INTMDB-301: Feature add: Add support for managment of federated authentication configuration

examples/Federated-Settings/main.tf

@@ -0,0 +1,40 @@
+data "mongodbatlas_cloud_federated_settings" "federated_settings" {
+  org_id = "627a968f7f7f7f76f14"
+}
+data "mongodbatlas_cloud_federated_settings_identity_providers" "identity_provider" {
+  federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id
+}
+
+data "mongodbatlas_cloud_federated_settings_org_configs" "org_configs_ds" {
+  federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id
+}
+
+data "mongodbatlas_cloud_federated_settings_org_role_mappings" "org_role_mapping" {
+  federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id
+  org_id                 = "627a968f7f7f7f76f14"
+}
+resource "mongodbatlas_cloud_federated_settings_org_role_mapping" "org_role_mapping" {
+  federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id
+  org_id                 = "627a968f7f7f7f76f14"
+
+  external_group_name = "newgroup"
+
+  organization_roles = ["ORG_OWNER", "ORG_MEMBER"]
+  group_id           = "628aa2f7f7f7f7b098b81b8"
+  group_roles        = ["GROUP_OWNER", "GROUP_CLUSTER_MANAGER", "GROUP_DATA_ACCESS_ADMIN", "GROUP_DATA_ACCESS_READ_WRITE", "GROUP_SEARCH_INDEX_EDITOR", "GROUP_DATA_ACCESS_READ_ONLY", "GROUP_READ_ONLY"]
+
+}
+resource "mongodbatlas_cloud_federated_settings_org_config" "org_connections_import" {
+  federation_settings_id     = data.mongodbatlas_cloud_federated_settings.federated_settings.id
+  org_id                     = "627a968f7f7f7f76f14"
+  domain_restriction_enabled = false
+  domain_allow_list          = ["yourdomain.com"]
+}
+
+resource "mongodbatlas_cloud_federated_settings_identity_provider" "identity_provider" {
+  federation_settings_id = data.mongodbatlas_cloud_federated_settings.federated_settings.id
+  name                   = "mongodb_federation_test"
+  associated_domains     = ["yourdomain.com"]
+  sso_debug_enabled      = true
+  status                 = "ACTIVE"
+}

examples/Federated-Settings/output.tf

@@ -0,0 +1,15 @@
+output "federated_settings_ds" {
+  value = data.mongodbatlas_cloud_federated_settings.federated_settings.id
+}
+
+output "identity_provider" {
+  value = data.mongodbatlas_cloud_federated_settings_identity_providers.identity_provider.id
+}
+
+output "org_configs_ds" {
+  value = data.mongodbatlas_cloud_federated_settings_org_configs.org_configs_ds.id
+}
+
+output "org_role_mapping" {
+  value = data.mongodbatlas_cloud_federated_settings_org_role_mappings.org_role_mapping.id
+}

examples/Federated-Settings/provider.tf

@@ -0,0 +1,4 @@
+provider "mongodbatlas" {
+  public_key  = var.public_key
+  private_key = var.private_key
+}

examples/Federated-Settings/variables.tf

@@ -0,0 +1,51 @@
+variable "public_key" {
+  type        = string
+  description = "Public Programmatic API key to authenticate to Atlas"
+}
+variable "private_key" {
+  type        = string
+  description = "Private Programmatic API key to authenticate to Atlas"
+}
+/*variable "org_id" {
+  type        = string
+  description = "MongoDB Organization ID"
+}
+variable "project_name" {
+  type        = string
+  description = "The MongoDB Atlas Project Name"
+}
+variable "cluster_name" {
+  type        = string
+  description = "The MongoDB Atlas Cluster Name"
+}
+variable "cloud_provider" {
+  type        = string
+  description = "The cloud provider to use, must be AWS, GCP or AZURE"
+}
+variable "region" {
+  type        = string
+  description = "MongoDB Atlas Cluster Region, must be a region for the provider given"
+}
+variable "mongodbversion" {
+  type        = string
+  description = "The Major MongoDB Version"
+}
+variable "dbuser" {
+  type        = string
+  description = "MongoDB Atlas Database User Name"
+}
+variable "dbuser_password" {
+  type        = string
+  description = "MongoDB Atlas Database User Password"
+}
+variable "database_name" {
+  type        = string
+  description = "The database in the cluster to limit the database user to, the database does not have to exist yet"
+}
+variable "ip_address" {
+  type        = string
+  description = "The IP address that the cluster will be accessed from, can also be a CIDR range or AWS security group"
+}
+
+
+*/

examples/Federated-Settings/versions.tf

@@ -0,0 +1,11 @@
+terraform {
+  required_providers {
+    azurerm = {
+      source = "hashicorp/azurerm"
+    }
+    mongodbatlas = {
+      source = "mongodb/mongodbatlas"
+    }
+  }
+  required_version = ">= 0.13"
+}

