diff --git a/postgresql/resource_postgresql_default_privileges.go b/postgresql/resource_postgresql_default_privileges.go index bf302b1a..df1fcbe8 100644 --- a/postgresql/resource_postgresql_default_privileges.go +++ b/postgresql/resource_postgresql_default_privileges.go @@ -1,9 +1,11 @@ package postgresql import ( + "context" "database/sql" "fmt" "log" + "strconv" "strings" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -19,6 +21,9 @@ func resourcePostgreSQLDefaultPrivileges() *schema.Resource { Update: PGResourceFunc(resourcePostgreSQLDefaultPrivilegesCreate), Read: PGResourceFunc(resourcePostgreSQLDefaultPrivilegesRead), Delete: PGResourceFunc(resourcePostgreSQLDefaultPrivilegesDelete), + Importer: &schema.ResourceImporter{ + StateContext: resourcePostgreSQLDefaultPrivilegesImport, + }, Schema: map[string]*schema.Schema{ "role": { @@ -77,6 +82,35 @@ func resourcePostgreSQLDefaultPrivileges() *schema.Resource { } } +func resourcePostgreSQLDefaultPrivilegesImport(ctx context.Context, d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) { + importId := d.Id() + parts := strings.Split(importId, "@") + + if len(parts) != 6 { + return nil, fmt.Errorf("invalid import id. Expected format: @@@@@. Got %s", importId) + } + + role := parts[0] + d.Set("role", role) + database := parts[1] + d.Set("database", database) + owner := parts[2] + d.Set("owner", owner) + objectType := parts[3] + d.Set("object_type", objectType) + schema_ := parts[4] + d.Set("schema", schema_) + withGrantOption, err := strconv.ParseBool(parts[5]) + if err != nil { + return nil, fmt.Errorf("error parsing with_grant_option: %w. Got %s", err, parts[5]) + } + d.Set("with_grant_option", withGrantOption) + + d.SetId(generateDefaultPrivilegesID(d)) // Import ID is the same as the generated ID for backwards compatibility + + return []*schema.ResourceData{d}, nil +} + func resourcePostgreSQLDefaultPrivilegesRead(db *DBConnection, d *schema.ResourceData) error { pgSchema := d.Get("schema").(string) objectType := d.Get("object_type").(string) diff --git a/website/docs/r/postgresql_default_privileges.html.markdown b/website/docs/r/postgresql_default_privileges.html.markdown index 8046c340..046f5e96 100644 --- a/website/docs/r/postgresql_default_privileges.html.markdown +++ b/website/docs/r/postgresql_default_privileges.html.markdown @@ -34,6 +34,7 @@ resource "postgresql_default_privileges" "read_only_tables" { * `schema` - (Optional) The database schema to set default privileges for this role. * `object_type` - (Required) The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, routine, type, schema). * `privileges` - (Required) List of privileges (e.g., SELECT, INSERT, UPDATE, DELETE) to grant on new objects created by the owner. An empty list could be provided to revoke all default privileges for this role. +* `with_grant_option` - (Optional) Permit the grant recipient to grant it to others. ## Examples @@ -63,3 +64,17 @@ resource "postgresql_default_privileges" "revoke_public" { privileges = [] } ``` + +## Import + +`postgresql_default_privileges` supports importing resources following the format: + +``` +@@@@@ +``` + +For example: + +```bash +terraform import postgresql_default_privileges.demo demo@test_db@owner@table@public@false +```