diff --git a/.gitignore b/.gitignore index beb74698..fe9239fb 100644 --- a/.gitignore +++ b/.gitignore @@ -26,7 +26,7 @@ website/node_modules *.iml *.test *.iml - +.tool-versions vendor/ website/vendor @@ -48,4 +48,7 @@ oanc .vscode/settings.json # goland .run -.run/ \ No newline at end of file +.run/ + +# Local test folder +local-terraform-test/ \ No newline at end of file diff --git a/CODEOWNERS b/CODEOWNERS index 6c242ba0..f4dfc6c6 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -17,6 +17,7 @@ /sysdig/internal/client/v2/client.go @filiptubic @mbarbieri @draraksysdig /sysdig/internal/client/v2/config.go @filiptubic @mbarbieri @draraksysdig /sysdig/internal/client/v2/ibm.go @filiptubic @mbarbieri @draraksysdig +/sysdig/internal/client/v2/agentaccesskey.go @igoreulalio @filiptubic @mbarbieri @draraksysdig /main.go @filiptubic @mbarbieri @draraksysdig /.goreleaser.yml @filiptubic @mbarbieri @draraksysdig /.github/ @filiptubic @mbarbieri @draraksysdig diff --git a/sysdig/data_source_agent_access_keys.go b/sysdig/data_source_agent_access_keys.go new file mode 100644 index 00000000..4c8bce60 --- /dev/null +++ b/sysdig/data_source_agent_access_keys.go @@ -0,0 +1,86 @@ +package sysdig + +import ( + "context" + "strconv" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourceSysdigAgentAccessKey() *schema.Resource { + timeout := 5 * time.Minute + + return &schema.Resource{ + ReadContext: dataSourceSysdigAgentAccessKeyRead, + + Timeouts: &schema.ResourceTimeout{ + Read: schema.DefaultTimeout(timeout), + }, + + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeInt, + Required: true, + }, + "reservation": { + Type: schema.TypeInt, + Computed: true, + }, + "limit": { + Type: schema.TypeInt, + Computed: true, + }, + "team_id": { + Type: schema.TypeInt, + Computed: true, + }, + "metadata": { + Type: schema.TypeMap, + Computed: true, + }, + "enabled": { + Type: schema.TypeBool, + Computed: true, + }, + "date_disabled": { + Type: schema.TypeString, + Computed: true, + }, + "date_created": { + Type: schema.TypeString, + Computed: true, + }, + "access_key": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} + +// Retrieves the information of a resource form the file and loads it in Terraform +func dataSourceSysdigAgentAccessKeyRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + client, err := meta.(SysdigClients).commonClientV2() + if err != nil { + return diag.FromErr(err) + } + + agentKeyId := d.Get("id").(int) + agentAccessKey, err := client.GetAgentAccessKeyByID(ctx, strconv.Itoa(agentKeyId)) + if err != nil { + return diag.FromErr(err) + } + d.SetId(strconv.Itoa(agentAccessKey.ID)) + _ = d.Set("reservation", agentAccessKey.Reservation) + _ = d.Set("limit", agentAccessKey.Limit) + _ = d.Set("team_id", agentAccessKey.TeamID) + _ = d.Set("metadata", agentAccessKey.Metadata) + _ = d.Set("enabled", agentAccessKey.Enabled) + _ = d.Set("date_disabled", agentAccessKey.DateDisabled) + _ = d.Set("date_created", agentAccessKey.DateCreated) + _ = d.Set("access_key", agentAccessKey.AgentAccessKey) + + return nil +} diff --git a/sysdig/data_source_agent_access_keys_test.go b/sysdig/data_source_agent_access_keys_test.go new file mode 100644 index 00000000..5aa1c249 --- /dev/null +++ b/sysdig/data_source_agent_access_keys_test.go @@ -0,0 +1,66 @@ +//go:build tf_acc_sysdig_monitor || tf_acc_sysdig_secure + +package sysdig_test + +import ( + "fmt" + "strconv" + "testing" + + "github.com/draios/terraform-provider-sysdig/sysdig" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func TestAccAgentAccessKeyDataSource(t *testing.T) { + limit := 1 + reservation := 0 + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheckAnyEnv(t, SysdigMonitorApiTokenEnv, SysdigSecureApiTokenEnv), + ProviderFactories: map[string]func() (*schema.Provider, error){ + "sysdig": func() (*schema.Provider, error) { + return sysdig.Provider(), nil + }, + }, + Steps: []resource.TestStep{ + { + Config: