-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for IAM on Spanner Instances. #1387
Conversation
Support managing IAM policies on Spanner instances.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Just noticed I neglected to update the docs for this, I'll push a docs update momentarily. |
This has docs now. Still look good, @mbfrahry? |
|
||
Three different resources help you manage your IAM policy for a Spanner instance. Each of these resources serves a different use case: | ||
|
||
* `google_spanner_instance_iam_policy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consider a warning note here - we've gotten a user complaint or two that the docs don't strongly enough warn about the consequences of using foo_iam_policy
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 I'll do this for the database IAM docs I'm writing right now, too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just pushed a warning. Look good?
We already have this in spaner_database_iam, no need to reimplement it here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the delay - warning looks good to me.
…ner_instance_iam Add support for IAM on Spanner Instances.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks! |
Support managing IAM policies on Spanner instances.
Tests: