feat: implementation for iam resources on google_iam_workforce_pool (#13861) (#23784)

[upstream:a7baf6faa04c109b5c08e0d61d062a155425cf22]

Signed-off-by: Modular Magician <magic-modules@google.com>

Author: modular-magician

.changelog/13861.txt

@@ -0,0 +1,11 @@
+```release-note:new-resource
+`google_iam_workforce_pool_iam_member`
+```
+
+```release-note:new-resource
+`google_iam_workforce_pool_iam_policy`
+```
+
+```release-note:new-resource
+`google_iam_workforce_pool_iam_binding`
+```

google/provider/provider_mmv1_resources.go

@@ -491,6 +491,7 @@ var generatedIAMDatasources = map[string]*schema.Resource{
 	"google_gke_hub_feature_iam_policy":                         tpgiamresource.DataSourceIamPolicy(gkehub2.GKEHub2FeatureIamSchema, gkehub2.GKEHub2FeatureIamUpdaterProducer),
 	"google_gke_hub_scope_iam_policy":                           tpgiamresource.DataSourceIamPolicy(gkehub2.GKEHub2ScopeIamSchema, gkehub2.GKEHub2ScopeIamUpdaterProducer),
 	"google_healthcare_consent_store_iam_policy":                tpgiamresource.DataSourceIamPolicy(healthcare.HealthcareConsentStoreIamSchema, healthcare.HealthcareConsentStoreIamUpdaterProducer),
+	"google_iam_workforce_pool_iam_policy":                      tpgiamresource.DataSourceIamPolicy(iamworkforcepool.IAMWorkforcePoolWorkforcePoolIamSchema, iamworkforcepool.IAMWorkforcePoolWorkforcePoolIamUpdaterProducer),
 	"google_iap_app_engine_service_iam_policy":                  tpgiamresource.DataSourceIamPolicy(iap.IapAppEngineServiceIamSchema, iap.IapAppEngineServiceIamUpdaterProducer),
 	"google_iap_app_engine_version_iam_policy":                  tpgiamresource.DataSourceIamPolicy(iap.IapAppEngineVersionIamSchema, iap.IapAppEngineVersionIamUpdaterProducer),
 	"google_iap_web_cloud_run_service_iam_policy":               tpgiamresource.DataSourceIamPolicy(iap.IapWebCloudRunServiceIamSchema, iap.IapWebCloudRunServiceIamUpdaterProducer),
@@ -554,8 +555,8 @@ var handwrittenIAMDatasources = map[string]*schema.Resource{
 
 // Resources
 // Generated resources: 642
-// Generated IAM resources: 309
-// Total generated resources: 951
+// Generated IAM resources: 312
+// Total generated resources: 954
 var generatedResources = map[string]*schema.Resource{
 	"google_folder_access_approval_settings":                                     accessapproval.ResourceAccessApprovalFolderSettings(),
 	"google_organization_access_approval_settings":                               accessapproval.ResourceAccessApprovalOrganizationSettings(),
@@ -1144,6 +1145,9 @@ var generatedResources = map[string]*schema.Resource{
 	"google_iam_oauth_client":                                                    iamworkforcepool.ResourceIAMWorkforcePoolOauthClient(),
 	"google_iam_oauth_client_credential":                                         iamworkforcepool.ResourceIAMWorkforcePoolOauthClientCredential(),
 	"google_iam_workforce_pool":                                                  iamworkforcepool.ResourceIAMWorkforcePoolWorkforcePool(),
+	"google_iam_workforce_pool_iam_binding":                                      tpgiamresource.ResourceIamBinding(iamworkforcepool.IAMWorkforcePoolWorkforcePoolIamSchema, iamworkforcepool.IAMWorkforcePoolWorkforcePoolIamUpdaterProducer, iamworkforcepool.IAMWorkforcePoolWorkforcePoolIdParseFunc),
+	"google_iam_workforce_pool_iam_member":                                       tpgiamresource.ResourceIamMember(iamworkforcepool.IAMWorkforcePoolWorkforcePoolIamSchema, iamworkforcepool.IAMWorkforcePoolWorkforcePoolIamUpdaterProducer, iamworkforcepool.IAMWorkforcePoolWorkforcePoolIdParseFunc),
+	"google_iam_workforce_pool_iam_policy":                                       tpgiamresource.ResourceIamPolicy(iamworkforcepool.IAMWorkforcePoolWorkforcePoolIamSchema, iamworkforcepool.IAMWorkforcePoolWorkforcePoolIamUpdaterProducer, iamworkforcepool.IAMWorkforcePoolWorkforcePoolIdParseFunc),
 	"google_iam_workforce_pool_provider":                                         iamworkforcepool.ResourceIAMWorkforcePoolWorkforcePoolProvider(),
 	"google_iam_workforce_pool_provider_key":                                     iamworkforcepool.ResourceIAMWorkforcePoolWorkforcePoolProviderKey(),
 	"google_iap_app_engine_service_iam_binding":                                  tpgiamresource.ResourceIamBinding(iap.IapAppEngineServiceIamSchema, iap.IapAppEngineServiceIamUpdaterProducer, iap.IapAppEngineServiceIdParseFunc),

