diff --git a/.changelog/8776.txt b/.changelog/8776.txt new file mode 100644 index 00000000000..8ec013c0699 --- /dev/null +++ b/.changelog/8776.txt @@ -0,0 +1,3 @@ +```release-note:none + +``` diff --git a/google/provider/provider.go b/google/provider/provider.go index 6fcd69ba43f..3c8fc116896 100644 --- a/google/provider/provider.go +++ b/google/provider/provider.go @@ -1308,7 +1308,6 @@ func ResourceMapWithErrors() (map[string]*schema.Resource, error) { "google_gke_hub_feature_iam_binding": tpgiamresource.ResourceIamBinding(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer, gkehub2.GKEHub2FeatureIdParseFunc), "google_gke_hub_feature_iam_member": tpgiamresource.ResourceIamMember(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer, gkehub2.GKEHub2FeatureIdParseFunc), "google_gke_hub_feature_iam_policy": tpgiamresource.ResourceIamPolicy(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer, gkehub2.GKEHub2FeatureIdParseFunc), - "google_gke_hub_membership_rbac_role_binding": gkehub2.ResourceGKEHub2MembershipRBACRoleBinding(), "google_healthcare_consent_store": healthcare.ResourceHealthcareConsentStore(), "google_healthcare_consent_store_iam_binding": tpgiamresource.ResourceIamBinding(healthcare.HealthcareConsentStoreIamSchema, healthcare.HealthcareConsentStoreIamUpdaterProducer, healthcare.HealthcareConsentStoreIdParseFunc), "google_healthcare_consent_store_iam_member": tpgiamresource.ResourceIamMember(healthcare.HealthcareConsentStoreIamSchema, healthcare.HealthcareConsentStoreIamUpdaterProducer, healthcare.HealthcareConsentStoreIdParseFunc), diff --git a/google/services/gkehub2/resource_gke_hub_membership_rbac_role_binding.go b/google/services/gkehub2/resource_gke_hub_membership_rbac_role_binding.go deleted file mode 100644 index d674eb523cd..00000000000 --- a/google/services/gkehub2/resource_gke_hub_membership_rbac_role_binding.go +++ /dev/null @@ -1,457 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: MPL-2.0 - -// ---------------------------------------------------------------------------- -// -// *** AUTO GENERATED CODE *** Type: MMv1 *** -// -// ---------------------------------------------------------------------------- -// -// This file is automatically generated by Magic Modules and manual -// changes will be clobbered when the file is regenerated. -// -// Please read more about how to change this file in -// .github/CONTRIBUTING.md. -// -// ---------------------------------------------------------------------------- - -package gkehub2 - -import ( - "fmt" - "log" - "reflect" - "time" - - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - - "github.com/hashicorp/terraform-provider-google/google/tpgresource" - transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" - "github.com/hashicorp/terraform-provider-google/google/verify" -) - -func ResourceGKEHub2MembershipRBACRoleBinding() *schema.Resource { - return &schema.Resource{ - Create: resourceGKEHub2MembershipRBACRoleBindingCreate, - Read: resourceGKEHub2MembershipRBACRoleBindingRead, - Delete: resourceGKEHub2MembershipRBACRoleBindingDelete, - - Importer: &schema.ResourceImporter{ - State: resourceGKEHub2MembershipRBACRoleBindingImport, - }, - - Timeouts: &schema.ResourceTimeout{ - Create: schema.DefaultTimeout(20 * time.Minute), - Delete: schema.DefaultTimeout(20 * time.Minute), - }, - - Schema: map[string]*schema.Schema{ - "location": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - Description: `Location of the Membership`, - }, - "membership_rbac_role_binding_id": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - Description: `The client-provided identifier of the RBAC Role Binding.`, - }, - "membership_id": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - Description: `Id of the membership`, - }, - "role": { - Type: schema.TypeList, - Required: true, - ForceNew: true, - Description: `Role to bind to the principal.`, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "predefined_role": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - ValidateFunc: verify.ValidateEnum([]string{"UNKNOWN", "ADMIN", "EDIT", "VIEW", "ANTHOS_SUPPORT"}), - Description: `PredefinedRole is an ENUM representation of the default Kubernetes Roles Possible values: ["UNKNOWN", "ADMIN", "EDIT", "VIEW", "ANTHOS_SUPPORT"]`, - }, - }, - }, - }, - "user": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - Description: `Principal that is be authorized in the cluster (at least of one the oneof -is required). Updating one will unset the other automatically. -user is the name of the user as seen by the kubernetes cluster, example -"alice" or "alice@domain.tld"`, - }, - "create_time": { - Type: schema.TypeString, - Computed: true, - Description: `Time the RBAC Role Binding was created in UTC.