fix TestAccDataFusionInstance_dataFusionInstanceCmekExample (#14826) (#1089)

modular-magician · web-flow · commit 5708f916907f · 2025-08-13T21:32:22.000-07:00
[upstream:5a0c33b1123f54c5ee8023b67417f3b217333e02]

Signed-off-by: Modular Magician &lt;magic-modules@google.com&gt;
diff --git a/data_fusion_instance_cmek/main.tf b/data_fusion_instance_cmek/main.tf
@@ -7,7 +7,7 @@ resource "google_data_fusion_instance" "cmek" {
     key_reference = google_kms_crypto_key.crypto_key.id
   }
 
-  depends_on = [google_kms_crypto_key_iam_member.crypto_key_member]
+  depends_on = [google_kms_crypto_key_iam_member.crypto_key_member_cdf_sa, google_kms_crypto_key_iam_member.crypto_key_member_gcs_sa]
 }
 
 resource "google_kms_crypto_key" "crypto_key" {
@@ -20,11 +20,18 @@ resource "google_kms_key_ring" "key_ring" {
   location = "us-central1"
 }
 
-resource "google_kms_crypto_key_iam_member" "crypto_key_member" {
+resource "google_kms_crypto_key_iam_member" "crypto_key_member_cdf_sa" {
   crypto_key_id = google_kms_crypto_key.crypto_key.id
   role          = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 
   member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-datafusion.iam.gserviceaccount.com"
 }
 
+resource "google_kms_crypto_key_iam_member" "crypto_key_member_gcs_sa" {
+  crypto_key_id = google_kms_crypto_key.crypto_key.id
+  role          = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
+
+  member = "serviceAccount:service-${data.google_project.project.number}@gs-project-accounts.iam.gserviceaccount.com"
+}
+
 data "google_project" "project" {}

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@ resource "google_data_fusion_instance" "cmek" {`
`7`	`7`	`key_reference = google_kms_crypto_key.crypto_key.id`
`8`	`8`	`}`
`9`	`9`
`10`		`- depends_on = [google_kms_crypto_key_iam_member.crypto_key_member]`
	`10`	`+ depends_on = [google_kms_crypto_key_iam_member.crypto_key_member_cdf_sa, google_kms_crypto_key_iam_member.crypto_key_member_gcs_sa]`
`11`	`11`	`}`
`12`	`12`
`13`	`13`	`resource "google_kms_crypto_key" "crypto_key" {`
`@@ -20,11 +20,18 @@ resource "google_kms_key_ring" "key_ring" {`
`20`	`20`	`location = "us-central1"`
`21`	`21`	`}`
`22`	`22`
`23`		`-resource "google_kms_crypto_key_iam_member" "crypto_key_member" {`
	`23`	`+resource "google_kms_crypto_key_iam_member" "crypto_key_member_cdf_sa" {`
`24`	`24`	`crypto_key_id = google_kms_crypto_key.crypto_key.id`
`25`	`25`	`role = "roles/cloudkms.cryptoKeyEncrypterDecrypter"`
`26`	`26`
`27`	`27`	`member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-datafusion.iam.gserviceaccount.com"`
`28`	`28`	`}`
`29`	`29`
	`30`	`+resource "google_kms_crypto_key_iam_member" "crypto_key_member_gcs_sa" {`
	`31`	`+ crypto_key_id = google_kms_crypto_key.crypto_key.id`
	`32`	`+ role = "roles/cloudkms.cryptoKeyEncrypterDecrypter"`
	`33`	`+`
	`34`	`+ member = "serviceAccount:service-${data.google_project.project.number}@gs-project-accounts.iam.gserviceaccount.com"`
	`35`	`+}`
	`36`	`+`
`30`	`37`	`data "google_project" "project" {}`