-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changing IAM audit config to be authoritative #2438
Changing IAM audit config to be authoritative #2438
Conversation
3.0.0 diff report as of da96a66 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM- I think we can remove mergeAuditConfigs
too.
|
||
ac := getResourceIamAuditConfig(d) | ||
modifyF := func(ep *cloudresourcemanager.Policy) error { | ||
ep.AuditConfigs = mergeAuditConfigs(append(ep.AuditConfigs, ac)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is mergeAuditConfigs
still in use anywhere? As far as I can tell, the last user is it testing itself.
Hmm, actually I'm not sure what's going on with the diff in tpg. Definitely unrelated, at least. |
3.0.0 diff report as of 62b0ea0 |
* Changing IAM audit config to be authoritative * Remove unused code + test
* Changing IAM audit config to be authoritative * Remove unused code + test
* Changing IAM audit config to be authoritative * Remove unused code + test
* Changing IAM audit config to be authoritative * Remove unused code + test
* Changing IAM audit config to be authoritative * Remove unused code + test
* Changing IAM audit config to be authoritative * Remove unused code + test
* Changing IAM audit config to be authoritative * Remove unused code + test
* Changing IAM audit config to be authoritative * Remove unused code + test
* cloudbuild build trigger's trigger template should be required in 3.0.0. (#2352) * cloudbuild build trigger's trigger template should be required in 3.0.0. * Make backend_service.backends.group required. (#2373) * Remove Removed fields (#2391) * deprecated-->removed event notification config (#2390) * deprecated-->removed event notification config * remove singular config from tests/docs * pluralize * Update third_party/terraform/tests/resource_cloudiot_registry_test.go Co-Authored-By: Riley Karson <[email protected]> * Delete google_project_services in 3.0.0. (#2403) * Changing IAM audit config to be authoritative (#2438) * Changing IAM audit config to be authoritative * Remove unused code + test * Removing deprecated fields (#2436) * Add validation for scratch disks in Instance Template (#2282) * Add validation for scratch disks * Remove source from scratch disk * Use hardcoded image * Add reverse logic * Change default id format from {{name}} to self_link_uri (#2461) * Change default id format from {{name}} to self_link_uri * Updates to generated id formats (#2460) * Update ID fields for various MM-generated resources * gofmt -s -w extra file * Add userinfo.email to default scopes (#2473) * Set GKE Stackdriver defaults to GKE Stackdriver Monitoring (#2471) * only allow instance templates with 375gb scratch disks (#2495) * Update cloudfunction id for 3.0.0 release (#2501) * handle cloudfunctions deprecating nodejs6 (#2499) * Handwritten id updates for several compute resources (#2502) * Composer environment and compute attached disk id updates * Add compute instance * Add instance_from_group and instance_group * IGM id * Instance template tests passing * Add new id format to other calls of parseImportId in IGM * Small refactor to memoize var * Refactor, remove parseImportId in IGM * handle legacy network deprecation (#2508) * Fix gofmt diff in Cloud Functions (#2542) * More handwritten ids (#2527) * Fix cloudfunction formatting, migrate RIGM id * Update security policy resource id * Update target pool id format * Add new id for container cluster * Node pool id updates * PR feedback, using parseImportId for container resources * Formatting * fix container cluster (#2550) * Datasource id updates (#2544) * Update datasources * formatting * Even more handwritten ids (#2540) * Dataproc cluster, job, google project * Update sql ssl cert, database instance ids * Project id comparison include projects/ * remove kubernetes_dashboard from google_container_cluster (#2551) * Add back encoder that always sends autoCreateSubnetworks (#2558) * Allow defining empty taint, remove old DSF (#2537) * Remove encoder, can be done as send_empty_value on autoCreateSubnetworks (#2559) * deprecate 0.11 syntax in docs (datasources) (#2573) * deprecate 0.11 syntax in docs (resources) (#2574) * deprecate 0.11 syntax in docs (magic modules examples) (#2579) * remove long name behavior for pubsub subscriptions, clean up cu… (#2561) * remove long name behavior for pubsub subscriptions, clean up custom expanders * fix build * fix tests * Fix merge conflict in rigm test * Remove unused regexes from rigm (#2602) * Fix missing paren + bad var in resourcepolicy datasource 3.0.0 (#2600) * Test fixes based on integration tests, id formats + other easy fixes (#2605) * Test fixes based on integration tests, id formats + other easy fixes * Compute network id test update * Fix region disk test id * Update subnetwork to remove enable_flow_logs and depend on log_config instead (#2597) * Test updates to not depend on id format. Also test fixes (#2609) * Test updates to not depend on id format. Also test fixes * Typo * location -> region in node pool test * Cluster test fixes (#2611) * Fix container cluster tests, and signed url key, instance group * Fix invalid accessor * Update hand-written resources with `AtLeastOneOf` and `ExactlyOneOf` attributes (#2608) * Rigm/igm field removals for 3.0.0 (#2595) * Remove deprecated IGM fields for 3.0 * fix imports (#2619) * Remove automatic subnetwork creation in GKE (#2615) * Remove automatic subnetwork creation in GKE * Update docs, add Computed * More integration test fixes (#2617) * Fix bigtable for real, scratch disk size, target pool checks * Proxy test fixes * CloudIOT registry set removed field to nil. Add specific id format for access context manager * (r)igm imports for customdiff (#2623) * (r)igm imports for customdiff * Fix schema issues * Fix IGM custom diff and reuse method between resources (#2624) * Forwardingrule ip address (#2620) add the validation function * Remove unused sort import from rigm (#2625) * add composer test fixes, backend bucket signed url key (#2631) * Stop users from specifying bigquery-json in 3.0.0 (#2626) * Send null logConfig if subnetwork is L7ILB (#2635) * Send null logConfig if subnetwork is L7ILB * Move subnet ilb check to only if logConfig unspecified * deprecate 0.11 syntax in tests (datasources) (#2593) * Make master_authorized_networks_config.cidr_blocks Optional in… (#2642) * Make master_authorized_networks_config.cidr_blocks Optional in GKE * Add note * update magic module-generated resources with at_least_one_of (#2639) * add exactly_one_of to magic modules update comment * Update Data Fusion Instance to conform with 3.0.0 id updates (#2649) * Fix IAM doc id_format to new post 3.0.0 style * Add note on id format changes (#2656) * Add upgrade guide for subnetwork log_config (#2653) * Add upgrade guide for subnetwork log_config * Add examples for subnet logConfig update * Wording on upgrade guide * Add note on audit log config (#2658) * Add misc entries to the upgrade guide (#2657) * Add misc entries to the upgrade guide * Remove extra space * add info on scratch disk size and remove duplicate kms_key_self… (#2659) * Add upgrade guide notes. (#2663) * Add upgrade guide for forwarding rule validation (#2666) * Convert old import formats (using non-/) to use /. (#2638) * Convert old import formats (using non-/) to use /. * Upgrade proofreading (#2668) * Add upgrade note for IoT registry event_notification_configs (#2390) (#2651) Merged PR #2651. * sort upgrade guide; change wording in a few places * Password is not actually required. (#2670) * Add improved for_each non-module variant to project service upg… (#2671) * Update bigtable import & tests to 3.0 (#2673) * update upgrade guide (#2665) * update formatting for upgrade doc (#2674) * Add rigm to upgrade guide (#2667) Update docs to be accurate for 3.0 * proofreading changes (#2676) * Add back lost newlines
* Changing IAM audit config to be authoritative * Remove unused code + test
Release Note Template for Downstream PRs (will be copied)