Allow instance policy attributes to be optionally specified (#126)

* allow attributes to be specified optionally Signed-off-by: stephaniegalang <stephaniegalang@ibm.com> * propogate attributes, ignoring disable Signed-off-by: stephaniegalang <stephaniegalang@ibm.com> --------- Signed-off-by: stephaniegalang <stephaniegalang@ibm.com> Co-authored-by: stephaniegalang <stephaniegalang@ibm.com>
IBM · May 13, 2024 · 55b541c · 55b541c
1 parent 9d7123f
commit 55b541c
Showing 1 changed file with 30 additions and 32 deletions.
diff --git a/instances.go b/instances.go
@@ -61,14 +61,14 @@ type PolicyData struct {
 
 // Attributes contains the details of an instance policy
 type Attributes struct {
-	AllowedNetwork    *string     `json:"allowed_network,omitempty"`
-	AllowedIP         IPAddresses `json:"allowed_ip,omitempty"`
-	CreateRootKey     *bool       `json:"create_root_key,omitempty"`
-	CreateStandardKey *bool       `json:"create_standard_key,omitempty"`
-	ImportRootKey     *bool       `json:"import_root_key,omitempty"`
-	ImportStandardKey *bool       `json:"import_standard_key,omitempty"`
-	EnforceToken      *bool       `json:"enforce_token,omitempty"`
-	IntervalMonth     *int        `json:"interval_month,omitempty"`
+	AllowedNetwork    *string      `json:"allowed_network,omitempty"`
+	AllowedIP         *IPAddresses `json:"allowed_ip,omitempty"`
+	CreateRootKey     *bool        `json:"create_root_key,omitempty"`
+	CreateStandardKey *bool        `json:"create_standard_key,omitempty"`
+	ImportRootKey     *bool        `json:"import_root_key,omitempty"`
+	ImportStandardKey *bool        `json:"import_standard_key,omitempty"`
+	EnforceToken      *bool        `json:"enforce_token,omitempty"`
+	IntervalMonth     *int         `json:"interval_month,omitempty"`
 }
 
 // IPAddresses ...
@@ -313,7 +313,8 @@ func (c *Client) SetAllowedIPInstancePolicy(ctx context.Context, enable bool, al
 	// The IP address validation is performed by the key protect service.
 	if enable && len(allowedIPs) != 0 {
 		policy.PolicyData.Attributes = &Attributes{}
-		policy.PolicyData.Attributes.AllowedIP = allowedIPs
+		ips := IPAddresses(allowedIPs)
+		policy.PolicyData.Attributes.AllowedIP = &ips
 	} else if enable && len(allowedIPs) == 0 {
 		return fmt.Errorf("Please provide at least 1 IP subnet specified with CIDR notation")
 	} else if !enable && len(allowedIPs) != 0 {
@@ -445,17 +446,21 @@ type AllowedNetworkPolicyData struct {
 // AllowedIPPolicyData defines the attribute input for the Allowed IP instance policy
 type AllowedIPPolicyData struct {
 	Enabled     bool
-	IPAddresses IPAddresses
+	IPAddresses *IPAddresses
 }
 
 // KeyAccessInstancePolicyData defines the attribute input for the Key Create Import Access instance policy
 type KeyCreateImportAccessInstancePolicy struct {
-	Enabled           bool
-	CreateRootKey     bool
-	CreateStandardKey bool
-	ImportRootKey     bool
-	ImportStandardKey bool
-	EnforceToken      bool
+	Enabled    bool
+	Attributes *KeyCreateImportAccessInstancePolicyAttributes
+}
+
+type KeyCreateImportAccessInstancePolicyAttributes struct {
+	CreateRootKey     *bool
+	CreateStandardKey *bool
+	ImportRootKey     *bool
+	ImportStandardKey *bool
+	EnforceToken      *bool
 }
 
 type RotationPolicyData struct {
@@ -506,16 +511,11 @@ func (c *Client) SetInstancePolicies(ctx context.Context, policies MultiplePolic
 			PolicyType: AllowedIP,
 			PolicyData: PolicyData{
 				Enabled: &(policies.AllowedIP.Enabled),
+				Attributes: &Attributes{
+					AllowedIP: policies.AllowedIP.IPAddresses,
+				},
 			},
 		}
-
-		// attributes can only be provided if policy is being enabled
-		// ignore any attribute inputs if provided during a disable
-		if policies.AllowedIP.Enabled {
-			policy.PolicyData.Attributes = &Attributes{
-				AllowedIP: policies.AllowedIP.IPAddresses,
-			}
-		}
 		resPolicies = append(resPolicies, policy)
 	}
 
@@ -537,15 +537,13 @@ func (c *Client) SetInstancePolicies(ctx context.Context, policies MultiplePolic
 			},
 		}
 
-		// attributes can only be provided if policy is being enabled
-		// ignore any attribute inputs if provided during a disable
-		if policies.KeyCreateImportAccess.Enabled {
+		if attr := policies.KeyCreateImportAccess.Attributes; attr != nil {
 			policy.PolicyData.Attributes = &Attributes{
-				CreateRootKey:     &policies.KeyCreateImportAccess.CreateRootKey,
-				CreateStandardKey: &policies.KeyCreateImportAccess.CreateStandardKey,
-				ImportRootKey:     &policies.KeyCreateImportAccess.ImportRootKey,
-				ImportStandardKey: &policies.KeyCreateImportAccess.ImportStandardKey,
-				EnforceToken:      &policies.KeyCreateImportAccess.EnforceToken,
+				CreateRootKey:     attr.CreateRootKey,
+				CreateStandardKey: attr.CreateStandardKey,
+				ImportRootKey:     attr.ImportRootKey,
+				ImportStandardKey: attr.ImportStandardKey,
+				EnforceToken:      attr.EnforceToken,
 			}
 		}