Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(identitycenter): add datasource access control attribute configurations #6047

Merged
merged 1 commit into from
Dec 20, 2024
+220 −3
Merged

feat(identitycenter): add datasource access control attribute configurations #6047

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 47 additions & 0 deletions docs/data-sources/identitycenter_access_control_attribute_configurations.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
---
subcategory: "IAM Identity Center"
layout: "huaweicloud"
page_title: "HuaweiCloud: huaweicloud_identitycenter_access_control_attribute_configurations"
description: |-
Use this data source to get the Identity Center access control attribute configurations.
---

# huaweicloud_identitycenter_access_control_attribute_configurations

Use this data source to get the Identity Center access control attribute configurations.

## Example Usage

```hcl
variable "instance_id" {}

data "huaweicloud_identitycenter_access_control_attribute_configurations" {
instance_id = var.instance_id
}
```

## Argument Reference

The following arguments are supported:

* `region` - (Optional, String) Specifies the region in which to query the resource.
If omitted, the provider-level region will be used.

* `instance_id` - (Required, String) Specifies the ID of the IAM Identity Center instance.

## Attribute Reference

In addition to all arguments above, the following attributes are exported:

* `id` - The data source ID.

* `access_control_attributes` - The attributes configured for ABAC in the IAM Identity Center instance.

The [access_control_attributes](#instance_access_control_attribute_configuration_struct) structure is documented below.

<a name="instance_access_control_attribute_configuration_struct"></a>
The `access_control_attributes` block supports:

* `value` - The value mapped to identity source from the specified attribute.

* `key` - The name of the attribute associated with the identity in the identity source.
7 changes: 4 additions & 3 deletions huaweicloud/provider.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -856,9 +856,10 @@ func Provider() *schema.Provider {
"huaweicloud_identity_agencies": iam.DataSourceIdentityAgencies(),
"huaweicloud_identity_providers": iam.DataSourceIamIdentityProviders(),

"huaweicloud_identitycenter_instance": identitycenter.DataSourceIdentityCenter(),
"huaweicloud_identitycenter_groups": identitycenter.DataSourceIdentityCenterGroups(),
"huaweicloud_identitycenter_users": identitycenter.DataSourceIdentityCenterUsers(),
"huaweicloud_identitycenter_instance": identitycenter.DataSourceIdentityCenter(),
"huaweicloud_identitycenter_groups": identitycenter.DataSourceIdentityCenterGroups(),
"huaweicloud_identitycenter_users": identitycenter.DataSourceIdentityCenterUsers(),
"huaweicloud_identitycenter_access_control_attribute_configurations": identitycenter.DataSourceAccessControlAttributeConfigurations(),

"huaweicloud_iec_bandwidths": iec.DataSourceBandWidths(),
"huaweicloud_iec_eips": iec.DataSourceEips(),
Expand Down
47 changes: 47 additions & 0 deletions ...er/data_source_huaweicloud_identitycenter_access_control_attribute_configurations_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
package identitycenter

import (
"fmt"
"testing"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"

"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/services/acceptance"
)

func TestAccDataSourceAccessControlAttributeConfigurations_basic(t *testing.T) {
dataSource := "data.huaweicloud_identitycenter_access_control_attribute_configurations.test"
rName := acceptance.RandomAccResourceName()
dc := acceptance.InitDataSourceCheck(dataSource)

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() {
acceptance.TestAccPreCheck(t)
acceptance.TestAccPreCheckMultiAccount(t)
},
ProviderFactories: acceptance.TestAccProviderFactories,
Steps: []resource.TestStep{
{
Config: testDataSourceAccessControlAttributeConfigurations_basic(rName),
Check: resource.ComposeTestCheckFunc(
dc.CheckResourceExists(),
resource.TestCheckResourceAttrSet(dataSource, "access_control_attributes.#"),
resource.TestCheckResourceAttr(dataSource, "access_control_attributes.0.key", rName+"_1"),
resource.TestCheckResourceAttr(dataSource, "access_control_attributes.0.value.0", "${user:email}"),
),
},
},
})
}

func testDataSourceAccessControlAttributeConfigurations_basic(name string) string {
return fmt.Sprintf(`
%[1]s

data "huaweicloud_identitycenter_instance" "test" {}

data "huaweicloud_identitycenter_access_control_attribute_configurations" "test" {
instance_id = data.huaweicloud_identitycenter_instance.test.id
}
`, testAccessControlAttributeConfiguration_basic(name))
}
122 changes: 122 additions & 0 deletions ...ycenter/data_source_huaweicloud_identitycenter_access_control_attribute_configurations.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,122 @@
// Generated by PMS #476
package identitycenter

import (
"context"
"strings"

