Add support for healthcare fhir new notifications config

GoogleCloudPlatform · Sep 9, 2022 · 94f6dcf · 94f6dcf
2 parents 717d5d6 + 1e8f2d1
commit 94f6dcf
Show file tree

Hide file tree

Showing 6 changed files with 522 additions and 1 deletion.
diff --git a/mmv1/templates/terraform/examples/healthcare_fhir_store_notification_config.tf.erb b/mmv1/templates/terraform/examples/healthcare_fhir_store_notification_config.tf.erb
@@ -13,11 +13,24 @@ resource "google_healthcare_fhir_store" "default" {
   }
 
   notification_configs {
-    pubsub_topic = google_pubsub_topic.topic.name
+    pubsub_topic = "${google_pubsub_topic.topic.id}" 
     send_full_resource = true
   }
+  depends_on = [google_pubsub_topic_iam_binding.binding]
 }
 
+// Enable notifications by giving the correct IAM permission to the unique service account.
+data "google_healthcare_project_service_account" "gcs_account" { 
+}
+
+// Create a Pub/Sub topic.
+resource "google_pubsub_topic_iam_binding" "binding" {
+  topic    = google_pubsub_topic.topic.id
+  role     = "roles/pubsub.publisher"
+  members  = ["serviceAccount:${data.google_healthcare_project_service_account.gcs_account.email_address}"]
+}
+
+
 resource "google_pubsub_topic" "topic" {
   name     = "<%= ctx[:vars]['pubsub_topic']%>"
 }
@@ -26,3 +39,5 @@ resource "google_healthcare_dataset" "dataset" {
   name     = "<%= ctx[:vars]['dataset_name'] %>"
   location = "us-central1"
 }
+
+
diff --git a/mmv1/third_party/terraform/data_sources/BUILD b/mmv1/third_party/terraform/data_sources/BUILD
@@ -0,0 +1,105 @@
+go_library(
+    name = "google",
+    srcs = [
+        "data_google_game_services_game_server_deployment_rollout.go",
+        "data_source_access_approval_folder_service_account.go",
+        "data_source_access_approval_organization_service_account.go",
+        "data_source_access_approval_project_service_account.go",
+        "data_source_certificate_authority.go",
+        "data_source_cloud_run_locations.go",
+        "data_source_cloud_run_service.go",
+        "data_source_compute_health_check.go",
+        "data_source_compute_lb_ip_ranges.go",
+        "data_source_compute_network_endpoint_group.go",
+        "data_source_container_registry_image.go",
+        "data_source_container_registry_repository.go",
+        "data_source_dns_keys.go",
+        "data_source_dns_managed_zone.go",
+        "data_source_dns_record_set.go",
+        "data_source_google_active_folder.go",
+        "data_source_google_app_engine_default_service_account.go",
+        "data_source_google_bigquery_default_service_account.go",
+        "data_source_google_billing_account.go",
+        "data_source_google_client_config.go",
+        "data_source_google_client_openid_userinfo.go",
+        "data_source_google_cloudfunctions_function.go",
+        "data_source_google_composer_environment.go",
+        "data_source_google_composer_image_versions.go",
+        "data_source_google_compute_address.go",
+        "data_source_google_compute_backend_bucket.go",
+        "data_source_google_compute_backend_service.go",
+        "data_source_google_compute_default_service_account.go",
+        "data_source_google_compute_disk.go",
+        "data_source_google_compute_forwarding_rule.go",
+        "data_source_google_compute_global_address.go",
+        "data_source_google_compute_ha_vpn_gateway.go",
+        "data_source_google_compute_instance_group.go",
+        "data_source_google_compute_instance_serial_port.go",
+        "data_source_google_compute_network.go",
+        "data_source_google_compute_region_ssl_certificate.go",
+        "data_source_google_compute_router.go",
+        "data_source_google_compute_ssl_certificate.go",
+        "data_source_google_compute_ssl_policy.go",
+        "data_source_google_container_aws_versions.go",
+        "data_source_google_container_azure_versions.go",
+        "data_source_google_container_cluster.go",
+        "data_source_google_container_engine_versions.go",
+        "data_source_google_folder.go",
+        "data_source_google_folder_organization_policy.go",
+        "data_source_google_global_compute_forwarding_rule.go",
