Adding google_iam_workload_identity_pool_provider to TGC tfplan2cai converter (#15609)

Co-authored-by: Hemant Adil <[email protected]>

Author: hemantadil

mmv1/third_party/tgc/resource_converters.go.tmpl

@@ -253,6 +253,7 @@ func ResourceConverters() map[string][]cai.ResourceConverter {
 		"google_organization_iam_custom_role": {resourcemanager.ResourceConverterOrganizationIAMCustomRole()},
 		"google_vpc_access_connector": {vpcaccess.ResourceConverterVPCAccessConnector()},
 		"google_logging_metric": {logging.ResourceConverterLoggingMetric()},
+		"google_iam_workload_identity_pool_provider": {iambeta.ResourceConverterIAMBetaWorkloadIdentityPoolProvider()},
 		"google_service_account": {resourcemanager.ResourceConverterServiceAccount()},
 		"google_service_account_key": {resourcemanager.ResourceConverterServiceAccountKey()},
 

mmv1/third_party/tgc/tests/data/google_iam_workload_identity_pool_provider.json

@@ -0,0 +1,45 @@
+[
+  {
+    "name": "//iam.googleapis.com/projects/{{.Provider.project}}/locations/global/workloadIdentityPools/gg-asset-44602-7df7/providers/gg-asset-44602-7df7",
+    "asset_type": "iam.googleapis.com/WorkloadIdentityPoolProvider",
+    "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}",
+    "resource": {
+      "version": "v1",
+      "discovery_document_uri": "https://iam.googleapis.com/$discovery/rest",
+      "discovery_name": "WorkloadIdentityPoolProvider",
+      "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}",
+      "data": {
+        "aws": {
+          "accountId": "111111111111"
+        },
+        "description": "AWS provider for gg-asset-44602-7df7",
+        "displayName": "gg-asset-44602-7df7"
+      }
+    }
+  },
+  {
+    "name": "//iam.googleapis.com/projects/{{.Provider.project}}/locations/global/workloadIdentityPools/gg-asset-45050-bcd4/providers/gg-asset-45050-bcd4",
+    "asset_type": "iam.googleapis.com/WorkloadIdentityPoolProvider",
+    "ancestry_path": "{{.Ancestry}}/project/{{.Provider.project}}",
+    "resource": {
+      "version": "v1",
+      "discovery_document_uri": "https://iam.googleapis.com/$discovery/rest",
+      "discovery_name": "WorkloadIdentityPoolProvider",
+      "parent": "//cloudresourcemanager.googleapis.com/projects/{{.Provider.project}}",
+      "data": {
+        "attributeCondition": "assertion.repository_owner == 'google'",
+        "attributeMapping": {
+          "attribute.actor": "assertion.actor",
+          "attribute.repository": "assertion.repository",
+          "google.subject": "assertion.sub"
+        },
+        "description": "OIDC provider for gg-asset-45050-bcd4",
+        "disabled": true,
+        "displayName": "gg-asset-45050-bcd4",
+        "oidc": {
+          "issuerUri": "https://oidc.gg-asset-45050-bcd4.com"
+        }
+      }
+    }
+  }
+]

mmv1/third_party/tgc/tests/data/google_iam_workload_identity_pool_provider.tf

@@ -0,0 +1,57 @@
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = ">= 4.54.0"
+    }
+  }
+}
+
+provider "google" {
+  project = "{{.Provider.project}}"
+}
+
+resource "google_iam_workload_identity_pool" "gg_asset_44602_7df7" {
+  project                   = "{{.Provider.project}}"
+  workload_identity_pool_id = "gg-asset-44602-7df7"
+  display_name              = "gg-asset-44602-7df7"
+  description               = "Workload Identity Pool for gg-asset-44602-7df7"
+}
+
+resource "google_iam_workload_identity_pool_provider" "gg_asset_44602_7df7" {
+  project                            = "{{.Provider.project}}"
+  workload_identity_pool_id          = google_iam_workload_identity_pool.gg_asset_44602_7df7.workload_identity_pool_id
+  workload_identity_pool_provider_id = "gg-asset-44602-7df7"
+  display_name                       = "gg-asset-44602-7df7"
+  description                        = "AWS provider for gg-asset-44602-7df7"
+  aws {
+    account_id = "111111111111"
+  }
+}
+
+resource "google_iam_workload_identity_pool" "gg_asset_45050_bcd4" {
+  project                    = "{{.Provider.project}}"
+  workload_identity_pool_id  = "gg-asset-45050-bcd4"
+  display_name               = "gg-asset-45050-bcd4"
+  description                = "Workload Identity Pool for gg-asset-45050-bcd4"
+  disabled                   = false
+}
+
+resource "google_iam_workload_identity_pool_provider" "gg_asset_45050_bcd4" {
+  project                            = "{{.Provider.project}}"
+  workload_identity_pool_id          = google_iam_workload_identity_pool.gg_asset_45050_bcd4.workload_identity_pool_id
+  workload_identity_pool_provider_id = "gg-asset-45050-bcd4"
+  display_name                       = "gg-asset-45050-bcd4"
+  description                        = "OIDC provider for gg-asset-45050-bcd4"
+  disabled                           = true
+  attribute_mapping = {
+    "google.subject"       = "assertion.sub"
+    "attribute.actor"      = "assertion.actor"
+    "attribute.repository" = "assertion.repository"
+  }
+  attribute_condition = "assertion.repository_owner == 'google'"
+
+  oidc {
+    issuer_uri = "https://oidc.gg-asset-45050-bcd4.com"
+  }
+}