google/services/iamworkforcepool/iam_iam_workforce_pool.go

@@ -0,0 +1,213 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+// ----------------------------------------------------------------------------
+//
+//     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
+//
+// ----------------------------------------------------------------------------
+//
+//     This code is generated by Magic Modules using the following:
+//
+//     Configuration: https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/products/iamworkforcepool/WorkforcePool.yaml
+//     Template:      https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/templates/terraform/iam_policy.go.tmpl
+//
+//     DO NOT EDIT this file directly. Any changes made to this file will be
+//     overwritten during the next generation cycle.
+//
+// ----------------------------------------------------------------------------
+
+package iamworkforcepool
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/errwrap"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"google.golang.org/api/cloudresourcemanager/v1"
+
+	"github.com/hashicorp/terraform-provider-google/google/tpgiamresource"
+	"github.com/hashicorp/terraform-provider-google/google/tpgresource"
+	transport_tpg "github.com/hashicorp/terraform-provider-google/google/transport"
+)
+
+var IAMWorkforcePoolWorkforcePoolIamSchema = map[string]*schema.Schema{
+	"location": {
+		Type:     schema.TypeString,
+		Computed: true,
+		Optional: true,
+		ForceNew: true,
+	},
+	"workforce_pool_id": {
+		Type:             schema.TypeString,
+		Required:         true,
+		ForceNew:         true,
+		DiffSuppressFunc: tpgresource.CompareSelfLinkOrResourceName,
+	},
+}
+
+type IAMWorkforcePoolWorkforcePoolIamUpdater struct {
+	location        string
+	workforcePoolId string
+	d               tpgresource.TerraformResourceData
+	Config          *transport_tpg.Config
+}
+
+func IAMWorkforcePoolWorkforcePoolIamUpdaterProducer(d tpgresource.TerraformResourceData, config *transport_tpg.Config) (tpgiamresource.ResourceIamUpdater, error) {
+	values := make(map[string]string)
+
+	location, _ := tpgresource.GetLocation(d, config)
+	if location != "" {
+		if err := d.Set("location", location); err != nil {
+			return nil, fmt.Errorf("Error setting location: %s", err)
+		}
+	}
+	values["location"] = location
+	if v, ok := d.GetOk("workforce_pool_id"); ok {
+		values["workforce_pool_id"] = v.(string)
+	}
+
+	// We may have gotten either a long or short name, so attempt to parse long name if possible
+	m, err := tpgresource.GetImportIdQualifiers([]string{"locations/(?P<location>[^/]+)/workforcePools/(?P<workforce_pool_id>[^/]+)", "(?P<location>[^/]+)/(?P<workforce_pool_id>[^/]+)", "(?P<workforce_pool_id>[^/]+)"}, d, config, d.Get("workforce_pool_id").(string))
+	if err != nil {
+		return nil, err
+	}
+
+	for k, v := range m {
+		values[k] = v
+	}
+
+	u := &IAMWorkforcePoolWorkforcePoolIamUpdater{
+		location:        values["location"],
+		workforcePoolId: values["workforce_pool_id"],
+		d:               d,
+		Config:          config,
+	}
+
+	if err := d.Set("location", u.location); err != nil {
+		return nil, fmt.Errorf("Error setting location: %s", err)
+	}
+	if err := d.Set("workforce_pool_id", u.GetResourceId()); err != nil {
+		return nil, fmt.Errorf("Error setting workforce_pool_id: %s", err)
+	}
+
+	return u, nil
+}
+
+func IAMWorkforcePoolWorkforcePoolIdParseFunc(d *schema.ResourceData, config *transport_tpg.Config) error {
+	values := make(map[string]string)