+        "data_source_google_healthcare_project_service_account.go",
+        "data_source_google_iam_role.go",
+        "data_source_google_iam_testable_permissions.go",
+        "data_source_google_kms_crypto_key.go",
+        "data_source_google_kms_crypto_key_version.go",
+        "data_source_google_kms_key_ring.go",
+        "data_source_google_kms_secret.go",
+        "data_source_google_kms_secret_ciphertext.go",
+        "data_source_google_monitoring_uptime_check_ips.go",
+        "data_source_google_netblock_ip_ranges.go",
+        "data_source_google_organization.go",
+        "data_source_google_project.go",
+        "data_source_google_project_organization_policy.go",
+        "data_source_google_projects.go",
+        "data_source_google_service_account.go",
+        "data_source_google_service_account_access_token.go",
+        "data_source_google_service_account_id_token.go",
+        "data_source_google_service_account_jwt.go",
+        "data_source_google_service_account_key.go",
+        "data_source_google_service_networking_peered_dns_domain.go",
+        "data_source_google_sql_ca_certs.go",
+        "data_source_google_storage_bucket.go",
+        "data_source_google_storage_bucket_object.go",
+        "data_source_google_storage_project_service_account.go",
+        "data_source_google_storage_transfer_project_service_account.go",
+        "data_source_iap_client.go",
+        "data_source_monitoring_istio_canonical_service.go",
+        "data_source_monitoring_notification_channel.go",
+        "data_source_monitoring_service.go",
+        "data_source_monitoring_service_app_engine.go",
+        "data_source_monitoring_service_cluster_istio.go",
+        "data_source_monitoring_service_mesh_istio.go",
+        "data_source_pubsub_topic.go",
+        "data_source_redis_instance.go",
+        "data_source_secret_manager_secret.go",
+        "data_source_secret_manager_secret_version.go",
+        "data_source_sourcerepo_repository.go",
+        "data_source_spanner_instance.go",
+        "data_source_sql_backup_run.go",
+        "data_source_sql_database_instance.go",
+        "data_source_storage_bucket_object_content.go",
+        "data_source_storage_object_signed_url.go",
+        "data_source_tags_tag_key.go",
+        "data_source_tags_tag_value.go",
+        "data_source_tpu_tensorflow_versions.go",
+    ],
+)
+
+go_test(
+    name = "google_test",
+    srcs = [
+        "data_source_compute_network_endpoint_group_test.go",
+        "data_source_monitoring_service_test.go",
+    ],
+    library = ":google",
+)
diff --git a/...ird_party/terraform/data_sources/data_source_google_healthcare_project_service_account.go b/...ird_party/terraform/data_sources/data_source_google_healthcare_project_service_account.go
@@ -0,0 +1,62 @@
+package google
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func dataSourceGoogleHealthcareProjectServiceAccount() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceGoogleHealthcareProjectServiceAccountRead,
+		Schema: map[string]*schema.Schema{
+			"project": {
+				Type:     schema.TypeString,
+				Computed: true,
+				Optional: true,
+				ForceNew: true,
+			},
+			"user_project": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+			},
+			"email_address": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceGoogleHealthcareProjectServiceAccountRead(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+	userAgent, err := generateUserAgentString(d, config.userAgent)
+	if err != nil {
+		return err
+	}
+
+	project, err := getProject(d, config)
+	if err != nil {
+		return err
+	}
+
+	rmProject, err := config.NewResourceManagerClient(userAgent).Projects.Get(project).Do()
+	if err != nil {
+		return handleNotFoundError(err, d, "Project not found")
+	}
+	projectNumber := rmProject.ProjectNumber
+
+	serviceAccountEmail := fmt.Sprintf("service-%[email protected]", projectNumber)
+
+	if err := d.Set("project", project); err != nil {
+		return fmt.Errorf("Error setting project: %s", err)
+	}
+	if err := d.Set("email_address", serviceAccountEmail); err != nil {
+		return fmt.Errorf("Error setting email_address: %s", err)
+	}
+
+	d.SetId(serviceAccountEmail)
+
+	return nil
+}