From cb5e488544c91701bf0aa9a31522728a5f8dc79a Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 23 May 2022 19:46:55 -0500 Subject: [PATCH 01/35] Add support for federated settings --- ..._source_mongodbatlas_federated_settings.go | 117 ++++++ ...erated_settings_connected_organizations.go | 192 +++++++++ ...s_federated_settings_identity_providers.go | 391 ++++++++++++++++++ ...ted_settings_organization_role_mappings.go | 124 ++++++ ...ce_mongodbatlas_federated_settings_test.go | 71 ++++ mongodbatlas/provider.go | 203 ++++----- ...derated_settings_connected_organization.go | 179 ++++++++ ...as_federated_settings_identity_provider.go | 198 +++++++++ ...ated_settings_organization_role_mapping.go | 304 ++++++++++++++ 9 files changed, 1681 insertions(+), 98 deletions(-) create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_test.go create mode 100644 mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go create mode 100644 mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go create mode 100644 mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings.go b/mongodbatlas/data_source_mongodbatlas_federated_settings.go new file mode 100644 index 0000000000..afff8ceb87 --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings.go @@ -0,0 +1,117 @@ +package mongodbatlas + +import ( + "context" + "errors" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func dataSourceMongoDBAtlasFederatedSettings() *schema.Resource { + return &schema.Resource{ + ReadContext: dataSourceMongoDBAtlasFederatedSettingsRead, + Schema: map[string]*schema.Schema{ + "org_id": { + Type: schema.TypeString, + Optional: true, + ConflictsWith: []string{"name"}, + }, + "name": { + Type: schema.TypeString, + Optional: true, + ConflictsWith: []string{"org_id"}, + }, + "federated_domains": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "has_role_mappings": { + Type: schema.TypeBool, + Computed: true, + }, + "id": { + Type: schema.TypeString, + Computed: true, + }, + "identity_provider_id": { + Type: schema.TypeString, + Computed: true, + }, + "identity_provider_status": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} + +func dataSourceMongoDBAtlasFederatedSettingsRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + orgID, orgIDOk := d.GetOk("org_id") + name, nameOk := d.GetOk("name") + + if !orgIDOk && !nameOk { + return diag.FromErr(errors.New("either org_id or name must be configured")) + } + + var ( + err error + org *matlas.Organization + orgs *matlas.Organizations + ) + + if orgIDOk { + org, _, err = conn.Organizations.Get(ctx, orgID.(string)) + } else { + orgs, _, err = conn.Organizations.List(ctx, nil) + if err != nil { + return diag.Errorf("Organizations.List returned error: %v", err) + } + for _, o := range orgs.Results { + if o.Name == name.(string) { + org, _, err = conn.Organizations.Get(ctx, o.ID) + } + } + } + + if err != nil { + return diag.Errorf("Error reading Organization %s %s", orgID, err) + } + + federationSettings, _, err := conn.FederatedSettings.Get(ctx, org.ID) + if err != nil { + return diag.Errorf("error getting Federated settings (%s): %s", orgID, err) + } + + if err := d.Set("org_id", org.ID); err != nil { + return diag.Errorf("error getting Federated settings (%s): %s %s", `org_id`, org.ID, err) + } + + if err := d.Set("federated_domains", federationSettings.FederatedDomains); err != nil { + return diag.Errorf("error getting Federated settings (%s): %s %s", `federated_domains`, federationSettings.FederatedDomains, err) + } + + if err := d.Set("identity_provider_status", federationSettings.IdentityProviderStatus); err != nil { + return diag.Errorf("error getting Federated settings (%s): %s %s", `identityProviderStatus`, federationSettings.IdentityProviderStatus, err) + } + + if err := d.Set("identity_provider_id", federationSettings.IdentityProviderID); err != nil { + return diag.Errorf("error getting Federated settings (%s): %s %s", `IdentityProviderID`, federationSettings.IdentityProviderID, err) + } + + if err := d.Set("has_role_mappings", federationSettings.HasRoleMappings); err != nil { + return diag.Errorf("error getting Federated settings (%s): flag %s ", `HasRoleMappings`, err) + } + + d.SetId(federationSettings.ID) + + return nil +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go new file mode 100644 index 0000000000..668c87f80d --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go @@ -0,0 +1,192 @@ +package mongodbatlas + +import ( + "context" + "errors" + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs() *schema.Resource { + return &schema.Resource{ + ReadContext: dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigsRead, + Schema: map[string]*schema.Schema{ + "federation_settings_id": { + Type: schema.TypeString, + Required: true, + }, + "page_num": { + Type: schema.TypeInt, + Optional: true, + }, + "items_per_page": { + Type: schema.TypeInt, + Optional: true, + }, + "results": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "domain_allow_list": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "domain_restriction_enabled": { + Type: schema.TypeBool, + Computed: true, + }, + "identity_provider_id": { + Type: schema.TypeString, + Computed: true, + }, + "org_id": { + Type: schema.TypeString, + Computed: true, + }, + "post_auth_role_grants": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "role_mappings": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "external_group_name": { + Type: schema.TypeString, + Computed: true, + }, + "id": { + Type: schema.TypeString, + Computed: true, + }, + "role_assignments": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "group_id": { + Type: schema.TypeString, + Computed: true, + }, + "org_id": { + Type: schema.TypeString, + Computed: true, + }, + "role": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + "user_conflicts": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "email_address": { + Type: schema.TypeString, + Computed: true, + }, + "federation_settings_id": { + Type: schema.TypeString, + Computed: true, + }, + "first_name": { + Type: schema.TypeString, + Computed: true, + }, + "last_name": { + Type: schema.TypeString, + Computed: true, + }, + "user_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + }, + } +} +func dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigsRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + federationSettingsID, federationSettingsIDOk := d.GetOk("federation_settings_id") + + options := &matlas.ListOptions{ + PageNum: d.Get("page_num").(int), + ItemsPerPage: d.Get("items_per_page").(int), + } + + if !federationSettingsIDOk { + return diag.FromErr(errors.New("either federation_settings_id must be configured")) + } + + federatedSettingsConnectedOrganizations, _, err := conn.FederatedSettingsConnectedOrganization.List(ctx, options, federationSettingsID.(string)) + if err != nil { + return diag.Errorf("error getting federatedSettings connected organizations assigned (%s): %s", federationSettingsID, err) + } + + if err := d.Set("results", flattenFederatedSettingsOrganizationConfigs(*federatedSettingsConnectedOrganizations)); err != nil { + return diag.FromErr(fmt.Errorf("error setting `result` for federatedSettings IdentityProviders: %s", err)) + } + + d.SetId(federationSettingsID.(string)) + + return nil +} + +func flattenFederatedSettingsOrganizationConfigs(federatedSettingsConnectedOrganizations matlas.FederatedSettingsConnectedOrganizations) []map[string]interface{} { + var federatedSettingsConnectedOrganizationsMap []map[string]interface{} + + if (federatedSettingsConnectedOrganizations.TotalCount) > 0 { + federatedSettingsConnectedOrganizationsMap = make([]map[string]interface{}, federatedSettingsConnectedOrganizations.TotalCount) + + for i := range federatedSettingsConnectedOrganizations.Results { + if federatedSettingsConnectedOrganizations.Results[i].UserConflicts == nil { + federatedSettingsConnectedOrganizationsMap[i] = map[string]interface{}{ + "domain_allow_list": federatedSettingsConnectedOrganizations.Results[i].DomainAllowList, + "domain_restriction_enabled": federatedSettingsConnectedOrganizations.Results[i].DomainRestrictionEnabled, + "identity_provider_id": federatedSettingsConnectedOrganizations.Results[i].IdentityProviderID, + "org_id": federatedSettingsConnectedOrganizations.Results[i].OrgID, + "post_auth_role_grants": federatedSettingsConnectedOrganizations.Results[i].PostAuthRoleGrants, + "role_mappings": flattenRoleMappings(federatedSettingsConnectedOrganizations.Results[i].RoleMappings), + "user_conflicts": nil, + } + } else { + federatedSettingsConnectedOrganizationsMap[i] = map[string]interface{}{ + "domain_allow_list": federatedSettingsConnectedOrganizations.Results[i].DomainAllowList, + "domain_restriction_enabled": federatedSettingsConnectedOrganizations.Results[i].DomainRestrictionEnabled, + "identity_provider_id": federatedSettingsConnectedOrganizations.Results[i].IdentityProviderID, + "org_id": federatedSettingsConnectedOrganizations.Results[i].OrgID, + "post_auth_role_grants": federatedSettingsConnectedOrganizations.Results[i].PostAuthRoleGrants, + "role_mappings": flattenRoleMappings(federatedSettingsConnectedOrganizations.Results[i].RoleMappings), + "user_conflicts": flattenUserConflicts(*federatedSettingsConnectedOrganizations.Results[i].UserConflicts), + } + } + } + } + + return federatedSettingsConnectedOrganizationsMap +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go new file mode 100644 index 0000000000..81258306a7 --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go @@ -0,0 +1,391 @@ +package mongodbatlas + +import ( + "context" + "errors" + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func dataSourceMongoDBAtlasFederatedSettingsIdentityProviders() *schema.Resource { + return &schema.Resource{ + ReadContext: dataSourceMongoDBAtlasFederatedSettingsIdentityProvidersRead, + Schema: map[string]*schema.Schema{ + "federation_settings_id": { + Type: schema.TypeString, + Required: true, + }, + "page_num": { + Type: schema.TypeInt, + Optional: true, + }, + "items_per_page": { + Type: schema.TypeInt, + Optional: true, + }, + "results": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "acs_url": { + Type: schema.TypeString, + Computed: true, + }, + "associated_domains": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "associated_orgs": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "domain_allow_list": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "domain_restriction_enabled": { + Type: schema.TypeBool, + Computed: true, + }, + "identity_provider_id": { + Type: schema.TypeString, + Computed: true, + }, + "org_id": { + Type: schema.TypeString, + Computed: true, + }, + "post_auth_role_grants": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "role_mappings": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "external_group_name": { + Type: schema.TypeString, + Computed: true, + }, + "id": { + Type: schema.TypeString, + Computed: true, + }, + "role_assignments": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "group_id": { + Type: schema.TypeString, + Computed: true, + }, + "org_id": { + Type: schema.TypeString, + Computed: true, + }, + "role": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + "user_conflicts": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "email_address": { + Type: schema.TypeString, + Computed: true, + }, + "federation_settings_id": { + Type: schema.TypeString, + Computed: true, + }, + "first_name": { + Type: schema.TypeString, + Computed: true, + }, + "last_name": { + Type: schema.TypeString, + Computed: true, + }, + "user_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + "audience_uri": { + Type: schema.TypeString, + Computed: true, + }, + "display_name": { + Type: schema.TypeString, + Computed: true, + }, + "issuer_uri": { + Type: schema.TypeString, + Computed: true, + }, + "okta_idp_id": { + Type: schema.TypeString, + Computed: true, + }, + "pem_file_info": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "certificates": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "not_after": { + Type: schema.TypeString, + Computed: true, + }, + "not_before": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "file_name": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "request_binding": { + Type: schema.TypeString, + Computed: true, + }, + "response_signature_algorithm": { + Type: schema.TypeString, + Computed: true, + }, + "sso_debug_enabled": { + Type: schema.TypeBool, + Computed: true, + }, + "sso_url": { + Type: schema.TypeString, + Computed: true, + }, + "status": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + } +} +func dataSourceMongoDBAtlasFederatedSettingsIdentityProvidersRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + federationSettingsID, federationSettingsIDOk := d.GetOk("federation_settings_id") + + options := &matlas.ListOptions{ + PageNum: d.Get("page_num").(int), + ItemsPerPage: d.Get("items_per_page").(int), + } + + if !federationSettingsIDOk { + return diag.FromErr(errors.New("either federation_settings_id must be configured")) + } + + federatedSettingsIdentityProviders, _, err := conn.FederatedSettingsIdentityProvider.List(ctx, options, federationSettingsID.(string)) + if err != nil { + return diag.Errorf("error getting federatedSettings IdentityProviders assigned (%s): %s", federationSettingsID, err) + } + + if err := d.Set("results", flattenFederatedSettingsIdentityProvider(federatedSettingsIdentityProviders)); err != nil { + return diag.FromErr(fmt.Errorf("error setting `result` for federatedSettings IdentityProviders: %s", err)) + } + + d.SetId(federationSettingsID.(string)) + + return nil +} + +func flattenFederatedSettingsIdentityProvider(federatedSettingsIdentityProvider []matlas.FederatedSettingsIdentityProvider) []map[string]interface{} { + var federatedSettingsIdentityProviderMap []map[string]interface{} + + if len(federatedSettingsIdentityProvider) > 0 { + federatedSettingsIdentityProviderMap = make([]map[string]interface{}, len(federatedSettingsIdentityProvider)) + + for i := range federatedSettingsIdentityProvider { + federatedSettingsIdentityProviderMap[i] = map[string]interface{}{ + "acs_url": federatedSettingsIdentityProvider[i].AcsURL, + "associated_domains": federatedSettingsIdentityProvider[i].AssociatedDomains, + "associated_orgs": flattenAssociatedOrgs(federatedSettingsIdentityProvider[i].AssociatedOrgs), + "audience_uri": federatedSettingsIdentityProvider[i].AudienceURI, + "display_name": federatedSettingsIdentityProvider[i].DisplayName, + "issuer_uri": federatedSettingsIdentityProvider[i].IssuerURI, + "okta_idp_id": federatedSettingsIdentityProvider[i].OktaIdpID, + "pem_file_info": flattenPemFileInfo(*federatedSettingsIdentityProvider[i].PemFileInfo), + "request_binding": federatedSettingsIdentityProvider[i].RequestBinding, + "response_signature_algorithm": federatedSettingsIdentityProvider[i].ResponseSignatureAlgorithm, + "sso_debug_enabled": federatedSettingsIdentityProvider[i].SsoDebugEnabled, + "sso_url": federatedSettingsIdentityProvider[i].SsoURL, + "status": federatedSettingsIdentityProvider[i].Status, + } + } + } + + return federatedSettingsIdentityProviderMap +} + +func flattenAssociatedOrgs(associatedOrgs []*matlas.AssociatedOrgs) []map[string]interface{} { + var associatedOrgsMap []map[string]interface{} + + if len(associatedOrgs) > 0 { + associatedOrgsMap = make([]map[string]interface{}, len(associatedOrgs)) + + for i := range associatedOrgs { + if associatedOrgs[i].UserConflicts == nil { + associatedOrgsMap[i] = map[string]interface{}{ + "domain_allow_list": associatedOrgs[i].DomainAllowList, + "domain_restriction_enabled": associatedOrgs[i].DomainRestrictionEnabled, + "identity_provider_id": associatedOrgs[i].IdentityProviderID, + "org_id": associatedOrgs[i].OrgID, + "post_auth_role_grants": associatedOrgs[i].PostAuthRoleGrants, + "role_mappings": flattenRoleMappings(associatedOrgs[i].RoleMappings), + "user_conflicts": nil, + } + } else { + associatedOrgsMap[i] = map[string]interface{}{ + "domain_allow_list": associatedOrgs[i].DomainAllowList, + "domain_restriction_enabled": associatedOrgs[i].DomainRestrictionEnabled, + "identity_provider_id": associatedOrgs[i].IdentityProviderID, + "org_id": associatedOrgs[i].OrgID, + "post_auth_role_grants": associatedOrgs[i].PostAuthRoleGrants, + "role_mappings": flattenRoleMappings(associatedOrgs[i].RoleMappings), + "user_conflicts": flattenUserConflicts(*associatedOrgs[i].UserConflicts), + } + } + } + } + + return associatedOrgsMap +} + +func flattenUserConflicts(userConflicts matlas.UserConflicts) []map[string]interface{} { + var userConflictsMap []map[string]interface{} + + if len(userConflicts) > 0 { + userConflictsMap = make([]map[string]interface{}, len(userConflicts)) + + for i := range userConflicts { + userConflictsMap[i] = map[string]interface{}{ + "email_address": userConflicts[i].EmailAddress, + "federation_settings_id": userConflicts[i].FederationSettingsID, + "first_name": userConflicts[i].FirstName, + "last_name": userConflicts[i].LastName, + "user_id": userConflicts[i].UserID, + } + } + } + + return userConflictsMap +} + +func flattenPemFileInfo(pemFileInfo matlas.PemFileInfo) []map[string]interface{} { + var pemFileInfoMap []map[string]interface{} + + if len(pemFileInfo.Certificates) > 0 { + pemFileInfoMap = make([]map[string]interface{}, 1) + + pemFileInfoMap[0] = map[string]interface{}{ + "certificates": flattenFederatedSettingsCertificates(pemFileInfo.Certificates), + "file_name": pemFileInfo.FileName, + } + } + + return pemFileInfoMap +} + +func flattenFederatedSettingsCertificates(certificates []*matlas.Certificates) []map[string]interface{} { + var certificatesMap []map[string]interface{} + + if len(certificates) > 0 { + certificatesMap = make([]map[string]interface{}, len(certificates)) + + for i := range certificates { + certificatesMap[i] = map[string]interface{}{ + "not_after": certificates[i].NotAfter.String(), + "not_before": certificates[i].NotBefore.String(), + } + } + } + + return certificatesMap +} + +func flattenRoleMappings(roleMappings []*matlas.RoleMappings) []map[string]interface{} { + var roleMappingsMap []map[string]interface{} + + if len(roleMappings) > 0 { + roleMappingsMap = make([]map[string]interface{}, len(roleMappings)) + + for i := range roleMappings { + roleMappingsMap[i] = map[string]interface{}{ + "external_group_name": roleMappings[i].ExternalGroupName, + "id": roleMappings[i].ID, + "role_assignments": flattenRoleAssignments(roleMappings[i].RoleAssignments), + } + } + } + + return roleMappingsMap +} + +func flattenRoleAssignments(roleAssignments []*matlas.RoleAssignments) []map[string]interface{} { + var roleAssignmentsMap []map[string]interface{} + + if len(roleAssignments) > 0 { + roleAssignmentsMap = make([]map[string]interface{}, len(roleAssignments)) + + for i := range roleAssignments { + roleAssignmentsMap[i] = map[string]interface{}{ + "group_id": roleAssignments[i].GroupID, + "org_id": roleAssignments[i].OrgID, + "role": roleAssignments[i].Role, + } + } + } + + return roleAssignmentsMap +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go new file mode 100644 index 0000000000..ca79d043fa --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go @@ -0,0 +1,124 @@ +package mongodbatlas + +import ( + "context" + "errors" + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings() *schema.Resource { + return &schema.Resource{ + ReadContext: dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingsRead, + Schema: map[string]*schema.Schema{ + "federation_settings_id": { + Type: schema.TypeString, + Required: true, + }, + "org_id": { + Type: schema.TypeString, + Required: true, + }, + "page_num": { + Type: schema.TypeInt, + Optional: true, + }, + "items_per_page": { + Type: schema.TypeInt, + Optional: true, + }, + "results": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "external_group_name": { + Type: schema.TypeString, + Computed: true, + }, + "id": { + Type: schema.TypeString, + Computed: true, + }, + "role_assignments": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "group_id": { + Type: schema.TypeString, + Computed: true, + }, + "org_id": { + Type: schema.TypeString, + Computed: true, + }, + "role": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + }, + } +} +func dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingsRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + federationSettingsID, federationSettingsIDOk := d.GetOk("federation_settings_id") + + if !federationSettingsIDOk { + return diag.FromErr(errors.New("either federation_settings_id must be configured")) + } + + orgID, orgIDOk := d.GetOk("org_id") + + if !orgIDOk { + return diag.FromErr(errors.New("either org_id must be configured")) + } + + options := &matlas.ListOptions{ + PageNum: d.Get("page_num").(int), + ItemsPerPage: d.Get("items_per_page").(int), + } + + federatedSettingsOrganizationRoleMappings, _, err := conn.FederatedSettingsOrganizationRoleMapping.List(ctx, options, federationSettingsID.(string), orgID.(string)) + if err != nil { + return diag.Errorf("error getting federatedSettings IdentityProviders assigned (%s): %s", federationSettingsID, err) + } + + if err := d.Set("results", flattenFederatedSettingsOrganizationRoleMappings(federatedSettingsOrganizationRoleMappings)); err != nil { + return diag.FromErr(fmt.Errorf("error setting `result` for federatedSettings IdentityProviders: %s", err)) + } + + d.SetId(federationSettingsID.(string)) + + return nil +} + +func flattenFederatedSettingsOrganizationRoleMappings(federatedSettingsOrganizationRoleMapping *matlas.FederatedSettingsOrganizationRoleMappings) []map[string]interface{} { + var federatedSettingsOrganizationRoleMappingMap []map[string]interface{} + + if federatedSettingsOrganizationRoleMapping.TotalCount > 0 { + federatedSettingsOrganizationRoleMappingMap = make([]map[string]interface{}, federatedSettingsOrganizationRoleMapping.TotalCount) + + for i := range federatedSettingsOrganizationRoleMapping.Results { + federatedSettingsOrganizationRoleMappingMap[i] = map[string]interface{}{ + "external_group_name": federatedSettingsOrganizationRoleMapping.Results[i].ExternalGroupName, + "id": federatedSettingsOrganizationRoleMapping.Results[i].ID, + "role_assignments": flattenRoleAssignments(federatedSettingsOrganizationRoleMapping.Results[i].RoleAssignments), + } + } + } + + return federatedSettingsOrganizationRoleMappingMap +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go new file mode 100644 index 0000000000..c2e8839c1c --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go @@ -0,0 +1,71 @@ +package mongodbatlas + +import ( + "context" + "fmt" + "os" + "strings" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +func TestAccDataSourceMongoDBAtlasFederatedSettings_basic(t *testing.T) { + var ( + dataSourceName = "data.mongodbatlas_cloud_federated_settings.config" + orgID = os.Getenv("MONGODB_ATLAS_ORG_ID") + name = "Terraform Official Testing for Federation" + ) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProviderFactories: testAccProviderFactories, + CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, + Steps: []resource.TestStep{ + { + Config: testAccDSMongoDBAtlasFederatedSettingsConfig(orgID, name), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet(dataSourceName, "org_id"), + resource.TestCheckResourceAttrSet(dataSourceName, "identity_provider_id"), + ), + }, + }, + }) +} + +func testAccDSMongoDBAtlasFederatedSettingsConfig(orgID, name string) string { + return fmt.Sprintf(` + data "mongodbatlas_cloud_federated_settings" "federated_settings" { + org_id = "%s" + name = "%s" + } + + `, orgID, name) +} + +func testAccCheckMongoDBAtlasFederatedSettingsDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + for _, rs := range s.RootModule().Resources { + if rs.Type != "mongodbatlas_cloud_federated_settings" { + continue + } + + // Try to find the cluster + globalConfig, _, err := conn.FederatedSettings.Get(context.Background(), rs.Primary.Attributes["org_id"]) + if err != nil { + if strings.Contains(err.Error(), fmt.Sprintf("No federated settings identity provider %s exists in org %s", rs.Primary.Attributes["identity_provider_id"], rs.Primary.Attributes["org_id"])) { + return nil + } + + return err + } + + if len(globalConfig.IdentityProviderID) > 0 || len(globalConfig.IdentityProviderStatus) > 0 { + return fmt.Errorf("Federated settings identity provider(%s) still exists", rs.Primary.Attributes["identity_provider_id"]) + } + } + + return nil +} diff --git a/mongodbatlas/provider.go b/mongodbatlas/provider.go index 8824ea2dee..b1aaf980cd 100644 --- a/mongodbatlas/provider.go +++ b/mongodbatlas/provider.go @@ -71,110 +71,117 @@ func Provider() *schema.Provider { func getDataSourcesMap() map[string]*schema.Resource { dataSourcesMap := map[string]*schema.Resource{ - "mongodbatlas_advanced_cluster": dataSourceMongoDBAtlasAdvancedCluster(), - "mongodbatlas_advanced_clusters": dataSourceMongoDBAtlasAdvancedClusters(), - "mongodbatlas_custom_db_role": dataSourceMongoDBAtlasCustomDBRole(), - "mongodbatlas_custom_db_roles": dataSourceMongoDBAtlasCustomDBRoles(), - "mongodbatlas_database_user": dataSourceMongoDBAtlasDatabaseUser(), - "mongodbatlas_database_users": dataSourceMongoDBAtlasDatabaseUsers(), - "mongodbatlas_project": dataSourceMongoDBAtlasProject(), - "mongodbatlas_projects": dataSourceMongoDBAtlasProjects(), - "mongodbatlas_cluster": dataSourceMongoDBAtlasCluster(), - "mongodbatlas_clusters": dataSourceMongoDBAtlasClusters(), - "mongodbatlas_cloud_provider_snapshot": dataSourceMongoDBAtlasCloudProviderSnapshot(), - "mongodbatlas_cloud_provider_snapshots": dataSourceMongoDBAtlasCloudProviderSnapshots(), - "mongodbatlas_network_container": dataSourceMongoDBAtlasNetworkContainer(), - "mongodbatlas_network_containers": dataSourceMongoDBAtlasNetworkContainers(), - "mongodbatlas_network_peering": dataSourceMongoDBAtlasNetworkPeering(), - "mongodbatlas_network_peerings": dataSourceMongoDBAtlasNetworkPeerings(), - "mongodbatlas_cloud_provider_snapshot_restore_job": dataSourceMongoDBAtlasCloudProviderSnapshotRestoreJob(), - "mongodbatlas_cloud_provider_snapshot_restore_jobs": dataSourceMongoDBAtlasCloudProviderSnapshotRestoreJobs(), - "mongodbatlas_maintenance_window": dataSourceMongoDBAtlasMaintenanceWindow(), - "mongodbatlas_auditing": dataSourceMongoDBAtlasAuditing(), - "mongodbatlas_team": dataSourceMongoDBAtlasTeam(), - "mongodbatlas_teams": dataSourceMongoDBAtlasTeam(), - "mongodbatlas_global_cluster_config": dataSourceMongoDBAtlasGlobalCluster(), - "mongodbatlas_alert_configuration": dataSourceMongoDBAtlasAlertConfiguration(), - "mongodbatlas_x509_authentication_database_user": dataSourceMongoDBAtlasX509AuthDBUser(), - "mongodbatlas_privatelink_endpoint": dataSourceMongoDBAtlasPrivateLinkEndpoint(), - "mongodbatlas_privatelink_endpoint_service": dataSourceMongoDBAtlasPrivateEndpointServiceLink(), - "mongodbatlas_privatelink_endpoint_service_adl": dataSourceMongoDBAtlasPrivateLinkEndpointServiceADL(), - "mongodbatlas_privatelink_endpoints_service_adl": dataSourceMongoDBAtlasPrivateLinkEndpointsServiceADL(), - "mongodbatlas_cloud_provider_snapshot_backup_policy": dataSourceMongoDBAtlasCloudProviderSnapshotBackupPolicy(), - "mongodbatlas_cloud_backup_schedule": dataSourceMongoDBAtlasCloudBackupSchedule(), - "mongodbatlas_third_party_integrations": dataSourceMongoDBAtlasThirdPartyIntegrations(), - "mongodbatlas_third_party_integration": dataSourceMongoDBAtlasThirdPartyIntegration(), - "mongodbatlas_project_ip_access_list": dataSourceMongoDBAtlasProjectIPAccessList(), - "mongodbatlas_cloud_provider_access": dataSourceMongoDBAtlasCloudProviderAccessList(), - "mongodbatlas_cloud_provider_access_setup": dataSourceMongoDBAtlasCloudProviderAccessSetup(), - "mongodbatlas_custom_dns_configuration_cluster_aws": dataSourceMongoDBAtlasCustomDNSConfigurationAWS(), - "mongodbatlas_online_archive": dataSourceMongoDBAtlasOnlineArchive(), - "mongodbatlas_online_archives": dataSourceMongoDBAtlasOnlineArchives(), - "mongodbatlas_ldap_configuration": dataSourceMongoDBAtlasLDAPConfiguration(), - "mongodbatlas_ldap_verify": dataSourceMongoDBAtlasLDAPVerify(), - "mongodbatlas_search_index": dataSourceMongoDBAtlasSearchIndex(), - "mongodbatlas_search_indexes": dataSourceMongoDBAtlasSearchIndexes(), - "mongodbatlas_data_lake": dataSourceMongoDBAtlasDataLake(), - "mongodbatlas_data_lakes": dataSourceMongoDBAtlasDataLakes(), - "mongodbatlas_event_trigger": dataSourceMongoDBAtlasEventTrigger(), - "mongodbatlas_event_triggers": dataSourceMongoDBAtlasEventTriggers(), - "mongodbatlas_project_invitation": dataSourceMongoDBAtlasProjectInvitation(), - "mongodbatlas_org_invitation": dataSourceMongoDBAtlasOrgInvitation(), - "mongodbatlas_cloud_backup_snapshot": dataSourceMongoDBAtlasCloudBackupSnapshot(), - "mongodbatlas_cloud_backup_snapshots": dataSourceMongoDBAtlasCloudBackupSnapshots(), - "mongodbatlas_cloud_backup_snapshot_restore_job": dataSourceMongoDBAtlasCloudBackupSnapshotRestoreJob(), - "mongodbatlas_cloud_backup_snapshot_restore_jobs": dataSourceMongoDBAtlasCloudBackupSnapshotRestoreJobs(), - "mongodbatlas_cloud_backup_snapshot_export_bucket": datasourceMongoDBAtlasCloudBackupSnapshotExportBucket(), - "mongodbatlas_cloud_backup_snapshot_export_buckets": datasourceMongoDBAtlasCloudBackupSnapshotExportBuckets(), - "mongodbatlas_cloud_backup_snapshot_export_job": datasourceMongoDBAtlasCloudBackupSnapshotExportJob(), - "mongodbatlas_cloud_backup_snapshot_export_jobs": datasourceMongoDBAtlasCloudBackupSnapshotExportJobs(), + "mongodbatlas_advanced_cluster": dataSourceMongoDBAtlasAdvancedCluster(), + "mongodbatlas_advanced_clusters": dataSourceMongoDBAtlasAdvancedClusters(), + "mongodbatlas_custom_db_role": dataSourceMongoDBAtlasCustomDBRole(), + "mongodbatlas_custom_db_roles": dataSourceMongoDBAtlasCustomDBRoles(), + "mongodbatlas_database_user": dataSourceMongoDBAtlasDatabaseUser(), + "mongodbatlas_database_users": dataSourceMongoDBAtlasDatabaseUsers(), + "mongodbatlas_project": dataSourceMongoDBAtlasProject(), + "mongodbatlas_projects": dataSourceMongoDBAtlasProjects(), + "mongodbatlas_cluster": dataSourceMongoDBAtlasCluster(), + "mongodbatlas_clusters": dataSourceMongoDBAtlasClusters(), + "mongodbatlas_cloud_provider_snapshot": dataSourceMongoDBAtlasCloudProviderSnapshot(), + "mongodbatlas_cloud_provider_snapshots": dataSourceMongoDBAtlasCloudProviderSnapshots(), + "mongodbatlas_network_container": dataSourceMongoDBAtlasNetworkContainer(), + "mongodbatlas_network_containers": dataSourceMongoDBAtlasNetworkContainers(), + "mongodbatlas_network_peering": dataSourceMongoDBAtlasNetworkPeering(), + "mongodbatlas_network_peerings": dataSourceMongoDBAtlasNetworkPeerings(), + "mongodbatlas_cloud_provider_snapshot_restore_job": dataSourceMongoDBAtlasCloudProviderSnapshotRestoreJob(), + "mongodbatlas_cloud_provider_snapshot_restore_jobs": dataSourceMongoDBAtlasCloudProviderSnapshotRestoreJobs(), + "mongodbatlas_maintenance_window": dataSourceMongoDBAtlasMaintenanceWindow(), + "mongodbatlas_auditing": dataSourceMongoDBAtlasAuditing(), + "mongodbatlas_team": dataSourceMongoDBAtlasTeam(), + "mongodbatlas_teams": dataSourceMongoDBAtlasTeam(), + "mongodbatlas_global_cluster_config": dataSourceMongoDBAtlasGlobalCluster(), + "mongodbatlas_alert_configuration": dataSourceMongoDBAtlasAlertConfiguration(), + "mongodbatlas_x509_authentication_database_user": dataSourceMongoDBAtlasX509AuthDBUser(), + "mongodbatlas_privatelink_endpoint": dataSourceMongoDBAtlasPrivateLinkEndpoint(), + "mongodbatlas_privatelink_endpoint_service": dataSourceMongoDBAtlasPrivateEndpointServiceLink(), + "mongodbatlas_privatelink_endpoint_service_adl": dataSourceMongoDBAtlasPrivateLinkEndpointServiceADL(), + "mongodbatlas_privatelink_endpoints_service_adl": dataSourceMongoDBAtlasPrivateLinkEndpointsServiceADL(), + "mongodbatlas_cloud_provider_snapshot_backup_policy": dataSourceMongoDBAtlasCloudProviderSnapshotBackupPolicy(), + "mongodbatlas_cloud_backup_schedule": dataSourceMongoDBAtlasCloudBackupSchedule(), + "mongodbatlas_third_party_integrations": dataSourceMongoDBAtlasThirdPartyIntegrations(), + "mongodbatlas_third_party_integration": dataSourceMongoDBAtlasThirdPartyIntegration(), + "mongodbatlas_project_ip_access_list": dataSourceMongoDBAtlasProjectIPAccessList(), + "mongodbatlas_cloud_provider_access": dataSourceMongoDBAtlasCloudProviderAccessList(), + "mongodbatlas_cloud_provider_access_setup": dataSourceMongoDBAtlasCloudProviderAccessSetup(), + "mongodbatlas_custom_dns_configuration_cluster_aws": dataSourceMongoDBAtlasCustomDNSConfigurationAWS(), + "mongodbatlas_online_archive": dataSourceMongoDBAtlasOnlineArchive(), + "mongodbatlas_online_archives": dataSourceMongoDBAtlasOnlineArchives(), + "mongodbatlas_ldap_configuration": dataSourceMongoDBAtlasLDAPConfiguration(), + "mongodbatlas_ldap_verify": dataSourceMongoDBAtlasLDAPVerify(), + "mongodbatlas_search_index": dataSourceMongoDBAtlasSearchIndex(), + "mongodbatlas_search_indexes": dataSourceMongoDBAtlasSearchIndexes(), + "mongodbatlas_data_lake": dataSourceMongoDBAtlasDataLake(), + "mongodbatlas_data_lakes": dataSourceMongoDBAtlasDataLakes(), + "mongodbatlas_event_trigger": dataSourceMongoDBAtlasEventTrigger(), + "mongodbatlas_event_triggers": dataSourceMongoDBAtlasEventTriggers(), + "mongodbatlas_project_invitation": dataSourceMongoDBAtlasProjectInvitation(), + "mongodbatlas_org_invitation": dataSourceMongoDBAtlasOrgInvitation(), + "mongodbatlas_cloud_backup_snapshot": dataSourceMongoDBAtlasCloudBackupSnapshot(), + "mongodbatlas_cloud_backup_snapshots": dataSourceMongoDBAtlasCloudBackupSnapshots(), + "mongodbatlas_cloud_backup_snapshot_restore_job": dataSourceMongoDBAtlasCloudBackupSnapshotRestoreJob(), + "mongodbatlas_cloud_backup_snapshot_restore_jobs": dataSourceMongoDBAtlasCloudBackupSnapshotRestoreJobs(), + "mongodbatlas_cloud_backup_snapshot_export_bucket": datasourceMongoDBAtlasCloudBackupSnapshotExportBucket(), + "mongodbatlas_cloud_backup_snapshot_export_buckets": datasourceMongoDBAtlasCloudBackupSnapshotExportBuckets(), + "mongodbatlas_cloud_backup_snapshot_export_job": datasourceMongoDBAtlasCloudBackupSnapshotExportJob(), + "mongodbatlas_cloud_backup_snapshot_export_jobs": datasourceMongoDBAtlasCloudBackupSnapshotExportJobs(), + "mongodbatlas_cloud_federated_settings": dataSourceMongoDBAtlasFederatedSettings(), + "mongodbatlas_cloud_federated_settings_identity_providers": dataSourceMongoDBAtlasFederatedSettingsIdentityProviders(), + "mongodbatlas_cloud_federated_settings_org_configs": dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs(), + "mongodbatlas_cloud_federated_settings_org_role_mappings": dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings(), } return dataSourcesMap } func getResourcesMap() map[string]*schema.Resource { resourcesMap := map[string]*schema.Resource{ - "mongodbatlas_advanced_cluster": resourceMongoDBAtlasAdvancedCluster(), - "mongodbatlas_custom_db_role": resourceMongoDBAtlasCustomDBRole(), - "mongodbatlas_database_user": resourceMongoDBAtlasDatabaseUser(), - "mongodbatlas_project": resourceMongoDBAtlasProject(), - "mongodbatlas_cluster": resourceMongoDBAtlasCluster(), - "mongodbatlas_cloud_provider_snapshot": resourceMongoDBAtlasCloudProviderSnapshot(), - "mongodbatlas_network_container": resourceMongoDBAtlasNetworkContainer(), - "mongodbatlas_cloud_provider_snapshot_restore_job": resourceMongoDBAtlasCloudProviderSnapshotRestoreJob(), - "mongodbatlas_network_peering": resourceMongoDBAtlasNetworkPeering(), - "mongodbatlas_encryption_at_rest": resourceMongoDBAtlasEncryptionAtRest(), - "mongodbatlas_private_ip_mode": resourceMongoDBAtlasPrivateIPMode(), - "mongodbatlas_maintenance_window": resourceMongoDBAtlasMaintenanceWindow(), - "mongodbatlas_auditing": resourceMongoDBAtlasAuditing(), - "mongodbatlas_team": resourceMongoDBAtlasTeam(), - "mongodbatlas_teams": resourceMongoDBAtlasTeam(), - "mongodbatlas_global_cluster_config": resourceMongoDBAtlasGlobalCluster(), - "mongodbatlas_alert_configuration": resourceMongoDBAtlasAlertConfiguration(), - "mongodbatlas_x509_authentication_database_user": resourceMongoDBAtlasX509AuthDBUser(), - "mongodbatlas_privatelink_endpoint": resourceMongoDBAtlasPrivateLinkEndpoint(), - "mongodbatlas_privatelink_endpoint_service": resourceMongoDBAtlasPrivateEndpointServiceLink(), - "mongodbatlas_privatelink_endpoint_service_adl": resourceMongoDBAtlasPrivateLinkEndpointServiceADL(), - "mongodbatlas_cloud_provider_snapshot_backup_policy": resourceMongoDBAtlasCloudProviderSnapshotBackupPolicy(), - "mongodbatlas_third_party_integration": resourceMongoDBAtlasThirdPartyIntegration(), - "mongodbatlas_project_ip_access_list": resourceMongoDBAtlasProjectIPAccessList(), - "mongodbatlas_cloud_provider_access": resourceMongoDBAtlasCloudProviderAccess(), - "mongodbatlas_online_archive": resourceMongoDBAtlasOnlineArchive(), - "mongodbatlas_custom_dns_configuration_cluster_aws": resourceMongoDBAtlasCustomDNSConfiguration(), - "mongodbatlas_ldap_configuration": resourceMongoDBAtlasLDAPConfiguration(), - "mongodbatlas_ldap_verify": resourceMongoDBAtlasLDAPVerify(), - "mongodbatlas_cloud_provider_access_setup": resourceMongoDBAtlasCloudProviderAccessSetup(), - "mongodbatlas_cloud_provider_access_authorization": resourceMongoDBAtlasCloudProviderAccessAuthorization(), - "mongodbatlas_search_index": resourceMongoDBAtlasSearchIndex(), - "mongodbatlas_data_lake": resourceMongoDBAtlasDataLake(), - "mongodbatlas_event_trigger": resourceMongoDBAtlasEventTriggers(), - "mongodbatlas_cloud_backup_schedule": resourceMongoDBAtlasCloudBackupSchedule(), - "mongodbatlas_project_invitation": resourceMongoDBAtlasProjectInvitation(), - "mongodbatlas_org_invitation": resourceMongoDBAtlasOrgInvitation(), - "mongodbatlas_cloud_backup_snapshot": resourceMongoDBAtlasCloudBackupSnapshot(), - "mongodbatlas_cloud_backup_snapshot_restore_job": resourceMongoDBAtlasCloudBackupSnapshotRestoreJob(), - "mongodbatlas_cloud_backup_snapshot_export_bucket": resourceMongoDBAtlasCloudBackupSnapshotExportBucket(), - "mongodbatlas_cloud_backup_snapshot_export_job": resourceMongoDBAtlasCloudBackupSnapshotExportJob(), + "mongodbatlas_advanced_cluster": resourceMongoDBAtlasAdvancedCluster(), + "mongodbatlas_custom_db_role": resourceMongoDBAtlasCustomDBRole(), + "mongodbatlas_database_user": resourceMongoDBAtlasDatabaseUser(), + "mongodbatlas_project": resourceMongoDBAtlasProject(), + "mongodbatlas_cluster": resourceMongoDBAtlasCluster(), + "mongodbatlas_cloud_provider_snapshot": resourceMongoDBAtlasCloudProviderSnapshot(), + "mongodbatlas_network_container": resourceMongoDBAtlasNetworkContainer(), + "mongodbatlas_cloud_provider_snapshot_restore_job": resourceMongoDBAtlasCloudProviderSnapshotRestoreJob(), + "mongodbatlas_network_peering": resourceMongoDBAtlasNetworkPeering(), + "mongodbatlas_encryption_at_rest": resourceMongoDBAtlasEncryptionAtRest(), + "mongodbatlas_private_ip_mode": resourceMongoDBAtlasPrivateIPMode(), + "mongodbatlas_maintenance_window": resourceMongoDBAtlasMaintenanceWindow(), + "mongodbatlas_auditing": resourceMongoDBAtlasAuditing(), + "mongodbatlas_team": resourceMongoDBAtlasTeam(), + "mongodbatlas_teams": resourceMongoDBAtlasTeam(), + "mongodbatlas_global_cluster_config": resourceMongoDBAtlasGlobalCluster(), + "mongodbatlas_alert_configuration": resourceMongoDBAtlasAlertConfiguration(), + "mongodbatlas_x509_authentication_database_user": resourceMongoDBAtlasX509AuthDBUser(), + "mongodbatlas_privatelink_endpoint": resourceMongoDBAtlasPrivateLinkEndpoint(), + "mongodbatlas_privatelink_endpoint_service": resourceMongoDBAtlasPrivateEndpointServiceLink(), + "mongodbatlas_privatelink_endpoint_service_adl": resourceMongoDBAtlasPrivateLinkEndpointServiceADL(), + "mongodbatlas_cloud_provider_snapshot_backup_policy": resourceMongoDBAtlasCloudProviderSnapshotBackupPolicy(), + "mongodbatlas_third_party_integration": resourceMongoDBAtlasThirdPartyIntegration(), + "mongodbatlas_project_ip_access_list": resourceMongoDBAtlasProjectIPAccessList(), + "mongodbatlas_cloud_provider_access": resourceMongoDBAtlasCloudProviderAccess(), + "mongodbatlas_online_archive": resourceMongoDBAtlasOnlineArchive(), + "mongodbatlas_custom_dns_configuration_cluster_aws": resourceMongoDBAtlasCustomDNSConfiguration(), + "mongodbatlas_ldap_configuration": resourceMongoDBAtlasLDAPConfiguration(), + "mongodbatlas_ldap_verify": resourceMongoDBAtlasLDAPVerify(), + "mongodbatlas_cloud_provider_access_setup": resourceMongoDBAtlasCloudProviderAccessSetup(), + "mongodbatlas_cloud_provider_access_authorization": resourceMongoDBAtlasCloudProviderAccessAuthorization(), + "mongodbatlas_search_index": resourceMongoDBAtlasSearchIndex(), + "mongodbatlas_data_lake": resourceMongoDBAtlasDataLake(), + "mongodbatlas_event_trigger": resourceMongoDBAtlasEventTriggers(), + "mongodbatlas_cloud_backup_schedule": resourceMongoDBAtlasCloudBackupSchedule(), + "mongodbatlas_project_invitation": resourceMongoDBAtlasProjectInvitation(), + "mongodbatlas_org_invitation": resourceMongoDBAtlasOrgInvitation(), + "mongodbatlas_cloud_backup_snapshot": resourceMongoDBAtlasCloudBackupSnapshot(), + "mongodbatlas_cloud_backup_snapshot_restore_job": resourceMongoDBAtlasCloudBackupSnapshotRestoreJob(), + "mongodbatlas_cloud_backup_snapshot_export_bucket": resourceMongoDBAtlasCloudBackupSnapshotExportBucket(), + "mongodbatlas_cloud_backup_snapshot_export_job": resourceMongoDBAtlasCloudBackupSnapshotExportJob(), + "mongodbatlas_cloud_federated_settings_org_config": resourceMongoDBAtlasFederatedSettingsOrganizationConfig(), + "mongodbatlas_cloud_federated_settings_org_role_mapping": resourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping(), + "mongodbatlas_cloud_federated_settings_identity_provider": resourceMongoDBAtlasFederatedSettingsIdentityProvider(), } return resourcesMap } diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go new file mode 100644 index 0000000000..609c1470c6 --- /dev/null +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go @@ -0,0 +1,179 @@ +package mongodbatlas + +import ( + "context" + "errors" + "fmt" + "net/http" + "regexp" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/spf13/cast" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func resourceMongoDBAtlasFederatedSettingsOrganizationConfig() *schema.Resource { + return &schema.Resource{ + CreateContext: resourceMongoDBAtlasFederatedSettingsOrganizationConfigRead, + ReadContext: resourceMongoDBAtlasFederatedSettingsOrganizationConfigRead, + UpdateContext: resourceMongoDBAtlasFederatedSettingsOrganizationConfigUpdate, + DeleteContext: resourceMongoDBAtlasFederatedSettingsOrganizationConfigDelete, + Importer: &schema.ResourceImporter{ + StateContext: resourceMongoDBAtlasFederatedSettingsOrganizationConfigImportState, + }, + Schema: map[string]*schema.Schema{ + "federation_settings_id": { + Type: schema.TypeString, + Required: true, + }, + "org_id": { + Type: schema.TypeString, + Required: true, + }, + "domain_allow_list": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "domain_restriction_enabled": { + Type: schema.TypeBool, + Required: true, + }, + }, + } +} + +func resourceMongoDBAtlasFederatedSettingsOrganizationConfigRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + ids := decodeStateID(d.Id()) + federationSettingsID := ids["federation_settings_id"] + orgID := ids["org_id"] + + federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettingsConnectedOrganization.Get(context.Background(), federationSettingsID, orgID) + if err != nil { + // case 404 + // deleted in the backend case + if resp != nil && resp.StatusCode == http.StatusNotFound { + d.SetId("") + return nil + } + + return diag.FromErr(fmt.Errorf("error getting federated settings organization config: %s", err)) + } + + if err := d.Set("domain_restriction_enabled", federatedSettingsConnectedOrganization.DomainRestrictionEnabled); err != nil { + return diag.FromErr(fmt.Errorf("error setting domain restriction enabled (%s): %s", d.Id(), err)) + } + + if err := d.Set("domain_allow_list", federatedSettingsConnectedOrganization.DomainAllowList); err != nil { + return diag.FromErr(fmt.Errorf("error setting domain allow list (%s): %s", d.Id(), err)) + } + + d.SetId(encodeStateID(map[string]string{ + "federation_settings_id": federationSettingsID, + "org_id": orgID, + })) + + return nil +} + +func resourceMongoDBAtlasFederatedSettingsOrganizationConfigUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + ids := decodeStateID(d.Id()) + federationSettingsID := ids["federation_settings_id"] + orgID := ids["org_id"] + + federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettingsConnectedOrganization.Get(context.Background(), federationSettingsID, orgID) + if err != nil { + return diag.FromErr(fmt.Errorf("error retreiving federation settings connected organization (%s): %s", federationSettingsID, err)) + } + + if d.HasChange("domain_restriction_enabled") { + domainRestrictionEnabled := d.Get("domain_restriction_enabled").