NetApp · carchi8py · Jan 24, 2024 · Dec 1, 2023 · Dec 1, 2023 · Dec 1, 2023
@@ -7,9 +7,12 @@ FEATURES:
 * **New Data Source:** `netapp_ontap_cluster_peers_data_source` ([#50](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/50))
 * **New Data Source:** `netapp-ontap_protocols_cifs_local_user_data_source` ([#55](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/55))
 * **New Data Source:** `netapp-ontap_protocols_cifs_local_users_data_source` ([#55](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/55))
-* **New Resource:** `netapp-ontap_protocols_cifs_local_group_resource` ([#53](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/53))
+* **New Data Source** `netapp-ontap_security_account_data_source` ([#22](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/22))
+* **New Data Source** `netapp-ontap_security_accounts_data_source` ([#22](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/22))
 * **New Data Source:** `netapp-ontap_protocols_cifs_user_group_privilege_data_source` ([#57](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/57))
 * **New Data Source:** `netapp-ontap_protocols_cifs_user_group_privileges_data_source` ([#57](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/57))
+* **New Resource:** `netapp-ontap_protocols_cifs_local_group_resource` ([#53](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/53))
+
 
 ENHANCEMENTS:
 * **netapp-ontap_protocols_nfs_export_policy_resource**: Add support for import ([#34](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/34))

@@ -0,0 +1,77 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "netapp-ontap_security_account_data_source Data Source - terraform-provider-netapp-ontap"
+subcategory: "Security"
+description: |-
+  Retrieves a ONTAP User
+---
+
+# Data Source Security_Account
+
+Retrieves a ONTAP User
+
+## Example Usage
+```terraform
+data "netapp-ontap_security_account_data_source" "security_accounts" {
+  # required to know which system to interface with
+  cx_profile_name = "cluster4"
+  owner = {
+    name = "ansibleSVM"
+  }
+  name = "vsadmin"
+}
+```
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `cx_profile_name` (String) Connection profile name
+- `name` (String) SecurityAccount name
+
+### Optional
+
+- `owner` (Attributes) SecurityAccount owner (see [below for nested schema](#nestedatt--owner))
+
+### Read-Only
+
+- `applications` (Attributes List) SecurityAccount applications (see [below for nested schema](#nestedatt--applications))
+- `comment` (String) SecurityAccount comment
+- `id` (String) SecurityAccount id
+- `locked` (Boolean) SecurityAccount locked
+- `role` (Attributes) SecurityAccount role (see [below for nested schema](#nestedatt--role))
+- `scope` (String) SecurityAccount scope
+
+<a id="nestedatt--owner"></a>
+### Nested Schema for `owner`
+
+Required:
+
+- `name` (String) SecurityAccount owner name
+
+Read-Only:
+
+- `uuid` (String) SecurityAccount owner uuid
+
+
+<a id="nestedatt--applications"></a>
+### Nested Schema for `applications`
+
+Read-Only:
+
+- `application` (String) SecurityAccount application
+- `authentication_methods` (List of String) SecurityAccount authentication methods
+- `second_authentication_method` (String) SecurityAccount second authentication method
+
+
+<a id="nestedatt--role"></a>
+### Nested Schema for `role`
+
+Read-Only:
+
+- `name` (String) SecurityAccount role name
+
+
@@ -0,0 +1,94 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "netapp-ontap_security_accounts_data_source Data Source - terraform-provider-netapp-ontap"
+subcategory: "Security"
+description: |-
+  Retrieves the configuration of multiple user accounts
+---
+
+# Data Source Security Accounts
+
+Retrieves the configuration of multiple user accounts
+
+## Example Usage
+```terraform
+data "netapp-ontap_security_accounts_data_source" "security_accounts" {
+  # required to know which system to interface with
+  cx_profile_name = "cluster4"
+  filter = {
+    name = "vsadmin"
+    svm_name = "testImport"
+  }
+}
+```
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `cx_profile_name` (String) Connection profile name
+
+### Optional
+
+- `filter` (Attributes) (see [below for nested schema](#nestedatt--filter))
+
+### Read-Only
+
+- `security_accounts` (Attributes List) (see [below for nested schema](#nestedatt--security_accounts))
+
+<a id="nestedatt--filter"></a>
+### Nested Schema for `filter`
+
+Optional:
+
+- `name` (String) SecurityAccount name
+- `svm_name` (String) SecurityAccount svm name (Owner name)
+
+
+<a id="nestedatt--security_accounts"></a>
