google_project_organization_policy (#1226)

* support google_project_organization_policy

* add documentation for google_project_organization_policy

* remove "folder" references and cleanup docs

* fix tests

* un-parallelize tests

* add comment about non-parralel tests

* moving canonicalProjectId() to test

Author: lawrenae

google/provider.go

@@ -180,6 +180,7 @@ func Provider() terraform.ResourceProvider {
 			"google_project_iam_member":                    ResourceIamMemberWithImport(IamProjectSchema, NewProjectIamUpdater, ProjectIdParseFunc),
 			"google_project_service":                       resourceGoogleProjectService(),
 			"google_project_iam_custom_role":               resourceGoogleProjectIamCustomRole(),
+			"google_project_organization_policy":           resourceGoogleProjectOrganizationPolicy(),
 			"google_project_usage_export_bucket":           resourceProjectUsageBucket(),
 			"google_project_services":                      resourceGoogleProjectServices(),
 			"google_pubsub_topic":                          resourcePubsubTopic(),

google/resource_google_project_organization_policy.go

@@ -0,0 +1,104 @@
+package google
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"google.golang.org/api/cloudresourcemanager/v1"
+)
+
+func resourceGoogleProjectOrganizationPolicy() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceGoogleProjectOrganizationPolicyCreate,
+		Read:   resourceGoogleProjectOrganizationPolicyRead,
+		Update: resourceGoogleProjectOrganizationPolicyUpdate,
+		Delete: resourceGoogleProjectOrganizationPolicyDelete,
+
+		Schema: mergeSchemas(
+			schemaOrganizationPolicy,
+			map[string]*schema.Schema{
+				"project": {
+					Type:     schema.TypeString,
+					Required: true,
+					ForceNew: true,
+				},
+			},
+		),
+	}
+}
+
+func resourceGoogleProjectOrganizationPolicyCreate(d *schema.ResourceData, meta interface{}) error {
+	if err := setProjectOrganizationPolicy(d, meta); err != nil {
+		return err
+	}
+
+	d.SetId(fmt.Sprintf("%s:%s", d.Get("project"), d.Get("constraint")))
+
+	return resourceGoogleProjectOrganizationPolicyRead(d, meta)
+}
+
+func resourceGoogleProjectOrganizationPolicyRead(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+	project := prefixedProject(d.Get("project").(string))
+
+	policy, err := config.clientResourceManager.Projects.GetOrgPolicy(project, &cloudresourcemanager.GetOrgPolicyRequest{
+		Constraint: canonicalOrgPolicyConstraint(d.Get("constraint").(string)),
+	}).Do()
+
+	if err != nil {
+		return handleNotFoundError(err, d, fmt.Sprintf("Organization policy for %s", project))
+	}
+
+	d.Set("constraint", policy.Constraint)
+	d.Set("boolean_policy", flattenBooleanOrganizationPolicy(policy.BooleanPolicy))
+	d.Set("list_policy", flattenListOrganizationPolicy(policy.ListPolicy))
+	d.Set("version", policy.Version)
+	d.Set("etag", policy.Etag)
+	d.Set("update_time", policy.UpdateTime)
+
+	return nil
+}
+
+func resourceGoogleProjectOrganizationPolicyUpdate(d *schema.ResourceData, meta interface{}) error {
+	if err := setProjectOrganizationPolicy(d, meta); err != nil {
+		return err
+	}
+
+	return resourceGoogleProjectOrganizationPolicyRead(d, meta)
+}
+
+func resourceGoogleProjectOrganizationPolicyDelete(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+	project := prefixedProject(d.Get("project").(string))
+
+	_, err := config.clientResourceManager.Projects.ClearOrgPolicy(project, &cloudresourcemanager.ClearOrgPolicyRequest{
+		Constraint: canonicalOrgPolicyConstraint(d.Get("constraint").(string)),
+	}).Do()
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func setProjectOrganizationPolicy(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+	project := prefixedProject(d.Get("project").(string))
+	listPolicy, err := expandListOrganizationPolicy(d.Get("list_policy").([]interface{}))
+	if err != nil {
+		return err
+	}
+
+	_, err = config.clientResourceManager.Projects.SetOrgPolicy(project, &cloudresourcemanager.SetOrgPolicyRequest{
+		Policy: &cloudresourcemanager.OrgPolicy{
+			Constraint:    canonicalOrgPolicyConstraint(d.Get("constraint").(string)),
+			BooleanPolicy: expandBooleanOrganizationPolicy(d.Get("boolean_policy").([]interface{})),
+			ListPolicy:    listPolicy,
+			Version:       int64(d.Get("version").(int)),
+			Etag:          d.Get("etag").(string),
+		},
+	}).Do()
+
+	return err
+}