getAgentAccessKey(limit, reservation, true), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "limit", strconv.Itoa(limit)), + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "reservation", strconv.Itoa(reservation)), + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "enabled", strconv.FormatBool(true)), + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "metadata.test", "yes"), + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "metadata.acceptance_test", "true"), + ), + }, + { + Config: getAgentAccessKey(limit, reservation, false), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "limit", strconv.Itoa(limit)), + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "reservation", strconv.Itoa(reservation)), + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "enabled", strconv.FormatBool(false)), + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "metadata.test", "yes"), + resource.TestCheckResourceAttr("data.sysdig_agent_access_key.data", "metadata.acceptance_test", "true"), + ), + }, + }, + }) +} + +func getAgentAccessKey(limit int, reservation int, enabled bool) string { + return fmt.Sprintf(` +resource "sysdig_agent_access_key" "my_agent_access_key" { + limit = %d + reservation = %d + enabled = %t + metadata = { + "test" = "yes" + "acceptance_test" = "true" + } +} + +data "sysdig_agent_access_key" "data" { + id = sysdig_agent_access_key.my_agent_access_key.id +} +`, limit, reservation, enabled) +} diff --git a/sysdig/internal/client/v2/agentaccesskey.go b/sysdig/internal/client/v2/agentaccesskey.go new file mode 100644 index 00000000..4aee0db1 --- /dev/null +++ b/sysdig/internal/client/v2/agentaccesskey.go @@ -0,0 +1,122 @@ +package v2 + +import ( + "context" + "fmt" + "net/http" +) + +const ( + GetAgentAccessKeyByIdPath = "%s/platform/v1/access-keys/%s" + CreateAgentAccessKeyPath = "%s/platform/v1/access-keys" + DeleteAgentAccessKeyPath = "%s/platform/v1/access-keys/%s" + PutAgentAccessKeyPath = "%s/platform/v1/access-keys/%s" +) + +type AgentAccessKeyInterface interface { + Base + GetAgentAccessKeyByID(ctx context.Context, id string) (*AgentAccessKey, error) + CreateAgentAccessKey(ctx context.Context, agentAccessKey *AgentAccessKey) (*AgentAccessKey, error) + DeleteAgentAccessKey(ctx context.Context, id string) error + UpdateAgentAccessKey(ctx context.Context, agentAccessKey *AgentAccessKey, id string) (*AgentAccessKey, error) +} + +func (client *Client) GetAgentAccessKeyByID(ctx context.Context, id string) (*AgentAccessKey, error) { + response, err := client.requester.Request(ctx, http.MethodGet, client.GetAgentAccessKeyByIdUrl(id), nil) + if err != nil { + return nil, err + } + defer response.Body.Close() + + if response.StatusCode != http.StatusOK { + err = client.ErrorFromResponse(response) + return nil, err + } + + agentAccessKey, err := Unmarshal[AgentAccessKey](response.Body) + if err != nil { + return nil, err + } + + return &agentAccessKey, nil +} + +func (client *Client) CreateAgentAccessKey(ctx context.Context, agentAccessKey *AgentAccessKey) (*AgentAccessKey, error) { + payload, err := Marshal(agentAccessKey) + if err != nil { + return nil, err + } + response, err := client.requester.Request(ctx, http.MethodPost, client.PostAgentAccessKeyUrl(), payload) + if err != nil { + return nil, err + } + defer response.Body.Close() + + if response.StatusCode != http.StatusCreated { + err = client.ErrorFromResponse(response) + return nil, err + } + + createdAgentAccessKey, err := Unmarshal[AgentAccessKey](response.Body) + + if err != nil { + return nil, err + } + + return &createdAgentAccessKey, nil +} + +func (client *Client) UpdateAgentAccessKey(ctx context.Context, agentAccessKey *AgentAccessKey, id string) (*AgentAccessKey, error) { + + payload, err := Marshal(agentAccessKey) + if err != nil { + return nil, err + } + response, err := client.requester.Request(ctx, http.MethodPut, client.PutAgentAccessKeyUrl(id), payload) + if err != nil { + return nil, err + } + defer response.Body.Close() + + if response.StatusCode != http.StatusOK { + err = client.ErrorFromResponse(response) + return nil, err + } + + updatedAgentAccessKey, err := Unmarshal[AgentAccessKey](response.Body) + if err != nil { + return nil, err + } + + return &updatedAgentAccessKey, nil +} + +func (client *Client) DeleteAgentAccessKey(ctx context.Context, id string) error { + response, err := client.requester.Request(ctx, http.MethodDelete, client.DeleteAgentAccessKeyUrl(id), nil) + if err != nil { + return err + } + defer response.Body.Close() + + if response.StatusCode != http.StatusNoContent && response.StatusCode != http.StatusOK && response.StatusCode != http.StatusNotFound { + return client.ErrorFromResponse(response) + } + + return nil +} + +func (client *Client) GetAgentAccessKeyByIdUrl(id string) string { + return fmt.Sprintf(GetAgentAccessKeyByIdPath, client.config.url, id) +} + +func (client *Client) PostAgentAccessKeyUrl() string { + return fmt.Sprintf(CreateAgentAccessKeyPath, client.config.url) +} + +func (client *Client) PutAgentAccessKeyUrl(id string) string { + return fmt.Sprintf(PutAgentAccessKeyPath, client.config.url, id) +} + +func (client *Client) DeleteAgentAccessKeyUrl(id string) string { + return fmt.Sprintf(DeleteAgentAccessKeyPath, client.config.url, id) +} diff --git a/sysdig/internal/client/v2/client.go b/sysdig/internal/client/v2/client.go index 5798866a..fb65ad4d 100644 --- a/sysdig/internal/client/v2/client.go +++ b/sysdig/internal/client/v2/client.go @@ -43,6 +43,7 @@ type Common interface { TeamInterface NotificationChannelInterface IdentityContextInterface + AgentAccessKeyInterface } type MonitorCommon interface { diff --git a/sysdig/internal/client/v2/model.go b/sysdig/internal/client/v2/model.go index bd8e239a..2a0d5f95 100644 --- a/sysdig/internal/client/v2/model.go +++ b/sysdig/internal/client/v2/model.go @@ -1001,6 +1001,26 @@ type SilenceRule struct { ID int `json:"id,omitempty"` } +type AgentAccessKey struct { + ID int `json:"id,omitempty"` + Reservation int `json:"agentReservation"` + Limit int `json:"agentLimit"` + TeamID int `json:"teamId,omitempty"` + AgentAccessKey string `json:"accessKey,omitempty"` + Metadata map[string]string `json:"metadata,omitempty"` + Enabled bool `json:"isEnabled"` + DateCreated string `json:"dateCreated,omitempty"` + DateDisabled string `json:"dateDisabled,omitempty"` +} + +type AgentAccessKeyReadWrapper struct { + CustomerAccessKey []AgentAccessKey `json:"customerAccessKeys"` +} + +type AgentAccessKeyWriteWrapper struct { + CustomerAccessKey AgentAccessKey `json:"customerAccessKey"` +} + type OrganizationSecure struct { cloudauth.CloudOrganization } diff --git a/sysdig/provider.go b/sysdig/provider.go index ed80e24a..8cfeec94 100644 --- a/sysdig/provider.go +++ b/sysdig/provider.go @@ -120,6 +120,7 @@ func (p *SysdigProvider) Provider() *schema.Provider { "sysdig_group_mapping_config": resourceSysdigGroupMappingConfig(), "sysdig_custom_role": resourceSysdigCustomRole(), "sysdig_team_service_account": resourceSysdigTeamServiceAccount(), + "sysdig_agent_access_key": resourceSysdigAgentAccessKey(), "sysdig_secure_aws_ml_policy": resourceSysdigSecureAWSMLPolicy(), "sysdig_secure_custom_policy": resourceSysdigSecureCustomPolicy(), @@ -219,11 +220,11 @@ func (p *SysdigProvider) Provider() *schema.Provider { "sysdig_secure_posture_policies": dataSourceSysdigSecurePosturePolicies(), "sysdig_secure_custom_role_permissions": dataSourceSysdigSecureCustomRolePermissions(), - "sysdig_current_user": dataSourceSysdigCurrentUser(), - "sysdig_user": dataSourceSysdigUser(), - "sysdig_secure_connection": dataSourceSysdigSecureConnection(), - "sysdig_custom_role": dataSourceSysdigCustomRole(), - + "sysdig_current_user": dataSourceSysdigCurrentUser(), + "sysdig_user": dataSourceSysdigUser(), + "sysdig_secure_connection": dataSourceSysdigSecureConnection(), + "sysdig_custom_role": dataSourceSysdigCustomRole(), + "sysdig_agent_access_key": dataSourceSysdigAgentAccessKey(), "sysdig_fargate_workload_agent": dataSourceSysdigFargateWorkloadAgent(), "sysdig_monitor_notification_channel_pagerduty": dataSourceSysdigMonitorNotificationChannelPagerduty(), "sysdig_monitor_notification_channel_email": dataSourceSysdigMonitorNotificationChannelEmail(), diff --git