From d0ed3b7614b7560b3d6b89db8d3f36a1d74c8ab2 Mon Sep 17 00:00:00 2001
From: Ludovico Magnocavallo <ludomagno@google.com>
Date: Wed, 4 Nov 2020 16:17:12 +0100
Subject: [PATCH] rename iam additive variable in project module

---
 modules/project/README.md                  | 4 ++--
 modules/project/main.tf                    | 4 ++--
 modules/project/variables.tf               | 2 +-
 tests/modules/project/fixture/main.tf      | 2 +-
 tests/modules/project/fixture/variables.tf | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/modules/project/README.md b/modules/project/README.md
index 72dd368b0..fcf7e1898 100644
--- a/modules/project/README.md
+++ b/modules/project/README.md
@@ -87,14 +87,14 @@ module "project" {
 | *auto_create_network* | Whether to create the default network for the project | <code title="">bool</code> |  | <code title="">false</code> |
 | *billing_account* | Billing account id. | <code title="">string</code> |  | <code title="">null</code> |
 | *custom_roles* | Map of role name => list of permissions to create in this project. | <code title="map&#40;list&#40;string&#41;&#41;">map(list(string))</code> |  | <code title="">{}</code> |
-| *iam_additive_bindings* | Map of roles lists used to set non authoritative bindings, keyed by members | <code title="map&#40;list&#40;string&#41;&#41;">map(list(string))</code> |  | <code title="">{}</code> |
+| *iam_additive* | Map of roles lists used to set non authoritative bindings, keyed by members | <code title="map&#40;list&#40;string&#41;&#41;">map(list(string))</code> |  | <code title="">{}</code> |
 | *iam_members* | Map of member lists used to set authoritative bindings, keyed by role. | <code title="map&#40;set&#40;string&#41;&#41;">map(set(string))</code> |  | <code title="">{}</code> |
 | *labels* | Resource labels. | <code title="map&#40;string&#41;">map(string)</code> |  | <code title="">{}</code> |
 | *lien_reason* | If non-empty, creates a project lien with this description. | <code title="">string</code> |  | <code title=""></code> |
 | *oslogin* | Enable OS Login. | <code title="">bool</code> |  | <code title="">false</code> |
 | *oslogin_admins* | List of IAM-style identities that will be granted roles necessary for OS Login administrators. | <code title="list&#40;string&#41;">list(string)</code> |  | <code title="">[]</code> |
 | *oslogin_users* | List of IAM-style identities that will be granted roles necessary for OS Login users. | <code title="list&#40;string&#41;">list(string)</code> |  | <code title="">[]</code> |
-| *parent* | Parent folder or organization in 'folders/folder_id' or 'organizations/org_id' format. | <code title="">string</code> |  | <code title="">null</code> |
+| *parent* | Parent folder or organization in 'folders/folder_id' or 'organizations/org_id' format. | <code title="">string</code> |  | <code title="null&#10;validation &#123;&#10;condition     &#61; var.parent &#61;&#61; null &#124;&#124; can&#40;regex&#40;&#34;&#40;organizations&#124;folders&#41;&#47;&#91;0-9&#93;&#43;&#34;, var.parent&#41;&#41;&#10;error_message &#61; &#34;Parent must be of the form folders&#47;folder_id or organizations&#47;organization_id.&#34;&#10;&#125;">...</code> |
 | *policy_boolean* | Map of boolean org policies and enforcement value, set value to null for policy restore. | <code title="map&#40;bool&#41;">map(bool)</code> |  | <code title="">{}</code> |
 | *policy_list* | Map of list org policies, status is true for allow, false for deny, null for restore. Values can only be used for allow or deny. | <code title="map&#40;object&#40;&#123;&#10;inherit_from_parent &#61; bool&#10;suggested_value     &#61; string&#10;status              &#61; bool&#10;values              &#61; list&#40;string&#41;&#10;&#125;&#41;&#41;">map(object({...}))</code> |  | <code title="">{}</code> |
 | *prefix* | Prefix used to generate project id and name. | <code title="">string</code> |  | <code title="">null</code> |
diff --git a/modules/project/main.tf b/modules/project/main.tf
index 1ef2be8eb..eb899d70e 100644
--- a/modules/project/main.tf
+++ b/modules/project/main.tf
@@ -16,7 +16,7 @@
 
 locals {
   iam_additive_pairs = flatten([
-    for member, roles in var.iam_additive_bindings : [
+    for member, roles in var.iam_additive : [
       for role in roles :
       { role = role, member = member }
     ]
@@ -102,7 +102,7 @@ resource "google_project_iam_binding" "authoritative" {
 }
 
 resource "google_project_iam_member" "additive" {
-  for_each = length(var.iam_additive_bindings) > 0 ? local.iam_additive : {}
+  for_each = length(var.iam_additive) > 0 ? local.iam_additive : {}
   project  = local.project.project_id
   role     = each.value.role
   member   = each.value.member
diff --git a/modules/project/variables.tf b/modules/project/variables.tf
index 75150cc1f..26f363856 100644
--- a/modules/project/variables.tf
+++ b/modules/project/variables.tf
@@ -38,7 +38,7 @@ variable "iam_members" {
   default     = {}
 }
 
-variable "iam_additive_bindings" {
+variable "iam_additive" {
   description = "Map of roles lists used to set non authoritative bindings, keyed by members"
   type        = map(list(string))
   default     = {}
diff --git a/tests/modules/project/fixture/main.tf b/tests/modules/project/fixture/main.tf
index 8fce40f8f..ea5dff0cc 100644
--- a/tests/modules/project/fixture/main.tf
+++ b/tests/modules/project/fixture/main.tf
@@ -21,7 +21,7 @@ module "test" {
   auto_create_network   = var.auto_create_network
   custom_roles          = var.custom_roles
   iam_members           = var.iam_members
-  iam_additive_bindings = var.iam_additive_bindings
+  iam_additive          = var.iam_additive
   labels                = var.labels
   lien_reason           = var.lien_reason
   oslogin               = var.oslogin
diff --git a/tests/modules/project/fixture/variables.tf b/tests/modules/project/fixture/variables.tf
index 83d063526..e8c8df001 100644
--- a/tests/modules/project/fixture/variables.tf
+++ b/tests/modules/project/fixture/variables.tf
@@ -29,7 +29,7 @@ variable "iam_members" {
   default = {}
 }
 
-variable "iam_additive_bindings" {
+variable "iam_additive" {
   type    = map(list(string))
   default = {}
 }