kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rename iam additive variable in project module

Browse Source
This commit is contained in:
Ludovico Magnocavallo
2020-11-04 16:17:12 +01:00
parent d2c84de8ff
commit d0ed3b7614
5 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/project/README.md
View File

@@ -87,14 +87,14 @@ module "project" {
| *auto_create_network* | Whether to create the default network for the project | <code title="">bool</code> | | <code title="">false</code> |
| *billing_account* | Billing account id. | <code title="">string</code> | | <code title="">null</code> |
| *custom_roles* | Map of role name => list of permissions to create in this project. | <code title="map&#40;list&#40;string&#41;&#41;">map(list(string))</code> | | <code title="">{}</code> |
| *iam_additive_bindings* | Map of roles lists used to set non authoritative bindings, keyed by members | <code title="map&#40;list&#40;string&#41;&#41;">map(list(string))</code> | | <code title="">{}</code> |
| *iam_additive* | Map of roles lists used to set non authoritative bindings, keyed by members | <code title="map&#40;list&#40;string&#41;&#41;">map(list(string))</code> | | <code title="">{}</code> |
| *iam_members* | Map of member lists used to set authoritative bindings, keyed by role. | <code title="map&#40;set&#40;string&#41;&#41;">map(set(string))</code> | | <code title="">{}</code> |
| *labels* | Resource labels. | <code title="map&#40;string&#41;">map(string)</code> | | <code title="">{}</code> |
| *lien_reason* | If non-empty, creates a project lien with this description. | <code title="">string</code> | | <code title=""></code> |
| *oslogin* | Enable OS Login. | <code title="">bool</code> | | <code title="">false</code> |
| *oslogin_admins* | List of IAM-style identities that will be granted roles necessary for OS Login administrators. | <code title="list&#40;string&#41;">list(string)</code> | | <code title="">[]</code> |
| *oslogin_users* | List of IAM-style identities that will be granted roles necessary for OS Login users. | <code title="list&#40;string&#41;">list(string)</code> | | <code title="">[]</code> |
| *parent* | Parent folder or organization in 'folders/folder_id' or 'organizations/org_id' format. | <code title="">string</code> | | <code title="">null</code> |
| *parent* | Parent folder or organization in 'folders/folder_id' or 'organizations/org_id' format. | <code title="">string</code> | | <code title="null&#10;validation &#123;&#10;condition &#61; var.parent &#61;&#61; null &#124;&#124; can&#40;regex&#40;&#34;&#40;organizations&#124;folders&#41;&#47;&#91;0-9&#93;&#43;&#34;, var.parent&#41;&#41;&#10;error_message &#61; &#34;Parent must be of the form folders&#47;folder_id or organizations&#47;organization_id.&#34;&#10;&#125;">...</code> |
| *policy_boolean* | Map of boolean org policies and enforcement value, set value to null for policy restore. | <code title="map&#40;bool&#41;">map(bool)</code> | | <code title="">{}</code> |
| *policy_list* | Map of list org policies, status is true for allow, false for deny, null for restore. Values can only be used for allow or deny. | <code title="map&#40;object&#40;&#123;&#10;inherit_from_parent &#61; bool&#10;suggested_value &#61; string&#10;status &#61; bool&#10;values &#61; list&#40;string&#41;&#10;&#125;&#41;&#41;">map(object({...}))</code> | | <code title="">{}</code> |
| *prefix* | Prefix used to generate project id and name. | <code title="">string</code> | | <code title="">null</code> |

4
modules/project/main.tf
View File

@@ -16,7 +16,7 @@
locals {
iam_additive_pairs = flatten([
for member, roles in var.iam_additive_bindings : [
for member, roles in var.iam_additive : [
for role in roles :
{ role = role, member = member }
]
@@ -102,7 +102,7 @@ resource "google_project_iam_binding" "authoritative" {
}
resource "google_project_iam_member" "additive" {
for_each = length(var.iam_additive_bindings) > 0 ? local.iam_additive : {}
for_each = length(var.iam_additive) > 0 ? local.iam_additive : {}
project = local.project.project_id
role = each.value.role
member = each.value.member

2
modules/project/variables.tf
View File

@@ -38,7 +38,7 @@ variable "iam_members" {
default = {}
}
variable "iam_additive_bindings" {
variable "iam_additive" {
description = "Map of roles lists used to set non authoritative bindings, keyed by members"
type = map(list(string))
default = {}

2
tests/modules/project/fixture/main.tf
View File

@@ -21,7 +21,7 @@ module "test" {
auto_create_network = var.auto_create_network
custom_roles = var.custom_roles
iam_members = var.iam_members
iam_additive_bindings = var.iam_additive_bindings
iam_additive = var.iam_additive
labels = var.labels
lien_reason = var.lien_reason
oslogin = var.oslogin

2
tests/modules/project/fixture/variables.tf
View File

@@ -29,7 +29,7 @@ variable "iam_members" {
default = {}
}
variable "iam_additive_bindings" {
variable "iam_additive" {
type = map(list(string))
default = {}
}