Added a create test for privileged_access_manager_enttlement

GoogleCloudPlatform · Apr 3, 2024 · 9834fe3 · 9834fe3
1 parent 9bf29eb
commit 9834fe3
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 1 deletion.
diff --git a/mmv1/products/privilegedaccessmanager/Entitlement.yaml b/mmv1/products/privilegedaccessmanager/Entitlement.yaml
@@ -22,10 +22,16 @@ import_format:
   - "{{parent}}/locations/{{location}}/entitlements/{{entitlement_id}}"
 update_verb: :PATCH
 update_mask: true
-
 description: |
   An Entitlement defines the eligibility of a set of users to obtain a predefined access for some time possibly after going through an approval workflow.
 autogen_async: true
+examples:
+  - !ruby/object:Provider::Terraform::Examples
+    name: "privileged_access_manager_entitlement_basic"
+    min_version: beta
+    primary_resource_id: "tf_entitlement"
+    vars:
+      entitlement_id: "example_entitlement"
 properties:
   - !ruby/object:Api::Type::String
     name: name

diff --git a/mmv1/templates/terraform/examples/privileged_access_manager_entitlement_basic.tf.erb b/mmv1/templates/terraform/examples/privileged_access_manager_entitlement_basic.tf.erb
@@ -0,0 +1,22 @@
+resource "google_privileged_access_manager_entitlement" "<%= ctx[:primary_resource_id] %>" {
+    provider =  google-beta
+    entitlement_id = "<%= ctx[:vars]['entitlement_id'] %>"
+    location = "global"
+    max_request_duration = "43200s"
+    parent = "projects/itsvarsharma-pam-testing"
+    requester_justification_config {    
+        unstructured{}
+    }
+    eligible_users {
+        principals = ["serviceAccount:[email protected]"]
+    }
+    privileged_access{
+        gcp_iam_access{
+            role_bindings{
+                role = "roles/storage.admin"
+            }
+            resource = "//cloudresourcemanager.googleapis.com/projects/itsvarsharma-pam-testing"
+            resource_type = "cloudresourcemanager.googleapis.com/Project"
+        }
+    }
+}