This repository has been archived by the owner on Nov 14, 2024. It is now read-only.
forked from inspec/inspec-gcp
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #177 from slevenick/project-iam-policy
Project iam policy
- Loading branch information
Showing
91 changed files
with
343 additions
and
92 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
46 changes: 46 additions & 0 deletions
46
docs/resources/google_resourcemanager_project_iam_policy.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
--- | ||
title: About the google_resourcemanager_project_iam_policy resource | ||
platform: gcp | ||
--- | ||
|
||
## Syntax | ||
A `google_resourcemanager_project_iam_policy` is used to test a Google Project Iam Policy resource | ||
|
||
## Examples | ||
``` | ||
describe google_resourcemanager_project_iam_policy(project_id: "projectId") do | ||
it { should exist } | ||
end | ||
google_resourcemanager_project_iam_policy(project_id: "projectId").bindings.each do |binding| | ||
describe binding do | ||
its('role') { should eq 'roles/editor'} | ||
its('members') { should include 'user:[email protected]'} | ||
end | ||
end | ||
``` | ||
|
||
## Properties | ||
Properties that can be accessed from the `google_resourcemanager_project_iam_policy` resource: | ||
|
||
* `bindings`: Associates a list of members to a role. | ||
|
||
* `role`: Role that is assigned to members. For example, roles/viewer, roles/editor, or roles/owner. | ||
|
||
* `members`: Specifies the identities requesting access for a Cloud Platform resource. | ||
|
||
* `audit_configs`: Specifies cloud audit logging configuration for this policy. | ||
|
||
* `service`: Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. | ||
|
||
* `audit_log_configs`: The configuration for logging of each type of permission. | ||
|
||
* `log_type`: The log type that this config enables. For example, ADMIN_READ, DATA_WRITE or DATA_READ | ||
|
||
* `exempted_members`: Specifies the identities that do not cause logging for this type of permission. | ||
|
||
|
||
|
||
## GCP Permissions | ||
|
||
Ensure the [Cloud Resource Manager API](https://console.cloud.google.com/apis/library/cloudresourcemanager.googleapis.com/) is enabled for the current project. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
34 changes: 34 additions & 0 deletions
34
libraries/google/container/property/regionalcluster_addons_config_kubernetes_dashboard.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
module GoogleInSpec | ||
module Container | ||
module Property | ||
class RegionalClusterAddonsConfigKubernetesDashboard | ||
attr_reader :disabled | ||
|
||
def initialize(args = nil, parent_identifier = nil) | ||
return if args.nil? | ||
@parent_identifier = parent_identifier | ||
@disabled = args['disabled'] | ||
end | ||
|
||
def to_s | ||
"#{@parent_identifier} RegionalClusterAddonsConfigKubernetesDashboard" | ||
end | ||
end | ||
end | ||
end | ||
end |
38 changes: 38 additions & 0 deletions
38
libraries/google/container/property/regionalcluster_master_authorized_networks_config.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
require 'google/container/property/regionalcluster_master_authorized_networks_config_cidr_blocks' | ||
module GoogleInSpec | ||
module Container | ||
module Property | ||
class RegionalClusterMasterAuthorizedNetworksConfig | ||
attr_reader :enabled | ||
|
||
attr_reader :cidr_blocks | ||
|
||
def initialize(args = nil, parent_identifier = nil) | ||
return if args.nil? | ||
@parent_identifier = parent_identifier | ||
@enabled = args['enabled'] | ||
@cidr_blocks = GoogleInSpec::Container::Property::RegionalClusterMasterAuthorizedNetworksConfigCidrBlocksArray.parse(args['cidrBlocks'], to_s) | ||
end | ||
|
||
def to_s | ||
"#{@parent_identifier} RegionalClusterMasterAuthorizedNetworksConfig" | ||
end | ||
end | ||
end | ||
end | ||
end |
45 changes: 45 additions & 0 deletions
45
...oogle/container/property/regionalcluster_master_authorized_networks_config_cidr_blocks.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
module GoogleInSpec | ||
module Container | ||
module Property | ||
class RegionalClusterMasterAuthorizedNetworksConfigCidrBlocks | ||
attr_reader :display_name | ||
|
||
attr_reader :cidr_block | ||
|
||
def initialize(args = nil, parent_identifier = nil) | ||
return if args.nil? | ||
@parent_identifier = parent_identifier | ||
@display_name = args['displayName'] | ||
@cidr_block = args['cidrBlock'] | ||
end | ||
|
||
def to_s | ||
"#{@parent_identifier} RegionalClusterMasterAuthorizedNetworksConfigCidrBlocks" | ||
end | ||
end | ||
|
||
class RegionalClusterMasterAuthorizedNetworksConfigCidrBlocksArray | ||
def self.parse(value, parent_identifier) | ||
return if value.nil? | ||
return RegionalClusterMasterAuthorizedNetworksConfigCidrBlocks.new(value, parent_identifier) unless value.is_a?(::Array) | ||
value.map { |v| RegionalClusterMasterAuthorizedNetworksConfigCidrBlocks.new(v, parent_identifier) } | ||
end | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.