Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add desc to schema for 2 org iam resources #3681

Merged
merged 1 commit into from
Jun 23, 2020
Merged

add desc to schema for 2 org iam resources #3681

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 26 additions & 18 deletions third_party/terraform/resources/resource_google_organization_iam_custom_role.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,43 +21,51 @@ func resourceGoogleOrganizationIamCustomRole() *schema.Resource {

Schema: map[string]*schema.Schema{
"role_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
Type: schema.TypeString,
Required: true,
ForceNew: true,
Description: `The role id to use for this role.`,
},
"org_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
Type: schema.TypeString,
Required: true,
ForceNew: true,
Description: `The numeric ID of the organization in which you want to create a custom role.`,
},
"title": {
Type: schema.TypeString,
Required: true,
Type: schema.TypeString,
Required: true,
Description: `A human-readable title for the role.`,
},
"permissions": {
Type: schema.TypeSet,
Required: true,
MinItems: 1,
Elem: &schema.Schema{Type: schema.TypeString},
Type: schema.TypeSet,
Required: true,
MinItems: 1,
Description: `The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.`,
Elem: &schema.Schema{Type: schema.TypeString},
},
"stage": {
Type: schema.TypeString,
Optional: true,
Default: "GA",
Description: `The current launch stage of the role. Defaults to GA.`,
ValidateFunc: validation.StringInSlice([]string{"ALPHA", "BETA", "GA", "DEPRECATED", "DISABLED", "EAP"}, false),
DiffSuppressFunc: emptyOrDefaultStringSuppress("ALPHA"),
},
"description": {
Type: schema.TypeString,
Optional: true,
Type: schema.TypeString,
Optional: true,
Description: `A human-readable description for the role.`,
},
"deleted": {
Type: schema.TypeBool,
Computed: true,
Type: schema.TypeBool,
Computed: true,
Description: `The current deleted state of the role.`,
},
"name": {
Type: schema.TypeString,
Computed: true,
Type: schema.TypeString,
Computed: true,
Description: `The name of the role in the format organizations/{{org_id}}/roles/{{role_id}}. Like id, this field can be used as a reference in other resources such as IAM role bindings.`,
},
},
}
Expand Down
27 changes: 16 additions & 11 deletions third_party/terraform/resources/resource_iam_audit_config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,29 +12,34 @@ import (

var iamAuditConfigSchema = map[string]*schema.Schema{
"service": {
Type: schema.TypeString,
Required: true,
Type: schema.TypeString,
Required: true,
Description: `Service which will be enabled for audit logging. The special value allServices covers all services.`,
},
"audit_log_config": {
Type: schema.TypeSet,
Required: true,
Type: schema.TypeSet,
Required: true,
Description: `The configuration for logging of each type of permission. This can be specified multiple times.`,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"log_type": {
Type: schema.TypeString,
Required: true,
Type: schema.TypeString,
Required: true,
Description: `Permission type for which logging is to be configured. Must be one of DATA_READ, DATA_WRITE, or ADMIN_READ.`,
},
"exempted_members": {
Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString},
Optional: true,
Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString},
Optional: true,
Description: `Identities that do not cause logging for this type of permission. Each entry can have one of the following values:user:{emailid}: An email address that represents a specific Google account. For example, [email protected] or [email protected]. serviceAccount:{emailid}: An email address that represents a service account. For example, [email protected]. group:{emailid}: An email address that represents a Google group. For example, [email protected]. domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.`,
},
},
},
},
"etag": {
Type: schema.TypeString,
Computed: true,
Type: schema.TypeString,
Computed: true,
Description: `The etag of iam policy`,
},
}

Expand Down
7 changes: 4 additions & 3 deletions third_party/terraform/utils/iam_organization.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,10 @@ import (

var IamOrganizationSchema = map[string]*schema.Schema{
"org_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
Type: schema.TypeString,
Required: true,
ForceNew: true,
Description: `The numeric ID of the organization in which you want to manage the audit logging config.`,
},
}

Expand Down