forked from hashicorp/terraform-provider-google
/
data_source_cloud_identity_group_lookup.go
103 lines (89 loc) · 3.54 KB
/
data_source_cloud_identity_group_lookup.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package cloudidentity
import (
"fmt"
"time"
"github.com/hashicorp/terraform-provider-google/google/tpgresource"
transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)
func DataSourceGoogleCloudIdentityGroupLookup() *schema.Resource {
return &schema.Resource{
Read: dataSourceGoogleCloudIdentityGroupLookupRead,
Schema: map[string]*schema.Schema{
"name": {
Type: schema.TypeString,
Computed: true,
Description: `The [resource name](https://cloud.google.com/apis/design/resource_names) of the looked-up Group.`,
},
"group_key": {
Type: schema.TypeList,
MaxItems: 1,
Required: true,
Description: `The EntityKey of the Group to lookup. A unique identifier for an entity in the Cloud Identity Groups API.
An entity can represent either a group with an optional namespace or a user without a namespace.
The combination of id and namespace must be unique; however, the same id can be used with different namespaces.`,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"id": {
Type: schema.TypeString,
Required: true,
Description: `The ID of the entity. For Google-managed entities, the id should be the email address of an existing group or user.
For external-identity-mapped entities, the id must be a string conforming to the Identity Source's requirements.
Must be unique within a namespace.`,
},
"namespace": {
Type: schema.TypeString,
Optional: true,
Description: `The namespace in which the entity exists. If not specified, the EntityKey represents a Google-managed entity such as a Google user or a Google Group.
If specified, the EntityKey represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of identitysources/{identity_source}.`,
},
},
},
},
},
}
}
func dataSourceGoogleCloudIdentityGroupLookupRead(d *schema.ResourceData, meta interface{}) error {
config := meta.(*transport_tpg.Config)
userAgent, err := tpgresource.GenerateUserAgentString(d, config.UserAgent)
if err != nil {
return err
}
gkId, ok := d.GetOk("group_key.0.id")
if !ok {
return fmt.Errorf("error getting group key id")
}
id := gkId.(string)
groupsLookupCall := config.NewCloudIdentityClient(userAgent).Groups.Lookup().GroupKeyId(id)
gkNamespace, ok := d.GetOk("group_key.0.namespace")
if ok {
// If optional namespace argument provided, add as param to API call
namespace := gkNamespace.(string)
groupsLookupCall = groupsLookupCall.GroupKeyNamespace(namespace)
}
if config.UserProjectOverride {
billingProject := ""
// err may be nil - project isn't required for this resource
if project, err := tpgresource.GetProject(d, config); err == nil {
billingProject = project
}
// err == nil indicates that the billing_project value was found
if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
billingProject = bp
}
if billingProject != "" {
groupsLookupCall.Header().Set("X-Goog-User-Project", billingProject)
}
}
resp, err := groupsLookupCall.Do()
if err != nil {
return transport_tpg.HandleDataSourceNotFoundError(err, d, fmt.Sprintf("CloudIdentityGroups %q", d.Id()), "Groups")
}
if err := d.Set("name", resp.Name); err != nil {
return fmt.Errorf("error setting group lookup name: %s", err)
}
d.SetId(time.Now().UTC().String())
return nil
}