hashicorp · modular-magician · Nov 13, 2020 · Nov 13, 2020
diff --git a/.changelog/4185.txt b/.changelog/4185.txt
@@ -0,0 +1,12 @@
+```release-note:new-resource
+google_healthcare_consent_store_iam_binding
+```
+```release-note:new-resource
+google_healthcare_consent_store_iam_member
+```
+```release-note:new-resource
+google_healthcare_consent_store_iam_policy
+```
+```release-note:new-resource
+google_healthcare_consent_store
+```
diff --git a/website/docs/r/healthcare_consent_store.html.markdown b/website/docs/r/healthcare_consent_store.html.markdown
@@ -0,0 +1,195 @@
+---
+# ----------------------------------------------------------------------------
+#
+#     ***     AUTO GENERATED CODE    ***    AUTO GENERATED CODE     ***
+#
+# ----------------------------------------------------------------------------
+#
+#     This file is automatically generated by Magic Modules and manual
+#     changes will be clobbered when the file is regenerated.
+#
+#     Please read more about how to change this file in
+#     .github/CONTRIBUTING.md.
+#
+# ----------------------------------------------------------------------------
+subcategory: "Cloud Healthcare"
+layout: "google"
+page_title: "Google: google_healthcare_consent_store"
+sidebar_current: "docs-google-healthcare-consent-store"
+description: |-
+  The Consent Management API is a tool for tracking user consents and the documentation associated with the consents.
+---
+
+# google\_healthcare\_consent\_store
+
+The Consent Management API is a tool for tracking user consents and the documentation associated with the consents. 
+
+~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider.
+See [Provider Versions](https://terraform.io/docs/providers/google/guides/provider_versions.html) for more details on beta resources.
+
+To get more information about ConsentStore, see:
+
+* [API documentation](https://cloud.google.com/healthcare/docs/reference/rest/v1beta1/projects.locations.datasets.consentStores)
+* How-to Guides
+    * [Creating a Consent store](https://cloud.google.com/healthcare/docs/how-tos/consent)
+
+<div class = "oics-button" style="float: right; margin: 0 0 -15px">
+  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=healthcare_consent_store_basic&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
+    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
+  </a>
+</div>
+## Example Usage - Healthcare Consent Store Basic
+
+
+```hcl
+resource "google_healthcare_dataset" "dataset" {
+  provider = google-beta
+
+  location = "us-central1"
+  name     = "my-dataset"
+}
+
+resource "google_healthcare_consent_store" "my-consent" {
+  provider = google-beta
+
+  dataset = google_healthcare_dataset.dataset.id
+  name    = "my-consent-store"
+}
+```
+<div class = "oics-button" style="float: right; margin: 0 0 -15px">
+  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=healthcare_consent_store_full&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
+    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
+  </a>
+</div>
+## Example Usage - Healthcare Consent Store Full
+
+
+```hcl
+
+resource "google_healthcare_dataset" "dataset" {
+  provider = google-beta
+
+  location = "us-central1"
+  name     = "my-dataset"
+}
+
+resource "google_healthcare_consent_store" "my-consent" {
+  provider = google-beta
+
+  dataset = google_healthcare_dataset.dataset.id
+  name    = "my-consent-store"
+
+  enable_consent_create_on_update = true
+  default_consent_ttl             = "90000s"
+
+  labels = {
+    "label1" = "labelvalue1"
+  }
+}
+```
+<div class = "oics-button" style="float: right; margin: 0 0 -15px">
+  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=healthcare_consent_store_iam&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
+    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
+  </a>
+</div>
+## Example Usage - Healthcare Consent Store Iam
+
+
+```hcl
+resource "google_healthcare_dataset" "dataset" {
+  provider = google-beta
+
+  location = "us-central1"
+  name     = "my-dataset"
+}
+
+resource "google_healthcare_consent_store" "my-consent" {
+  provider = google-beta
+
+  dataset = google_healthcare_dataset.dataset.id
+  name    = "my-consent-store"
+}
+
+resource "google_service_account" "test-account" {
+  provider = google-beta
+
+  account_id   = "my-account"
+  display_name = "Test Service Account"
+}
+
+resource "google_healthcare_consent_store_iam_member" "test-iam" {
+  provider = google-beta
+
+  dataset          = google_healthcare_dataset.dataset.id
+  consent_store_id = google_healthcare_consent_store.my-consent.name
+  role             = "roles/editor"
+  member           = "serviceAccount:${google_service_account.test-account.email}"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+
+* `name` -
+  (Required)
+  The name of this ConsentStore, for example:
+  "consent1"
+
+* `dataset` -
+  (Required)
+  Identifies the dataset addressed by this request. Must be in the format
+  'projects/{project}/locations/{location}/datasets/{dataset}'
+
+
+- - -
+
+
+* `default_consent_ttl` -
+  (Optional)
+  Default time to live for consents in this store. Must be at least 24 hours. Updating this field will not affect the expiration time of existing consents.
