Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add warnings about custom role format for IAM bindings #1605

Merged
merged 13 commits into from
Jan 8, 2020
Merged

Add warnings about custom role format for IAM bindings #1605

merged 13 commits into from
Jan 8, 2020

Conversation

modular-magician
Copy link
Collaborator

Related to hashicorp/terraform-provider-google#5250

IAM bindings allow for empty members - this means we need to support import/read for IAM bindings that do not actually exist in the Policy. However, we can't tell this apart from a user specifying the wrong role, which will cause the import to succeed but an subsequent apply to create the binding.

Given the above expected but weird behavior, this PR:

  • adds a note to IAM docs to prevent confusion in the case of custom roles
  • adds a warning to log output when we read in a non-existing binding as having no members

Derived from GoogleCloudPlatform/magic-modules#2937

chrisst and others added 13 commits January 6, 2020 15:51
@chrisst
Allow domain mapping to succeed if DNS is pending
61c9686 
Signed-off-by: Modular Magician <[email protected]>
@modular-magician @danawillow
Update google_folder import description (hashicorp#1592)
a1755df 
Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: Dana Hoffman <[email protected]>
@modular-magician @danawillow
add google_kms_secret_ciphertext resource, deprecate datasource (hash…
7b7994e 
…icorp#1586)

Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: Dana Hoffman <[email protected]>
@modular-magician @rileykarson
Allow add/removing Bigtable clusters (hashicorp#1589)
4ea508b 
Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: Riley Karson <[email protected]>
@modular-magician @emilymye
Add bootstrapped test networks for service networking tests (hashicor…
812048a 
…p#1588)

Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: emily <[email protected]>
@paddycarver
Update CHANGELOG.md
996128a
@modular-magician @MartinNowak @emilymye
fix docs for google_bigquery_default_service_account (hashicorp#1596)
d924c9e 
Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: Martin Nowak <[email protected]>
@modular-magician @BrianPi @emilymye
Nil return for absent Bigtable resources (hashicorp#1597)
af0f94e 
Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: Brian Hildebrandt <[email protected]>
@megan07 @modular-magician
add lifecycle_config to dataproc_cluster.cluster_config
ad16517 
Signed-off-by: Modular Magician <[email protected]>
@megan07
add lifecycle_config to dataproc_cluster.cluster_config
0d77be0
@modular-magician @emilymye
Add warnings about custom role format for IAM bindings (hashicorp#1600)
a13c794 
Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: emily <[email protected]>
@modular-magician @emilymye
Add mutex to peering create (hashicorp#1601)
1a7013b 
Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: emily <[email protected]>
@modular-magician
Add warnings about custom role format for IAM bindings (hashicorp#2937)
58cc927 
Merged PR hashicorp#2937.
@modular-magician modular-magician merged commit cd448e9 into hashicorp:downstream-master Jan 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
documentation size/xxl
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@modular-magician @chrisst @paddycarver @megan07