+### Nested Schema for `security_accounts`
+
+Required:
+
+- `cx_profile_name` (String) Connection profile name
+- `name` (String) SecurityAccount name
+
+Read-Only:
+
+- `applications` (Attributes List) SecurityAccount applications (see [below for nested schema](#nestedatt--security_accounts--applications))
+- `comment` (String) SecurityAccount comment
+- `id` (String) SecurityAccount id
+- `locked` (Boolean) SecurityAccount locked
+- `owner` (Attributes) SecurityAccount owner (see [below for nested schema](#nestedatt--security_accounts--owner))
+- `role` (Attributes) SecurityAccount role (see [below for nested schema](#nestedatt--security_accounts--role))
+- `scope` (String) SecurityAccount scope
+
+<a id="nestedatt--security_accounts--applications"></a>
+### Nested Schema for `security_accounts.applications`
+
+Read-Only:
+
+- `application` (String) SecurityAccount application
+- `authentication_methods` (List of String) SecurityAccount authentication methods
+- `second_authentication_method` (String) SecurityAccount second authentication method
+
+
+<a id="nestedatt--security_accounts--owner"></a>
+### Nested Schema for `security_accounts.owner`
+
+Read-Only:
+
+- `name` (String) SecurityAccount owner name
+- `uuid` (String) SecurityAccount owner uuid
+
+
+<a id="nestedatt--security_accounts--role"></a>
+### Nested Schema for `security_accounts.role`
+
+Read-Only:
+
+- `name` (String) SecurityAccount role name
+
+
@@ -0,0 +1,21 @@
+data "netapp-ontap_security_account_data_source" "security_accounts" {
+  # required to know which system to interface with
+  cx_profile_name = "cluster4"
+  scope = "cluster"
+  name = "admin"
+}
+
+data "netapp-ontap_security_account_data_source" "security_accounts2" {
+  # required to know which system to interface with
+  cx_profile_name = "cluster4"
+  name = "admin"
+}
+
+data "netapp-ontap_security_account_data_source" "security_accounts3" {
+  # required to know which system to interface with
+  cx_profile_name = "cluster4"
+  owner = {
+    name = "carchi-test"
+  }
+  name = "vsadmin"
+}
@@ -0,0 +1 @@
+../../provider/provider.tf
@@ -0,0 +1 @@
+../../provider/variables.tf
@@ -0,0 +1,33 @@
+data "netapp-ontap_security_accounts_data_source" "security_accounts" {
+  # required to know which system to interface with
+  cx_profile_name = "cluster4"
+  filter = {
+    name = "admin"
+  }
+}
+
+data "netapp-ontap_security_accounts_data_source" "security_accounts2" {
+  # required to know which system to interface with
+  cx_profile_name = "cluster4"
+  filter = {
+    name = "a*"
+  }
+}
+
+data "netapp-ontap_security_accounts_data_source" "security_accounts3" {
+  # required to know which system to interface with
+  cx_profile_name = "cluster4"
+  filter = {
+    name = "vsadmin"
+  }
+}
+
+data "netapp-ontap_security_accounts_data_source" "security_accounts4" {
+  # required to know which system to interface with
+  cx_profile_name = "cluster4"
+  filter = {
+    name = "vsadmin"
+    svm_name = "carchi-test"
+  }
+}
+
@@ -0,0 +1 @@
+../../provider/provider.tf
@@ -0,0 +1 @@
+../../provider/variables.tf
@@ -0,0 +1,103 @@
+package interfaces
+
+import (
+	"fmt"
+	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"github.com/mitchellh/mapstructure"
+	"github.com/netapp/terraform-provider-netapp-ontap/internal/restclient"
+	"github.com/netapp/terraform-provider-netapp-ontap/internal/utils"
+)
+
+// SecurityAccountGetDataModelONTAP describes the GET record data model using go types for mapping.
+type SecurityAccountGetDataModelONTAP struct {
+	Name         string                       `mapstructure:"name"`
+	Owner        SecurityAccountOwner         `mapstructure:"owner,omitempty"`
+	Locked       bool                         `mapstructure:"locked,omitempty"`
+	Comment      string                       `mapstructure:"comment,omitempty"`
+	Role         SecurityAccountRole          `mapstructure:"role,omitempty"`
+	Scope        string                       `mapstructure:"scope,omitempty"`
+	Applications []SecurityAccountApplication `mapstructure:"applications,omitempty"`
+}
+
+// SecurityAccountApplication describes the application data model using go types for mapping.
+type SecurityAccountApplication struct {
+	Application                string   `mapstructure:"application,omitempty"`
+	SecondAuthenticationMethod string   `mapstructure:"second_authentication_method,omitempty"`
+	AuthenticationMethods      []string `mapstructure:"authentication_methods,omitempty"`
+}
+
+// SecurityAccountRole describes the role data model using go types for mapping.
