fix: remove credential passphrase and group support from scc

examples/ibm-scc/posture-management/README.md

@@ -164,7 +164,6 @@ data "ibm_scc_posture_scope_correlation" "scope_correlation_instance" {
 | name | Credentials name. | `string` | true |
 | description | Credentials description. | `string` | true |
 | display_fields | Details the fields on the credential. This will change as per credential type selected. | `` | true |
-| group | Credential group details. | `` | true |
 | purpose | Purpose for which the credential is created. | `string` | true |
 | id | The id for the given API. | `string` | true |
 | profile_type | The profile type ID. This will be 4 for profiles and 6 for group profiles. | `string` | true |

go.mod

@@ -25,7 +25,7 @@ require (
 	github.com/IBM/platform-services-go-sdk v0.29.2
 	github.com/IBM/push-notifications-go-sdk v0.0.0-20210310100607-5790b96c47f5
 	github.com/IBM/scc-go-sdk/v3 v3.1.6
-	github.com/IBM/scc-go-sdk/v4 v4.0.0
+	github.com/IBM/scc-go-sdk/v4 v4.0.2
 	github.com/IBM/schematics-go-sdk v0.2.1
 	github.com/IBM/secrets-manager-go-sdk v0.1.19
 	github.com/IBM/vpc-go-sdk v0.27.0

go.sum

@@ -96,8 +96,8 @@ github.com/IBM/push-notifications-go-sdk v0.0.0-20210310100607-5790b96c47f5 h1:N
 github.com/IBM/push-notifications-go-sdk v0.0.0-20210310100607-5790b96c47f5/go.mod h1:b07XHUVh0XYnQE9s2mqgjYST1h9buaQNqN4EcKhOsX0=
 github.com/IBM/scc-go-sdk/v3 v3.1.6 h1:wg7yujuJJ1O1pcGrIn8ITq6i6GeXb7GRBPNq6kLrkMU=
 github.com/IBM/scc-go-sdk/v3 v3.1.6/go.mod h1:cBxkth9AIOcKQx4Gy9bWgyGYa7vYwHAalUBvY+O8xAE=
-github.com/IBM/scc-go-sdk/v4 v4.0.0 h1:Fes2/SVzhrNkD8U12W75MQeOzAZmhSPJHmq6+Txsn4A=
-github.com/IBM/scc-go-sdk/v4 v4.0.0/go.mod h1:ufqf/kBtRn3Pq/pFXF6zQGHXV2P2EzPsntw1Sw19clE=
+github.com/IBM/scc-go-sdk/v4 v4.0.2 h1:8BHMRobCFurZwKaUhxWi8CdAA9+CvyzmlBOmo7KmXC4=
+github.com/IBM/scc-go-sdk/v4 v4.0.2/go.mod h1:ufqf/kBtRn3Pq/pFXF6zQGHXV2P2EzPsntw1Sw19clE=
 github.com/IBM/schematics-go-sdk v0.2.1 h1:byATysGD+Z1k/wdtNqQmKALcAPjgSLuSyzcabh1jRAw=
 github.com/IBM/schematics-go-sdk v0.2.1/go.mod h1:Tw2OSAPdpC69AxcwoyqcYYaGTTW6YpERF9uNEU+BFRQ=
 github.com/IBM/secrets-manager-go-sdk v0.1.19 h1:0GPs5EoTaWNsjo4QPj64GNxlWfN8VHJy4RDFLqddSe8=

ibm/service/scc/data_source_ibm_scc_posture_collector_test.go

@@ -23,7 +23,6 @@ func TestAccIBMSccPostureCollectorDataSourceBasic(t *testing.T) {
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_collector.collector", "display_name"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_collector.collector", "name"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_collector.collector", "status"),
-					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_collector.collector", "description"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_collector.collector", "enabled"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_collector.collector", "registration_code"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_collector.collector", "type"),

