Add info about plannable import to handwritten documentation **for IA…

…M resources**, Part 4 (GoogleCloudPlatform#9136) * Update `Import` section in BigQuery dataset IAM documentation * Update `Import` section of BigTable, Billing, Dataproc IAM resources * Update `Import` section of Dataproc, Folder IAM resources * Update `Import` section of Cloud KMS IAM resources * Fix to Folder IAM docs * Formatting fix * Update `Import` section of Organization, Project IAM resources * Formatting & phrasing changes for consistency * Update `Import` section of PubSub IAM resource * Update `Import` section of Spanner IAM resource * Formatting & phrasing changes for consistency * Update `Import` section of Service Account IAM resources * Update `Import` section of Healthcare IAM resources
trodge · Oct 5, 2023 · 315dcd2 · 315dcd2
1 parent 52e8932
commit 315dcd2
Show file tree

Hide file tree

Showing 19 changed files with 1,132 additions and 161 deletions.
diff --git a/mmv1/third_party/terraform/website/docs/r/bigquery_dataset_iam.html.markdown b/mmv1/third_party/terraform/website/docs/r/bigquery_dataset_iam.html.markdown
@@ -4,7 +4,7 @@ description: |-
  Collection of resources to manage IAM policy for a BigQuery dataset.
 ---
 
-# IAM policy for BigQuery dataset
+# IAM policy for BigQuery Dataset
 
 Three different resources help you manage your IAM policy for BigQuery dataset. Each of these resources serves a different use case:
 
@@ -112,23 +112,68 @@ exported:
 
 ## Import
 
-IAM member imports use space-delimited identifiers; the resource in question, the role, and the account.  This member resource can be imported using the `dataset_id`, role, and account e.g.
+-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
 
-```
-$ terraform import google_bigquery_dataset_iam_member.dataset_iam "projects/your-project-id/datasets/dataset-id roles/viewer user:foo@example.com"
+### Importing IAM members
+
+IAM member imports use space-delimited identifiers that contains the `dataset_id`, `role`, and `member`. For example:
+
+* `"projects/{{project_id}}/datasets/{{dataset_id}} roles/viewer user:foo@example.com"`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM members:
+
+```tf
+import {
+  id = "projects/{{project_id}}/datasets/{{dataset_id}} roles/viewer user:foo@example.com"
+  to = google_bigquery_dataset_iam_member.default
+}
 ```
 
-IAM binding imports use space-delimited identifiers; the resource in question and the role.  This binding resource can be imported using the `dataset_id` and role, e.g.
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
 
