-
Notifications
You must be signed in to change notification settings - Fork 645
/
data_source_ibm_sm_public_certificate_configuration_dns_cis.go
124 lines (102 loc) · 5.54 KB
/
data_source_ibm_sm_public_certificate_configuration_dns_cis.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
// Copyright IBM Corp. 2023 All Rights Reserved.
// Licensed under the Mozilla Public License v2.0
package secretsmanager
import (
"context"
"fmt"
"log"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns"
"github.com/IBM/secrets-manager-go-sdk/v2/secretsmanagerv2"
)
func DataSourceIbmSmConfigurationPublicCertificateDNSCis() *schema.Resource {
return &schema.Resource{
ReadContext: dataSourceIbmSmConfigurationPublicCertificateDNSCisRead,
Schema: map[string]*schema.Schema{
"name": &schema.Schema{
Type: schema.TypeString,
Required: true,
Description: "The name of the configuration.",
},
"config_type": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The configuration type.",
},
"secret_type": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.",
},
"created_by": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The unique identifier that is associated with the entity that created the secret.",
},
"created_at": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The date when a resource was created. The date format follows RFC 3339.",
},
"updated_at": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The date when a resource was recently modified. The date format follows RFC 3339.",
},
"cloud_internet_services_apikey": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "An IBM Cloud API key that can to list domains in your Cloud Internet Services instance.To grant Secrets Manager the ability to view the Cloud Internet Services instance and all of its domains, the API key must be assigned the Reader service role on Internet Services (`internet-svcs`).If you need to manage specific domains, you can assign the Manager role. For production environments, it is recommended that you assign the Reader access role, and then use the[IAM Policy Management API](https://cloud.ibm.com/apidocs/iam-policy-management#create-policy) to control specific domains. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-specific-domains).",
},
"cloud_internet_services_crn": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "A CRN that uniquely identifies an IBM Cloud resource.",
},
},
}
}
func dataSourceIbmSmConfigurationPublicCertificateDNSCisRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
secretsManagerClient, err := meta.(conns.ClientSession).SecretsManagerV2()
if err != nil {
return diag.FromErr(err)
}
region := getRegion(secretsManagerClient, d)
instanceId := d.Get("instance_id").(string)
secretsManagerClient = getClientWithInstanceEndpoint(secretsManagerClient, instanceId, region, getEndpointType(secretsManagerClient, d))
getConfigurationOptions := &secretsmanagerv2.GetConfigurationOptions{}
getConfigurationOptions.SetName(d.Get("name").(string))
publicCertificateConfigurationDNSCloudInternetServicesIntf, response, err := secretsManagerClient.GetConfigurationWithContext(context, getConfigurationOptions)
if err != nil {
log.Printf("[DEBUG] GetConfigurationWithContext failed %s\n%s", err, response)
return diag.FromErr(fmt.Errorf("GetConfigurationWithContext failed %s\n%s", err, response))
}
publicCertificateConfigurationDNSCloudInternetServices := publicCertificateConfigurationDNSCloudInternetServicesIntf.(*secretsmanagerv2.PublicCertificateConfigurationDNSCloudInternetServices)
d.SetId(fmt.Sprintf("%s/%s/%s", region, instanceId, *getConfigurationOptions.Name))
if err = d.Set("region", region); err != nil {
return diag.FromErr(fmt.Errorf("Error setting region: %s", err))
}
if err = d.Set("config_type", publicCertificateConfigurationDNSCloudInternetServices.ConfigType); err != nil {
return diag.FromErr(fmt.Errorf("Error setting config_type: %s", err))
}
if err = d.Set("secret_type", publicCertificateConfigurationDNSCloudInternetServices.SecretType); err != nil {
return diag.FromErr(fmt.Errorf("Error setting secret_type: %s", err))
}
if err = d.Set("created_by", publicCertificateConfigurationDNSCloudInternetServices.CreatedBy); err != nil {
return diag.FromErr(fmt.Errorf("Error setting created_by: %s", err))
}
if err = d.Set("created_at", DateTimeToRFC3339(publicCertificateConfigurationDNSCloudInternetServices.CreatedAt)); err != nil {
return diag.FromErr(fmt.Errorf("Error setting created_at: %s", err))
}
if err = d.Set("updated_at", DateTimeToRFC3339(publicCertificateConfigurationDNSCloudInternetServices.UpdatedAt)); err != nil {
return diag.FromErr(fmt.Errorf("Error setting updated_at: %s", err))
}
if err = d.Set("cloud_internet_services_apikey", publicCertificateConfigurationDNSCloudInternetServices.CloudInternetServicesApikey); err != nil {
return diag.FromErr(fmt.Errorf("Error setting cloud_internet_services_apikey: %s", err))
}
if err = d.Set("cloud_internet_services_crn", publicCertificateConfigurationDNSCloudInternetServices.CloudInternetServicesCrn); err != nil {
return diag.FromErr(fmt.Errorf("Error setting cloud_internet_services_crn: %s", err))
}
return nil
}