`, - }, - "delete_time": { - Type: schema.TypeString, - Computed: true, - Description: `Time the RBAC Role Binding was deleted in UTC.`, - }, - "name": { - Type: schema.TypeString, - Computed: true, - Description: `The resource name for the RBAC Role Binding`, - }, - "state": { - Type: schema.TypeList, - Computed: true, - Description: `State of the RBAC Role Binding resource.`, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "code": { - Type: schema.TypeString, - Computed: true, - Description: `Code describes the state of a RBAC Role Binding resource.`, - }, - }, - }, - }, - "uid": { - Type: schema.TypeString, - Computed: true, - Description: `Google-generated UUID for this resource.`, - }, - "update_time": { - Type: schema.TypeString, - Computed: true, - Description: `Time the RBAC Role Binding was updated in UTC.`, - }, - "project": { - Type: schema.TypeString, - Optional: true, - Computed: true, - ForceNew: true, - }, - }, - UseJSONNumber: true, - } -} - -func resourceGKEHub2MembershipRBACRoleBindingCreate(d *schema.ResourceData, meta interface{}) error { - config := meta.(*transport_tpg.Config) - userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) - if err != nil { - return err - } - - obj := make(map[string]interface{}) - userProp, err := expandGKEHub2MembershipRBACRoleBindingUser(d.Get("user"), d, config) - if err != nil { - return err - } else if v, ok := d.GetOkExists("user"); !tpgresource.IsEmptyValue(reflect.ValueOf(userProp)) && (ok || !reflect.DeepEqual(v, userProp)) { - obj["user"] = userProp - } - roleProp, err := expandGKEHub2MembershipRBACRoleBindingRole(d.Get("role"), d, config) - if err != nil { - return err - } else if v, ok := d.GetOkExists("role"); !tpgresource.IsEmptyValue(reflect.ValueOf(roleProp)) && (ok || !reflect.DeepEqual(v, roleProp)) { - obj["role"] = roleProp - } - - url, err := tpgresource.ReplaceVars(d, config, "{{GKEHub2BasePath}}projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/?rbacrolebinding_id={{membership_rbac_role_binding_id}}") - if err != nil { - return err - } - - log.Printf("[DEBUG] Creating new MembershipRBACRoleBinding: %#v", obj) - billingProject := "" - - project, err := tpgresource.GetProject(d, config) - if err != nil { - return fmt.Errorf("Error fetching project for MembershipRBACRoleBinding: %s", err) - } - billingProject = project - - // err == nil indicates that the billing_project value was found - if bp, err := tpgresource.GetBillingProject(d, config); err == nil { - billingProject = bp - } - - res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ - Config: config, - Method: "POST", - Project: billingProject, - RawURL: url, - UserAgent: userAgent, - Body: obj, - Timeout: d.Timeout(schema.TimeoutCreate), - }) - if err != nil { - return fmt.Errorf("Error creating MembershipRBACRoleBinding: %s", err) - } - - // Store the ID now - id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}") - if err != nil { - return fmt.Errorf("Error constructing id: %s", err) - } - d.SetId(id) - - // Use the resource in the operation response to populate - // identity fields and d.Id() before read - var opRes map[string]interface{} - err = GKEHub2OperationWaitTimeWithResponse( - config, res, &opRes, project, "Creating MembershipRBACRoleBinding", userAgent, - d.Timeout(schema.TimeoutCreate)) - if err != nil { - // The resource didn't actually create - d.SetId("") - - return fmt.Errorf("Error waiting to create MembershipRBACRoleBinding: %s", err) - } - - if err := d.Set("name", flattenGKEHub2MembershipRBACRoleBindingName(opRes["name"], d, config)); err != nil { - return err - } - - // This may have caused the ID to update - update it if so. - id, err = tpgresource.ReplaceVars(d, config, "projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}") - if err != nil { - return fmt.Errorf("Error constructing id: %s", err) - } - d.SetId(id) - - log.Printf("[DEBUG] Finished creating MembershipRBACRoleBinding %q: %#v", d.Id(), res) - - return resourceGKEHub2MembershipRBACRoleBindingRead(d, meta) -} - -func resourceGKEHub2MembershipRBACRoleBindingRead(d *schema.ResourceData, meta interface{}) error { - config := meta.