(bool) + federatedSettingsConnectedOrganizationUpdate.DomainRestrictionEnabled = &domainRestrictionEnabled + } + + if d.HasChange("domain_allow_list") { + domainAllowList := d.Get("domain_allow_list") + federatedSettingsConnectedOrganizationUpdate.DomainAllowList = cast.ToStringSlice(domainAllowList) + } + + _, _, err = conn.FederatedSettingsConnectedOrganization.Update(ctx, federationSettingsID, orgID, federatedSettingsConnectedOrganizationUpdate) + if err != nil { + return diag.FromErr(fmt.Errorf("error updating federation settings connected organization (%s): %s", federationSettingsID, err)) + } + + return resourceMongoDBAtlasFederatedSettingsOrganizationConfigRead(ctx, d, meta) +} + +func resourceMongoDBAtlasFederatedSettingsOrganizationConfigDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + ids := decodeStateID(d.Id()) + federationSettingsID := ids["federation_settings_id"] + orgID := ids["org_id"] + + _, err := conn.FederatedSettingsConnectedOrganization.Delete(ctx, federationSettingsID, orgID) + if err != nil { + return diag.FromErr(fmt.Errorf("error deleting federation settings connected organization (%s): %s", federationSettingsID, err)) + } + + return nil +} + +func resourceMongoDBAtlasFederatedSettingsOrganizationConfigImportState(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + conn := meta.(*MongoDBClient).Atlas + federationSettingsID, orgID, err := splitFederatedSettingsOrganizationConfigImportID(d.Id()) + if err != nil { + return nil, err + } + + federatedSettingsConnectedOrganization, _, err := conn.FederatedSettingsConnectedOrganization.Get(context.Background(), *federationSettingsID, *orgID) + if err != nil { + return nil, fmt.Errorf("couldn't import Organization config (%s) in Federation settings (%s), error: %s", *orgID, *federationSettingsID, err) + } + + if err := d.Set("federation_settings_id", *federationSettingsID); err != nil { + return nil, fmt.Errorf("error setting Organization config in Federation settings (%s): %s", d.Id(), err) + } + + if err := d.Set("domain_restriction_enabled", federatedSettingsConnectedOrganization.DomainRestrictionEnabled); err != nil { + return nil, fmt.Errorf("error setting domain restriction enabled (%s): %s", d.Id(), err) + } + + if err := d.Set("domain_allow_list", federatedSettingsConnectedOrganization.DomainAllowList); err != nil { + return nil, fmt.Errorf("error setting domain allow list (%s): %s", d.Id(), err) + } + + if err := d.Set("org_id", federatedSettingsConnectedOrganization.OrgID); err != nil { + return nil, fmt.Errorf("error setting org id (%s): %s", d.Id(), err) + } + + d.SetId(encodeStateID(map[string]string{ + "federation_settings_id": *federationSettingsID, + "org_id": *orgID, + })) + + return []*schema.ResourceData{d}, nil +} + +func splitFederatedSettingsOrganizationConfigImportID(id string) (federationSettingsID, orgID *string, err error) { + var re = regexp.MustCompile(`(?s)^(.*)-(.*)$`) + parts := re.FindStringSubmatch(id) + + if len(parts) != 3 { + err = errors.New("import format error: to import a Federated Settings Orgnization Config, use the format {federation_settings_id}-{org_id}") + return + } + + federationSettingsID = &parts[1] + orgID = &parts[2] + + return +} diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go new file mode 100644 index 0000000000..257cf61600 --- /dev/null +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go @@ -0,0 +1,198 @@ +package mongodbatlas + +import ( + "context" + "errors" + "fmt" + "net/http" + "regexp" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/spf13/cast" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func resourceMongoDBAtlasFederatedSettingsIdentityProvider() *schema.Resource { + return &schema.Resource{ + CreateContext: resourceMongoDBAtlasFederatedSettingsIdentityProviderRead, + ReadContext: resourceMongoDBAtlasFederatedSettingsIdentityProviderRead, + UpdateContext: resourceMongoDBAtlasFederatedSettingsIdentityProviderUpdate, + DeleteContext: resourceMongoDBAtlasFederatedSettingsIdentityProviderDelete, + Importer: &schema.ResourceImporter{ + StateContext: resourceMongoDBAtlasFederatedSettingsIdentityProviderImportState, + }, + Schema: map[string]*schema.Schema{ + "federation_settings_id": { + Type: schema.TypeString, + Required: true, + }, + "name": { + Type: schema.TypeString, + Required: true, + }, + "associated_domains": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "sso_debug_enabled": { + Type: schema.TypeBool, + Required: true, + }, + "status": { + Type: schema.TypeString, + Required: true, + }, + "okta_idp_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} + +func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + if d.Id() == "" { + d.SetId("") + return nil + } + + ids := decodeStateID(d.Id()) + federationSettingsID := ids["federation_settings_id"] + oktaIdpID := ids["okta_idp_id"] + + federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettingsIdentityProvider.Get(context.Background(), federationSettingsID, oktaIdpID) + if err != nil { + // case 404 + // deleted in the backend case + if resp != nil && resp.StatusCode == http.StatusNotFound { + d.SetId("") + return nil + } + + return diag.FromErr(fmt.Errorf("error getting federated settings identity provider: %s", err)) + } + + if err := d.Set("sso_debug_enabled", federatedSettingsConnectedOrganization.SsoDebugEnabled); err != nil { + return diag.FromErr(fmt.Errorf("error setting sso debug enabled (%s): %s", d.Id(), err)) + } + + if err := d.Set("associated_domains", federatedSettingsConnectedOrganization.AssociatedDomains); err != nil { + return diag.FromErr(fmt.Errorf("error setting associated domains list (%s): %s", d.Id(), err)) + } + + if err := d.Set("okta_idp_id", federatedSettingsConnectedOrganization.OktaIdpID); err != nil { + return diag.FromErr(fmt.Errorf("error setting OktaIdpID (%s): %s", d.Id(), err)) + } + + if err := d.Set("status", federatedSettingsConnectedOrganization.Status); err != nil { + return diag.FromErr(fmt.Errorf("error setting Status (%s): %s", d.Id(), err)) + } + + d.SetId(encodeStateID(map[string]string{ + "federation_settings_id": federationSettingsID, + "okta_idp_id": oktaIdpID, + })) + + return nil +} + +func resourceMongoDBAtlasFederatedSettingsIdentityProviderUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + ids := decodeStateID(d.Id()) + federationSettingsID := ids["federation_settings_id"] + oktaIdpID := ids["okta_idp_id"] + + federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettingsIdentityProvider.Get(context.Background(), federationSettingsID, oktaIdpID) + if err != nil { + return diag.FromErr(fmt.Errorf("error retreiving federation settings identity provider (%s): %s", federationSettingsID, err)) + } + + if d.HasChange("sso_debug_enabled") { + ssoDebugEnabled := d.Get("sso_debug_enabled").(bool) + federatedSettingsConnectedOrganizationUpdate.SsoDebugEnabled = &ssoDebugEnabled + } + + if d.HasChange("associated_domains") { + associatedDomains := d.Get("associated_domains") + federatedSettingsConnectedOrganizationUpdate.AssociatedDomains = cast.ToStringSlice(associatedDomains) + } + + if d.HasChange("name") { + identityName := d.Get("name").(string) + federatedSettingsConnectedOrganizationUpdate.DisplayName = identityName + } + + if d.HasChange("status") { + status := d.Get("status").(string) + federatedSettingsConnectedOrganizationUpdate.Status = status + } + + federatedSettingsConnectedOrganizationUpdate.PemFileInfo = nil + + _, _, err = conn.FederatedSettingsIdentityProvider.Update(ctx, federationSettingsID, oktaIdpID, federatedSettingsConnectedOrganizationUpdate) + if err != nil { + return diag.FromErr(fmt.Errorf("error updating federation settings identity provider (%s): %s", federationSettingsID, err)) + } + + return resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx, d, meta) +} + +func resourceMongoDBAtlasFederatedSettingsIdentityProviderDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + d.SetId("") + return nil +} + +func resourceMongoDBAtlasFederatedSettingsIdentityProviderImportState(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + conn := meta.(*MongoDBClient).Atlas + federationSettingsID, oktaIdpID, err := splitFederatedSettingsIdentityProviderImportID(d.Id()) + if err != nil { + return nil, err + } + + federatedSettingsIdentityProvider, _, err := conn.FederatedSettingsIdentityProvider.Get(context.Background(), *federationSettingsID, *oktaIdpID) + if err != nil { + return nil, fmt.Errorf("couldn't import Organization config (%s) in Federation settings (%s), error: %s", *oktaIdpID, *federationSettingsID, err) + } + + if err := d.Set("federation_settings_id", *federationSettingsID); err != nil { + return nil, fmt.Errorf("error setting Identity Provider in Federation settings (%s): %s", d.Id(), err) + } + + if err := d.Set("sso_debug_enabled", federatedSettingsIdentityProvider.SsoDebugEnabled); err != nil { + return nil, fmt.Errorf("error setting sso debug enabled (%s): %s", d.Id(), err) + } + + if err := d.Set("associated_domains", federatedSettingsIdentityProvider.AssociatedDomains); err != nil { + return nil, fmt.Errorf("error setting associaed domains list (%s): %s", d.Id(), err) + } + + d.SetId(encodeStateID(map[string]string{ + "federation_settings_id": *federationSettingsID, + "okta_idp_id": *oktaIdpID, + })) + + return []*schema.ResourceData{d}, nil +} + +func splitFederatedSettingsIdentityProviderImportID(id string) (federationSettingsID, oktaIdpID *string, err error) { + var re = regexp.MustCompile(`(?s)^(.*)-(.*)$`) + parts := re.FindStringSubmatch(id) + + if len(parts) != 3 { + err = errors.New("import format error: to import a Federated SettingsIdentity Provider, use the format {federation_settings_id}-{org_id}-{okta_idp_id}") + return + } + + federationSettingsID = &parts[1] + oktaIdpID = &parts[2] + + return +} diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go new file mode 100644 index 0000000000..ec143e3bff --- /dev/null +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go @@ -0,0 +1,304 @@ +package mongodbatlas + +import ( + "context" + "errors" + "fmt" + "net/http" + "regexp" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "go.mongodb.org/atlas/mongodbatlas" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping() *schema.Resource { + return &schema.Resource{ + CreateContext: resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingCreate, + ReadContext: resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead, + UpdateContext: resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingUpdate, + DeleteContext: resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingDelete, + Importer: &schema.ResourceImporter{ + StateContext: resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingImportState, + }, + Schema: map[string]*schema.Schema{ + "federation_settings_id": { + Type: schema.TypeString, + Required: true, + }, + "org_id": { + Type: schema.TypeString, + Required: true, + }, + "external_group_name": { + Type: schema.TypeString, + Required: true, + }, + "organization_roles": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "group_id": { + Type: schema.TypeString, + Optional: true, + }, + "group_roles": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + } +} + +func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + ids := decodeStateID(d.Id()) + federationSettingsID := ids["federation_settings_id"] + orgID := ids["org_id"] + roleMappingID := ids["role_mapping_id"] + + federatedSettingsOrganizationRoleMapping, resp, err := conn.FederatedSettingsOrganizationRoleMapping.Get(context.Background(), federationSettingsID, orgID, roleMappingID) + if err != nil { + // case 404 + // deleted in the backend case + if resp != nil && resp.StatusCode == http.StatusNotFound { + d.SetId("") + return nil + } + + return diag.FromErr(fmt.Errorf("error getting federated settings organization config: %s", err)) + } + + if err := d.Set("external_group_name", federatedSettingsOrganizationRoleMapping.ExternalGroupName); err != nil { + return diag.FromErr(fmt.Errorf("error setting external group name (%s): %s", d.Id(), err)) + } + + orgRoles := []string{} + groupRoles := []string{} + + for i := range federatedSettingsOrganizationRoleMapping.RoleAssignments { + if federatedSettingsOrganizationRoleMapping.RoleAssignments[i].GroupID == "" { + orgRoles = append(orgRoles, federatedSettingsOrganizationRoleMapping.RoleAssignments[i].Role) + } + + if federatedSettingsOrganizationRoleMapping.RoleAssignments[i].OrgID == "" { + groupRoles = append(groupRoles, federatedSettingsOrganizationRoleMapping.RoleAssignments[i].Role) + } + } + + if err := d.Set("organization_roles", orgRoles); err != nil { + return diag.FromErr(fmt.Errorf("error setting org roles (%s): %s", d.Id(), err)) + } + + if err := d.Set("group_roles", groupRoles); err != nil { + return diag.FromErr(fmt.Errorf("error setting group roles (%s): %s", d.Id(), err)) + } + + d.SetId(encodeStateID(map[string]string{ + "federation_settings_id": federationSettingsID, + "org_id": orgID, + "role_mapping_id": roleMappingID, + })) + + return nil +} + +func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + federationSettingsID := d.Get("federation_settings_id").(string) + orgID := d.Get("org_id").(string) + groupID := d.Get("group_id").(string) + + externalGroupName := d.Get("external_group_name").(string) + + body := &mongodbatlas.FederatedSettingsOrganizationRoleMapping{} + body.ExternalGroupName = externalGroupName + + for _, role := range d.Get("organization_roles").(*schema.Set).List() { + roleAssignment := mongodbatlas.RoleAssignments{} + roleAssignment.Role = role.(string) + + roleAssignment.OrgID = orgID + roleAssignment.GroupID = "" + if roleAssignment.Role != "" { + body.RoleAssignments = append(body.RoleAssignments, &roleAssignment) + } + } + + for _, role := range d.Get("group_roles").(*schema.Set).List() { + roleAssignment := mongodbatlas.RoleAssignments{} + roleAssignment.Role = role.(string) + + roleAssignment.OrgID = "" + roleAssignment.GroupID = groupID + if roleAssignment.Role != "" { + body.RoleAssignments = append(body.RoleAssignments, &roleAssignment) + } + } + + federatedSettingsOrganizationRoleMapping, resp, err := conn.FederatedSettingsOrganizationRoleMapping.Create(context.Background(), federationSettingsID, orgID, body) + if err != nil { + // case 404 + // deleted in the backend case + if resp != nil && resp.StatusCode == http.StatusNotFound { + d.SetId("") + return nil + } + + return diag.FromErr(fmt.Errorf("error getting federated settings organization config: %s", err)) + } + + d.SetId(encodeStateID(map[string]string{ + "federation_settings_id": federationSettingsID, + "org_id": orgID, + "role_mapping_id": federatedSettingsOrganizationRoleMapping.ID, + })) + + return resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead(ctx, d, meta) +} + +func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + ids := decodeStateID(d.Id()) + federationSettingsID := ids["federation_settings_id"] + orgID := ids["org_id"] + roleMappingID := ids["role_mapping_id"] + groupID := d.Get("group_id").(string) + + federatedSettingsOrganizationRoleMappingUpdate, _, err := conn.FederatedSettingsOrganizationRoleMapping.Get(context.Background(), federationSettingsID, orgID, roleMappingID) + if err != nil { + return diag.FromErr(fmt.Errorf("error retreiving federation settings connected organization (%s): %s", federationSettingsID, err)) + } + + if d.HasChange("external_group_name") { + externalGroupName := d.Get("external_group_name").(string) + federatedSettingsOrganizationRoleMappingUpdate.ExternalGroupName = externalGroupName + } + + federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments = nil + + for _, role := range d.Get("organization_roles").(*schema.Set).List() { + roleAssignment := mongodbatlas.RoleAssignments{} + roleAssignment.Role = role.(string) + + roleAssignment.OrgID = orgID + roleAssignment.GroupID = "" + if roleAssignment.Role != "" { + federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments = append(federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments, &roleAssignment) + } + } + + for _, role := range d.Get("group_roles").(*schema.Set).List() { + roleAssignment := mongodbatlas.RoleAssignments{} + roleAssignment.Role = role.(string) + + roleAssignment.OrgID = "" + roleAssignment.GroupID = groupID + if roleAssignment.Role != "" { + federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments = append(federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments, &roleAssignment) + } + } + + _, _, err = conn.FederatedSettingsOrganizationRoleMapping.Update(ctx, federationSettingsID, orgID, roleMappingID, federatedSettingsOrganizationRoleMappingUpdate) + if err != nil { + return diag.FromErr(fmt.Errorf("error updating federation settings connected organization (%s): %s", federationSettingsID, err)) + } + + return resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead(ctx, d, meta) +} + +func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + ids := decodeStateID(d.Id()) + federationSettingsID := ids["federation_settings_id"] + orgID := ids["org_id"] + roleMappingID := ids["role_mapping_id"] + + _, err := conn.FederatedSettingsOrganizationRoleMapping.Delete(ctx, federationSettingsID, orgID, roleMappingID) + if err != nil { + return diag.FromErr(fmt.Errorf("error deleting federation settings connected organization (%s): %s", federationSettingsID, err)) + } + + return nil +} + +func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingImportState(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + conn := meta.(*MongoDBClient).Atlas + + federationSettingsID, orgID, roleMappingID, err := splitFederatedSettingsOrganizationRoleMappingImportID(d.Id()) + if err != nil { + return nil, err + } + + federatedSettingsOrganizationRoleMapping, _, err := conn.FederatedSettingsOrganizationRoleMapping.Get(context.Background(), *federationSettingsID, *orgID, *roleMappingID) + if err != nil { + return nil, fmt.Errorf("couldn't import Role Mappings (%s) in Federation settings (%s), error: %s", *roleMappingID, *federationSettingsID, err) + } + + if err := d.Set("federation_settings_id", *federationSettingsID); err != nil { + return nil, fmt.Errorf("error setting role mapping in Federation settings (%s): %s", d.Id(), err) + } + + orgRoles := []string{} + groupRoles := []string{} + + for i := range federatedSettingsOrganizationRoleMapping.RoleAssignments { + if federatedSettingsOrganizationRoleMapping.RoleAssignments[i].GroupID == "" { + if err := d.Set("org_id", federatedSettingsOrganizationRoleMapping.RoleAssignments[i].OrgID); err != nil { + return nil, fmt.Errorf("error setting org id (%s): %s", d.Id(), err) + } + orgRoles = append(orgRoles, federatedSettingsOrganizationRoleMapping.RoleAssignments[i].Role) + } + + if federatedSettingsOrganizationRoleMapping.RoleAssignments[i].OrgID == "" { + if err := d.Set("group_id", federatedSettingsOrganizationRoleMapping.RoleAssignments[i].GroupID); err != nil { + return nil, fmt.Errorf("error setting group id (%s): %s", d.Id(), err) + } + groupRoles = append(groupRoles, federatedSettingsOrganizationRoleMapping.RoleAssignments[i].Role) + } + } + + if err := d.Set("organization_roles", orgRoles); err != nil { + return nil, fmt.Errorf("error setting org roles (%s): %s", d.Id(), err) + } + + if err := d.Set("group_roles", groupRoles); err != nil { + return nil, fmt.Errorf("error setting group roles (%s): %s", d.Id(), err) + } + + d.SetId(encodeStateID(map[string]string{ + "federation_settings_id": *federationSettingsID, + "org_id": *orgID, + "role_mapping_id": *roleMappingID, + })) + + return []*schema.ResourceData{d}, nil +} + +func splitFederatedSettingsOrganizationRoleMappingImportID(id string) (federationSettingsID, orgID, roleMappingID *string, err error) { + var re = regexp.MustCompile(`(?s)^(.*)-(.*)-(.*)$`) + parts := re.FindStringSubmatch(id) + + if len(parts) != 4 { + err = errors.New("import format error: to import a Federated Settings Role Mappings, use the format {federation_settings_id}-{org_id}-{role_mapping_id}") + return + } + + federationSettingsID = &parts[1] + orgID = &parts[2] + roleMappingID = &parts[3] + + return +} From ed0cb072c0eb2a77a1e55d0741d28d6a79929ca3 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Thu, 26 May 2022 09:59:54 -0500 Subject: [PATCH 02/35] Refactor for service pattern change --- go.sum | 2 + ..._source_mongodbatlas_federated_settings.go | 20 ++---- ...erated_settings_connected_organizations.go | 2 +- ...s_federated_settings_identity_providers.go | 2 +- ...ted_settings_organization_role_mappings.go | 2 +- ...ce_mongodbatlas_federated_settings_test.go | 71 ------------------- ...derated_settings_connected_organization.go | 10 +-- ...as_federated_settings_identity_provider.go | 8 +-- ...ated_settings_organization_role_mapping.go | 12 ++-- 9 files changed, 24 insertions(+), 105 deletions(-) delete mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_test.go diff --git a/go.sum b/go.sum index 98578f16f1..79a9fd16fe 100644 --- a/go.sum +++ b/go.sum @@ -1231,6 +1231,8 @@ go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsX go.mongodb.org/atlas v0.12.0/go.mod h1:wVCnHcm/7/IfTjEB6K8K35PLG70yGz8BdkRwX0oK9/M= go.mongodb.org/atlas v0.15.1-0.20220215171307-4b760c3c624f h1:IvKkFdSSBLC5kqB1X87vn8CRAI7eXoMSK7u2lG+WUg8= go.mongodb.org/atlas v0.15.1-0.20220215171307-4b760c3c624f/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= +go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f h1:UOe3bOi7nzMKO1IFf3buDXHKQAy0spVxDipNoFLuRFM= +go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= go.mongodb.org/realm v0.1.0 h1:zJiXyLaZrznQ+Pz947ziSrDKUep39DO4SfA0Fzx8M4M= go.mongodb.org/realm v0.1.0/go.mod h1:4Vj6iy+Puo1TDERcoh4XZ+pjtwbOzPpzqy3Cwe8ZmDM= go.mozilla.org/mozlog v0.0.0-20170222151521-4bb13139d403/go.mod h1:jHoPAGnDrCy6kaI2tAze5Prf0Nr0w/oNkROt2lw3n3o= diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings.go b/mongodbatlas/data_source_mongodbatlas_federated_settings.go index afff8ceb87..a0857fea3f 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings.go @@ -56,30 +56,18 @@ func dataSourceMongoDBAtlasFederatedSettingsRead(ctx context.Context, d *schema. conn := meta.(*MongoDBClient).Atlas orgID, orgIDOk := d.GetOk("org_id") - name, nameOk := d.GetOk("name") - if !orgIDOk && !nameOk { - return diag.FromErr(errors.New("either org_id or name must be configured")) + if !orgIDOk { + return diag.FromErr(errors.New("org_id must be configured")) } var ( - err error - org *matlas.Organization - orgs *matlas.Organizations + err error + org *matlas.Organization ) if orgIDOk { org, _, err = conn.Organizations.Get(ctx, orgID.(string)) - } else { - orgs, _, err = conn.Organizations.List(ctx, nil) - if err != nil { - return diag.Errorf("Organizations.List returned error: %v", err) - } - for _, o := range orgs.Results { - if o.Name == name.(string) { - org, _, err = conn.Organizations.Get(ctx, o.ID) - } - } } if err != nil { diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go index 668c87f80d..6eca89ab53 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go @@ -143,7 +143,7 @@ func dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigsRead(ctx context. return diag.FromErr(errors.New("either federation_settings_id must be configured")) } - federatedSettingsConnectedOrganizations, _, err := conn.FederatedSettingsConnectedOrganization.List(ctx, options, federationSettingsID.(string)) + federatedSettingsConnectedOrganizations, _, err := conn.FederatedSettings.ListConnectedOrgs(ctx, options, federationSettingsID.(string)) if err != nil { return diag.Errorf("error getting federatedSettings connected organizations assigned (%s): %s", federationSettingsID, err) } diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go index 81258306a7..bd8ef2fd2b 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go @@ -226,7 +226,7 @@ func dataSourceMongoDBAtlasFederatedSettingsIdentityProvidersRead(ctx context.Co return diag.FromErr(errors.New("either federation_settings_id must be configured")) } - federatedSettingsIdentityProviders, _, err := conn.FederatedSettingsIdentityProvider.List(ctx, options, federationSettingsID.(string)) + federatedSettingsIdentityProviders, _, err := conn.FederatedSettings.ListIdentityProvider(ctx, options, federationSettingsID.(string)) if err != nil { return diag.Errorf("error getting federatedSettings IdentityProviders assigned (%s): %s", federationSettingsID, err) } diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go index ca79d043fa..e464afa325 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go @@ -91,7 +91,7 @@ func dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingsRead(ctx con ItemsPerPage: d.Get("items_per_page").(int), } - federatedSettingsOrganizationRoleMappings, _, err := conn.FederatedSettingsOrganizationRoleMapping.List(ctx, options, federationSettingsID.(string), orgID.(string)) + federatedSettingsOrganizationRoleMappings, _, err := conn.FederatedSettings.ListRoleMapping(ctx, options, federationSettingsID.(string), orgID.(string)) if err != nil { return diag.Errorf("error getting federatedSettings IdentityProviders assigned (%s): %s", federationSettingsID, err) } diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go deleted file mode 100644 index c2e8839c1c..0000000000 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go +++ /dev/null @@ -1,71 +0,0 @@ -package mongodbatlas - -import ( - "context" - "fmt" - "os" - "strings" - "testing" - - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" - "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" -) - -func TestAccDataSourceMongoDBAtlasFederatedSettings_basic(t *testing.T) { - var ( - dataSourceName = "data.mongodbatlas_cloud_federated_settings.config" - orgID = os.Getenv("MONGODB_ATLAS_ORG_ID") - name = "Terraform Official Testing for Federation" - ) - - resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - ProviderFactories: testAccProviderFactories, - CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, - Steps: []resource.TestStep{ - { - Config: testAccDSMongoDBAtlasFederatedSettingsConfig(orgID, name), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttrSet(dataSourceName, "org_id"), - resource.TestCheckResourceAttrSet(dataSourceName, "identity_provider_id"), - ), - }, - }, - }) -} - -func testAccDSMongoDBAtlasFederatedSettingsConfig(orgID, name string) string { - return fmt.Sprintf(` - data "mongodbatlas_cloud_federated_settings" "federated_settings" { - org_id = "%s" - name = "%s" - } - - `, orgID, name) -} - -func testAccCheckMongoDBAtlasFederatedSettingsDestroy(s *terraform.State) error { - conn := testAccProvider.Meta().(*MongoDBClient).Atlas - - for _, rs := range s.RootModule().Resources { - if rs.Type != "mongodbatlas_cloud_federated_settings" { - continue - } - - // Try to find the cluster - globalConfig, _, err := conn.FederatedSettings.Get(context.Background(), rs.Primary.Attributes["org_id"]) - if err != nil { - if strings.Contains(err.Error(), fmt.Sprintf("No federated settings identity provider %s exists in org %s", rs.Primary.Attributes["identity_provider_id"], rs.Primary.Attributes["org_id"])) { - return nil - } - - return err - } - - if len(globalConfig.IdentityProviderID) > 0 || len(globalConfig.IdentityProviderStatus) > 0 { - return fmt.Errorf("Federated settings identity provider(%s) still exists", rs.Primary.Attributes["identity_provider_id"]) - } - } - - return nil -} diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go index 609c1470c6..1470d9c523 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go @@ -54,7 +54,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigRead(ctx context.Con federationSettingsID := ids["federation_settings_id"] orgID := ids["org_id"] - federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettingsConnectedOrganization.Get(context.Background(), federationSettingsID, orgID) + federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettings.GetConnectedOrgs(context.Background(), federationSettingsID, orgID) if err != nil { // case 404 // deleted in the backend case @@ -89,7 +89,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigUpdate(ctx context.C federationSettingsID := ids["federation_settings_id"] orgID := ids["org_id"] - federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettingsConnectedOrganization.Get(context.Background(), federationSettingsID, orgID) + federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettings.GetConnectedOrgs(context.Background(), federationSettingsID, orgID) if err != nil { return diag.FromErr(fmt.Errorf("error retreiving federation settings connected organization (%s): %s", federationSettingsID, err)) } @@ -104,7 +104,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigUpdate(ctx context.C federatedSettingsConnectedOrganizationUpdate.DomainAllowList = cast.ToStringSlice(domainAllowList) } - _, _, err = conn.FederatedSettingsConnectedOrganization.Update(ctx, federationSettingsID, orgID, federatedSettingsConnectedOrganizationUpdate) + _, _, err = conn.FederatedSettings.UpdateConnectedOrgs(ctx, federationSettingsID, orgID, federatedSettingsConnectedOrganizationUpdate) if err != nil { return diag.FromErr(fmt.Errorf("error updating federation settings connected organization (%s): %s", federationSettingsID, err)) } @@ -119,7 +119,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigDelete(ctx context.C federationSettingsID := ids["federation_settings_id"] orgID := ids["org_id"] - _, err := conn.FederatedSettingsConnectedOrganization.Delete(ctx, federationSettingsID, orgID) + _, err := conn.FederatedSettings.DeleteConnectedOrgs(ctx, federationSettingsID, orgID) if err != nil { return diag.FromErr(fmt.Errorf("error deleting federation settings connected organization (%s): %s", federationSettingsID, err)) } @@ -134,7 +134,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigImportState(ctx cont return nil, err } - federatedSettingsConnectedOrganization, _, err := conn.FederatedSettingsConnectedOrganization.Get(context.Background(), *federationSettingsID, *orgID) + federatedSettingsConnectedOrganization, _, err := conn.FederatedSettings.GetConnectedOrgs(context.Background(), *federationSettingsID, *orgID) if err != nil { return nil, fmt.Errorf("couldn't import Organization config (%s) in Federation settings (%s), error: %s", *orgID, *federationSettingsID, err) } diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go index 257cf61600..8a3d49d4d7 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go @@ -67,7 +67,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Conte federationSettingsID := ids["federation_settings_id"] oktaIdpID := ids["okta_idp_id"] - federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettingsIdentityProvider.Get(context.Background(), federationSettingsID, oktaIdpID) + federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) if err != nil { // case 404 // deleted in the backend case @@ -110,7 +110,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderUpdate(ctx context.Con federationSettingsID := ids["federation_settings_id"] oktaIdpID := ids["okta_idp_id"] - federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettingsIdentityProvider.Get(context.Background(), federationSettingsID, oktaIdpID) + federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) if err != nil { return diag.FromErr(fmt.Errorf("error retreiving federation settings identity provider (%s): %s", federationSettingsID, err)) } @@ -137,7 +137,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderUpdate(ctx context.Con federatedSettingsConnectedOrganizationUpdate.PemFileInfo = nil - _, _, err = conn.FederatedSettingsIdentityProvider.Update(ctx, federationSettingsID, oktaIdpID, federatedSettingsConnectedOrganizationUpdate) + _, _, err = conn.FederatedSettings.UpdateIdentityProvider(ctx, federationSettingsID, oktaIdpID, federatedSettingsConnectedOrganizationUpdate) if err != nil { return diag.FromErr(fmt.Errorf("error updating federation settings identity provider (%s): %s", federationSettingsID, err)) } @@ -157,7 +157,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderImportState(ctx contex return nil, err } - federatedSettingsIdentityProvider, _, err := conn.FederatedSettingsIdentityProvider.Get(context.Background(), *federationSettingsID, *oktaIdpID) + federatedSettingsIdentityProvider, _, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), *federationSettingsID, *oktaIdpID) if err != nil { return nil, fmt.Errorf("couldn't import Organization config (%s) in Federation settings (%s), error: %s", *oktaIdpID, *federationSettingsID, err) } diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go index ec143e3bff..675372dae2 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go @@ -66,7 +66,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead(ctx contex orgID := ids["org_id"] roleMappingID := ids["role_mapping_id"] - federatedSettingsOrganizationRoleMapping, resp, err := conn.FederatedSettingsOrganizationRoleMapping.Get(context.Background(), federationSettingsID, orgID, roleMappingID) + federatedSettingsOrganizationRoleMapping, resp, err := conn.FederatedSettings.GetRoleMapping(context.Background(), federationSettingsID, orgID, roleMappingID) if err != nil { // case 404 // deleted in the backend case @@ -146,7 +146,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingCreate(ctx cont } } - federatedSettingsOrganizationRoleMapping, resp, err := conn.FederatedSettingsOrganizationRoleMapping.Create(context.Background(), federationSettingsID, orgID, body) + federatedSettingsOrganizationRoleMapping, resp, err := conn.FederatedSettings.CreateRoleMapping(context.Background(), federationSettingsID, orgID, body) if err != nil { // case 404 // deleted in the backend case @@ -176,7 +176,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingUpdate(ctx cont roleMappingID := ids["role_mapping_id"] groupID := d.Get("group_id").(string) - federatedSettingsOrganizationRoleMappingUpdate, _, err := conn.FederatedSettingsOrganizationRoleMapping.Get(context.Background(), federationSettingsID, orgID, roleMappingID) + federatedSettingsOrganizationRoleMappingUpdate, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), federationSettingsID, orgID, roleMappingID) if err != nil { return diag.FromErr(fmt.Errorf("error retreiving federation settings connected organization (%s): %s", federationSettingsID, err)) } @@ -210,7 +210,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingUpdate(ctx cont } } - _, _, err = conn.FederatedSettingsOrganizationRoleMapping.Update(ctx, federationSettingsID, orgID, roleMappingID, federatedSettingsOrganizationRoleMappingUpdate) + _, _, err = conn.FederatedSettings.UpdateRoleMapping(ctx, federationSettingsID, orgID, roleMappingID, federatedSettingsOrganizationRoleMappingUpdate) if err != nil { return diag.FromErr(fmt.Errorf("error updating federation settings connected organization (%s): %s", federationSettingsID, err)) } @@ -226,7 +226,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingDelete(ctx cont orgID := ids["org_id"] roleMappingID := ids["role_mapping_id"] - _, err := conn.FederatedSettingsOrganizationRoleMapping.Delete(ctx, federationSettingsID, orgID, roleMappingID) + _, err := conn.FederatedSettings.DeleteRoleMapping(ctx, federationSettingsID, orgID, roleMappingID) if err != nil { return diag.FromErr(fmt.Errorf("error deleting federation settings connected organization (%s): %s", federationSettingsID, err)) } @@ -242,7 +242,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingImportState(ctx return nil, err } - federatedSettingsOrganizationRoleMapping, _, err := conn.FederatedSettingsOrganizationRoleMapping.Get(context.Background(), *federationSettingsID, *orgID, *roleMappingID) + federatedSettingsOrganizationRoleMapping, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), *federationSettingsID, *orgID, *roleMappingID) if err != nil { return nil, fmt.Errorf("couldn't import Role Mappings (%s) in Federation settings (%s), error: %s", *roleMappingID, *federationSettingsID, err) } From 8901841aa48e3512cc0edc5798518b128aca21b0 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Thu, 26 May 2022 12:25:34 -0500 Subject: [PATCH 03/35] Refactor options and plural singular names --- ...atlas_federated_settings_connected_organizations.go | 2 +- ...ngodbatlas_federated_settings_identity_providers.go | 2 +- ...as_federated_settings_organization_role_mappings.go | 2 +- ...batlas_federated_settings_connected_organization.go | 10 +++++----- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go index 6eca89ab53..7329766b6b 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go @@ -143,7 +143,7 @@ func dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigsRead(ctx context. return diag.FromErr(errors.New("either federation_settings_id must be configured")) } - federatedSettingsConnectedOrganizations, _, err := conn.FederatedSettings.ListConnectedOrgs(ctx, options, federationSettingsID.