diff --git a/google-beta/resource_google_service_account.go b/google-beta/resource_google_service_account.go index b367b1a501..c5f16ded01 100644 --- a/google-beta/resource_google_service_account.go +++ b/google-beta/resource_google_service_account.go @@ -3,6 +3,7 @@ package google import ( "fmt" "strings" + "time" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "google.golang.org/api/iam/v1" @@ -40,6 +41,10 @@ func resourceGoogleServiceAccount() *schema.Resource { Type: schema.TypeString, Optional: true, }, + "description": { + Type: schema.TypeString, + Optional: true, + }, "project": { Type: schema.TypeString, Computed: true, @@ -63,9 +68,11 @@ func resourceGoogleServiceAccountCreate(d *schema.ResourceData, meta interface{} } aid := d.Get("account_id").(string) displayName := d.Get("display_name").(string) + description := d.Get("description").(string) sa := &iam.ServiceAccount{ DisplayName: displayName, + Description: description, } r := &iam.CreateServiceAccountRequest{ @@ -79,6 +86,10 @@ func resourceGoogleServiceAccountCreate(d *schema.ResourceData, meta interface{} } d.SetId(sa.Name) + // This API is meant to be synchronous, but in practice it shows the old value for + // a few milliseconds after the update goes through. A second is more than enough + // time to ensure following reads are correct. + time.Sleep(time.Second) return resourceGoogleServiceAccountRead(d, meta) } @@ -98,6 +109,7 @@ func resourceGoogleServiceAccountRead(d *schema.ResourceData, meta interface{}) d.Set("account_id", strings.Split(sa.Email, "@")[0]) d.Set("name", sa.Name) d.Set("display_name", sa.DisplayName) + d.Set("description", sa.Description) return nil } @@ -114,7 +126,7 @@ func resourceGoogleServiceAccountDelete(d *schema.ResourceData, meta interface{} func resourceGoogleServiceAccountUpdate(d *schema.ResourceData, meta interface{}) error { config := meta.(*Config) - if ok := d.HasChange("display_name"); ok { + if d.HasChange("display_name") || d.HasChange("description") { sa, err := config.clientIAM.Projects.ServiceAccounts.Get(d.Id()).Do() if err != nil { return fmt.Errorf("Error retrieving service account %q: %s", d.Id(), err) @@ -122,11 +134,14 @@ func resourceGoogleServiceAccountUpdate(d *schema.ResourceData, meta interface{} _, err = config.clientIAM.Projects.ServiceAccounts.Update(d.Id(), &iam.ServiceAccount{ DisplayName: d.Get("display_name").(string), + Description: d.Get("description").(string), Etag: sa.Etag, }).Do() if err != nil { return fmt.Errorf("Error updating service account %q: %s", d.Id(), err) } + // See comment in Create. + time.Sleep(time.Second) } return nil diff --git a/google-beta/resource_google_service_account_test.go b/google-beta/resource_google_service_account_test.go index 3b9c66a3ea..d44584bbbd 100644 --- a/google-beta/resource_google_service_account_test.go +++ b/google-beta/resource_google_service_account_test.go @@ -95,6 +95,7 @@ func testAccServiceAccountBasic(account, name string) string { resource "google_service_account" "acceptance" { account_id = "%v" display_name = "%v" + description = "foo" } `, account, name) } @@ -105,6 +106,7 @@ resource "google_service_account" "acceptance" { project = "%v" account_id = "%v" display_name = "%v" + description = "foo" } `, project, account, name) } diff --git a/website/docs/r/google_service_account.html.markdown b/website/docs/r/google_service_account.html.markdown index 680fec6f20..0a35288b90 100644 --- a/website/docs/r/google_service_account.html.markdown +++ b/website/docs/r/google_service_account.html.markdown @@ -39,6 +39,8 @@ The following arguments are supported: * `display_name` - (Optional) The display name for the service account. Can be updated without creating a new resource. +* `description` - (Optional) A text description of the service account. + * `project` - (Optional) The ID of the project that the service account will be created in. Defaults to the provider project configuration.