(*transport_tpg.Config) - userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) - if err != nil { - return err - } - - url, err := tpgresource.ReplaceVars(d, config, "{{GKEHub2BasePath}}projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}") - if err != nil { - return err - } - - billingProject := "" - - project, err := tpgresource.GetProject(d, config) - if err != nil { - return fmt.Errorf("Error fetching project for MembershipRBACRoleBinding: %s", err) - } - billingProject = project - - // err == nil indicates that the billing_project value was found - if bp, err := tpgresource.GetBillingProject(d, config); err == nil { - billingProject = bp - } - - res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ - Config: config, - Method: "GET", - Project: billingProject, - RawURL: url, - UserAgent: userAgent, - }) - if err != nil { - return transport_tpg.HandleNotFoundError(err, d, fmt.Sprintf("GKEHub2MembershipRBACRoleBinding %q", d.Id())) - } - - if err := d.Set("project", project); err != nil { - return fmt.Errorf("Error reading MembershipRBACRoleBinding: %s", err) - } - - if err := d.Set("name", flattenGKEHub2MembershipRBACRoleBindingName(res["name"], d, config)); err != nil { - return fmt.Errorf("Error reading MembershipRBACRoleBinding: %s", err) - } - if err := d.Set("uid", flattenGKEHub2MembershipRBACRoleBindingUid(res["uid"], d, config)); err != nil { - return fmt.Errorf("Error reading MembershipRBACRoleBinding: %s", err) - } - if err := d.Set("create_time", flattenGKEHub2MembershipRBACRoleBindingCreateTime(res["createTime"], d, config)); err != nil { - return fmt.Errorf("Error reading MembershipRBACRoleBinding: %s", err) - } - if err := d.Set("update_time", flattenGKEHub2MembershipRBACRoleBindingUpdateTime(res["updateTime"], d, config)); err != nil { - return fmt.Errorf("Error reading MembershipRBACRoleBinding: %s", err) - } - if err := d.Set("delete_time", flattenGKEHub2MembershipRBACRoleBindingDeleteTime(res["deleteTime"], d, config)); err != nil { - return fmt.Errorf("Error reading MembershipRBACRoleBinding: %s", err) - } - if err := d.Set("state", flattenGKEHub2MembershipRBACRoleBindingState(res["state"], d, config)); err != nil { - return fmt.Errorf("Error reading MembershipRBACRoleBinding: %s", err) - } - if err := d.Set("user", flattenGKEHub2MembershipRBACRoleBindingUser(res["user"], d, config)); err != nil { - return fmt.Errorf("Error reading MembershipRBACRoleBinding: %s", err) - } - if err := d.Set("role", flattenGKEHub2MembershipRBACRoleBindingRole(res["role"], d, config)); err != nil { - return fmt.Errorf("Error reading MembershipRBACRoleBinding: %s", err) - } - - return nil -} - -func resourceGKEHub2MembershipRBACRoleBindingDelete(d *schema.ResourceData, meta interface{}) error { - config := meta.(*transport_tpg.Config) - userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent) - if err != nil { - return err - } - - billingProject := "" - - project, err := tpgresource.GetProject(d, config) - if err != nil { - return fmt.Errorf("Error fetching project for MembershipRBACRoleBinding: %s", err) - } - billingProject = project - - url, err := tpgresource.ReplaceVars(d, config, "{{GKEHub2BasePath}}projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}") - if err != nil { - return err - } - - var obj map[string]interface{} - log.Printf("[DEBUG] Deleting MembershipRBACRoleBinding %q", d.Id()) - - // err == nil indicates that the billing_project value was found - if bp, err := tpgresource.GetBillingProject(d, config); err == nil { - billingProject = bp - } - - res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ - Config: config, - Method: "DELETE", - Project: billingProject, - RawURL: url, - UserAgent: userAgent, - Body: obj, - Timeout: d.Timeout(schema.TimeoutDelete), - }) - if err != nil { - return transport_tpg.HandleNotFoundError(err, d, "MembershipRBACRoleBinding") - } - - err = GKEHub2OperationWaitTime( - config, res, project, "Deleting MembershipRBACRoleBinding", userAgent, - d.Timeout(schema.TimeoutDelete)) - - if err != nil { - return err - } - - log.Printf("[DEBUG] Finished deleting MembershipRBACRoleBinding %q: %#v", d.Id(), res) - return nil -} - -func resourceGKEHub2MembershipRBACRoleBindingImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { - config := meta.