Merge pull request #6 from marcozj/branch_v0.1.4

Branch v0.1.4
marcozj · Apr 9, 2021 · 942908e · 942908e
2 parents ca2f735 + 60c1058
commit 942908e
Show file tree

Hide file tree

Showing 71 changed files with 2,994 additions and 390 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,15 @@
 # RELEASE NOTES
 
+## 0.1.4 (April 9, 2021)
+
+IMPROVEMENTS:
+
+- Expose more attributes reference for all data source types.
+
+BUG FIXES:
+
+- `centrifyvault_connector` data source fail to run when Connector is not installed on AD joined machine.
+
 ## 0.1.3 (April 6, 2021)
 
 FEATURES:

diff --git a/GNUmakefile b/GNUmakefile
@@ -4,7 +4,7 @@ WEBSITE_REPO=github.com/hashicorp/terraform-website
 PKG_NAME=centrifyvault
 
 # Local provider install parameter
-version = 0.1.3
+version = 0.1.4
 registry_name = registry.terraform.io
 namespace = marcozj
 bin_name = terraform-provider-$(PKG_NAME)

diff --git a/centrify/datasource_authenticationprofile.go b/centrify/datasource_authenticationprofile.go
@@ -16,17 +16,41 @@ func dataSourceAuthenticationProfile() *schema.Resource {
 		Schema: map[string]*schema.Schema{
 			"uuid": {
 				Type:        schema.TypeString,
-				Optional:    true,
+				Computed:    true,
 				Description: "UUID of the authentication profile",
 			},
 			"name": {
 				Type:        schema.TypeString,
 				Required:    true,
 				Description: "The name of the authentication profile",
 			},
+			"challenges": {
+				Type:     schema.TypeList,
+				MaxItems: 2,
+				MinItems: 1,
+				Computed: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Description: "Authentication mechanisms for challenges",
+			},
+			"additional_data": {
+				Type:     schema.TypeList,
+				Computed: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"number_of_questions": {
+							Type:        schema.TypeInt,
+							Computed:    true,
+							Description: "Number of questions user must answer",
+						},
+					},
+				},
+			},
 			"pass_through_duration": {
 				Type:        schema.TypeInt,
-				Optional:    true,
+				Computed:    true,
 				Description: "Pass through duration of the authentication profile",
 			},
 		},
@@ -39,16 +63,25 @@ func dataSourceAuthenticationProfileRead(d *schema.ResourceData, m interface{})
 	object := vault.NewAuthenticationProfile(client)
 	object.Name = d.Get("name").(string)
 
-	result, err := object.Query()
+	err := object.GetByName()
 	if err != nil {
 		return fmt.Errorf("error retrieving authentication profile with name '%s': %s", object.Name, err)
 	}
+	d.SetId(object.ID)
 
-	//logger.Debugf("Found authentication profile: %+v", result)
-	d.SetId(result["Uuid"].(string))
-	d.Set("uuid", result["Uuid"].(string))
-	d.Set("name", result["Name"].(string))
-	d.Set("pass_through_duration", int(result["DurationInMinutes"].(float64)))
+	schemamap, err := vault.GenerateSchemaMap(object)
+	if err != nil {
+		return err
+	}
+	//logger.Debugf("Generated Map: %+v", schemamap)
+	for k, v := range schemamap {
+		switch k {
+		case "additional_data":
+			d.Set(k, flattenAdditionalData(object.AdditionalData))
+		default:
+			d.Set(k, v)
+		}
+	}
 