+type SecurityAccountRole struct {
+	Name string `mapstructure:"name,omitempty"`
+}
+
+// SecurityAccountOwner describes the owner data model using go types for mapping.
+type SecurityAccountOwner struct {
+	Name string `mapstructure:"name,omitempty"`
+	UUID string `mapstructure:"uuid,omitempty"`
+}
+
+// SecurityAccountDataSourceFilterModel describes the data source filter data model.
+type SecurityAccountDataSourceFilterModel struct {
+	Name  string                `mapstructure:"name"`
+	Owner *SecurityAccountOwner `mapstructure:"owner,omitempty"`
+}
+
+// GetSecurityAccountByName gets a security account by name.
+func GetSecurityAccountByName(errorHandler *utils.ErrorHandler, r restclient.RestClient, name string, ownerName string) (*SecurityAccountGetDataModelONTAP, error) {
+	query := r.NewQuery()
+	query.Fields([]string{"name", "owner", "locked", "comment", "role", "scope", "applications"})
+	query.Set("name", name)
+	var err error
+	var response map[string]interface{}
+	var statusCode int
+	if ownerName != "" {
+		statusCode, response, err = r.GetNilOrOneRecord("security/accounts/"+ownerName+"/"+name, query, nil)
+	} else {
+		query.Set("scope", "cluster")
+		statusCode, response, err = r.GetNilOrOneRecord("security/accounts/", query, nil)
+	}
+	if err != nil {
+		return nil, errorHandler.MakeAndReportError("Error occurred when getting security account", fmt.Sprintf("error on get security/account: %s", err))
+	}
+	if response == nil {
+		return nil, errorHandler.MakeAndReportError("No Account found", fmt.Sprintf("No account with name: %s", name))
+	}
+	var dataOntap *SecurityAccountGetDataModelONTAP
+	if error := mapstructure.Decode(response, &dataOntap); error != nil {
+		return nil, errorHandler.MakeAndReportError("Error occurred when decoding security account", fmt.Sprintf("error on decoding security/account: %s, statusCode: %d, response %+v", error, statusCode, response))
+	}
+	tflog.Debug(errorHandler.Ctx, fmt.Sprintf("security account: %+v", dataOntap))
+	return dataOntap, nil
+}
+
+// GetSecurityAccounts gets all security accounts.
+func GetSecurityAccounts(errorHandler *utils.ErrorHandler, r restclient.RestClient, svnName string, name string) ([]SecurityAccountGetDataModelONTAP, error) {
+	query := r.NewQuery()
+	query.Fields([]string{"name", "owner", "locked", "comment", "role", "scope", "applications"})
+	if svnName != "" {
+		query.Set("owner.name", svnName)
+	}
+	if name != "" {
+		query.Set("name", name)
+	}
+
+	tflog.Debug(errorHandler.Ctx, fmt.Sprintf("security account filter: %+v", query))
+	statusCode, response, err := r.GetZeroOrMoreRecords("security/accounts", query, nil)
+	if err != nil {
+		return nil, errorHandler.MakeAndReportError("Error occurred when getting security accounts", fmt.Sprintf("error on get security/accounts: %s", err))
+	}
+	if response == nil {
+		return nil, errorHandler.MakeAndReportError("No Accounts found", fmt.Sprintf("No accounts found"))
+	}
+	var dataOntap []SecurityAccountGetDataModelONTAP
+	for _, info := range response {
+		var dataOntapItem SecurityAccountGetDataModelONTAP
+		if error := mapstructure.Decode(info, &dataOntapItem); error != nil {
+			return nil, errorHandler.MakeAndReportError("Error occurred when decoding security account", fmt.Sprintf("error on decoding security/account: %s, statusCode: %d, response %+v", error, statusCode, response))
+		}
+		dataOntap = append(dataOntap, dataOntapItem)
+	}
+	tflog.Debug(errorHandler.Ctx, fmt.Sprintf("security accounts: %+v", dataOntap))
+	return dataOntap, nil
+}
@@ -190,6 +190,8 @@ func (p *ONTAPProvider) DataSources(ctx context.Context) []func() datasource.Dat
 		NewNameServicesDNSDataSource,
 		NewNameServicesDNSsDataSource,
 		NewProtocolsNfsServiceDataSource,
+		NewSecurityAccountDataSource,
+		NewSecurityAccountsDataSource,
 		NewSnapmirrorDataSource,
 		NewSnapmirrorsDataSource,
 		NewSnapshotPoliciesDataSource,