diff --git a/docs/data-sources/global_role_binding.md b/docs/data-sources/global_role_binding.md index 643b31777..2f29720e9 100644 --- a/docs/data-sources/global_role_binding.md +++ b/docs/data-sources/global_role_binding.md @@ -25,5 +25,6 @@ data "rancher2_global_role_binding" "foo" { * `id` - (Computed) The ID of the resource (string) * `group_principal_id` - (Computed) The group principal ID to assign global role binding. Rancher v2.4.0 or higher is required (string) * `user_id` - (Computed) The user ID to assign global role binding (string) +* `user_principal_id` - (Computed) The user principal ID to assign global role binding (string) * `annotations` - (Computed) Annotations of the resource (map) * `labels` - (Computed) Labels of the resource (map) \ No newline at end of file diff --git a/docs/resources/global_role_binding.md b/docs/resources/global_role_binding.md index b2085bb5a..9bacb3352 100644 --- a/docs/resources/global_role_binding.md +++ b/docs/resources/global_role_binding.md @@ -15,10 +15,16 @@ resource "rancher2_global_role_binding" "foo" { global_role_id = "admin" user_id = "user-XXXXX" } -# Create a new rancher2 Global Role Binding using group_principal_id +# Create a new rancher2 Global Role Binding using user_principal_id resource "rancher2_global_role_binding" "foo2" { name = "foo2" global_role_id = "admin" + user_principal_id = "local://user-XXXXX" +} +# Create a new rancher2 Global Role Binding using group_principal_id +resource "rancher2_global_role_binding" "foo3" { + name = "foo3" + global_role_id = "admin" group_principal_id = "local://g-XXXXX" } ``` @@ -30,11 +36,12 @@ The following arguments are supported: * `global_role_id` - (Required/ForceNew) The role id from create global role binding (string) * `group_principal_id` - (Optional/Computed/ForceNew) The group principal ID to assign global role binding (only works with external auth providers that support groups). Rancher v2.4.0 or higher is required (string) * `user_id` - (Optional/Computed/ForceNew) The user ID to assign global role binding (string) +* `user_principal_id` - (Optional/Computed/ForceNew) The user principal ID to assign global role binding (string) * `name` - (Optional/Computed/ForceNew) The name of the global role binding (string) * `annotations` - (Optional/Computed) Annotations for global role binding (map) * `labels` - (Optional/Computed) Labels for global role binding (map) -**Note:** user `user_id` OR group `group_principal_id` must be defined +**Note:** user `user_id` or `user_principal_id` OR group `group_principal_id` must be defined ## Attributes Reference diff --git a/rancher2/data_source_rancher2_global_role_binding.go b/rancher2/data_source_rancher2_global_role_binding.go index 6a77e984e..42b838e37 100644 --- a/rancher2/data_source_rancher2_global_role_binding.go +++ b/rancher2/data_source_rancher2_global_role_binding.go @@ -24,6 +24,10 @@ func dataSourceRancher2GlobalRoleBinding() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "user_principal_id": { + Type: schema.TypeString, + Computed: true, + }, "group_principal_id": { Type: schema.TypeString, Computed: true, diff --git a/rancher2/schema_global_role_binding.go b/rancher2/schema_global_role_binding.go index 3eefba101..abdbd7534 100644 --- a/rancher2/schema_global_role_binding.go +++ b/rancher2/schema_global_role_binding.go @@ -4,7 +4,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/schema" ) -// Shemas +// Schemas func globalRoleBindingFields() map[string]*schema.Schema { s := map[string]*schema.Schema{ @@ -19,6 +19,12 @@ func globalRoleBindingFields() map[string]*schema.Schema { Computed: true, ForceNew: true, }, + "user_principal_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + }, "name": { Type: schema.TypeString, Optional: true, diff --git a/rancher2/structure_global_role_binding.go b/rancher2/structure_global_role_binding.go index 25c8683ae..0c783d857 100644 --- a/rancher2/structure_global_role_binding.go +++ b/rancher2/structure_global_role_binding.go @@ -15,6 +15,7 @@ func flattenGlobalRoleBinding(d *schema.ResourceData, in *managementClient.Globa d.SetId(in.ID) d.Set("global_role_id", in.GlobalRoleID) d.Set("user_id", in.UserID) + d.Set("user_principal_id", in.UserPrincipalID) d.Set("name", in.Name) if len(in.GroupPrincipalID) > 0 { @@ -49,6 +50,7 @@ func expandGlobalRoleBinding(in *schema.ResourceData) *managementClient.GlobalRo obj.GlobalRoleID = in.Get("global_role_id").(string) obj.UserID = in.Get("user_id").(string) + obj.UserPrincipalID = in.Get("user_principal_id").(string) obj.Name = in.Get("name").(string) if v, ok := in.Get("group_principal_id").(string); ok && len(v) > 0 { diff --git a/rancher2/structure_global_role_binding_test.go b/rancher2/structure_global_role_binding_test.go index 3040a8972..b73c689e3 100644 --- a/rancher2/structure_global_role_binding_test.go +++ b/rancher2/structure_global_role_binding_test.go @@ -16,16 +16,18 @@ var ( func init() { testGlobalRoleBindingConf = &managementClient.GlobalRoleBinding{ - GlobalRoleID: "global_role_id", - GroupPrincipalID: "group_principal_id", - UserID: "user-test", - Name: "test", + GlobalRoleID: "global_role_id", + GroupPrincipalID: "group_principal_id", + UserPrincipalID: "user_principal_id", + UserID: "user-test", + Name: "test", } testGlobalRoleBindingInterface = map[string]interface{}{ - "global_role_id": "global_role_id", - "group_principal_id": "group_principal_id", - "user_id": "user-test", - "name": "test", + "global_role_id": "global_role_id", + "group_principal_id": "group_principal_id", + "user_principal_id": "user_principal_id", + "user_id": "user-test", + "name": "test", } }