+
+	location, _ := tpgresource.GetLocation(d, config)
+	if location != "" {
+		values["location"] = location
+	}
+
+	m, err := tpgresource.GetImportIdQualifiers([]string{"locations/(?P<location>[^/]+)/workforcePools/(?P<workforce_pool_id>[^/]+)", "(?P<location>[^/]+)/(?P<workforce_pool_id>[^/]+)", "(?P<workforce_pool_id>[^/]+)"}, d, config, d.Id())
+	if err != nil {
+		return err
+	}
+
+	for k, v := range m {
+		values[k] = v
+	}
+
+	u := &IAMWorkforcePoolWorkforcePoolIamUpdater{
+		location:        values["location"],
+		workforcePoolId: values["workforce_pool_id"],
+		d:               d,
+		Config:          config,
+	}
+	if err := d.Set("workforce_pool_id", u.GetResourceId()); err != nil {
+		return fmt.Errorf("Error setting workforce_pool_id: %s", err)
+	}
+	d.SetId(u.GetResourceId())
+	return nil
+}
+
+func (u *IAMWorkforcePoolWorkforcePoolIamUpdater) GetResourceIamPolicy() (*cloudresourcemanager.Policy, error) {
+	url, err := u.qualifyWorkforcePoolUrl("getIamPolicy")
+	if err != nil {
+		return nil, err
+	}
+
+	var obj map[string]interface{}
+
+	userAgent, err := tpgresource.GenerateUserAgentString(u.d, u.Config.UserAgent)
+	if err != nil {
+		return nil, err
+	}
+
+	policy, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+		Config:    u.Config,
+		Method:    "POST",
+		RawURL:    url,
+		UserAgent: userAgent,
+		Body:      obj,
+	})
+	if err != nil {
+		return nil, errwrap.Wrapf(fmt.Sprintf("Error retrieving IAM policy for %s: {{err}}", u.DescribeResource()), err)
+	}
+
+	out := &cloudresourcemanager.Policy{}
+	err = tpgresource.Convert(policy, out)
+	if err != nil {
+		return nil, errwrap.Wrapf("Cannot convert a policy to a resource manager policy: {{err}}", err)
+	}
+
+	return out, nil
+}
+
+func (u *IAMWorkforcePoolWorkforcePoolIamUpdater) SetResourceIamPolicy(policy *cloudresourcemanager.Policy) error {
+	json, err := tpgresource.ConvertToMap(policy)
+	if err != nil {
+		return err
+	}
+
+	obj := make(map[string]interface{})
+	obj["policy"] = json
+
+	url, err := u.qualifyWorkforcePoolUrl("setIamPolicy")
+	if err != nil {
+		return err
+	}
+
+	userAgent, err := tpgresource.GenerateUserAgentString(u.d, u.Config.UserAgent)
+	if err != nil {
+		return err
+	}
+
+	_, err = transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+		Config:    u.Config,
+		Method:    "POST",
+		RawURL:    url,
+		UserAgent: userAgent,
+		Body:      obj,
+		Timeout:   u.d.Timeout(schema.TimeoutCreate),
+	})
+	if err != nil {
+		return errwrap.Wrapf(fmt.Sprintf("Error setting IAM policy for %s: {{err}}", u.DescribeResource()), err)
+	}
+
+	return nil
+}
+
+func (u *IAMWorkforcePoolWorkforcePoolIamUpdater) qualifyWorkforcePoolUrl(methodIdentifier string) (string, error) {
+	urlTemplate := fmt.Sprintf("{{IAMWorkforcePoolBasePath}}%s:%s", fmt.Sprintf("locations/%s/workforcePools/%s", u.location, u.workforcePoolId), methodIdentifier)
+	url, err := tpgresource.ReplaceVars(u.d, u.Config, urlTemplate)
+	if err != nil {
+		return "", err
+	}
+	return url, nil
+}
+
+func (u *IAMWorkforcePoolWorkforcePoolIamUpdater) GetResourceId() string {
+	return fmt.Sprintf("locations/%s/workforcePools/%s", u.location, u.workforcePoolId)
+}
+
+func (u *IAMWorkforcePoolWorkforcePoolIamUpdater) GetMutexKey() string {
+	return fmt.Sprintf("iam-iamworkforcepool-workforcepool-%s", u.GetResourceId())
+}
+
+func (u *IAMWorkforcePoolWorkforcePoolIamUpdater) DescribeResource() string {
+	return fmt.Sprintf("iamworkforcepool workforcepool %q", u.GetResourceId())
+}