From 15487078d438e5fd13a7b32427db7bda7dad7392 Mon Sep 17 00:00:00 2001
From: James D'Alfonso <jamesdalfonso@gmail.com>
Date: Mon, 13 Feb 2023 10:00:50 +0100
Subject: [PATCH 1/2] add missing iam properties to factory_subnets

---
 modules/net-vpc/subnets.tf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/modules/net-vpc/subnets.tf b/modules/net-vpc/subnets.tf
index ae094ecf..7c03bfca 100644
--- a/modules/net-vpc/subnets.tf
+++ b/modules/net-vpc/subnets.tf
@@ -31,6 +31,9 @@ locals {
       flow_logs_config      = try(v.flow_logs, null)
       ipv6                  = try(v.ipv6, null)
       secondary_ip_ranges   = try(v.secondary_ip_ranges, null)
+      iam_groups            = try(v.iam_groups, [])
+      iam_users             = try(v.iam_users, [])
+      iam_service_accounts  = try(v.iam_service_accounts, [])
     }
   }
   _factory_subnets_iam = [

From 3085922ceae8b1c081b7a8993fa85539c589437d Mon Sep 17 00:00:00 2001
From: Julio Castillo <jccb@google.com>
Date: Mon, 20 Feb 2023 12:19:36 +0100
Subject: [PATCH 2/2] Fix tests

---
 modules/net-vpc/README.md                   |  2 +-
 tests/modules/net_vpc/examples/factory.yaml | 11 +++++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/modules/net-vpc/README.md b/modules/net-vpc/README.md
index dbd85502..bd5675d2 100644
--- a/modules/net-vpc/README.md
+++ b/modules/net-vpc/README.md
@@ -314,7 +314,7 @@ module "vpc" {
   name        = "my-network"
   data_folder = "config/subnets"
 }
-# tftest modules=1 resources=3 files=subnet-simple,subnet-detailed inventory=factory.yaml
+# tftest modules=1 resources=4 files=subnet-simple,subnet-detailed inventory=factory.yaml
 ```
 
 ```yaml
diff --git a/tests/modules/net_vpc/examples/factory.yaml b/tests/modules/net_vpc/examples/factory.yaml
index 48671c29..0724b597 100644
--- a/tests/modules/net_vpc/examples/factory.yaml
+++ b/tests/modules/net_vpc/examples/factory.yaml
@@ -44,7 +44,18 @@ values:
     region: europe-west4
     role: null
     secondary_ip_range: []
+  module.vpc.google_compute_subnetwork_iam_binding.binding["europe-west1/subnet-detailed.roles/compute.networkUser"]:
+    condition: []
+    members:
+    - group:lorem@example.com
+    - serviceAccount:fbz@prj.iam.gserviceaccount.com
+    - user:foobar@example.com
+    project: my-project
+    region: europe-west1
+    role: roles/compute.networkUser
+    subnetwork: subnet-detailed
 
 counts:
   google_compute_network: 1
   google_compute_subnetwork: 2
+  google_compute_subnetwork_iam_binding: 1