From 4c0ba73545f35ff010280872251c7ed3b8ac660c Mon Sep 17 00:00:00 2001 From: Chris Stephens Date: Wed, 19 Feb 2020 09:50:08 -0800 Subject: [PATCH] Google project precheck (#3145) * project: check for billing account perms as pre-requisite * outdent * typo * rm type from error message * simplify perms check * simplify bool check * simplify bool check Co-authored-by: Umair Idris --- .../resources/resource_google_project.go | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/third_party/terraform/resources/resource_google_project.go b/third_party/terraform/resources/resource_google_project.go index 4862b46b0ce1..49f843f9b928 100644 --- a/third_party/terraform/resources/resource_google_project.go +++ b/third_party/terraform/resources/resource_google_project.go @@ -94,6 +94,10 @@ func resourceGoogleProject() *schema.Resource { func resourceGoogleProjectCreate(d *schema.ResourceData, meta interface{}) error { config := meta.(*Config) + if err := resourceGoogleProjectCheckPreRequisites(config, d); err != nil { + return fmt.Errorf("failed pre-requisites: %v", err) + } + var pid string var err error pid = d.Get("project_id").(string) @@ -173,6 +177,26 @@ func resourceGoogleProjectCreate(d *schema.ResourceData, meta interface{}) error return nil } +func resourceGoogleProjectCheckPreRequisites(config *Config, d *schema.ResourceData) error { + ib, ok := d.GetOk("billing_account") + if !ok { + return nil + } + ba := "billingAccounts/" + ib.(string) + const perm = "billing.resourceAssociations.create" + req := &cloudbilling.TestIamPermissionsRequest{ + Permissions: []string{perm}, + } + resp, err := config.clientBilling.BillingAccounts.TestIamPermissions(ba, req).Do() + if err != nil { + return fmt.Errorf("failed to check permissions on billing account %q: %v", ba, err) + } + if !stringInSlice(resp.Permissions, perm) { + return fmt.Errorf("missing permission on %q: %v", ba, perm) + } + return nil +} + func resourceGoogleProjectRead(d *schema.ResourceData, meta interface{}) error { config := meta.(*Config) parts := strings.Split(d.Id(), "/")