go.sum

@@ -1232,6 +1232,12 @@ go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsX
 go.mongodb.org/atlas v0.12.0/go.mod h1:wVCnHcm/7/IfTjEB6K8K35PLG70yGz8BdkRwX0oK9/M=
 go.mongodb.org/atlas v0.15.1-0.20220215171307-4b760c3c624f h1:IvKkFdSSBLC5kqB1X87vn8CRAI7eXoMSK7u2lG+WUg8=
 go.mongodb.org/atlas v0.15.1-0.20220215171307-4b760c3c624f/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8=
+go.mongodb.org/atlas v0.16.0 h1:IqnDuK3XAZUgJ5lPHc4v4z4B8F6mvsS37O4ck7tOYVc=
+go.mongodb.org/atlas v0.16.0/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8=
+go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f h1:UOe3bOi7nzMKO1IFf3buDXHKQAy0spVxDipNoFLuRFM=
+go.mongodb.org/atlas v0.16.1-0.20220526142525-38b3a54ca85f/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8=
+go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7 h1:Ox29ko57cIzdvQNMYmCZFQYYpqFthB5o2e5WiuA/Q+w=
+go.mongodb.org/atlas v0.16.1-0.20220527115237-e776f17514a7/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8=
 go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30 h1:UVbPMJSXVDyvIA/JEHI2HAwc+B4R6xpnmSya/pbANpY=
 go.mongodb.org/atlas v0.16.1-0.20220527133640-ba676d378a30/go.mod h1:lQhRHIxc6jQHEK3/q9WLu/SdBkPj2fQYhjLGUF6Z3U8=
 go.mongodb.org/atlas v0.16.1-0.20220531163122-551edbfb2f27 h1:rGTb8CaE9ZKNjmdUJ58jFcHopLg6o6Kzfm9AIayq1Hw=

mongodbatlas/data_source_mongodbatlas_federated_settings.go

@@ -0,0 +1,105 @@
+package mongodbatlas
+
+import (
+	"context"
+	"errors"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+	matlas "go.mongodb.org/atlas/mongodbatlas"
+)
+
+func dataSourceMongoDBAtlasFederatedSettings() *schema.Resource {
+	return &schema.Resource{
+		ReadContext: dataSourceMongoDBAtlasFederatedSettingsRead,
+		Schema: map[string]*schema.Schema{
+			"org_id": {
+				Type:          schema.TypeString,
+				Optional:      true,
+				ConflictsWith: []string{"name"},
+			},
+			"name": {
+				Type:          schema.TypeString,
+				Optional:      true,
+				ConflictsWith: []string{"org_id"},
+			},
+			"federated_domains": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"has_role_mappings": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+			"id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"identity_provider_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"identity_provider_status": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceMongoDBAtlasFederatedSettingsRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	// Get client connection.
+	conn := meta.(*MongoDBClient).Atlas
+
+	orgID, orgIDOk := d.GetOk("org_id")
+
+	if !orgIDOk {
+		return diag.FromErr(errors.New("org_id must be configured"))
+	}
+
+	var (
+		err error
+		org *matlas.Organization
+	)
+
+	if orgIDOk {
+		org, _, err = conn.Organizations.Get(ctx, orgID.(string))
+	}
+
+	if err != nil {
+		return diag.Errorf("Error reading Organization %s %s", orgID, err)
+	}
+
+	federationSettings, _, err := conn.FederatedSettings.Get(ctx, org.ID)
+	if err != nil {
+		return diag.Errorf("error getting Federated settings (%s): %s", orgID, err)
+	}
+
+	if err := d.Set("org_id", org.ID); err != nil {
+		return diag.Errorf("error getting Federated settings (%s): %s %s", `org_id`, org.ID, err)
+	}
+
+	if err := d.Set("federated_domains", federationSettings.FederatedDomains); err != nil {
+		return diag.Errorf("error getting Federated settings (%s): %s %s", `federated_domains`, federationSettings.FederatedDomains, err)
+	}
+
+	if err := d.Set("identity_provider_status", federationSettings.IdentityProviderStatus); err != nil {
+		return diag.Errorf("error getting Federated settings (%s): %s %s", `identityProviderStatus`, federationSettings.IdentityProviderStatus, err)
+	}
+
+	if err := d.Set("identity_provider_id", federationSettings.IdentityProviderID); err != nil {
+		return diag.Errorf("error getting Federated settings (%s): %s %s", `IdentityProviderID`, federationSettings.IdentityProviderID, err)
+	}
+
+	if err := d.Set("has_role_mappings", federationSettings.HasRoleMappings); err != nil {
+		return diag.Errorf("error getting Federated settings (%s): flag  %s ", `HasRoleMappings`, err)
+	}
+
+	d.SetId(federationSettings.ID)
+
+	return nil
+}