Add support for Audit trail tokens

[c4po]

Use-cases

As a user of Terraform Cloud, I want to be able to manage Audit Trail Tokens through the Terraform provider for Terraform Cloud. Audit Trail Tokens are a new feature introduced to HCP Terraform, and they provide a way to generate tokens specifically for audit trail purposes. These tokens have read-only access to an organization's audit logs and can be used to integrate with third-party SIEM tools or other audit systems.

Currently, the terraform-provider-tfe does not support managing these new Audit Trail Tokens, which limits users' ability to automate their security and compliance workflows using Terraform.

Attempted Solutions

There are no current solutions available in the terraform-provider-tfe to manage Audit Trail Tokens. The provider supports management of other types of tokens (such as team tokens and user tokens), but does not have resources or data sources specific to Audit Trail Tokens.

Proposal

I propose adding support for Audit Trail Tokens to the terraform-provider-tfe. This would involve:

1. Creating a new resource tfe_audit_trail_token to manage Audit Trail Tokens. The resource should support the following operations:

   • Create a new Audit Trail Token
   • Delete an Audit Trail Token

2. Implementing the necessary API calls to interact with the Audit Trail Tokens API endpoints as described in the API documentation: https://developer.hashicorp.com/terraform/cloud-docs/api-docs/audit-trails-tokens

Example configuration for the proposed tfe_audit_trail_token resource:

resource "time_rotating" "example" {
  rotation_days = 30
}

resource "tfe_audit_trail_token" "example" {
  organization = "my-org-name"
  expired_at   = time_rotating.example.rotation_rfc3339
}

This feature would allow users to manage their Audit Trail Tokens as code, enabling better integration with their existing Terraform workflows and improving their ability to automate security and compliance processes.