"github.com/hashicorp/go-multierror"
"github.com/hashicorp/go-uuid"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/tidwall/gjson"

"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/config"
"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/helper/httphelper"
"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/helper/schemas"
)

func DataSourceAccessControlAttributeConfigurations() *schema.Resource {
return &schema.Resource{
ReadContext: dataSourceIdentitycenterAccessControlAttributeConfigurationsRead,

Schema: map[string]*schema.Schema{
"region": {
Type: schema.TypeString,
Optional: true,
Computed: true,
Description: `Specifies the region in which to query the resource. If omitted, the provider-level region will be used.`,
},
"instance_id": {
Type: schema.TypeString,
Required: true,
Description: `Specifies the ID of the IAM Identity Center instance.`,
},
"access_control_attributes": {
Type: schema.TypeList,
Computed: true,
Description: `The attributes configured for ABAC in the IAM Identity Center instance.`,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"value": {
Type: schema.TypeList,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
Description: `The value mapped to identity source from the specified attribute.`,
},
"key": {
Type: schema.TypeString,
Computed: true,
Description: `The name of the attribute associated with the identity in the identity source.`,
},
},
},
},
},
}
}

type AccessControlAttributeConfigurationsDSWrapper struct {
*schemas.ResourceDataWrapper
Config *config.Config
}

func newAccessControlAttributeConfigurationsDSWrapper(d *schema.ResourceData, meta interface{}) *AccessControlAttributeConfigurationsDSWrapper {
return &AccessControlAttributeConfigurationsDSWrapper{
ResourceDataWrapper: schemas.NewSchemaWrapper(d),
Config: meta.(*config.Config),
}
}

func dataSourceIdentitycenterAccessControlAttributeConfigurationsRead(_ context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
wrapper := newAccessControlAttributeConfigurationsDSWrapper(d, meta)
diacacr, err := wrapper.DescribeInstanceAccessControlAttributeConfiguration()
if err != nil {
return diag.FromErr(err)
}

id, err := uuid.GenerateUUID()
if err != nil {
return diag.FromErr(err)
}
d.SetId(id)

err = wrapper.describeInstanceAccessControlAttributeConfigurationToSchema(diacacr)
if err != nil {
return diag.FromErr(err)
}

return nil
}

// @API IDENTITYCENTER GET /v1/instances/{instance_id}/access-control-attribute-configuration
func (w *AccessControlAttributeConfigurationsDSWrapper) DescribeInstanceAccessControlAttributeConfiguration() (*gjson.Result, error) {
client, err := w.NewClient(w.Config, "identitycenter")
if err != nil {
return nil, err
}

uri := "/v1/instances/{instance_id}/access-control-attribute-configuration"
uri = strings.ReplaceAll(uri, "{instance_id}", w.Get("instance_id").(string))
return httphelper.New(client).
Method("GET").
URI(uri).
Request().
Result()
}

func (w *AccessControlAttributeConfigurationsDSWrapper) describeInstanceAccessControlAttributeConfigurationToSchema(body *gjson.Result) error {
d := w.ResourceData
mErr := multierror.Append(nil,
d.Set("region", w.Config.GetRegion(w.ResourceData)),
d.Set("access_control_attributes", schemas.SliceToList(body.Get("instance_access_control_attribute_configuration.access_control_attributes"),
func(accConAtt gjson.Result) any {
return map[string]any{
"value": schemas.SliceToStrList(accConAtt.Get("value.source")),
"key": accConAtt.Get("key").Value(),
}
},
)),
)
return mErr.ErrorOrNil()
}
Loading