(string)) + federatedSettingsConnectedOrganizations, _, err := conn.FederatedSettings.ListConnectedOrgs(ctx, federationSettingsID.(string), options) if err != nil { return diag.Errorf("error getting federatedSettings connected organizations assigned (%s): %s", federationSettingsID, err) } diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go index bd8ef2fd2b..ddb566b1db 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go @@ -226,7 +226,7 @@ func dataSourceMongoDBAtlasFederatedSettingsIdentityProvidersRead(ctx context.Co return diag.FromErr(errors.New("either federation_settings_id must be configured")) } - federatedSettingsIdentityProviders, _, err := conn.FederatedSettings.ListIdentityProvider(ctx, options, federationSettingsID.(string)) + federatedSettingsIdentityProviders, _, err := conn.FederatedSettings.ListIdentityProviders(ctx, federationSettingsID.(string), options) if err != nil { return diag.Errorf("error getting federatedSettings IdentityProviders assigned (%s): %s", federationSettingsID, err) } diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go index e464afa325..f99e63bad6 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go @@ -91,7 +91,7 @@ func dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingsRead(ctx con ItemsPerPage: d.Get("items_per_page").(int), } - federatedSettingsOrganizationRoleMappings, _, err := conn.FederatedSettings.ListRoleMapping(ctx, options, federationSettingsID.(string), orgID.(string)) + federatedSettingsOrganizationRoleMappings, _, err := conn.FederatedSettings.ListRoleMappings(ctx, federationSettingsID.(string), orgID.(string), options) if err != nil { return diag.Errorf("error getting federatedSettings IdentityProviders assigned (%s): %s", federationSettingsID, err) } diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go index 1470d9c523..56e429b09e 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go @@ -54,7 +54,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigRead(ctx context.Con federationSettingsID := ids["federation_settings_id"] orgID := ids["org_id"] - federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettings.GetConnectedOrgs(context.Background(), federationSettingsID, orgID) + federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettings.GetConnectedOrg(context.Background(), federationSettingsID, orgID) if err != nil { // case 404 // deleted in the backend case @@ -89,7 +89,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigUpdate(ctx context.C federationSettingsID := ids["federation_settings_id"] orgID := ids["org_id"] - federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettings.GetConnectedOrgs(context.Background(), federationSettingsID, orgID) + federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettings.GetConnectedOrg(context.Background(), federationSettingsID, orgID) if err != nil { return diag.FromErr(fmt.Errorf("error retreiving federation settings connected organization (%s): %s", federationSettingsID, err)) } @@ -104,7 +104,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigUpdate(ctx context.C federatedSettingsConnectedOrganizationUpdate.DomainAllowList = cast.ToStringSlice(domainAllowList) } - _, _, err = conn.FederatedSettings.UpdateConnectedOrgs(ctx, federationSettingsID, orgID, federatedSettingsConnectedOrganizationUpdate) + _, _, err = conn.FederatedSettings.UpdateConnectedOrg(ctx, federationSettingsID, orgID, federatedSettingsConnectedOrganizationUpdate) if err != nil { return diag.FromErr(fmt.Errorf("error updating federation settings connected organization (%s): %s", federationSettingsID, err)) } @@ -119,7 +119,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigDelete(ctx context.C federationSettingsID := ids["federation_settings_id"] orgID := ids["org_id"] - _, err := conn.FederatedSettings.DeleteConnectedOrgs(ctx, federationSettingsID, orgID) + _, err := conn.FederatedSettings.DeleteConnectedOrg(ctx, federationSettingsID, orgID) if err != nil { return diag.FromErr(fmt.Errorf("error deleting federation settings connected organization (%s): %s", federationSettingsID, err)) } @@ -134,7 +134,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigImportState(ctx cont return nil, err } - federatedSettingsConnectedOrganization, _, err := conn.FederatedSettings.GetConnectedOrgs(context.Background(), *federationSettingsID, *orgID) + federatedSettingsConnectedOrganization, _, err := conn.FederatedSettings.GetConnectedOrg(context.Background(), *federationSettingsID, *orgID) if err != nil { return nil, fmt.Errorf("couldn't import Organization config (%s) in Federation settings (%s), error: %s", *orgID, *federationSettingsID, err) } From 21e31840d743f2aaa99c21de462548f82f043258 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Fri, 27 May 2022 09:29:49 -0500 Subject: [PATCH 04/35] Update go SDK version --- go.mod | 2 +- go.sum | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 82d58e95e5..ce34727e4c 100644 --- a/go.mod +++ b/go.mod @@ -11,6 +11,6 @@ require ( github.com/mwielbut/pointy v1.1.0 github.com/spf13/cast v1.5.0 github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20210625132053-af2d5c0ad54f - go.mongodb.org/atlas v0.15.1-0.20220403193624-86b34ba344cd + go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7 go.mongodb.org/realm v0.1.0 ) diff --git a/go.sum b/go.sum index 79a9fd16fe..57bddc76e3 100644 --- a/go.sum +++ b/go.sum @@ -1231,8 +1231,12 @@ go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsX go.mongodb.org/atlas v0.12.0/go.mod h1:wVCnHcm/7/IfTjEB6K8K35PLG70yGz8BdkRwX0oK9/M= go.mongodb.org/atlas v0.15.1-0.20220215171307-4b760c3c624f h1:IvKkFdSSBLC5kqB1X87vn8CRAI7eXoMSK7u2lG+WUg8= go.mongodb.org/atlas v0.15.1-0.20220215171307-4b760c3c624f/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= +go.mongodb.org/atlas v0.16.0 h1:IqnDuK3XAZUgJ5lPHc4v4z4B8F6mvsS37O4ck7tOYVc= +go.mongodb.org/atlas v0.16.0/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f h1:UOe3bOi7nzMKO1IFf3buDXHKQAy0spVxDipNoFLuRFM= go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= +go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7 h1:Ox29ko57cIzdvQNMYmCZFQYYpqFthB5o2e5WiuA/Q+w= +go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= go.mongodb.org/realm v0.1.0 h1:zJiXyLaZrznQ+Pz947ziSrDKUep39DO4SfA0Fzx8M4M= go.mongodb.org/realm v0.1.0/go.mod h1:4Vj6iy+Puo1TDERcoh4XZ+pjtwbOzPpzqy3Cwe8ZmDM= go.mozilla.org/mozlog v0.0.0-20170222151521-4bb13139d403/go.mod h1:jHoPAGnDrCy6kaI2tAze5Prf0Nr0w/oNkROt2lw3n3o= From faee8a7d31accfa753abb79e284769c8e0261619 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 30 May 2022 22:07:49 -0500 Subject: [PATCH 05/35] Add initial federated website docs --- ..._settings_identity_providers.html.markdown | 88 +++++++++++++++++++ ...derated_settings_org_configs.html.markdown | 64 ++++++++++++++ ...d_settings_org_role_mappings.html.markdown | 57 ++++++++++++ .../guides/1.4.0-upgrade-guide.html.markdown | 29 ++++++ ...d_settings_identity_provider.html.markdown | 51 +++++++++++ ...derated_settings_org_configs.html.markdown | 51 +++++++++++ ...ed_settings_org_role_mapping.html.markdown | 48 ++++++++++ 7 files changed, 388 insertions(+) create mode 100644 website/docs/d/federated_settings_identity_providers.html.markdown create mode 100644 website/docs/d/federated_settings_org_configs.html.markdown create mode 100644 website/docs/d/federated_settings_org_role_mappings.html.markdown create mode 100644 website/docs/guides/1.4.0-upgrade-guide.html.markdown create mode 100644 website/docs/r/federated_settings_identity_provider.html.markdown create mode 100644 website/docs/r/federated_settings_org_configs.html.markdown create mode 100644 website/docs/r/federated_settings_org_role_mapping.html.markdown diff --git a/website/docs/d/federated_settings_identity_providers.html.markdown b/website/docs/d/federated_settings_identity_providers.html.markdown new file mode 100644 index 0000000000..d62b1c3c0f --- /dev/null +++ b/website/docs/d/federated_settings_identity_providers.html.markdown @@ -0,0 +1,88 @@ +--- +layout: "mongodbatlas" +page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_identity_providers" +sidebar_current: "docs-mongodbatlas-datasource-federated_settings_identity_provider" +description: |- + Provides an Federated Settings Organization Role Mapping Datasource. +--- + +# mongodbatlas_cloud_federated_settings_identity_provider + +`mongodbatlas_cloud_federated_settings_identity_provider` provides an Federated Settings Identity Providers datasource. Atlas Cloud Federated Settings Identity Providers provides federated settings outputs for the configured Identity Providers. + + +## Example Usage + +```terraform +resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_provider" { + federation_settings_id = "627a9687f7f7f7f774de306f14" + name = "mongodb_federation_test" + associated_domains = ["yourdomain.com"] + sso_debug_enabled = true + status = "ACTIVE" +} + +data "mongodbatlas_cloud_federated_settings_identity_providers" "identitty_provider" { + federation_settings_id = mongodbatlas_cloud_federated_settings_identity_provider.identity_provider.id + page_num = 1 + items_per_page = 5 +} + +``` + +## Argument Reference + +* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `page_num` - (Optional) The page to return. Defaults to `1`. +* `items_per_page` - (Optional) Number of items to return per page, up to a maximum of 500. Defaults to `100`. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `results` - Includes cloudProviderSnapshot object for each item detailed in the results array section. +* `totalCount` - Count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated. + +### FederatedSettingsIdentityProvider + +* `identity_provider_id` - Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `acs_url` - Assertion consumer service URL to which the IdP sends the SAML response. +* `associated_domains` - List that contains the configured domains from which users can log in for this IdP. +* `associated_orgs` - List that contains the configured domains from which users can log in for this IdP. +* `domain_allow_list` - List that contains the approved domains from which organization users can log in. +* `domain_restriction_enabled` - Flag that indicates whether domain restriction is enabled for the connected organization. +* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. +* `post_auth_role_grants` - List that contains the default roles granted to users who authenticate through the IdP in a connected organization. If you provide a postAuthRoleGrants field in the request, the array that you provide replaces the current postAuthRoleGrants. + + ### Role_mappings +* `external_group_name` - Unique human-readable label that identifies the identity provider group to which this role mapping applies. +* `id` - Unique 24-hexadecimal digit string that identifies this role mapping. +* `role_assignments` - Atlas roles and the unique identifiers of the groups and organizations associated with each role. +* `group_id` - Unique identifier of the project that owns this Role Mapping Configuration. +* `role` - Specifies the Role that is attached to the Role Mapping. +### User Conflicts +* `email_address` - Email address of the the user that conflicts with selected domains. +* `federation_settings_id` - Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `first_name` - First name of the the user that conflicts with selected domains. +* `last_name` - Last name of the the user that conflicts with selected domains. +* `user_id` - Name of the Atlas user that conflicts with selected domains. +* `audience_uri` - Identifier for the intended audience of the SAML Assertion. +* `display_name` - Human-readable label that identifies the IdP. +* `issuer_uri` - Identifier for the issuer of the SAML Assertion. +* `okta_idp_id` - Unique 20-hexadecimal digit string that identifies the IdP. +### Pem File Info - List that contains the file information, including: start date, and expiration date for the identity provider's PEM-encoded public key certificate. +* `not_after` - Expiration Date. +* `not_before` - Start Date. +* `file_name` - Filename of certificate +* `request_binding` - SAML Authentication Request Protocol binding used to send the AuthNRequest. Atlas supports the following binding values: + - HTTP POST + - HTTP REDIRECT +* `response_signature_algorithm` - Algorithm used to encrypt the IdP signature. Atlas supports the following signature algorithm values: + - SHA-1 + - SHA-256 +* `sso_debug_enabled` - Flag that indicates whether the IdP has enabled Bypass SAML Mode. Enabling this mode generates a URL that allows you bypass SAML and login to your organizations at any point. You can authenticate with this special URL only when Bypass Mode is enabled. Set this parameter to true during testing. This keeps you from getting locked out of MongoDB. +* `sso_url` - URL of the receiver of the SAML AuthNRequest. +* `status` - Label that indicates whether the identity provider is active. The IdP is Inactive until you map at least one domain to the IdP. + + +For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) diff --git a/website/docs/d/federated_settings_org_configs.html.markdown b/website/docs/d/federated_settings_org_configs.html.markdown new file mode 100644 index 0000000000..5a5c11975b --- /dev/null +++ b/website/docs/d/federated_settings_org_configs.html.markdown @@ -0,0 +1,64 @@ +--- +layout: "mongodbatlas" +page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_org_configs" +sidebar_current: "docs-mongodbatlas-datasource-federated_settings_org_configs" +description: |- + Provides an Federated Settings Organization Configurations. +--- + +# mongodbatlas_cloud_federated_settings_org_configs + +`mongodbatlas_cloud_federated_settings_org_configs` provides an Federated Settings Identity Providers datasource. Atlas Cloud Federated Settings Identity Providers provides federated settings outputs for the configured Identity Providers. + + +## Example Usage + +```terraform +resource "mongodbatlas_cloud_federated_settings_org_config" "org_connections" { + federation_settings_id = "627a9687f7f7f7f774de306f14" + org_id = "627a9683ea7ff7f74de306f14" + domain_restriction_enabled = false + domain_allow_list = ["mydomain.com"] +} + +data "mongodbatlas_cloud_federated_settings_org_configs" "org_configs_ds" { + federation_settings_id = data.mongodbatlas_cloud_federated_settings_org_config.org_connections.id +} +``` + +## Argument Reference + +* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. +* `page_num` - (Optional) The page to return. Defaults to `1`. +* `items_per_page` - (Optional) Number of items to return per page, up to a maximum of 500. Defaults to `100`. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `results` - Includes cloudProviderSnapshot object for each item detailed in the results array section. +* `totalCount` - Count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated. + +### FederatedSettingsOrgConfigs + +* `domain_allow_list` - List that contains the approved domains from which organization users can log in. +* `domain_restriction_enabled` - Flag that indicates whether domain restriction is enabled for the connected organization. +* `identity_provider_id` - Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. +* `post_auth_role_grants` - List that contains the default roles granted to users who authenticate through the IdP in a connected organization. If you provide a postAuthRoleGrants field in the request, the array that you provide replaces the current postAuthRoleGrants. + + ### Role_mappings +* `external_group_name` - Unique human-readable label that identifies the identity provider group to which this role mapping applies. +* `id` - Unique 24-hexadecimal digit string that identifies this role mapping. +* `role_assignments` - Atlas roles and the unique identifiers of the groups and organizations associated with each role. +* `group_id` - Unique identifier of the project that owns this Role Mapping Configuration. +* `role` - Specifies the Role that is attached to the Role Mapping. +### User Conflicts +* `email_address` - Email address of the the user that conflicts with selected domains. +* `federation_settings_id` - Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `first_name` - First name of the the user that conflicts with selected domains. +* `last_name` - Last name of the the user that conflicts with selected domains. +* `user_id` - Name of the Atlas user that conflicts with selected domains. + +For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) diff --git a/website/docs/d/federated_settings_org_role_mappings.html.markdown b/website/docs/d/federated_settings_org_role_mappings.html.markdown new file mode 100644 index 0000000000..85b205b842 --- /dev/null +++ b/website/docs/d/federated_settings_org_role_mappings.html.markdown @@ -0,0 +1,57 @@ +--- +layout: "mongodbatlas" +page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_role_mappings" +sidebar_current: "docs-mongodbatlas-datasource-federated_settings-role-mappings" +description: |- + Provides an Federated settings Role Mapping Datasource. +--- + +# mongodbatlas_cloud_federated_settings_identity_provider + +`mongodbatlas_cloud_federated_settings_identity_provider` provides an Federated Settings Identity Providers datasource. Atlas Cloud Federated Settings Identity Providers provides federated settings outputs for the configured Identity Providers. + + +## Example Usage + +```terraform +resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_group_role_mapping_import" { + federation_settings_id = "" + org_id = "627a9683e7f7f7ff7fe306f14" + group_id = "628aa20d7f7f7f7f7098b81b8" + external_group_name = "myGrouptest" + organization_roles = ["ORG_OWNER", "ORG_MEMBER", "ORG_BILLING_ADMIN", "ORG_GROUP_CREATOR", "ORG_READ_ONLY"] + group_roles = ["GROUP_OWNER","GROUP_CLUSTER_MANAGER","GROUP_DATA_ACCESS_ADMIN","GROUP_DATA_ACCESS_READ_WRITE","GROUP_SEARCH_INDEX_EDITOR","GROUP_DATA_ACCESS_READ_ONLY","GROUP_READ_ONLY"] +} + +data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_connections" { + federation_settings_id = mongodbatlas_cloud_federated_settings_org_role_mapping.org_group_role_mapping_import.id + org_id = "627a9683e7f7f7ff7fe306f14" + page_num = 1 + items_per_page = 5 +} +``` + +## Argument Reference + +* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. +* `page_num` - (Optional) The page to return. Defaults to `1`. +* `items_per_page` - (Optional) Number of items to return per page, up to a maximum of 500. Defaults to `100`. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `results` - Includes cloudProviderSnapshot object for each item detailed in the results array section. +* `totalCount` - Count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated. + +### FederatedSettingsOrgRoleAssignmets + +* `external_group_name` - Unique human-readable label that identifies the identity provider group to which this role mapping applies. +* `id` - Unique 24-hexadecimal digit string that identifies this role mapping. +* `role_assignments` - Atlas roles and the unique identifiers of the groups and organizations associated with each role. +* `group_id` - Unique identifier of the project that owns this Role Mapping Configuration. +* `role` - Specifies the Role that is attached to the Role Mapping. + + +For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) diff --git a/website/docs/guides/1.4.0-upgrade-guide.html.markdown b/website/docs/guides/1.4.0-upgrade-guide.html.markdown new file mode 100644 index 0000000000..d70234bff6 --- /dev/null +++ b/website/docs/guides/1.4.0-upgrade-guide.html.markdown @@ -0,0 +1,29 @@ +--- +layout: "mongodbatlas" +page_title: "MongoDB Atlas Provider 1.4.0: Upgrade and Information Guide" +sidebar_current: "docs-mongodbatlas-guides-140-upgrade-guide" +description: |- +MongoDB Atlas Provider 1.4.0: Upgrade and Information Guide +--- + +# MongoDB Atlas Provider 1.4.0: Upgrade and Information Guide + +The Terraform MongoDB Atlas Provider version 1.4.0 has a number of new and exciting features and changes. + +New Features: + +* Now supports Federated Settings, for [`mongodbatlas_cloud_federated_settings_identity_provider`](https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/mongodbatlas_cloud_federated_settings_identity_provider) [`mongodbatlas_cloud_federated_settings_org_role_mapping`](https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/mongodbatlas_cloud_federated_settings_org_role_mapping) and [`mongodbatlas_cloud_federated_settings_org_config`](https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/mmongodbatlas_cloud_federated_settings_org_config) + + +Changes: + +1.4.0 also includes general improvements and bug fixes. See the [CHANGELOG](https://github.com/mongodb/terraform-provider-mongodbatlas/blob/master/CHANGELOG.md) for more specific information. + +### Helpful Links + +* [Report bugs](https://github.com/mongodb/terraform-provider-mongodbatlas/issues) + +* [Request Features](https://feedback.mongodb.com/forums/924145-atlas?category_id=370723) + +* [Contact Support](https://docs.atlas.mongodb.com/support/) covered by MongoDB Atlas support plans, Developer and above. + \ No newline at end of file diff --git a/website/docs/r/federated_settings_identity_provider.html.markdown b/website/docs/r/federated_settings_identity_provider.html.markdown new file mode 100644 index 0000000000..07e2e362f8 --- /dev/null +++ b/website/docs/r/federated_settings_identity_provider.html.markdown @@ -0,0 +1,51 @@ +--- +layout: "mongodbatlas" +page_title: "MongoDB Atlas: auditing" +sidebar_current: "docs-mongodbatlas-cloud-federated-settings-identity-provider" +description: |- + Provides an Federated Settings Identity Provider Resource. +--- + +# mongodbatlas_cloud_federated_settings_identity_provider + +`mongodbatlas_cloud_federated_settings_identity_provider` provides an Atlas Cloud Federated Settings Identity Provider resource provides a subset of settings to be maintained post import of the existing resource. +## Example Usage + +```terraform +resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_provider" { + federation_settings_id = "627a9687f7f7f7f774de306f14" + name = "mongodb_federation_test" + associated_domains = ["yourdomain.com"] + sso_debug_enabled = true + status = "ACTIVE" +} +``` + +## Argument Reference + +* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `name` - Human-readable label that identifies the identity provider. +* `associated_domains` - List that contains the domains associated with the identity provider. +* `sso_debug_enabled` - Flag that indicates whether the identity provider has SSO debug enabled. +* `status`- String enum that indicates whether the identity provider is active or not. +Accepted values are ACTIVE or INACTIVE. + + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + + +### FederatedSettingsIdentityProvider + +* `okta_idp_id` - Unique 20-hexadecimal digit string that identifies the IdP. + +## Import + +Identity Provider must be imported using federation_settings_id-okta_idp_id, e.g. + +``` +$ terraform import mongodbatlas_cloud_federated_settings_identity_provider.identity_provider 6287a663c660f52b1c441c6c-0oad4fas87jL5Xnk1297 +``` + +For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) \ No newline at end of file diff --git a/website/docs/r/federated_settings_org_configs.html.markdown b/website/docs/r/federated_settings_org_configs.html.markdown new file mode 100644 index 0000000000..7c7baabfd5 --- /dev/null +++ b/website/docs/r/federated_settings_org_configs.html.markdown @@ -0,0 +1,51 @@ +--- +layout: "mongodbatlas" +page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_org_config" +sidebar_current: "docs-mongodbatlas-resource-federated_settings_org_config" +description: |- + Provides an Federated Settings Organization Configuration. +--- + +# mongodbatlas_cloud_federated_settings_org_config + +`mongodbatlas_cloud_federated_settings_org_config` provides an Federated Settings Identity Providers datasource. Atlas Cloud Federated Settings Identity Providers provides federated settings outputs for the configured Identity Providers. + + +## Example Usage + +```terraform +resource "mongodbatlas_cloud_federated_settings_org_config" "org_connection" { + federation_settings_id = "627a9687f7f7f7f774de306f14" + org_id = "627a9683ea7ff7f74de306f14" + domain_restriction_enabled = false + domain_allow_list = ["mydomain.com"] +} + +data "mongodbatlas_cloud_federated_settings_org_configs" "org_configs_ds" { + federation_settings_id = data.mongodbatlas_cloud_federated_settings_org_config.org_connection.id +} +``` + +## Argument Reference + +* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +### FederatedSettingsOrgConfig + +* `domain_allow_list` - List that contains the approved domains from which organization users can log in. +* `domain_restriction_enabled` - Flag that indicates whether domain restriction is enabled for the connected organization. + +## Import + +FederatedSettingsOrgConfig must be imported using federation_settings_id-org_id, e.g. + +``` +$ terraform import mongodbatlas_cloud_federated_settings_org_config.org_connection 6287a663c7f7f7f71c441c6c-627a96837f7f7f7e306f14-628ae97f7f7468ea3727 + +For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) + diff --git a/website/docs/r/federated_settings_org_role_mapping.html.markdown b/website/docs/r/federated_settings_org_role_mapping.html.markdown new file mode 100644 index 0000000000..336c1411c6 --- /dev/null +++ b/website/docs/r/federated_settings_org_role_mapping.html.markdown @@ -0,0 +1,48 @@ +--- +layout: "mongodbatlas" +page_title: "MongoDB Atlas: auditing" +sidebar_current: "docs-mongodbatlas-resource-federated-settings-org-role-mapping" +description: |- + Provides an Federated settings Role Mapping Resource. +--- + +# mongodbatlas_cloud_federated_settings_org_role_mapping + +`mongodbatlas_cloud_federated_settings_org_role_mapping` provides an Role Mapping resource. This allows organization role mapping to be created. + +## Example Usage + +```terraform +resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_group_role_mapping_import" { + federation_settings_id = "627a9687f7f7f7f774de306f14" + org_id = "627a9683e7f7f7ff7fe306f14" + group_id = "628aa20d7f7f7f7f7098b81b8" + external_group_name = "myGrouptest" + organization_roles = ["ORG_OWNER", "ORG_MEMBER", "ORG_BILLING_ADMIN", "ORG_GROUP_CREATOR", "ORG_READ_ONLY"] + group_roles = ["GROUP_OWNER","GROUP_CLUSTER_MANAGER","GROUP_DATA_ACCESS_ADMIN","GROUP_DATA_ACCESS_READ_WRITE","GROUP_SEARCH_INDEX_EDITOR","GROUP_DATA_ACCESS_READ_ONLY","GROUP_READ_ONLY"] +} +``` + +## Argument Reference + +* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. +* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. +* `external_group_name` - Unique human-readable label that identifies the identity provider group to which this role mapping applies. +* `role_assignments` - Atlas roles and the unique identifiers of the groups and organizations associated with each role. +* `group_id` - Unique identifier of the project that owns this Role Mapping Configuration. +* `role` - Specifies the Role that is attached to the Role Mapping. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: +* `id` - Unique 24-hexadecimal digit string that identifies this role mapping. + +## Import + +FederatedSettingsOrgRoleMapping must be imported using federation_settings_id-org_id-role_mapping_id, e.g. + +``` +$ terraform import mongodbatlas_cloud_federated_settings_org_role_mapping.org_group_role_mapping_import 6287a663c7f7f7f71c441c6c-627a96837f7f7f7e306f14-628ae97f7f7468ea3727 +``` + +For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) \ No newline at end of file From e704af63bba9e8c5ce719016dcd37f80bd0860da Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 31 May 2022 12:05:43 -0500 Subject: [PATCH 06/35] Provide examples for Federated settings --- examples/Federated-Settings/main.tf | 41 +++++++++++++++ examples/Federated-Settings/provider.tf | 4 ++ examples/Federated-Settings/variables.tf | 51 +++++++++++++++++++ examples/Federated-Settings/versions.tf | 11 ++++ ...derated_settings_connected_organization.go | 4 ++ 5 files changed, 111 insertions(+) create mode 100644 examples/Federated-Settings/main.tf create mode 100644 examples/Federated-Settings/provider.tf create mode 100644 examples/Federated-Settings/variables.tf create mode 100644 examples/Federated-Settings/versions.tf diff --git a/examples/Federated-Settings/main.tf b/examples/Federated-Settings/main.tf new file mode 100644 index 0000000000..1877fe1b27 --- /dev/null +++ b/examples/Federated-Settings/main.tf @@ -0,0 +1,41 @@ +data "mongodbatlas_cloud_federated_settings" "federated_settings" { + org_id = "627a968f7f7f7f76f14" +} + +data "mongodbatlas_cloud_federated_settings_identity_providers" "identitty_provider" { + federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id +} + +data "mongodbatlas_cloud_federated_settings_org_configs" "org_configs_ds" { + federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id +} + +data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_connections" { + federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id + org_id = "627a968f7f7f7f76f14" +} +resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_role_mapping" { + federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id + org_id = "627a968f7f7f7f76f14" + + external_group_name = "newgroup" + + organization_roles = ["ORG_OWNER", "ORG_MEMBER"] + group_id = "628aa2f7f7f7f7b098b81b8" + group_roles = ["GROUP_OWNER", "GROUP_CLUSTER_MANAGER", "GROUP_DATA_ACCESS_ADMIN", "GROUP_DATA_ACCESS_READ_WRITE", "GROUP_SEARCH_INDEX_EDITOR", "GROUP_DATA_ACCESS_READ_ONLY", "GROUP_READ_ONLY"] + +} +resource "mongodbatlas_cloud_federated_settings_org_config" "org_connections_import" { + federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id + org_id = "627a968f7f7f7f76f14" + domain_restriction_enabled = false + domain_allow_list = ["yourdomain.com"] +} + +resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_provider" { + federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id + name = "mongodb_federation_test" + associated_domains = ["yourdomain.com"] + sso_debug_enabled = true + status = "ACTIVE" +} \ No newline at end of file diff --git a/examples/Federated-Settings/provider.tf b/examples/Federated-Settings/provider.tf new file mode 100644 index 0000000000..18c430e061 --- /dev/null +++ b/examples/Federated-Settings/provider.tf @@ -0,0 +1,4 @@ +provider "mongodbatlas" { + public_key = var.public_key + private_key = var.private_key +} diff --git a/examples/Federated-Settings/variables.tf b/examples/Federated-Settings/variables.tf new file mode 100644 index 0000000000..b9c4c39d14 --- /dev/null +++ b/examples/Federated-Settings/variables.tf @@ -0,0 +1,51 @@ +variable "public_key" { + type = string + description = "Public Programmatic API key to authenticate to Atlas" +} +variable "private_key" { + type = string + description = "Private Programmatic API key to authenticate to Atlas" +} +/*variable "org_id" { + type = string + description = "MongoDB Organization ID" +} +variable "project_name" { + type = string + description = "The MongoDB Atlas Project Name" +} +variable "cluster_name" { + type = string + description = "The MongoDB Atlas Cluster Name" +} +variable "cloud_provider" { + type = string + description = "The cloud provider to use, must be AWS, GCP or AZURE" +} +variable "region" { + type = string + description = "MongoDB Atlas Cluster Region, must be a region for the provider given" +} +variable "mongodbversion" { + type = string + description = "The Major MongoDB Version" +} +variable "dbuser" { + type = string + description = "MongoDB Atlas Database User Name" +} +variable "dbuser_password" { + type = string + description = "MongoDB Atlas Database User Password" +} +variable "database_name" { + type = string + description = "The database in the cluster to limit the database user to, the database does not have to exist yet" +} +variable "ip_address" { + type = string + description = "The IP address that the cluster will be accessed from, can also be a CIDR range or AWS security group" +} + + +*/ diff --git a/examples/Federated-Settings/versions.tf b/examples/Federated-Settings/versions.tf new file mode 100644 index 0000000000..8d2a6743de --- /dev/null +++ b/examples/Federated-Settings/versions.tf @@ -0,0 +1,11 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + } + mongodbatlas = { + source = "mongodb/mongodbatlas" + } + } + required_version = ">= 0.13" +} diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go index 56e429b09e..bfe4210ab9 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go @@ -50,6 +50,10 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigRead(ctx context.Con // Get client connection. conn := meta.(*MongoDBClient).Atlas + if d.Id() == "" { + d.SetId("") + return nil + } ids := decodeStateID(d.Id()) federationSettingsID := ids["federation_settings_id"] orgID := ids["org_id"] From 7b36da530050f3b67c022be3f4a9fa4271d0f72d Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 31 May 2022 12:26:50 -0500 Subject: [PATCH 07/35] Sync go.mod to contain breaking change SDK change --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 3af9134699..7c06ffdcb8 100644 --- a/go.mod +++ b/go.mod @@ -11,6 +11,6 @@ require ( github.com/mwielbut/pointy v1.1.0 github.com/spf13/cast v1.5.0 github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20210625132053-af2d5c0ad54f - go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7 + go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30 go.mongodb.org/realm v0.1.0 ) diff --git a/go.sum b/go.sum index 131cd1811d..7263942229 100644 --- a/go.sum +++ b/go.sum @@ -1237,6 +1237,8 @@ go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f h1:UOe3bOi7nzMKO1IFf3 go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7 h1:Ox29ko57cIzdvQNMYmCZFQYYpqFthB5o2e5WiuA/Q+w= go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= +go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30 h1:UVbPMJSXVDyvIA/JEHI2HAwc+B4R6xpnmSya/pbANpY= +go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= go.mongodb.org/realm v0.1.0 h1:zJiXyLaZrznQ+Pz947ziSrDKUep39DO4SfA0Fzx8M4M= go.mongodb.org/realm v0.1.0/go.mod h1:4Vj6iy+Puo1TDERcoh4XZ+pjtwbOzPpzqy3Cwe8ZmDM= go.mozilla.org/mozlog v0.0.0-20170222151521-4bb13139d403/go.mod h1:jHoPAGnDrCy6kaI2tAze5Prf0Nr0w/oNkROt2lw3n3o= From f870731d35b76a98005a5a0e29c2d789c4200f31 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 31 May 2022 12:41:38 -0500 Subject: [PATCH 08/35] Fix examples for lint error sync SDK to master --- examples/Federated-Settings/main.tf | 5 ++--- examples/Federated-Settings/output.tf | 15 +++++++++++++++ go.mod | 2 +- go.sum | 2 ++ 4 files changed, 20 insertions(+), 4 deletions(-) create mode 100644 examples/Federated-Settings/output.tf diff --git a/examples/Federated-Settings/main.tf b/examples/Federated-Settings/main.tf index 1877fe1b27..4dde6a67b4 100644 --- a/examples/Federated-Settings/main.tf +++ b/examples/Federated-Settings/main.tf @@ -1,8 +1,7 @@ data "mongodbatlas_cloud_federated_settings" "federated_settings" { org_id = "627a968f7f7f7f76f14" } - -data "mongodbatlas_cloud_federated_settings_identity_providers" "identitty_provider" { +data "mongodbatlas_cloud_federated_settings_identity_providers" "identity_provider" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id } @@ -10,7 +9,7 @@ data "mongodbatlas_cloud_federated_settings_org_configs" "org_configs_ds" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id } -data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_connections" { +data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_role_mapping" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id org_id = "627a968f7f7f7f76f14" } diff --git a/examples/Federated-Settings/output.tf b/examples/Federated-Settings/output.tf new file mode 100644 index 0000000000..c0396569c1 --- /dev/null +++ b/examples/Federated-Settings/output.tf @@ -0,0 +1,15 @@ +output "federated_settings_ds" { + value = data.mongodbatlas_cloud_federated_settings.federated_settings.id +} + +output "identity_provider" { + value = data.mongodbatlas_cloud_federated_settings_identity_providers.identity_provider.id +} + +output "org_configs_ds" { + value = data.mongodbatlas_cloud_federated_settings_org_configs.org_configs_ds.id +} + +output "org_role_mapping" { + value = data.mongodbatlas_cloud_federated_settings_org_role_mappings.org_role_mapping.id +} diff --git a/go.mod b/go.mod index 7c06ffdcb8..df437ac91d 100644 --- a/go.mod +++ b/go.mod @@ -11,6 +11,6 @@ require ( github.com/mwielbut/pointy v1.1.0 github.com/spf13/cast v1.5.0 github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20210625132053-af2d5c0ad54f - go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30 + go.mongodb.org/atlas v0.16.1-0.20220531163122-551edbfb2f27 go.mongodb.org/realm v0.1.0 ) diff --git a/go.sum b/go.sum index 7263942229..d98cdb4e17 100644 --- a/go.sum +++ b/go.sum @@ -1239,6 +1239,8 @@ go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7 h1:Ox29ko57cIzdvQNMYm go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30 h1:UVbPMJSXVDyvIA/JEHI2HAwc+B4R6xpnmSya/pbANpY= go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= +go.mongodb.org/atlas v0.16.1-0.20220531163122-551edbfb2f27 h1:rGTb8CaE9ZKNjmdUJ58jFcHopLg6o6Kzfm9AIayq1Hw= +go.mongodb.org/atlas v0.16.1-0.20220531163122-551edbfb2f27/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= go.mongodb.org/realm v0.1.0 h1:zJiXyLaZrznQ+Pz947ziSrDKUep39DO4SfA0Fzx8M4M= go.mongodb.org/realm v0.1.0/go.mod h1:4Vj6iy+Puo1TDERcoh4XZ+pjtwbOzPpzqy3Cwe8ZmDM= go.mozilla.org/mozlog v0.0.0-20170222151521-4bb13139d403/go.mod h1:jHoPAGnDrCy6kaI2tAze5Prf0Nr0w/oNkROt2lw3n3o= From 1283954eae84d844e0f4b9c5d7c2e060360b5125 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 31 May 2022 19:51:45 -0500 Subject: [PATCH 09/35] Add menu items for federation settings and upgrade guides --- .../docs/d/federated_settings.html.markdown | 39 ++++++++++++++ ..._settings_identity_providers.html.markdown | 6 +-- ...derated_settings_org_configs.html.markdown | 2 +- ...d_settings_org_role_mappings.html.markdown | 10 ++-- ...d_settings_identity_provider.html.markdown | 2 +- ...derated_settings_org_configs.html.markdown | 2 +- ...ed_settings_org_role_mapping.html.markdown | 2 +- website/mongodbatlas.erb | 51 +++++++++++++++++++ 8 files changed, 102 insertions(+), 12 deletions(-) create mode 100644 website/docs/d/federated_settings.html.markdown diff --git a/website/docs/d/federated_settings.html.markdown b/website/docs/d/federated_settings.html.markdown new file mode 100644 index 0000000000..2bc5437ff6 --- /dev/null +++ b/website/docs/d/federated_settings.html.markdown @@ -0,0 +1,39 @@ +--- +layout: "mongodbatlas" +page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings" +sidebar_current: "docs-mongodbatlas-datasource-federated-settings" +description: |- + Provides an Federated Settings datasource. +--- + +# mongodbatlas_cloud_federated_settings + +`mongodbatlas_cloud_federated_settings` provides