a/sysdig/resource_sysdig_agent_access_key.go b/sysdig/resource_sysdig_agent_access_key.go new file mode 100644 index 00000000..5e6aab93 --- /dev/null +++ b/sysdig/resource_sysdig_agent_access_key.go @@ -0,0 +1,175 @@ +package sysdig + +import ( + "context" + "fmt" + "strconv" + "time" + + v2 "github.com/draios/terraform-provider-sysdig/sysdig/internal/client/v2" + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func resourceSysdigAgentAccessKey() *schema.Resource { + timeout := 5 * time.Minute + + return &schema.Resource{ + ReadContext: resourceSysdigAgentAccessKeyRead, + CreateContext: resourceSysdigAgentAccessKeyCreate, + DeleteContext: resourceSysdigAgentAccessKeyDelete, + UpdateContext: resourceSysdigAgentAccessKeyUpdate, + Importer: &schema.ResourceImporter{ + StateContext: schema.ImportStatePassthroughContext, + }, + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(timeout), + Update: schema.DefaultTimeout(timeout), + Read: schema.DefaultTimeout(timeout), + Delete: schema.DefaultTimeout(timeout), + }, + + Schema: map[string]*schema.Schema{ + "reservation": { + Type: schema.TypeInt, + Optional: true, + }, + "limit": { + Type: schema.TypeInt, + Optional: true, + }, + "team_id": { + Type: schema.TypeInt, + Optional: true, + }, + "enabled": { + Type: schema.TypeBool, + Optional: true, + }, + "metadata": { + Type: schema.TypeMap, + Optional: true, + }, + "date_disabled": { + Type: schema.TypeString, + Computed: true, + }, + "date_created": { + Type: schema.TypeString, + Computed: true, + }, + "access_key": { + Type: schema.TypeString, + Computed: true, + Sensitive: true, + }, + }, + } +} + +func resourceSysdigAgentAccessKeyDelete(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics { + client, err := meta.(SysdigClients).commonClientV2() + if err != nil { + return diag.FromErr(err) + } + + err = client.DeleteAgentAccessKey(ctx, data.Id()) + if err != nil { + return diag.FromErr(err) + } + + return nil +} + +func resourceSysdigAgentAccessKeyCreate(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics { + client, err := meta.(SysdigClients).commonClientV2() + if err != nil { + return diag.FromErr(err) + } + agentAccessKey, err := agentAccessKeyFromResourceData(data) + if err != nil { + return diag.FromErr(err) + } + + agentAccessKey, err = client.CreateAgentAccessKey(ctx, agentAccessKey) + if err != nil { + return diag.FromErr(err) + } + data.SetId(strconv.Itoa(agentAccessKey.ID)) + resourceSysdigAgentAccessKeyRead(ctx, data, meta) + + return nil +} + +func resourceSysdigAgentAccessKeyUpdate(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics { + client, err := meta.(SysdigClients).commonClientV2() + if err != nil { + return diag.FromErr(err) + } + agentAccessKey, err := agentAccessKeyFromResourceData(data) + if err != nil { + return diag.FromErr(err) + } + + agentAccessKey, err = client.UpdateAgentAccessKey(ctx, agentAccessKey, data.Id()) + if err != nil { + return diag.FromErr(err) + } + + data.SetId(strconv.Itoa(agentAccessKey.ID)) + + resourceSysdigAgentAccessKeyRead(ctx, data, meta) + + return nil +} + +func agentAccessKeyFromResourceData(data *schema.ResourceData) (*v2.AgentAccessKey, error) { + metadataFromResourceData := data.Get("metadata").(map[string]interface{}) + metadata := make(map[string]string) + + for key, val := range metadataFromResourceData { + // Convert each value to a string, using fmt.Sprintf + strVal := fmt.Sprintf("%v", val) + metadata[key] = strVal + } + + var enabled bool + if data.Get("enabled") != nil { + enabled = data.Get("enabled").(bool) + } + + return &v2.AgentAccessKey{ + Reservation: data.Get("reservation").(int), + Limit: data.Get("limit").(int), + TeamID: data.Get("team_id").(int), + Enabled: enabled, + DateDisabled: data.Get("date_disabled").(string), + DateCreated: data.Get("date_created").(string), + Metadata: metadata, + }, nil +} + +func resourceSysdigAgentAccessKeyRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + client, err := meta.