search

hashicorp / terraform-provider-google

Terraform Provider for Google Cloud Platform
https://registry.terraform.io/providers/hashicorp/google/latest/docs
Mozilla Public License 2.0
2.25k stars 1.7k forks source link

Only add IAM condition fields to IAM resources if the API supports IAM conditions #18412

Open melinath opened 2 weeks ago

melinath commented 2 weeks ago

What kind of contribution is this issue about?

MMv1-based resource

Details

Currently, all IAM resources have condition fields - but they are undocumented & untested by default and may cause unexpected behavior if used, unless the API actually supports conditions. We should only add those fields in cases where we believe that conditions are supported. Currently this is indicated by the presence of iam_policy.iam_conditions_request_type - we could potentially consider adding an explicit indicator of supported vs not.

This would be a breaking change because it would remove fields from the resources.

References

https://github.com/hashicorp/terraform-provider-google/issues/18215#issuecomment-2161647050

melinath commented 1 week ago

Note from triage: We could probably do an initial version of this that isn't a breaking change; leaving in "future major release" so we can consider it as a project at that point, since the non-breaking change would be prep for the breaking change.