generated from hashicorp/terraform-provider-scaffolding-framework
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[OP-2308] Added
mongodb_role
resource (#30)
* Added role commands to mongodb pkg * tmp * Implemented role resource * go get -u * Added role resource example * Added more docs and validators * Removed test code * Check error from applyRole * Added acceptance tests * Run tests with MongoDB * go fmt * Check error * Use localhost
- Loading branch information
Showing
26 changed files
with
1,697 additions
and
330 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,116 @@ | ||
--- | ||
# generated by https://github.com/hashicorp/terraform-plugin-docs | ||
page_title: "mongodb_role Resource - terraform-provider-mongodb-driver" | ||
subcategory: "" | ||
description: |- | ||
Role resource | ||
--- | ||
|
||
# mongodb_role (Resource) | ||
|
||
Role resource | ||
|
||
## Example Usage | ||
|
||
```terraform | ||
resource "mongodb_role" "example" { | ||
role = "myClusterwideAdmin" | ||
db = "admin" | ||
privileges = [ | ||
{ | ||
resource = { cluster = true } | ||
actions = ["addShard"] | ||
}, | ||
{ | ||
resource = { db = "config", collection = "" } | ||
actions = ["find", "update", "insert", "remove"] | ||
}, | ||
{ | ||
resource = { db = "users", collection = "usersCollection" }, | ||
actions = ["update", "insert", "remove"] | ||
}, | ||
{ | ||
resource = { db = "", collection = "" }, | ||
actions = ["find"] | ||
} | ||
] | ||
roles = [ | ||
{ role = "read", db = "admin" }, | ||
] | ||
} | ||
``` | ||
|
||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Required | ||
|
||
- `db` (String) Database this MongoDB role belongs to. | ||
|
||
MongoDB has some restrictions on database names. Such as: | ||
|
||
- Cannot contain any of the following characters (we're following Windows limits): `/\. "$*<>:|?` | ||
- Cannot create roles in the `local` database. | ||
- Cannot be empty. | ||
- Cannot be longer than 64 characters. | ||
|
||
See documentation: | ||
|
||
- <https://www.mongodb.com/docs/manual/reference/command/createRole/#local-database> | ||
- <https://www.mongodb.com/docs/v6.0/reference/limits/#naming-restrictions> | ||
- `role` (String) Rolename for this MongoDB role. | ||
|
||
### Optional | ||
|
||
- `privileges` (Attributes Set) Privileges this role has. (see [below for nested schema](#nestedatt--privileges)) | ||
- `roles` (Attributes Set) Roles this role inherits privileges from. (see [below for nested schema](#nestedatt--roles)) | ||
- `timeouts` (Attributes) (see [below for nested schema](#nestedatt--timeouts)) | ||
|
||
### Read-Only | ||
|
||
- `id` (String) Role unique ID in MongoDB. Is composed from the `db` and `role` fields. | ||
|
||
<a id="nestedatt--privileges"></a> | ||
### Nested Schema for `privileges` | ||
|
||
Required: | ||
|
||
- `actions` (Set of String) Database this role belongs to. Leave unset to target same database as role. | ||
See: <https://www.mongodb.com/docs/manual/reference/privilege-actions/> | ||
- `resource` (Attributes) A document that specifies the resources upon which the privilege `actions` apply. | ||
|
||
Can only supply one of the following attribute combinations: - only `cluster` attribute, must be set to `true` - only `any_resource` attribute, must be set to `true` - only `db` and `collection` attributes (see [below for nested schema](#nestedatt--privileges--resource)) | ||
|
||
<a id="nestedatt--privileges--resource"></a> | ||
### Nested Schema for `privileges.resource` | ||
|
||
Optional: | ||
|
||
- `any_resource` (Boolean) Set to true to target every resource in the system. Intended for internal use. **Do not** use this resource, other than in exceptional circumstances. | ||
- `cluster` (Boolean) Set to true to target the MongoDB cluster as the resource. | ||
- `collection` (String) Specify which collection to target. Must be paired with the `db` attribute. | ||
- `db` (String) Specify which database to target. Must be paired with the `collection` attribute. If both the `db` and `collections` are empty strings (`""`), the resource is all collections, excluding the system collections, in all the databases. If only the `db` attribute is an empty string (`""`), the resource is all collections with the specified `collection` name across all databases.If only the `collection` attribute is an empty string (`""`), the resource is the specified database, excluding the system collections. | ||
|
||
|
||
|
||
<a id="nestedatt--roles"></a> | ||
### Nested Schema for `roles` | ||
|
||
Required: | ||
|
||
- `role` (String) Role name | ||
|
||
Optional: | ||
|
||
- `db` (String) Database this role belongs to. Leave unset to target same database as role. | ||
|
||
|
||
<a id="nestedatt--timeouts"></a> | ||
### Nested Schema for `timeouts` | ||
|
||
Optional: | ||
|
||
- `create` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). | ||
- `delete` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. | ||
- `read` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled. | ||
- `update` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
resource "mongodb_role" "example" { | ||
role = "myClusterwideAdmin" | ||
db = "admin" | ||
privileges = [ | ||
{ | ||
resource = { cluster = true } | ||
actions = ["addShard"] | ||
}, | ||
{ | ||
resource = { db = "config", collection = "" } | ||
actions = ["find", "update", "insert", "remove"] | ||
}, | ||
{ | ||
resource = { db = "users", collection = "usersCollection" }, | ||
actions = ["update", "insert", "remove"] | ||
}, | ||
{ | ||
resource = { db = "", collection = "" }, | ||
actions = ["find"] | ||
} | ||
] | ||
roles = [ | ||
{ role = "read", db = "admin" }, | ||
] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
SPDX-FileCopyrightText: 2023 Risk.Ident GmbH <contact@riskident.com> | ||
|
||
SPDX-License-Identifier: CC-BY-4.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.