(*transport_tpg.Config) - if err := tpgresource.ParseImportId([]string{ - "projects/(?P[^/]+)/locations/(?P[^/]+)/memberships/(?P[^/]+)/rbacrolebindings/(?P[^/]+)", - "(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/(?P[^/]+)", - "(?P[^/]+)/(?P[^/]+)/(?P[^/]+)", - }, d, config); err != nil { - return nil, err - } - - // Replace import id for the resource id - id, err := tpgresource.ReplaceVars(d, config, "projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}") - if err != nil { - return nil, fmt.Errorf("Error constructing id: %s", err) - } - d.SetId(id) - - return []*schema.ResourceData{d}, nil -} - -func flattenGKEHub2MembershipRBACRoleBindingName(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - return v -} - -func flattenGKEHub2MembershipRBACRoleBindingUid(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - return v -} - -func flattenGKEHub2MembershipRBACRoleBindingCreateTime(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - return v -} - -func flattenGKEHub2MembershipRBACRoleBindingUpdateTime(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - return v -} - -func flattenGKEHub2MembershipRBACRoleBindingDeleteTime(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - return v -} - -func flattenGKEHub2MembershipRBACRoleBindingState(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - if v == nil { - return nil - } - original := v.(map[string]interface{}) - if len(original) == 0 { - return nil - } - transformed := make(map[string]interface{}) - transformed["code"] = - flattenGKEHub2MembershipRBACRoleBindingStateCode(original["code"], d, config) - return []interface{}{transformed} -} -func flattenGKEHub2MembershipRBACRoleBindingStateCode(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - return v -} - -func flattenGKEHub2MembershipRBACRoleBindingUser(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - return v -} - -func flattenGKEHub2MembershipRBACRoleBindingRole(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - if v == nil { - return nil - } - original := v.(map[string]interface{}) - if len(original) == 0 { - return nil - } - transformed := make(map[string]interface{}) - transformed["predefined_role"] = - flattenGKEHub2MembershipRBACRoleBindingRolePredefinedRole(original["predefinedRole"], d, config) - return []interface{}{transformed} -} -func flattenGKEHub2MembershipRBACRoleBindingRolePredefinedRole(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} { - return v -} - -func expandGKEHub2MembershipRBACRoleBindingUser(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { - return v, nil -} - -func expandGKEHub2MembershipRBACRoleBindingRole(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { - l := v.([]interface{}) - if len(l) == 0 || l[0] == nil { - return nil, nil - } - raw := l[0] - original := raw.(map[string]interface{}) - transformed := make(map[string]interface{}) - - transformedPredefinedRole, err := expandGKEHub2MembershipRBACRoleBindingRolePredefinedRole(original["predefined_role"], d, config) - if err != nil { - return nil, err - } else if val := reflect.ValueOf(transformedPredefinedRole); val.IsValid() && !tpgresource.IsEmptyValue(val) { - transformed["predefinedRole"] = transformedPredefinedRole - } - - return transformed, nil -} - -func expandGKEHub2MembershipRBACRoleBindingRolePredefinedRole(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) { - return v, nil -} diff --git a/google/services/gkehub2/resource_gke_hub_membership_rbac_role_binding_generated_test.go b/google/services/gkehub2/resource_gke_hub_membership_rbac_role_binding_generated_test.go deleted file mode 100644 index ffd3a83516a..00000000000 --- a/google/services/gkehub2/resource_gke_hub_membership_rbac_role_binding_generated_test.go +++ /dev/null @@ -1,131 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: MPL-2.0 - -// ---------------------------------------------------------------------------- -// -// *** AUTO GENERATED CODE *** Type: MMv1 *** -// -// ---------------------------------------------------------------------------- -// -// This file is automatically generated by Magic Modules and manual -// changes will be clobbered when the file is regenerated. -// -// Please read more about how to change this file in -// .github/CONTRIBUTING.md. -// -// ---------------------------------------------------------------------------- - -package gkehub2_test - -import ( - "fmt" - "strings" - "testing" - - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" - "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" - - "github.com/hashicorp/terraform-provider-google/google/acctest" - "github.com/hashicorp/terraform-provider-google/google/envvar" - "github.com/hashicorp/terraform-provider-google/google/tpgresource" - transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport" -) - -func TestAccGKEHub2MembershipRBACRoleBinding_gkehubMembershipRbacRoleBindingBasicExample(t *testing.T) { - t.Parallel() - - context := map[string]interface{}{ - "project": envvar.GetTestProjectFromEnv(), - "random_suffix": acctest.RandString(t, 10), - } - - acctest.VcrTest(t, resource.TestCase{ - PreCheck: func() { acctest.AccTestPreCheck(t) }, - ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), - CheckDestroy: testAccCheckGKEHub2MembershipRBACRoleBindingDestroyProducer(t), - Steps: []resource.TestStep{ - { - Config: testAccGKEHub2MembershipRBACRoleBinding_gkehubMembershipRbacRoleBindingBasicExample(context), - }, - { - ResourceName: "google_gke_hub_membership_rbac_role_binding.membershiprbacrolebinding", - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"membership_rbac_role_binding_id", "membership_id", "location"}, - }, - }, - }) -} - -func testAccGKEHub2MembershipRBACRoleBinding_gkehubMembershipRbacRoleBindingBasicExample(context map[string]interface{}) string { - return acctest.Nprintf(` -resource "google_container_cluster" "primary" { - name = "basiccluster%{random_suffix}" - location = "us-central1-a" - initial_node_count = 1 -} - -resource "google_gke_hub_membership" "membershiprbacrolebinding" { - membership_id = "tf-test-membership%{random_suffix}" - endpoint { - gke_cluster { - resource_link = "//container.googleapis.com/${google_container_cluster.primary.id}" - } - } - - depends_on = [google_container_cluster.primary] -} - -resource "google_gke_hub_membership_rbac_role_binding" "membershiprbacrolebinding" { - membership_rbac_role_binding_id = "tf-test-membership-rbac-role-binding%{random_suffix}" - membership_id = "tf-test-membership%{random_suffix}" - user = "service-${data.google_project.project.number}@gcp-sa-anthossupport.iam.gserviceaccount.com" - role { - predefined_role = "ANTHOS_SUPPORT" - } - location = "global" - depends_on = [google_gke_hub_membership.membershiprbacrolebinding] -} - -data "google_project" "project" {} -`, context) -} - -func testAccCheckGKEHub2MembershipRBACRoleBindingDestroyProducer(t *testing.T) func(s *terraform.State) error { - return func(s *terraform.State) error { - for name, rs := range s.RootModule().Resources { - if rs.Type != "google_gke_hub_membership_rbac_role_binding" { - continue - } - if strings.HasPrefix(name, "data.") { - continue - } - - config := acctest.GoogleProviderConfig(t) - - url, err := tpgresource.ReplaceVarsForTest(config, rs, "{{GKEHub2BasePath}}projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}") - if err != nil { - return err - } - - billingProject := "" - - if config.BillingProject != "" { - billingProject = config.BillingProject - } - - _, err = transport_tpg.SendRequest(transport_tpg.SendRequestOptions{ - Config: config, - Method: "GET", - Project: billingProject, - RawURL: url, - UserAgent: config.UserAgent, - }) - if err == nil { - return fmt.Errorf("GKEHub2MembershipRBACRoleBinding still exists at %s", url) - } - } - - return nil - } -} diff --git a/website/docs/r/gke_hub_membership_rbac_role_binding.html.markdown b/website/docs/r/gke_hub_membership_rbac_role_binding.html.markdown index 4470c0c3144..67a719ad7f6 100644 --- a/website/docs/r/gke_hub_membership_rbac_role_binding.html.markdown +++ b/website/docs/r/gke_hub_membership_rbac_role_binding.html.markdown @@ -21,6 +21,8 @@ description: |- RBACRoleBinding represents a rbacrolebinding across the Fleet. +~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider. +See [Provider Versions](https://terraform.io/docs/providers/google/guides/provider_versions.html) for more details on beta resources. To get more information about MembershipRBACRoleBinding, see: @@ -33,23 +35,26 @@ To get more information about MembershipRBACRoleBinding, see: ```hcl resource "google_container_cluster" "primary" { + provider = google-beta name = "basiccluster" location = "us-central1-a" initial_node_count = 1 } resource "google_gke_hub_membership" "membershiprbacrolebinding" { + provider = google-beta membership_id = "tf-test-membership%{random_suffix}" endpoint { gke_cluster { resource_link = "//container.googleapis.com/${google_container_cluster.primary.id}" } } - + depends_on = [google_container_cluster.primary] } resource "google_gke_hub_membership_rbac_role_binding" "membershiprbacrolebinding" { + provider = google-beta membership_rbac_role_binding_id = "tf-test-membership-rbac-role-binding%{random_suffix}" membership_id = "tf-test-membership%{random_suffix}" user = "service-${data.google_project.project.number}@gcp-sa-anthossupport.iam.gserviceaccount.com" @@ -60,7 +65,9 @@ resource "google_gke_hub_membership_rbac_role_binding" "membershiprbacrolebindin depends_on = [google_gke_hub_membership.membershiprbacrolebinding] } -data "google_project" "project" {} +data "google_project" "project" { + provider = google-beta +} ``` ## Argument Reference