Skip to content

Commit

Permalink
chore: removed forceNew attribute of Azure, added logic to updated az…
Browse files Browse the repository at this point in the history
…ure credencials. issues: #74 #80
  • Loading branch information
PacoDw committed Feb 10, 2020
1 parent 75f51c7 commit 059f41b
Showing 1 changed file with 44 additions and 50 deletions.
94 changes: 44 additions & 50 deletions mongodbatlas/resource_mongodbatlas_encryption_at_rest.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,53 +55,43 @@ func resourceMongoDBAtlasEncryptionAtRest() *schema.Resource {
},
"azure_key_vault": {
Type: schema.TypeMap,
ForceNew: true,
Optional: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"enabled": {
Type: schema.TypeBool,
ForceNew: true,
Required: true,
},
"client_id": {
Type: schema.TypeString,
ForceNew: true,
Required: true,
},
"azure_environment": {
Type: schema.TypeString,
ForceNew: true,
Required: true,
},
"subscription_id": {
Type: schema.TypeString,
ForceNew: true,
Required: true,
},
"resource_group_name": {
Type: schema.TypeString,
ForceNew: true,
Required: true,
},
"key_vault_name": {
Type: schema.TypeString,
ForceNew: true,
Required: true,
},
"key_identifier": {
Type: schema.TypeString,
ForceNew: true,
Required: true,
},
"secret": {
Type: schema.TypeString,
ForceNew: true,
Required: true,
},
"tenant_id": {
Type: schema.TypeString,
ForceNew: true,
Required: true,
},
},
Expand Down Expand Up @@ -135,38 +125,17 @@ func resourceMongoDBAtlasEncryptionAtRest() *schema.Resource {
}
}

func expandAwsKms(awsKms map[string]interface{}) matlas.AwsKms {
awsRegion, _ := valRegion(awsKms["region"])
return matlas.AwsKms{
Enabled: pointy.Bool(cast.ToBool(awsKms["enabled"])),
AccessKeyID: awsKms["access_key_id"].(string),
SecretAccessKey: awsKms["secret_access_key"].(string),
CustomerMasterKeyID: awsKms["customer_master_key_id"].(string),
Region: awsRegion,
}
}

func resourceMongoDBAtlasEncryptionAtRestCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*matlas.Client)

encryptionAtRestReq := &matlas.EncryptionAtRest{
GroupID: d.Get("project_id").(string),
AwsKms: expandAwsKms(d.Get("aws_kms").(map[string]interface{})),
AzureKeyVault: matlas.AzureKeyVault{
Enabled: pointy.Bool(cast.ToBool(d.Get("azure_key_vault.enabled"))),
ClientID: d.Get("azure_key_vault.client_id").(string),
AzureEnvironment: d.Get("azure_key_vault.azure_environment").(string),
SubscriptionID: d.Get("azure_key_vault.subscription_id").(string),
ResourceGroupName: d.Get("azure_key_vault.resource_group_name").(string),
KeyVaultName: d.Get("azure_key_vault.key_vault_name").(string),
KeyIdentifier: d.Get("azure_key_vault.key_identifier").(string),
Secret: d.Get("azure_key_vault.secret").(string),
TenantID: d.Get("azure_key_vault.tenant_id").(string),
},
GroupID: d.Get("project_id").(string),
AwsKms: expandAwsKms(d.Get("aws_kms").(map[string]interface{})),
AzureKeyVault: expandAzureKeyVault(d.Get("azure_key_vault").(map[string]interface{})),
GoogleCloudKms: matlas.GoogleCloudKms{
Enabled: pointy.Bool(cast.ToBool(d.Get("google_cloud_kms.enabled"))),
ServiceAccountKey: d.Get("google_cloud_kms.service_account_key").(string),
KeyVersionResourceID: d.Get("google_cloud_kms.key_version_resource_id").(string),
ServiceAccountKey: cast.ToString(d.Get("google_cloud_kms.service_account_key")),
KeyVersionResourceID: cast.ToString(d.Get("google_cloud_kms.key_version_resource_id")),
},
}

Expand All @@ -190,37 +159,62 @@ func resourceMongoDBAtlasEncryptionAtRestRead(d *schema.ResourceData, meta inter
return nil
}

func resourceMongoDBAtlasEncryptionAtRestDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*matlas.Client)

_, err := conn.EncryptionsAtRest.Delete(context.Background(), d.Id())
if err != nil {
return fmt.Errorf("error deleting a encryptionAtRest (%s): %s", d.Id(), err)
}
return nil
}

func resourceMongoDBAtlasEncryptionAtRestUpdate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*matlas.Client)
projectID := d.Id()

encrypt, _, err := conn.EncryptionsAtRest.Get(context.Background(), projectID)

if err != nil {
return fmt.Errorf("error getting encryption at rest information: %s", err)
}
encrypt.GroupID = projectID

if d.HasChange("aws_kms") {
encrypt.AwsKms = expandAwsKms(d.Get("aws_kms").(map[string]interface{}))
}

encrypt.GroupID = projectID
if d.HasChange("azure_key_vault") {
encrypt.AzureKeyVault = expandAzureKeyVault(d.Get("azure_key_vault").(map[string]interface{}))
}

_, _, err = conn.EncryptionsAtRest.Create(context.Background(), encrypt)

if err != nil {
return fmt.Errorf("error updating encryption at rest (%s): %s", projectID, err)
}

return resourceMongoDBAtlasEncryptionAtRestRead(d, meta)
}

func resourceMongoDBAtlasEncryptionAtRestDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*matlas.Client)

_, err := conn.EncryptionsAtRest.Delete(context.Background(), d.Id())
if err != nil {
return fmt.Errorf("error deleting a encryptionAtRest (%s): %s", d.Id(), err)
}
return nil
}

func expandAwsKms(awsKms map[string]interface{}) matlas.AwsKms {
awsRegion, _ := valRegion(awsKms["region"])
return matlas.AwsKms{
Enabled: pointy.Bool(cast.ToBool(awsKms["enabled"])),
AccessKeyID: cast.ToString(awsKms["access_key_id"]),
SecretAccessKey: cast.ToString(awsKms["secret_access_key"]),
CustomerMasterKeyID: cast.ToString(awsKms["customer_master_key_id"]),
Region: awsRegion,
}
}

func expandAzureKeyVault(azure map[string]interface{}) matlas.AzureKeyVault {
return matlas.AzureKeyVault{
Enabled: pointy.Bool(cast.ToBool(azure["enabled"])),
ClientID: cast.ToString(azure["client_id"]),
AzureEnvironment: cast.ToString(azure["azure_environment"]),
SubscriptionID: cast.ToString(azure["subscription_id"]),
ResourceGroupName: cast.ToString(azure["resource_group_name"]),
KeyVaultName: cast.ToString(azure["key_vault_name"]),
KeyIdentifier: cast.ToString(azure["key_identifier"]),
Secret: cast.ToString(azure["secret"]),
TenantID: cast.ToString(azure["tenant_id"]),
}
}

0 comments on commit 059f41b

Please sign in to comment.