IAM Policy Assignment: S2S Policy Assignments #5499
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
| @@ -44,6 +44,34 @@ func TestAccIBMIAMPolicyTemplateBasic(t *testing.T) { | |||
| }) | |||
| } | |||
|
|
|||
| func TestAccIBMIAMPolicyTemplateBasicUpdateTest(t *testing.T) { | |||
There was a problem hiding this comment.
can we change the testcase name to include S2S
| } | ||
| attributes { | ||
| key = "volumeId" | ||
| operator = "stringEquals" |
There was a problem hiding this comment.
stringEquals -> "stringExists"
| ResourceModel, roleList, err := generateTemplatePolicyResource(modelMap["resource"].([]interface{})[0].(map[string]interface{}), iamPolicyManagementClient) | ||
| var roleList *iampolicymanagementv1.RoleCollection | ||
| listRoleOptions := &iampolicymanagementv1.ListRolesOptions{} | ||
| // var ResourceModel *iampolicymanagementv1.V2PolicyResource |
| // var ResourceModel *iampolicymanagementv1.V2PolicyResource | ||
| var err error | ||
| if _, ok := d.GetOk("policy.0.resource"); ok { | ||
| // ResourceModel, roleList, err = generateTemplatePolicyAttributes(modelMap["resource"].([]interface{})[0].(map[string]interface{}), |
| modelMap := modelMap["resource"].([]interface{})[0].(map[string]interface{}) | ||
| modelResource := &iampolicymanagementv1.V2PolicyResource{} | ||
| attributes := []iampolicymanagementv1.V2PolicyResourceAttribute{} | ||
| // roleList := &iampolicymanagementv1.RoleCollection{} |
| *attributesItemModel.Operator == "stringEquals") { | ||
| targetServiceName = fmt.Sprintf("%v", attributesItemModel.Value) | ||
|
|
||
| // listRoleOptions.ServiceName = core.StringPtr(attributesItemModel.Value.(string)) |
|
|
||
| // check subject only for authorization type | ||
| if _, ok := d.GetOk("policy.0.subject"); ok { | ||
| // subjectModel, err := generateTemplatePolicySubject(((modelMap["subject"]).(*schema.Set).List())) |
| return model, fmt.Errorf("[ERROR] Only values \"true\" and \"false\" are allowed when operator is \"stringExists\". Received %s.", attributesItemModel.Value) | ||
| } | ||
| } | ||
| if *attributesItemModel.Operator == "" && attributesItemModel.Value == "*" && *attributesItemModel.Key == "resourceGroupId" { |
There was a problem hiding this comment.
this may be for authorization type only
| listRoleOptions.ServiceName = core.StringPtr("alliamserviceroles") | ||
| } | ||
|
|
||
| if *attributesItemModel.Key == "resourceType" && targetServiceName == "" { |
There was a problem hiding this comment.
this check also mostly for "authorization" type templates
|
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
|
|
|
|
|
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
swcolley
reviewed
Jul 11, 2024
| modelMap := make(map[string]interface{}) | ||
| attributes := []map[string]interface{}{} | ||
| listRoleOptions := &iampolicymanagementv1.ListRolesOptions{} | ||
| var roles *iampolicymanagementv1.RoleCollection | ||
| // var roles *iampolicymanagementv1.RoleCollection |
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
|
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
swcolley
approved these changes
Jul 12, 2024
hkantare
reviewed
Jul 12, 2024
go.mod
Outdated
| github.com/IBM/platform-services-go-sdk v0.62.11 | ||
| github.com/IBM/project-go-sdk v0.3.5 | ||
| github.com/IBM/platform-services-go-sdk v0.64.3 | ||
| github.com/IBM/project-go-sdk v0.3.4 |
There was a problem hiding this comment.
rolling back to previous version shd n't override other services go sdk's verison
| @@ -301,13 +301,6 @@ func dataSourceIBMIAMPolicyAssignmentRead(context context.Context, d *schema.Res | |||
| return diag.FromErr(fmt.Errorf("error setting template: %s", err)) | |||
| } | |||
| } | |||
| optionsMap, err := ResourceIBMPolicyAssignmentPolicyAssignmentV1OptionsToMap(policyAssignmentRecord.Options) | |||
There was a problem hiding this comment.
Remove options also from Schema
| @@ -394,13 +394,6 @@ func DataSourceIBMPolicyAssignmentPolicyTemplateAssignmentItemsToMap(model iampo | |||
| } | |||
| modelMap["target"] = targetMap | |||
| } | |||
| if model.Options != nil { | |||
There was a problem hiding this comment.
Remove options from Schema
| @@ -48,8 +48,6 @@ func ResourceIBMIAMPolicyAssignment() *schema.Resource { | |||
| "templates": { | |||
| Type: schema.TypeList, | |||
| Required: true, | |||
| MinItems: 1, | |||
There was a problem hiding this comment.
Why we removed Min and Max Items
|
Update respective docs (resources/datasources) as per the above code changes |
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
Signed-off-by: Alluri-Varma <alluri.varma@ibm.com>
hkantare
approved these changes
Jul 15, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Community Note
Relates OR Closes #0000
Output from acceptance testing: