From b70764d6610660f405cbac0fe142a0a21a9c5d8f Mon Sep 17 00:00:00 2001 From: Nathan McKinley Date: Fri, 25 Oct 2019 20:22:21 +0000 Subject: [PATCH] Add description to service account. Signed-off-by: Modular Magician --- google/resource_app_engine_domain_mapping.go | 1 - google/resource_google_service_account.go | 19 ++++++++++++++++++- .../resource_google_service_account_test.go | 2 ++ .../r/google_service_account.html.markdown | 2 ++ 4 files changed, 22 insertions(+), 2 deletions(-) diff --git a/google/resource_app_engine_domain_mapping.go b/google/resource_app_engine_domain_mapping.go index 633489a5569..e97c364ccb9 100644 --- a/google/resource_app_engine_domain_mapping.go +++ b/google/resource_app_engine_domain_mapping.go @@ -78,7 +78,6 @@ func resourceAppEngineDomainMapping() *schema.Resource { Schema: map[string]*schema.Schema{ "certificate_id": { Type: schema.TypeString, - Computed: true, Optional: true, }, "ssl_management_type": { diff --git a/google/resource_google_service_account.go b/google/resource_google_service_account.go index b367b1a501c..86ee638df4c 100644 --- a/google/resource_google_service_account.go +++ b/google/resource_google_service_account.go @@ -3,6 +3,7 @@ package google import ( "fmt" "strings" + "time" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "google.golang.org/api/iam/v1" @@ -40,6 +41,10 @@ func resourceGoogleServiceAccount() *schema.Resource { Type: schema.TypeString, Optional: true, }, + "description": { + Type: schema.TypeString, + Optional: true, + }, "project": { Type: schema.TypeString, Computed: true, @@ -63,9 +68,11 @@ func resourceGoogleServiceAccountCreate(d *schema.ResourceData, meta interface{} } aid := d.Get("account_id").(string) displayName := d.Get("display_name").(string) + description := d.Get("description").(string) sa := &iam.ServiceAccount{ DisplayName: displayName, + Description: description, } r := &iam.CreateServiceAccountRequest{ @@ -79,6 +86,10 @@ func resourceGoogleServiceAccountCreate(d *schema.ResourceData, meta interface{} } d.SetId(sa.Name) + // This API is meant to be synchronous, but in practice it shows the old value for + // a few milliseconds after the update goes through. A second is more than enough + // time to ensure following reads are correct. + time.Sleep(time.Second) return resourceGoogleServiceAccountRead(d, meta) } @@ -98,6 +109,7 @@ func resourceGoogleServiceAccountRead(d *schema.ResourceData, meta interface{}) d.Set("account_id", strings.Split(sa.Email, "@")[0]) d.Set("name", sa.Name) d.Set("display_name", sa.DisplayName) + d.Set("description", sa.Description) return nil } @@ -114,7 +126,7 @@ func resourceGoogleServiceAccountDelete(d *schema.ResourceData, meta interface{} func resourceGoogleServiceAccountUpdate(d *schema.ResourceData, meta interface{}) error { config := meta.(*Config) - if ok := d.HasChange("display_name"); ok { + if d.HasChange("display_name") || d.HasChange("description") { sa, err := config.clientIAM.Projects.ServiceAccounts.Get(d.Id()).Do() if err != nil { return fmt.Errorf("Error retrieving service account %q: %s", d.Id(), err) @@ -122,11 +134,16 @@ func resourceGoogleServiceAccountUpdate(d *schema.ResourceData, meta interface{} _, err = config.clientIAM.Projects.ServiceAccounts.Update(d.Id(), &iam.ServiceAccount{ DisplayName: d.Get("display_name").(string), + Description: d.Get("description").(string), Etag: sa.Etag, }).Do() if err != nil { return fmt.Errorf("Error updating service account %q: %s", d.Id(), err) } + // This API is meant to be synchronous, but in practice it shows the old value for + // a few milliseconds after the update goes through. A second is more than enough + // time to ensure following reads are correct. + time.Sleep(time.Second) } return nil diff --git a/google/resource_google_service_account_test.go b/google/resource_google_service_account_test.go index 3b9c66a3eab..d44584bbbd4 100644 --- a/google/resource_google_service_account_test.go +++ b/google/resource_google_service_account_test.go @@ -95,6 +95,7 @@ func testAccServiceAccountBasic(account, name string) string { resource "google_service_account" "acceptance" { account_id = "%v" display_name = "%v" + description = "foo" } `, account, name) } @@ -105,6 +106,7 @@ resource "google_service_account" "acceptance" { project = "%v" account_id = "%v" display_name = "%v" + description = "foo" } `, project, account, name) } diff --git a/website/docs/r/google_service_account.html.markdown b/website/docs/r/google_service_account.html.markdown index 680fec6f206..0a35288b907 100644 --- a/website/docs/r/google_service_account.html.markdown +++ b/website/docs/r/google_service_account.html.markdown @@ -39,6 +39,8 @@ The following arguments are supported: * `display_name` - (Optional) The display name for the service account. Can be updated without creating a new resource. +* `description` - (Optional) A text description of the service account. + * `project` - (Optional) The ID of the project that the service account will be created in. Defaults to the provider project configuration.