From 60da6bb1de5a2dc49b84c0175a1783bf735e219e Mon Sep 17 00:00:00 2001
From: Sergey Melnik <sergey@klang-games.com>
Date: Tue, 30 Apr 2024 13:27:17 +0200
Subject: [PATCH 1/4] feat: allow principals in members

---
 variables.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/variables.tf b/variables.tf
index 0cf9cde..60a2959 100644
--- a/variables.tf
+++ b/variables.tf
@@ -19,7 +19,7 @@ variable "members" {
   default     = []
 
   validation {
-    condition     = alltrue([for m in var.members : can(regex("^(allUsers|allAuthenticatedUsers|(user|serviceAccount|group|domain|projectOwner|projectEditor|projectViewer|computed):)", m))])
+    condition     = alltrue([for m in var.members : can(regex("^(allUsers|allAuthenticatedUsers|(user|serviceAccount|group|domain|projectOwner|projectEditor|projectViewer|computed|principal):)", m))])
     error_message = "The value must be a non-empty list of strings where each entry is a valid principal type identified with `user:`, `serviceAccount:`, `group:`, `domain:`, `projectOwner:`, `projectEditor:`, `projectViewer:` or `computed`."
   }
 }

From fb6f70e54ca205133703c190ccd1f9e1b89764e4 Mon Sep 17 00:00:00 2001
From: Sergey Melnik <sergey@klang-games.com>
Date: Tue, 30 Apr 2024 13:29:58 +0200
Subject: [PATCH 2/4] doc: update error message

---
 variables.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/variables.tf b/variables.tf
index 60a2959..cc9c0fc 100644
--- a/variables.tf
+++ b/variables.tf
@@ -20,7 +20,7 @@ variable "members" {
 
   validation {
     condition     = alltrue([for m in var.members : can(regex("^(allUsers|allAuthenticatedUsers|(user|serviceAccount|group|domain|projectOwner|projectEditor|projectViewer|computed|principal):)", m))])
-    error_message = "The value must be a non-empty list of strings where each entry is a valid principal type identified with `user:`, `serviceAccount:`, `group:`, `domain:`, `projectOwner:`, `projectEditor:`, `projectViewer:` or `computed`."
+    error_message = "The value must be a non-empty list of strings where each entry is a valid principal type identified with `user:`, `serviceAccount:`, `group:`, `domain:`, `projectOwner:`, `projectEditor:`, `projectViewer:`, `computed` or `principal://`."
   }
 }
 

From 0494ab0bf3e7be5a0ca9400faa8ef97f427b62b3 Mon Sep 17 00:00:00 2001
From: Sergey Melnik <sergey@klang-games.com>
Date: Tue, 30 Apr 2024 13:33:14 +0200
Subject: [PATCH 3/4] feat: allow principalSet

---
 variables.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/variables.tf b/variables.tf
index cc9c0fc..7b3a110 100644
--- a/variables.tf
+++ b/variables.tf
@@ -19,8 +19,8 @@ variable "members" {
   default     = []
 
   validation {
-    condition     = alltrue([for m in var.members : can(regex("^(allUsers|allAuthenticatedUsers|(user|serviceAccount|group|domain|projectOwner|projectEditor|projectViewer|computed|principal):)", m))])
-    error_message = "The value must be a non-empty list of strings where each entry is a valid principal type identified with `user:`, `serviceAccount:`, `group:`, `domain:`, `projectOwner:`, `projectEditor:`, `projectViewer:`, `computed` or `principal://`."
+    condition     = alltrue([for m in var.members : can(regex("^(allUsers|allAuthenticatedUsers|(user|serviceAccount|group|domain|projectOwner|projectEditor|projectViewer|computed|principal|principalSet):)", m))])
+    error_message = "The value must be a non-empty list of strings where each entry is a valid principal type identified with `user:`, `serviceAccount:`, `group:`, `domain:`, `projectOwner:`, `projectEditor:`, `projectViewer:`, `computed`, `principal` or `principalSet`."
   }
 }
 

From 4900bb5d511801b94ed106271a240e7bf3ed5ccc Mon Sep 17 00:00:00 2001
From: Sergey Melnik <sergey@klang-games.com>
Date: Fri, 3 May 2024 11:55:02 +0200
Subject: [PATCH 4/4] Accept suggestion: add colon

Co-authored-by: Zied Elouaer <86047070+zied-elouaer@users.noreply.github.com>
---
 variables.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/variables.tf b/variables.tf
index 7b3a110..e91d897 100644
--- a/variables.tf
+++ b/variables.tf
@@ -20,7 +20,7 @@ variable "members" {
 
   validation {
     condition     = alltrue([for m in var.members : can(regex("^(allUsers|allAuthenticatedUsers|(user|serviceAccount|group|domain|projectOwner|projectEditor|projectViewer|computed|principal|principalSet):)", m))])
-    error_message = "The value must be a non-empty list of strings where each entry is a valid principal type identified with `user:`, `serviceAccount:`, `group:`, `domain:`, `projectOwner:`, `projectEditor:`, `projectViewer:`, `computed`, `principal` or `principalSet`."
+    error_message = "The value must be a non-empty list of strings where each entry is a valid principal type identified with `user:`, `serviceAccount:`, `group:`, `domain:`, `projectOwner:`, `projectEditor:`, `projectViewer:`, `computed:`, `principal:` or `principalSet:`."
   }
 }