From a029ad382bb1f4233f723f56c5a0db84e6a8dcfe Mon Sep 17 00:00:00 2001 From: Yasuhisa Yoshida Date: Sat, 21 Oct 2023 03:06:08 +0900 Subject: [PATCH] Add iamMember to access for BigQuery dataset (#9288) --- mmv1/products/bigquery/Dataset.yaml | 5 +++++ .../services/bigquery/resource_bigquery_dataset_test.go | 8 ++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/mmv1/products/bigquery/Dataset.yaml b/mmv1/products/bigquery/Dataset.yaml index 41c0fbf1491d..4e8540977f17 100644 --- a/mmv1/products/bigquery/Dataset.yaml +++ b/mmv1/products/bigquery/Dataset.yaml @@ -140,6 +140,11 @@ properties: * `allAuthenticatedUsers`: All authenticated BigQuery users. + - !ruby/object:Api::Type::String + name: 'iamMember' + description: | + Some other type of member that appears in the IAM Policy but isn't a user, + group, domain, or special group. For example: `allUsers` - !ruby/object:Api::Type::String name: 'userByEmail' description: | diff --git a/mmv1/third_party/terraform/services/bigquery/resource_bigquery_dataset_test.go b/mmv1/third_party/terraform/services/bigquery/resource_bigquery_dataset_test.go index 11c14014ace9..5125403c26f3 100644 --- a/mmv1/third_party/terraform/services/bigquery/resource_bigquery_dataset_test.go +++ b/mmv1/third_party/terraform/services/bigquery/resource_bigquery_dataset_test.go @@ -227,7 +227,7 @@ func TestAccBigQueryDataset_access(t *testing.T) { ImportStateVerifyIgnore: []string{"labels", "terraform_labels"}, }, { - Config: testAccBigQueryDatasetWithTwoAccess(datasetID), + Config: testAccBigQueryDatasetWithThreeAccess(datasetID), }, { ResourceName: "google_bigquery_dataset.access_test", @@ -504,7 +504,7 @@ resource "google_bigquery_dataset" "access_test" { `, datasetID) } -func testAccBigQueryDatasetWithTwoAccess(datasetID string) string { +func testAccBigQueryDatasetWithThreeAccess(datasetID string) string { return fmt.Sprintf(` resource "google_bigquery_dataset" "access_test" { dataset_id = "%s" @@ -517,6 +517,10 @@ resource "google_bigquery_dataset" "access_test" { role = "READER" domain = "hashicorp.com" } + access { + role = "READER" + iam_member = "allUsers" + } labels = { env = "foo"