Add new Config entity to Identitytoolkit, which allows programatic en…

…ablement (and later will hold project wide configuration settings
GoogleCloudPlatform · Sep 27, 2022 · 3441c8b · 3441c8b
1 parent e9ec4dc
commit 3441c8b
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 0 deletions.
diff --git a/mmv1/products/identityplatform/api.yaml b/mmv1/products/identityplatform/api.yaml
@@ -27,6 +27,36 @@ apis_required:
     name: Google Identity Platform
     url: https://console.cloud.google.com/marketplace/details/google-cloud-platform/customer-identity/
 objects:
+  - !ruby/object:Api::Resource
+    name: 'Config'
+    base_url: 'projects/{{project}}/config'
+    self_link: 'projects/{{project}}/config'
+    create_url: 'projects/{{project}}/identityPlatform:initializeAuth'
+    update_verb: :PATCH
+    update_mask: true
+    description: |
+      Identity Platform configuration for a Cloud project. Identity Platform is an
+      end-to-end authentication system for third-party users to access apps
+      and services.
+  
+      This entity is created only once during intialization and cannot be deleted, 
+      individual Identity Providers may be disabled instead.  This resource may only
+      be created in billing-enabled projects.
+    references: !ruby/object:Api::Resource::ReferenceLinks
+      guides:
+        'Official Documentation':
+          'https://cloud.google.com/identity-platform/docs'
+      api: 'https://cloud.google.com/identity-platform/docs/reference/rest/v2/Config'
+    properties:
+      - !ruby/object:Api::Type::String
+        name: 'name'
+        output: true
+        description: |
+          The name of the Config resource
+      - !ruby/object:Api::Type::Boolean
+        name: 'autodeleteAnonymousUsers'
+        description: |
+          Whether anonymous users will be auto-deleted after a period of 30 days
   - !ruby/object:Api::Resource
     name: 'DefaultSupportedIdpConfig'
     base_url: 'projects/{{project}}/defaultSupportedIdpConfigs'

diff --git a/mmv1/products/identityplatform/terraform.yaml b/mmv1/products/identityplatform/terraform.yaml
@@ -13,6 +13,21 @@
 
 --- !ruby/object:Provider::Terraform::Config
 overrides: !ruby/object:Overrides::ResourceOverrides
+  Config: !ruby/object:Overrides::Terraform::ResourceOverride
+    import_format: ["projects/{{project}}/config", "projects/{{project}}", "{{project}}"]
+    skip_delete: true
+    skip_sweeper: true
+    examples: 
+      - !ruby/object:Provider::Terraform::Examples
+        name: "identity_platform_config_basic"
+        primary_resource_id: "default"
+        vars:
+          instance_name: "memory-cache"
+        test_env_vars:
+          org_id: :ORG_ID
+          billing_acct: :BILLING_ACCT
+        # Resource creation race
+        skip_vcr: true
   DefaultSupportedIdpConfig: !ruby/object:Overrides::Terraform::ResourceOverride
     import_format: ["projects/{{project}}/defaultSupportedIdpConfigs/{{idp_id}}"]
     examples:

diff --git a/mmv1/templates/terraform/examples/identity_platform_config_basic.tf.erb b/mmv1/templates/terraform/examples/identity_platform_config_basic.tf.erb
@@ -0,0 +1,17 @@
+resource "google_project" "default" {
+  project_id = "tf-test%{random_suffix}"
+  name       = "tf-test%{random_suffix}"
+  org_id     = "<%= ctx[:test_env_vars]['org_id'] %>"
+  billing_account =  "<%= ctx[:test_env_vars]['billing_acct'] -%>"
+}
+
+resource "google_project_service" "apigee" {
+  project = google_project.project.project_id
+  service = "identitytoolkit.googleapis.com"
+}
+
+
+resource "google_identity_platform_config" "default" {
+  project = google_project.default.project_id
+  autodelete_anonymous_users = true
+}