Skip to content

Commit d5cb05d

Browse files
stephaniegalang-ibmstephaniegalang-ibm
committed
instpol attrib enabled only
Signed-off-by: stephaniegalang <[email protected]>
1 parent ef8a971 commit d5cb05d

File tree

1 file changed

+21
-10
lines changed

1 file changed

+21
-10
lines changed

instances.go

Lines changed: 21 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -492,6 +492,7 @@ func (c *Client) SetInstancePolicies(ctx context.Context, policies MultiplePolic
492492
PolicyType: AllowedNetwork,
493493
PolicyData: PolicyData{
494494
Enabled: &(policies.AllowedNetwork.Enabled),
495+
// due to legacy reasons, the allowed_network policy requires attribute to always be specified
495496
Attributes: &Attributes{
496497
AllowedNetwork: &(policies.AllowedNetwork.Network),
497498
},
@@ -505,11 +506,16 @@ func (c *Client) SetInstancePolicies(ctx context.Context, policies MultiplePolic
505506
PolicyType: AllowedIP,
506507
PolicyData: PolicyData{
507508
Enabled: &(policies.AllowedIP.Enabled),
508-
Attributes: &Attributes{
509-
AllowedIP: policies.AllowedIP.IPAddresses,
510-
},
511509
},
512510
}
511+
512+
// attributes can only be provided if policy is being enabled
513+
// ignore any attribute inputs if provided during a disable
514+
if policies.AllowedIP.Enabled {
515+
policy.PolicyData.Attributes = &Attributes{
516+
AllowedIP: policies.AllowedIP.IPAddresses,
517+
}
518+
}
513519
resPolicies = append(resPolicies, policy)
514520
}
515521

@@ -527,16 +533,21 @@ func (c *Client) SetInstancePolicies(ctx context.Context, policies MultiplePolic
527533
policy := InstancePolicy{
528534
PolicyType: KeyCreateImportAccess,
529535
PolicyData: PolicyData{
530-
Enabled: &(policies.KeyCreateImportAccess.Enabled),
531-
Attributes: &Attributes{},
536+
Enabled: &(policies.KeyCreateImportAccess.Enabled),
532537
},
533538
}
534539

535-
policy.PolicyData.Attributes.CreateRootKey = &policies.KeyCreateImportAccess.CreateRootKey
536-
policy.PolicyData.Attributes.CreateStandardKey = &policies.KeyCreateImportAccess.CreateStandardKey
537-
policy.PolicyData.Attributes.ImportRootKey = &policies.KeyCreateImportAccess.ImportRootKey
538-
policy.PolicyData.Attributes.ImportStandardKey = &policies.KeyCreateImportAccess.ImportStandardKey
539-
policy.PolicyData.Attributes.EnforceToken = &policies.KeyCreateImportAccess.EnforceToken
540+
// attributes can only be provided if policy is being enabled
541+
// ignore any attribute inputs if provided during a disable
542+
if policies.KeyCreateImportAccess.Enabled {
543+
policy.PolicyData.Attributes = &Attributes{
544+
CreateRootKey: &policies.KeyCreateImportAccess.CreateRootKey,
545+
CreateStandardKey: &policies.KeyCreateImportAccess.CreateStandardKey,
546+
ImportRootKey: &policies.KeyCreateImportAccess.ImportRootKey,
547+
ImportStandardKey: &policies.KeyCreateImportAccess.ImportStandardKey,
548+
EnforceToken: &policies.KeyCreateImportAccess.EnforceToken,
549+
}
550+
}
540551

541552
resPolicies = append(resPolicies, policy)
542553
}

0 commit comments

Comments
 (0)