diff --git a/sysdig/resource_sysdig_secure_cloud_auth_account.go b/sysdig/resource_sysdig_secure_cloud_auth_account.go index 63792df9..ed286d46 100644 --- a/sysdig/resource_sysdig_secure_cloud_auth_account.go +++ b/sysdig/resource_sysdig_secure_cloud_auth_account.go @@ -452,29 +452,24 @@ func cloudauthAccountFromResourceData(data *schema.ResourceData) *v2.CloudauthAc This helper function converts feature values from *cloudauth.AccountFeature to resource data schema. */ -func featureValuesToResourceData(name string, feature *cloudauth.AccountFeature) map[string]interface{} { +func featureValuesToResourceData(feature *cloudauth.AccountFeature) map[string]interface{} { valuesMap := make(map[string]interface{}) valuesMap["type"] = feature.Type.String() valuesMap["enabled"] = feature.Enabled valuesMap["components"] = feature.Components - featureMap := map[string]interface{}{ - name: []map[string]interface{}{ - valuesMap, - }, - } - - return featureMap + return valuesMap } /* - This helper function converts the features data from *cloudauth.AccountFeatures to resource data schema. - This is needed to set the value in cloudauthAccountToResourceData(). +This helper function converts the features data from *cloudauth.AccountFeatures to resource data schema. +This is needed to set the value in cloudauthAccountToResourceData(). */ - -func featureToResourceData(features *cloudauth.AccountFeatures) []map[string]interface{} { - featureMap := []map[string]interface{}{} +func featureToResourceData(features *cloudauth.AccountFeatures) []interface{} { + // In the resource data, SchemaFeature field is a nested set[] of sets[] of individual features + // Hence we need to return this uber level set[] to cloudauthAccountToResourceData + featureMap := []interface{}{} featureFields := map[string]*cloudauth.AccountFeature{ SchemaSecureThreatDetection: features.SecureThreatDetection, @@ -484,14 +479,23 @@ func featureToResourceData(features *cloudauth.AccountFeatures) []map[string]int SchemaSecureAgentlessScanning: features.SecureAgentlessScanning, } + allFeatures := make(map[string]interface{}) + featureBlock := make([]map[string]interface{}, 0) for name, feature := range featureFields { if feature != nil { - value := featureValuesToResourceData(name, feature) - featureMap = append(featureMap, value) + value := featureValuesToResourceData(feature) + featureBlock = append(featureBlock, value) + + allFeatures[name] = featureBlock } } - return featureMap + // return featureMap only if there is any features data from *cloudauth.AccountFeatures, else return nil + if len(allFeatures) > 0 { + featureMap = append(featureMap, allFeatures) + return featureMap + } + return nil } func cloudauthAccountToResourceData(data *schema.ResourceData, cloudAccount *v2.CloudauthAccountSecure) error { diff --git a/sysdig/resource_sysdig_secure_cloud_auth_account_test.go b/sysdig/resource_sysdig_secure_cloud_auth_account_test.go index 5a19a23c..095cead4 100644 --- a/sysdig/resource_sysdig_secure_cloud_auth_account_test.go +++ b/sysdig/resource_sysdig_secure_cloud_auth_account_test.go @@ -103,6 +103,10 @@ resource "sysdig_secure_cloud_auth_account" "sample-1" { enabled = "true" components = ["COMPONENT_SERVICE_PRINCIPAL/secure-posture"] } + secure_identity_entitlement { + enabled = true + components = ["COMPONENT_SERVICE_PRINCIPAL/secure-posture"] + } } component { type = "COMPONENT_SERVICE_PRINCIPAL" diff --git a/sysdig/resource_sysdig_secure_organization_test.go b/sysdig/resource_sysdig_secure_organization_test.go index b5744bd1..221c838c 100644 --- a/sysdig/resource_sysdig_secure_organization_test.go +++ b/sysdig/resource_sysdig_secure_organization_test.go @@ -53,6 +53,10 @@ resource "sysdig_secure_cloud_auth_account" "sample" { enabled = "true" components = ["COMPONENT_SERVICE_PRINCIPAL/secure-posture"] } + secure_identity_entitlement { + enabled = true + components = ["COMPONENT_SERVICE_PRINCIPAL/secure-posture"] + } } component { type = "COMPONENT_SERVICE_PRINCIPAL"