Add features: role, default_privileges

Author: karim-fc

docs/resources/default_privileges.md

@@ -0,0 +1,39 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "cloudsqlpostgresql_default_privileges Resource - cloudsqlpostgresql"
+subcategory: ""
+description: |-
+  The cloudsqlpostgresql_default_privileges resource allows to set the privileges that will be applied to objects created in the future. (It does not affect privileges assigned to already-existing objects.).
+---
+
+# cloudsqlpostgresql_default_privileges (Resource)
+
+The `cloudsqlpostgresql_default_privileges` resource allows to set the privileges that will be applied to objects created in the future. (It does not affect privileges assigned to already-existing objects.).
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `database` (String) The database
+- `owner` (String) The target role
+- `privileges` (Attributes Set) A list of privileges (see [below for nested schema](#nestedatt--privileges))
+- `role` (String) The role
+
+### Optional
+
+- `object_type` (String) The object type, can be `TABLES`, `SEQUENCES`, `FUNCTIONS`, `ROUTINES`, `TYPES` or `SCHEMAS`. Defaults to `TABLES`.
+- `schema` (String) The schema
+
+<a id="nestedatt--privileges"></a>
+### Nested Schema for `privileges`
+
+Required:
+
+- `privilege` (String) The privilege to grant
+
+Optional:
+
+- `with_grant_option` (Boolean) Whether the role can grant the same privileges to others.

docs/resources/grant_role.md

@@ -0,0 +1,25 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "cloudsqlpostgresql_grant_role Resource - cloudsqlpostgresql"
+subcategory: ""
+description: |-
+  The cloudsqlpostgresql_grant_role resource creates and manages role membership.
+---
+
+# cloudsqlpostgresql_grant_role (Resource)
+
+The `cloudsqlpostgresql_grant_role` resource creates and manages role membership.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `group_role` (String) The `group_role` that will get the `role` as member
+- `role` (String) The `role` that will be a member of the `group_role`
+
+### Optional
+
+- `admin_option` (Boolean) Enable admin option

docs/resources/grant_schema.md

@@ -3,12 +3,12 @@
 page_title: "cloudsqlpostgresql_grant_schema Resource - cloudsqlpostgresql"
 subcategory: ""
 description: |-
-  The cloudsqlpostgresqlgrantschema resource creates and manages privileges given to a user or role on a schema
+  The cloudsqlpostgresql_grant_schema resource creates and manages privileges given to a user or role on a schema
 ---
 
 # cloudsqlpostgresql_grant_schema (Resource)
 
-The cloudsqlpostgresql_grant_schema resource creates and manages privileges given to a user or role on a schema
+The `cloudsqlpostgresql_grant_schema` resource creates and manages privileges given to a user or role on a schema
 
 ## Example Usage
 

docs/resources/role.md

@@ -0,0 +1,32 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "cloudsqlpostgresql_role Resource - cloudsqlpostgresql"
+subcategory: ""
+description: |-
+  The cloudsqlpostgresql_role resource creates and manages a role. The superuser option is not supported on Cloud SQL.
+---
+
+# cloudsqlpostgresql_role (Resource)
+
+The `cloudsqlpostgresql_role` resource creates and manages a role. The superuser option is not supported on Cloud SQL.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) The name of the role
+
+### Optional
+
+- `connection_limit` (Number) Specifies how many concurrent connections the role can make. -1 (the default) means no limit
+- `has_bypassrls_option` (Boolean) Whether the role has the BYPASSRLS option
+- `has_createdb_option` (Boolean) Whether or not this role has the CREATEDB option
+- `has_createrole_option` (Boolean) Whether the role has the CREATEROLE option
+- `has_inherit_option` (Boolean) Whether the role has the INHERIT option
+- `has_replication_option` (Boolean) Whether the role has the REPLICATION option
+- `is_user` (Boolean) Is this role a user that can login
+- `is_valid_until` (String) Sets a date and time after which the role's password is no longer valid
+- `password` (String, Sensitive) Sets the role's password

internal/provider/config.go

@@ -25,7 +25,7 @@ func (c *Config) connectToPostgresqlDb(dbName string) (*sql.DB, error) {
 }
 
 func (c *Config) connectToPostgresqlNoDb() (*sql.DB, error) {
-	dsn := fmt.Sprintf(c.dsnTemplate, "")
+	dsn := fmt.Sprintf(c.dsnTemplate, "dbname=postgres")
 	return c.connectToPostgresql(dsn)
 }
 

internal/provider/provider.go

@@ -230,6 +230,8 @@ func (p *CloudSqlPostgresqlProvider) Resources(ctx context.Context) []func() res
 		newSchemaGrantResource,
 		newTableGrantResource,
 		newRoleResource,
+		newRoleGrantResource,
+		newDefaultPrivilegesResource,
 	}
 }