Skip to content

Commit

Permalink
Add AuthConfig resource in Integrations product (GoogleCloudPlatform#…
Browse files Browse the repository at this point in the history
  • Loading branch information
rohitjangid authored and pengq-google committed May 21, 2024
1 parent 9371987 commit c152694
Show file tree
Hide file tree
Showing 14 changed files with 917 additions and 0 deletions.
478 changes: 478 additions & 0 deletions mmv1/products/integrations/AuthConfig.yaml

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
resource "google_integrations_client" "client" {
location = "asia-east2"
provision_gmek = true
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "asia-east2"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
visibility = "CLIENT_VISIBLE"
expiry_notification_duration = ["3.500s"]
override_valid_time = "2014-10-02T15:01:23Z"
decrypted_credential {
credential_type = "USERNAME_AND_PASSWORD"
username_and_password {
username = "test-username"
password = "test-password"
}
}
depends_on = [google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
resource "google_integrations_client" "client" {
location = "us-west2"
provision_gmek = true
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "us-west2"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
decrypted_credential {
credential_type = "AUTH_TOKEN"
auth_token {
type = "Basic"
token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"
}
}
depends_on = [google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
resource "google_integrations_client" "client" {
location = "us-west1"
provision_gmek = true
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "us-west1"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
decrypted_credential {
credential_type = "USERNAME_AND_PASSWORD"
username_and_password {
username = "test-username"
password = "test-password"
}
}
depends_on = [google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
resource "google_integrations_client" "client" {
location = "us-west3"
provision_gmek = true
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "us-west3"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
decrypted_credential {
credential_type = "CLIENT_CERTIFICATE_ONLY"
}
client_certificate {
ssl_certificate = <<EOT
-----BEGIN CERTIFICATE-----
MIICTTCCAbagAwIBAgIJAPT0tSKNxan/MA0GCSqGSIb3DQEBCwUAMCoxFzAVBgNV
BAoTDkdvb2dsZSBURVNUSU5HMQ8wDQYDVQQDEwZ0ZXN0Q0EwHhcNMTUwMTAxMDAw
MDAwWhcNMjUwMTAxMDAwMDAwWjAuMRcwFQYDVQQKEw5Hb29nbGUgVEVTVElORzET
MBEGA1UEAwwKam9lQGJhbmFuYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
vDYFgMgxi5W488d9J7UpCInl0NXmZQpJDEHE4hvkaRlH7pnC71H0DLt0/3zATRP1
JzY2+eqBmbGl4/sgZKYv8UrLnNyQNUTsNx1iZAfPUflf5FwgVsai8BM0pUciq1NB
xD429VFcrGZNucvFLh72RuRFIKH8WUpiK/iZNFkWhZ0CAwEAAaN3MHUwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMBkGA1UdDgQSBBCVgnFBCWgL/iwCqnGrhTPQMBsGA1UdIwQUMBKAEKey
Um2o4k2WiEVA0ldQvNYwDQYJKoZIhvcNAQELBQADgYEAYK986R4E3L1v+Q6esBtW
JrUwA9UmJRSQr0N5w3o9XzarU37/bkjOP0Fw0k/A6Vv1n3vlciYfBFaBIam1qRHr
5dMsYf4CZS6w50r7hyzqyrwDoyNxkLnd2PdcHT/sym1QmflsjEs7pejtnohO6N2H
wQW6M0H7Zt8claGRla4fKkg=
-----END CERTIFICATE-----
EOT
encrypted_private_key = <<EOT
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCA/Oj2HXqs5fTk
j/8DrlOQtLG3K9RMsYHvnwICLxkGqVcTfut58hDFLbQM8C3C0ENAKitNJplCJmYG
8VpgZzgq8VxaGnlP/sXUFLMGksd5sATn0sY3SkPndTKk/dqqA4MIh/dYfh19ynEN
hB9Ll/h54Yic2je2Qaxe/uMMu8RODTz3oCn7FcoYpPvfygfU0ntn4IcqH/hts5DG
s+3otJk4entRZglQDxR+sWOsbLtJIQZDP8rH3jDVdl5l3wspgtMTY8b5T5+pLm0p
