Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Security integrations datasource v1 readiness #2913

Merged
merged 9 commits into from
Jul 10, 2024
444 changes: 444 additions & 0 deletions docs/data-sources/security_integrations.md

Large diffs are not rendered by default.

9 changes: 9 additions & 0 deletions pkg/acceptance/check_destroy.go
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,15 @@ var showByIdFunctions = map[resources.Resource]showByIdFunc{
resources.Alert: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
return runShowById(ctx, id, client.Alerts.ShowByID)
},
resources.ApiAuthenticationIntegrationWithAuthorizationCodeGrant: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
return runShowById(ctx, id, client.SecurityIntegrations.ShowByID)
},
resources.ApiAuthenticationIntegrationWithClientCredentials: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
return runShowById(ctx, id, client.SecurityIntegrations.ShowByID)
},
resources.ApiAuthenticationIntegrationWithJwtBearer: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
return runShowById(ctx, id, client.SecurityIntegrations.ShowByID)
},
resources.ApiIntegration: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
return runShowById(ctx, id, client.ApiIntegrations.ShowByID)
},
Expand Down
520 changes: 510 additions & 10 deletions pkg/datasources/security_integrations_acceptance_test.go

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
resource "snowflake_api_authentication_integration_with_authorization_code_grant" "test" {
comment = var.comment
enabled = var.enabled
name = var.name
oauth_access_token_validity = var.oauth_access_token_validity
oauth_authorization_endpoint = var.oauth_authorization_endpoint
oauth_client_auth_method = var.oauth_client_auth_method
oauth_client_id = var.oauth_client_id
oauth_client_secret = var.oauth_client_secret
oauth_refresh_token_validity = var.oauth_refresh_token_validity
oauth_token_endpoint = var.oauth_token_endpoint
oauth_allowed_scopes = var.oauth_allowed_scopes
}

data "snowflake_security_integrations" "test" {
depends_on = [snowflake_api_authentication_integration_with_authorization_code_grant.test]

like = var.name
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
variable "comment" {
type = string
}
variable "enabled" {
type = bool
}
variable "name" {
type = string
}
variable "oauth_access_token_validity" {
type = number
}
variable "oauth_authorization_endpoint" {
type = string
}
variable "oauth_client_auth_method" {
type = string
}
variable "oauth_client_id" {
type = string
}
variable "oauth_client_secret" {
type = string
}
variable "oauth_refresh_token_validity" {
type = number
}
variable "oauth_token_endpoint" {
type = string
}
variable "oauth_allowed_scopes" {
type = set(string)
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
resource "snowflake_api_authentication_integration_with_authorization_code_grant" "test" {
comment = var.comment
enabled = var.enabled
name = var.name
oauth_access_token_validity = var.oauth_access_token_validity
oauth_authorization_endpoint = var.oauth_authorization_endpoint
oauth_client_auth_method = var.oauth_client_auth_method
oauth_client_id = var.oauth_client_id
oauth_client_secret = var.oauth_client_secret
oauth_refresh_token_validity = var.oauth_refresh_token_validity
oauth_token_endpoint = var.oauth_token_endpoint
oauth_allowed_scopes = var.oauth_allowed_scopes
}

data "snowflake_security_integrations" "test" {
depends_on = [snowflake_api_authentication_integration_with_authorization_code_grant.test]

with_describe = false
like = var.name
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
variable "comment" {
type = string
}
variable "enabled" {
type = bool
}
variable "name" {
type = string
}
variable "oauth_access_token_validity" {
type = number
}
variable "oauth_authorization_endpoint" {
type = string
}
variable "oauth_client_auth_method" {
type = string
}
variable "oauth_client_id" {
type = string
}
variable "oauth_client_secret" {
type = string
}
variable "oauth_refresh_token_validity" {
type = number
}
variable "oauth_token_endpoint" {
type = string
}
variable "oauth_allowed_scopes" {
type = set(string)
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
resource "snowflake_api_authentication_integration_with_client_credentials" "test" {
comment = var.comment
enabled = var.enabled
name = var.name
oauth_access_token_validity = var.oauth_access_token_validity
oauth_refresh_token_validity = var.oauth_refresh_token_validity
oauth_client_auth_method = var.oauth_client_auth_method
oauth_client_id = var.oauth_client_id
oauth_client_secret = var.oauth_client_secret
oauth_token_endpoint = var.oauth_token_endpoint
oauth_allowed_scopes = var.oauth_allowed_scopes
}

data "snowflake_security_integrations" "test" {
depends_on = [snowflake_api_authentication_integration_with_client_credentials.test]

like = var.name
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
variable "comment" {
type = string
}
variable "enabled" {
type = bool
}
variable "name" {
type = string
}
variable "oauth_access_token_validity" {
type = number
}
variable "oauth_refresh_token_validity" {
type = number
}
variable "oauth_client_auth_method" {
type = string
}
variable "oauth_client_id" {
type = string
}
variable "oauth_client_secret" {
type = string
}
variable "oauth_token_endpoint" {
type = string
}
variable "oauth_allowed_scopes" {
type = set(string)
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
resource "snowflake_api_authentication_integration_with_client_credentials" "test" {
comment = var.comment
enabled = var.enabled
name = var.name
oauth_access_token_validity = var.oauth_access_token_validity
oauth_refresh_token_validity = var.oauth_refresh_token_validity
oauth_client_auth_method = var.oauth_client_auth_method
oauth_client_id = var.oauth_client_id
oauth_client_secret = var.oauth_client_secret
oauth_token_endpoint = var.oauth_token_endpoint
oauth_allowed_scopes = var.oauth_allowed_scopes
}

