diff --git a/third_party/terraform/data_sources/data_source_iam_beta_workload_identity_pool.go.erb b/third_party/terraform/data_sources/data_source_iam_beta_workload_identity_pool.go.erb new file mode 100644 index 000000000000..21b8289e000d --- /dev/null +++ b/third_party/terraform/data_sources/data_source_iam_beta_workload_identity_pool.go.erb @@ -0,0 +1,32 @@ +<% autogen_exception -%> +package google + +<% unless version == 'ga' -%> +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourceIAMBetaWorkloadIdentityPool() *schema.Resource { + + dsSchema := (resourceIAMBetaWorkloadIdentityPool().Schema) + addRequiredFieldsToSchema(dsSchema, "workload_identity_pool_id") + addOptionalFieldsToSchema(dsSchema, "project") + + return &schema.Resource{ + Read: dataSourceIAMBetaWorkloadIdentityPoolRead, + Schema: dsSchema, + } +} + +func dataSourceIAMBetaWorkloadIdentityPoolRead(d *schema.ResourceData, meta interface{}) error { + config := meta.(*Config) + + id, err := replaceVars(d, config, "projects/{{project}}/locations/global/workloadIdentityPools/{{workload_identity_pool_id}}") + if err != nil { + return fmt.Errorf("Error constructing id: %s", err) + } + d.SetId(id) + return resourceIAMBetaWorkloadIdentityPoolRead(d, meta) + +} +<% end -%> diff --git a/third_party/terraform/tests/data_source_iam_beta_workload_identity_pool_test.go.erb b/third_party/terraform/tests/data_source_iam_beta_workload_identity_pool_test.go.erb new file mode 100644 index 000000000000..ecfbfc26d410 --- /dev/null +++ b/third_party/terraform/tests/data_source_iam_beta_workload_identity_pool_test.go.erb @@ -0,0 +1,47 @@ +<% autogen_exception -%> +package google + +<% unless version == 'ga' -%> +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccDataSourceIAMBetaWorkloadIdentityPool_basic(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": randString(t, 10), + } + + vcrTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckIAMBetaWorkloadIdentityPoolDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccDataSourceIAMBetaWorkloadIdentityPoolBasic(context), + Check: resource.ComposeTestCheckFunc( + checkDataSourceStateMatchesResourceState("data.google_iam_workload_identity_pool.foo", "google_iam_workload_identity_pool.bar"), + ), + }, + }, + }) +} + +func testAccDataSourceIAMBetaWorkloadIdentityPoolBasic(context map[string]interface{}) string { + return Nprintf(` +resource "google_iam_workload_identity_pool" "bar" { + workload_identity_pool_id = "bar-pool-%{random_suffix}" + display_name = "Name of pool" + description = "Identity pool for automated test" + disabled = true +} + +data "google_iam_workload_identity_pool" "foo" { + workload_identity_pool_id = google_iam_workload_identity_pool.bar.workload_identity_pool_id +} +`, context) +} +<% end -%> diff --git a/third_party/terraform/utils/provider.go.erb b/third_party/terraform/utils/provider.go.erb index 32845a074bf3..ce5119682b92 100644 --- a/third_party/terraform/utils/provider.go.erb +++ b/third_party/terraform/utils/provider.go.erb @@ -223,6 +223,9 @@ func Provider() *schema.Provider { "google_iam_policy": dataSourceGoogleIamPolicy(), "google_iam_role": dataSourceGoogleIamRole(), "google_iam_testable_permissions": dataSourceGoogleIamTestablePermissions(), + <% unless version == 'ga' -%> + "google_iam_workload_identity_pool": dataSourceIAMBetaWorkloadIdentityPool(), + <% end -%> "google_kms_crypto_key": dataSourceGoogleKmsCryptoKey(), "google_kms_crypto_key_version": dataSourceGoogleKmsCryptoKeyVersion(), "google_kms_key_ring": dataSourceGoogleKmsKeyRing(), diff --git a/third_party/terraform/website/docs/d/iam_workload_identity_pool.markdown b/third_party/terraform/website/docs/d/iam_workload_identity_pool.markdown new file mode 100644 index 000000000000..b2a9217d800f --- /dev/null +++ b/third_party/terraform/website/docs/d/iam_workload_identity_pool.markdown @@ -0,0 +1,38 @@ +--- +subcategory: "Cloud IAM" +layout: "google" +page_title: "Google: google_iam_workload_identity_pool" +sidebar_current: "docs-google-datasource-iam-workload-identity-pool" +description: |- + Get a IAM workload identity pool from Google Cloud +--- + +# google\_iam\_workload_\identity\_pool + +Get a IAM workload identity pool from Google Cloud by its id. + +~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider. +See [Provider Versions](https://terraform.io/docs/providers/google/guides/provider_versions.html) for more details on beta resources. + +## Example Usage + +```tf +data "google_iam_workload_identity_pool" "foo" { + workload_identity_pool_id = "foo-pool" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `workload_identity_pool_id` - (Required) The id of the pool which is the + final component of the resource name. + +- - - + +* `project` - (Optional) The project in which the resource belongs. If it + is not provided, the provider project is used. + +## Attributes Reference +See [google_iam_workload_identity_pool](https://www.terraform.io/docs/providers/google/r/iam_workload_identity_pool.html) resource for details of all the available attributes.