 	return nil
 }
diff --git a/centrify/datasource_cloudprovider.go b/centrify/datasource_cloudprovider.go
@@ -16,14 +16,50 @@ func dataSourceCloudProvider() *schema.Resource {
 		Schema: map[string]*schema.Schema{
 			"cloud_account_id": {
 				Type:        schema.TypeString,
-				Optional:    true,
+				Required:    true,
 				Description: "Account ID of the cloud provider",
 			},
 			"name": {
 				Type:        schema.TypeString,
 				Required:    true,
 				Description: "Name of the cloud provider",
 			},
+			"description": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Description of the cloud provider",
+			},
+			"type": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Type of the cloud provider",
+			},
+			"enable_interactive_password_rotation": {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "Enable interactive password rotation",
+			},
+			"prompt_change_root_password": {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "Prompt to change root password every login and password checkin",
+			},
+			"enable_password_rotation_reminders": {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "Enable password rotation reminders",
+			},
+			"password_rotation_reminder_duration": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "Minimum number of days since last rotation to trigger a reminder",
+			},
+			"default_profile_id": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Default Root Account Login Profile (used if no conditions matched)",
+			},
+			"challenge_rule": getChallengeRulesSchema(),
 		},
 	}
 }
@@ -35,15 +71,25 @@ func dataSourceCloudProviderRead(d *schema.ResourceData, m interface{}) error {
 	object.CloudAccountID = d.Get("cloud_account_id").(string)
 	object.Name = d.Get("name").(string)
 
-	result, err := object.Query()
+	err := object.GetByName()
 	if err != nil {
 		return fmt.Errorf("error retrieving CloudProvider with name '%s': %s", object.Name, err)
 	}
+	d.SetId(object.ID)
 
-	//logger.Debugf("Found CloudProvider: %+v", result)
-	d.SetId(result["ID"].(string))
-	d.Set("name", result["Name"].(string))
-	d.Set("cloud_account_id", result["CloudAccountId"].(string))
+	schemamap, err := vault.GenerateSchemaMap(object)
+	if err != nil {
+		return err
+	}
+	//logger.Debugf("Generated Map: %+v", schemamap)
+	for k, v := range schemamap {
+		switch k {
+		case "challenge_rule":
+			d.Set(k, v.(map[string]interface{})["rule"])
+		default:
+			d.Set(k, v)
+		}
+	}
 
 	return nil
 }
diff --git a/centrify/datasource_connector.go b/centrify/datasource_connector.go
@@ -102,31 +102,20 @@ func dataSourceConnectorRead(d *schema.ResourceData, m interface{}) error {
 	object.VpcIdentifier = d.Get("vpc_identifier").(string)
 	object.VmIdentifier = d.Get("vm_identifier").(string)
 
-	result, err := object.Query()
+	// We can't use simple Query method because it doesn't return all attributes
+	err := object.GetByName()
 	if err != nil {
-		return fmt.Errorf("error retrieving connector with name '%s': %s", object.Name, err)
+		return fmt.Errorf("error retrieving Oauth webapp with name '%s': %s", object.Name, err)
 	}
+	d.SetId(object.ID)
 
-	//logger.Debugf("Found connector: %+v", result)
-	d.SetId(result["ID"].(string))
-	d.Set("name", result["Name"].(string))
-	d.Set("machine_name", result["MachineName"].(string))
-	d.Set("dns_host_name", result["DnsHostName"].(string))
-	d.Set("forest", result["Forest"].(string))
-	d.Set("ssh_service", result["SSHService"].(string))
-	d.Set("rdp_service", result["RDPService"].(string))
-	d.Set("ad_proxy", result["ADProxy"].(string))
-	d.Set("app_gateway", result["AppGateway"].(string))
-	d.Set("http_api_service", result["HttpAPIService"].(string))
-	d.Set("ldap_proxy", result["LDAPProxy"].(string))
-	d.Set("radius_service", result["RadiusService"].(string))
-	d.Set("radius_external_service", result["RadiusExternalService"].(string))
-	d.Set("version", result["Version"].(string))
-	if result["VpcIdentifier"] != nil {
-		d.Set("vpc_identifier", result["VpcIdentifier"].(string))
+	schemamap, err := vault.GenerateSchemaMap(object)
+	if err != nil {
+		return err
 	}
-	if result["VmIdentifier"] != nil {
-		d.Set("vm_identifier", result["VmIdentifier"].(string))
+	//logger.Debugf("Generated Map: %+v", schemamap)
+	for k, v := range schemamap {
+		d.Set(k, v)
 	}
 