 ```
-$ terraform import google_bigquery_dataset_iam_binding.dataset_iam "projects/your-project-id/datasets/dataset-id roles/viewer"
+$ terraform import google_bigquery_dataset_iam_member.default "projects/{{project_id}}/datasets/{{dataset_id}} roles/viewer user:foo@example.com"
 ```
 
-IAM policy imports use the identifier of the resource in question.  This policy resource can be imported using the `dataset_id`, role, and account e.g.
+### Importing IAM bindings
 
+IAM binding imports use space-delimited identifiers that contain the resource's `dataset_id` and `role`. For example:
+
+* `"projects/{{project_id}}/datasets/{{dataset_id}} roles/viewer
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM bindings:
+
+```tf
+import {
+  id = "projects/{{project_id}}/datasets/{{dataset_id}} roles/viewer"
+  to = google_bigquery_dataset_iam_binding.default
+}
 ```
-$ terraform import google_bigquery_dataset_iam_policy.dataset_iam projects/your-project-id/datasets/dataset-id
+
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
+
 ```
+$ terraform import google_bigquery_dataset_iam_binding.default "projects/{{project_id}}/datasets/{{dataset_id}} roles/viewer"
+```
+
+### Importing IAM policies
+
+IAM policy imports use the identifier of the BigQuery Dataset resource. For example:
+
+* `projects/{{project_id}}/datasets/{{dataset_id}}`
+
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM policies:
 
--> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the
- full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
+```tf
+import {
+  id = projects/{{project_id}}/datasets/{{dataset_id}}
+  to = google_bigquery_dataset_iam_policy.default
+}
+```
+
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
+
+```
+$ terraform import google_bigquery_dataset_iam_policy.default projects/{{project_id}}/datasets/{{dataset_id}}
+```
diff --git a/mmv1/third_party/terraform/website/docs/r/bigtable_instance_iam.html.markdown b/mmv1/third_party/terraform/website/docs/r/bigtable_instance_iam.html.markdown
@@ -4,7 +4,7 @@ description: |-
  Collection of resources to manage IAM policy for a Bigtable instance.
 ---
 
-# IAM policy for Bigtable instance
+# IAM policy for Bigtable Instance
 
 Three different resources help you manage IAM policies on bigtable instances. Each of these resources serves a different use case:
 
@@ -95,15 +95,69 @@ exported:
 
 ## Import
 
-Instance IAM resources can be imported using the project, instance name, role and/or member.
+-> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the
+ full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
+
+### Importing IAM members
+
+IAM member imports use space-delimited identifiers that contain the resource's `instance`, `role`, and `member`. For example:
 
+* `"projects/{project}/instances/{instance} roles/editor user:jane@example.com"`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM members:
+
+```tf
+import {
+  id = "projects/{project}/instances/{instance} roles/editor user:jane@example.com"
+  to = google_bigtable_instance_iam_member.default
+}
 ```
-$ terraform import google_bigtable_instance_iam_policy.editor "projects/{project}/instances/{instance}"
 
-$ terraform import google_bigtable_instance_iam_binding.editor "projects/{project}/instances/{instance} roles/editor"
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
 
-$ terraform import google_bigtable_instance_iam_member.editor "projects/{project}/instances/{instance} roles/editor user:jane@example.com"
+```
+$ terraform import google_bigtable_instance_iam_member.default "projects/{project}/instances/{instance} roles/editor user:jane@example.com"
+```
+
+### Importing IAM bindings
+
+IAM binding imports use space-delimited identifiers that contain the resource's `instance` and `role`. For example:
+
+* `"projects/{project}/instances/{instance} roles/editor"`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM bindings:
+
+```tf
+import {
+  id = "projects/{project}/instances/{instance} roles/editor"
+  to = google_bigtable_instance_iam_binding.default
+}
+```
+
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
+
+```
+$ terraform import google_bigtable_instance_iam_binding.default "projects/{project}/instances/{instance} roles/editor"
+```
+
+### Importing IAM policies
+
+IAM policy imports use the `instance` identifier of the Bigtable Instance resource only. For example:
+
+* `"projects/{project}/instances/{instance}"`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM policies:
+
+```tf
+import {
+  id = "projects/{project}/instances/{instance}"
+  to = google_bigtable_instance_iam_policy.default
+}
+```
+
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
+
+```
+$ terraform import google_bigtable_instance_iam_policy.default projects/{project}/instances/{instance}
 ```
 
--> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the
- full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
diff --git a/mmv1/third_party/terraform/website/docs/r/bigtable_table_iam.html.markdown b/mmv1/third_party/terraform/website/docs/r/bigtable_table_iam.html.markdown
@@ -100,15 +100,69 @@ exported:
 
 ## Import
 
-Table IAM resources can be imported using the project, table name, role and/or member.
 
+-> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the
+ full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
+
+### Importing IAM members
+
+IAM member imports use space-delimited identifiers that contain the resource's `table`, `role`, and `member`. For example:
+
+* `"projects/{project}/tables/{table} roles/editor user:jane@example.com"`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM members:
+
+```tf
+import {
+  id = "projects/{project}/tables/{table} roles/editor user:jane@example.com"
+  to = google_bigtable_table_iam_member.default
+}
 ```
-$ terraform import google_bigtable_table_iam_policy.editor "projects/{project}/tables/{table}"
 