ibm/service/scc/data_source_ibm_scc_posture_credential.go

@@ -195,25 +195,6 @@ func DataSourceIBMSccPostureCredential() *schema.Resource {
 				Computed:    true,
 				Description: "ID of the user who modified the credentials.",
 			},
-			"group": &schema.Schema{
-				Type:        schema.TypeList,
-				Computed:    true,
-				Description: "Credential group details.",
-				Elem: &schema.Resource{
-					Schema: map[string]*schema.Schema{
-						"id": &schema.Schema{
-							Type:        schema.TypeString,
-							Computed:    true,
-							Description: "credential group id.",
-						},
-						"passphrase": &schema.Schema{
-							Type:        schema.TypeString,
-							Computed:    true,
-							Description: "passphase of the credential.",
-						},
-					},
-				},
-			},
 			"purpose": &schema.Schema{
 				Type:        schema.TypeString,
 				Computed:    true,
@@ -277,13 +258,6 @@ func dataSourceIBMSccPostureCredentialRead(context context.Context, d *schema.Re
 	if err = d.Set("updated_by", credential.UpdatedBy); err != nil {
 		return diag.FromErr(fmt.Errorf("Error setting updated_by: %s", err))
 	}
-
-	if credential.Group != nil {
-		err = d.Set("group", dataSourceCredentialFlattenGroup(*credential.Group))
-		if err != nil {
-			return diag.FromErr(fmt.Errorf("Error setting group %s", err))
-		}
-	}
 	if err = d.Set("purpose", credential.Purpose); err != nil {
 		return diag.FromErr(fmt.Errorf("Error setting purpose: %s", err))
 	}
@@ -377,24 +351,3 @@ func dataSourceCredentialDisplayFieldsToMap(displayFieldsItem posturemanagementv
 
 	return displayFieldsMap
 }
-
-func dataSourceCredentialFlattenGroup(result posturemanagementv2.CredentialGroup) (finalList []map[string]interface{}) {
-	finalList = []map[string]interface{}{}
-	finalMap := dataSourceCredentialGroupToMap(result)
-	finalList = append(finalList, finalMap)
-
-	return finalList
-}
-
-func dataSourceCredentialGroupToMap(groupItem posturemanagementv2.CredentialGroup) (groupMap map[string]interface{}) {
-	groupMap = map[string]interface{}{}
-
-	if groupItem.ID != nil {
-		groupMap["id"] = groupItem.ID
-	}
-	if groupItem.Passphrase != nil {
-		groupMap["passphrase"] = groupItem.Passphrase
-	}
-
-	return groupMap
-}

ibm/service/scc/data_source_ibm_scc_posture_credentials.go

@@ -252,25 +252,6 @@ func DataSourceIBMSccPostureCredentials() *schema.Resource {
 							Computed:    true,
 							Description: "ID of the user who modified the credentials.",
 						},
-						"group": &schema.Schema{
-							Type:        schema.TypeList,
-							Computed:    true,
-							Description: "Credential group details.",
-							Elem: &schema.Resource{
-								Schema: map[string]*schema.Schema{
-									"id": &schema.Schema{
-										Type:        schema.TypeString,
-										Computed:    true,
-										Description: "credential group id.",
-									},
-									"passphrase": &schema.Schema{
-										Type:        schema.TypeString,
-										Computed:    true,
-										Description: "passphase of the credential.",
-									},
-								},
-							},
-						},
 						"purpose": &schema.Schema{
 							Type:        schema.TypeString,
 							Computed:    true,
@@ -444,12 +425,6 @@ func dataSourceCredentialListCredentialsToMap(credentialsItem posturemanagementv
 	if credentialsItem.UpdatedBy != nil {
 		credentialsMap["updated_by"] = credentialsItem.UpdatedBy
 	}
-	if credentialsItem.Group != nil {
-		groupList := []map[string]interface{}{}
-		groupMap := dataSourceCredentialListCredentialsGroupToMap(*credentialsItem.Group)
-		groupList = append(groupList, groupMap)
-		credentialsMap["group"] = groupList
-	}
 	if credentialsItem.Purpose != nil {
 		credentialsMap["purpose"] = credentialsItem.Purpose
 	}
@@ -536,19 +511,6 @@ func dataSourceCredentialListCredentialsDisplayFieldsToMap(displayFieldsItem pos
 	return displayFieldsMap
 }
 
-func dataSourceCredentialListCredentialsGroupToMap(groupItem posturemanagementv2.CredentialGroup) (groupMap map[string]interface{}) {
-	groupMap = map[string]interface{}{}
-
-	if groupItem.ID != nil {
-		groupMap["id"] = groupItem.ID
-	}
-	if groupItem.Passphrase != nil {
-		groupMap["passphrase"] = groupItem.Passphrase
-	}
-
-	return groupMap
-}
-
 func dataSourceCredentialListGetNext(next interface{}) int64 {
 	if reflect.ValueOf(next).IsNil() {
 		return 0

