-
Notifications
You must be signed in to change notification settings - Fork 647
/
data_source_ibm_sm_iam_credentials_configuration.go
114 lines (95 loc) · 4.37 KB
/
data_source_ibm_sm_iam_credentials_configuration.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
// Copyright IBM Corp. 2023 All Rights Reserved.
// Licensed under the Mozilla Public License v2.0
package secretsmanager
import (
"context"
"fmt"
"log"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns"
"github.com/IBM/secrets-manager-go-sdk/v2/secretsmanagerv2"
)
func DataSourceIbmSmIamCredentialsConfiguration() *schema.Resource {
return &schema.Resource{
ReadContext: dataSourceIbmSmIamCredentialsConfigurationRead,
Schema: map[string]*schema.Schema{
"name": &schema.Schema{
Type: schema.TypeString,
Required: true,
Description: "The name of the configuration.",
},
"config_type": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The configuration type.",
},
"secret_type": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.",
},
"created_by": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The unique identifier that is associated with the entity that created the secret.",
},
"created_at": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The date when a resource was created. The date format follows RFC 3339.",
},
"updated_at": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The date when a resource was recently modified. The date format follows RFC 3339.",
},
"api_key": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Sensitive: true,
Description: "An IBM Cloud API key that can create and manage service IDs. The API key must be assigned the Editor platform role on the Access Groups Service and the Operator platform role on the IAM Identity Service. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-configure-iam-engine).",
},
},
}
}
func dataSourceIbmSmIamCredentialsConfigurationRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
secretsManagerClient, err := meta.(conns.ClientSession).SecretsManagerV2()
if err != nil {
return diag.FromErr(err)
}
region := getRegion(secretsManagerClient, d)
instanceId := d.Get("instance_id").(string)
secretsManagerClient = getClientWithInstanceEndpoint(secretsManagerClient, instanceId, region, getEndpointType(secretsManagerClient, d))
getConfigurationOptions := &secretsmanagerv2.GetConfigurationOptions{}
getConfigurationOptions.SetName(d.Get("name").(string))
iAMCredentialsConfigurationIntf, response, err := secretsManagerClient.GetConfigurationWithContext(context, getConfigurationOptions)
if err != nil {
log.Printf("[DEBUG] GetConfigurationWithContext failed %s\n%s", err, response)
return diag.FromErr(fmt.Errorf("GetConfigurationWithContext failed %s\n%s", err, response))
}
iAMCredentialsConfiguration := iAMCredentialsConfigurationIntf.(*secretsmanagerv2.IAMCredentialsConfiguration)
d.SetId(fmt.Sprintf("%s/%s/%s", region, instanceId, *getConfigurationOptions.Name))
if err = d.Set("region", region); err != nil {
return diag.FromErr(fmt.Errorf("Error setting region: %s", err))
}
if err = d.Set("config_type", iAMCredentialsConfiguration.ConfigType); err != nil {
return diag.FromErr(fmt.Errorf("Error setting config_type: %s", err))
}
if err = d.Set("secret_type", iAMCredentialsConfiguration.SecretType); err != nil {
return diag.FromErr(fmt.Errorf("Error setting secret_type: %s", err))
}
if err = d.Set("created_by", iAMCredentialsConfiguration.CreatedBy); err != nil {
return diag.FromErr(fmt.Errorf("Error setting created_by: %s", err))
}
if err = d.Set("created_at", DateTimeToRFC3339(iAMCredentialsConfiguration.CreatedAt)); err != nil {
return diag.FromErr(fmt.Errorf("Error setting created_at: %s", err))
}
if err = d.Set("updated_at", DateTimeToRFC3339(iAMCredentialsConfiguration.UpdatedAt)); err != nil {
return diag.FromErr(fmt.Errorf("Error setting updated_at: %s", err))
}
if err = d.Set("api_key", iAMCredentialsConfiguration.ApiKey); err != nil {
return diag.FromErr(fmt.Errorf("Error setting api_key: %s", err))
}
return nil
}