an Federated Settings datasource. Atlas Cloud Federated Settings provides federated settings outputs. + + +## Example Usage + +```terraform +data "mongodbatlas_cloud_federated_settings" "settings" { + org_id = "627a9683e7f7f7ff7fe306f14" +} +``` + +## Argument Reference +* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + + +### FederatedSettings + +* `federated_domains` - List that contains the domains associated with the organization's identity provider. +* `has_role_mappings` - Flag that indicates whether this organization has role mappings configured. +* `id` - nique 24-hexadecimal digit string that identifies this federation. +* `identity_provider_id` - Unique 20-hexadecimal digit string that identifies the identity provider connected to this organization. +* `identity_provider_status` - Value that indicates whether the identity provider is active. Atlas returns ACTIVE if the identity provider is active and INACTIVE if the identity provider is inactive. + + +For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) diff --git a/website/docs/d/federated_settings_identity_providers.html.markdown b/website/docs/d/federated_settings_identity_providers.html.markdown index d62b1c3c0f..3784943b7d 100644 --- a/website/docs/d/federated_settings_identity_providers.html.markdown +++ b/website/docs/d/federated_settings_identity_providers.html.markdown @@ -1,12 +1,12 @@ --- layout: "mongodbatlas" page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_identity_providers" -sidebar_current: "docs-mongodbatlas-datasource-federated_settings_identity_provider" +sidebar_current: "docs-mongodbatlas-datasource-federated-settings-identity-providers" description: |- - Provides an Federated Settings Organization Role Mapping Datasource. + Provides an Federated Settings Organization Identity Provider Datasource. --- -# mongodbatlas_cloud_federated_settings_identity_provider +# mongodbatlas_cloud_federated_settings_identity_providers `mongodbatlas_cloud_federated_settings_identity_provider` provides an Federated Settings Identity Providers datasource. Atlas Cloud Federated Settings Identity Providers provides federated settings outputs for the configured Identity Providers. diff --git a/website/docs/d/federated_settings_org_configs.html.markdown b/website/docs/d/federated_settings_org_configs.html.markdown index 5a5c11975b..7f122d23f9 100644 --- a/website/docs/d/federated_settings_org_configs.html.markdown +++ b/website/docs/d/federated_settings_org_configs.html.markdown @@ -1,7 +1,7 @@ --- layout: "mongodbatlas" page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_org_configs" -sidebar_current: "docs-mongodbatlas-datasource-federated_settings_org_configs" +sidebar_current: "docs-mongodbatlas-datasource-federated-settings-org-configs" description: |- Provides an Federated Settings Organization Configurations. --- diff --git a/website/docs/d/federated_settings_org_role_mappings.html.markdown b/website/docs/d/federated_settings_org_role_mappings.html.markdown index 85b205b842..9e83bf95c1 100644 --- a/website/docs/d/federated_settings_org_role_mappings.html.markdown +++ b/website/docs/d/federated_settings_org_role_mappings.html.markdown @@ -1,14 +1,14 @@ --- layout: "mongodbatlas" -page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_role_mappings" -sidebar_current: "docs-mongodbatlas-datasource-federated_settings-role-mappings" +page_title: "MongoDB Atlas: mongodbatlas_cloud_federated-settings_role_mappings" +sidebar_current: "docs-mongodbatlas-datasource-federated-settings-role-mappings" description: |- Provides an Federated settings Role Mapping Datasource. --- -# mongodbatlas_cloud_federated_settings_identity_provider +# mongodbatlas_cloud_federated_settings_org_role_mappings -`mongodbatlas_cloud_federated_settings_identity_provider` provides an Federated Settings Identity Providers datasource. Atlas Cloud Federated Settings Identity Providers provides federated settings outputs for the configured Identity Providers. +`mongodbatlas_cloud_federated_settings_org_role_mappings` provides an Federated Settings Org Role Mapping datasource. Atlas Cloud Federated Settings Org Role Mapping provides federated settings outputs for the configured Org Role Mapping. ## Example Usage @@ -45,7 +45,7 @@ In addition to all arguments above, the following attributes are exported: * `results` - Includes cloudProviderSnapshot object for each item detailed in the results array section. * `totalCount` - Count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated. -### FederatedSettingsOrgRoleAssignmets +### FederatedSettingsOrgRoleMappings * `external_group_name` - Unique human-readable label that identifies the identity provider group to which this role mapping applies. * `id` - Unique 24-hexadecimal digit string that identifies this role mapping. diff --git a/website/docs/r/federated_settings_identity_provider.html.markdown b/website/docs/r/federated_settings_identity_provider.html.markdown index 07e2e362f8..2042618bda 100644 --- a/website/docs/r/federated_settings_identity_provider.html.markdown +++ b/website/docs/r/federated_settings_identity_provider.html.markdown @@ -1,6 +1,6 @@ --- layout: "mongodbatlas" -page_title: "MongoDB Atlas: auditing" +page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_identity_provider" sidebar_current: "docs-mongodbatlas-cloud-federated-settings-identity-provider" description: |- Provides an Federated Settings Identity Provider Resource. diff --git a/website/docs/r/federated_settings_org_configs.html.markdown b/website/docs/r/federated_settings_org_configs.html.markdown index 7c7baabfd5..f97ff68822 100644 --- a/website/docs/r/federated_settings_org_configs.html.markdown +++ b/website/docs/r/federated_settings_org_configs.html.markdown @@ -1,7 +1,7 @@ --- layout: "mongodbatlas" page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_org_config" -sidebar_current: "docs-mongodbatlas-resource-federated_settings_org_config" +sidebar_current: "docs-mongodbatlas-resource-federated-settings-org-config" description: |- Provides an Federated Settings Organization Configuration. --- diff --git a/website/docs/r/federated_settings_org_role_mapping.html.markdown b/website/docs/r/federated_settings_org_role_mapping.html.markdown index 336c1411c6..471a508520 100644 --- a/website/docs/r/federated_settings_org_role_mapping.html.markdown +++ b/website/docs/r/federated_settings_org_role_mapping.html.markdown @@ -1,6 +1,6 @@ --- layout: "mongodbatlas" -page_title: "MongoDB Atlas: auditing" +page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_org_role_mapping" sidebar_current: "docs-mongodbatlas-resource-federated-settings-org-role-mapping" description: |- Provides an Federated settings Role Mapping Resource. diff --git a/website/mongodbatlas.erb b/website/mongodbatlas.erb index 721d09d98c..ca3c4d7f81 100644 --- a/website/mongodbatlas.erb +++ b/website/mongodbatlas.erb @@ -17,6 +17,36 @@ > MongoDB Atlas Provider 0.6.0: Upgrade Guide + > + MongoDB Atlas Provider 0.8.0: Upgrade Guide + + > + MongoDB Atlas Provider 0.8.2: Upgrade Guide + + > + MongoDB Atlas Provider 0.9.0: Upgrade Guide + + > + MongoDB Atlas Provider 0.9.1: Upgrade Guide + + > + MongoDB Atlas Provider 1.0.0: Upgrade Guide + + > + MongoDB Atlas Provider 1.0.1: Upgrade Guide + + > + MongoDB Atlas Provider 1.1.0: Upgrade Guide + + > + MongoDB Atlas Provider 1.2.0: Upgrade Guide + + > + MongoDB Atlas Provider 1.3.0: Upgrade Guide + + > + MongoDB Atlas Provider 1.4.0: Upgrade Guide + @@ -105,6 +135,18 @@ > mongodbatlas_serverless_instances + > + mongodbatlas_cloud_federated_settings + + > + mongodbatlas_cloud_federated_settings_identity_providers + + > + mongodbatlas_cloud_federated_settings_org_configs + + > + mongodbatlas_cloud_federated_settings_org_role_mappings + @@ -173,6 +215,15 @@ > mongodbatlas_serverless_instance + > + mongodbatlas_cloud_federated_settings_identity_provider + + > + mongodbatlas_cloud_federated_settings_org_config + + > + mongodbatlas_cloud_federated_settings_org_role_mapping + From 1381e3470651eb991b8cc6ae6c103bf6c868ce32 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Fri, 3 Jun 2022 19:19:54 -0500 Subject: [PATCH 10/35] Remove Federated Docs from PR --- .../docs/d/federated_settings.html.markdown | 39 -------- ..._settings_identity_providers.html.markdown | 88 ------------------- ...derated_settings_org_configs.html.markdown | 64 -------------- ...d_settings_org_role_mappings.html.markdown | 57 ------------ ...d_settings_identity_provider.html.markdown | 51 ----------- ...derated_settings_org_configs.html.markdown | 51 ----------- ...ed_settings_org_role_mapping.html.markdown | 48 ---------- website/mongodbatlas.erb | 51 ----------- 8 files changed, 449 deletions(-) delete mode 100644 website/docs/d/federated_settings.html.markdown delete mode 100644 website/docs/d/federated_settings_identity_providers.html.markdown delete mode 100644 website/docs/d/federated_settings_org_configs.html.markdown delete mode 100644 website/docs/d/federated_settings_org_role_mappings.html.markdown delete mode 100644 website/docs/r/federated_settings_identity_provider.html.markdown delete mode 100644 website/docs/r/federated_settings_org_configs.html.markdown delete mode 100644 website/docs/r/federated_settings_org_role_mapping.html.markdown diff --git a/website/docs/d/federated_settings.html.markdown b/website/docs/d/federated_settings.html.markdown deleted file mode 100644 index 2bc5437ff6..0000000000 --- a/website/docs/d/federated_settings.html.markdown +++ /dev/null @@ -1,39 +0,0 @@ ---- -layout: "mongodbatlas" -page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings" -sidebar_current: "docs-mongodbatlas-datasource-federated-settings" -description: |- - Provides an Federated Settings datasource. ---- - -# mongodbatlas_cloud_federated_settings - -`mongodbatlas_cloud_federated_settings` provides an Federated Settings datasource. Atlas Cloud Federated Settings provides federated settings outputs. - - -## Example Usage - -```terraform -data "mongodbatlas_cloud_federated_settings" "settings" { - org_id = "627a9683e7f7f7ff7fe306f14" -} -``` - -## Argument Reference -* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. - -## Attributes Reference - -In addition to all arguments above, the following attributes are exported: - - -### FederatedSettings - -* `federated_domains` - List that contains the domains associated with the organization's identity provider. -* `has_role_mappings` - Flag that indicates whether this organization has role mappings configured. -* `id` - nique 24-hexadecimal digit string that identifies this federation. -* `identity_provider_id` - Unique 20-hexadecimal digit string that identifies the identity provider connected to this organization. -* `identity_provider_status` - Value that indicates whether the identity provider is active. Atlas returns ACTIVE if the identity provider is active and INACTIVE if the identity provider is inactive. - - -For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) diff --git a/website/docs/d/federated_settings_identity_providers.html.markdown b/website/docs/d/federated_settings_identity_providers.html.markdown deleted file mode 100644 index 3784943b7d..0000000000 --- a/website/docs/d/federated_settings_identity_providers.html.markdown +++ /dev/null @@ -1,88 +0,0 @@ ---- -layout: "mongodbatlas" -page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_identity_providers" -sidebar_current: "docs-mongodbatlas-datasource-federated-settings-identity-providers" -description: |- - Provides an Federated Settings Organization Identity Provider Datasource. ---- - -# mongodbatlas_cloud_federated_settings_identity_providers - -`mongodbatlas_cloud_federated_settings_identity_provider` provides an Federated Settings Identity Providers datasource. Atlas Cloud Federated Settings Identity Providers provides federated settings outputs for the configured Identity Providers. - - -## Example Usage - -```terraform -resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_provider" { - federation_settings_id = "627a9687f7f7f7f774de306f14" - name = "mongodb_federation_test" - associated_domains = ["yourdomain.com"] - sso_debug_enabled = true - status = "ACTIVE" -} - -data "mongodbatlas_cloud_federated_settings_identity_providers" "identitty_provider" { - federation_settings_id = mongodbatlas_cloud_federated_settings_identity_provider.identity_provider.id - page_num = 1 - items_per_page = 5 -} - -``` - -## Argument Reference - -* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `page_num` - (Optional) The page to return. Defaults to `1`. -* `items_per_page` - (Optional) Number of items to return per page, up to a maximum of 500. Defaults to `100`. - -## Attributes Reference - -In addition to all arguments above, the following attributes are exported: - -* `results` - Includes cloudProviderSnapshot object for each item detailed in the results array section. -* `totalCount` - Count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated. - -### FederatedSettingsIdentityProvider - -* `identity_provider_id` - Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `acs_url` - Assertion consumer service URL to which the IdP sends the SAML response. -* `associated_domains` - List that contains the configured domains from which users can log in for this IdP. -* `associated_orgs` - List that contains the configured domains from which users can log in for this IdP. -* `domain_allow_list` - List that contains the approved domains from which organization users can log in. -* `domain_restriction_enabled` - Flag that indicates whether domain restriction is enabled for the connected organization. -* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. -* `post_auth_role_grants` - List that contains the default roles granted to users who authenticate through the IdP in a connected organization. If you provide a postAuthRoleGrants field in the request, the array that you provide replaces the current postAuthRoleGrants. - - ### Role_mappings -* `external_group_name` - Unique human-readable label that identifies the identity provider group to which this role mapping applies. -* `id` - Unique 24-hexadecimal digit string that identifies this role mapping. -* `role_assignments` - Atlas roles and the unique identifiers of the groups and organizations associated with each role. -* `group_id` - Unique identifier of the project that owns this Role Mapping Configuration. -* `role` - Specifies the Role that is attached to the Role Mapping. -### User Conflicts -* `email_address` - Email address of the the user that conflicts with selected domains. -* `federation_settings_id` - Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `first_name` - First name of the the user that conflicts with selected domains. -* `last_name` - Last name of the the user that conflicts with selected domains. -* `user_id` - Name of the Atlas user that conflicts with selected domains. -* `audience_uri` - Identifier for the intended audience of the SAML Assertion. -* `display_name` - Human-readable label that identifies the IdP. -* `issuer_uri` - Identifier for the issuer of the SAML Assertion. -* `okta_idp_id` - Unique 20-hexadecimal digit string that identifies the IdP. -### Pem File Info - List that contains the file information, including: start date, and expiration date for the identity provider's PEM-encoded public key certificate. -* `not_after` - Expiration Date. -* `not_before` - Start Date. -* `file_name` - Filename of certificate -* `request_binding` - SAML Authentication Request Protocol binding used to send the AuthNRequest. Atlas supports the following binding values: - - HTTP POST - - HTTP REDIRECT -* `response_signature_algorithm` - Algorithm used to encrypt the IdP signature. Atlas supports the following signature algorithm values: - - SHA-1 - - SHA-256 -* `sso_debug_enabled` - Flag that indicates whether the IdP has enabled Bypass SAML Mode. Enabling this mode generates a URL that allows you bypass SAML and login to your organizations at any point. You can authenticate with this special URL only when Bypass Mode is enabled. Set this parameter to true during testing. This keeps you from getting locked out of MongoDB. -* `sso_url` - URL of the receiver of the SAML AuthNRequest. -* `status` - Label that indicates whether the identity provider is active. The IdP is Inactive until you map at least one domain to the IdP. - - -For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) diff --git a/website/docs/d/federated_settings_org_configs.html.markdown b/website/docs/d/federated_settings_org_configs.html.markdown deleted file mode 100644 index 7f122d23f9..0000000000 --- a/website/docs/d/federated_settings_org_configs.html.markdown +++ /dev/null @@ -1,64 +0,0 @@ ---- -layout: "mongodbatlas" -page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_org_configs" -sidebar_current: "docs-mongodbatlas-datasource-federated-settings-org-configs" -description: |- - Provides an Federated Settings Organization Configurations. ---- - -# mongodbatlas_cloud_federated_settings_org_configs - -`mongodbatlas_cloud_federated_settings_org_configs` provides an Federated Settings Identity Providers datasource. Atlas Cloud Federated Settings Identity Providers provides federated settings outputs for the configured Identity Providers. - - -## Example Usage - -```terraform -resource "mongodbatlas_cloud_federated_settings_org_config" "org_connections" { - federation_settings_id = "627a9687f7f7f7f774de306f14" - org_id = "627a9683ea7ff7f74de306f14" - domain_restriction_enabled = false - domain_allow_list = ["mydomain.com"] -} - -data "mongodbatlas_cloud_federated_settings_org_configs" "org_configs_ds" { - federation_settings_id = data.mongodbatlas_cloud_federated_settings_org_config.org_connections.id -} -``` - -## Argument Reference - -* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. -* `page_num` - (Optional) The page to return. Defaults to `1`. -* `items_per_page` - (Optional) Number of items to return per page, up to a maximum of 500. Defaults to `100`. - -## Attributes Reference - -In addition to all arguments above, the following attributes are exported: - -* `results` - Includes cloudProviderSnapshot object for each item detailed in the results array section. -* `totalCount` - Count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated. - -### FederatedSettingsOrgConfigs - -* `domain_allow_list` - List that contains the approved domains from which organization users can log in. -* `domain_restriction_enabled` - Flag that indicates whether domain restriction is enabled for the connected organization. -* `identity_provider_id` - Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. -* `post_auth_role_grants` - List that contains the default roles granted to users who authenticate through the IdP in a connected organization. If you provide a postAuthRoleGrants field in the request, the array that you provide replaces the current postAuthRoleGrants. - - ### Role_mappings -* `external_group_name` - Unique human-readable label that identifies the identity provider group to which this role mapping applies. -* `id` - Unique 24-hexadecimal digit string that identifies this role mapping. -* `role_assignments` - Atlas roles and the unique identifiers of the groups and organizations associated with each role. -* `group_id` - Unique identifier of the project that owns this Role Mapping Configuration. -* `role` - Specifies the Role that is attached to the Role Mapping. -### User Conflicts -* `email_address` - Email address of the the user that conflicts with selected domains. -* `federation_settings_id` - Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `first_name` - First name of the the user that conflicts with selected domains. -* `last_name` - Last name of the the user that conflicts with selected domains. -* `user_id` - Name of the Atlas user that conflicts with selected domains. - -For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) diff --git a/website/docs/d/federated_settings_org_role_mappings.html.markdown b/website/docs/d/federated_settings_org_role_mappings.html.markdown deleted file mode 100644 index 9e83bf95c1..0000000000 --- a/website/docs/d/federated_settings_org_role_mappings.html.markdown +++ /dev/null @@ -1,57 +0,0 @@ ---- -layout: "mongodbatlas" -page_title: "MongoDB Atlas: mongodbatlas_cloud_federated-settings_role_mappings" -sidebar_current: "docs-mongodbatlas-datasource-federated-settings-role-mappings" -description: |- - Provides an Federated settings Role Mapping Datasource. ---- - -# mongodbatlas_cloud_federated_settings_org_role_mappings - -`mongodbatlas_cloud_federated_settings_org_role_mappings` provides an Federated Settings Org Role Mapping datasource. Atlas Cloud Federated Settings Org Role Mapping provides federated settings outputs for the configured Org Role Mapping. - - -## Example Usage - -```terraform -resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_group_role_mapping_import" { - federation_settings_id = "" - org_id = "627a9683e7f7f7ff7fe306f14" - group_id = "628aa20d7f7f7f7f7098b81b8" - external_group_name = "myGrouptest" - organization_roles = ["ORG_OWNER", "ORG_MEMBER", "ORG_BILLING_ADMIN", "ORG_GROUP_CREATOR", "ORG_READ_ONLY"] - group_roles = ["GROUP_OWNER","GROUP_CLUSTER_MANAGER","GROUP_DATA_ACCESS_ADMIN","GROUP_DATA_ACCESS_READ_WRITE","GROUP_SEARCH_INDEX_EDITOR","GROUP_DATA_ACCESS_READ_ONLY","GROUP_READ_ONLY"] -} - -data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_connections" { - federation_settings_id = mongodbatlas_cloud_federated_settings_org_role_mapping.org_group_role_mapping_import.id - org_id = "627a9683e7f7f7ff7fe306f14" - page_num = 1 - items_per_page = 5 -} -``` - -## Argument Reference - -* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. -* `page_num` - (Optional) The page to return. Defaults to `1`. -* `items_per_page` - (Optional) Number of items to return per page, up to a maximum of 500. Defaults to `100`. - -## Attributes Reference - -In addition to all arguments above, the following attributes are exported: - -* `results` - Includes cloudProviderSnapshot object for each item detailed in the results array section. -* `totalCount` - Count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated. - -### FederatedSettingsOrgRoleMappings - -* `external_group_name` - Unique human-readable label that identifies the identity provider group to which this role mapping applies. -* `id` - Unique 24-hexadecimal digit string that identifies this role mapping. -* `role_assignments` - Atlas roles and the unique identifiers of the groups and organizations associated with each role. -* `group_id` - Unique identifier of the project that owns this Role Mapping Configuration. -* `role` - Specifies the Role that is attached to the Role Mapping. - - -For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) diff --git a/website/docs/r/federated_settings_identity_provider.html.markdown b/website/docs/r/federated_settings_identity_provider.html.markdown deleted file mode 100644 index 2042618bda..0000000000 --- a/website/docs/r/federated_settings_identity_provider.html.markdown +++ /dev/null @@ -1,51 +0,0 @@ ---- -layout: "mongodbatlas" -page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_identity_provider" -sidebar_current: "docs-mongodbatlas-cloud-federated-settings-identity-provider" -description: |- - Provides an Federated Settings Identity Provider Resource. ---- - -# mongodbatlas_cloud_federated_settings_identity_provider - -`mongodbatlas_cloud_federated_settings_identity_provider` provides an Atlas Cloud Federated Settings Identity Provider resource provides a subset of settings to be maintained post import of the existing resource. -## Example Usage - -```terraform -resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_provider" { - federation_settings_id = "627a9687f7f7f7f774de306f14" - name = "mongodb_federation_test" - associated_domains = ["yourdomain.com"] - sso_debug_enabled = true - status = "ACTIVE" -} -``` - -## Argument Reference - -* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `name` - Human-readable label that identifies the identity provider. -* `associated_domains` - List that contains the domains associated with the identity provider. -* `sso_debug_enabled` - Flag that indicates whether the identity provider has SSO debug enabled. -* `status`- String enum that indicates whether the identity provider is active or not. -Accepted values are ACTIVE or INACTIVE. - - -## Attributes Reference - -In addition to all arguments above, the following attributes are exported: - - -### FederatedSettingsIdentityProvider - -* `okta_idp_id` - Unique 20-hexadecimal digit string that identifies the IdP. - -## Import - -Identity Provider must be imported using federation_settings_id-okta_idp_id, e.g. - -``` -$ terraform import mongodbatlas_cloud_federated_settings_identity_provider.identity_provider 6287a663c660f52b1c441c6c-0oad4fas87jL5Xnk1297 -``` - -For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) \ No newline at end of file diff --git a/website/docs/r/federated_settings_org_configs.html.markdown b/website/docs/r/federated_settings_org_configs.html.markdown deleted file mode 100644 index f97ff68822..0000000000 --- a/website/docs/r/federated_settings_org_configs.html.markdown +++ /dev/null @@ -1,51 +0,0 @@ ---- -layout: "mongodbatlas" -page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_org_config" -sidebar_current: "docs-mongodbatlas-resource-federated-settings-org-config" -description: |- - Provides an Federated Settings Organization Configuration. ---- - -# mongodbatlas_cloud_federated_settings_org_config - -`mongodbatlas_cloud_federated_settings_org_config` provides an Federated Settings Identity Providers datasource. Atlas Cloud Federated Settings Identity Providers provides federated settings outputs for the configured Identity Providers. - - -## Example Usage - -```terraform -resource "mongodbatlas_cloud_federated_settings_org_config" "org_connection" { - federation_settings_id = "627a9687f7f7f7f774de306f14" - org_id = "627a9683ea7ff7f74de306f14" - domain_restriction_enabled = false - domain_allow_list = ["mydomain.com"] -} - -data "mongodbatlas_cloud_federated_settings_org_configs" "org_configs_ds" { - federation_settings_id = data.mongodbatlas_cloud_federated_settings_org_config.org_connection.id -} -``` - -## Argument Reference - -* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. - -## Attributes Reference - -In addition to all arguments above, the following attributes are exported: - -### FederatedSettingsOrgConfig - -* `domain_allow_list` - List that contains the approved domains from which organization users can log in. -* `domain_restriction_enabled` - Flag that indicates whether domain restriction is enabled for the connected organization. - -## Import - -FederatedSettingsOrgConfig must be imported using federation_settings_id-org_id, e.g. - -``` -$ terraform import mongodbatlas_cloud_federated_settings_org_config.org_connection 6287a663c7f7f7f71c441c6c-627a96837f7f7f7e306f14-628ae97f7f7468ea3727 - -For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) - diff --git a/website/docs/r/federated_settings_org_role_mapping.html.markdown b/website/docs/r/federated_settings_org_role_mapping.html.markdown deleted file mode 100644 index 471a508520..0000000000 --- a/website/docs/r/federated_settings_org_role_mapping.html.markdown +++ /dev/null @@ -1,48 +0,0 @@ ---- -layout: "mongodbatlas" -page_title: "MongoDB Atlas: mongodbatlas_cloud_federated_settings_org_role_mapping" -sidebar_current: "docs-mongodbatlas-resource-federated-settings-org-role-mapping" -description: |- - Provides an Federated settings Role Mapping Resource. ---- - -# mongodbatlas_cloud_federated_settings_org_role_mapping - -`mongodbatlas_cloud_federated_settings_org_role_mapping` provides an Role Mapping resource. This allows organization role mapping to be created. - -## Example Usage - -```terraform -resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_group_role_mapping_import" { - federation_settings_id = "627a9687f7f7f7f774de306f14" - org_id = "627a9683e7f7f7ff7fe306f14" - group_id = "628aa20d7f7f7f7f7098b81b8" - external_group_name = "myGrouptest" - organization_roles = ["ORG_OWNER", "ORG_MEMBER", "ORG_BILLING_ADMIN", "ORG_GROUP_CREATOR", "ORG_READ_ONLY"] - group_roles = ["GROUP_OWNER","GROUP_CLUSTER_MANAGER","GROUP_DATA_ACCESS_ADMIN","GROUP_DATA_ACCESS_READ_WRITE","GROUP_SEARCH_INDEX_EDITOR","GROUP_DATA_ACCESS_READ_ONLY","GROUP_READ_ONLY"] -} -``` - -## Argument Reference - -* `federation_settings_id` - (Required) Unique 24-hexadecimal digit string that identifies the federated authentication configuration. -* `org_id` - Unique 24-hexadecimal digit string that identifies the connected organization. -* `external_group_name` - Unique human-readable label that identifies the identity provider group to which this role mapping applies. -* `role_assignments` - Atlas roles and the unique identifiers of the groups and organizations associated with each role. -* `group_id` - Unique identifier of the project that owns this Role Mapping Configuration. -* `role` - Specifies the Role that is attached to the Role Mapping. - -## Attributes Reference - -In addition to all arguments above, the following attributes are exported: -* `id` - Unique 24-hexadecimal digit string that identifies this role mapping. - -## Import - -FederatedSettingsOrgRoleMapping must be imported using federation_settings_id-org_id-role_mapping_id, e.g. - -``` -$ terraform import mongodbatlas_cloud_federated_settings_org_role_mapping.org_group_role_mapping_import 6287a663c7f7f7f71c441c6c-627a96837f7f7f7e306f14-628ae97f7f7468ea3727 -``` - -For more information see: [MongoDB Atlas API Reference.](https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/) \ No newline at end of file diff --git a/website/mongodbatlas.erb b/website/mongodbatlas.erb index ca3c4d7f81..721d09d98c 100644 --- a/website/mongodbatlas.erb +++ b/website/mongodbatlas.erb @@ -17,36 +17,6 @@ > MongoDB Atlas Provider 0.6.0: Upgrade Guide - > - MongoDB Atlas Provider 0.8.0: Upgrade Guide - - > - MongoDB Atlas Provider 0.8.2: Upgrade Guide - - > - MongoDB Atlas Provider 0.9.0: Upgrade Guide - - > - MongoDB Atlas Provider 0.9.1: Upgrade Guide - - > - MongoDB Atlas Provider 1.0.0: Upgrade Guide - - > - MongoDB Atlas Provider 1.0.1: Upgrade Guide - - > - MongoDB Atlas Provider 1.1.0: Upgrade Guide - - > - MongoDB Atlas Provider 1.2.0: Upgrade Guide - - > - MongoDB Atlas Provider 1.3.0: Upgrade Guide - - > - MongoDB Atlas Provider 1.4.0: Upgrade Guide - @@ -135,18 +105,6 @@ > mongodbatlas_serverless_instances - > - mongodbatlas_cloud_federated_settings - - > - mongodbatlas_cloud_federated_settings_identity_providers - - > - mongodbatlas_cloud_federated_settings_org_configs - - > - mongodbatlas_cloud_federated_settings_org_role_mappings - @@ -215,15 +173,6 @@ > mongodbatlas_serverless_instance - > - mongodbatlas_cloud_federated_settings_identity_provider - - > - mongodbatlas_cloud_federated_settings_org_config - - > - mongodbatlas_cloud_federated_settings_org_role_mapping - From 98845a1706b89ac6b6aed0cccce66910efe54dac Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 6 Jun 2022 18:37:50 -0500 Subject: [PATCH 11/35] PR Review updates --- examples/Federated-Settings/main.tf | 2 +- examples/Federated-Settings/variables.tf | 43 ----------- ...s_federated_settings_identity_providers.go | 73 ++++++++++--------- 3 files changed, 38 insertions(+), 80 deletions(-) diff --git a/examples/Federated-Settings/main.tf b/examples/Federated-Settings/main.tf index 4dde6a67b4..77caf908e4 100644 --- a/examples/Federated-Settings/main.tf +++ b/examples/Federated-Settings/main.tf @@ -37,4 +37,4 @@ resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_pro associated_domains = ["yourdomain.com"] sso_debug_enabled = true status = "ACTIVE" -} \ No newline at end of file +} diff --git a/examples/Federated-Settings/variables.tf b/examples/Federated-Settings/variables.tf index b9c4c39d14..870a4ec83a 100644 --- a/examples/Federated-Settings/variables.tf +++ b/examples/Federated-Settings/variables.tf @@ -6,46 +6,3 @@ variable "private_key" { type = string description = "Private Programmatic API key to authenticate to Atlas" } -/*variable "org_id" { - type = string - description = "MongoDB Organization ID" -} -variable "project_name" { - type = string - description = "The MongoDB Atlas Project Name" -} -variable "cluster_name" { - type = string - description = "The MongoDB Atlas Cluster Name" -} -variable "cloud_provider" { - type = string - description = "The cloud provider to use, must be AWS, GCP or AZURE" -} -variable "region" { - type = string - description = "MongoDB Atlas Cluster Region, must be a region for the provider given" -} -variable "mongodbversion" { - type = string - description = "The Major MongoDB Version" -} -variable "dbuser" { - type = string - description = "MongoDB Atlas Database User Name" -} -variable "dbuser_password" { - type = string - description = "MongoDB Atlas Database User Password" -} -variable "database_name" { - type = string - description = "The database in the cluster to limit the database user to, the database does not have to exist yet" -} -variable "ip_address" { - type = string - description = "The IP address that the cluster will be accessed from, can also be a CIDR range or AWS security group" -} - - -*/ diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go index ddb566b1db..f522126093 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go @@ -7,7 +7,6 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - matlas "go.mongodb.org/atlas/mongodbatlas" ) @@ -271,30 +270,31 @@ func flattenFederatedSettingsIdentityProvider(federatedSettingsIdentityProvider func flattenAssociatedOrgs(associatedOrgs []*matlas.AssociatedOrgs) []map[string]interface{} { var associatedOrgsMap []map[string]interface{} - if len(associatedOrgs) > 0 { - associatedOrgsMap = make([]map[string]interface{}, len(associatedOrgs)) - - for i := range associatedOrgs { - if associatedOrgs[i].UserConflicts == nil { - associatedOrgsMap[i] = map[string]interface{}{ - "domain_allow_list": associatedOrgs[i].DomainAllowList, - "domain_restriction_enabled": associatedOrgs[i].DomainRestrictionEnabled, - "identity_provider_id": associatedOrgs[i].IdentityProviderID, - "org_id": associatedOrgs[i].OrgID, - "post_auth_role_grants": associatedOrgs[i].PostAuthRoleGrants, - "role_mappings": flattenRoleMappings(associatedOrgs[i].RoleMappings), - "user_conflicts": nil, - } - } else { - associatedOrgsMap[i] = map[string]interface{}{ - "domain_allow_list": associatedOrgs[i].DomainAllowList, - "domain_restriction_enabled": associatedOrgs[i].DomainRestrictionEnabled, - "identity_provider_id": associatedOrgs[i].IdentityProviderID, - "org_id": associatedOrgs[i].OrgID, - "post_auth_role_grants": associatedOrgs[i].PostAuthRoleGrants, - "role_mappings": flattenRoleMappings(associatedOrgs[i].RoleMappings), - "user_conflicts": flattenUserConflicts(*associatedOrgs[i].UserConflicts), - } + if len(associatedOrgs) == 0 { + return nil + } + associatedOrgsMap = make([]map[string]interface{}, len(associatedOrgs)) + + for i := range associatedOrgs { + if associatedOrgs[i].UserConflicts == nil { + associatedOrgsMap[i] = map[string]interface{}{ + "domain_allow_list": associatedOrgs[i].DomainAllowList, + "domain_restriction_enabled": associatedOrgs[i].DomainRestrictionEnabled, + "identity_provider_id": associatedOrgs[i].IdentityProviderID, + "org_id": associatedOrgs[i].OrgID, + "post_auth_role_grants": associatedOrgs[i].PostAuthRoleGrants, + "role_mappings": flattenRoleMappings(associatedOrgs[i].RoleMappings), + "user_conflicts": nil, + } + } else { + associatedOrgsMap[i] = map[string]interface{}{ + "domain_allow_list": associatedOrgs[i].DomainAllowList, + "domain_restriction_enabled": associatedOrgs[i].DomainRestrictionEnabled, + "identity_provider_id": associatedOrgs[i].IdentityProviderID, + "org_id": associatedOrgs[i].OrgID, + "post_auth_role_grants": associatedOrgs[i].PostAuthRoleGrants, + "role_mappings": flattenRoleMappings(associatedOrgs[i].RoleMappings), + "user_conflicts": flattenUserConflicts(*associatedOrgs[i].UserConflicts), } } } @@ -305,17 +305,18 @@ func flattenAssociatedOrgs(associatedOrgs []*matlas.AssociatedOrgs) []map[string func flattenUserConflicts(userConflicts matlas.UserConflicts) []map[string]interface{} { var userConflictsMap []map[string]interface{} - if len(userConflicts) > 0 { - userConflictsMap = make([]map[string]interface{}, len(userConflicts)) - - for i := range userConflicts { - userConflictsMap[i] = map[string]interface{}{ - "email_address": userConflicts[i].EmailAddress, - "federation_settings_id": userConflicts[i].FederationSettingsID, - "first_name": userConflicts[i].FirstName, - "last_name": userConflicts[i].LastName, - "user_id": userConflicts[i].UserID, - } + if len(userConflicts) == 0 { + return nil + } + userConflictsMap = make([]map[string]interface{}, len(userConflicts)) + + for i := range userConflicts { + userConflictsMap[i] = map[string]interface{}{ + "email_address": userConflicts[i].EmailAddress, + "federation_settings_id": userConflicts[i].FederationSettingsID, + "first_name": userConflicts[i].FirstName, + "last_name": userConflicts[i].LastName, + "user_id": userConflicts[i].UserID, } } From 4429140e573fd11f93c01aacdd2f5961a63bd0ff Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 20 Jun 2022 13:36:39 -0500 Subject: [PATCH 12/35] Add support for datasource tests --- examples/Federated-Settings/main.tf | 12 +-- examples/Federated-Settings/variables.tf | 14 ++++ ..._source_mongodbatlas_federated_settings.go | 10 +-- ...d_settings_connected_organizations_test.go | 71 ++++++++++++++++++ ...s_federated_settings_identity_providers.go | 2 +- ...erated_settings_identity_providers_test.go | 71 ++++++++++++++++++ ...ce_mongodbatlas_federated_settings_test.go | 73 +++++++++++++++++++ mongodbatlas/provider_test.go | 8 ++ ...derated_settings_connected_organization.go | 9 +++ 9 files changed, 255 insertions(+), 15 deletions(-) create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_test.go diff --git a/examples/Federated-Settings/main.tf b/examples/Federated-Settings/main.tf index 77caf908e4..2f63e9b987 100644 --- a/examples/Federated-Settings/main.tf +++ b/examples/Federated-Settings/main.tf @@ -1,5 +1,5 @@ data "mongodbatlas_cloud_federated_settings" "federated_settings" { - org_id = "627a968f7f7f7f76f14" + org_id = var.org_id } data "mongodbatlas_cloud_federated_settings_identity_providers" "identity_provider" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id @@ -11,29 +11,29 @@ data "mongodbatlas_cloud_federated_settings_org_configs" "org_configs_ds" { data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_role_mapping" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id - org_id = "627a968f7f7f7f76f14" + org_id = var.org_id } resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_role_mapping" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id - org_id = "627a968f7f7f7f76f14" + org_id = var.org_id external_group_name = "newgroup" organization_roles = ["ORG_OWNER", "ORG_MEMBER"] - group_id = "628aa2f7f7f7f7b098b81b8" + group_id = var.group_id group_roles = ["GROUP_OWNER", "GROUP_CLUSTER_MANAGER", "GROUP_DATA_ACCESS_ADMIN", "GROUP_DATA_ACCESS_READ_WRITE", "GROUP_SEARCH_INDEX_EDITOR", "GROUP_DATA_ACCESS_READ_ONLY", "GROUP_READ_ONLY"] } resource "mongodbatlas_cloud_federated_settings_org_config" "org_connections_import" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id - org_id = "627a968f7f7f7f76f14" + org_id = var.org_id domain_restriction_enabled = false domain_allow_list = ["yourdomain.com"] } resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_provider" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id - name = "mongodb_federation_test" + name = var.name associated_domains = ["yourdomain.com"] sso_debug_enabled = true status = "ACTIVE" diff --git a/examples/Federated-Settings/variables.tf b/examples/Federated-Settings/variables.tf index 870a4ec83a..36e020d08d 100644 --- a/examples/Federated-Settings/variables.tf +++ b/examples/Federated-Settings/variables.tf @@ -6,3 +6,17 @@ variable "private_key" { type = string description = "Private Programmatic API key to authenticate to Atlas" } +variable "org_id" { + type = string + description = "MongoDB Organization ID" +} +variable "group_id" { + type = string + description = "MongoDB Group ID" +} + +variable "name" { + type = string + description = "MongoDB Identity Provider Name" + default = "mongodb_federation_test" +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings.go b/mongodbatlas/data_source_mongodbatlas_federated_settings.go index a0857fea3f..305ca71d24 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings.go @@ -15,14 +15,8 @@ func dataSourceMongoDBAtlasFederatedSettings() *schema.Resource { ReadContext: dataSourceMongoDBAtlasFederatedSettingsRead, Schema: map[string]*schema.Schema{ "org_id": { - Type: schema.TypeString, - Optional: true, - ConflictsWith: []string{"name"}, - }, - "name": { - Type: schema.TypeString, - Optional: true, - ConflictsWith: []string{"org_id"}, + Type: schema.TypeString, + Required: true, }, "federated_domains": { Type: schema.TypeList, diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go new file mode 100644 index 0000000000..9cc3fea5ce --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go @@ -0,0 +1,71 @@ +package mongodbatlas + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + resourceName = "data.mongodbatlas_cloud_federated_settings_org_configs.test" + federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + ) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationConfigsConfig(federatedSettingsID), + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigsExists(resourceName), + + resource.TestCheckResourceAttrSet(resourceName, "federation_settings_id"), + resource.TestCheckResourceAttrSet(resourceName, "results.