data "snowflake_security_integrations" "test" {
depends_on = [snowflake_api_authentication_integration_with_client_credentials.test]

with_describe = false
like = var.name
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
variable "comment" {
type = string
}
variable "enabled" {
type = bool
}
variable "name" {
type = string
}
variable "oauth_access_token_validity" {
type = number
}
variable "oauth_refresh_token_validity" {
type = number
}
variable "oauth_client_auth_method" {
type = string
}
variable "oauth_client_id" {
type = string
}
variable "oauth_client_secret" {
type = string
}
variable "oauth_token_endpoint" {
type = string
}
variable "oauth_allowed_scopes" {
type = set(string)
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
resource "snowflake_external_oauth_integration" "test" {
comment = var.comment
enabled = var.enabled
external_oauth_allowed_roles_list = var.external_oauth_allowed_roles_list
external_oauth_any_role_mode = var.external_oauth_any_role_mode
external_oauth_audience_list = var.external_oauth_audience_list
external_oauth_issuer = var.external_oauth_issuer
external_oauth_jws_keys_url = var.external_oauth_jws_keys_url
external_oauth_scope_delimiter = var.external_oauth_scope_delimiter
external_oauth_scope_mapping_attribute = var.external_oauth_scope_mapping_attribute
external_oauth_snowflake_user_mapping_attribute = var.external_oauth_snowflake_user_mapping_attribute
external_oauth_token_user_mapping_claim = var.external_oauth_token_user_mapping_claim
name = var.name
external_oauth_type = var.external_oauth_type
}

data "snowflake_security_integrations" "test" {
depends_on = [snowflake_external_oauth_integration.test]

like = var.name
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
variable "comment" {
type = string
}
variable "enabled" {
type = bool
}
variable "external_oauth_allowed_roles_list" {
type = set(string)
}
variable "external_oauth_any_role_mode" {
type = string
}
variable "external_oauth_audience_list" {
type = set(string)
}
variable "external_oauth_issuer" {
type = string
}
variable "external_oauth_jws_keys_url" {
type = set(string)
}
variable "external_oauth_scope_delimiter" {
type = string
}
variable "external_oauth_scope_mapping_attribute" {
type = string
}
variable "external_oauth_snowflake_user_mapping_attribute" {
type = string
}
variable "external_oauth_token_user_mapping_claim" {
type = set(string)
}
variable "name" {
type = string
}
variable "external_oauth_type" {
type = string
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
resource "snowflake_external_oauth_integration" "test" {
comment = var.comment
enabled = var.enabled
external_oauth_allowed_roles_list = var.external_oauth_allowed_roles_list
external_oauth_any_role_mode = var.external_oauth_any_role_mode
external_oauth_audience_list = var.external_oauth_audience_list
external_oauth_issuer = var.external_oauth_issuer
external_oauth_jws_keys_url = var.external_oauth_jws_keys_url
external_oauth_scope_delimiter = var.external_oauth_scope_delimiter
external_oauth_scope_mapping_attribute = var.external_oauth_scope_mapping_attribute
external_oauth_snowflake_user_mapping_attribute = var.external_oauth_snowflake_user_mapping_attribute
external_oauth_token_user_mapping_claim = var.external_oauth_token_user_mapping_claim
name = var.name
external_oauth_type = var.external_oauth_type
}

data "snowflake_security_integrations" "test" {
depends_on = [snowflake_external_oauth_integration.test]

with_describe = false
like = var.name
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
variable "comment" {
type = string
}
variable "enabled" {
type = bool
}
variable "external_oauth_allowed_roles_list" {
type = set(string)
}
variable "external_oauth_any_role_mode" {
type = string
}
variable "external_oauth_audience_list" {
type = set(string)
}
variable "external_oauth_issuer" {
type = string
}
variable "external_oauth_jws_keys_url" {
type = set(string)
}
variable "external_oauth_scope_delimiter" {
type = string
}
variable "external_oauth_scope_mapping_attribute" {
type = string
}
variable "external_oauth_snowflake_user_mapping_attribute" {
type = string
}
variable "external_oauth_token_user_mapping_claim" {
type = set(string)
}
variable "name" {
type = string
}
variable "external_oauth_type" {
type = string
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
resource "snowflake_oauth_integration_for_custom_clients" "test" {
blocked_roles_list = var.blocked_roles_list
comment = var.comment
enabled = var.enabled
name = var.name
network_policy = var.network_policy
oauth_allow_non_tls_redirect_uri = var.oauth_allow_non_tls_redirect_uri
oauth_client_rsa_public_key = var.oauth_client_rsa_public_key
oauth_client_rsa_public_key_2 = var.oauth_client_rsa_public_key_2
oauth_client_type = var.oauth_client_type
oauth_enforce_pkce = var.oauth_enforce_pkce
oauth_issue_refresh_tokens = var.oauth_issue_refresh_tokens
oauth_redirect_uri = var.oauth_redirect_uri
oauth_refresh_token_validity = var.oauth_refresh_token_validity
oauth_use_secondary_roles = var.oauth_use_secondary_roles
pre_authorized_roles_list = var.pre_authorized_roles_list
}


data "snowflake_security_integrations" "test" {
depends_on = [snowflake_oauth_integration_for_custom_clients.test]

like = var.name
}
Loading
Loading