Add description to service account. (#4734)

Signed-off-by: Modular Magician <[email protected]>
hashicorp · Oct 25, 2019 · 887d1b1 · 887d1b1
1 parent 77891f3
commit 887d1b1
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 1 deletion.
diff --git a/google/resource_google_service_account.go b/google/resource_google_service_account.go
@@ -3,6 +3,7 @@ package google
 import (
 	"fmt"
 	"strings"
+	"time"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"google.golang.org/api/iam/v1"
@@ -40,6 +41,10 @@ func resourceGoogleServiceAccount() *schema.Resource {
 				Type:     schema.TypeString,
 				Optional: true,
 			},
+			"description": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
 			"project": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -63,9 +68,11 @@ func resourceGoogleServiceAccountCreate(d *schema.ResourceData, meta interface{}
 	}
 	aid := d.Get("account_id").(string)
 	displayName := d.Get("display_name").(string)
+	description := d.Get("description").(string)
 
 	sa := &iam.ServiceAccount{
 		DisplayName: displayName,
+		Description: description,
 	}
 
 	r := &iam.CreateServiceAccountRequest{
@@ -79,6 +86,10 @@ func resourceGoogleServiceAccountCreate(d *schema.ResourceData, meta interface{}
 	}
 
 	d.SetId(sa.Name)
+	// This API is meant to be synchronous, but in practice it shows the old value for
+	// a few milliseconds after the update goes through.  A second is more than enough
+	// time to ensure following reads are correct.
+	time.Sleep(time.Second)
 
 	return resourceGoogleServiceAccountRead(d, meta)
 }
@@ -98,6 +109,7 @@ func resourceGoogleServiceAccountRead(d *schema.ResourceData, meta interface{})
 	d.Set("account_id", strings.Split(sa.Email, "@")[0])
 	d.Set("name", sa.Name)
 	d.Set("display_name", sa.DisplayName)
+	d.Set("description", sa.Description)
 	return nil
 }
 
@@ -114,19 +126,22 @@ func resourceGoogleServiceAccountDelete(d *schema.ResourceData, meta interface{}
 
 func resourceGoogleServiceAccountUpdate(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
-	if ok := d.HasChange("display_name"); ok {
+	if d.HasChange("display_name") || d.HasChange("description") {
 		sa, err := config.clientIAM.Projects.ServiceAccounts.Get(d.Id()).Do()
 		if err != nil {
 			return fmt.Errorf("Error retrieving service account %q: %s", d.Id(), err)
 		}
 		_, err = config.clientIAM.Projects.ServiceAccounts.Update(d.Id(),
 			&iam.ServiceAccount{
 				DisplayName: d.Get("display_name").(string),
+				Description: d.Get("description").(string),
 				Etag:        sa.Etag,
 			}).Do()
 		if err != nil {
 			return fmt.Errorf("Error updating service account %q: %s", d.Id(), err)
 		}
+		// See comment in Create.
+		time.Sleep(time.Second)
 	}
 
 	return nil

diff --git a/google/resource_google_service_account_test.go b/google/resource_google_service_account_test.go
@@ -95,6 +95,7 @@ func testAccServiceAccountBasic(account, name string) string {
 resource "google_service_account" "acceptance" {
     account_id = "%v"
     display_name = "%v"
+    description = "foo"
 }
 `, account, name)
 }
@@ -105,6 +106,7 @@ resource "google_service_account" "acceptance" {
     project = "%v"
     account_id = "%v"
     display_name = "%v"
+    description = "foo"
 }
 `, project, account, name)
 }
diff --git a/website/docs/r/google_service_account.html.markdown b/website/docs/r/google_service_account.html.markdown
@@ -39,6 +39,8 @@ The following arguments are supported:
 * `display_name` - (Optional) The display name for the service account.
     Can be updated without creating a new resource.
 
+* `description` - (Optional) A text description of the service account.
+
 * `project` - (Optional) The ID of the project that the service account will be created in.
     Defaults to the provider project configuration.