Resource `google_access_context_manager_access_policy` should be used at most once

[daniel-cit]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave +1 or me too comments; they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If the issue is assigned to a user, that user is claiming responsibility for the issue.

Secured Data Warehouse Specifications

• Version: 249f87d
• Platform:

Terraform execution logs

Please provide a link to a GitHub Gist containing the REDACTED Terraform execution log.
Please do NOT paste the execution log in the issue; just paste a link to the Gist.
--->

Expected Behavior

Resource google_access_context_manager_access_policy should be used at most once to create the global access context manager access policy if the user does not provide a value for it

Actual Behavior

Resource google_access_context_manager_access_policy is created inside the module dwh-vpc-sc

terraform-google-secured-data-warehouse/modules/dwh-vpc-sc/main.tf

Lines 25 to 29 in 249f87d

	resource "google_access_context_manager_access_policy" "access_policy" {
	count = var.access_context_manager_policy_id != "" ? 0 : 1
	parent = "organizations/${var.org_id}"
	title = "default policy"
	}

since the module is called three times, one for each perimeter, terraform will try to create it three times.

It should be moved outside of the module and be called once in the main module

Steps to Reproduce

1. call the main module without providing a value for access_context_manager_policy_id

Important Factoids

References

• #0000