+  A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
+
+* `enable_consent_create_on_update` -
+  (Optional)
+  If true, [consents.patch] [google.cloud.healthcare.v1beta1.consent.UpdateConsent] creates the consent if it does not already exist.
+
+* `labels` -
+  (Optional)
+  User-supplied key-value pairs used to organize Consent stores.
+  Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must
+  conform to the following PCRE regular expression: `[\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}`
+  Label values are optional, must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128
+  bytes, and must conform to the following PCRE regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`
+  No more than 64 labels can be associated with a given store.
+  An object containing a list of "key": value pairs.
+  Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
+
+
+## Attributes Reference
+
+In addition to the arguments listed above, the following computed attributes are exported:
+
+* `id` - an identifier for the resource with format `{{dataset}}/consentStores/{{name}}`
+
+
+## Timeouts
+
+This resource provides the following
+[Timeouts](/docs/configuration/resources.html#timeouts) configuration options:
+
+- `create` - Default is 4 minutes.
+- `update` - Default is 4 minutes.
+- `delete` - Default is 4 minutes.
+
+## Import
+
+
+ConsentStore can be imported using any of these accepted formats:
+
+```
+$ terraform import google_healthcare_consent_store.default {{dataset}}/consentStores/{{name}}
+$ terraform import google_healthcare_consent_store.default {{dataset}}/{{name}}
+$ terraform import google_healthcare_consent_store.default {{name}}
+```
diff --git a/website/docs/r/healthcare_consent_store_iam.html.markdown b/website/docs/r/healthcare_consent_store_iam.html.markdown
@@ -0,0 +1,140 @@
+---
+# ----------------------------------------------------------------------------
+#
+#     ***     AUTO GENERATED CODE    ***    AUTO GENERATED CODE     ***
+#
+# ----------------------------------------------------------------------------
+#
+#     This file is automatically generated by Magic Modules and manual
+#     changes will be clobbered when the file is regenerated.
+#
+#     Please read more about how to change this file in
+#     .github/CONTRIBUTING.md.
+#
+# ----------------------------------------------------------------------------
+subcategory: "Cloud Healthcare"
+layout: "google"
+page_title: "Google: google_healthcare_consent_store_iam"
+sidebar_current: "docs-google-healthcare-consent-store-iam"
+description: |-
+  Collection of resources to manage IAM policy for Cloud Healthcare ConsentStore
+---
+
+# IAM policy for Cloud Healthcare ConsentStore
+Three different resources help you manage your IAM policy for Cloud Healthcare ConsentStore. Each of these resources serves a different use case:
+
+* `google_healthcare_consent_store_iam_policy`: Authoritative. Sets the IAM policy for the consentstore and replaces any existing policy already attached.
+* `google_healthcare_consent_store_iam_binding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the consentstore are preserved.
+* `google_healthcare_consent_store_iam_member`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the consentstore are preserved.
+
+~> **Note:** `google_healthcare_consent_store_iam_policy` **cannot** be used in conjunction with `google_healthcare_consent_store_iam_binding` and `google_healthcare_consent_store_iam_member` or they will fight over what your policy should be.
+
+~> **Note:** `google_healthcare_consent_store_iam_binding` resources **can be** used in conjunction with `google_healthcare_consent_store_iam_member` resources **only if** they do not grant privilege to the same role.
+
+~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider.
+See [Provider Versions](https://terraform.io/docs/providers/google/guides/provider_versions.html) for more details on beta resources.
