Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add project_number field to google_storage_bucket resource and datasource, enable providing project argument to data source #17719

Merged
merged 1 commit into from
Mar 28, 2024
Merged

Add project_number field to google_storage_bucket resource and datasource, enable providing project argument to data source #17719

merged 1 commit into from
Mar 28, 2024

Conversation

modular-magician
Copy link
Collaborator

Closes #17166

This PR aims to address an edge case where users do not want to give the identity/service account used by Terraform permissions on the Compute API and want to provision GCS buckets. Previously if a project name was not supplied to the data source via provider defaults then the data source would:

  • retrieve information about the bucket from the Storage API, including the project number it's linked to
  • call the Compute API to get a human-readable project id for that project number, and use that to populate the project field

By letting users set the project field on the data source they can avoid that call to the Compute API. There is a chance that the project id they supply doesn't match the project number linked to the GCS bucket. This isn't ideal, but was OK'd during triage as it matches the existing behaviour on import.

This PR also adds a new field, project_number, to surface the information returned from the Storage API which is guaranteed to be accurate. This enables users to perform any checks etc to verify the project id and number are a correct pairing.

Release Note Template for Downstream PRs (will be copied)

storage: added `project_number` attribute to `google_storage_bucket` resource and data source

storage: added ability to provide `project` argument to `google_storage_bucket` data source. This will not impact reading the resource's data, instead this helps users avoid calls to the Compute API within the data source.

Derived from GoogleCloudPlatform/magic-modules#10312

@modular-magician
Add project_number field to google_storage_bucket resource and data…
54118c8 
…source, enable providing `project` argument to data source (hashicorp#10312)

[upstream:b256de44e796f196e7376ce545c01a765458204d]

Signed-off-by: Modular Magician <magic-modules@google.com>
@modular-magician modular-magician merged commit b848632 into hashicorp:main Mar 28, 2024
4 checks passed
@billinghamj
Copy link

@modular-magician I'm getting an error when pushing state to Terraform Cloud - I wonder if this might be related?

Screenshot 2024-04-12 at 16 43 32

@subhkr
Copy link

subhkr commented Apr 26, 2024

Facing the same issue while doing a state move.

@subhkr
Copy link

subhkr commented Apr 26, 2024

This was resolved by upgrading provider version to 5.26.0

@github-actions GitHub Actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 28, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add opt-in behaviour to allow google_storage_bucket to be used without requiring Compute API permissions
3 participants
@modular-magician @billinghamj @subhkr