParent": testAccOrganizationPolicy_list_inheritFromParent,
|
||||
"restore_policy": testAccOrganizationPolicy_restore_defaultTrue,
|
||||
}
|
||||
|
||||
|
@ -166,6 +167,25 @@ func testAccOrganizationPolicy_list_update(t *testing.T) {
|
|||
})
|
||||
}
|
||||
|
||||
func testAccOrganizationPolicy_list_inheritFromParent(t *testing.T) {
|
||||
org := getTestOrgTargetFromEnv(t)
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckGoogleOrganizationPolicyDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
{
|
||||
Config: testAccOrganizationPolicyConfig_list_inheritFromParent(org),
|
||||
},
|
||||
{
|
||||
ResourceName: "google_organization_policy.list",
|
||||
ImportState: true,
|
||||
ImportStateVerify: true,
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccOrganizationPolicy_restore_defaultTrue(t *testing.T) {
|
||||
org := getTestOrgTargetFromEnv(t)
|
||||
resource.Test(t, resource.TestCase{
|
||||
|
@ -377,6 +397,25 @@ resource "google_organization_policy" "list" {
|
|||
`, org)
|
||||
}
|
||||
|
||||
func testAccOrganizationPolicyConfig_list_inheritFromParent(org string) string {
|
||||
return fmt.Sprintf(`
|
||||
resource "google_organization_policy" "list" {
|
||||
org_id = "%s"
|
||||
constraint = "serviceuser.services"
|
||||
|
||||
list_policy {
|
||||
deny {
|
||||
values = [
|
||||
"doubleclicksearch.googleapis.com",
|
||||
"replicapoolupdater.googleapis.com",
|
||||
]
|
||||
}
|
||||
inherit_from_parent = true
|
||||
}
|
||||
}
|
||||
`, org)
|
||||
}
|
||||
|
||||
func testAccOrganizationPolicyConfig_restore_defaultTrue(org string) string {
|
||||
return fmt.Sprintf(`
|
||||
resource "google_organization_policy" "restore" {
|
||||
|
|
|
@ -106,6 +106,9 @@ The `list_policy` block supports:
|
|||
|
||||
* `suggested_values` - (Optional) The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
|
||||
|
||||
* `inherit_from_parent` - (Optional) If set to true, the values from the effective Policy of the parent resource
|
||||
are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
|
||||
|
||||
The `allow` or `deny` blocks support:
|
||||
|
||||
* `all` - (Optional) The policy allows or denies all values.
|
||||
|
|
|
@ -104,6 +104,9 @@ The `list_policy` block supports:
|
|||
|
||||
* `suggested_values` - (Optional) The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
|
||||
|
||||
* `inherit_from_parent` - (Optional) If set to true, the values from the effective Policy of the parent resource
|
||||
are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
|
||||
|
||||
The `allow` or `deny` blocks support:
|
||||
|
||||
* `all` - (Optional) The policy allows or denies all values.
|
||||
|
|
|
@ -105,6 +105,9 @@ The `list_policy` block supports:
|
|||
|
||||
* `suggested_values` - (Optional) The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
|
||||
|
||||
* `inherit_from_parent` - (Optional) If set to true, the values from the effective Policy of the parent resource
|
||||
are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
|
||||
|
||||
The `allow` or `deny` blocks support:
|
||||
|
||||
* `all` - (Optional) The policy allows or denies all values.
|
||||
|
|
Loading…
Reference in New Issue
Block a user