Allow full management of IAM parent fields #18411
Labels
mmv1-generator
Provider-wide changes to resource templates or other generator changes
service/terraform
size/l
technical-debt
Milestone
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What kind of contribution is this issue about?
MMv1-based resource
Details
IAM resources can have multiple parent fields, but it is difficult to modify their behavior. We only allow overriding
parent_resource_attributeand setting a custom diff suppress for the final parent field. We don't allow (for example) adding validation for a parent field, which could be necessary to have parity with the parent resource, or allow a custom diff suppress for fields other than the final resource.We should restructure the iam_policy configuration to allow easier customization of all parent fields, similar to resource fields.
References
Ran into this while reviewing GoogleCloudPlatform/magic-modules#10786, which is forced to use a diff suppress to replicate missing validation on one parent field, and is also missing a diff suppress that is present for IAM policies for the parent resource. (Unclear if this will cause problems.)
The text was updated successfully, but these errors were encountered: