public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-05 17:52:38 +00:00
Code Issues Projects Releases Wiki Activity
3a945770e5
terraform-provider-google/google/resource_google_folder_iam_policy.go
Vincent Roseberry 20929eb468 Assign IAM policy to folder. (#447) 
* Assign IAM policy to folder.
* Add documentation for google_folder_iam_policy
2017-09-25 11:30:45 -07:00

130 lines
3.4 KiB
Go
Raw Blame History

package google
import (
"github.com/hashicorp/terraform/helper/schema"
"encoding/json"
"fmt"
resourceManagerV2Beta1 "google.golang.org/api/cloudresourcemanager/v2beta1"
)
func resourceGoogleFolderIamPolicy() *schema.Resource {
return &schema.Resource{
Create: resourceGoogleFolderIamPolicyCreate,
Read: resourceGoogleFolderIamPolicyRead,
Update: resourceGoogleFolderIamPolicyUpdate,
Delete: resourceGoogleFolderIamPolicyDelete,
Schema: map[string]*schema.Schema{
"folder": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"policy_data": {
Type: schema.TypeString,
Required: true,
DiffSuppressFunc: jsonPolicyDiffSuppress,
ValidateFunc: validateV2IamPolicy,
},
"etag": {
Type: schema.TypeString,
Computed: true,
},
},
}
}
func resourceGoogleFolderIamPolicyCreate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
if err := setFolderIamPolicy(d, config); err != nil {
return err
}
d.SetId(d.Get("folder").(string))
return resourceGoogleFolderIamPolicyRead(d, meta)
}
func resourceGoogleFolderIamPolicyRead(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
folder := d.Get("folder").(string)
policy, err := config.clientResourceManagerV2Beta1.Folders.GetIamPolicy(folder, &resourceManagerV2Beta1.GetIamPolicyRequest{}).Do()
if err != nil {
return handleNotFoundError(err, d, fmt.Sprintf("Iam policy for %s", folder))
}
d.Set("etag", policy.Etag)
d.Set("policy_data", marshalV2IamPolicy(policy))
return nil
}
func resourceGoogleFolderIamPolicyUpdate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
if d.HasChange("policy_data") {
if err := setFolderIamPolicy(d, config); err != nil {
return err
}
}
return resourceGoogleFolderIamPolicyRead(d, meta)
}
func resourceGoogleFolderIamPolicyDelete(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
folder := d.Get("folder").(string)
_, err := config.clientResourceManagerV2Beta1.Folders.SetIamPolicy(folder, &resourceManagerV2Beta1.SetIamPolicyRequest{
Policy: &resourceManagerV2Beta1.Policy{},
UpdateMask: "bindings",
}).Do()
if err != nil {
return err
}
return nil
}
func setFolderIamPolicy(d *schema.ResourceData, config *Config) error {
folder := d.Get("folder").(string)
policy, err := unmarshalV2IamPolicy(d.Get("policy_data").(string))
if err != nil {
return fmt.Errorf("'policy_data' is not valid for %s: %s", folder, err)
}
_, err = config.clientResourceManagerV2Beta1.Folders.SetIamPolicy(folder, &resourceManagerV2Beta1.SetIamPolicyRequest{
Policy: policy,
UpdateMask: "bindings",
}).Do()
return err
}
func marshalV2IamPolicy(policy *resourceManagerV2Beta1.Policy) string {
pdBytes, _ := json.Marshal(&resourceManagerV2Beta1.Policy{
Bindings: policy.Bindings,
})
return string(pdBytes)
}
func unmarshalV2IamPolicy(policyData string) (*resourceManagerV2Beta1.Policy, error) {
policy := &resourceManagerV2Beta1.Policy{}
if err := json.Unmarshal([]byte(policyData), policy); err != nil {
return nil, fmt.Errorf("Could not unmarshal policy data %s:\n%s", policyData, err)
}
return policy, nil
}
func validateV2IamPolicy(i interface{}, k string) (s []string, es []error) {
_, err := unmarshalV2IamPolicy(i.(string))
if err != nil {
es = append(es, err)
}
return
}
Reference in New Issue View Git Blame Copy Permalink