#"), + resource.TestCheckResourceAttrSet(resourceName, "results.0.identity_provider_id"), + resource.TestCheckResourceAttrSet(resourceName, "results.0.org_id"), + ), + }, + }, + }) +} + +func testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationConfigsConfig(federatedSettingsID string) string { + return fmt.Sprintf(` + data "mongodbatlas_cloud_federated_settings_org_configs" "test" { + federation_settings_id = "%[1]s" + page_num = 1 + items_per_page = 100 + } +`, federatedSettingsID) +} + +func testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigsExists(resourceName string) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("not found: %s", resourceName) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no ID is set") + } + + _, _, err := conn.FederatedSettings.ListConnectedOrgs(context.Background(), rs.Primary.Attributes["federation_settings_id"], nil) + if err != nil { + return fmt.Errorf("FederatedSettingsConnectedOrganization (%s) does not exist", rs.Primary.ID) + } + + return nil + } +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go index f522126093..12e514afe0 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go @@ -222,7 +222,7 @@ func dataSourceMongoDBAtlasFederatedSettingsIdentityProvidersRead(ctx context.Co } if !federationSettingsIDOk { - return diag.FromErr(errors.New("either federation_settings_id must be configured")) + return diag.FromErr(errors.New("Federation_settings_id must be configured")) } federatedSettingsIdentityProviders, _, err := conn.FederatedSettings.ListIdentityProviders(ctx, federationSettingsID.(string), options) diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go new file mode 100644 index 0000000000..4d79b6b229 --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go @@ -0,0 +1,71 @@ +package mongodbatlas + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + resourceName = "data.mongodbatlas_cloud_federated_settings_identity_providers.test" + federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + ) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProviderConfig(federatedSettingsID), + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderExists(resourceName), + + resource.TestCheckResourceAttrSet(resourceName, "federation_settings_id"), + resource.TestCheckResourceAttrSet(resourceName, "results.#"), + resource.TestCheckResourceAttrSet(resourceName, "results.0.acs_url"), + resource.TestCheckResourceAttrSet(resourceName, "results.0.display_name"), + ), + }, + }, + }) +} + +func testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProviderConfig(federatedSettingsID string) string { + return fmt.Sprintf(` + data "mongodbatlas_cloud_federated_settings_identity_providers" "test" { + federation_settings_id = "%[1]s" + page_num = 1 + items_per_page = 100 + } +`, federatedSettingsID) +} + +func testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderExists(resourceName string) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("not found: %s", resourceName) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no ID is set") + } + + _, _, err := conn.FederatedSettings.ListIdentityProviders(context.Background(), rs.Primary.Attributes["federation_settings_id"], nil) + if err != nil { + return fmt.Errorf("FederatedSettingsIdentityProviders (%s) does not exist", rs.Primary.ID) + } + + return nil + } +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go new file mode 100644 index 0000000000..479aee5fda --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go @@ -0,0 +1,73 @@ +package mongodbatlas + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func TestAccDataSourceMongoDBAtlasFederatedSettings_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + federatedSettings matlas.FederatedSettings + resourceName = "data.mongodbatlas_cloud_federated_settings.test" + orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") + ) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasDataSourceFederatedSettingsConfig(orgID), + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsExists(resourceName, &federatedSettings), + + resource.TestCheckResourceAttrSet(resourceName, "org_id"), + resource.TestCheckResourceAttrSet(resourceName, "identity_provider_id"), + resource.TestCheckResourceAttrSet(resourceName, "identity_provider_status"), + resource.TestCheckResourceAttrSet(resourceName, "has_role_mappings"), + ), + }, + }, + }) +} + +func testAccMongoDBAtlasDataSourceFederatedSettingsConfig(orgID string) string { + return fmt.Sprintf(` + data "mongodbatlas_cloud_federated_settings" "test" { + org_id = "%[1]s" + } +`, orgID) +} + +func testAccCheckMongoDBAtlasFederatedSettingsExists(resourceName string, federatedSettings *matlas.FederatedSettings) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("not found: %s", resourceName) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no ID is set") + } + + federatedSettingsRes, _, err := conn.FederatedSettings.Get(context.Background(), rs.Primary.Attributes["org_id"]) + if err != nil { + return fmt.Errorf("FederatedSettings (%s) does not exist", rs.Primary.ID) + } + + federatedSettings = federatedSettingsRes + + return nil + } +} diff --git a/mongodbatlas/provider_test.go b/mongodbatlas/provider_test.go index 3cae5035f7..932e471656 100644 --- a/mongodbatlas/provider_test.go +++ b/mongodbatlas/provider_test.go @@ -198,3 +198,11 @@ func checkLDAP(t *testing.T) { t.Fatal("`MONGODB_ATLAS_LDAP_HOSTNAME`, `MONGODB_ATLAS_LDAP_USERNAME`, `MONGODB_ATLAS_LDAP_PASSWORD` and `MONGODB_ATLAS_LDAP_PORT` must be set for ldap configuration/verify acceptance testing") } } + +func checkFederatedSettings(t *testing.T) { + if os.Getenv("MONGODB_ATLAS_FEDERATED_PROJECT_ID") == "" || + os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") == "" || + os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") == "" { + t.Fatal("`MONGODB_ATLAS_FEDERATED_PROJECT_ID`, `MONGODB_ATLAS_FEDERATED_ORG_ID` and `MONGODB_ATLAS_FEDERATION_SETTINGS_ID` must be set for federated settings configuration/verify acceptance testing") + } +} diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go index bfe4210ab9..14b260acf2 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go @@ -31,6 +31,10 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfig() *schema.Resource Type: schema.TypeString, Required: true, }, + "identity_provider_id": { + Type: schema.TypeString, + Required: true, + }, "domain_allow_list": { Type: schema.TypeList, Optional: true, @@ -108,6 +112,11 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigUpdate(ctx context.C federatedSettingsConnectedOrganizationUpdate.DomainAllowList = cast.ToStringSlice(domainAllowList) } + if d.HasChange("identity_provider_id") { + identityProviderID := d.Get("identity_provider_id").(string) + federatedSettingsConnectedOrganizationUpdate.IdentityProviderID = identityProviderID + } + _, _, err = conn.FederatedSettings.UpdateConnectedOrg(ctx, federationSettingsID, orgID, federatedSettingsConnectedOrganizationUpdate) if err != nil { return diag.FromErr(fmt.Errorf("error updating federation settings connected organization (%s): %s", federationSettingsID, err)) From 9b6561d45b1f670668b9255a09addb41906efb97 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 20 Jun 2022 13:43:59 -0500 Subject: [PATCH 13/35] Fix lint fmt --- examples/Federated-Settings/variables.tf | 2 +- ...source_mongodbatlas_federated_settings_identity_providers.go | 2 +- mongodbatlas/provider_test.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/Federated-Settings/variables.tf b/examples/Federated-Settings/variables.tf index 36e020d08d..fe558afcda 100644 --- a/examples/Federated-Settings/variables.tf +++ b/examples/Federated-Settings/variables.tf @@ -18,5 +18,5 @@ variable "group_id" { variable "name" { type = string description = "MongoDB Identity Provider Name" - default = "mongodb_federation_test" + default = "mongodb_federation_test" } diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go index 12e514afe0..1409e2caf8 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go @@ -222,7 +222,7 @@ func dataSourceMongoDBAtlasFederatedSettingsIdentityProvidersRead(ctx context.Co } if !federationSettingsIDOk { - return diag.FromErr(errors.New("Federation_settings_id must be configured")) + return diag.FromErr(errors.New("federation_settings_id must be configured")) } federatedSettingsIdentityProviders, _, err := conn.FederatedSettings.ListIdentityProviders(ctx, federationSettingsID.(string), options) diff --git a/mongodbatlas/provider_test.go b/mongodbatlas/provider_test.go index 932e471656..228094a1a3 100644 --- a/mongodbatlas/provider_test.go +++ b/mongodbatlas/provider_test.go @@ -203,6 +203,6 @@ func checkFederatedSettings(t *testing.T) { if os.Getenv("MONGODB_ATLAS_FEDERATED_PROJECT_ID") == "" || os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") == "" || os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") == "" { - t.Fatal("`MONGODB_ATLAS_FEDERATED_PROJECT_ID`, `MONGODB_ATLAS_FEDERATED_ORG_ID` and `MONGODB_ATLAS_FEDERATION_SETTINGS_ID` must be set for federated settings configuration/verify acceptance testing") + t.Fatal("`MONGODB_ATLAS_FEDERATED_PROJECT_ID`, `MONGODB_ATLAS_FEDERATED_ORG_ID` and `MONGODB_ATLAS_FEDERATION_SETTINGS_ID` must be set for federated settings/verify acceptance testing") } } From 9f4d03d80fdf226f05e08811e507b88495d26927 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 20 Jun 2022 13:50:46 -0500 Subject: [PATCH 14/35] Add identity_provider_id variable --- examples/Federated-Settings/main.tf | 4 ++-- examples/Federated-Settings/variables.tf | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/examples/Federated-Settings/main.tf b/examples/Federated-Settings/main.tf index 2f63e9b987..e7e7cf88df 100644 --- a/examples/Federated-Settings/main.tf +++ b/examples/Federated-Settings/main.tf @@ -16,8 +16,8 @@ data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_role_mapping resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_role_mapping" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id org_id = var.org_id - - external_group_name = "newgroup" + identity_provider_id = var.identity_provider_id + external_group_name = "newgroup" organization_roles = ["ORG_OWNER", "ORG_MEMBER"] group_id = var.group_id diff --git a/examples/Federated-Settings/variables.tf b/examples/Federated-Settings/variables.tf index fe558afcda..003979e4fe 100644 --- a/examples/Federated-Settings/variables.tf +++ b/examples/Federated-Settings/variables.tf @@ -20,3 +20,9 @@ variable "name" { description = "MongoDB Identity Provider Name" default = "mongodb_federation_test" } + +variable "identity_provider_id" { + type = string + description = "MongoDB Identity Provider ID" + default = "5754gdhgd758" +} From 52522f798735ad9194649140e78f699edf884647 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 20 Jun 2022 13:55:50 -0500 Subject: [PATCH 15/35] Move identity_provider_id --- examples/Federated-Settings/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/Federated-Settings/main.tf b/examples/Federated-Settings/main.tf index e7e7cf88df..d32ee7e544 100644 --- a/examples/Federated-Settings/main.tf +++ b/examples/Federated-Settings/main.tf @@ -16,7 +16,6 @@ data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_role_mapping resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_role_mapping" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id org_id = var.org_id - identity_provider_id = var.identity_provider_id external_group_name = "newgroup" organization_roles = ["ORG_OWNER", "ORG_MEMBER"] @@ -27,6 +26,7 @@ resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_role_mapp resource "mongodbatlas_cloud_federated_settings_org_config" "org_connections_import" { federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id org_id = var.org_id + identity_provider_id = var.identity_provider_id domain_restriction_enabled = false domain_allow_list = ["yourdomain.com"] } From f4307e5e4fe003ea9f42cb077f80f105e29bd4de Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 20 Jun 2022 14:32:29 -0500 Subject: [PATCH 16/35] Add role mappings datasource test --- ...ted_settings_organization_role_mappings.go | 4 +- ...ettings_organization_role_mappings_test.go | 72 +++++++++++++++++++ 2 files changed, 74 insertions(+), 2 deletions(-) create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go index f99e63bad6..dc567e5e6f 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go @@ -77,13 +77,13 @@ func dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingsRead(ctx con federationSettingsID, federationSettingsIDOk := d.GetOk("federation_settings_id") if !federationSettingsIDOk { - return diag.FromErr(errors.New("either federation_settings_id must be configured")) + return diag.FromErr(errors.New("federation_settings_id must be configured")) } orgID, orgIDOk := d.GetOk("org_id") if !orgIDOk { - return diag.FromErr(errors.New("either org_id must be configured")) + return diag.FromErr(errors.New("org_id must be configured")) } options := &matlas.ListOptions{ diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go new file mode 100644 index 0000000000..4477d1baaf --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go @@ -0,0 +1,72 @@ +package mongodbatlas + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + resourceName = "data.mongodbatlas_cloud_federated_settings_org_role_mappings.test" + federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") + ) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationRoleMappingsConfig(federatedSettingsID, orgID), + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingsExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "federation_settings_id"), + resource.TestCheckResourceAttrSet(resourceName, "results.#"), + resource.TestCheckResourceAttrSet(resourceName, "results.0.external_group_name"), + resource.TestCheckResourceAttrSet(resourceName, "results.0.role_assignments.#"), + ), + }, + }, + }) +} + +func testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationRoleMappingsConfig(federatedSettingsID, orgID string) string { + return fmt.Sprintf(` + data "mongodbatlas_cloud_federated_settings_org_role_mappings" "test" { + federation_settings_id = "%[1]s" + org_id = "%[2]s" + page_num = 1 + items_per_page = 100 + } +`, federatedSettingsID, orgID) +} + +func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingsExists(resourceName string) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("not found: %s", resourceName) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no ID is set") + } + + _, _, err := conn.FederatedSettings.ListIdentityProviders(context.Background(), rs.Primary.Attributes["federation_settings_id"], nil) + if err != nil { + return fmt.Errorf("FederatedSettingsOrganizationRoleMappings (%s) does not exist", rs.Primary.ID) + } + + return nil + } +} From c619c1b90d0eb56b05d266b840151df05ffb3fc1 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 21 Jun 2022 09:48:40 -0500 Subject: [PATCH 17/35] Add additional tests for federated resources --- ...erated_settings_identity_providers_test.go | 4 +- ...as_federated_settings_identity_provider.go | 12 +- ...settings_organization_role_mapping_test.go | 137 ++++++++++++++++++ 3 files changed, 145 insertions(+), 8 deletions(-) create mode 100644 mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go index 4d79b6b229..d0c85b64a2 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go @@ -26,7 +26,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *tes { Config: testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProviderConfig(federatedSettingsID), Check: resource.ComposeTestCheckFunc( - testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderExists(resourceName), + testAccCheckMongoDBAtlasFederatedSettingsIdentityProvidersExists(resourceName), resource.TestCheckResourceAttrSet(resourceName, "federation_settings_id"), resource.TestCheckResourceAttrSet(resourceName, "results.#"), @@ -48,7 +48,7 @@ func testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProviderConfig(federa `, federatedSettingsID) } -func testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderExists(resourceName string) resource.TestCheckFunc { +func testAccCheckMongoDBAtlasFederatedSettingsIdentityProvidersExists(resourceName string) resource.TestCheckFunc { return func(s *terraform.State) error { conn := testAccProvider.Meta().(*MongoDBClient).Atlas diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go index 8a3d49d4d7..3e091c2ea3 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go @@ -46,7 +46,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProvider() *schema.Resource { Type: schema.TypeString, Required: true, }, - "okta_idp_id": { + "idp_id": { Type: schema.TypeString, Computed: true, }, @@ -65,7 +65,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Conte ids := decodeStateID(d.Id()) federationSettingsID := ids["federation_settings_id"] - oktaIdpID := ids["okta_idp_id"] + oktaIdpID := ids["idp_id"] federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) if err != nil { @@ -87,7 +87,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Conte return diag.FromErr(fmt.Errorf("error setting associated domains list (%s): %s", d.Id(), err)) } - if err := d.Set("okta_idp_id", federatedSettingsConnectedOrganization.OktaIdpID); err != nil { + if err := d.Set("idp_id", federatedSettingsConnectedOrganization.OktaIdpID); err != nil { return diag.FromErr(fmt.Errorf("error setting OktaIdpID (%s): %s", d.Id(), err)) } @@ -97,7 +97,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Conte d.SetId(encodeStateID(map[string]string{ "federation_settings_id": federationSettingsID, - "okta_idp_id": oktaIdpID, + "idp_id": oktaIdpID, })) return nil @@ -108,7 +108,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderUpdate(ctx context.Con conn := meta.(*MongoDBClient).Atlas ids := decodeStateID(d.Id()) federationSettingsID := ids["federation_settings_id"] - oktaIdpID := ids["okta_idp_id"] + oktaIdpID := ids["idp_id"] federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) if err != nil { @@ -176,7 +176,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderImportState(ctx contex d.SetId(encodeStateID(map[string]string{ "federation_settings_id": *federationSettingsID, - "okta_idp_id": *oktaIdpID, + "idp_id": *oktaIdpID, })) return []*schema.ResourceData{d}, nil diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go new file mode 100644 index 0000000000..99871f5759 --- /dev/null +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go @@ -0,0 +1,137 @@ +package mongodbatlas + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + federatedSettingsOrganizationRoleMapping matlas.FederatedSettingsOrganizationRoleMapping + resourceName = "mongodbatlas_cloud_federated_settings_org_role_mapping.test" + federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") + groupID = os.Getenv("MONGODB_ATLAS_FEDERATED_GROUP_ID") + ) + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderDestroy, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasFederatedSettingsOrganizationRoleMappingConfig(federationSettingsID, orgID, groupID), + + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingExists(resourceName, &federatedSettingsOrganizationRoleMapping), + resource.TestCheckResourceAttr(resourceName, "federation_settings_id", federationSettingsID), + resource.TestCheckResourceAttr(resourceName, "org_id", orgID), + resource.TestCheckResourceAttr(resourceName, "external_group_name", "newgroup"), + ), + }, + }, + }) +} + +func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_importBasic(t *testing.T) { + SkipTestExtCred(t) + var ( + resourceName = "mongodbatlas_cloud_federated_settings_org_role_mapping.test" + federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") + groupID = os.Getenv("MONGODB_ATLAS_FEDERATED_GROUP_ID") + ) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingDestroy, + Steps: []resource.TestStep{ + + { + Config: testAccMongoDBAtlasFederatedSettingsOrganizationRoleMappingConfig(federationSettingsID, orgID, groupID), + ResourceName: resourceName, + ImportStateIdFunc: testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingImportStateIDFunc(resourceName), + ImportState: false, + ImportStateVerify: false, + }, + }, + }) +} + +func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingExists(resourceName string, snapshotExportJob *matlas.FederatedSettingsOrganizationRoleMapping) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("not found: %s", resourceName) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no ID is set") + } + + ids := decodeStateID(rs.Primary.ID) + + response, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), ids["federation_settings_id"], ids["org_id"], ids["role_mapping_id"]) + if err == nil { + *snapshotExportJob = *response + return nil + } + + return fmt.Errorf("role mapping (%s) does not exist", ids["role_mapping_id"]) + } +} + +func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingDestroy(state *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + for _, rs := range state.RootModule().Resources { + if rs.Type != "mongodbatlas_cloud_federated_settings_org_role_mapping" { + continue + } + + ids := decodeStateID(rs.Primary.ID) + + snapshotExportBucket, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), ids["federation_settings_id"], ids["org_id"], ids["role_mapping_id"]) + if err == nil && snapshotExportBucket != nil { + return fmt.Errorf("identity provider (%s) still exists", ids["idp_id"]) + } + } + + return nil +} + +func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingImportStateIDFunc(resourceName string) resource.ImportStateIdFunc { + return func(s *terraform.State) (string, error) { + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return "", fmt.Errorf("not found: %s", resourceName) + } + + ids := decodeStateID(rs.Primary.ID) + + return fmt.Sprintf("%s-%s-%s", ids["federation_settings_id"], ids["org_id"], ids["role_mapping_id"]), nil + } +} + +func testAccMongoDBAtlasFederatedSettingsOrganizationRoleMappingConfig(federationSettingsID, orgID, groupID string) string { + return fmt.Sprintf(` + resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "test" { + federation_settings_id = "%[1]s" + org_id = "%[2]s" + external_group_name = "newgroup" + + organization_roles = ["ORG_OWNER", "ORG_MEMBER"] + //group_id = "%[3]s" + //group_roles = ["GROUP_OWNER", "GROUP_CLUSTER_MANAGER", "GROUP_DATA_ACCESS_ADMIN", "GROUP_DATA_ACCESS_READ_WRITE", "GROUP_SEARCH_INDEX_EDITOR", "GROUP_DATA_ACCESS_READ_ONLY", "GROUP_READ_ONLY"] + + }`, federationSettingsID, orgID, groupID) +} From 9eb80e960cb6e2fd03ce7f79ad63ebf13ae3369b Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 21 Jun 2022 10:00:51 -0500 Subject: [PATCH 18/35] Lint check --- ...las_federated_settings_organization_role_mapping_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go index 99871f5759..969ea313f9 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go @@ -23,7 +23,7 @@ func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_basic(t resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { checkFederatedSettings(t) }, ProviderFactories: testAccProviderFactories, - CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderDestroy, + CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingDestroy, Steps: []resource.TestStep{ { Config: testAccMongoDBAtlasFederatedSettingsOrganizationRoleMappingConfig(federationSettingsID, orgID, groupID), @@ -130,8 +130,8 @@ func testAccMongoDBAtlasFederatedSettingsOrganizationRoleMappingConfig(federatio external_group_name = "newgroup" organization_roles = ["ORG_OWNER", "ORG_MEMBER"] - //group_id = "%[3]s" - //group_roles = ["GROUP_OWNER", "GROUP_CLUSTER_MANAGER", "GROUP_DATA_ACCESS_ADMIN", "GROUP_DATA_ACCESS_READ_WRITE", "GROUP_SEARCH_INDEX_EDITOR", "GROUP_DATA_ACCESS_READ_ONLY", "GROUP_READ_ONLY"] + group_id = "%[3]s" + group_roles = ["GROUP_OWNER", "GROUP_CLUSTER_MANAGER"] }`, federationSettingsID, orgID, groupID) } From 5a7009e81dd60210a80c4bca5152dfb59b3433c9 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 21 Jun 2022 21:30:20 -0500 Subject: [PATCH 19/35] Add additional datasources and tests --- ...derated_settings_connected_organization.go | 206 +++++++++++++ ...ed_settings_connected_organization_test.go | 71 +++++ ...as_federated_settings_identity_provider.go | 273 ++++++++++++++++++ ...derated_settings_identity_provider_test.go | 45 +++ ...erated_settings_identity_providers_test.go | 6 +- ...ated_settings_organization_role_mapping.go | 98 +++++++ ...settings_organization_role_mapping_test.go | 49 ++++ ...ted_settings_organization_role_mappings.go | 4 +- ...ettings_organization_role_mappings_test.go | 2 +- mongodbatlas/provider.go | 3 + ...settings_organization_role_mapping_test.go | 14 +- 11 files changed, 759 insertions(+), 12 deletions(-) create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider_test.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping.go create mode 100644 mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping_test.go diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization.go new file mode 100644 index 0000000000..fdfe8bed74 --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization.go @@ -0,0 +1,206 @@ +package mongodbatlas + +import ( + "context" + "errors" + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func dataSourceMongoDBAtlasFederatedSettingsOrganizationConfig() *schema.Resource { + return &schema.Resource{ + ReadContext: dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigRead, + Schema: map[string]*schema.Schema{ + "federation_settings_id": { + Type: schema.TypeString, + Required: true, + }, + "org_id": { + Type: schema.TypeString, + Required: true, + }, + "domain_allow_list": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "domain_restriction_enabled": { + Type: schema.TypeBool, + Computed: true, + }, + "identity_provider_id": { + Type: schema.TypeString, + Computed: true, + }, + "post_auth_role_grants": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "role_mappings": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "external_group_name": { + Type: schema.TypeString, + Computed: true, + }, + "id": { + Type: schema.TypeString, + Computed: true, + }, + "role_assignments": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "group_id": { + Type: schema.TypeString, + Computed: true, + }, + "org_id": { + Type: schema.TypeString, + Computed: true, + }, + "role": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + "user_conflicts": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "email_address": { + Type: schema.TypeString, + Computed: true, + }, + "federation_settings_id": { + Type: schema.TypeString, + Computed: true, + }, + "first_name": { + Type: schema.TypeString, + Computed: true, + }, + "last_name": { + Type: schema.TypeString, + Computed: true, + }, + "user_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + } +} +func dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + federationSettingsID, federationSettingsIDOk := d.GetOk("federation_settings_id") + + if !federationSettingsIDOk { + return diag.FromErr(errors.New("federation_settings_id must be configured")) + } + + orgID, orgIDOk := d.GetOk("org_id") + + if !orgIDOk { + return diag.FromErr(errors.New("org_id must be configured")) + } + + federatedSettingsConnectedOrganization, _, err := conn.FederatedSettings.GetConnectedOrg(ctx, federationSettingsID.(string), orgID.(string)) + if err != nil { + return diag.Errorf("error getting federatedSettings connected organizations assigned (%s): %s", federationSettingsID, err) + } + + if err := d.Set("domain_allow_list", federatedSettingsConnectedOrganization.DomainAllowList); err != nil { + return diag.FromErr(fmt.Errorf("error setting `domain_allow_list` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("domain_restriction_enabled", federatedSettingsConnectedOrganization.DomainRestrictionEnabled); err != nil { + return diag.FromErr(fmt.Errorf("error setting `domain_restriction_enabled` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("identity_provider_id", federatedSettingsConnectedOrganization.IdentityProviderID); err != nil { + return diag.FromErr(fmt.Errorf("error setting `identity_provider_id` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("org_id", federatedSettingsConnectedOrganization.OrgID); err != nil { + return diag.FromErr(fmt.Errorf("error setting `org_id` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("post_auth_role_grants", federatedSettingsConnectedOrganization.PostAuthRoleGrants); err != nil { + return diag.FromErr(fmt.Errorf("error setting `post_auth_role_grants` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("role_mappings", flattenRoleMappings(federatedSettingsConnectedOrganization.RoleMappings)); err != nil { + return diag.FromErr(fmt.Errorf("error setting `role_mappings` for federatedSettings IdentityProviders: %s", err)) + } + if federatedSettingsConnectedOrganization.UserConflicts == nil { + if err := d.Set("user_conflicts", federatedSettingsConnectedOrganization.UserConflicts); err != nil { + return diag.FromErr(fmt.Errorf("error setting `user_conflicts` for federatedSettings IdentityProviders: %s", err)) + } + } else { + if err := d.Set("user_conflicts", flattenUserConflicts(*federatedSettingsConnectedOrganization.UserConflicts)); err != nil { + return diag.FromErr(fmt.Errorf("error setting `user_conflicts` for federatedSettings IdentityProviders: %s", err)) + } + } + + d.SetId(federatedSettingsConnectedOrganization.OrgID) + + return nil +} + +func flattenFederatedSettingsOrganizationConfig(federatedSettingsConnectedOrganizations matlas.FederatedSettingsConnectedOrganizations) []map[string]interface{} { + var federatedSettingsConnectedOrganizationsMap []map[string]interface{} + + if (federatedSettingsConnectedOrganizations.TotalCount) > 0 { + federatedSettingsConnectedOrganizationsMap = make([]map[string]interface{}, federatedSettingsConnectedOrganizations.TotalCount) + + for i := range federatedSettingsConnectedOrganizations.Results { + if federatedSettingsConnectedOrganizations.Results[i].UserConflicts == nil { + federatedSettingsConnectedOrganizationsMap[i] = map[string]interface{}{ + "domain_allow_list": federatedSettingsConnectedOrganizations.Results[i].DomainAllowList, + "domain_restriction_enabled": federatedSettingsConnectedOrganizations.Results[i].DomainRestrictionEnabled, + "identity_provider_id": federatedSettingsConnectedOrganizations.Results[i].IdentityProviderID, + "org_id": federatedSettingsConnectedOrganizations.Results[i].OrgID, + "post_auth_role_grants": federatedSettingsConnectedOrganizations.Results[i].PostAuthRoleGrants, + "role_mappings": flattenRoleMappings(federatedSettingsConnectedOrganizations.Results[i].RoleMappings), + "user_conflicts": nil, + } + } else { + federatedSettingsConnectedOrganizationsMap[i] = map[string]interface{}{ + "domain_allow_list": federatedSettingsConnectedOrganizations.Results[i].DomainAllowList, + "domain_restriction_enabled": federatedSettingsConnectedOrganizations.Results[i].DomainRestrictionEnabled, + "identity_provider_id": federatedSettingsConnectedOrganizations.Results[i].IdentityProviderID, + "org_id": federatedSettingsConnectedOrganizations.Results[i].OrgID, + "post_auth_role_grants": federatedSettingsConnectedOrganizations.Results[i].PostAuthRoleGrants, + "role_mappings": flattenRoleMappings(federatedSettingsConnectedOrganizations.Results[i].RoleMappings), + "user_conflicts": flattenUserConflicts(*federatedSettingsConnectedOrganizations.Results[i].UserConflicts), + } + } + } + } + + return federatedSettingsConnectedOrganizationsMap +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go new file mode 100644 index 0000000000..70c8cfb0c3 --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go @@ -0,0 +1,71 @@ +package mongodbatlas + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationConfig_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + resourceName = "data.mongodbatlas_cloud_federated_settings_org_config.test" + federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") + ) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationConfigConfig(federatedSettingsID, orgID), + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "federation_settings_id"), + resource.TestCheckResourceAttrSet(resourceName, "role_mappings.#"), + resource.TestCheckResourceAttrSet(resourceName, "identity_provider_id"), + resource.TestCheckResourceAttrSet(resourceName, "org_id"), + resource.TestCheckResourceAttr(resourceName, "identity_provider_id", "0oad4fas87jL5Xnk1297"), + ), + }, + }, + }) +} + +func testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationConfigConfig(federatedSettingsID, orgID string) string { + return fmt.Sprintf(` + data "mongodbatlas_cloud_federated_settings_org_config" "test" { + federation_settings_id = "%[1]s" + org_id = "%[2]s" + + } +`, federatedSettingsID, orgID) +} + +func testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigExists(resourceName string) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("not found: %s", resourceName) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no ID is set") + } + + _, _, err := conn.FederatedSettings.ListConnectedOrgs(context.Background(), rs.Primary.Attributes["federation_settings_id"], nil) + if err != nil { + return fmt.Errorf("FederatedSettingsConnectedOrganization (%s) does not exist", rs.Primary.ID) + } + + return nil + } +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider.go new file mode 100644 index 0000000000..141a77822f --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider.go @@ -0,0 +1,273 @@ +package mongodbatlas + +import ( + "context" + "errors" + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourceMongoDBAtlasFederatedSettingsIdentityProvider() *schema.Resource { + return &schema.Resource{ + ReadContext: dataSourceMongoDBAtlasFederatedSettingsIdentityProviderRead, + Schema: map[string]*schema.Schema{ + "federation_settings_id": { + Type: schema.TypeString, + Required: true, + }, + "identity_provider_id": { + Type: schema.TypeString, + Required: true, + }, + + "acs_url": { + Type: schema.TypeString, + Computed: true, + }, + "associated_domains": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "associated_orgs": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "domain_allow_list": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "domain_restriction_enabled": { + Type: schema.TypeBool, + Computed: true, + }, + "identity_provider_id": { + Type: schema.TypeString, + Computed: true, + }, + "org_id": { + Type: schema.TypeString, + Computed: true, + }, + "post_auth_role_grants": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "role_mappings": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "external_group_name": { + Type: schema.TypeString, + Computed: true, + }, + "id": { + Type: schema.TypeString, + Computed: true, + }, + "role_assignments": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "group_id": { + Type: schema.TypeString, + Computed: true, + }, + "org_id": { + Type: schema.TypeString, + Computed: true, + }, + "role": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + "user_conflicts": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "email_address": { + Type: schema.TypeString, + Computed: true, + }, + "federation_settings_id": { + Type: schema.TypeString, + Computed: true, + }, + "first_name": { + Type: schema.TypeString, + Computed: true, + }, + "last_name": { + Type: schema.TypeString, + Computed: true, + }, + "user_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + "audience_uri": { + Type: schema.TypeString, + Computed: true, + }, + "display_name": { + Type: schema.TypeString, + Computed: true, + }, + "issuer_uri": { + Type: schema.TypeString, + Computed: true, + }, + "idp_id": { + Type: schema.TypeString, + Computed: true, + }, + "pem_file_info": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "certificates": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "not_after": { + Type: schema.TypeString, + Computed: true, + }, + "not_before": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "file_name": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "request_binding": { + Type: schema.TypeString, + Computed: true, + }, + "response_signature_algorithm": { + Type: schema.TypeString, + Computed: true, + }, + "sso_debug_enabled": { + Type: schema.TypeBool, + Computed: true, + }, + "sso_url": { + Type: schema.TypeString, + Computed: true, + }, + "status": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} +func dataSourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + federationSettingsID, federationSettingsIDOk := d.GetOk("federation_settings_id") + + if !federationSettingsIDOk { + return diag.FromErr(errors.New("federation_settings_id must be configured")) + } + + idpID, idpIDOk := d.GetOk("identity_provider_id") + + if !idpIDOk { + return diag.FromErr(errors.New("identity_provider_id must be configured")) + } + + federatedSettingsIdentityProvider, _, err := conn.FederatedSettings.GetIdentityProvider(ctx, federationSettingsID.(string), idpID.