Implemented conditional dynamic blocks for `google_access_context_manager_service_perimeter` `spec` and `status` (#1177)

* implemented conditional dynamic blocks * Fix linting * avoid setting spec in bridge perimeters if no resources are set --------- Co-authored-by: Julio Castillo <jccb@google.com> Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2023-02-25 16:04:19 +00:00 · 2023-02-25 16:04:19 +00:00 · aecb6fd543
parent 463dc41ede
commit aecb6fd543
1 changed files with 10 additions and 3 deletions
--- a/modules/vpc-sc/service-perimeters-bridge.tf
+++ b/modules/vpc-sc/service-perimeters-bridge.tf
@ -1,5 +1,5 @@
 /**
- * Copyright 2022 Google LLC
+ * Copyright 2023 Google LLC
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -27,15 +27,22 @@ resource "google_access_context_manager_service_perimeter" "bridge" {
  title                     = each.key
  perimeter_type            = "PERIMETER_TYPE_BRIDGE"
  use_explicit_dry_run_spec = each.value.use_explicit_dry_run_spec
-  spec {
-    resources = each.value.spec_resources == null ? [] : each.value.spec_resources
+
+  dynamic "spec" {
+    for_each = each.value.spec_resources == null ? [] : [""]
+    content {
+      resources = each.value.spec_resources
+    }
  }
+
  status {
    resources = each.value.status_resources == null ? [] : each.value.status_resources
  }
+
  # lifecycle {
  #   ignore_changes = [spec[0].resources, status[0].resources]
  # }
+
  depends_on = [
    google_access_context_manager_access_policy.default,
    google_access_context_manager_access_level.basic,