From 9d7123f2fc85c29dd26474a98103540eb45c8730 Mon Sep 17 00:00:00 2001
From: William Siew <38149204+william8siew@users.noreply.github.com>
Date: Mon, 13 May 2024 10:31:05 -0500
Subject: [PATCH] instpol attrib enabled only (#125)

Signed-off-by: stephaniegalang <stephaniegalang@ibm.com>
Co-authored-by: stephaniegalang <stephaniegalang@ibm.com>
---
 instances.go | 31 +++++++++++++++++++++----------
 1 file changed, 21 insertions(+), 10 deletions(-)

diff --git a/instances.go b/instances.go
index 598de09..28e1646 100644
--- a/instances.go
+++ b/instances.go
@@ -492,6 +492,7 @@ func (c *Client) SetInstancePolicies(ctx context.Context, policies MultiplePolic
 			PolicyType: AllowedNetwork,
 			PolicyData: PolicyData{
 				Enabled: &(policies.AllowedNetwork.Enabled),
+				// due to legacy reasons, the allowed_network policy requires attribute to always be specified
 				Attributes: &Attributes{
 					AllowedNetwork: &(policies.AllowedNetwork.Network),
 				},
@@ -505,11 +506,16 @@ func (c *Client) SetInstancePolicies(ctx context.Context, policies MultiplePolic
 			PolicyType: AllowedIP,
 			PolicyData: PolicyData{
 				Enabled: &(policies.AllowedIP.Enabled),
-				Attributes: &Attributes{
-					AllowedIP: policies.AllowedIP.IPAddresses,
-				},
 			},
 		}
+
+		// attributes can only be provided if policy is being enabled
+		// ignore any attribute inputs if provided during a disable
+		if policies.AllowedIP.Enabled {
+			policy.PolicyData.Attributes = &Attributes{
+				AllowedIP: policies.AllowedIP.IPAddresses,
+			}
+		}
 		resPolicies = append(resPolicies, policy)
 	}
 
@@ -527,16 +533,21 @@ func (c *Client) SetInstancePolicies(ctx context.Context, policies MultiplePolic
 		policy := InstancePolicy{
 			PolicyType: KeyCreateImportAccess,
 			PolicyData: PolicyData{
-				Enabled:    &(policies.KeyCreateImportAccess.Enabled),
-				Attributes: &Attributes{},
+				Enabled: &(policies.KeyCreateImportAccess.Enabled),
 			},
 		}
 
-		policy.PolicyData.Attributes.CreateRootKey = &policies.KeyCreateImportAccess.CreateRootKey
-		policy.PolicyData.Attributes.CreateStandardKey = &policies.KeyCreateImportAccess.CreateStandardKey
-		policy.PolicyData.Attributes.ImportRootKey = &policies.KeyCreateImportAccess.ImportRootKey
-		policy.PolicyData.Attributes.ImportStandardKey = &policies.KeyCreateImportAccess.ImportStandardKey
-		policy.PolicyData.Attributes.EnforceToken = &policies.KeyCreateImportAccess.EnforceToken
+		// attributes can only be provided if policy is being enabled
+		// ignore any attribute inputs if provided during a disable
+		if policies.KeyCreateImportAccess.Enabled {
+			policy.PolicyData.Attributes = &Attributes{
+				CreateRootKey:     &policies.KeyCreateImportAccess.CreateRootKey,
+				CreateStandardKey: &policies.KeyCreateImportAccess.CreateStandardKey,
+				ImportRootKey:     &policies.KeyCreateImportAccess.ImportRootKey,
+				ImportStandardKey: &policies.KeyCreateImportAccess.ImportStandardKey,
+				EnforceToken:      &policies.KeyCreateImportAccess.EnforceToken,
+			}
+		}
 
 		resPolicies = append(resPolicies, policy)
 	}