-$ terraform import google_bigtable_table_iam_binding.editor "projects/{project}/tables/{table} roles/editor"
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
 
-$ terraform import google_bigtable_table_iam_member.editor "projects/{project}/tables/{table} roles/editor user:jane@example.com"
+```
+$ terraform import google_bigtable_table_iam_member.default "projects/{project}/tables/{table} roles/editor user:jane@example.com"
 ```
 
--> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the
- full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
+### Importing IAM bindings
+
+IAM binding imports use space-delimited identifiers that contain the resource's `table` and `role`. For example:
+
+* `"projects/{project}/tables/{table} roles/editor"`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM bindings:
+
+```tf
+import {
+  id = "projects/{project}/tables/{table} roles/editor"
+  to = google_bigtable_table_iam_binding.default
+}
+```
+
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
+
+```
+$ terraform import google_bigtable_table_iam_binding.default "projects/{project}/tables/{table} roles/editor"
+```
+
+### Importing IAM policies
+
+IAM policy imports use the `table` identifier of the Bigtable Table resource only. For example:
+
+* `"projects/{project}/tables/{table}"`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM policies:
+
+```tf
+import {
+  id = "projects/{project}/tables/{table}"
+  to = google_bigtable_table_iam_policy.default
+}
+```
+
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
+
+```
+$ terraform import google_bigtable_table_iam_policy.default projects/{project}/tables/{table}
+```
diff --git a/mmv1/third_party/terraform/website/docs/r/billing_account_iam.html.markdown b/mmv1/third_party/terraform/website/docs/r/billing_account_iam.html.markdown
@@ -89,15 +89,69 @@ exported:
 
 ## Import
 
-Instance IAM resources can be imported using the project, table name, role and/or member.
 
+-> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the
+ full name of the custom role, e.g. `organizations/my-org-id/roles/my-custom-role`.
+
+### Importing IAM members
+
+IAM member imports use space-delimited identifiers that contain the resource's `billing_account_id`, `role`, and `member`. For example:
+
+* `"{{billing_account_id}} roles/billing.user user:jane@example.com"`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM members:
+
+```tf
+import {
+  id = "{{billing_account_id}} roles/billing.user user:jane@example.com"
+  to = google_billing_account_iam_member.default
+}
 ```
-$ terraform import google_billing_account_iam_policy.binding "your-billing-account-id"
 
-$ terraform import google_billing_account_iam_binding.binding "your-billing-account-id roles/billing.user"
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
 
-$ terraform import google_billing_account_iam_member.binding "your-billing-account-id roles/billing.user user:jane@example.com"
+```
+$ terraform import google_billing_account_iam_member.default "{{billing_account_id}} roles/billing.user user:jane@example.com"
 ```
 
--> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the
- full name of the custom role, e.g. `organizations/my-org-id/roles/my-custom-role`.
+### Importing IAM bindings
+
+IAM binding imports use space-delimited identifiers that contain the resource's `billing_account_id` and `role`. For example:
+
+* `"{{billing_account_id}} roles/billing.user"`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM bindings:
+
+```tf
+import {
+  id = "{{billing_account_id}} roles/billing.user"
+  to = google_billing_account_iam_binding.default
+}
+```
+
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
+
+```
+$ terraform import google_billing_account_iam_binding.default "{{billing_account_id}} roles/billing.user"
+```
+
+### Importing IAM policies
+
+IAM policy imports use the `billing_account_id` identifier of the Billing Account resource only. For example:
+
+* `{{billing_account_id}}`
+
+An [`import` block](https://developer.hashicorp.com/terraform/language/import) (Terraform v1.5.0 and later) can be used to import IAM policies:
+
+```tf
+import {
+  id = {{billing_account_id}}
+  to = google_billing_account_iam_policy.default
+}
+```
+
+The [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import) can also be used:
+
+```
+$ terraform import google_billing_account_iam_policy.default {{billing_account_id}}
+```