From 02d867ff3dbbb45dabeaaf4f23a5a6217dcf4be1 Mon Sep 17 00:00:00 2001
From: Ludovico Magnocavallo <ludomagno@google.com>
Date: Wed, 4 Nov 2020 16:49:19 +0100
Subject: [PATCH] rename iam variables in folder module

---
 modules/folder/README.md    | 4 ++--
 modules/folder/main.tf      | 2 +-
 modules/folder/variables.tf | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/modules/folder/README.md b/modules/folder/README.md
index 8a98dc5e..5b15204c 100644
--- a/modules/folder/README.md
+++ b/modules/folder/README.md
@@ -11,7 +11,7 @@ module "folder" {
   source = "./modules/folder"
   parent = "organizations/1234567890"
   name  = "Folder name"
-  iam_members = {
+  iam = {
     "roles/owner" = ["group:users@example.com"]
   }
 }
@@ -46,7 +46,7 @@ module "folder" {
 |---|---|:---: |:---:|:---:|
 | name | Folder name. | <code title="">string</code> | ✓ |  |
 | parent | Parent in folders/folder_id or organizations/org_id format. | <code title="string&#10;validation &#123;&#10;condition     &#61; can&#40;regex&#40;&#34;&#40;organizations&#124;folders&#41;&#47;&#91;0-9&#93;&#43;&#34;, var.parent&#41;&#41;&#10;error_message &#61; &#34;Parent must be of the form folders&#47;folder_id or organizations&#47;organization_id.&#34;&#10;&#125;">string</code> | ✓ |  |
-| *iam_members* | List of IAM members keyed by role. | <code title="map&#40;set&#40;string&#41;&#41;">map(set(string))</code> |  | <code title="">null</code> |
+| *iam* | IAM bindings in {ROLE => [MEMBERS]} format. | <code title="map&#40;set&#40;string&#41;&#41;">map(set(string))</code> |  | <code title="">null</code> |
 | *policy_boolean* | Map of boolean org policies and enforcement value, set value to null for policy restore. | <code title="map&#40;bool&#41;">map(bool)</code> |  | <code title="">{}</code> |
 | *policy_list* | Map of list org policies, status is true for allow, false for deny, null for restore. Values can only be used for allow or deny. | <code title="map&#40;object&#40;&#123;&#10;inherit_from_parent &#61; bool&#10;suggested_value     &#61; string&#10;status              &#61; bool&#10;values              &#61; list&#40;string&#41;&#10;&#125;&#41;&#41;">map(object({...}))</code> |  | <code title="">{}</code> |
 
diff --git a/modules/folder/main.tf b/modules/folder/main.tf
index 6ac0940e..fb018b7a 100644
--- a/modules/folder/main.tf
+++ b/modules/folder/main.tf
@@ -21,7 +21,7 @@ resource "google_folder" "folder" {
 }
 
 resource "google_folder_iam_binding" "authoritative" {
-  for_each = var.iam_members
+  for_each = var.iam
   folder   = google_folder.folder.name
   role     = each.key
   members  = each.value
diff --git a/modules/folder/variables.tf b/modules/folder/variables.tf
index d298ec4e..1231be0d 100644
--- a/modules/folder/variables.tf
+++ b/modules/folder/variables.tf
@@ -14,10 +14,10 @@
  * limitations under the License.
  */
 
-variable "iam_members" {
-  description = "List of IAM members keyed by role."
+variable "iam" {
+  description = "IAM bindings in {ROLE => [MEMBERS]} format."
   type        = map(set(string))
-  default     = null
+  default     = {}
 }
 
 variable "name" {