ibm/service/scc/data_source_ibm_scc_posture_profile_test.go

@@ -24,7 +24,6 @@ func TestAccIBMSccPostureProfileDetailsDataSourceBasic(t *testing.T) {
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_profile.profile_details", "version"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_profile.profile_details", "created_by"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_profile.profile_details", "modified_by"),
-					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_profile.profile_details", "base_profile"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_profile.profile_details", "type"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_profile.profile_details", "no_of_controls"),
 					resource.TestCheckResourceAttrSet("data.ibm_scc_posture_profile.profile_details", "created_at"),

ibm/service/scc/data_source_ibm_scc_posture_scope.go

@@ -425,35 +425,6 @@ func DataSourceIBMSccPostureScope() *schema.Resource {
 							Computed:    true,
 							Description: "Stores the value of credential_gateway_key .",
 						},
-						"credential_group": &schema.Schema{
-							Type:        schema.TypeMap,
-							Computed:    true,
-							Description: "Stores the value of credential_credential_group .",
-						},
-						"enabled_credential_group": &schema.Schema{
-							Type:        schema.TypeBool,
-							Computed:    true,
-							Description: "Stores the value of credential_enabled_credential_group .",
-						},
-						"groups": &schema.Schema{
-							Type:        schema.TypeList,
-							Computed:    true,
-							Description: "Stores the value of credential_groups .",
-							Elem: &schema.Resource{
-								Schema: map[string]*schema.Schema{
-									"credential_group_id": &schema.Schema{
-										Type:        schema.TypeString,
-										Computed:    true,
-										Description: "credential group id.",
-									},
-									"passphrase": &schema.Schema{
-										Type:        schema.TypeString,
-										Computed:    true,
-										Description: "passphase of the credential.",
-									},
-								},
-							},
-						},
 						"purpose": &schema.Schema{
 							Type:        schema.TypeString,
 							Computed:    true,
@@ -1131,19 +1102,6 @@ func dataSourceScopeTldCredentailToMap(tldCredentailItem posturemanagementv2.Sco
 	if tldCredentailItem.GatewayKey != nil {
 		tldCredentailMap["gateway_key"] = tldCredentailItem.GatewayKey
 	}
-	if tldCredentailItem.CredentialGroup != nil {
-		tldCredentailMap["credential_group"] = tldCredentailItem.CredentialGroup
-	}
-	if tldCredentailItem.EnabledCredentialGroup != nil {
-		tldCredentailMap["enabled_credential_group"] = tldCredentailItem.EnabledCredentialGroup
-	}
-	if tldCredentailItem.Groups != nil {
-		groupsList := []map[string]interface{}{}
-		for _, groupsItem := range tldCredentailItem.Groups {
-			groupsList = append(groupsList, dataSourceScopeTldCredentailGroupsToMap(groupsItem))
-		}
-		tldCredentailMap["groups"] = groupsList
-	}
 	if tldCredentailItem.Purpose != nil {
 		tldCredentailMap["purpose"] = tldCredentailItem.Purpose
 	}
@@ -1224,19 +1182,6 @@ func dataSourceScopeTldCredentailDisplayFieldsToMap(displayFieldsItem postureman
 	return displayFieldsMap
 }
 
-func dataSourceScopeTldCredentailGroupsToMap(groupsItem posturemanagementv2.CredentialGroup) (groupsMap map[string]interface{}) {
-	groupsMap = map[string]interface{}{}
-
-	if groupsItem.ID != nil {
-		groupsMap["credential_group_id"] = groupsItem.ID
-	}
-	if groupsItem.Passphrase != nil {
-		groupsMap["passphrase"] = groupsItem.Passphrase
-	}
-
-	return groupsMap
-}
-
 func dataSourceScopeFlattenCollectors(result []posturemanagementv2.Collector) (collectors []map[string]interface{}) {
 	for _, collectorsItem := range result {
 		collectors = append(collectors, dataSourceScopeCollectorsToMap(collectorsItem))

