@@ -458,20 +458,91 @@ func testAccCheckOrgPolicyPolicyDestroyProducer(t *testing.T) func(s *terraform.
458458 return nil
459459 }
460460}
461-
461+ func TestAccOrgPolicyPolicy_EnforceParameterizedMCPolicy (t * testing.T ) {
462+ t .Parallel ()
463+
464+ context := map [string ]interface {}{
465+ "org_id" : envvar .GetTestOrgFromEnv (t ),
466+ "random_suffix" : acctest .RandString (t , 10 ),
467+ }
468+
469+ acctest .VcrTest (t , resource.TestCase {
470+ PreCheck : func () { acctest .AccTestPreCheck (t ) },
471+ ProtoV5ProviderFactories : acctest .ProtoV5ProviderFactories (t ),
472+ CheckDestroy : testAccCheckOrgPolicyPolicyDestroyProducer (t ),
473+ Steps : []resource.TestStep {
474+ {
475+ Config : testAccOrgPolicyPolicy_EnforceParameterizedMCPolicy (context ),
476+ },
477+ {
478+ ResourceName : "google_org_policy_policy.primary" ,
479+ ImportState : true ,
480+ ImportStateVerify : true ,
481+ ImportStateVerifyIgnore : []string {"name" , "spec.0.rules.0.condition.0.expression" },
482+ },
483+ },
484+ })
485+ }
462486func testAccOrgPolicyPolicy_EnforceParameterizedMCPolicy (context map [string ]interface {}) string {
463487 return acctest .Nprintf (`
464488resource "google_org_policy_policy" "primary" {
465- name = "projects/${google_project.basic.name}/policies/constraints/ compute.managed.restrictDiskCreation"
489+ name = "projects/${google_project.basic.name}/policies/compute.managed.restrictDiskCreation"
466490 parent = "projects/${google_project.basic.name}"
467491
468492 spec {
469493 rules {
470494 enforce = "TRUE"
471- parameters {
472- "isSizeLimitCheck" = True,
473- "allowedDiskTypes" = ["pd-ssd"]
474- }
495+ parameters = "{\"isSizeLimitCheck\" : true, \"allowedDiskTypes\": [\"pd-ssd\"]}"
496+ }
497+ }
498+ }
499+
500+ resource "google_project" "basic" {
501+ project_id = "tf-test-id%{random_suffix}"
502+ name = "tf-test-id%{random_suffix}"
503+ org_id = "%{org_id}"
504+ deletion_policy = "DELETE"
505+ }
506+
507+
508+ ` , context )
509+ }
510+
511+ func TestAccOrgPolicyPolicy_EnforceParameterizedMCDryRunPolicy (t * testing.T ) {
512+ t .Parallel ()
513+
514+ context := map [string ]interface {}{
515+ "org_id" : envvar .GetTestOrgFromEnv (t ),
516+ "random_suffix" : acctest .RandString (t , 10 ),
517+ }
518+
519+ acctest .VcrTest (t , resource.TestCase {
520+ PreCheck : func () { acctest .AccTestPreCheck (t ) },
521+ ProtoV5ProviderFactories : acctest .ProtoV5ProviderFactories (t ),
522+ CheckDestroy : testAccCheckOrgPolicyPolicyDestroyProducer (t ),
523+ Steps : []resource.TestStep {
524+ {
525+ Config : testAccOrgPolicyPolicy_EnforceParameterizedMCDryRunPolicy (context ),
526+ },
527+ {
528+ ResourceName : "google_org_policy_policy.primary" ,
529+ ImportState : true ,
530+ ImportStateVerify : true ,
531+ ImportStateVerifyIgnore : []string {"name" , "spec.0.rules.0.condition.0.expression" },
532+ },
533+ },
534+ })
535+ }
536+ func testAccOrgPolicyPolicy_EnforceParameterizedMCDryRunPolicy (context map [string ]interface {}) string {
537+ return acctest .Nprintf (`
538+ resource "google_org_policy_policy" "primary" {
539+ name = "projects/${google_project.basic.name}/policies/compute.managed.restrictDiskCreation"
540+ parent = "projects/${google_project.basic.name}"
541+
542+ dry_run_spec {
543+ rules {
544+ enforce = "TRUE"
545+ parameters = "{\"isSizeLimitCheck\" : true, \"allowedDiskTypes\": [\"pd-ssd\"]}"
475546 }
476547 }
477548}
0 commit comments