(string)) + if err != nil { + return diag.Errorf("error getting federatedSettings IdentityProviders assigned (%s): %s", federationSettingsID, err) + } + + if err := d.Set("acs_url", federatedSettingsIdentityProvider.AcsURL); err != nil { + return diag.FromErr(fmt.Errorf("error setting `acs_url` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("associated_domains", federatedSettingsIdentityProvider.AssociatedDomains); err != nil { + return diag.FromErr(fmt.Errorf("error setting `associated_domains` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("associated_orgs", flattenAssociatedOrgs(federatedSettingsIdentityProvider.AssociatedOrgs)); err != nil { + return diag.FromErr(fmt.Errorf("error setting `associated_orgs` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("display_name", federatedSettingsIdentityProvider.DisplayName); err != nil { + return diag.FromErr(fmt.Errorf("error setting `display_name` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("issuer_uri", federatedSettingsIdentityProvider.IssuerURI); err != nil { + return diag.FromErr(fmt.Errorf("error setting `issuer_uri` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("idp_id", federatedSettingsIdentityProvider.OktaIdpID); err != nil { + return diag.FromErr(fmt.Errorf("error setting `idp_id` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("pem_file_info", flattenPemFileInfo(*federatedSettingsIdentityProvider.PemFileInfo)); err != nil { + return diag.FromErr(fmt.Errorf("error setting `pem_file_info` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("request_binding", federatedSettingsIdentityProvider.RequestBinding); err != nil { + return diag.FromErr(fmt.Errorf("error setting `request_binding` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("response_signature_algorithm", federatedSettingsIdentityProvider.ResponseSignatureAlgorithm); err != nil { + return diag.FromErr(fmt.Errorf("error setting `response_signature_algorithm` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("sso_debug_enabled", federatedSettingsIdentityProvider.SsoDebugEnabled); err != nil { + return diag.FromErr(fmt.Errorf("error setting `sso_debug_enabled` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("sso_url", federatedSettingsIdentityProvider.SsoURL); err != nil { + return diag.FromErr(fmt.Errorf("error setting `sso_url` for federatedSettings IdentityProviders: %s", err)) + } + + if err := d.Set("status", federatedSettingsIdentityProvider.Status); err != nil { + return diag.FromErr(fmt.Errorf("error setting `status` for federatedSettings IdentityProviders: %s", err)) + } + + d.SetId(federatedSettingsIdentityProvider.OktaIdpID) + + return nil +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider_test.go new file mode 100644 index 0000000000..757913f823 --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider_test.go @@ -0,0 +1,45 @@ +package mongodbatlas + +import ( + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + resourceName = "data.mongodbatlas_cloud_federated_settings_identity_provider.test" + federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") + ) + resource.Test(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProviderConfig(federatedSettingsID, idpID), + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsIdentityProvidersExists(resourceName), + + resource.TestCheckResourceAttrSet(resourceName, "federation_settings_id"), + resource.TestCheckResourceAttrSet(resourceName, "associated_orgs.#"), + resource.TestCheckResourceAttrSet(resourceName, "acs_url"), + resource.TestCheckResourceAttrSet(resourceName, "display_name"), + resource.TestCheckResourceAttr(resourceName, "display_name", "mongodb_federation_test"), + ), + }, + }, + }) +} + +func testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProviderConfig(federatedSettingsID, idpID string) string { + return fmt.Sprintf(` + data "mongodbatlas_cloud_federated_settings_identity_provider" "test" { + federation_settings_id = "%[1]s" + identity_provider_id = "%[2]s" + } +`, federatedSettingsID, idpID) +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go index d0c85b64a2..c8c93687a7 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go @@ -11,7 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" ) -func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *testing.T) { +func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProviders_basic(t *testing.T) { SkipTestExtCred(t) var ( resourceName = "data.mongodbatlas_cloud_federated_settings_identity_providers.test" @@ -24,7 +24,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *tes //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, Steps: []resource.TestStep{ { - Config: testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProviderConfig(federatedSettingsID), + Config: testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProvidersConfig(federatedSettingsID), Check: resource.ComposeTestCheckFunc( testAccCheckMongoDBAtlasFederatedSettingsIdentityProvidersExists(resourceName), @@ -38,7 +38,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *tes }) } -func testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProviderConfig(federatedSettingsID string) string { +func testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProvidersConfig(federatedSettingsID string) string { return fmt.Sprintf(` data "mongodbatlas_cloud_federated_settings_identity_providers" "test" { federation_settings_id = "%[1]s" diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping.go new file mode 100644 index 0000000000..d533d5cc87 --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping.go @@ -0,0 +1,98 @@ +package mongodbatlas + +import ( + "context" + "errors" + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping() *schema.Resource { + return &schema.Resource{ + ReadContext: dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead, + Schema: map[string]*schema.Schema{ + "federation_settings_id": { + Type: schema.TypeString, + Required: true, + }, + "org_id": { + Type: schema.TypeString, + Required: true, + }, + "role_mapping_id": { + Type: schema.TypeString, + Required: true, + }, + + "external_group_name": { + Type: schema.TypeString, + Computed: true, + }, + "id": { + Type: schema.TypeString, + Computed: true, + }, + "role_assignments": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "group_id": { + Type: schema.TypeString, + Computed: true, + }, + "org_id": { + Type: schema.TypeString, + Computed: true, + }, + "role": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + } +} +func dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + // Get client connection. + conn := meta.(*MongoDBClient).Atlas + + federationSettingsID, federationSettingsIDOk := d.GetOk("federation_settings_id") + + if !federationSettingsIDOk { + return diag.FromErr(errors.New("federation_settings_id must be configured")) + } + + orgID, orgIDOk := d.GetOk("org_id") + + if !orgIDOk { + return diag.FromErr(errors.New("org_id must be configured")) + } + + roleMappingID, roleMappingOk := d.GetOk("role_mapping_id") + + if !roleMappingOk { + return diag.FromErr(errors.New("role_mapping_id must be configured")) + } + + federatedSettingsOrganizationRoleMapping, _, err := conn.FederatedSettings.GetRoleMapping(ctx, federationSettingsID.(string), orgID.(string), roleMappingID.(string)) + if err != nil { + return diag.Errorf("error getting federatedSettings Role Mapping assigned (%s): %s", federationSettingsID, err) + } + + if err := d.Set("external_group_name", federatedSettingsOrganizationRoleMapping.ExternalGroupName); err != nil { + return diag.FromErr(fmt.Errorf("error setting `result` for federatedSettings Role Mapping: %s", err)) + } + + if err := d.Set("role_assignments", flattenRoleAssignments(federatedSettingsOrganizationRoleMapping.RoleAssignments)); err != nil { + return diag.FromErr(fmt.Errorf("error setting `result` for federatedSettings Role Mapping: %s", err)) + } + + d.SetId(federatedSettingsOrganizationRoleMapping.ID) + + return nil +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping_test.go new file mode 100644 index 0000000000..5e56b11926 --- /dev/null +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping_test.go @@ -0,0 +1,49 @@ +package mongodbatlas + +import ( + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + federatedSettingsOrganizationRoleMapping matlas.FederatedSettingsOrganizationRoleMapping + resourceName = "data.mongodbatlas_cloud_federated_settings_org_role_mapping.test" + federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") + roleMappingID = os.Getenv("MONGODB_ATLAS_FEDERATED_ROLE_MAPPING_ID") + ) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationRoleMappingConfig(federatedSettingsID, orgID, roleMappingID), + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingExists(resourceName, &federatedSettingsOrganizationRoleMapping), + resource.TestCheckResourceAttrSet(resourceName, "federation_settings_id"), + resource.TestCheckResourceAttrSet(resourceName, "external_group_name"), + resource.TestCheckResourceAttrSet(resourceName, "role_assignments.#"), + resource.TestCheckResourceAttr(resourceName, "org_id", orgID), + resource.TestCheckResourceAttr(resourceName, "external_group_name", "group2"), + ), + }, + }, + }) +} + +func testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationRoleMappingConfig(federatedSettingsID, orgID, roleMappingID string) string { + return fmt.Sprintf(` + data "mongodbatlas_cloud_federated_settings_org_role_mapping" "test" { + federation_settings_id = "%[1]s" + org_id = "%[2]s" + role_mapping_id = "%[3]s" + } +`, federatedSettingsID, orgID, roleMappingID) +} diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go index dc567e5e6f..74521b7da2 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go @@ -93,11 +93,11 @@ func dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingsRead(ctx con federatedSettingsOrganizationRoleMappings, _, err := conn.FederatedSettings.ListRoleMappings(ctx, federationSettingsID.(string), orgID.(string), options) if err != nil { - return diag.Errorf("error getting federatedSettings IdentityProviders assigned (%s): %s", federationSettingsID, err) + return diag.Errorf("error getting federatedSettings Role Mapping: assigned (%s): %s", federationSettingsID, err) } if err := d.Set("results", flattenFederatedSettingsOrganizationRoleMappings(federatedSettingsOrganizationRoleMappings)); err != nil { - return diag.FromErr(fmt.Errorf("error setting `result` for federatedSettings IdentityProviders: %s", err)) + return diag.FromErr(fmt.Errorf("error setting `result` for federatedSettings Role Mapping:: %s", err)) } d.SetId(federationSettingsID.(string)) diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go index 4477d1baaf..9aa428a545 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go @@ -62,7 +62,7 @@ func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingsExists(res return fmt.Errorf("no ID is set") } - _, _, err := conn.FederatedSettings.ListIdentityProviders(context.Background(), rs.Primary.Attributes["federation_settings_id"], nil) + _, _, err := conn.FederatedSettings.ListRoleMappings(context.Background(), rs.Primary.Attributes["federation_settings_id"], rs.Primary.Attributes["org_id"], nil) if err != nil { return fmt.Errorf("FederatedSettingsOrganizationRoleMappings (%s) does not exist", rs.Primary.ID) } diff --git a/mongodbatlas/provider.go b/mongodbatlas/provider.go index b1aaf980cd..8edcc878ca 100644 --- a/mongodbatlas/provider.go +++ b/mongodbatlas/provider.go @@ -129,8 +129,11 @@ func getDataSourcesMap() map[string]*schema.Resource { "mongodbatlas_cloud_backup_snapshot_export_job": datasourceMongoDBAtlasCloudBackupSnapshotExportJob(), "mongodbatlas_cloud_backup_snapshot_export_jobs": datasourceMongoDBAtlasCloudBackupSnapshotExportJobs(), "mongodbatlas_cloud_federated_settings": dataSourceMongoDBAtlasFederatedSettings(), + "mongodbatlas_cloud_federated_settings_identity_provider": dataSourceMongoDBAtlasFederatedSettingsIdentityProvider(), "mongodbatlas_cloud_federated_settings_identity_providers": dataSourceMongoDBAtlasFederatedSettingsIdentityProviders(), + "mongodbatlas_cloud_federated_settings_org_config": dataSourceMongoDBAtlasFederatedSettingsOrganizationConfig(), "mongodbatlas_cloud_federated_settings_org_configs": dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs(), + "mongodbatlas_cloud_federated_settings_org_role_mapping": dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping(), "mongodbatlas_cloud_federated_settings_org_role_mappings": dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings(), } return dataSourcesMap diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go index 969ea313f9..78e3eb2605 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go @@ -65,7 +65,8 @@ func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_importB }) } -func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingExists(resourceName string, snapshotExportJob *matlas.FederatedSettingsOrganizationRoleMapping) resource.TestCheckFunc { +func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingExists(resourceName string, + federatedSettingsOrganizationRoleMapping *matlas.FederatedSettingsOrganizationRoleMapping) resource.TestCheckFunc { return func(s *terraform.State) error { conn := testAccProvider.Meta().(*MongoDBClient).Atlas @@ -78,15 +79,16 @@ func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingExists(reso return fmt.Errorf("no ID is set") } - ids := decodeStateID(rs.Primary.ID) - - response, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), ids["federation_settings_id"], ids["org_id"], ids["role_mapping_id"]) + response, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), + rs.Primary.Attributes["federation_settings_id"], + rs.Primary.Attributes["org_id"], + rs.Primary.Attributes["role_mapping_id"]) if err == nil { - *snapshotExportJob = *response + *federatedSettingsOrganizationRoleMapping = *response return nil } - return fmt.Errorf("role mapping (%s) does not exist", ids["role_mapping_id"]) + return fmt.Errorf("role mapping (%s) does not exist", rs.Primary.Attributes["role_mapping_id"]) } } From cb83995ee95358184c6a1833fdf13bc74c44279f Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 21 Jun 2022 21:33:27 -0500 Subject: [PATCH 20/35] Remove unused function --- ...derated_settings_connected_organization.go | 36 ------------------- 1 file changed, 36 deletions(-) diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization.go index fdfe8bed74..963a50e196 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization.go @@ -7,8 +7,6 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - - matlas "go.mongodb.org/atlas/mongodbatlas" ) func dataSourceMongoDBAtlasFederatedSettingsOrganizationConfig() *schema.Resource { @@ -170,37 +168,3 @@ func dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigRead(ctx context.C return nil } - -func flattenFederatedSettingsOrganizationConfig(federatedSettingsConnectedOrganizations matlas.FederatedSettingsConnectedOrganizations) []map[string]interface{} { - var federatedSettingsConnectedOrganizationsMap []map[string]interface{} - - if (federatedSettingsConnectedOrganizations.TotalCount) > 0 { - federatedSettingsConnectedOrganizationsMap = make([]map[string]interface{}, federatedSettingsConnectedOrganizations.TotalCount) - - for i := range federatedSettingsConnectedOrganizations.Results { - if federatedSettingsConnectedOrganizations.Results[i].UserConflicts == nil { - federatedSettingsConnectedOrganizationsMap[i] = map[string]interface{}{ - "domain_allow_list": federatedSettingsConnectedOrganizations.Results[i].DomainAllowList, - "domain_restriction_enabled": federatedSettingsConnectedOrganizations.Results[i].DomainRestrictionEnabled, - "identity_provider_id": federatedSettingsConnectedOrganizations.Results[i].IdentityProviderID, - "org_id": federatedSettingsConnectedOrganizations.Results[i].OrgID, - "post_auth_role_grants": federatedSettingsConnectedOrganizations.Results[i].PostAuthRoleGrants, - "role_mappings": flattenRoleMappings(federatedSettingsConnectedOrganizations.Results[i].RoleMappings), - "user_conflicts": nil, - } - } else { - federatedSettingsConnectedOrganizationsMap[i] = map[string]interface{}{ - "domain_allow_list": federatedSettingsConnectedOrganizations.Results[i].DomainAllowList, - "domain_restriction_enabled": federatedSettingsConnectedOrganizations.Results[i].DomainRestrictionEnabled, - "identity_provider_id": federatedSettingsConnectedOrganizations.Results[i].IdentityProviderID, - "org_id": federatedSettingsConnectedOrganizations.Results[i].OrgID, - "post_auth_role_grants": federatedSettingsConnectedOrganizations.Results[i].PostAuthRoleGrants, - "role_mappings": flattenRoleMappings(federatedSettingsConnectedOrganizations.Results[i].RoleMappings), - "user_conflicts": flattenUserConflicts(*federatedSettingsConnectedOrganizations.Results[i].UserConflicts), - } - } - } - } - - return federatedSettingsConnectedOrganizationsMap -} From 9dc408f958611519dd7eeae17d94a559cdbeb0fe Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Thu, 23 Jun 2022 09:55:53 -0500 Subject: [PATCH 21/35] Add support for role mappings and update tests and examples --- examples/Federated-Settings/main.tf | 12 +- ...derated_settings_connected_organization.go | 50 ++++ ...ated_settings_organization_role_mapping.go | 234 ++++++++++++------ ...settings_organization_role_mapping_test.go | 16 +- 4 files changed, 226 insertions(+), 86 deletions(-) diff --git a/examples/Federated-Settings/main.tf b/examples/Federated-Settings/main.tf index d32ee7e544..babc021b0d 100644 --- a/examples/Federated-Settings/main.tf +++ b/examples/Federated-Settings/main.tf @@ -18,9 +18,15 @@ resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_role_mapp org_id = var.org_id external_group_name = "newgroup" - organization_roles = ["ORG_OWNER", "ORG_MEMBER"] - group_id = var.group_id - group_roles = ["GROUP_OWNER", "GROUP_CLUSTER_MANAGER", "GROUP_DATA_ACCESS_ADMIN", "GROUP_DATA_ACCESS_READ_WRITE", "GROUP_SEARCH_INDEX_EDITOR", "GROUP_DATA_ACCESS_READ_ONLY", "GROUP_READ_ONLY"] + role_assignments { + group_id = var.group_id + roles = ["GROUP_OWNER", "GROUP_DATA_ACCESS_ADMIN", "GROUP_SEARCH_INDEX_EDITOR", "GROUP_DATA_ACCESS_READ_ONLY"] + } + + role_assignments { + org_id = var.org_id + roles = ["ORG_OWNER", "ORG_MEMBER"] + } } resource "mongodbatlas_cloud_federated_settings_org_config" "org_connections_import" { diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go index 14b260acf2..848671a237 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go @@ -42,10 +42,51 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfig() *schema.Resource Type: schema.TypeString, }, }, + "post_auth_role_grants": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, "domain_restriction_enabled": { Type: schema.TypeBool, Required: true, }, + "user_conflicts": { + Type: schema.TypeList, + Optional: true, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "email_address": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "federation_settings_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "first_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "last_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "user_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + }, + }, }, } } @@ -82,6 +123,10 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigRead(ctx context.Con return diag.FromErr(fmt.Errorf("error setting domain allow list (%s): %s", d.Id(), err)) } + if err := d.Set("post_auth_role_grants", federatedSettingsConnectedOrganization.PostAuthRoleGrants); err != nil { + return diag.FromErr(fmt.Errorf("error setting post_auth_role_grants (%s): %s", d.Id(), err)) + } + d.SetId(encodeStateID(map[string]string{ "federation_settings_id": federationSettingsID, "org_id": orgID, @@ -117,6 +162,11 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigUpdate(ctx context.C federatedSettingsConnectedOrganizationUpdate.IdentityProviderID = identityProviderID } + if d.HasChange("post_auth_role_grants") { + postAuthRoleGrants := d.Get("post_auth_role_grants") + federatedSettingsConnectedOrganizationUpdate.PostAuthRoleGrants = cast.ToStringSlice(postAuthRoleGrants) + } + _, _, err = conn.FederatedSettings.UpdateConnectedOrg(ctx, federationSettingsID, orgID, federatedSettingsConnectedOrganizationUpdate) if err != nil { return diag.FromErr(fmt.Errorf("error updating federation settings connected organization (%s): %s", federationSettingsID, err)) diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go index 675372dae2..c54a87472e 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go @@ -8,7 +8,8 @@ import ( "regexp" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" - "go.mongodb.org/atlas/mongodbatlas" + + mongodbatlas "go.mongodb.org/atlas/mongodbatlas" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" ) @@ -31,26 +32,36 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping() *schema.Reso Type: schema.TypeString, Required: true, }, + "external_group_name": { Type: schema.TypeString, Required: true, }, - "organization_roles": { - Type: schema.TypeSet, - Optional: true, - Elem: &schema.Schema{ - Type: schema.TypeString, - }, - }, - "group_id": { + "id": { Type: schema.TypeString, - Optional: true, + Computed: true, }, - "group_roles": { + "role_assignments": { Type: schema.TypeSet, - Optional: true, - Elem: &schema.Schema{ - Type: schema.TypeString, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "group_id": { + Type: schema.TypeString, + Optional: true, + }, + "org_id": { + Type: schema.TypeString, + Optional: true, + }, + "roles": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, }, }, }, @@ -82,25 +93,8 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead(ctx contex return diag.FromErr(fmt.Errorf("error setting external group name (%s): %s", d.Id(), err)) } - orgRoles := []string{} - groupRoles := []string{} - - for i := range federatedSettingsOrganizationRoleMapping.RoleAssignments { - if federatedSettingsOrganizationRoleMapping.RoleAssignments[i].GroupID == "" { - orgRoles = append(orgRoles, federatedSettingsOrganizationRoleMapping.RoleAssignments[i].Role) - } - - if federatedSettingsOrganizationRoleMapping.RoleAssignments[i].OrgID == "" { - groupRoles = append(groupRoles, federatedSettingsOrganizationRoleMapping.RoleAssignments[i].Role) - } - } - - if err := d.Set("organization_roles", orgRoles); err != nil { - return diag.FromErr(fmt.Errorf("error setting org roles (%s): %s", d.Id(), err)) - } - - if err := d.Set("group_roles", groupRoles); err != nil { - return diag.FromErr(fmt.Errorf("error setting group roles (%s): %s", d.Id(), err)) + if err := d.Set("role_assignments", flattenRoleAssignmentsSpecal(federatedSettingsOrganizationRoleMapping.RoleAssignments)); err != nil { + return diag.FromErr(fmt.Errorf("error setting role_assignments (%s): %s", d.Id(), err)) } d.SetId(encodeStateID(map[string]string{ @@ -115,38 +109,34 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead(ctx contex func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { // Get client connection. conn := meta.(*MongoDBClient).Atlas - federationSettingsID := d.Get("federation_settings_id").(string) - orgID := d.Get("org_id").(string) - groupID := d.Get("group_id").(string) + federationSettingsID, federationSettingsIDOk := d.GetOk("federation_settings_id") + + if !federationSettingsIDOk { + return diag.FromErr(errors.New("federation_settings_id must be configured")) + } + + orgID, orgIDOk := d.GetOk("org_id") + + if !orgIDOk { + return diag.FromErr(errors.New("org_id must be configured")) + } externalGroupName := d.Get("external_group_name").(string) body := &mongodbatlas.FederatedSettingsOrganizationRoleMapping{} - body.ExternalGroupName = externalGroupName - for _, role := range d.Get("organization_roles").(*schema.Set).List() { - roleAssignment := mongodbatlas.RoleAssignments{} - roleAssignment.Role = role.(string) + ra := []*mongodbatlas.RoleAssignments{} - roleAssignment.OrgID = orgID - roleAssignment.GroupID = "" - if roleAssignment.Role != "" { - body.RoleAssignments = append(body.RoleAssignments, &roleAssignment) - } - } - - for _, role := range d.Get("group_roles").(*schema.Set).List() { - roleAssignment := mongodbatlas.RoleAssignments{} - roleAssignment.Role = role.(string) + body.ExternalGroupName = externalGroupName + roleAssignments := expandRoleAssignments(d) - roleAssignment.OrgID = "" - roleAssignment.GroupID = groupID - if roleAssignment.Role != "" { - body.RoleAssignments = append(body.RoleAssignments, &roleAssignment) - } + for i := range roleAssignments { + ra = append(ra, &roleAssignments[i]) } - federatedSettingsOrganizationRoleMapping, resp, err := conn.FederatedSettings.CreateRoleMapping(context.Background(), federationSettingsID, orgID, body) + body.RoleAssignments = ra + + federatedSettingsOrganizationRoleMapping, resp, err := conn.FederatedSettings.CreateRoleMapping(context.Background(), federationSettingsID.(string), orgID.(string), body) if err != nil { // case 404 // deleted in the backend case @@ -159,8 +149,8 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingCreate(ctx cont } d.SetId(encodeStateID(map[string]string{ - "federation_settings_id": federationSettingsID, - "org_id": orgID, + "federation_settings_id": federationSettingsID.(string), + "org_id": orgID.(string), "role_mapping_id": federatedSettingsOrganizationRoleMapping.ID, })) @@ -174,7 +164,6 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingUpdate(ctx cont federationSettingsID := ids["federation_settings_id"] orgID := ids["org_id"] roleMappingID := ids["role_mapping_id"] - groupID := d.Get("group_id").(string) federatedSettingsOrganizationRoleMappingUpdate, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), federationSettingsID, orgID, roleMappingID) if err != nil { @@ -186,30 +175,19 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingUpdate(ctx cont federatedSettingsOrganizationRoleMappingUpdate.ExternalGroupName = externalGroupName } - federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments = nil + if d.HasChange("role_assignments") { + federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments = nil - for _, role := range d.Get("organization_roles").(*schema.Set).List() { - roleAssignment := mongodbatlas.RoleAssignments{} - roleAssignment.Role = role.(string) + ra := []*mongodbatlas.RoleAssignments{} - roleAssignment.OrgID = orgID - roleAssignment.GroupID = "" - if roleAssignment.Role != "" { - federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments = append(federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments, &roleAssignment) - } - } - - for _, role := range d.Get("group_roles").(*schema.Set).List() { - roleAssignment := mongodbatlas.RoleAssignments{} - roleAssignment.Role = role.(string) + roleAssignments := expandRoleAssignments(d) - roleAssignment.OrgID = "" - roleAssignment.GroupID = groupID - if roleAssignment.Role != "" { - federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments = append(federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments, &roleAssignment) + for i := range roleAssignments { + ra = append(ra, &roleAssignments[i]) } - } + federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments = ra + } _, _, err = conn.FederatedSettings.UpdateRoleMapping(ctx, federationSettingsID, orgID, roleMappingID, federatedSettingsOrganizationRoleMappingUpdate) if err != nil { return diag.FromErr(fmt.Errorf("error updating federation settings connected organization (%s): %s", federationSettingsID, err)) @@ -302,3 +280,103 @@ func splitFederatedSettingsOrganizationRoleMappingImportID(id string) (federatio return } + +func expandRoleAssignments(d *schema.ResourceData) []mongodbatlas.RoleAssignments { + var roleAssignmentsReturn []mongodbatlas.RoleAssignments + + if v, ok := d.GetOk("role_assignments"); ok { + if rs := v.(*schema.Set); rs.Len() > 0 { + roleAssignments := []mongodbatlas.RoleAssignments{} + roleAssignment := mongodbatlas.RoleAssignments{} + + for _, r := range rs.List() { + roleMap := r.(map[string]interface{}) + + for _, role := range roleMap["roles"].(*schema.Set).List() { + roleAssignment.OrgID = roleMap["org_id"].(string) + roleAssignment.GroupID = roleMap["group_id"].(string) + roleAssignment.Role = role.(string) + roleAssignments = append(roleAssignments, roleAssignment) + } + roleAssignmentsReturn = roleAssignments + } + } + } + + return roleAssignmentsReturn +} + +func flattenRoleAssignmentsSpecal(roleAssignments []*mongodbatlas.RoleAssignments) []map[string]interface{} { + var roleAssignmentsMap []map[string]interface{} + if len(roleAssignments) > 0 { + counterGroup := make(map[string]int) + for _, row := range roleAssignments { + if row.GroupID != "" { + counterGroup[row.GroupID]++ + } + } + + distinctGroup := make([]string, len(counterGroup)) + i := 0 + for k := range counterGroup { + distinctGroup[i] = k + i++ + } + + counterOrg := make(map[string]int) + for _, row := range roleAssignments { + if row.OrgID != "" { + counterOrg[row.OrgID]++ + } + } + + distinctOrg := make([]string, len(counterOrg)) + idx := 0 + for k := range counterOrg { + distinctOrg[idx] = k + idx++ + } + + roleAssignmentsMap = make([]map[string]interface{}, len(counterOrg)+len(counterGroup)) + var rolesOrg []string + var rolesGroup []string + + mapIdx := 0 + + for _, ov := range distinctOrg { + for idx := range roleAssignments { + if roleAssignments[idx].OrgID == ov { + rolesOrg = append(rolesOrg, roleAssignments[idx].Role) + } + } + roleAssignmentsMap[mapIdx] = map[string]interface{}{ + "group_id": "", + "org_id": ov, + "roles": rolesOrg, + } + mapIdx++ + } + + for _, ov := range distinctGroup { + for idx := range roleAssignments { + if roleAssignments[idx].GroupID == ov { + rolesGroup = append(rolesGroup, roleAssignments[idx].Role) + } + } + roleAssignmentsMap[mapIdx] = map[string]interface{}{ + "group_id": ov, + "org_id": "", + "roles": rolesGroup, + } + mapIdx++ + } + + /* if len(roleAssignments) > 0 { + sort.Slice(roleAssignmentsMap, func(i, j int) bool { + return true + }) + }*/ + } + + return roleAssignmentsMap +} diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go index 78e3eb2605..a916f8fa75 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go @@ -130,10 +130,16 @@ func testAccMongoDBAtlasFederatedSettingsOrganizationRoleMappingConfig(federatio federation_settings_id = "%[1]s" org_id = "%[2]s" external_group_name = "newgroup" - - organization_roles = ["ORG_OWNER", "ORG_MEMBER"] - group_id = "%[3]s" - group_roles = ["GROUP_OWNER", "GROUP_CLUSTER_MANAGER"] - + + role_assignments { + org_id ="%[2]s" + roles = ["ORG_MEMBER","ORG_GROUP_CREATOR"] + } + + role_assignments { + group_id = "%[3]s" + roles = ["GROUP_OWNER","GROUP_DATA_ACCESS_ADMIN","GROUP_SEARCH_INDEX_EDITOR","GROUP_DATA_ACCESS_READ_ONLY"] + } + }`, federationSettingsID, orgID, groupID) } From decb9d80fdc3648e13330a2c5690154671e19881 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Thu, 23 Jun 2022 11:01:05 -0500 Subject: [PATCH 22/35] Fix role mapping import to fit new style of parameters --- ...ated_settings_organization_role_mapping.go | 27 +++---------------- 1 file changed, 4 insertions(+), 23 deletions(-) diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go index c54a87472e..5cf8326a31 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go @@ -229,31 +229,12 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingImportState(ctx return nil, fmt.Errorf("error setting role mapping in Federation settings (%s): %s", d.Id(), err) } - orgRoles := []string{} - groupRoles := []string{} - - for i := range federatedSettingsOrganizationRoleMapping.RoleAssignments { - if federatedSettingsOrganizationRoleMapping.RoleAssignments[i].GroupID == "" { - if err := d.Set("org_id", federatedSettingsOrganizationRoleMapping.RoleAssignments[i].OrgID); err != nil { - return nil, fmt.Errorf("error setting org id (%s): %s", d.Id(), err) - } - orgRoles = append(orgRoles, federatedSettingsOrganizationRoleMapping.RoleAssignments[i].Role) - } - - if federatedSettingsOrganizationRoleMapping.RoleAssignments[i].OrgID == "" { - if err := d.Set("group_id", federatedSettingsOrganizationRoleMapping.RoleAssignments[i].GroupID); err != nil { - return nil, fmt.Errorf("error setting group id (%s): %s", d.Id(), err) - } - groupRoles = append(groupRoles, federatedSettingsOrganizationRoleMapping.RoleAssignments[i].Role) - } - } - - if err := d.Set("organization_roles", orgRoles); err != nil { - return nil, fmt.Errorf("error setting org roles (%s): %s", d.Id(), err) + if err := d.Set("org_id", *orgID); err != nil { + return nil, fmt.Errorf("error setting role mapping in Federation settings (%s): %s", d.Id(), err) } - if err := d.Set("group_roles", groupRoles); err != nil { - return nil, fmt.Errorf("error setting group roles (%s): %s", d.Id(), err) + if err := d.Set("role_assignments", flattenRoleAssignmentsSpecal(federatedSettingsOrganizationRoleMapping.RoleAssignments)); err != nil { + return nil, fmt.Errorf("error setting role_assignments (%s): %s", d.Id(), err) } d.SetId(encodeStateID(map[string]string{ From 16b08c03e037b59451d0a5b5a7ac766e443b05b8 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Thu, 23 Jun 2022 11:13:26 -0500 Subject: [PATCH 23/35] Remove commented code --- ...odbatlas_federated_settings_organization_role_mapping.go | 6 ------ 1 file changed, 6 deletions(-) diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go index 5cf8326a31..aa4245d232 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go @@ -351,12 +351,6 @@ func flattenRoleAssignmentsSpecal(roleAssignments []*mongodbatlas.RoleAssignment } mapIdx++ } - - /* if len(roleAssignments) > 0 { - sort.Slice(roleAssignmentsMap, func(i, j int) bool { - return true - }) - }*/ } return roleAssignmentsMap From 02f6f63be97105854fb39e9099ab2d0d18c54b70 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Thu, 23 Jun 2022 11:15:25 -0500 Subject: [PATCH 24/35] go mod tidy --- go.sum | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/go.sum b/go.sum index e0fffed2c8..b164a3631a 100644 --- a/go.sum +++ b/go.sum @@ -1230,16 +1230,6 @@ go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQc go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= go.mongodb.org/atlas v0.12.0/go.mod h1:wVCnHcm/7/IfTjEB6K8K35PLG70yGz8BdkRwX0oK9/M= -go.mongodb.org/atlas v0.15.1-0.20220215171307-4b760c3c624f h1:IvKkFdSSBLC5kqB1X87vn8CRAI7eXoMSK7u2lG+WUg8= -go.mongodb.org/atlas v0.15.1-0.20220215171307-4b760c3c624f/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= -go.mongodb.org/atlas v0.16.0 h1:IqnDuK3XAZUgJ5lPHc4v4z4B8F6mvsS37O4ck7tOYVc= -go.mongodb.org/atlas v0.16.0/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= -go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f h1:UOe3bOi7nzMKO1IFf3buDXHKQAy0spVxDipNoFLuRFM= -go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= -go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7 h1:Ox29ko57cIzdvQNMYmCZFQYYpqFthB5o2e5WiuA/Q+w= -go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= -go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30 h1:UVbPMJSXVDyvIA/JEHI2HAwc+B4R6xpnmSya/pbANpY= -go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= go.mongodb.org/atlas v0.16.1-0.20220531163122-551edbfb2f27 h1:rGTb8CaE9ZKNjmdUJ58jFcHopLg6o6Kzfm9AIayq1Hw= go.mongodb.org/atlas v0.16.1-0.20220531163122-551edbfb2f27/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8= go.mongodb.org/realm v0.1.0 h1:zJiXyLaZrznQ+Pz947ziSrDKUep39DO4SfA0Fzx8M4M= From a5b9aa1be066d1080ae1eca1018ef4b38e03040a Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Thu, 23 Jun 2022 18:36:50 -0500 Subject: [PATCH 25/35] Remove extra parameter user_conflicts --- ...derated_settings_connected_organization.go | 38 ++----------------- 1 file changed, 4 insertions(+), 34 deletions(-) diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go index 848671a237..e3b3e1c318 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go @@ -53,40 +53,6 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfig() *schema.Resource Type: schema.TypeBool, Required: true, }, - "user_conflicts": { - Type: schema.TypeList, - Optional: true, - Computed: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "email_address": { - Type: schema.TypeString, - Optional: true, - Computed: true, - }, - "federation_settings_id": { - Type: schema.TypeString, - Optional: true, - Computed: true, - }, - "first_name": { - Type: schema.TypeString, - Optional: true, - Computed: true, - }, - "last_name": { - Type: schema.TypeString, - Optional: true, - Computed: true, - }, - "user_id": { - Type: schema.TypeString, - Optional: true, - Computed: true, - }, - }, - }, - }, }, } } @@ -218,6 +184,10 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationConfigImportState(ctx cont return nil, fmt.Errorf("error setting org id (%s): %s", d.Id(), err) } + if err := d.Set("identity_provider_id", federatedSettingsConnectedOrganization.IdentityProviderID); err != nil { + return nil, fmt.Errorf("error setting identity provider id (%s): %s", d.Id(), err) + } + d.SetId(encodeStateID(map[string]string{ "federation_settings_id": *federationSettingsID, "org_id": *orgID, From 2823618c3f47c4302a93836a2205902dba54841f Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Fri, 24 Jun 2022 07:22:40 -0500 Subject: [PATCH 26/35] Add missing parameters and refactor name of variables --- ...as_federated_settings_identity_provider.go | 92 ++++++++++++++++--- 1 file changed, 80 insertions(+), 12 deletions(-) diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go index 3e091c2ea3..326e098d2e 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go @@ -31,6 +31,18 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProvider() *schema.Resource { Type: schema.TypeString, Required: true, }, + "issuer_uri": { + Type: schema.TypeString, + Required: true, + }, + "request_binding": { + Type: schema.TypeString, + Required: true, + }, + "response_signature_algorithm": { + Type: schema.TypeString, + Required: true, + }, "associated_domains": { Type: schema.TypeList, Optional: true, @@ -42,6 +54,10 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProvider() *schema.Resource { Type: schema.TypeBool, Required: true, }, + "sso_url": { + Type: schema.TypeString, + Required: true, + }, "status": { Type: schema.TypeString, Required: true, @@ -67,7 +83,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Conte federationSettingsID := ids["federation_settings_id"] oktaIdpID := ids["idp_id"] - federatedSettingsConnectedOrganization, resp, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) + federatedSettingsIdentityProvider, resp, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) if err != nil { // case 404 // deleted in the backend case @@ -79,22 +95,38 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Conte return diag.FromErr(fmt.Errorf("error getting federated settings identity provider: %s", err)) } - if err := d.Set("sso_debug_enabled", federatedSettingsConnectedOrganization.SsoDebugEnabled); err != nil { + if err := d.Set("sso_debug_enabled", federatedSettingsIdentityProvider.SsoDebugEnabled); err != nil { return diag.FromErr(fmt.Errorf("error setting sso debug enabled (%s): %s", d.Id(), err)) } - if err := d.Set("associated_domains", federatedSettingsConnectedOrganization.AssociatedDomains); err != nil { + if err := d.Set("associated_domains", federatedSettingsIdentityProvider.AssociatedDomains); err != nil { return diag.FromErr(fmt.Errorf("error setting associated domains list (%s): %s", d.Id(), err)) } - if err := d.Set("idp_id", federatedSettingsConnectedOrganization.OktaIdpID); err != nil { + if err := d.Set("idp_id", federatedSettingsIdentityProvider.OktaIdpID); err != nil { return diag.FromErr(fmt.Errorf("error setting OktaIdpID (%s): %s", d.Id(), err)) } - if err := d.Set("status", federatedSettingsConnectedOrganization.Status); err != nil { + if err := d.Set("status", federatedSettingsIdentityProvider.Status); err != nil { return diag.FromErr(fmt.Errorf("error setting Status (%s): %s", d.Id(), err)) } + if err := d.Set("issuer_uri", federatedSettingsIdentityProvider.IssuerURI); err != nil { + return diag.FromErr(fmt.Errorf("error setting issuer uri (%s): %s", d.Id(), err)) + } + + if err := d.Set("request_binding", federatedSettingsIdentityProvider.RequestBinding); err != nil { + return diag.FromErr(fmt.Errorf("error setting request binding (%s): %s", d.Id(), err)) + } + + if err := d.Set("response_signature_algorithm", federatedSettingsIdentityProvider.ResponseSignatureAlgorithm); err != nil { + return diag.FromErr(fmt.Errorf("error setting response signature algorithm (%s): %s", d.Id(), err)) + } + + if err := d.Set("sso_url", federatedSettingsIdentityProvider.SsoURL); err != nil { + return diag.FromErr(fmt.Errorf("error setting sso url (%s): %s", d.Id(), err)) + } + d.SetId(encodeStateID(map[string]string{ "federation_settings_id": federationSettingsID, "idp_id": oktaIdpID, @@ -110,34 +142,54 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderUpdate(ctx context.Con federationSettingsID := ids["federation_settings_id"] oktaIdpID := ids["idp_id"] - federatedSettingsConnectedOrganizationUpdate, _, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) + federatedSettingsIdentityProviderUpdate, _, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) if err != nil { return diag.FromErr(fmt.Errorf("error retreiving federation settings identity provider (%s): %s", federationSettingsID, err)) } if d.HasChange("sso_debug_enabled") { ssoDebugEnabled := d.Get("sso_debug_enabled").(bool) - federatedSettingsConnectedOrganizationUpdate.SsoDebugEnabled = &ssoDebugEnabled + federatedSettingsIdentityProviderUpdate.SsoDebugEnabled = &ssoDebugEnabled } if d.HasChange("associated_domains") { associatedDomains := d.Get("associated_domains") - federatedSettingsConnectedOrganizationUpdate.AssociatedDomains = cast.ToStringSlice(associatedDomains) + federatedSettingsIdentityProviderUpdate.AssociatedDomains = cast.ToStringSlice(associatedDomains) } if d.HasChange("name") { identityName := d.Get("name").