Sort IAM policy bindings by their role name to get simpler diffs

[pdecat]

This should resolve #3728

[pdecat]

Can go a step further and sort members of each binding too.

[pdecat]

An alternative option may be to convert all bindings and members attributes from lists to sets but that's way more intrusive.

[danawillow]

Will this show diffs for users that already have iam policies defined in their terraform configs?

[pdecat]

No it does not.

[pdecat]

The resources where this datasource is used are already suppressing the diffs with the jsonPolicyDiffSuppress() function: https://github.com/terraform-providers/terraform-provider-google/blob/e9aebb8b158646bd1d9b4fbe9854734cd8c09b52/google/resource_google_project_iam_policy.go#L190

[pdecat]

Let me provide some examples to demonstrate the result of this change.

[pdecat]

Here's a test case configuration: https://gist.github.com/pdecat/4450fbbee34074d9df9cdb56ceac6772

After having applied that configuration with v2.9.1 and commenting line 86, here's the plan: https://gist.github.com/pdecat/fd84253c753fa9c20b8995e699da07b4

With this modification, here's the plan: https://gist.github.com/pdecat/629a8d7e733122737002e02bf2f92964

[danawillow]

Thanks for the detailed clarification!

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!