diff --git a/internal/provider/resource_tfe_team.go b/internal/provider/resource_tfe_team.go index e871d07e7..6702fba36 100644 --- a/internal/provider/resource_tfe_team.go +++ b/internal/provider/resource_tfe_team.go @@ -120,6 +120,11 @@ func resourceTFETeam() *schema.Resource { Optional: true, Default: false, }, + "manage_agent_pools": { + Type: schema.TypeBool, + Optional: true, + Default: false, + } }, }, }, @@ -173,6 +178,7 @@ func resourceTFETeamCreate(d *schema.ResourceData, meta interface{}) error { ManageTeams: tfe.Bool(organizationAccess["manage_teams"].(bool)), ManageOrganizationAccess: tfe.Bool(organizationAccess["manage_organization_access"].(bool)), AccessSecretTeams: tfe.Bool(organizationAccess["access_secret_teams"].(bool)), + ManageAgentPools: tfe.Bool(organizationAccess["manage_agent_pools"].(bool)), } } @@ -236,6 +242,7 @@ func resourceTFETeamRead(d *schema.ResourceData, meta interface{}) error { "manage_teams": team.OrganizationAccess.ManageTeams, "manage_organization_access": team.OrganizationAccess.ManageOrganizationAccess, "access_secret_teams": team.OrganizationAccess.AccessSecretTeams, + "manage_agent_pools": team.OrganizationAccess.ManageAgentPools, }} if err := d.Set("organization_access", organizationAccess); err != nil { return fmt.Errorf("error setting organization access for team %s: %w", d.Id(), err) @@ -276,6 +283,7 @@ func resourceTFETeamUpdate(d *schema.ResourceData, meta interface{}) error { ManageTeams: tfe.Bool(organizationAccess["manage_teams"].(bool)), ManageOrganizationAccess: tfe.Bool(organizationAccess["manage_organization_access"].(bool)), AccessSecretTeams: tfe.Bool(organizationAccess["access_secret_teams"].(bool)), + ManageAgentPools: tfe.Bool(organizationAccess["manage_agent_pools"].(bool)), } } diff --git a/internal/provider/resource_tfe_team_test.go b/internal/provider/resource_tfe_team_test.go index 22f79c60d..a64042e47 100644 --- a/internal/provider/resource_tfe_team_test.go +++ b/internal/provider/resource_tfe_team_test.go @@ -85,6 +85,8 @@ func TestAccTFETeam_full(t *testing.T) { "tfe_team.foobar", "organization_access.0.manage_organization_access", "true"), resource.TestCheckResourceAttr( "tfe_team.foobar", "organization_access.0.access_secret_teams", "true"), + resource.TestCheckResourceAttr( + "tfe_team.foobar", "organization_access.0.manage_agent_pools", "true"), ), }, }, @@ -138,6 +140,8 @@ func TestAccTFETeam_full_update(t *testing.T) { "tfe_team.foobar", "organization_access.0.manage_organization_access", "true"), resource.TestCheckResourceAttr( "tfe_team.foobar", "organization_access.0.access_secret_teams", "true"), + resource.TestCheckResourceAttr( + "tfe_team.foobar", "organization_access.0.manage_agent_pools", "true"), ), }, { @@ -178,6 +182,8 @@ func TestAccTFETeam_full_update(t *testing.T) { "tfe_team.foobar", "organization_access.0.manage_organization_access", "false"), resource.TestCheckResourceAttr( "tfe_team.foobar", "organization_access.0.access_secret_teams", "false"), + resource.TestCheckResourceAttr( + "tfe_team.foobar", "organization_access.0.manage_agent_pools", "false"), ), }, { @@ -219,6 +225,8 @@ func TestAccTFETeam_full_update(t *testing.T) { "tfe_team.foobar", "organization_access.0.manage_organization_access", "false"), resource.TestCheckResourceAttr( "tfe_team.foobar", "organization_access.0.access_secret_teams", "false"), + resource.TestCheckResourceAttr( + "tfe_team.foobar", "organization_access.0.manage_agent_pools", "false"), ), }, }, @@ -480,6 +488,9 @@ func testAccCheckTFETeamAttributes_full( if !team.OrganizationAccess.AccessSecretTeams { return fmt.Errorf("OrganizationAccess.AccessSecretTeams should be true") } + if !team.OrganizationAccess.ManageAgentPools { + return fmt.Errorf("OrganizationAccess.ManageAgentPools should be true") + } if team.SSOTeamID != "team-test-sso-id" { return fmt.Errorf("Bad SSO Team ID: %s", team.SSOTeamID) @@ -527,6 +538,9 @@ func testAccCheckTFETeamAttributes_full_update( if team.OrganizationAccess.AccessSecretTeams { return fmt.Errorf("OrganizationAccess.AccessSecretTeams should be false") } + if team.OrganizationAccess.ManageAgentPools { + return fmt.Errorf("OrganizationAccess.ManageAgentPools should be false") + } if team.SSOTeamID != "changed-sso-id" { return fmt.Errorf("Bad SSO Team ID: %s", team.SSOTeamID) @@ -598,6 +612,7 @@ resource "tfe_team" "foobar" { manage_teams = true manage_organization_access = true access_secret_teams = true + manage_agent_pools = true } sso_team_id = "team-test-sso-id" }`, rInt) @@ -631,6 +646,7 @@ resource "tfe_team" "foobar" { manage_teams = false manage_organization_access = false access_secret_teams = false + manage_agent_pools = false } sso_team_id = "changed-sso-id" diff --git a/website/docs/r/team.html.markdown b/website/docs/r/team.html.markdown index 4a2e76d49..c3dca4146 100644 --- a/website/docs/r/team.html.markdown +++ b/website/docs/r/team.html.markdown @@ -58,6 +58,7 @@ The `organization_access` block supports: * `manage_teams` - (Optional) Allow members to create, update, and delete teams. * `manage_organization_access` - (Optional) Allow members to update the organization access settings of teams. * `access_secret_teams` - (Optional) Allow members access to secret teams up to the level of permissions granted by their team permissions setting. +* `manage_secret_teams` - (Optional) Allows members to create, edit, and delete agent pools within their organization. ## Attributes Reference