+
+
+## google\_healthcare\_consent\_store\_iam\_policy
+
+```hcl
+data "google_iam_policy" "admin" {
+  binding {
+    role = "roles/viewer"
+    members = [
+      "user:[email protected]",
+    ]
+  }
+}
+
+resource "google_healthcare_consent_store_iam_policy" "policy" {
+  dataset = google_healthcare_consent_store.my-consent.dataset
+  consent_store_id = google_healthcare_consent_store.my-consent.name
+  policy_data = data.google_iam_policy.admin.policy_data
+}
+```
+
+## google\_healthcare\_consent\_store\_iam\_binding
+
+```hcl
+resource "google_healthcare_consent_store_iam_binding" "binding" {
+  dataset = google_healthcare_consent_store.my-consent.dataset
+  consent_store_id = google_healthcare_consent_store.my-consent.name
+  role = "roles/viewer"
+  members = [
+    "user:[email protected]",
+  ]
+}
+```
+
+## google\_healthcare\_consent\_store\_iam\_member
+
+```hcl
+resource "google_healthcare_consent_store_iam_member" "member" {
+  dataset = google_healthcare_consent_store.my-consent.dataset
+  consent_store_id = google_healthcare_consent_store.my-consent.name
+  role = "roles/viewer"
+  member = "user:[email protected]"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `consent_store_id` - (Required) Used to find the parent resource to bind the IAM policy to
+* `dataset` - (Required) Identifies the dataset addressed by this request. Must be in the format
+'projects/{project}/locations/{location}/datasets/{dataset}'
+ Used to find the parent resource to bind the IAM policy to
+
+* `member/members` - (Required) Identities that will be granted the privilege in `role`.
+  Each entry can have one of the following values:
+  * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
+  * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+  * **user:{emailid}**: An email address that represents a specific Google account. For example, [email protected] or [email protected].
+  * **serviceAccount:{emailid}**: An email address that represents a service account. For example, [email protected].
+  * **group:{emailid}**: An email address that represents a Google group. For example, [email protected].
+  * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
+
+* `role` - (Required) The role that should be applied. Only one
+    `google_healthcare_consent_store_iam_binding` can be used per role. Note that custom roles must be of the format
+    `[projects|organizations]/{parent-name}/roles/{role-name}`.
+
+* `policy_data` - (Required only by `google_healthcare_consent_store_iam_policy`) The policy data generated by
+  a `google_iam_policy` data source.
+
+## Attributes Reference
+
+In addition to the arguments listed above, the following computed attributes are
+exported:
+
+* `etag` - (Computed) The etag of the IAM policy.
+
+## Import
+
+For all import syntaxes, the "resource in question" can take any of the following forms:
+
+* {{dataset}}/consentStores/{{name}}
+* {{name}}
+
+Any variables not passed in the import command will be taken from the provider configuration.
+
+Cloud Healthcare consentstore IAM resources can be imported using the resource identifiers, role, and member.
+
+IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.
+```
+$ terraform import google_healthcare_consent_store_iam_member.editor "{{dataset}}/consentStores/{{consent_store}} roles/viewer user:[email protected]"
+```
+
+IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.
+```
+$ terraform import google_healthcare_consent_store_iam_binding.editor "{{dataset}}/consentStores/{{consent_store}} roles/viewer"
+```
+
+IAM policy imports use the identifier of the resource in question, e.g.
+```
+$ terraform import google_healthcare_consent_store_iam_policy.editor {{dataset}}/consentStores/{{consent_store}}
+```
+
+-> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the
+ full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
diff --git a/website/google.erb b/website/google.erb
@@ -748,6 +748,14 @@
         <a href="#">Resources</a>
         <ul class="nav nav-auto-expand">
 
+          <li>
+          <a href="/docs/providers/google/r/healthcare_consent_store.html">google_healthcare_consent_store</a>
+          </li>
+
+          <li>
+          <a href="/docs/providers/google/r/healthcare_consent_store_iam.html">google_healthcare_consent_store_iam</a>
+          </li>
+
           <li>
           <a href="/docs/providers/google/r/healthcare_dataset.html">google_healthcare_dataset</a>
           </li>