Stop acc test using authoritative IAM on shared KMS resources (#7208) (…

…#5167)

* Stop acc test using authoritative IAM on shared KMS resources

* Stop other tests using authoritative IAM on shared KMS resources

Signed-off-by: Modular Magician <[email protected]>

.changelog/7208.txt

@@ -0,0 +1,3 @@
+```release-note:none
+
+```

google-beta/resource_eventarc_channel_test.go

@@ -110,21 +110,19 @@ data "google_kms_crypto_key" "key1" {
 }
 
   
-resource "google_kms_crypto_key_iam_binding" "key1_binding" {
+resource "google_kms_crypto_key_iam_member" "key1_member" {
 	crypto_key_id = data.google_kms_crypto_key.key1.id
 	role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 
-	members = [
-	"serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
-	]
+	member = "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com"
 }
 
 resource "google_eventarc_channel" "primary" {
 	location = "%{region}"
 	name     = "tf-test-name%{random_suffix}"
 	crypto_key_name =  data.google_kms_crypto_key.key1.id
 	third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/%{region}/providers/datadog"
-	depends_on = [google_kms_crypto_key_iam_binding.key1_binding]
+	depends_on = [google_kms_crypto_key_iam_member.key1_member]
 }
 `, context)
 }
@@ -145,21 +143,19 @@ data "google_kms_crypto_key" "key2" {
 	key_ring = data.google_kms_key_ring.test_key_ring.id
 }
 
-resource "google_kms_crypto_key_iam_binding" "key2_binding" {
+resource "google_kms_crypto_key_iam_member" "key2_member" {
 	crypto_key_id = data.google_kms_crypto_key.key2.id
 	role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 	
-	members = [
-	"serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
-	]
+	member = "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com"
 }
 
 resource "google_eventarc_channel" "primary" {
 	location = "%{region}"
 	name     = "tf-test-name%{random_suffix}"
 	crypto_key_name= data.google_kms_crypto_key.key2.id
 	third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/%{region}/providers/datadog"
-	depends_on = [google_kms_crypto_key_iam_binding.key2_binding]
+	depends_on = [google_kms_crypto_key_iam_member.key2_member]
 }
 `, context)
 }

google-beta/resource_eventarc_google_channel_config_test.go

@@ -104,20 +104,18 @@ data "google_kms_crypto_key" "key1" {
 	key_ring = data.google_kms_key_ring.test_key_ring.id
 }
 
-resource "google_kms_crypto_key_iam_binding" "key1_binding" {
+resource "google_kms_crypto_key_iam_member" "key1_member" {
 	crypto_key_id = data.google_kms_crypto_key.key1.id
 	role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 
-	members = [
-	"serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
-	]
+	member = "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com"
 }
 
 resource "google_eventarc_google_channel_config" "primary" {
 	location = "%{region}"
 	name     = "projects/%{project_name}/locations/%{region}/googleChannelConfig"
 	crypto_key_name =  data.google_kms_crypto_key.key1.id
-	depends_on =[google_kms_crypto_key_iam_binding.key1_binding]
+	depends_on =[google_kms_crypto_key_iam_member.key1_member]
 }
 	`, context)
 }
@@ -138,20 +136,18 @@ data "google_kms_crypto_key" "key2" {
 	key_ring = data.google_kms_key_ring.test_key_ring.id
 }
 
-resource "google_kms_crypto_key_iam_binding" "key2_binding" {
+resource "google_kms_crypto_key_iam_member" "key2_member" {
 	crypto_key_id = data.google_kms_crypto_key.key2.id
 	role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 
-	members = [
-	"serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
-	]
+	member = "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com"
 }
 
 resource "google_eventarc_google_channel_config" "primary" {
 	location = "%{region}"
 	name     = "projects/%{project_name}/locations/%{region}/googleChannelConfig"
 	crypto_key_name =  data.google_kms_crypto_key.key2.id
-	depends_on =[google_kms_crypto_key_iam_binding.key2_binding]
+	depends_on =[google_kms_crypto_key_iam_member.key2_member]
 }
 	`, context)
 }

google-beta/resource_eventarc_trigger_test.go

@@ -63,21 +63,19 @@ data "google_kms_crypto_key" "key1" {
 }
 
 
-resource "google_kms_crypto_key_iam_binding" "key1_binding" {
+resource "google_kms_crypto_key_iam_member" "key1_member" {
 	crypto_key_id = data.google_kms_crypto_key.key1.id
 	role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 
-	members = [
-	"serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
-	]
+	member = "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com"
 }
 
 resource "google_eventarc_channel" "test_channel" {
 	location = "%{region}"
 	name     = "tf-test-channel%{random_suffix}"
 	crypto_key_name =  data.google_kms_crypto_key.key1.id
 	third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/%{region}/providers/datadog"
-	depends_on = [google_kms_crypto_key_iam_binding.key1_binding]
+	depends_on = [google_kms_crypto_key_iam_member.key1_member]
 }
 
 resource "google_cloud_run_service" "default" {

website/docs/r/eventarc_channel.html.markdown

@@ -38,13 +38,11 @@ data "google_kms_crypto_key" "key" {
 	key_ring = data.google_kms_key_ring.test_key_ring.id
 }
 
-resource "google_kms_crypto_key_iam_binding" "key1_binding" {
+resource "google_kms_crypto_key_iam_member" "key1_member" {
     crypto_key_id = data.google_kms_crypto_key.key1.id
     role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
   
-    members = [
-    "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
-    ]
+    member = "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com"
 }
 
 resource "google_eventarc_channel" "primary" {
@@ -53,7 +51,7 @@ resource "google_eventarc_channel" "primary" {
   project  = "${data.google_project.test_project.project_id}"
   crypto_key_name =  "${data.google_kms_crypto_key.key1.id}"
   third_party_provider = "projects/${data.google_project.test_project.project_id}/locations/us-west1/providers/datadog"
-  depends_on = [google_kms_crypto_key_iam_binding.key1_binding]
+  depends_on = [google_kms_crypto_key_iam_member.key1_member]
 }
 ```
 

website/docs/r/eventarc_google_channel_config.html.markdown

@@ -38,21 +38,19 @@ data "google_kms_crypto_key" "key" {
 	key_ring = data.google_kms_key_ring.test_key_ring.id
 }
 
-resource "google_kms_crypto_key_iam_binding" "key1_binding" {
+resource "google_kms_crypto_key_iam_member" "key1_member" {
     crypto_key_id = data.google_kms_crypto_key.key1.id
     role      = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 
-    members = [
-    "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com",
-    ]
+    member = "serviceAccount:service-${data.google_project.test_project.number}@gcp-sa-eventarc.iam.gserviceaccount.com"
 }
 
 resource "google_eventarc_google_channel_config" "primary" {
   location = "us-west1"
   name     = "channel"
   project  = "${data.google_project.test_project.project_id}"
   crypto_key_name =  "${data.google_kms_crypto_key.key1.id}"
-  depends_on = [google_kms_crypto_key_iam_binding.key1_binding]
+  depends_on = [google_kms_crypto_key_iam_member.key1_member]
 }
 ```