Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use better role for secrets in docs. #6752

Merged
merged 1 commit into from
Jul 7, 2020
Merged

Use better role for secrets in docs. #6752

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/3730.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:none

```
12 changes: 6 additions & 6 deletions google/iam_secret_manager_secret_generated_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ func TestAccSecretManagerSecretIamBindingGenerated(t *testing.T) {

context := map[string]interface{}{
"random_suffix": randString(t, 10),
"role": "roles/viewer",
"role": "roles/secretmanager.secretAccessor",
}

vcrTest(t, resource.TestCase{
Expand All @@ -38,7 +38,7 @@ func TestAccSecretManagerSecretIamBindingGenerated(t *testing.T) {
},
{
ResourceName: "google_secret_manager_secret_iam_binding.foo",
ImportStateId: fmt.Sprintf("projects/%s/secrets/%s roles/viewer", getTestProjectFromEnv(), fmt.Sprintf("secret%s", context["random_suffix"])),
ImportStateId: fmt.Sprintf("projects/%s/secrets/%s roles/secretmanager.secretAccessor", getTestProjectFromEnv(), fmt.Sprintf("secret%s", context["random_suffix"])),
ImportState: true,
ImportStateVerify: true,
},
Expand All @@ -48,7 +48,7 @@ func TestAccSecretManagerSecretIamBindingGenerated(t *testing.T) {
},
{
ResourceName: "google_secret_manager_secret_iam_binding.foo",
ImportStateId: fmt.Sprintf("projects/%s/secrets/%s roles/viewer", getTestProjectFromEnv(), fmt.Sprintf("secret%s", context["random_suffix"])),
ImportStateId: fmt.Sprintf("projects/%s/secrets/%s roles/secretmanager.secretAccessor", getTestProjectFromEnv(), fmt.Sprintf("secret%s", context["random_suffix"])),
ImportState: true,
ImportStateVerify: true,
},
Expand All @@ -61,7 +61,7 @@ func TestAccSecretManagerSecretIamMemberGenerated(t *testing.T) {

context := map[string]interface{}{
"random_suffix": randString(t, 10),
"role": "roles/viewer",
"role": "roles/secretmanager.secretAccessor",
}

vcrTest(t, resource.TestCase{
Expand All @@ -74,7 +74,7 @@ func TestAccSecretManagerSecretIamMemberGenerated(t *testing.T) {
},
{
ResourceName: "google_secret_manager_secret_iam_member.foo",
ImportStateId: fmt.Sprintf("projects/%s/secrets/%s roles/viewer user:[email protected]", getTestProjectFromEnv(), fmt.Sprintf("secret%s", context["random_suffix"])),
ImportStateId: fmt.Sprintf("projects/%s/secrets/%s roles/secretmanager.secretAccessor user:[email protected]", getTestProjectFromEnv(), fmt.Sprintf("secret%s", context["random_suffix"])),
ImportState: true,
ImportStateVerify: true,
},
Expand All @@ -87,7 +87,7 @@ func TestAccSecretManagerSecretIamPolicyGenerated(t *testing.T) {

context := map[string]interface{}{
"random_suffix": randString(t, 10),
"role": "roles/viewer",
"role": "roles/secretmanager.secretAccessor",
}

vcrTest(t, resource.TestCase{
Expand Down
8 changes: 4 additions & 4 deletions website/docs/r/secret_manager_secret_iam.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ Three different resources help you manage your IAM policy for Secret Manager Sec
```hcl
data "google_iam_policy" "admin" {
binding {
role = "roles/viewer"
role = "roles/secretmanager.secretAccessor"
members = [
"user:[email protected]",
]
Expand All @@ -58,7 +58,7 @@ resource "google_secret_manager_secret_iam_policy" "policy" {
resource "google_secret_manager_secret_iam_binding" "binding" {
project = google_secret_manager_secret.secret-basic.project
secret_id = google_secret_manager_secret.secret-basic.secret_id
role = "roles/viewer"
role = "roles/secretmanager.secretAccessor"
members = [
"user:[email protected]",
]
Expand Down Expand Up @@ -121,12 +121,12 @@ Secret Manager secret IAM resources can be imported using the resource identifie

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.
```
$ terraform import google_secret_manager_secret_iam_member.editor "projects/{{project}}/secrets/{{secret_id}} roles/viewer [email protected]"
$ terraform import google_secret_manager_secret_iam_member.editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor [email protected]"
```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.
```
$ terraform import google_secret_manager_secret_iam_binding.editor "projects/{{project}}/secrets/{{secret_id}} roles/viewer"
$ terraform import google_secret_manager_secret_iam_binding.editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor"
```

IAM policy imports use the identifier of the resource in question, e.g.
Expand Down