ibm/service/scc/resource_ibm_scc_posture_credential.go

@@ -65,27 +65,6 @@ func ResourceIBMSccPostureCredentials() *schema.Resource {
 					},
 				},
 			},
-			"group": {
-				Type:        schema.TypeList,
-				MinItems:    1,
-				MaxItems:    1,
-				Required:    true,
-				Description: "Credential group details.",
-				Elem: &schema.Resource{
-					Schema: map[string]*schema.Schema{
-						"id": {
-							Type:        schema.TypeString,
-							Required:    true,
-							Description: "credential group id.",
-						},
-						"passphrase": {
-							Type:        schema.TypeString,
-							Required:    true,
-							Description: "passphase of the credential.",
-						},
-					},
-				},
-			},
 			"purpose": {
 				Type:         schema.TypeString,
 				Required:     true,
@@ -160,8 +139,6 @@ func resourceIBMSccPostureCredentialsCreate(context context.Context, d *schema.R
 	createCredentialOptions.SetDescription(d.Get("description").(string))
 	displayFields := resourceIBMSccPostureCredentialsMapToNewCredentialDisplayFields(d.Get("display_fields.0").(map[string]interface{}))
 	createCredentialOptions.SetDisplayFields(&displayFields)
-	group := resourceIBMSccPostureCredentialsMapToCredentialGroup(d.Get("group.0").(map[string]interface{}))
-	createCredentialOptions.SetGroup(&group)
 	createCredentialOptions.SetPurpose(d.Get("purpose").(string))
 
 	credential, response, err := postureManagementClient.CreateCredentialWithContext(context, createCredentialOptions)
@@ -195,15 +172,6 @@ func resourceIBMSccPostureCredentialsMapToUpdateCredentialDisplayFields(updateCr
 	return updateCredentialDisplayFields
 }
 
-func resourceIBMSccPostureCredentialsMapToCredentialGroup(credentialGroupMap map[string]interface{}) posturemanagementv2.CredentialGroup {
-	credentialGroup := posturemanagementv2.CredentialGroup{}
-
-	credentialGroup.ID = core.StringPtr(credentialGroupMap["id"].(string))
-	credentialGroup.Passphrase = core.StringPtr(credentialGroupMap["passphrase"].(string))
-
-	return credentialGroup
-}
-
 func resourceIBMSccPostureCredentialsRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	postureManagementClient, err := meta.(conns.ClientSession).PostureManagementV2()
 	if err != nil {
@@ -243,15 +211,6 @@ func resourceIBMSccPostureCredentialsNewCredentialDisplayFieldsToMap(newCredenti
 	return newCredentialDisplayFieldsMap
 }
 
-func resourceIBMCredentialsCredentialGroupToMap(credentialGroup posturemanagementv2.CredentialGroup) map[string]interface{} {
-	credentialGroupMap := map[string]interface{}{}
-
-	credentialGroupMap["id"] = credentialGroup.ID
-	credentialGroupMap["passphrase"] = credentialGroup.Passphrase
-
-	return credentialGroupMap
-}
-
 func resourceIBMSccPostureCredentialsUpdate(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	postureManagementClient, err := meta.(conns.ClientSession).PostureManagementV2()
 	if err != nil {

ibm/service/scc/resource_ibm_scc_posture_credential_test.go

@@ -77,10 +77,6 @@ func testAccCheckIBMSccPostureCredentialsConfigBasic(enabled string, typeVar str
 				ibm_api_key = "sample_api_key"
 
 			}
-			group {
-				id = "1"
-				passphrase = "passphrase"
-			}
 			purpose = "%s"
 		}
 	`, enabled, typeVar, name, description, purpose)

website/docs/d/scc_posture_credential.html.markdown

@@ -89,13 +89,6 @@ Nested scheme for **display_fields**:
 
 * `enabled` - (Required, Boolean) Credentials status enabled/disbaled.
 
-* `group` - (Required, List) Credential group details.
-Nested scheme for **group**:
-	* `id` - (Required, String) credential group id.
-	  * Constraints: The maximum length is `50` characters. The minimum length is `1` character. The value must match regular expression `/^[0-9]*$/`.
-	* `passphrase` - (Required, String) passphase of the credential.
-	  * Constraints: The maximum length is `255` characters. The minimum length is `1` character. The value must match regular expression `/^[a-zA-Z0-9-\\.\\*,_\\s]*$/`.
-
 * `name` - (Required, String) Credentials name.
 
