Skip to content

Commit

Permalink
remove exactly one policy from organization policies, as we can have …
Browse files Browse the repository at this point in the history
…none if they inherit from parent
  • Loading branch information
megan07 authored and modular-magician committed Nov 15, 2019
1 parent 70a4480 commit ccf7cd4
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 17 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -10,17 +10,20 @@ import (
)

var schemaOrganizationPolicy = map[string]*schema.Schema{
// Although the API suggests that boolean_policy, list_policy, or restore_policy must be set,
// Organization policies can be "inherited from parent" in the UI, and this is the default
// state of the resource without any policy set.
// See https://github.com/terraform-providers/terraform-provider-google/issues/3607
"constraint": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
DiffSuppressFunc: compareSelfLinkOrResourceName,
},
"boolean_policy": {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
ExactlyOneOf: []string{"list_policy", "boolean_policy", "restore_policy"},
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"enforced": {
Expand All @@ -31,10 +34,9 @@ var schemaOrganizationPolicy = map[string]*schema.Schema{
},
},
"list_policy": {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
ExactlyOneOf: []string{"list_policy", "boolean_policy", "restore_policy"},
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"allow": {
Expand Down Expand Up @@ -109,10 +111,9 @@ var schemaOrganizationPolicy = map[string]*schema.Schema{
Computed: true,
},
"restore_policy": {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
ExactlyOneOf: []string{"restore_policy", "boolean_policy", "list_policy"},
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"default": {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1358,11 +1358,6 @@ required on the `http_check.auth_info` block.

## Resource: `google_organization_policy`

### Exactly one of `list_policy`, `boolean_policy`, or `restore_policy` is now required on `google_organization_policy`

In attempt to be more consistent with the API, exactly one of `list_policy`, `boolean_policy`,
or `restore_policy` is now required on `google_organization_policy`.

### Exactly one of `allow` or `deny` is now required on `google_organization_policy.list_policy`

In an attempt to avoid allowing empty blocks in config files, exactly one of `allow` or `deny` is now
Expand Down

0 comments on commit ccf7cd4

Please sign in to comment.