/OzCmxT0dq/O6BhpxI1xf/zcdRZeWk5DTJxTi5AgPquTlAG/B6A3HkqBJ14hT/Rk
iv7Ma3DLAgMBAAECggEABATkf9VfpiAT9zYdouk50bBpckvymQTyQLD8SlBaX+KY
kgv/pHSXK4Pm4iensrQerFLgfqPA3U+FiqjW5Mv7c1VRK6HJbuVkpdzoXLI9IQsL
vsBY7//9Ajk5P7NokjdB6JPdU/2dHROuQVa59cxPtzpHo0htnPlDOKXfFZZuoZ17
Nr8WQHrHy8P8ABM1tLOzvU9Nlh7TcjQvev+HxkLek4qzYyJ/Ac7XOjg/XKUm1tZk
O3BHr8YLabwyjO7l1t+2b14rUTL/8pfUZnAkEi3FAlPxm3ilftmX65zliC9G4ghk
dr5PByT3DqnuIIglua9bISv1H34ogecd+9a6EU7RxQKBgQC2RPKLounXZo8vYiU4
sFTEvjbs+u9Ypk4OrNLnb8KdacLBUaJGnf++xbBoKpwFCBJfy//fvuQfusYF9Gyn
GxL43tw94C/H5upQYnDsmnQak6TbOu3mA24OGK7Rcq6NEHgeCY4HomutnSiPTZJq
8jlpqgqh1itETe5avgkMNq3zBwKBgQC1KlztGzvbB+rUDc6Kfvk5pUbCSFKMMMa2
NWNXeD6i2iA56zEYSbTjKQ3u9pjUV8LNqAdUFxmbdPxZjheNK2dEm68SVRXPKOeB
EmQT+t/EyW9LqBEA2oZt3h2hXtK8ppJjQm4XUCDs1NphP87eNzx5FLzJWjG8VqDq
jOvApNqPHQKBgDQqlZSbgvvwUYjJOUf5R7mri0LWKwyfRHX0xsQQe43cCC6WM7Cs
Zdbu86dMkqzp+4BJfalHFDl0llp782D8Ybiy6CwZbvNyxptNIW7GYfZ9TVCllBMh
5izIqbgub4DWNtq591l+Bf2BnmstU3uiagYw8awSBP4eo9p6y1IgkDafAoGBAJbi
lIiqEP0IqA06/pWc0Qew3rD7OT0ndqjU6Es2i7xovURf3QDkinJThBZNbdYUzdsp
IgloP9yY33/a90SNLLIYlARJtyNVZxK59X4qiOpF9prlfFvgpOumfbkj15JljTB8
aGKkSvfVA5jRYwLysDwMCHwO0bOR1u3itos5AgsFAoGAKEGms1kuQ5/HyFgSmg9G
wBUzu+5Y08/A37rvyXsR6GjmlZJvULEopJNUNCOOpITNQikXK63sIFry7/59eGv5
UwKadZbfwbVF5ipu59UxfVE3lipf/mYePDqMkHVWv/8p+OnnJt9uKnyW8VSOu5uk
82QF30zbIWDTUjrcugVAs+E=
-----END PRIVATE KEY-----
EOT
passphrase = ""
}
depends_on = [google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
resource "google_integrations_client" "client" {
location = "us-west4"
provision_gmek = true
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "us-west4"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
decrypted_credential {
credential_type = "JWT"
jwt {
jwt_header = "{\"alg\": \"HS256\", \"typ\": \"JWT\"}"
jwt_payload = "{\"sub\": \"1234567890\", \"name\": \"John Doe\", \"iat\": 1516239022}"
secret = "secret"
}
}
depends_on = [google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
resource "google_integrations_client" "client" {
location = "asia-east1"
provision_gmek = true
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "asia-east1"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
decrypted_credential {
credential_type = "OAUTH2_AUTHORIZATION_CODE"
oauth2_authorization_code {
client_id = "Kf7utRvgr95oGO5YMmhFOLo8"
client_secret = "D-XXFDDMLrg2deDgczzHTBwC3p16wRK1rdKuuoFdWqO0wliJ"
scope = "photo offline_access"
auth_endpoint = "https://authorization-server.com/authorize"
token_endpoint = "https://authorization-server.com/token"
}
}
depends_on = [google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
resource "google_integrations_client" "client" {
location = "southamerica-east1"
provision_gmek = true
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "southamerica-east1"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
decrypted_credential {
credential_type = "OAUTH2_CLIENT_CREDENTIALS"
oauth2_client_credentials {
client_id = "demo-backend-client"
client_secret = "MJlO3binatD9jk1"
scope = "read"
token_endpoint = "https://login-demo.curity.io/oauth/v2/oauth-token"
request_type = "ENCODED_HEADER"
token_params {
entries {
key {
literal_value {
string_value = "string-key"
}
}
value {
literal_value {
string_value = "string-value"
}
}
}
}
}
}
depends_on = [google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
resource "google_integrations_client" "client" {
location = "us-south1"
provision_gmek = true
}