(string) - federatedSettingsConnectedOrganizationUpdate.DisplayName = identityName + federatedSettingsIdentityProviderUpdate.DisplayName = identityName } if d.HasChange("status") { status := d.Get("status").(string) - federatedSettingsConnectedOrganizationUpdate.Status = status + federatedSettingsIdentityProviderUpdate.Status = status + } + + if d.HasChange("issuer_uri") { + status := d.Get("issuer_uri").(string) + federatedSettingsIdentityProviderUpdate.IssuerURI = status } - federatedSettingsConnectedOrganizationUpdate.PemFileInfo = nil + if d.HasChange("request_binding") { + status := d.Get("request_binding").(string) + federatedSettingsIdentityProviderUpdate.RequestBinding = status + } + + if d.HasChange("response_signature_algorithm") { + status := d.Get("response_signature_algorithm").(string) + federatedSettingsIdentityProviderUpdate.ResponseSignatureAlgorithm = status + } + + if d.HasChange("sso_url") { + status := d.Get("sso_url").(string) + federatedSettingsIdentityProviderUpdate.SsoURL = status + } - _, _, err = conn.FederatedSettings.UpdateIdentityProvider(ctx, federationSettingsID, oktaIdpID, federatedSettingsConnectedOrganizationUpdate) + federatedSettingsIdentityProviderUpdate.PemFileInfo = nil + + _, _, err = conn.FederatedSettings.UpdateIdentityProvider(ctx, federationSettingsID, oktaIdpID, federatedSettingsIdentityProviderUpdate) if err != nil { return diag.FromErr(fmt.Errorf("error updating federation settings identity provider (%s): %s", federationSettingsID, err)) } @@ -174,6 +226,22 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderImportState(ctx contex return nil, fmt.Errorf("error setting associaed domains list (%s): %s", d.Id(), err) } + if err := d.Set("issuer_uri", federatedSettingsIdentityProvider.IssuerURI); err != nil { + return nil, fmt.Errorf("error setting issuer uri (%s): %s", d.Id(), err) + } + + if err := d.Set("request_binding", federatedSettingsIdentityProvider.RequestBinding); err != nil { + return nil, fmt.Errorf("error setting request binding (%s): %s", d.Id(), err) + } + + if err := d.Set("response_signature_algorithm", federatedSettingsIdentityProvider.ResponseSignatureAlgorithm); err != nil { + return nil, fmt.Errorf("error setting response signature algorithm (%s): %s", d.Id(), err) + } + + if err := d.Set("sso_url", federatedSettingsIdentityProvider.SsoURL); err != nil { + return nil, fmt.Errorf("error setting sso url (%s): %s", d.Id(), err) + } + d.SetId(encodeStateID(map[string]string{ "federation_settings_id": *federationSettingsID, "idp_id": *oktaIdpID, From 9eb2955c2ae46a5c5b6902226cc131bf282a2be7 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Fri, 24 Jun 2022 07:35:28 -0500 Subject: [PATCH 27/35] Update example --- examples/Federated-Settings/main.tf | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/examples/Federated-Settings/main.tf b/examples/Federated-Settings/main.tf index babc021b0d..63a01333bb 100644 --- a/examples/Federated-Settings/main.tf +++ b/examples/Federated-Settings/main.tf @@ -38,9 +38,13 @@ resource "mongodbatlas_cloud_federated_settings_org_config" "org_connections_imp } resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_provider" { - federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id - name = var.name - associated_domains = ["yourdomain.com"] - sso_debug_enabled = true - status = "ACTIVE" + federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id + name = var.name + associated_domains = ["yourdomain.com"] + sso_debug_enabled = true + status = "ACTIVE" + sso_url = "https://mysso.oktapreview.com/app/mysso_terrafssotesdev_1/exk1f7f7f7fk5wp50h8/sso/saml" + issuer_uri = "http://www.okta.com/exk1f716hf7f750h8" + request_binding = "HTTP-POST" + response_signature_algorithm = "SHA-256" } From e905604db577f83b87659b1b3e5c0633ebc2bf23 Mon Sep 17 00:00:00 2001 From: martinstibbe <33664051+martinstibbe@users.noreply.github.com> Date: Sun, 26 Jun 2022 09:14:57 -0500 Subject: [PATCH 28/35] Update mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go Co-authored-by: Andrea Angiolillo --- ...resource_mongodbatlas_federated_settings_identity_provider.go | 1 - 1 file changed, 1 deletion(-) diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go index 326e098d2e..6db48b36ea 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go @@ -9,7 +9,6 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/spf13/cast" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" ) From bde51ed6cf28209d321fb271e7dda796d755e9df Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 27 Jun 2022 07:51:48 -0500 Subject: [PATCH 29/35] go fmt --- ...esource_mongodbatlas_federated_settings_identity_provider.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go index 6db48b36ea..629fc34d5e 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go @@ -8,8 +8,8 @@ import ( "regexp" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" - "github.com/spf13/cast" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/spf13/cast" ) func resourceMongoDBAtlasFederatedSettingsIdentityProvider() *schema.Resource { From 929c5e27214c57f70efd41d151e2e326c3302e3c Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Mon, 27 Jun 2022 23:09:14 -0500 Subject: [PATCH 30/35] Add support for import tests --- ...ed_settings_connected_organization_test.go | 123 +++++++++++++++++ ...as_federated_settings_identity_provider.go | 2 +- ...derated_settings_identity_provider_test.go | 129 ++++++++++++++++++ ...settings_organization_role_mapping_test.go | 6 +- 4 files changed, 256 insertions(+), 4 deletions(-) create mode 100644 mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go create mode 100644 mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go new file mode 100644 index 0000000000..dc1fe3f5d5 --- /dev/null +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go @@ -0,0 +1,123 @@ +package mongodbatlas + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationConfig_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + federatedSettingsIdentityProvider matlas.FederatedSettingsConnectedOrganization + resourceName = "mongodbatlas_cloud_federated_settings_org_config.test" + federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") + idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") + ) + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasFederatedSettingsOrganizationConfig(federationSettingsID, orgID, idpID), + ResourceName: resourceName, + ImportStateIdFunc: testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigImportStateIDFunc(resourceName, federationSettingsID, orgID), + ImportState: true, + ImportStateVerify: false, + }, + { + Config: testAccMongoDBAtlasFederatedSettingsOrganizationConfig(federationSettingsID, orgID, idpID), + ResourceName: resourceName, + ImportStateIdFunc: testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigImportStateIDFunc(resourceName, federationSettingsID, orgID), + + ImportState: true, + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigRExists(resourceName, &federatedSettingsIdentityProvider), + resource.TestCheckResourceAttr(resourceName, "federation_settings_id", federationSettingsID), + resource.TestCheckResourceAttr(resourceName, "name", "mongodb_federation_test"), + ), + }, + }, + }) +} + +func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationConfig_importBasic(t *testing.T) { + SkipTestExtCred(t) + var ( + resourceName = "mongodbatlas_cloud_federated_settings_org_config.test" + federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") + idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") + ) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderDestroy, + Steps: []resource.TestStep{ + + { + Config: testAccMongoDBAtlasFederatedSettingsOrganizationConfig(federationSettingsID, orgID, idpID), + ResourceName: resourceName, + ImportStateIdFunc: testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigImportStateIDFunc(resourceName, federationSettingsID, orgID), + ImportState: true, + ImportStateVerify: false, + }, + }, + }) +} + +func testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigRExists(resourceName string, + federatedSettingsIdentityProvider *matlas.FederatedSettingsConnectedOrganization) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("not found: %s", resourceName) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no ID is set") + } + + response, _, err := conn.FederatedSettings.GetConnectedOrg(context.Background(), + rs.Primary.Attributes["federation_settings_id"], + rs.Primary.Attributes["org_id"]) + if err == nil { + *federatedSettingsIdentityProvider = *response + return nil + } + + return fmt.Errorf("connected org (%s) does not exist", rs.Primary.Attributes["org_id"]) + } +} + +func testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigImportStateIDFunc(resourceName, federationSettingsID, orgID string) resource.ImportStateIdFunc { + return func(s *terraform.State) (string, error) { + ID := encodeStateID(map[string]string{ + "federation_settings_id": federationSettingsID, + "org_id": orgID, + }) + + ids := decodeStateID(ID) + return fmt.Sprintf("%s-%s", ids["federation_settings_id"], ids["org_id"]), nil + } +} + +func testAccMongoDBAtlasFederatedSettingsOrganizationConfig(federationSettingsID, orgID, identityProviderID string) string { + return fmt.Sprintf(` + resource "mongodbatlas_cloud_federated_settings_org_config" "test" { + federation_settings_id = "%[1]s" + org_id = "%[2]s" + domain_restriction_enabled = false + domain_allow_list = ["reorganizeyourworld.com"] + identity_provider_id = "%[3]s" + }`, federationSettingsID, orgID, identityProviderID) +} diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go index 629fc34d5e..e8bab653e8 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go @@ -254,7 +254,7 @@ func splitFederatedSettingsIdentityProviderImportID(id string) (federationSettin parts := re.FindStringSubmatch(id) if len(parts) != 3 { - err = errors.New("import format error: to import a Federated SettingsIdentity Provider, use the format {federation_settings_id}-{org_id}-{okta_idp_id}") + err = errors.New("import format error: to import a Federated SettingsIdentity Provider, use the format {federation_settings_id}-{okta_idp_id}") return } diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go new file mode 100644 index 0000000000..aa6843eae4 --- /dev/null +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go @@ -0,0 +1,129 @@ +package mongodbatlas + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + matlas "go.mongodb.org/atlas/mongodbatlas" +) + +func TestAccResourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *testing.T) { + SkipTestExtCred(t) + var ( + federatedSettingsIdentityProvider matlas.FederatedSettingsIdentityProvider + resourceName = "mongodbatlas_cloud_federated_settings_identity_provider.test" + federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") + ssoURL = os.Getenv("MONGODB_ATLAS_FEDERATED_SSO_URL") + issuerURI = os.Getenv("MONGODB_ATLAS_FEDERATED_ISSUER_URI") + ) + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + Steps: []resource.TestStep{ + { + Config: testAccMongoDBAtlasFederatedSettingsIdentityProviderConfig(federationSettingsID, ssoURL, issuerURI), + ResourceName: resourceName, + ImportStateIdFunc: testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderImportStateIDFunc(resourceName, federationSettingsID, idpID), + ImportState: true, + ImportStateVerify: false, + }, + { + Config: testAccMongoDBAtlasFederatedSettingsIdentityProviderConfig(federationSettingsID, ssoURL, issuerURI), + ResourceName: resourceName, + ImportStateIdFunc: testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderImportStateIDFunc(resourceName, federationSettingsID, idpID), + + ImportState: true, + Check: resource.ComposeTestCheckFunc( + testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderExists(resourceName, &federatedSettingsIdentityProvider, idpID), + resource.TestCheckResourceAttr(resourceName, "federation_settings_id", federationSettingsID), + resource.TestCheckResourceAttr(resourceName, "name", "mongodb_federation_test"), + ), + }, + }, + }) +} + +func TestAccResourceMongoDBAtlasFederatedSettingsIdentityProvider_importBasic(t *testing.T) { + SkipTestExtCred(t) + var ( + resourceName = "mongodbatlas_cloud_federated_settings_identity_provider.test" + federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") + idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") + ssoURL = os.Getenv("MONGODB_ATLAS_FEDERATED_SSO_URL") + issuerURI = os.Getenv("MONGODB_ATLAS_FEDERATED_ISSUER_URI") + ) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { checkFederatedSettings(t) }, + ProviderFactories: testAccProviderFactories, + //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderDestroy, + Steps: []resource.TestStep{ + + { + Config: testAccMongoDBAtlasFederatedSettingsIdentityProviderConfig(federationSettingsID, ssoURL, issuerURI), + ResourceName: resourceName, + ImportStateIdFunc: testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderImportStateIDFunc(resourceName, federationSettingsID, idpID), + ImportState: true, + ImportStateVerify: false, + }, + }, + }) +} + +func testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderExists(resourceName string, + federatedSettingsIdentityProvider *matlas.FederatedSettingsIdentityProvider, idpID string) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := testAccProvider.Meta().(*MongoDBClient).Atlas + + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("not found: %s", resourceName) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no ID is set") + } + + response, _, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), + rs.Primary.Attributes["federation_settings_id"], + idpID) + if err == nil { + *federatedSettingsIdentityProvider = *response + return nil + } + + return fmt.Errorf("identity provider (%s) does not exist", idpID) + } +} + +func testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderImportStateIDFunc(resourceName, federationSettingsID, idpID string) resource.ImportStateIdFunc { + return func(s *terraform.State) (string, error) { + ID := encodeStateID(map[string]string{ + "federation_settings_id": federationSettingsID, + "idp_id": idpID, + }) + + ids := decodeStateID(ID) + return fmt.Sprintf("%s-%s", ids["federation_settings_id"], ids["idp_id"]), nil + } +} + +func testAccMongoDBAtlasFederatedSettingsIdentityProviderConfig(federationSettingsID, ssoURL, issuerURI string) string { + return fmt.Sprintf(` + resource "mongodbatlas_cloud_federated_settings_identity_provider" "test" { + federation_settings_id = "%[1]s" + name = "mongodb_federation_test" + associated_domains = ["reorganizeyourworld.com"] + sso_debug_enabled = true + status = "ACTIVE" + sso_url = "%[2]s" + issuer_uri = "%[3]s" + request_binding = "HTTP-POST" + response_signature_algorithm = "SHA-256" + }`, federationSettingsID, ssoURL, issuerURI) +} diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go index a916f8fa75..43c9e7361a 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go @@ -102,9 +102,9 @@ func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingDestroy(sta ids := decodeStateID(rs.Primary.ID) - snapshotExportBucket, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), ids["federation_settings_id"], ids["org_id"], ids["role_mapping_id"]) - if err == nil && snapshotExportBucket != nil { - return fmt.Errorf("identity provider (%s) still exists", ids["idp_id"]) + roleMapping, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), ids["federation_settings_id"], ids["org_id"], ids["role_mapping_id"]) + if err == nil && roleMapping != nil { + return fmt.Errorf("role mapping (%s) still exists", ids["idp_id"]) } } From 6a0e04798182435960657f302ca952ebc9c60083 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 28 Jun 2022 08:16:48 -0500 Subject: [PATCH 31/35] Add federated settings env variables to README remove upgrade guide --- README.md | 13 +++++++++ .../guides/1.4.0-upgrade-guide.html.markdown | 29 ------------------- 2 files changed, 13 insertions(+), 29 deletions(-) delete mode 100644 website/docs/guides/1.4.0-upgrade-guide.html.markdown diff --git a/README.md b/README.md index 168fc04712..82632a4698 100644 --- a/README.md +++ b/README.md @@ -141,6 +141,19 @@ $ export MONGODB_ATLAS_API_KEYS_IDS= export SKIP_TEST_EXTERNAL_CREDENTIALS=TRUE ``` +- For `Federated Settings` resource configuration: +```sh +$ export MONGODB_ATLAS_FEDERATION_SETTINGS_ID= +$ export ONGODB_ATLAS_FEDERATED_ORG_ID= +$ export MONGODB_ATLAS_FEDERATED_PROJECT_ID= +$ export MONGODB_ATLAS_FEDERATED_GROUP_ID= +$ export MONGODB_ATLAS_FEDERATED_ROLE_MAPPING_ID= +$ export MONGODB_ATLAS_FEDERATED_IDP_ID= +$ export MONGODB_ATLAS_FEDERATED_SSO_URL= +$ export MONGODB_ATLAS_FEDERATED_ISSUER_URI= +``` +~> **Notice:** For more information about the Federation configuration resource, see: https://www.mongodb.com/docs/atlas/reference/api/federation-configuration/ + ##### AWS env variables - For `Network Peering` resource configuration: diff --git a/website/docs/guides/1.4.0-upgrade-guide.html.markdown b/website/docs/guides/1.4.0-upgrade-guide.html.markdown deleted file mode 100644 index d70234bff6..0000000000 --- a/website/docs/guides/1.4.0-upgrade-guide.html.markdown +++ /dev/null @@ -1,29 +0,0 @@ ---- -layout: "mongodbatlas" -page_title: "MongoDB Atlas Provider 1.4.0: Upgrade and Information Guide" -sidebar_current: "docs-mongodbatlas-guides-140-upgrade-guide" -description: |- -MongoDB Atlas Provider 1.4.0: Upgrade and Information Guide ---- - -# MongoDB Atlas Provider 1.4.0: Upgrade and Information Guide - -The Terraform MongoDB Atlas Provider version 1.4.0 has a number of new and exciting features and changes. - -New Features: - -* Now supports Federated Settings, for [`mongodbatlas_cloud_federated_settings_identity_provider`](https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/mongodbatlas_cloud_federated_settings_identity_provider) [`mongodbatlas_cloud_federated_settings_org_role_mapping`](https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/mongodbatlas_cloud_federated_settings_org_role_mapping) and [`mongodbatlas_cloud_federated_settings_org_config`](https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/mmongodbatlas_cloud_federated_settings_org_config) - - -Changes: - -1.4.0 also includes general improvements and bug fixes. See the [CHANGELOG](https://github.com/mongodb/terraform-provider-mongodbatlas/blob/master/CHANGELOG.md) for more specific information. - -### Helpful Links - -* [Report bugs](https://github.com/mongodb/terraform-provider-mongodbatlas/issues) - -* [Request Features](https://feedback.mongodb.com/forums/924145-atlas?category_id=370723) - -* [Contact Support](https://docs.atlas.mongodb.com/support/) covered by MongoDB Atlas support plans, Developer and above. - \ No newline at end of file From 39101440b0575bcdbd2911974a26dded7ebd93bd Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 28 Jun 2022 12:14:31 -0500 Subject: [PATCH 32/35] Remove cloud prefix from federated examples and resources idp_id to okta_idp_id --- README.md | 2 +- examples/Federated-Settings/main.tf | 26 +-- examples/Federated-Settings/output.tf | 8 +- ...ed_settings_connected_organization_test.go | 4 +- ...d_settings_connected_organizations_test.go | 4 +- ...as_federated_settings_identity_provider.go | 4 +- ...derated_settings_identity_provider_test.go | 4 +- ...erated_settings_identity_providers_test.go | 4 +- ...settings_organization_role_mapping_test.go | 4 +- ...ettings_organization_role_mappings_test.go | 4 +- ...ce_mongodbatlas_federated_settings_test.go | 4 +- mongodbatlas/provider.go | 216 +++++++++--------- ...ed_settings_connected_organization_test.go | 8 +- ...as_federated_settings_identity_provider.go | 12 +- ...derated_settings_identity_provider_test.go | 14 +- ...ated_settings_organization_role_mapping.go | 6 +- ...settings_organization_role_mapping_test.go | 14 +- 17 files changed, 169 insertions(+), 169 deletions(-) diff --git a/README.md b/README.md index 82632a4698..b4406f78c6 100644 --- a/README.md +++ b/README.md @@ -148,7 +148,7 @@ $ export ONGODB_ATLAS_FEDERATED_ORG_ID= $ export MONGODB_ATLAS_FEDERATED_PROJECT_ID= $ export MONGODB_ATLAS_FEDERATED_GROUP_ID= $ export MONGODB_ATLAS_FEDERATED_ROLE_MAPPING_ID= -$ export MONGODB_ATLAS_FEDERATED_IDP_ID= +$ export MONGODB_ATLAS_FEDERATED_OKTA_IDP_ID= $ export MONGODB_ATLAS_FEDERATED_SSO_URL= $ export MONGODB_ATLAS_FEDERATED_ISSUER_URI= ``` diff --git a/examples/Federated-Settings/main.tf b/examples/Federated-Settings/main.tf index 63a01333bb..c35ec1488f 100644 --- a/examples/Federated-Settings/main.tf +++ b/examples/Federated-Settings/main.tf @@ -1,20 +1,20 @@ -data "mongodbatlas_cloud_federated_settings" "federated_settings" { +data "mongodbatlas_federated_settings" "federated_settings" { org_id = var.org_id } -data "mongodbatlas_cloud_federated_settings_identity_providers" "identity_provider" { - federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id +data "mongodbatlas_federated_settings_identity_providers" "identity_provider" { + federation_settings_id = data.mongodbatlas_federated_settings.federated_settings.id } -data "mongodbatlas_cloud_federated_settings_org_configs" "org_configs_ds" { - federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id +data "mongodbatlas_federated_settings_org_configs" "org_configs_ds" { + federation_settings_id = data.mongodbatlas_federated_settings.federated_settings.id } -data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_role_mapping" { - federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id +data "mongodbatlas_federated_settings_org_role_mappings" "org_role_mapping" { + federation_settings_id = data.mongodbatlas_federated_settings.federated_settings.id org_id = var.org_id } -resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_role_mapping" { - federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id +resource "mongodbatlas_federated_settings_org_role_mapping" "org_role_mapping" { + federation_settings_id = data.mongodbatlas_federated_settings.federated_settings.id org_id = var.org_id external_group_name = "newgroup" @@ -29,16 +29,16 @@ resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_role_mapp } } -resource "mongodbatlas_cloud_federated_settings_org_config" "org_connections_import" { - federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id +resource "mongodbatlas_federated_settings_org_config" "org_connections_import" { + federation_settings_id = data.mongodbatlas_federated_settings.federated_settings.id org_id = var.org_id identity_provider_id = var.identity_provider_id domain_restriction_enabled = false domain_allow_list = ["yourdomain.com"] } -resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_provider" { - federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id +resource "mongodbatlas_federated_settings_identity_provider" "identity_provider" { + federation_settings_id = data.mongodbatlas_federated_settings.federated_settings.id name = var.name associated_domains = ["yourdomain.com"] sso_debug_enabled = true diff --git a/examples/Federated-Settings/output.tf b/examples/Federated-Settings/output.tf index c0396569c1..57fdd7f211 100644 --- a/examples/Federated-Settings/output.tf +++ b/examples/Federated-Settings/output.tf @@ -1,15 +1,15 @@ output "federated_settings_ds" { - value = data.mongodbatlas_cloud_federated_settings.federated_settings.id + value = data.mongodbatlas_federated_settings.federated_settings.id } output "identity_provider" { - value = data.mongodbatlas_cloud_federated_settings_identity_providers.identity_provider.id + value = data.mongodbatlas_federated_settings_identity_providers.identity_provider.id } output "org_configs_ds" { - value = data.mongodbatlas_cloud_federated_settings_org_configs.org_configs_ds.id + value = data.mongodbatlas_federated_settings_org_configs.org_configs_ds.id } output "org_role_mapping" { - value = data.mongodbatlas_cloud_federated_settings_org_role_mappings.org_role_mapping.id + value = data.mongodbatlas_federated_settings_org_role_mappings.org_role_mapping.id } diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go index 70c8cfb0c3..2863030e10 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go @@ -14,7 +14,7 @@ import ( func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationConfig_basic(t *testing.T) { SkipTestExtCred(t) var ( - resourceName = "data.mongodbatlas_cloud_federated_settings_org_config.test" + resourceName = "data.mongodbatlas_federated_settings_org_config.test" federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") ) @@ -40,7 +40,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationConfig_basic(t *t func testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationConfigConfig(federatedSettingsID, orgID string) string { return fmt.Sprintf(` - data "mongodbatlas_cloud_federated_settings_org_config" "test" { + data "mongodbatlas_federated_settings_org_config" "test" { federation_settings_id = "%[1]s" org_id = "%[2]s" diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go index 9cc3fea5ce..5511fe14c6 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go @@ -14,7 +14,7 @@ import ( func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs_basic(t *testing.T) { SkipTestExtCred(t) var ( - resourceName = "data.mongodbatlas_cloud_federated_settings_org_configs.test" + resourceName = "data.mongodbatlas_federated_settings_org_configs.test" federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") ) @@ -40,7 +40,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs_basic(t * func testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationConfigsConfig(federatedSettingsID string) string { return fmt.Sprintf(` - data "mongodbatlas_cloud_federated_settings_org_configs" "test" { + data "mongodbatlas_federated_settings_org_configs" "test" { federation_settings_id = "%[1]s" page_num = 1 items_per_page = 100 diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider.go index 141a77822f..9a1954b00f 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider.go @@ -143,7 +143,7 @@ func dataSourceMongoDBAtlasFederatedSettingsIdentityProvider() *schema.Resource Type: schema.TypeString, Computed: true, }, - "idp_id": { + "okta_idp_id": { Type: schema.TypeString, Computed: true, }, @@ -239,7 +239,7 @@ func dataSourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Con return diag.FromErr(fmt.Errorf("error setting `issuer_uri` for federatedSettings IdentityProviders: %s", err)) } - if err := d.Set("idp_id", federatedSettingsIdentityProvider.OktaIdpID); err != nil { + if err := d.Set("okta_idp_id", federatedSettingsIdentityProvider.OktaIdpID); err != nil { return diag.FromErr(fmt.Errorf("error setting `idp_id` for federatedSettings IdentityProviders: %s", err)) } diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider_test.go index 757913f823..ffd3fe27c7 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_provider_test.go @@ -11,7 +11,7 @@ import ( func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *testing.T) { SkipTestExtCred(t) var ( - resourceName = "data.mongodbatlas_cloud_federated_settings_identity_provider.test" + resourceName = "data.mongodbatlas_federated_settings_identity_provider.test" federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") ) @@ -37,7 +37,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *tes func testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProviderConfig(federatedSettingsID, idpID string) string { return fmt.Sprintf(` - data "mongodbatlas_cloud_federated_settings_identity_provider" "test" { + data "mongodbatlas_federated_settings_identity_provider" "test" { federation_settings_id = "%[1]s" identity_provider_id = "%[2]s" } diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go index c8c93687a7..502f153807 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go @@ -14,7 +14,7 @@ import ( func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProviders_basic(t *testing.T) { SkipTestExtCred(t) var ( - resourceName = "data.mongodbatlas_cloud_federated_settings_identity_providers.test" + resourceName = "data.mongodbatlas_federated_settings_identity_providers.test" federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") ) @@ -40,7 +40,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProviders_basic(t *te func testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProvidersConfig(federatedSettingsID string) string { return fmt.Sprintf(` - data "mongodbatlas_cloud_federated_settings_identity_providers" "test" { + data "mongodbatlas_federated_settings_identity_providers" "test" { federation_settings_id = "%[1]s" page_num = 1 items_per_page = 100 diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping_test.go index 5e56b11926..c10322c5e3 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mapping_test.go @@ -13,7 +13,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_basic SkipTestExtCred(t) var ( federatedSettingsOrganizationRoleMapping matlas.FederatedSettingsOrganizationRoleMapping - resourceName = "data.mongodbatlas_cloud_federated_settings_org_role_mapping.test" + resourceName = "data.mongodbatlas_federated_settings_org_role_mapping.test" federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") roleMappingID = os.Getenv("MONGODB_ATLAS_FEDERATED_ROLE_MAPPING_ID") @@ -40,7 +40,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_basic func testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationRoleMappingConfig(federatedSettingsID, orgID, roleMappingID string) string { return fmt.Sprintf(` - data "mongodbatlas_cloud_federated_settings_org_role_mapping" "test" { + data "mongodbatlas_federated_settings_org_role_mapping" "test" { federation_settings_id = "%[1]s" org_id = "%[2]s" role_mapping_id = "%[3]s" diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go index 9aa428a545..3fac089460 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go @@ -14,7 +14,7 @@ import ( func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings_basic(t *testing.T) { SkipTestExtCred(t) var ( - resourceName = "data.mongodbatlas_cloud_federated_settings_org_role_mappings.test" + resourceName = "data.mongodbatlas_federated_settings_org_role_mappings.test" federatedSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") ) @@ -40,7 +40,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings_basi func testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationRoleMappingsConfig(federatedSettingsID, orgID string) string { return fmt.Sprintf(` - data "mongodbatlas_cloud_federated_settings_org_role_mappings" "test" { + data "mongodbatlas_federated_settings_org_role_mappings" "test" { federation_settings_id = "%[1]s" org_id = "%[2]s" page_num = 1 diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go index 479aee5fda..869279ad9b 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go @@ -16,7 +16,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettings_basic(t *testing.T) { SkipTestExtCred(t) var ( federatedSettings matlas.FederatedSettings - resourceName = "data.mongodbatlas_cloud_federated_settings.test" + resourceName = "data.mongodbatlas_federated_settings.test" orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") ) @@ -42,7 +42,7 @@ func TestAccDataSourceMongoDBAtlasFederatedSettings_basic(t *testing.T) { func testAccMongoDBAtlasDataSourceFederatedSettingsConfig(orgID string) string { return fmt.Sprintf(` - data "mongodbatlas_cloud_federated_settings" "test" { + data "mongodbatlas_federated_settings" "test" { org_id = "%[1]s" } `, orgID) diff --git a/mongodbatlas/provider.go b/mongodbatlas/provider.go index 8edcc878ca..732deaa870 100644 --- a/mongodbatlas/provider.go +++ b/mongodbatlas/provider.go @@ -71,120 +71,120 @@ func Provider() *schema.Provider { func getDataSourcesMap() map[string]*schema.Resource { dataSourcesMap := map[string]*schema.Resource{ - "mongodbatlas_advanced_cluster": dataSourceMongoDBAtlasAdvancedCluster(), - "mongodbatlas_advanced_clusters": dataSourceMongoDBAtlasAdvancedClusters(), - "mongodbatlas_custom_db_role": dataSourceMongoDBAtlasCustomDBRole(), - "mongodbatlas_custom_db_roles": dataSourceMongoDBAtlasCustomDBRoles(), - "mongodbatlas_database_user": dataSourceMongoDBAtlasDatabaseUser(), - "mongodbatlas_database_users": dataSourceMongoDBAtlasDatabaseUsers(), - "mongodbatlas_project": dataSourceMongoDBAtlasProject(), - "mongodbatlas_projects": dataSourceMongoDBAtlasProjects(), - "mongodbatlas_cluster": dataSourceMongoDBAtlasCluster(), - "mongodbatlas_clusters": dataSourceMongoDBAtlasClusters(), - "mongodbatlas_cloud_provider_snapshot": dataSourceMongoDBAtlasCloudProviderSnapshot(), - "mongodbatlas_cloud_provider_snapshots": dataSourceMongoDBAtlasCloudProviderSnapshots(), - "mongodbatlas_network_container": dataSourceMongoDBAtlasNetworkContainer(), - "mongodbatlas_network_containers": dataSourceMongoDBAtlasNetworkContainers(), - "mongodbatlas_network_peering": dataSourceMongoDBAtlasNetworkPeering(), - "mongodbatlas_network_peerings": dataSourceMongoDBAtlasNetworkPeerings(), - "mongodbatlas_cloud_provider_snapshot_restore_job": dataSourceMongoDBAtlasCloudProviderSnapshotRestoreJob(), - "mongodbatlas_cloud_provider_snapshot_restore_jobs": dataSourceMongoDBAtlasCloudProviderSnapshotRestoreJobs(), - "mongodbatlas_maintenance_window": dataSourceMongoDBAtlasMaintenanceWindow(), - "mongodbatlas_auditing": dataSourceMongoDBAtlasAuditing(), - "mongodbatlas_team": dataSourceMongoDBAtlasTeam(), - "mongodbatlas_teams": dataSourceMongoDBAtlasTeam(), - "mongodbatlas_global_cluster_config": dataSourceMongoDBAtlasGlobalCluster(), - "mongodbatlas_alert_configuration": dataSourceMongoDBAtlasAlertConfiguration(), - "mongodbatlas_x509_authentication_database_user": dataSourceMongoDBAtlasX509AuthDBUser(), - "mongodbatlas_privatelink_endpoint": dataSourceMongoDBAtlasPrivateLinkEndpoint(), - "mongodbatlas_privatelink_endpoint_service": dataSourceMongoDBAtlasPrivateEndpointServiceLink(), - "mongodbatlas_privatelink_endpoint_service_adl": dataSourceMongoDBAtlasPrivateLinkEndpointServiceADL(), - "mongodbatlas_privatelink_endpoints_service_adl": dataSourceMongoDBAtlasPrivateLinkEndpointsServiceADL(), - "mongodbatlas_cloud_provider_snapshot_backup_policy": dataSourceMongoDBAtlasCloudProviderSnapshotBackupPolicy(), - "mongodbatlas_cloud_backup_schedule": dataSourceMongoDBAtlasCloudBackupSchedule(), - "mongodbatlas_third_party_integrations": dataSourceMongoDBAtlasThirdPartyIntegrations(), - "mongodbatlas_third_party_integration": dataSourceMongoDBAtlasThirdPartyIntegration(), - "mongodbatlas_project_ip_access_list": dataSourceMongoDBAtlasProjectIPAccessList(), - "mongodbatlas_cloud_provider_access": dataSourceMongoDBAtlasCloudProviderAccessList(), - "mongodbatlas_cloud_provider_access_setup": dataSourceMongoDBAtlasCloudProviderAccessSetup(), - "mongodbatlas_custom_dns_configuration_cluster_aws": dataSourceMongoDBAtlasCustomDNSConfigurationAWS(), - "mongodbatlas_online_archive": dataSourceMongoDBAtlasOnlineArchive(), - "mongodbatlas_online_archives": dataSourceMongoDBAtlasOnlineArchives(), - "mongodbatlas_ldap_configuration": dataSourceMongoDBAtlasLDAPConfiguration(), - "mongodbatlas_ldap_verify": dataSourceMongoDBAtlasLDAPVerify(), - "mongodbatlas_search_index": dataSourceMongoDBAtlasSearchIndex(), - "mongodbatlas_search_indexes": dataSourceMongoDBAtlasSearchIndexes(), - "mongodbatlas_data_lake": dataSourceMongoDBAtlasDataLake(), - "mongodbatlas_data_lakes": dataSourceMongoDBAtlasDataLakes(), - "mongodbatlas_event_trigger": dataSourceMongoDBAtlasEventTrigger(), - "mongodbatlas_event_triggers": dataSourceMongoDBAtlasEventTriggers(), - "mongodbatlas_project_invitation": dataSourceMongoDBAtlasProjectInvitation(), - "mongodbatlas_org_invitation": dataSourceMongoDBAtlasOrgInvitation(), - "mongodbatlas_cloud_backup_snapshot": dataSourceMongoDBAtlasCloudBackupSnapshot(), - "mongodbatlas_cloud_backup_snapshots": dataSourceMongoDBAtlasCloudBackupSnapshots(), - "mongodbatlas_cloud_backup_snapshot_restore_job": dataSourceMongoDBAtlasCloudBackupSnapshotRestoreJob(), - "mongodbatlas_cloud_backup_snapshot_restore_jobs": dataSourceMongoDBAtlasCloudBackupSnapshotRestoreJobs(), - "mongodbatlas_cloud_backup_snapshot_export_bucket": datasourceMongoDBAtlasCloudBackupSnapshotExportBucket(), - "mongodbatlas_cloud_backup_snapshot_export_buckets": datasourceMongoDBAtlasCloudBackupSnapshotExportBuckets(), - "mongodbatlas_cloud_backup_snapshot_export_job": datasourceMongoDBAtlasCloudBackupSnapshotExportJob(), - "mongodbatlas_cloud_backup_snapshot_export_jobs": datasourceMongoDBAtlasCloudBackupSnapshotExportJobs(), - "mongodbatlas_cloud_federated_settings": dataSourceMongoDBAtlasFederatedSettings(), - "mongodbatlas_cloud_federated_settings_identity_provider": dataSourceMongoDBAtlasFederatedSettingsIdentityProvider(), - "mongodbatlas_cloud_federated_settings_identity_providers": dataSourceMongoDBAtlasFederatedSettingsIdentityProviders(), - "mongodbatlas_cloud_federated_settings_org_config": dataSourceMongoDBAtlasFederatedSettingsOrganizationConfig(), - "mongodbatlas_cloud_federated_settings_org_configs": dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs(), - "mongodbatlas_cloud_federated_settings_org_role_mapping": dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping(), - "mongodbatlas_cloud_federated_settings_org_role_mappings": dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings(), + "mongodbatlas_advanced_cluster": dataSourceMongoDBAtlasAdvancedCluster(), + "mongodbatlas_advanced_clusters": dataSourceMongoDBAtlasAdvancedClusters(), + "mongodbatlas_custom_db_role": dataSourceMongoDBAtlasCustomDBRole(), + "mongodbatlas_custom_db_roles": dataSourceMongoDBAtlasCustomDBRoles(), + "mongodbatlas_database_user": dataSourceMongoDBAtlasDatabaseUser(), + "mongodbatlas_database_users": dataSourceMongoDBAtlasDatabaseUsers(), + "mongodbatlas_project": dataSourceMongoDBAtlasProject(), + "mongodbatlas_projects": dataSourceMongoDBAtlasProjects(), + "mongodbatlas_cluster": dataSourceMongoDBAtlasCluster(), + "mongodbatlas_clusters": dataSourceMongoDBAtlasClusters(), + "mongodbatlas_cloud_provider_snapshot": dataSourceMongoDBAtlasCloudProviderSnapshot(), + "mongodbatlas_cloud_provider_snapshots": dataSourceMongoDBAtlasCloudProviderSnapshots(), + "mongodbatlas_network_container": dataSourceMongoDBAtlasNetworkContainer(), + "mongodbatlas_network_containers": dataSourceMongoDBAtlasNetworkContainers(), + "mongodbatlas_network_peering": dataSourceMongoDBAtlasNetworkPeering(), + "mongodbatlas_network_peerings": dataSourceMongoDBAtlasNetworkPeerings(), + "mongodbatlas_cloud_provider_snapshot_restore_job": dataSourceMongoDBAtlasCloudProviderSnapshotRestoreJob(), + "mongodbatlas_cloud_provider_snapshot_restore_jobs": dataSourceMongoDBAtlasCloudProviderSnapshotRestoreJobs(), + "mongodbatlas_maintenance_window": dataSourceMongoDBAtlasMaintenanceWindow(), + "mongodbatlas_auditing": dataSourceMongoDBAtlasAuditing(), + "mongodbatlas_team": dataSourceMongoDBAtlasTeam(), + "mongodbatlas_teams": dataSourceMongoDBAtlasTeam(), + "mongodbatlas_global_cluster_config": dataSourceMongoDBAtlasGlobalCluster(), + "mongodbatlas_alert_configuration": dataSourceMongoDBAtlasAlertConfiguration(), + "mongodbatlas_x509_authentication_database_user": dataSourceMongoDBAtlasX509AuthDBUser(), + "mongodbatlas_privatelink_endpoint": dataSourceMongoDBAtlasPrivateLinkEndpoint(), + "mongodbatlas_privatelink_endpoint_service": dataSourceMongoDBAtlasPrivateEndpointServiceLink(), + "mongodbatlas_privatelink_endpoint_service_adl": dataSourceMongoDBAtlasPrivateLinkEndpointServiceADL(), + "mongodbatlas_privatelink_endpoints_service_adl": dataSourceMongoDBAtlasPrivateLinkEndpointsServiceADL(), + "mongodbatlas_cloud_provider_snapshot_backup_policy": dataSourceMongoDBAtlasCloudProviderSnapshotBackupPolicy(), + "mongodbatlas_cloud_backup_schedule": dataSourceMongoDBAtlasCloudBackupSchedule(), + "mongodbatlas_third_party_integrations": dataSourceMongoDBAtlasThirdPartyIntegrations(), + "mongodbatlas_third_party_integration": dataSourceMongoDBAtlasThirdPartyIntegration(), + "mongodbatlas_project_ip_access_list": dataSourceMongoDBAtlasProjectIPAccessList(), + "mongodbatlas_cloud_provider_access": dataSourceMongoDBAtlasCloudProviderAccessList(), + "mongodbatlas_cloud_provider_access_setup": dataSourceMongoDBAtlasCloudProviderAccessSetup(), + "mongodbatlas_custom_dns_configuration_cluster_aws": dataSourceMongoDBAtlasCustomDNSConfigurationAWS(), + "mongodbatlas_online_archive": dataSourceMongoDBAtlasOnlineArchive(), + "mongodbatlas_online_archives": dataSourceMongoDBAtlasOnlineArchives(), + "mongodbatlas_ldap_configuration": dataSourceMongoDBAtlasLDAPConfiguration(), + "mongodbatlas_ldap_verify": dataSourceMongoDBAtlasLDAPVerify(), + "mongodbatlas_search_index": dataSourceMongoDBAtlasSearchIndex(), + "mongodbatlas_search_indexes": dataSourceMongoDBAtlasSearchIndexes(), + "mongodbatlas_data_lake": dataSourceMongoDBAtlasDataLake(), + "mongodbatlas_data_lakes": dataSourceMongoDBAtlasDataLakes(), + "mongodbatlas_event_trigger": dataSourceMongoDBAtlasEventTrigger(), + "mongodbatlas_event_triggers": dataSourceMongoDBAtlasEventTriggers(), + "mongodbatlas_project_invitation": dataSourceMongoDBAtlasProjectInvitation(), + "mongodbatlas_org_invitation": dataSourceMongoDBAtlasOrgInvitation(), + "mongodbatlas_cloud_backup_snapshot": dataSourceMongoDBAtlasCloudBackupSnapshot(), + "mongodbatlas_cloud_backup_snapshots": dataSourceMongoDBAtlasCloudBackupSnapshots(), + "mongodbatlas_cloud_backup_snapshot_restore_job": dataSourceMongoDBAtlasCloudBackupSnapshotRestoreJob(), + "mongodbatlas_cloud_backup_snapshot_restore_jobs": dataSourceMongoDBAtlasCloudBackupSnapshotRestoreJobs(), + "mongodbatlas_cloud_backup_snapshot_export_bucket": datasourceMongoDBAtlasCloudBackupSnapshotExportBucket(), + "mongodbatlas_cloud_backup_snapshot_export_buckets": datasourceMongoDBAtlasCloudBackupSnapshotExportBuckets(), + "mongodbatlas_cloud_backup_snapshot_export_job": datasourceMongoDBAtlasCloudBackupSnapshotExportJob(), + "mongodbatlas_cloud_backup_snapshot_export_jobs": datasourceMongoDBAtlasCloudBackupSnapshotExportJobs(), + "mongodbatlas_federated_settings": dataSourceMongoDBAtlasFederatedSettings(), + "mongodbatlas_federated_settings_identity_provider": dataSourceMongoDBAtlasFederatedSettingsIdentityProvider(), + "mongodbatlas_federated_settings_identity_providers": dataSourceMongoDBAtlasFederatedSettingsIdentityProviders(), + "mongodbatlas_federated_settings_org_config": dataSourceMongoDBAtlasFederatedSettingsOrganizationConfig(), + "mongodbatlas_federated_settings_org_configs": dataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs(), + "mongodbatlas_federated_settings_org_role_mapping": dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping(), + "mongodbatlas_federated_settings_org_role_mappings": dataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings(), } return