From 7da1620a4bea7e851860a145cf4834d994c22ac7 Mon Sep 17 00:00:00 2001 From: Roland Kool Date: Wed, 17 Apr 2019 14:40:27 +0200 Subject: [PATCH 1/4] Support IAM roles on BigQuery datasets Change-Id: Idecf18ca5be1a7d1f56d88444d9d19be23abea73 --- google/resource_bigquery_dataset.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/google/resource_bigquery_dataset.go b/google/resource_bigquery_dataset.go index 098ee3ce430..a8169aaf1b2 100644 --- a/google/resource_bigquery_dataset.go +++ b/google/resource_bigquery_dataset.go @@ -6,7 +6,6 @@ import ( "regexp" "github.com/hashicorp/terraform/helper/schema" - "github.com/hashicorp/terraform/helper/validation" "google.golang.org/api/bigquery/v2" ) @@ -138,9 +137,8 @@ func resourceBigQueryDataset() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "role": { - Type: schema.TypeString, - Optional: true, - ValidateFunc: validation.StringInSlice([]string{"OWNER", "WRITER", "READER"}, false), + Type: schema.TypeString, + Optional: true, }, "domain": { Type: schema.TypeString, From fc9a361d3e3b7b5ea0e62c0a2bc7a30c0d5276e8 Mon Sep 17 00:00:00 2001 From: Souhail Hanfi Date: Wed, 12 Jun 2019 15:23:41 +0200 Subject: [PATCH 2/4] Bigquery documentation Update --- website/docs/r/bigquery_dataset.html.markdown | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/website/docs/r/bigquery_dataset.html.markdown b/website/docs/r/bigquery_dataset.html.markdown index 56e8b5bd42b..8a15ccfae45 100644 --- a/website/docs/r/bigquery_dataset.html.markdown +++ b/website/docs/r/bigquery_dataset.html.markdown @@ -111,8 +111,11 @@ The `access` block supports the following fields (exactly one of `domain`, even though they are marked optional): * `role` - (Required unless `view` is set) Describes the rights granted to - the user specified by the other member of the access object. The following - string values are supported: `READER`, `WRITER`, `OWNER`. + the user specified by the other member of the access object. + Primitive, Predefined and custom roles are supported. + Predefined roles that have equivalent primitive roles are swaped + by the API to their Primitive counterparts. + See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). * `domain` - (Optional) A domain to grant access to. From 5c1c73dbc84fa7f6223a379bf2c6b915da43feed Mon Sep 17 00:00:00 2001 From: rolandkool Date: Wed, 12 Jun 2019 19:10:13 +0200 Subject: [PATCH 3/4] Update bigquery_dataset.html.markdown --- website/docs/r/bigquery_dataset.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/bigquery_dataset.html.markdown b/website/docs/r/bigquery_dataset.html.markdown index 8a15ccfae45..43b7409f3bf 100644 --- a/website/docs/r/bigquery_dataset.html.markdown +++ b/website/docs/r/bigquery_dataset.html.markdown @@ -113,7 +113,7 @@ even though they are marked optional): * `role` - (Required unless `view` is set) Describes the rights granted to the user specified by the other member of the access object. Primitive, Predefined and custom roles are supported. - Predefined roles that have equivalent primitive roles are swaped + Predefined roles that have equivalent primitive roles are swapped by the API to their Primitive counterparts. See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). From 54dd8541820643ec6a585f5a248c7737f89a91ee Mon Sep 17 00:00:00 2001 From: Dana Hoffman Date: Mon, 17 Jun 2019 15:54:42 -0700 Subject: [PATCH 4/4] Use access control link in docs and add a small clarification --- website/docs/r/bigquery_dataset.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/bigquery_dataset.html.markdown b/website/docs/r/bigquery_dataset.html.markdown index 43b7409f3bf..3c0f4917612 100644 --- a/website/docs/r/bigquery_dataset.html.markdown +++ b/website/docs/r/bigquery_dataset.html.markdown @@ -114,8 +114,8 @@ even though they are marked optional): the user specified by the other member of the access object. Primitive, Predefined and custom roles are supported. Predefined roles that have equivalent primitive roles are swapped - by the API to their Primitive counterparts. - See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). + by the API to their Primitive counterparts, and will show a diff post-create. + See [official docs](https://cloud.google.com/bigquery/docs/access-control). * `domain` - (Optional) A domain to grant access to.