diff --git a/sysdig/provider.go b/sysdig/provider.go index 47afe8ca0..e575800dc 100644 --- a/sysdig/provider.go +++ b/sysdig/provider.go @@ -133,6 +133,7 @@ func Provider() *schema.Provider { "sysdig_secure_cloud_account": resourceSysdigSecureCloudAccount(), "sysdig_secure_scanning_policy": resourceSysdigSecureScanningPolicy(), "sysdig_secure_scanning_policy_assignment": resourceSysdigSecureScanningPolicyAssignment(), + "sysdig_secure_cloud_auth_account": resourceSysdigSecureCloudauthAccount(), "sysdig_monitor_silence_rule": resourceSysdigMonitorSilenceRule(), "sysdig_monitor_alert_downtime": resourceSysdigMonitorAlertDowntime(), diff --git a/sysdig/resource_sysdig_secure_cloud_auth_account.go b/sysdig/resource_sysdig_secure_cloud_auth_account.go new file mode 100644 index 000000000..a33426048 --- /dev/null +++ b/sysdig/resource_sysdig_secure_cloud_auth_account.go @@ -0,0 +1,96 @@ +package sysdig + +import ( + "context" + "time" + + v2 "github.com/draios/terraform-provider-sysdig/sysdig/internal/client/v2" + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" +) + +func resourceSysdigSecureCloudauthAccount() *schema.Resource { + timeout := 5 * time.Minute + + return &schema.Resource{ + CreateContext: resourceSysdigSecureCloudauthAccountCreate, + UpdateContext: resourceSysdigSecureCloudauthAccountUpdate, + ReadContext: resourceSysdigSecureCloudauthAccountRead, + DeleteContext: resourceSysdigSecureCloudauthAccountDelete, + Importer: &schema.ResourceImporter{ + StateContext: schema.ImportStatePassthroughContext, + }, + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(timeout), + Update: schema.DefaultTimeout(timeout), + Read: schema.DefaultTimeout(timeout), + Delete: schema.DefaultTimeout(timeout), + }, + Schema: map[string]*schema.Schema{ + "account_id": { + Type: schema.TypeString, + Required: true, + }, + "cloud_provider": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringInSlice([]string{"gcp"}, false), + }, + "alias": { + Type: schema.TypeString, + Optional: true, + }, + "role_enabled": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, + "role_name": { + Type: schema.TypeString, + Optional: true, + Default: "SysdigCloudBench", + }, + "external_id": { + Type: schema.TypeString, + Computed: true, + }, + "workload_identity_account_id": { + Type: schema.TypeString, + Optional: true, + }, + "workload_identity_account_alias": { + Type: schema.TypeString, + Optional: true, + }, + }, + } +} + +func resourceSysdigSecureCloudauthAccountCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + return nil +} + +func resourceSysdigSecureCloudauthAccountRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + return nil +} + +func resourceSysdigSecureCloudauthAccountUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + return nil +} + +func resourceSysdigSecureCloudauthAccountDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + return nil +} + +func cloudauthAccountFromResourceData(d *schema.ResourceData) *v2.CloudAccountSecure { + return &v2.CloudAccountSecure{ + AccountID: d.Get("account_id").(string), + Provider: d.Get("cloud_provider").(string), + Alias: d.Get("alias").(string), + RoleAvailable: d.Get("role_enabled").(bool), + RoleName: d.Get("role_name").(string), + WorkLoadIdentityAccountID: d.Get("workload_identity_account_id").(string), + WorkLoadIdentityAccountAlias: d.Get("workload_identity_account_alias").(string), + } +}