(SysdigClients).commonClientV2() + if err != nil { + return diag.FromErr(err) + } + + agentKeyId := d.Id() + + agentAccessKey, err := client.GetAgentAccessKeyByID(ctx, agentKeyId) + if err != nil { + return diag.FromErr(err) + } + + d.SetId(strconv.Itoa(agentAccessKey.ID)) + _ = d.Set("reservation", agentAccessKey.Reservation) + _ = d.Set("limit", agentAccessKey.Limit) + _ = d.Set("team_id", agentAccessKey.TeamID) + _ = d.Set("metadata", agentAccessKey.Metadata) + _ = d.Set("enabled", agentAccessKey.Enabled) + _ = d.Set("date_created", agentAccessKey.DateCreated) + _ = d.Set("date_disabled", agentAccessKey.DateDisabled) + _ = d.Set("access_key", agentAccessKey.AgentAccessKey) + return nil +} diff --git a/sysdig/resource_sysdig_agent_access_key_test.go b/sysdig/resource_sysdig_agent_access_key_test.go new file mode 100644 index 00000000..e91f222a --- /dev/null +++ b/sysdig/resource_sysdig_agent_access_key_test.go @@ -0,0 +1,101 @@ +//go:build tf_acc_sysdig_monitor || tf_acc_sysdig_secure + +package sysdig_test + +import ( + "fmt" + "strconv" + "testing" + + "github.com/draios/terraform-provider-sysdig/sysdig" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func TestAccAgentAccessKeyResource(t *testing.T) { + limit := 1 + reservation := 0 + metadata := map[string]string{ + "test": "yes", + "acceptance_test": "true", + "status": "new", + } + + updatedLimit := 10 + updatedMetadata := map[string]string{ + "test": "yes", + "acceptance_test": "true", + "status": "updated", + } + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheckAnyEnv(t, SysdigMonitorApiTokenEnv, SysdigSecureApiTokenEnv), + ProviderFactories: map[string]func() (*schema.Provider, error){ + "sysdig": func() (*schema.Provider, error) { + return sysdig.Provider(), nil + }, + }, + Steps: []resource.TestStep{ + { + Config: getAgentAccessKeyWithMetadata(limit, reservation, true, metadata), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "limit", strconv.Itoa(limit)), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "reservation", strconv.Itoa(reservation)), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "enabled", strconv.FormatBool(true)), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "metadata.test", metadata["test"]), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "metadata.acceptance_test", metadata["acceptance_test"]), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "metadata.status", metadata["status"]), + ), + }, + { + Config: getAgentAccessKeyWithMetadata(updatedLimit, reservation, true, updatedMetadata), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "limit", strconv.Itoa(updatedLimit)), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "reservation", strconv.Itoa(reservation)), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "enabled", strconv.FormatBool(true)), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "metadata.test", updatedMetadata["test"]), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "metadata.acceptance_test", updatedMetadata["acceptance_test"]), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "metadata.status", updatedMetadata["status"]), + ), + }, + { + Config: getAgentAccessKeyWithMetadata(updatedLimit, reservation, false, updatedMetadata), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "limit", strconv.Itoa(updatedLimit)), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "reservation", strconv.Itoa(reservation)), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "enabled", strconv.FormatBool(false)), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "metadata.test", updatedMetadata["test"]), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "metadata.acceptance_test", updatedMetadata["acceptance_test"]), + resource.TestCheckResourceAttr("sysdig_agent_access_key.my_agent_access_key", "metadata.status", updatedMetadata["status"]), + ), + }, + { + ResourceName: "sysdig_agent_access_key.my_agent_access_key", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func getAgentAccessKeyWithMetadata(limit int, reservation int, enabled bool, metadata map[string]string) string { + // Build the metadata string for Terraform configuration + metadataStr := "metadata = {\n" + for key, value := range metadata { + metadataStr += fmt.Sprintf(" \"%s\" = \"%s\"\n", key, value) + } + metadataStr += " }\n" + + // Return the full Terraform configuration + return fmt.Sprintf(` +resource "sysdig_agent_access_key" "my_agent_access_key" { + limit = %d + reservation = %d + enabled = %t + %s +} + +data "sysdig_agent_access_key" "data" { + id = sysdig_agent_access_key.my_agent_access_key.id +} +`, limit, reservation, enabled, metadataStr) +} diff --git a/website/docs/d/agent_access_key.md b/website/docs/d/agent_access_key.md new file mode 100644 index 00000000..c53857ab --- /dev/null +++ b/website/docs/d/agent_access_key.md @@ -0,0 +1,43 @@ +--- +subcategory: "Sysdig Platform" +layout: "sysdig" +page_title: "Sysdig: sysdig_agent_access_key" +description: |- + Retrieves information about a agent access key from the access key id. +--- + +# Data Source: sysdig_agent_access_key + +Retrieves information about a agent access key from the access key id. + +-> **Note:** Sysdig Terraform Provider is under rapid development at this point. If you experience any issue or discrepancy while using it, please make sure you have the latest version. If the issue persists, or you have a Feature Request to support an additional set of resources, please open a [new issue](https://github.com/sysdiglabs/terraform-provider-sysdig/issues/new) in the GitHub repository. + +## Example Usage + +```terraform +data "sysdig_agent_access_key" "sysdig_agent_access_key" { + id = "631123" +} +``` + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `access_key` - The agent access key + +* `metadata` - The metadata of agent access key. + +* `team_id` - The team id of the agent access key. + +* `limit` - The limit of the agent access key. + +* `reservation` - The reservation of the agent access key. + +* `enabled` - Whether the agent access key is enabled or not. + +* `date_disabled` - Date when the agent key was last disabled. + +* `date_created` - Date when the agent key was created. + + diff --git a/website/docs/r/agent_access_key.md b/website/docs/r/agent_access_key.md new file mode 100644 index 00000000..165c1a03 --- /dev/null +++ b/website/docs/r/agent_access_key.md @@ -0,0 +1,59 @@ +--- +subcategory: "Sysdig Platform" +layout: "sysdig" +page_title: "Sysdig: sysdig_a[custom_role.md](custom_role.md)gent_access_key" +description: |- + Retrieves information about a agent access key from the access key id. +--- + +# Resource: sysdig_agent_access_key + +Retrieves information about an agent access key from the access key id. + +-> **Note:** Sysdig Terraform Provider is under rapid development at this point. If you experience any issue or discrepancy while using it, please make sure you have the latest version. If the issue persists, or you have a Feature Request to support an additional set of resources, please open a [new issue](https://github.com/sysdiglabs/terraform-provider-sysdig/issues/new) in the GitHub repository. + +## Example Usage + +```terraform +resource "sysdig_agent_access_key" "my_agent_access_key" { + limit = 11 + reservation = 1 + team_id = 50012099 + metadata = { + "test" = "yes" + "environment" = "development" + "team" = "awesome_team" + } + enabled = true +} +``` + +## Argument Reference + +* `metadata` - (Optional) The metadata of agent access key. + +* `team_id` - (Optional) The team id of the agent access key. + +* `limit` - (Optional) The limit of the agent access key. + +* `reservation` - (Optional) The reservation of the agent access key. + +* `enabled` - (Optional) Whether the agent access key is enabled or not. It is only used in update actions, an agent access keys can be deleted only if it's disabled. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `access_key` - The agent access key. + +* `date_disabled` - Date when the agent key was last disabled. + +* `date_created` - Date when the agent key was created. + +## Import + +Sysdig group mapping can be imported using the ID, e.g. + +``` +$ terraform import sysdig_agent_access_key.my_agent_access_key "631123" +```