From b8fae0fbf064d881e70b7958685006c3c084ff10 Mon Sep 17 00:00:00 2001
From: Aleksandr Averbukh <averbukh@google.com>
Date: Fri, 8 Jul 2022 14:55:28 +0200
Subject: [PATCH] Update fixtures variable type to follow the module
 experimental feature.

---
 .../fixture/{versions.tf => experimental.tf}  |  1 -
 .../organization-policy/fixture/variables.tf  | 25 +++++++++++++++----
 2 files changed, 20 insertions(+), 6 deletions(-)
 rename tests/modules/organization-policy/fixture/{versions.tf => experimental.tf} (84%)

diff --git a/tests/modules/organization-policy/fixture/versions.tf b/tests/modules/organization-policy/fixture/experimental.tf
similarity index 84%
rename from tests/modules/organization-policy/fixture/versions.tf
rename to tests/modules/organization-policy/fixture/experimental.tf
index beba0190..c6434f96 100644
--- a/tests/modules/organization-policy/fixture/versions.tf
+++ b/tests/modules/organization-policy/fixture/experimental.tf
@@ -15,6 +15,5 @@
 terraform {
   required_version = ">= 1.1.0"
 
-  # TODO: Remove once Terraform 1.3 is released https://github.com/hashicorp/terraform/releases/tag/v1.3.0-alpha20220622
   experiments = [module_variable_optional_attrs]
 }
diff --git a/tests/modules/organization-policy/fixture/variables.tf b/tests/modules/organization-policy/fixture/variables.tf
index 709a9f98..8196bcff 100644
--- a/tests/modules/organization-policy/fixture/variables.tf
+++ b/tests/modules/organization-policy/fixture/variables.tf
@@ -21,11 +21,26 @@ variable "config_directory" {
   default     = null
 }
 
-# TODO: convert to a proper data structure map(map(object({...}))) once tf1.3 is released and optional object keys are avaliable,
-# for now it will cause multiple keys to be set to null for every policy definition
-# https://github.com/hashicorp/terraform/releases/tag/v1.3.0-alpha20220622
 variable "policies" {
   description = "Organization policies keyed by parent in format `projects/project-id`, `folders/1234567890` or `organizations/1234567890`."
-  type        = any
-  default     = {}
+  type = map(map(object({
+    inherit_from_parent = optional(bool) # List policy only.
+    reset               = optional(bool)
+    rules = optional(
+      list(object({
+        allow   = optional(list(string)) # List policy only. Stands for `allow_all` if set to empty list `[]` or to `values.allowed_values` if set to a list of values 
+        deny    = optional(list(string)) # List policy only. Stands for `deny_all` if set to empty list `[]` or to `values.denied_values` if set to a list of values
+        enforce = optional(bool)         # Boolean policy only.    
+        condition = optional(
+          object({
+            description = optional(string)
+            expression  = optional(string)
+            location    = optional(string)
+            title       = optional(string)
+          })
+        )
+      }))
+    )
+  })))
+  default = {}
 }