dataSourcesMap } func getResourcesMap() map[string]*schema.Resource { resourcesMap := map[string]*schema.Resource{ - "mongodbatlas_advanced_cluster": resourceMongoDBAtlasAdvancedCluster(), - "mongodbatlas_custom_db_role": resourceMongoDBAtlasCustomDBRole(), - "mongodbatlas_database_user": resourceMongoDBAtlasDatabaseUser(), - "mongodbatlas_project": resourceMongoDBAtlasProject(), - "mongodbatlas_cluster": resourceMongoDBAtlasCluster(), - "mongodbatlas_cloud_provider_snapshot": resourceMongoDBAtlasCloudProviderSnapshot(), - "mongodbatlas_network_container": resourceMongoDBAtlasNetworkContainer(), - "mongodbatlas_cloud_provider_snapshot_restore_job": resourceMongoDBAtlasCloudProviderSnapshotRestoreJob(), - "mongodbatlas_network_peering": resourceMongoDBAtlasNetworkPeering(), - "mongodbatlas_encryption_at_rest": resourceMongoDBAtlasEncryptionAtRest(), - "mongodbatlas_private_ip_mode": resourceMongoDBAtlasPrivateIPMode(), - "mongodbatlas_maintenance_window": resourceMongoDBAtlasMaintenanceWindow(), - "mongodbatlas_auditing": resourceMongoDBAtlasAuditing(), - "mongodbatlas_team": resourceMongoDBAtlasTeam(), - "mongodbatlas_teams": resourceMongoDBAtlasTeam(), - "mongodbatlas_global_cluster_config": resourceMongoDBAtlasGlobalCluster(), - "mongodbatlas_alert_configuration": resourceMongoDBAtlasAlertConfiguration(), - "mongodbatlas_x509_authentication_database_user": resourceMongoDBAtlasX509AuthDBUser(), - "mongodbatlas_privatelink_endpoint": resourceMongoDBAtlasPrivateLinkEndpoint(), - "mongodbatlas_privatelink_endpoint_service": resourceMongoDBAtlasPrivateEndpointServiceLink(), - "mongodbatlas_privatelink_endpoint_service_adl": resourceMongoDBAtlasPrivateLinkEndpointServiceADL(), - "mongodbatlas_cloud_provider_snapshot_backup_policy": resourceMongoDBAtlasCloudProviderSnapshotBackupPolicy(), - "mongodbatlas_third_party_integration": resourceMongoDBAtlasThirdPartyIntegration(), - "mongodbatlas_project_ip_access_list": resourceMongoDBAtlasProjectIPAccessList(), - "mongodbatlas_cloud_provider_access": resourceMongoDBAtlasCloudProviderAccess(), - "mongodbatlas_online_archive": resourceMongoDBAtlasOnlineArchive(), - "mongodbatlas_custom_dns_configuration_cluster_aws": resourceMongoDBAtlasCustomDNSConfiguration(), - "mongodbatlas_ldap_configuration": resourceMongoDBAtlasLDAPConfiguration(), - "mongodbatlas_ldap_verify": resourceMongoDBAtlasLDAPVerify(), - "mongodbatlas_cloud_provider_access_setup": resourceMongoDBAtlasCloudProviderAccessSetup(), - "mongodbatlas_cloud_provider_access_authorization": resourceMongoDBAtlasCloudProviderAccessAuthorization(), - "mongodbatlas_search_index": resourceMongoDBAtlasSearchIndex(), - "mongodbatlas_data_lake": resourceMongoDBAtlasDataLake(), - "mongodbatlas_event_trigger": resourceMongoDBAtlasEventTriggers(), - "mongodbatlas_cloud_backup_schedule": resourceMongoDBAtlasCloudBackupSchedule(), - "mongodbatlas_project_invitation": resourceMongoDBAtlasProjectInvitation(), - "mongodbatlas_org_invitation": resourceMongoDBAtlasOrgInvitation(), - "mongodbatlas_cloud_backup_snapshot": resourceMongoDBAtlasCloudBackupSnapshot(), - "mongodbatlas_cloud_backup_snapshot_restore_job": resourceMongoDBAtlasCloudBackupSnapshotRestoreJob(), - "mongodbatlas_cloud_backup_snapshot_export_bucket": resourceMongoDBAtlasCloudBackupSnapshotExportBucket(), - "mongodbatlas_cloud_backup_snapshot_export_job": resourceMongoDBAtlasCloudBackupSnapshotExportJob(), - "mongodbatlas_cloud_federated_settings_org_config": resourceMongoDBAtlasFederatedSettingsOrganizationConfig(), - "mongodbatlas_cloud_federated_settings_org_role_mapping": resourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping(), - "mongodbatlas_cloud_federated_settings_identity_provider": resourceMongoDBAtlasFederatedSettingsIdentityProvider(), + "mongodbatlas_advanced_cluster": resourceMongoDBAtlasAdvancedCluster(), + "mongodbatlas_custom_db_role": resourceMongoDBAtlasCustomDBRole(), + "mongodbatlas_database_user": resourceMongoDBAtlasDatabaseUser(), + "mongodbatlas_project": resourceMongoDBAtlasProject(), + "mongodbatlas_cluster": resourceMongoDBAtlasCluster(), + "mongodbatlas_cloud_provider_snapshot": resourceMongoDBAtlasCloudProviderSnapshot(), + "mongodbatlas_network_container": resourceMongoDBAtlasNetworkContainer(), + "mongodbatlas_cloud_provider_snapshot_restore_job": resourceMongoDBAtlasCloudProviderSnapshotRestoreJob(), + "mongodbatlas_network_peering": resourceMongoDBAtlasNetworkPeering(), + "mongodbatlas_encryption_at_rest": resourceMongoDBAtlasEncryptionAtRest(), + "mongodbatlas_private_ip_mode": resourceMongoDBAtlasPrivateIPMode(), + "mongodbatlas_maintenance_window": resourceMongoDBAtlasMaintenanceWindow(), + "mongodbatlas_auditing": resourceMongoDBAtlasAuditing(), + "mongodbatlas_team": resourceMongoDBAtlasTeam(), + "mongodbatlas_teams": resourceMongoDBAtlasTeam(), + "mongodbatlas_global_cluster_config": resourceMongoDBAtlasGlobalCluster(), + "mongodbatlas_alert_configuration": resourceMongoDBAtlasAlertConfiguration(), + "mongodbatlas_x509_authentication_database_user": resourceMongoDBAtlasX509AuthDBUser(), + "mongodbatlas_privatelink_endpoint": resourceMongoDBAtlasPrivateLinkEndpoint(), + "mongodbatlas_privatelink_endpoint_service": resourceMongoDBAtlasPrivateEndpointServiceLink(), + "mongodbatlas_privatelink_endpoint_service_adl": resourceMongoDBAtlasPrivateLinkEndpointServiceADL(), + "mongodbatlas_cloud_provider_snapshot_backup_policy": resourceMongoDBAtlasCloudProviderSnapshotBackupPolicy(), + "mongodbatlas_third_party_integration": resourceMongoDBAtlasThirdPartyIntegration(), + "mongodbatlas_project_ip_access_list": resourceMongoDBAtlasProjectIPAccessList(), + "mongodbatlas_cloud_provider_access": resourceMongoDBAtlasCloudProviderAccess(), + "mongodbatlas_online_archive": resourceMongoDBAtlasOnlineArchive(), + "mongodbatlas_custom_dns_configuration_cluster_aws": resourceMongoDBAtlasCustomDNSConfiguration(), + "mongodbatlas_ldap_configuration": resourceMongoDBAtlasLDAPConfiguration(), + "mongodbatlas_ldap_verify": resourceMongoDBAtlasLDAPVerify(), + "mongodbatlas_cloud_provider_access_setup": resourceMongoDBAtlasCloudProviderAccessSetup(), + "mongodbatlas_cloud_provider_access_authorization": resourceMongoDBAtlasCloudProviderAccessAuthorization(), + "mongodbatlas_search_index": resourceMongoDBAtlasSearchIndex(), + "mongodbatlas_data_lake": resourceMongoDBAtlasDataLake(), + "mongodbatlas_event_trigger": resourceMongoDBAtlasEventTriggers(), + "mongodbatlas_cloud_backup_schedule": resourceMongoDBAtlasCloudBackupSchedule(), + "mongodbatlas_project_invitation": resourceMongoDBAtlasProjectInvitation(), + "mongodbatlas_org_invitation": resourceMongoDBAtlasOrgInvitation(), + "mongodbatlas_cloud_backup_snapshot": resourceMongoDBAtlasCloudBackupSnapshot(), + "mongodbatlas_cloud_backup_snapshot_restore_job": resourceMongoDBAtlasCloudBackupSnapshotRestoreJob(), + "mongodbatlas_cloud_backup_snapshot_export_bucket": resourceMongoDBAtlasCloudBackupSnapshotExportBucket(), + "mongodbatlas_cloud_backup_snapshot_export_job": resourceMongoDBAtlasCloudBackupSnapshotExportJob(), + "mongodbatlas_federated_settings_org_config": resourceMongoDBAtlasFederatedSettingsOrganizationConfig(), + "mongodbatlas_federated_settings_org_role_mapping": resourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping(), + "mongodbatlas_federated_settings_identity_provider": resourceMongoDBAtlasFederatedSettingsIdentityProvider(), } return resourcesMap } diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go index dc1fe3f5d5..1a4909f397 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go @@ -15,7 +15,7 @@ func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationConfig_basic(t *tes SkipTestExtCred(t) var ( federatedSettingsIdentityProvider matlas.FederatedSettingsConnectedOrganization - resourceName = "mongodbatlas_cloud_federated_settings_org_config.test" + resourceName = "mongodbatlas_federated_settings_org_config.test" federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") @@ -50,10 +50,10 @@ func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationConfig_basic(t *tes func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationConfig_importBasic(t *testing.T) { SkipTestExtCred(t) var ( - resourceName = "mongodbatlas_cloud_federated_settings_org_config.test" + resourceName = "mongodbatlas_federated_settings_org_config.test" federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") - idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") + idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_OKTA_IDP_ID") ) resource.ParallelTest(t, resource.TestCase{ @@ -113,7 +113,7 @@ func testAccCheckMongoDBAtlasFederatedSettingsOrganizationConfigImportStateIDFun func testAccMongoDBAtlasFederatedSettingsOrganizationConfig(federationSettingsID, orgID, identityProviderID string) string { return fmt.Sprintf(` - resource "mongodbatlas_cloud_federated_settings_org_config" "test" { + resource "mongodbatlas_federated_settings_org_config" "test" { federation_settings_id = "%[1]s" org_id = "%[2]s" domain_restriction_enabled = false diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go index e8bab653e8..b976d9076e 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider.go @@ -61,7 +61,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProvider() *schema.Resource { Type: schema.TypeString, Required: true, }, - "idp_id": { + "okta_idp_id": { Type: schema.TypeString, Computed: true, }, @@ -80,7 +80,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Conte ids := decodeStateID(d.Id()) federationSettingsID := ids["federation_settings_id"] - oktaIdpID := ids["idp_id"] + oktaIdpID := ids["okta_idp_id"] federatedSettingsIdentityProvider, resp, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) if err != nil { @@ -102,7 +102,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Conte return diag.FromErr(fmt.Errorf("error setting associated domains list (%s): %s", d.Id(), err)) } - if err := d.Set("idp_id", federatedSettingsIdentityProvider.OktaIdpID); err != nil { + if err := d.Set("okta_idp_id", federatedSettingsIdentityProvider.OktaIdpID); err != nil { return diag.FromErr(fmt.Errorf("error setting OktaIdpID (%s): %s", d.Id(), err)) } @@ -128,7 +128,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderRead(ctx context.Conte d.SetId(encodeStateID(map[string]string{ "federation_settings_id": federationSettingsID, - "idp_id": oktaIdpID, + "okta_idp_id": oktaIdpID, })) return nil @@ -139,7 +139,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderUpdate(ctx context.Con conn := meta.(*MongoDBClient).Atlas ids := decodeStateID(d.Id()) federationSettingsID := ids["federation_settings_id"] - oktaIdpID := ids["idp_id"] + oktaIdpID := ids["okta_idp_id"] federatedSettingsIdentityProviderUpdate, _, err := conn.FederatedSettings.GetIdentityProvider(context.Background(), federationSettingsID, oktaIdpID) if err != nil { @@ -243,7 +243,7 @@ func resourceMongoDBAtlasFederatedSettingsIdentityProviderImportState(ctx contex d.SetId(encodeStateID(map[string]string{ "federation_settings_id": *federationSettingsID, - "idp_id": *oktaIdpID, + "okta_idp_id": *oktaIdpID, })) return []*schema.ResourceData{d}, nil diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go index aa6843eae4..b96a6035ea 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go @@ -15,9 +15,9 @@ func TestAccResourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *testi SkipTestExtCred(t) var ( federatedSettingsIdentityProvider matlas.FederatedSettingsIdentityProvider - resourceName = "mongodbatlas_cloud_federated_settings_identity_provider.test" + resourceName = "mongodbatlas_federated_settings_identity_provider.test" federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") - idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") + idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_OKTA_IDP_ID") ssoURL = os.Getenv("MONGODB_ATLAS_FEDERATED_SSO_URL") issuerURI = os.Getenv("MONGODB_ATLAS_FEDERATED_ISSUER_URI") ) @@ -51,9 +51,9 @@ func TestAccResourceMongoDBAtlasFederatedSettingsIdentityProvider_basic(t *testi func TestAccResourceMongoDBAtlasFederatedSettingsIdentityProvider_importBasic(t *testing.T) { SkipTestExtCred(t) var ( - resourceName = "mongodbatlas_cloud_federated_settings_identity_provider.test" + resourceName = "mongodbatlas_federated_settings_identity_provider.test" federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") - idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_IDP_ID") + idpID = os.Getenv("MONGODB_ATLAS_FEDERATED_OKTA_IDP_ID") ssoURL = os.Getenv("MONGODB_ATLAS_FEDERATED_SSO_URL") issuerURI = os.Getenv("MONGODB_ATLAS_FEDERATED_ISSUER_URI") ) @@ -105,17 +105,17 @@ func testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderImportStateIDFunc( return func(s *terraform.State) (string, error) { ID := encodeStateID(map[string]string{ "federation_settings_id": federationSettingsID, - "idp_id": idpID, + "okta_idp_id": idpID, }) ids := decodeStateID(ID) - return fmt.Sprintf("%s-%s", ids["federation_settings_id"], ids["idp_id"]), nil + return fmt.Sprintf("%s-%s", ids["federation_settings_id"], ids["okta_idp_id"]), nil } } func testAccMongoDBAtlasFederatedSettingsIdentityProviderConfig(federationSettingsID, ssoURL, issuerURI string) string { return fmt.Sprintf(` - resource "mongodbatlas_cloud_federated_settings_identity_provider" "test" { + resource "mongodbatlas_federated_settings_identity_provider" "test" { federation_settings_id = "%[1]s" name = "mongodb_federation_test" associated_domains = ["reorganizeyourworld.com"] diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go index aa4245d232..3b4bcfb808 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go @@ -93,7 +93,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead(ctx contex return diag.FromErr(fmt.Errorf("error setting external group name (%s): %s", d.Id(), err)) } - if err := d.Set("role_assignments", flattenRoleAssignmentsSpecal(federatedSettingsOrganizationRoleMapping.RoleAssignments)); err != nil { + if err := d.Set("role_assignments", flattenRoleAssignmentsSpecial(federatedSettingsOrganizationRoleMapping.RoleAssignments)); err != nil { return diag.FromErr(fmt.Errorf("error setting role_assignments (%s): %s", d.Id(), err)) } @@ -233,7 +233,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingImportState(ctx return nil, fmt.Errorf("error setting role mapping in Federation settings (%s): %s", d.Id(), err) } - if err := d.Set("role_assignments", flattenRoleAssignmentsSpecal(federatedSettingsOrganizationRoleMapping.RoleAssignments)); err != nil { + if err := d.Set("role_assignments", flattenRoleAssignmentsSpecial(federatedSettingsOrganizationRoleMapping.RoleAssignments)); err != nil { return nil, fmt.Errorf("error setting role_assignments (%s): %s", d.Id(), err) } @@ -287,7 +287,7 @@ func expandRoleAssignments(d *schema.ResourceData) []mongodbatlas.RoleAssignment return roleAssignmentsReturn } -func flattenRoleAssignmentsSpecal(roleAssignments []*mongodbatlas.RoleAssignments) []map[string]interface{} { +func flattenRoleAssignmentsSpecial(roleAssignments []*mongodbatlas.RoleAssignments) []map[string]interface{} { var roleAssignmentsMap []map[string]interface{} if len(roleAssignments) > 0 { counterGroup := make(map[string]int) diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go index 43c9e7361a..5418a0745a 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go @@ -15,7 +15,7 @@ func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_basic(t SkipTestExtCred(t) var ( federatedSettingsOrganizationRoleMapping matlas.FederatedSettingsOrganizationRoleMapping - resourceName = "mongodbatlas_cloud_federated_settings_org_role_mapping.test" + resourceName = "mongodbatlas_federated_settings_org_role_mapping.test" federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") groupID = os.Getenv("MONGODB_ATLAS_FEDERATED_GROUP_ID") @@ -32,7 +32,7 @@ func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_basic(t testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingExists(resourceName, &federatedSettingsOrganizationRoleMapping), resource.TestCheckResourceAttr(resourceName, "federation_settings_id", federationSettingsID), resource.TestCheckResourceAttr(resourceName, "org_id", orgID), - resource.TestCheckResourceAttr(resourceName, "external_group_name", "newgroup"), + resource.TestCheckResourceAttr(resourceName, "external_group_name", "newtestgroup"), ), }, }, @@ -42,7 +42,7 @@ func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_basic(t func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping_importBasic(t *testing.T) { SkipTestExtCred(t) var ( - resourceName = "mongodbatlas_cloud_federated_settings_org_role_mapping.test" + resourceName = "mongodbatlas_federated_settings_org_role_mapping.test" federationSettingsID = os.Getenv("MONGODB_ATLAS_FEDERATION_SETTINGS_ID") orgID = os.Getenv("MONGODB_ATLAS_FEDERATED_ORG_ID") groupID = os.Getenv("MONGODB_ATLAS_FEDERATED_GROUP_ID") @@ -96,7 +96,7 @@ func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingDestroy(sta conn := testAccProvider.Meta().(*MongoDBClient).Atlas for _, rs := range state.RootModule().Resources { - if rs.Type != "mongodbatlas_cloud_federated_settings_org_role_mapping" { + if rs.Type != "mongodbatlas_federated_settings_org_role_mapping" { continue } @@ -104,7 +104,7 @@ func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingDestroy(sta roleMapping, _, err := conn.FederatedSettings.GetRoleMapping(context.Background(), ids["federation_settings_id"], ids["org_id"], ids["role_mapping_id"]) if err == nil && roleMapping != nil { - return fmt.Errorf("role mapping (%s) still exists", ids["idp_id"]) + return fmt.Errorf("role mapping (%s) still exists", ids["okta_idp_id"]) } } @@ -126,10 +126,10 @@ func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingImportState func testAccMongoDBAtlasFederatedSettingsOrganizationRoleMappingConfig(federationSettingsID, orgID, groupID string) string { return fmt.Sprintf(` - resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "test" { + resource "mongodbatlas_federated_settings_org_role_mapping" "test" { federation_settings_id = "%[1]s" org_id = "%[2]s" - external_group_name = "newgroup" + external_group_name = "newtestgroup" role_assignments { org_id ="%[2]s" From b3ae32ec59b8ee068663518646a8edb55b8db470 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 28 Jun 2022 13:29:14 -0500 Subject: [PATCH 33/35] Add new sort to role mapping --- ...s_federated_settings_identity_providers.go | 35 +++++ ...ated_settings_organization_role_mapping.go | 126 ++++++++++-------- ...settings_organization_role_mapping_test.go | 12 +- 3 files changed, 110 insertions(+), 63 deletions(-) diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go index 1409e2caf8..3efe2ad67c 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers.go @@ -4,6 +4,8 @@ import ( "context" "errors" "fmt" + "sort" + "strings" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -355,7 +357,38 @@ func flattenFederatedSettingsCertificates(certificates []*matlas.Certificates) [ return certificatesMap } +type mRoleAssignment []*matlas.RoleAssignments + +func (ra mRoleAssignment) Len() int { return len(ra) } +func (ra mRoleAssignment) Swap(i, j int) { ra[i], ra[j] = ra[j], ra[i] } +func (ra mRoleAssignment) Less(i, j int) bool { + compareVal := strings.Compare(ra[i].OrgID, ra[j].OrgID) + + if compareVal != 0 { + return compareVal < 0 + } + + compareVal = strings.Compare(ra[i].GroupID, ra[j].GroupID) + + if compareVal != 0 { + return compareVal < 0 + } + + return ra[i].Role < ra[j].Role +} + +type roleMappingsByGroupName []*matlas.RoleMappings + +func (ra roleMappingsByGroupName) Len() int { return len(ra) } +func (ra roleMappingsByGroupName) Swap(i, j int) { ra[i], ra[j] = ra[j], ra[i] } + +func (ra roleMappingsByGroupName) Less(i, j int) bool { + return ra[i].ExternalGroupName < ra[j].ExternalGroupName +} + func flattenRoleMappings(roleMappings []*matlas.RoleMappings) []map[string]interface{} { + sort.Sort(roleMappingsByGroupName(roleMappings)) + var roleMappingsMap []map[string]interface{} if len(roleMappings) > 0 { @@ -374,6 +407,8 @@ func flattenRoleMappings(roleMappings []*matlas.RoleMappings) []map[string]inter } func flattenRoleAssignments(roleAssignments []*matlas.RoleAssignments) []map[string]interface{} { + sort.Sort(mRoleAssignment(roleAssignments)) + var roleAssignmentsMap []map[string]interface{} if len(roleAssignments) > 0 { diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go index 3b4bcfb808..d9217f3509 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go @@ -6,6 +6,8 @@ import ( "fmt" "net/http" "regexp" + "sort" + "strings" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" @@ -78,6 +80,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingRead(ctx contex roleMappingID := ids["role_mapping_id"] federatedSettingsOrganizationRoleMapping, resp, err := conn.FederatedSettings.GetRoleMapping(context.Background(), federationSettingsID, orgID, roleMappingID) + if err != nil { // case 404 // deleted in the backend case @@ -262,6 +265,48 @@ func splitFederatedSettingsOrganizationRoleMappingImportID(id string) (federatio return } +type roleAssignmentsByFields []mongodbatlas.RoleAssignments + +func (ra roleAssignmentsByFields) Len() int { return len(ra) } +func (ra roleAssignmentsByFields) Swap(i, j int) { ra[i], ra[j] = ra[j], ra[i] } + +func (ra roleAssignmentsByFields) Less(i, j int) bool { + compareVal := strings.Compare(ra[i].OrgID, ra[j].OrgID) + + if compareVal != 0 { + return compareVal < 0 + } + + compareVal = strings.Compare(ra[i].GroupID, ra[j].GroupID) + + if compareVal != 0 { + return compareVal < 0 + } + + return ra[i].Role < ra[j].Role +} + +type roleAssignmentRefsByFields []*mongodbatlas.RoleAssignments + +func (ra roleAssignmentRefsByFields) Len() int { return len(ra) } +func (ra roleAssignmentRefsByFields) Swap(i, j int) { ra[i], ra[j] = ra[j], ra[i] } + +func (ra roleAssignmentRefsByFields) Less(i, j int) bool { + compareVal := strings.Compare(ra[i].OrgID, ra[j].OrgID) + + if compareVal != 0 { + return compareVal < 0 + } + + compareVal = strings.Compare(ra[i].GroupID, ra[j].GroupID) + + if compareVal != 0 { + return compareVal < 0 + } + + return ra[i].Role < ra[j].Role +} + func expandRoleAssignments(d *schema.ResourceData) []mongodbatlas.RoleAssignments { var roleAssignmentsReturn []mongodbatlas.RoleAssignments @@ -284,74 +329,41 @@ func expandRoleAssignments(d *schema.ResourceData) []mongodbatlas.RoleAssignment } } + sort.Sort(roleAssignmentsByFields(roleAssignmentsReturn)) + return roleAssignmentsReturn } func flattenRoleAssignmentsSpecial(roleAssignments []*mongodbatlas.RoleAssignments) []map[string]interface{} { - var roleAssignmentsMap []map[string]interface{} - if len(roleAssignments) > 0 { - counterGroup := make(map[string]int) - for _, row := range roleAssignments { - if row.GroupID != "" { - counterGroup[row.GroupID]++ - } - } - - distinctGroup := make([]string, len(counterGroup)) - i := 0 - for k := range counterGroup { - distinctGroup[i] = k - i++ - } + if len(roleAssignments) == 0 { + return nil + } - counterOrg := make(map[string]int) - for _, row := range roleAssignments { - if row.OrgID != "" { - counterOrg[row.OrgID]++ - } - } + sort.Sort(roleAssignmentRefsByFields(roleAssignments)) - distinctOrg := make([]string, len(counterOrg)) - idx := 0 - for k := range counterOrg { - distinctOrg[idx] = k - idx++ - } - - roleAssignmentsMap = make([]map[string]interface{}, len(counterOrg)+len(counterGroup)) - var rolesOrg []string - var rolesGroup []string + var flattenedRoleAssignments []map[string]interface{} + var roleAssignment = map[string]interface{}{ + "group_id": roleAssignments[0].GroupID, + "org_id": roleAssignments[0].OrgID, + "roles": []string{}, + } - mapIdx := 0 + for _, row := range roleAssignments { + if (roleAssignment["org_id"] != "" && roleAssignment["org_id"] != row.OrgID) || + (roleAssignment["group_id"] != "" && roleAssignment["group_id"] != row.GroupID) { + flattenedRoleAssignments = append(flattenedRoleAssignments, roleAssignment) - for _, ov := range distinctOrg { - for idx := range roleAssignments { - if roleAssignments[idx].OrgID == ov { - rolesOrg = append(rolesOrg, roleAssignments[idx].Role) - } + roleAssignment = map[string]interface{}{ + "group_id": row.GroupID, + "org_id": row.OrgID, + "roles": []string{}, } - roleAssignmentsMap[mapIdx] = map[string]interface{}{ - "group_id": "", - "org_id": ov, - "roles": rolesOrg, - } - mapIdx++ } - for _, ov := range distinctGroup { - for idx := range roleAssignments { - if roleAssignments[idx].GroupID == ov { - rolesGroup = append(rolesGroup, roleAssignments[idx].Role) - } - } - roleAssignmentsMap[mapIdx] = map[string]interface{}{ - "group_id": ov, - "org_id": "", - "roles": rolesGroup, - } - mapIdx++ - } + roleAssignment["roles"] = append(roleAssignment["roles"].([]string), row.Role) } - return roleAssignmentsMap + flattenedRoleAssignments = append(flattenedRoleAssignments, roleAssignment) + + return flattenedRoleAssignments } diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go index 5418a0745a..283ba2251a 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping_test.go @@ -85,6 +85,7 @@ func testAccCheckMongoDBAtlasFederatedSettingsOrganizationRoleMappingExists(reso rs.Primary.Attributes["role_mapping_id"]) if err == nil { *federatedSettingsOrganizationRoleMapping = *response + return nil } @@ -130,16 +131,15 @@ func testAccMongoDBAtlasFederatedSettingsOrganizationRoleMappingConfig(federatio federation_settings_id = "%[1]s" org_id = "%[2]s" external_group_name = "newtestgroup" - role_assignments { - org_id ="%[2]s" - roles = ["ORG_MEMBER","ORG_GROUP_CREATOR"] - } + org_id = "%[2]s" + roles = ["ORG_MEMBER","ORG_GROUP_CREATOR"] + } role_assignments { group_id = "%[3]s" - roles = ["GROUP_OWNER","GROUP_DATA_ACCESS_ADMIN","GROUP_SEARCH_INDEX_EDITOR","GROUP_DATA_ACCESS_READ_ONLY"] - } + roles = ["GROUP_OWNER","GROUP_DATA_ACCESS_ADMIN","GROUP_SEARCH_INDEX_EDITOR","GROUP_DATA_ACCESS_READ_ONLY"] + } }`, federationSettingsID, orgID, groupID) } From 3a16e1dcdc206e41d36085e29476bf4158ecc2b6 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Tue, 28 Jun 2022 13:48:18 -0500 Subject: [PATCH 34/35] Add README for federated example --- examples/Federated-Settings/Readme.md | 59 +++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 examples/Federated-Settings/Readme.md diff --git a/examples/Federated-Settings/Readme.md b/examples/Federated-Settings/Readme.md new file mode 100644 index 0000000000..c536c0cfa8 --- /dev/null +++ b/examples/Federated-Settings/Readme.md @@ -0,0 +1,59 @@ +# Example - Okta and MongoDB Atlas Federated Settings Configuration + +This project aims to provide an example of using Okta and MongoDB Atlas together. + + +## Dependencies + +* Terraform v0.13 +* Okta account +* A MongoDB Atlas account + +``` +Terraform v0.13.0 ++ provider registry.terraform.io/terraform-providers/mongodbatlas v1.4.0 +``` + +## Usage + +**1\. Ensure your Okta/Mongodb Atlas Federal settings configuration is set up to have a working set of organizations, verified domains, and identity providers.** + +**2\. TFVARS** + +Now create **terraform.tfvars** file with all the variable values and make sure **not to commit it**. + +**3\. Review the Terraform plan. ** + +Execute the below command and ensure you are happy with the plan. + +``` bash +$ terraform plan +``` +This project currently does the below deployments: + +- MongoDB Atlas Federated Settings Organizational Role Mapping +- MongoDB Atlas Federated Settings Organizational Identity Provider +- MongoDB Atlas Federated Settings Organizational configuration + +**4\. Execute the Terraform import for 2 resources that do not support create.** +``` bash +$ terraform import mongodbatlas_federated_settings_identity_provider.identity_provider 6287a67f7f7f7f7f441c6c-0oad7f7f7f7fk1297 + terraform import mongodbatlas_federated_settings_org_config.org_connections_import 6287a67f7f7f7f7f441c6c-627a96837f7f7f7f7e306f14 + +``` + +**5\. Execute the Terraform apply.** + +Now execute the plan to provision the Federated settings resources. + +``` bash +$ terraform apply +``` + +**6\. Destroy the resources.** + +Once you are finished your testing, ensure you destroy the resources to avoid unnecessary Atlas charges. + +``` bash +$ terraform destroy +``` From a6037143b808ab767eaba0287fb28615c36be6b4 Mon Sep 17 00:00:00 2001 From: admin <33664051+martinstibbe@users.noreply.github.com> Date: Wed, 29 Jun 2022 07:20:50 -0500 Subject: [PATCH 35/35] Refactor alias mongodbatlas to matlas dead code removal import spaces --- ...ed_settings_connected_organization_test.go | 3 +-- ...erated_settings_connected_organizations.go | 1 - ...d_settings_connected_organizations_test.go | 4 +--- ...erated_settings_identity_providers_test.go | 4 +--- ...ted_settings_organization_role_mappings.go | 1 - ...ettings_organization_role_mappings_test.go | 4 +--- ...ce_mongodbatlas_federated_settings_test.go | 1 - ...derated_settings_connected_organization.go | 3 +-- ...ed_settings_connected_organization_test.go | 1 - ...derated_settings_identity_provider_test.go | 1 - ...ated_settings_organization_role_mapping.go | 24 +++++++++---------- 11 files changed, 16 insertions(+), 31 deletions(-) diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go index 2863030e10..2fe561d70f 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organization_test.go @@ -6,9 +6,8 @@ import ( "os" "testing" - "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" ) func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationConfig_basic(t *testing.T) { diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go index 7329766b6b..affd59fd73 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations.go @@ -7,7 +7,6 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - matlas "go.mongodb.org/atlas/mongodbatlas" ) diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go index 5511fe14c6..6a1fc8913e 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_connected_organizations_test.go @@ -6,9 +6,8 @@ import ( "os" "testing" - "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" ) func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs_basic(t *testing.T) { @@ -21,7 +20,6 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationConfigs_basic(t * resource.Test(t, resource.TestCase{ PreCheck: func() { checkFederatedSettings(t) }, ProviderFactories: testAccProviderFactories, - //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, Steps: []resource.TestStep{ { Config: testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationConfigsConfig(federatedSettingsID), diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go index 502f153807..33dd04a7df 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_identity_providers_test.go @@ -6,9 +6,8 @@ import ( "os" "testing" - "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" ) func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProviders_basic(t *testing.T) { @@ -21,7 +20,6 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsIdentityProviders_basic(t *te resource.Test(t, resource.TestCase{ PreCheck: func() { checkFederatedSettings(t) }, ProviderFactories: testAccProviderFactories, - //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, Steps: []resource.TestStep{ { Config: testAccMongoDBAtlasDataSourceFederatedSettingsIdentityProvidersConfig(federatedSettingsID), diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go index 74521b7da2..6028a6efc8 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings.go @@ -7,7 +7,6 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - matlas "go.mongodb.org/atlas/mongodbatlas" ) diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go index 3fac089460..0bd47da0a8 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_organization_role_mappings_test.go @@ -6,9 +6,8 @@ import ( "os" "testing" - "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" ) func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings_basic(t *testing.T) { @@ -22,7 +21,6 @@ func TestAccDataSourceMongoDBAtlasFederatedSettingsOrganizationRoleMappings_basi resource.Test(t, resource.TestCase{ PreCheck: func() { checkFederatedSettings(t) }, ProviderFactories: testAccProviderFactories, - //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, Steps: []resource.TestStep{ { Config: testAccMongoDBAtlasDataSourceFederatedSettingsOrganizationRoleMappingsConfig(federatedSettingsID, orgID), diff --git a/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go b/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go index 869279ad9b..58635a8328 100644 --- a/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go +++ b/mongodbatlas/data_source_mongodbatlas_federated_settings_test.go @@ -23,7 +23,6 @@ func TestAccDataSourceMongoDBAtlasFederatedSettings_basic(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { checkFederatedSettings(t) }, ProviderFactories: testAccProviderFactories, - //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsDestroy, Steps: []resource.TestStep{ { Config: testAccMongoDBAtlasDataSourceFederatedSettingsConfig(orgID), diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go index e3b3e1c318..68b2e2917b 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization.go @@ -8,9 +8,8 @@ import ( "regexp" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" - "github.com/spf13/cast" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/spf13/cast" ) func resourceMongoDBAtlasFederatedSettingsOrganizationConfig() *schema.Resource { diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go index 1a4909f397..5dd9a6d8f7 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_connected_organization_test.go @@ -59,7 +59,6 @@ func TestAccResourceMongoDBAtlasFederatedSettingsOrganizationConfig_importBasic( resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { checkFederatedSettings(t) }, ProviderFactories: testAccProviderFactories, - //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderDestroy, Steps: []resource.TestStep{ { diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go index b96a6035ea..e704b4c5f6 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_identity_provider_test.go @@ -61,7 +61,6 @@ func TestAccResourceMongoDBAtlasFederatedSettingsIdentityProvider_importBasic(t resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { checkFederatedSettings(t) }, ProviderFactories: testAccProviderFactories, - //CheckDestroy: testAccCheckMongoDBAtlasFederatedSettingsIdentityProviderDestroy, Steps: []resource.TestStep{ { diff --git a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go index d9217f3509..847bb59394 100644 --- a/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go +++ b/mongodbatlas/resource_mongodbatlas_federated_settings_organization_role_mapping.go @@ -10,10 +10,8 @@ import ( "strings" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" - - mongodbatlas "go.mongodb.org/atlas/mongodbatlas" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + matlas "go.mongodb.org/atlas/mongodbatlas" ) func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMapping() *schema.Resource { @@ -126,9 +124,9 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingCreate(ctx cont externalGroupName := d.Get("external_group_name").(string) - body := &mongodbatlas.FederatedSettingsOrganizationRoleMapping{} + body := &matlas.FederatedSettingsOrganizationRoleMapping{} - ra := []*mongodbatlas.RoleAssignments{} + ra := []*matlas.RoleAssignments{} body.ExternalGroupName = externalGroupName roleAssignments := expandRoleAssignments(d) @@ -181,7 +179,7 @@ func resourceMongoDBAtlasFederatedSettingsOrganizationRoleMappingUpdate(ctx cont if d.HasChange("role_assignments") { federatedSettingsOrganizationRoleMappingUpdate.RoleAssignments = nil - ra := []*mongodbatlas.RoleAssignments{} + ra := []*matlas.RoleAssignments{} roleAssignments := expandRoleAssignments(d) @@ -265,7 +263,7 @@ func splitFederatedSettingsOrganizationRoleMappingImportID(id string) (federatio return } -type roleAssignmentsByFields []mongodbatlas.RoleAssignments +type roleAssignmentsByFields []matlas.RoleAssignments func (ra roleAssignmentsByFields) Len() int { return len(ra) } func (ra roleAssignmentsByFields) Swap(i, j int) { ra[i], ra[j] = ra[j], ra[i] } @@ -286,7 +284,7 @@ func (ra roleAssignmentsByFields) Less(i, j int) bool { return ra[i].Role < ra[j].Role } -type roleAssignmentRefsByFields []*mongodbatlas.RoleAssignments +type roleAssignmentRefsByFields []*matlas.RoleAssignments func (ra roleAssignmentRefsByFields) Len() int { return len(ra) } func (ra roleAssignmentRefsByFields) Swap(i, j int) { ra[i], ra[j] = ra[j], ra[i] } @@ -307,13 +305,13 @@ func (ra roleAssignmentRefsByFields) Less(i, j int) bool { return ra[i].Role < ra[j].Role } -func expandRoleAssignments(d *schema.ResourceData) []mongodbatlas.RoleAssignments { - var roleAssignmentsReturn []mongodbatlas.RoleAssignments +func expandRoleAssignments(d *schema.ResourceData) []matlas.RoleAssignments { + var roleAssignmentsReturn []matlas.RoleAssignments if v, ok := d.GetOk("role_assignments"); ok { if rs := v.(*schema.Set); rs.Len() > 0 { - roleAssignments := []mongodbatlas.RoleAssignments{} - roleAssignment := mongodbatlas.RoleAssignments{} + roleAssignments := []matlas.RoleAssignments{} + roleAssignment := matlas.RoleAssignments{} for _, r := range rs.List() { roleMap := r.(map[string]interface{}) @@ -334,7 +332,7 @@ func expandRoleAssignments(d *schema.ResourceData) []mongodbatlas.RoleAssignment return roleAssignmentsReturn } -func flattenRoleAssignmentsSpecial(roleAssignments []*mongodbatlas.RoleAssignments) []map[string]interface{} { +func flattenRoleAssignmentsSpecial(roleAssignments []*matlas.RoleAssignments) []map[string]interface{} { if len(roleAssignments) == 0 { return nil }