 	return nil

diff --git a/centrify/datasource_manualset.go b/centrify/datasource_manualset.go
@@ -65,18 +65,19 @@ func dataSourceManualSetRead(d *schema.ResourceData, m interface{}) error {
 	object.ObjectType = d.Get("type").(string)
 	object.SubObjectType = d.Get("subtype").(string)
 
-	result, err := object.Query()
+	err := object.GetByName()
 	if err != nil {
 		return fmt.Errorf("error retrieving Manual Set with name '%s': %s", object.Name, err)
 	}
+	d.SetId(object.ID)
 
-	if result["ID"] == nil {
-		return fmt.Errorf("ManualSet ID is not set")
+	schemamap, err := vault.GenerateSchemaMap(object)
+	if err != nil {
+		return err
 	}
-	d.SetId(result["ID"].(string))
-	d.Set("name", result["Name"].(string))
-	if result["Description"] != nil {
-		d.Set("description", result["Description"].(string))
+	//logger.Debugf("Generated Map: %+v", schemamap)
+	for k, v := range schemamap {
+		d.Set(k, v)
 	}
 
 	return nil

diff --git a/centrify/datasource_multiplexedaccount.go b/centrify/datasource_multiplexedaccount.go
@@ -21,28 +21,38 @@ func dataSourceMultiplexedAccount() *schema.Resource {
 			},
 			"description": {
 				Type:        schema.TypeString,
-				Optional:    true,
+				Computed:    true,
 				Description: "Description of the multiplexed account",
 			},
 			"account1_id": {
 				Type:     schema.TypeString,
-				Optional: true,
+				Computed: true,
 			},
 			"account2_id": {
 				Type:     schema.TypeString,
-				Optional: true,
+				Computed: true,
 			},
 			"account1": {
 				Type:     schema.TypeString,
-				Optional: true,
+				Computed: true,
 			},
 			"account2": {
 				Type:     schema.TypeString,
-				Optional: true,
+				Computed: true,
+			},
+			"accounts": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				MinItems: 2,
+				MaxItems: 2,
+				Set:      schema.HashString,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
 			},
 			"active_account": {
 				Type:     schema.TypeString,
-				Optional: true,
+				Computed: true,
 			},
 		},
 	}
@@ -54,22 +64,19 @@ func dataSourceMultiplexedAccountRead(d *schema.ResourceData, m interface{}) err
 	object := vault.NewMultiplexedAccount(client)
 	object.Name = d.Get("name").(string)
 
-	result, err := object.Query()
+	err := object.GetByName()
 	if err != nil {
 		return fmt.Errorf("error retrieving multiplexed account with name '%s': %s", object.Name, err)
 	}
+	d.SetId(object.ID)
 
-	//logger.Debugf("Found multiplexed account: %+v", result)
-	d.SetId(result["ID"].(string))
-	d.Set("name", result["Name"].(string))
-	d.Set("description", result["Description"].(string))
-	// RedRock/query doesn't return these attributes
-	//d.Set("account1_id", result["RealAccount1ID"].(string))
-	//d.Set("account2_id", result["RealAccount2ID"].(string))
-	//d.Set("account1", result["RealAccount1"].(string))
-	//d.Set("account2", result["RealAccount2"].(string))
-	if result["ActiveAccount"] != nil {
-		d.Set("active_account", result["ActiveAccount"].(string))
+	schemamap, err := vault.GenerateSchemaMap(object)
+	if err != nil {
+		return err
+	}
+	//logger.Debugf("Generated Map: %+v", schemamap)
+	for k, v := range schemamap {
+		d.Set(k, v)
 	}
 
 	return nil