diff --git a/modules/folder/README.md b/modules/folder/README.md index 5bb7b4cd..d08bfac0 100644 --- a/modules/folder/README.md +++ b/modules/folder/README.md @@ -114,7 +114,7 @@ module "folder-sink" { no-gce-instances = "resource.type=gce_instance" } } -# tftest:modules=5:resources=11 +# tftest:modules=5:resources=12 ``` ### Hierarchical firewall policies @@ -186,5 +186,5 @@ module "folder2" { | folder | Folder resource. | | | id | Folder id. | | | name | Folder name. | | -| sink_writer_identities | Writer identities created for each sink | | +| sink_writer_identities | Writer identities created for each sink. | | diff --git a/modules/organization/README.md b/modules/organization/README.md index 933ce8f4..acc3f18f 100644 --- a/modules/organization/README.md +++ b/modules/organization/README.md @@ -131,7 +131,7 @@ module "org" { no-gce-instances = "resource.type=gce_instance" } } -# tftest:modules=5:resources=10 +# tftest:modules=5:resources=11 ``` @@ -163,5 +163,5 @@ module "org" { | firewall_policies | Map of firewall policy resources created in the organization. | | | firewall_policy_id | Map of firewall policy ids created in the organization. | | | organization_id | Organization id dependent on module resources. | | -| sink_writer_identities | Writer identities created for each sink | | +| sink_writer_identities | Writer identities created for each sink. | | diff --git a/modules/project/README.md b/modules/project/README.md index a640edf0..2d99f977 100644 --- a/modules/project/README.md +++ b/modules/project/README.md @@ -146,7 +146,7 @@ module "project-host" { no-gce-instances = "resource.type=gce_instance" } } -# tftest:modules=5:resources=11 +# tftest:modules=5:resources=12 ``` @@ -191,6 +191,6 @@ module "project-host" { | number | Project number. | | | project_id | Project id. | | | service_accounts | Product robot service accounts in project. | | -| sink_writer_identities | Writer identities created for each sink | | +| sink_writer_identities | Writer identities created for each sink. | | diff --git a/tests/modules/folder/test_plan_logging.py b/tests/modules/folder/test_plan_logging.py index d2e9edc4..9bd7688f 100644 --- a/tests/modules/folder/test_plan_logging.py +++ b/tests/modules/folder/test_plan_logging.py @@ -62,15 +62,16 @@ def test_sinks(plan_runner): } """ _, resources = plan_runner(FIXTURES_DIR, logging_sinks=logging_sinks) - assert len(resources) == 8 + assert len(resources) == 9 resource_types = Counter([r["type"] for r in resources]) assert resource_types == { - "google_bigquery_dataset_iam_binding": 1, - "google_folder": 1, "google_logging_folder_sink": 4, - "google_pubsub_topic_iam_binding": 1, - "google_storage_bucket_iam_binding": 1, + "google_folder": 1, + "google_bigquery_dataset_iam_member": 1, + "google_project_iam_member": 1, + "google_pubsub_topic_iam_member": 1, + "google_storage_bucket_iam_member": 1, } sinks = [r for r in resources if r["type"] == "google_logging_folder_sink"] @@ -111,12 +112,13 @@ def test_sinks(plan_runner): ("warning", "severity=WARNING", "storage.googleapis.com/mybucket", True), ] - bindings = [r for r in resources if "binding" in r["type"]] + bindings = [r for r in resources if "member" in r["type"]] values = [(r["index"], r["type"], r["values"]["role"]) for r in bindings] assert sorted(values) == [ - ("info", "google_bigquery_dataset_iam_binding", "roles/bigquery.dataEditor"), - ("notice", "google_pubsub_topic_iam_binding", "roles/pubsub.publisher"), - ("warning", "google_storage_bucket_iam_binding", "roles/storage.objectCreator"), + ("debug", "google_project_iam_member", "roles/logging.bucketWriter"), + ("info", "google_bigquery_dataset_iam_member", "roles/bigquery.dataEditor"), + ("notice", "google_pubsub_topic_iam_member", "roles/pubsub.publisher"), + ("warning", "google_storage_bucket_iam_member", "roles/storage.objectCreator"), ] exclusions = [(r["index"], r["values"]["exclusions"]) for r in sinks] diff --git a/tests/modules/organization/test_plan_logging.py b/tests/modules/organization/test_plan_logging.py index f6684d12..1ad6aec4 100644 --- a/tests/modules/organization/test_plan_logging.py +++ b/tests/modules/organization/test_plan_logging.py @@ -62,14 +62,15 @@ def test_sinks(plan_runner): } """ _, resources = plan_runner(FIXTURES_DIR, logging_sinks=logging_sinks) - assert len(resources) == 7 + assert len(resources) == 8 resource_types = Counter([r["type"] for r in resources]) assert resource_types == { - "google_bigquery_dataset_iam_binding": 1, "google_logging_organization_sink": 4, - "google_pubsub_topic_iam_binding": 1, - "google_storage_bucket_iam_binding": 1, + "google_bigquery_dataset_iam_member": 1, + "google_project_iam_member": 1, + "google_pubsub_topic_iam_member": 1, + "google_storage_bucket_iam_member": 1, } sinks = [r for r in resources if r["type"] == "google_logging_organization_sink"] @@ -110,12 +111,13 @@ def test_sinks(plan_runner): ("warning", "severity=WARNING", "storage.googleapis.com/mybucket", True), ] - bindings = [r for r in resources if "binding" in r["type"]] + bindings = [r for r in resources if "member" in r["type"]] values = [(r["index"], r["type"], r["values"]["role"]) for r in bindings] assert sorted(values) == [ - ("info", "google_bigquery_dataset_iam_binding", "roles/bigquery.dataEditor"), - ("notice", "google_pubsub_topic_iam_binding", "roles/pubsub.publisher"), - ("warning", "google_storage_bucket_iam_binding", "roles/storage.objectCreator"), + ("debug", "google_project_iam_member", "roles/logging.bucketWriter"), + ("info", "google_bigquery_dataset_iam_member", "roles/bigquery.dataEditor"), + ("notice", "google_pubsub_topic_iam_member", "roles/pubsub.publisher"), + ("warning", "google_storage_bucket_iam_member", "roles/storage.objectCreator"), ] exclusions = [(r["index"], r["values"]["exclusions"]) for r in sinks] diff --git a/tests/modules/project/test_plan_logging.py b/tests/modules/project/test_plan_logging.py index 6841d194..cf5c992e 100644 --- a/tests/modules/project/test_plan_logging.py +++ b/tests/modules/project/test_plan_logging.py @@ -62,15 +62,16 @@ def test_sinks(plan_runner): } """ _, resources = plan_runner(FIXTURES_DIR, logging_sinks=logging_sinks) - assert len(resources) == 8 + assert len(resources) == 9 resource_types = Counter([r["type"] for r in resources]) assert resource_types == { - "google_bigquery_dataset_iam_binding": 1, "google_logging_project_sink": 4, + "google_bigquery_dataset_iam_member": 1, "google_project": 1, - "google_pubsub_topic_iam_binding": 1, - "google_storage_bucket_iam_binding": 1, + "google_project_iam_member": 1, + "google_pubsub_topic_iam_member": 1, + "google_storage_bucket_iam_member": 1, } sinks = [r for r in resources if r["type"] == "google_logging_project_sink"] @@ -111,12 +112,13 @@ def test_sinks(plan_runner): ("warning", "severity=WARNING", "storage.googleapis.com/mybucket", False), ] - bindings = [r for r in resources if "binding" in r["type"]] + bindings = [r for r in resources if "member" in r["type"]] values = [(r["index"], r["type"], r["values"]["role"]) for r in bindings] assert sorted(values) == [ - ("info", "google_bigquery_dataset_iam_binding", "roles/bigquery.dataEditor"), - ("notice", "google_pubsub_topic_iam_binding", "roles/pubsub.publisher"), - ("warning", "google_storage_bucket_iam_binding", "roles/storage.objectCreator"), + ("debug", "google_project_iam_member", "roles/logging.bucketWriter"), + ("info", "google_bigquery_dataset_iam_member", "roles/bigquery.dataEditor"), + ("notice", "google_pubsub_topic_iam_member", "roles/pubsub.publisher"), + ("warning", "google_storage_bucket_iam_member", "roles/storage.objectCreator"), ] exclusions = [(r["index"], r["values"]["exclusions"]) for r in sinks]