resource "google_service_account" "service_account" {
account_id = "<%= ctx[:vars]['service_account_id'] %>"
display_name = "Service Account"
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "us-south1"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
decrypted_credential {
credential_type = "OIDC_TOKEN"
oidc_token {
service_account_email = google_service_account.service_account.email
audience = "https://us-south1-project.cloudfunctions.net/functionA 1234987819200.apps.googleusercontent.com"
}
}
depends_on = [google_service_account.service_account, google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
resource "google_integrations_client" "client" {
location = "northamerica-northeast1"
provision_gmek = true
}

resource "google_service_account" "service_account" {
account_id = "<%= ctx[:vars]['service_account_id'] %>"
display_name = "Service Account"
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "northamerica-northeast1"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
decrypted_credential {
credential_type = "SERVICE_ACCOUNT"
service_account_credentials {
service_account = google_service_account.service_account.email
scope = "https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/adexchange.buyer https://www.googleapis.com/auth/admob.readonly"
}
}
depends_on = [google_service_account.service_account, google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
resource "google_integrations_client" "client" {
location = "northamerica-northeast2"
provision_gmek = true
}

resource "google_integrations_auth_config" "<%= ctx[:primary_resource_id] %>" {
location = "northamerica-northeast2"
display_name = "<%= ctx[:vars]['auth_config_name'] %>"
description = "Test auth config created via terraform"
decrypted_credential {
credential_type = "USERNAME_AND_PASSWORD"
username_and_password {
username = "test-username"
password = "test-password"
}
}
depends_on = [google_integrations_client.client]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
// Move client certificate to url param from request body
if cc, ok := obj["client_certificate"]; ok {
ccm := cc.(map[string]any)

params := map[string]string {
"clientCertificate.sslCertificate": ccm["ssl_certificate"].(string),
"clientCertificate.encryptedPrivateKey": ccm["encrypted_private_key"].(string),
}
if pp, ok := ccm["passphrase"]; ok {
params["clientCertificate.passphrase"] = pp.(string)
}
url, err = transport_tpg.AddQueryParams(url, params)
if err != nil {
return err
}
delete(obj, "client_certificate")
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
params := map[string]string {}

// Move client certificate to url param from request body
if cc, ok := obj["client_certificate"]; ok {
ccm := cc.(map[string]any)

params["clientCertificate.sslCertificate"] = ccm["ssl_certificate"].(string)
params["clientCertificate.encryptedPrivateKey"] = ccm["encrypted_private_key"].(string)
if pp, ok := ccm["passphrase"]; ok {
params["clientCertificate.passphrase"] = pp.(string)
}
delete(obj, "client_certificate")
}

// By default allow all fields to be updated via terraform
params["updateMask"] = "*"

url, err = transport_tpg.AddQueryParams(url, params)
if err != nil {
return err
}
Loading

0 comments on commit c152694

Please sign in to comment.