From 5fbe3d97b595a19214d7cb88a3122564eaea82d3 Mon Sep 17 00:00:00 2001
From: Modular Magician <magic-modules@google.com>
Date: Fri, 30 Apr 2021 21:02:42 +0000
Subject: [PATCH] Support organization iam conditions (#4749)

* Split out organization iam tests

* Added failing tests for organization iam binding and member with conditions

* Made organization iam policy requests include requested policy version

Signed-off-by: Modular Magician <magic-modules@google.com>
---
 google/iam.go              | 3 ++-
 google/iam_organization.go | 9 ++++++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/google/iam.go b/google/iam.go
index 53d0e44a2..e9d398b45 100644
--- a/google/iam.go
+++ b/google/iam.go
@@ -10,6 +10,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/davecgh/go-spew/spew"
 	"github.com/hashicorp/errwrap"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"google.golang.org/api/cloudresourcemanager/v1"
@@ -69,7 +70,7 @@ func iamPolicyReadWithRetry(updater ResourceIamUpdater) (*cloudresourcemanager.P
 	if err != nil {
 		return nil, err
 	}
-	log.Printf("[DEBUG] Retrieved policy for %s: %+v\n", updater.DescribeResource(), policy)
+	log.Print(spew.Sprintf("[DEBUG] Retrieved policy for %s: %#v\n", updater.DescribeResource(), policy))
 	return policy, nil
 }
 
diff --git a/google/iam_organization.go b/google/iam_organization.go
index c67d6555e..bb55c819e 100644
--- a/google/iam_organization.go
+++ b/google/iam_organization.go
@@ -43,7 +43,14 @@ func (u *OrganizationIamUpdater) GetResourceIamPolicy() (*cloudresourcemanager.P
 		return nil, err
 	}
 
-	p, err := u.Config.NewResourceManagerClient(userAgent).Organizations.GetIamPolicy("organizations/"+u.resourceId, &cloudresourcemanager.GetIamPolicyRequest{}).Do()
+	p, err := u.Config.NewResourceManagerClient(userAgent).Organizations.GetIamPolicy(
+		"organizations/"+u.resourceId,
+		&cloudresourcemanager.GetIamPolicyRequest{
+			Options: &cloudresourcemanager.GetPolicyOptions{
+				RequestedPolicyVersion: iamPolicyVersion,
+			},
+		},
+	).Do()
 	if err != nil {
 		return nil, errwrap.Wrapf(fmt.Sprintf("Error retrieving IAM policy for %s: {{err}}", u.DescribeResource()), err)
 	}