Skip to content

Add IAM support for storage bucket #481

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
sebglon opened this issue Sep 28, 2017 · 11 comments · Fixed by #822
Closed

Add IAM support for storage bucket #481

sebglon opened this issue Sep 28, 2017 · 11 comments · Fixed by #822
Assignees
@rosbo
Labels
enhancement forward/review In review; remove label to forward new-resource service/storage

Comments

@sebglon
Copy link
Contributor

sebglon commented Sep 28, 2017

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

This is a feature proposal

Affected Resource(s)

Please list the resources as a list, for example:

  • google_storage_bucket
  • google_storage_bucket_acl
  • google_storage_object_acl
  • google_storage_object

Expected Behavior

Add support for IAM Role on Google storage bucket

Actual Behavior

use new feature : https://cloud.google.com/storage/docs/json_api/v1/buckets/setIamPolicy
@sebglon
Copy link
Contributor Author

sebglon commented Sep 28, 2017
edited
Loading

proposition:

resource "google_storage_bucket" "image-store" {
  name     = "image-store-bucket"
  location = "EU"
}

resource "google_storage_bucket_iam" "image-store-iam" {
  bucket = "${google_storage_bucket.image-store.name}"

  policy_data = "<reuse google_iam_pilicy>"
}
  ]
}

@sebglon
Copy link
Contributor Author

sebglon commented Sep 29, 2017
edited
Loading

for using SetIamPolicy, we can upgrade "google.golang.org/api/storage/v1" to a more recent version
andu ugrade "google.golang.org/api/gensupport"

@sebglon sebglon mentioned this issue Sep 29, 2017
Closed
@TiGz
Copy link

TiGz commented Oct 17, 2017

I want this too! kthxbye :)

@danawillow
Copy link
Contributor

@emilymye

@greendog99
Copy link

Looks like the PR is nearly done (thanks @sebglon!). Any idea which upcoming release this might end up in? Looking forward to this feature!

@tragiclifestories tragiclifestories mentioned this issue Nov 17, 2017
Closed
@rosbo rosbo self-assigned this Nov 21, 2017
@amoiseiev
Copy link

@rosbo @danawillow hey guys. It looks like you are close to the finish line on this one. Do you think it can be merged or checked / commented in the next week or two? GCS is one of the core components and the ability to use IAM bindings is must have.

@rosbo
Copy link
Contributor

rosbo commented Nov 29, 2017
edited
Loading

I haven't started the work for this but with the refactor I did in #744 and #776 it shouldn't take long.

One thing to note, after looking briefly at the API, it seems like we can only attach IAM policies to buckets, not particular objects. I updated the name of the issue to reflect this.

@rosbo rosbo changed the title Add new feature Google storage bucket or object IAM Add new feature Google storage bucket IAM Nov 29, 2017
@sebglon
Copy link
Contributor Author

sebglon commented Nov 30, 2017

The ACL is no on specific object, it is on object action in the bucket.

@rosbo rosbo changed the title Add new feature Google storage bucket IAM Add new storage bucket IAM resources Dec 5, 2017
@rosbo rosbo mentioned this issue Dec 5, 2017
Closed
@benbro
Copy link

benbro commented Dec 5, 2017

I suggest adding two resources:

  • google_storage_bucket_iam_member
  • google_storage_bucket_iam_binding

In my opinion it's much cleaner and intuitive than using iam_policy.
Similar to google_project_iam_binding and google_project_iam_member.

@rosbo rosbo mentioned this issue Dec 6, 2017
Merged
@sebglon
Copy link
Contributor Author

sebglon commented Dec 6, 2017

Alredy exist with another name on #493

@rosbo rosbo changed the title Add new storage bucket IAM resources Add IAM support for storage bucket Dec 6, 2017
@rosbo rosbo closed this as completed in #822 Dec 7, 2017
luis-silva pushed a commit to luis-silva/terraform-provider-google that referenced this issue May 21, 2019
@modular-magician @rileykarson
Add back Computed to subnetwork datasource's self_link (hashicorp#481)
1341d00 
<!-- This change is generated by MagicModules. -->
/cc @rileykarson
@ghost
Copy link

ghost commented Mar 30, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 30, 2020
@github-actions github-actions bot added service/storage forward/review In review; remove label to forward labels Jan 15, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@rosbo rosbo

Labels
enhancement forward/review In review; remove label to forward new-resource service/storage
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add IAM support for storage bucket rosbo/terraform-provider-google
7 participants
@greendog99 @benbro @danawillow @rosbo @TiGz @sebglon @amoiseiev