iampolicy

package
v0.97.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 8, 2024 License: MPL-2.0 Imports: 24 Imported by: 0

Documentation

Overview

iampolicy is a helper package for creating Terraform resources that modify an HCP Resource's IAM Policy. By implementing a single interface, a resource can provide an authoratative Policy resource and a Binding resource. Using this package simplifies implementation, provides a performance optimized experience, and providers a consistent interface to the provider users.

For examples of how to implement the interface, see hcp_project_iam_policy/binding.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Equal 

func Equal(p1, p2 *models.HashicorpCloudResourcemanagerPolicy) bool

Equal returns if the passed Policies are equal.

func FromMap 

func FromMap(etag string, bindings map[string]map[string]*models.HashicorpCloudResourcemanagerPolicyBindingMemberType) *models.HashicorpCloudResourcemanagerPolicy

FromMap converts the map generated by ToMap to an IAM Policy object.

func NewResourceIamBinding 

func NewResourceIamBinding(
	typeName string,
	parentSpecificSchema schema.Schema,
	importAttrName string,
	newUpdaterFunc NewResourceIamUpdaterFunc,
) resource.Resource

parentSpecificSchema should be a schema that includes a MarkdownDescription and any necessary Attributes to target the specific resource ("project_id", "resource_name", etc)

importAttrName allows specifying the attribute to be set when a user runs `terraform import`. Subsequent calls to SetResourceIamPolicy can use this information to populate the policy.

func NewResourceIamPolicy 

func NewResourceIamPolicy(
	typeName string,
	parentSpecificSchema schema.Schema,
	importAttrName string,
	newUpdaterFunc NewResourceIamUpdaterFunc,
) resource.Resource

parentSpecificSchema should be a schema that includes a MarkdownDescription and any necessary Attributes to target the specific resource ("project_id", "resource_name", etc)

importAttrName allows specifying the attribute to be set when a user runs `terraform import`. Subsequent calls to SetResourceIamPolicy can use this information to populate the policy.

func ToMap 

func ToMap(p *models.HashicorpCloudResourcemanagerPolicy) map[string]map[string]*models.HashicorpCloudResourcemanagerPolicyBindingMemberType

ToMap to map converts an IAM policy to a set of maps. The first map is keyed by Role ID, and the second map is keyed by PrincipalID.

Types

type NewResourceIamUpdaterFunc 

type NewResourceIamUpdaterFunc func(ctx context.Context, d TerraformResourceData, clients *clients.Client) (ResourceIamUpdater, diag.Diagnostics)

Factory for generating ResourceIamUpdater for given ResourceData resource

type PolicyDataType 

type PolicyDataType struct {
	basetypes.StringType
}

PolicyDataType is a custom type for handling marshaled policy_data.

func (PolicyDataType) Equal 

func (t PolicyDataType) Equal(o attr.Type) bool

func (PolicyDataType) String 

func (t PolicyDataType) String() string

func (PolicyDataType) Validate 

func (t PolicyDataType) Validate(ctx context.Context, value tftypes.Value, valuePath path.Path) diag.Diagnostics

Validate will be called whenever a PolicyDataValue is being created. This is helpful to both give the user a better error message but also so the Value type can assume the policy_data is valid.

func (PolicyDataType) ValueFromString 

func (t PolicyDataType) ValueFromString(ctx context.Context, in basetypes.StringValue) (basetypes.StringValuable, diag.Diagnostics)

func (PolicyDataType) ValueFromTerraform 

func (t PolicyDataType) ValueFromTerraform(ctx context.Context, in tftypes.Value) (attr.Value, error)

func (PolicyDataType) ValueType 

func (t PolicyDataType) ValueType(ctx context.Context) attr.Value

type PolicyDataValue 

type PolicyDataValue struct {
	basetypes.StringValue
}

func (PolicyDataValue) Equal 

func (v PolicyDataValue) Equal(o attr.Value) bool

func (PolicyDataValue) StringSemanticEquals 

func (v PolicyDataValue) StringSemanticEquals(ctx context.Context, newValuable basetypes.StringValuable) (bool, diag.Diagnostics)

StringSemanticEquals checks that two policies are semantically equal. This is critical for suppressing planned changes where the only delta is the ordering of bindings or members within a binding.

func (PolicyDataValue) Type 

func (v PolicyDataValue) Type(ctx context.Context) attr.Type

type ResourceIamUpdater 

type ResourceIamUpdater interface {
	// GetResourceIamPolicy fetches the existing IAM policy attached to a resource.
	GetResourceIamPolicy(context.Context) (*models.HashicorpCloudResourcemanagerPolicy, diag.Diagnostics)

	// SetResourceIamPolicy replaces the existing IAM Policy attached to a resource.
	// If an error occurs, a new custom ErrorHTTPStatusCode should be appended to the diagnostics.
	SetResourceIamPolicy(ctx context.Context, policy *models.HashicorpCloudResourcemanagerPolicy) (*models.HashicorpCloudResourcemanagerPolicy, diag.Diagnostics)

	// GetMutexKey gets the mutex key.
	// A mutex guards against concurrent to call to the SetResourceIamPolicy method.
	// The mutex key should be globally unique.
	GetMutexKey() string
}

The ResourceIamUpdater interface is implemented for each HCP resource supporting IAM policy (Organization/Project/Resource).

Implementations should be created per resource and should keep track of the resource identifier.

type TerraformResourceData 

type TerraformResourceData interface {
	GetAttribute(ctx context.Context, path path.Path, target interface{}) diag.Diagnostics
	SetAttribute(ctx context.Context, path path.Path, val interface{}) diag.Diagnostics
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.