-
Notifications
You must be signed in to change notification settings - Fork 60
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Privileges datasource #82
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks great! thanks!
@@ -71,6 +72,14 @@ resource "googleworkspace_group_settings" "sales-settings" { | |||
- **id** (String) The ID of this resource. | |||
- **name** (String) Name of the group, which has a maximum size of 75 characters. | |||
|
|||
<a id="nestedblock--timeouts"></a> | |||
### Nested Schema for `timeouts` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oh thanks :)
duplicates[id] = true | ||
} | ||
if len(priv.ChildPrivileges) > 0 { | ||
result = append(result, flattenAndPrunePrivileges(priv.ChildPrivileges, duplicates)...) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Have you found that there would be a parent duplicated in a child? I'm wondering if we need to be concerned about passing duplicates
around?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wasn't sure, but this solution should be robust
docs/data-sources/privileges.md
Outdated
### Read-Only | ||
|
||
- **etag** (String) ETag of the resource. | ||
- **items** (List of Object) A list of Privilege resources. (see [below for nested schema](#nestedatt--items)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we want to mention somewhere that this will be a flattened list?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will do
Datasource that exports list of privileges. See examples for how to use terraform
for
as well asdynamic
to filter the list, and generateprivileges
blocks in role resources.This PR also enables
ORG_UNIT
scopedrole_assignment
, however the practitioner must ensure onlyis_org_unit_scopable
privileges are passed along.Odd discovery, the Google API returns
org_unit
ids with aid:
prefix, somehow this isn't an issue for the org unit resource/datasource itself, however I had to strip that prefix when passing it therole_assignment
resource. Perhaps theorg_unit
resource should strip that itself? It feels like a mistake on the API end to have that prefix.Closes #72