 * `purpose` - (Required, String) Purpose for which the credential is created.

website/docs/d/scc_posture_credentials.html.markdown

@@ -79,12 +79,6 @@ Nested scheme for **credentials**:
 		* `winrm_usessl` - (String) Kerberos windows ssl.This is mandatory for Windows Kerberos Credential type.
 		  * Constraints: The maximum length is `100` characters. The minimum length is `1` character. The value must match regular expression `/^[a-zA-Z0-9-\\.,_\\s]*$/`.
 	* `enabled` - (Boolean) Credentials status enabled/disbaled.
-	* `group` - (List) Credential group details.
-	Nested scheme for **group**:
-		* `id` - (String) credential group id.
-		  * Constraints: The maximum length is `50` characters. The minimum length is `1` character. The value must match regular expression `/^[0-9]*$/`.
-		* `passphrase` - (String) passphase of the credential.
-		  * Constraints: The maximum length is `255` characters. The minimum length is `1` character. The value must match regular expression `/^[a-zA-Z0-9-\\.\\*,_\\s]*$/`.
 	* `id` - (String) Credentials ID.
 	* `name` - (String) Credentials name.
 	* `purpose` - (String) Purpose for which the credential is created.

website/docs/d/scc_posture_scope.html.markdown

@@ -191,7 +191,6 @@ Nested scheme for **tasks**:
 
 * `tld_credentail` - (Optional, List) Stores the value of ScopeDetailsCredential .
 Nested scheme for **tld_credentail**:
-	* `credential_group` - (Optional, Map) Stores the value of credential_credential_group .
 	* `data` - (Optional, Map) Stores the value of credential_data .
 	* `description` - (Optional, String) Stores the value of credential_description .
 	* `display_fields` - (Optional, List) Details the fields on the credential. This will change as per credential type selected.
@@ -244,14 +243,7 @@ Nested scheme for **tld_credentail**:
 		  * Constraints: The maximum length is `100` characters. The minimum length is `1` character. The value must match regular expression `/^[0-9]*$/`.
 		* `winrm_usessl` - (Optional, String) Kerberos windows ssl.This is mandatory for Windows Kerberos Credential type.
 		  * Constraints: The maximum length is `100` characters. The minimum length is `1` character. The value must match regular expression `/^[a-zA-Z0-9-\\.,_\\s]*$/`.
-	* `enabled_credential_group` - (Optional, Boolean) Stores the value of credential_enabled_credential_group .
 	* `gateway_key` - (Optional, String) Stores the value of credential_gateway_key .
-	* `groups` - (Optional, List) Stores the value of credential_groups .
-	Nested scheme for **groups**:
-		* `id` - (Required, String) credential group id.
-		  * Constraints: The maximum length is `50` characters. The minimum length is `1` character. The value must match regular expression `/^[0-9]*$/`.
-		* `passphrase` - (Required, String) passphase of the credential.
-		  * Constraints: The maximum length is `255` characters. The minimum length is `1` character. The value must match regular expression `/^[a-zA-Z0-9-\\.\\*,_\\s]*$/`.
 	* `id` - (Optional, String) Stores the value of credential_id .
 	* `is_enabled` - (Optional, Boolean) Stores the value of credential_is_enabled .
 	* `name` - (Optional, String) Stores the value of credential_name .

website/docs/r/scc_posture_credential.html.markdown

@@ -17,7 +17,6 @@ resource "ibm_scc_posture_credential" "credentials" {
   description = "This credential is used for testing."
   display_fields {"password":"testpassword","username":"test"}
   enabled = true
-  group = {"id":"1","passphrase":"passphrase"}
   name = "test_create"
   purpose = "discovery_fact_collection_remediation"
   type = "username_password"
@@ -81,12 +80,6 @@ Nested scheme for **display_fields**:
 	* `winrm_usessl` - (Optional, String) Kerberos windows ssl.This is mandatory for Windows Kerberos Credential type ie when type=kerberos_windows.
 	  * Constraints: The maximum length is `100` characters. The minimum length is `1` character. The value must match regular expression `/^[a-zA-Z0-9-\\.\\*,_\\s]*$/`.
 * `enabled` - (Required, Boolean) Credentials status enabled/disbaled.
-* `group` - (Required, List) Credential group details.
-Nested scheme for **group**:
-	* `id` - (Required, String) credential group id.
-	  * Constraints: The maximum length is `50` characters. The minimum length is `1` character. The value must match regular expression `/^[0-9]*$/`.
-	* `passphrase` - (Required, String) passphase of the credential.
-	  * Constraints: The maximum length is `255` characters. The minimum length is `1` character. The value must match regular expression `/^[a-zA-Z0-9-\\.\\*,_\\s]*$/`.
 * `name` - (Required, String) Credentials name.
   * Constraints: The maximum length is `255` characters. The minimum length is `1` character. The value must match regular expression `/^[a-zA-Z0-9-\\._,\\s]*$/`.
 * `purpose` - (Required, String) Purpose for which the credential is created.