-
Notifications
You must be signed in to change notification settings - Fork 207
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added new
okta_role_subscription
resource and datasource (#746)
- Loading branch information
1 parent
ef78a14
commit 1f39f9f
Showing
10 changed files
with
327 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
resource "okta_role_subscription" "test" { | ||
notification_type = "APP_IMPORT" | ||
role_type = "SUPER_ADMIN" | ||
status = "unsubscribed" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
package okta | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/diag" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" | ||
) | ||
|
||
func dataSourceRoleSubscription() *schema.Resource { | ||
return &schema.Resource{ | ||
ReadContext: dataSourceRoleSubscriptionRead, | ||
Schema: map[string]*schema.Schema{ | ||
"role_type": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ValidateDiagFunc: elemInSlice(validAdminRoles), | ||
Description: "Type of the role", | ||
}, | ||
"notification_type": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ValidateDiagFunc: elemInSlice(validNotificationTypes), | ||
Description: "Type of the notification", | ||
}, | ||
"status": { | ||
Type: schema.TypeString, | ||
Computed: true, | ||
Description: "Status of subscription", | ||
}, | ||
}, | ||
} | ||
} | ||
|
||
func dataSourceRoleSubscriptionRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { | ||
subscription, _, err := getSupplementFromMetadata(m).GetRoleTypeSubscription(ctx, d.Get("role_type").(string), d.Get("notification_type").(string)) | ||
if err != nil { | ||
return diag.Errorf("failed get subscription: %v", err) | ||
} | ||
d.SetId(fmt.Sprintf("%s/%s", d.Get("role_type").(string), d.Get("notification_type").(string))) | ||
_ = d.Set("status", subscription.Status) | ||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,106 @@ | ||
package okta | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
"strings" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/diag" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" | ||
) | ||
|
||
func resourceRoleSubscription() *schema.Resource { | ||
return &schema.Resource{ | ||
CreateContext: resourceRoleSubscriptionCreate, | ||
ReadContext: resourceRoleSubscriptionRead, | ||
UpdateContext: resourceRoleSubscriptionUpdate, | ||
DeleteContext: resourceRoleSubscriptionDelete, | ||
Importer: &schema.ResourceImporter{ | ||
StateContext: func(_ context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { | ||
parts := strings.Split(d.Id(), "/") | ||
if len(parts) != 2 { | ||
return nil, fmt.Errorf("invalid role subscription specifier, expecting {roleType}/{notificationType}") | ||
} | ||
_ = d.Set("role_type", parts[0]) | ||
_ = d.Set("notification_type", parts[1]) | ||
d.SetId(parts[1]) | ||
return []*schema.ResourceData{d}, nil | ||
}, | ||
}, | ||
Schema: map[string]*schema.Schema{ | ||
"role_type": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
ValidateDiagFunc: elemInSlice(validAdminRoles), | ||
Description: "Type of the role", | ||
}, | ||
"notification_type": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
ValidateDiagFunc: elemInSlice(validNotificationTypes), | ||
Description: "Type of the notification", | ||
}, | ||
"status": { | ||
Type: schema.TypeString, | ||
Optional: true, | ||
ValidateDiagFunc: elemInSlice([]string{"subscribed", "unsubscribed"}), | ||
Description: "Status of subscription", | ||
}, | ||
}, | ||
} | ||
} | ||
|
||
func resourceRoleSubscriptionCreate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { | ||
status, ok := d.GetOk("status") | ||
if !ok { | ||
return resourceRoleSubscriptionRead(ctx, d, m) | ||
} | ||
subscription, _, err := getSupplementFromMetadata(m).GetRoleTypeSubscription(ctx, d.Get("role_type").(string), d.Get("notification_type").(string)) | ||
if err != nil { | ||
return diag.Errorf("failed get subscription: %v", err) | ||
} | ||
if subscription.Status != status.(string) { | ||
if status == "subscribed" { | ||
_, err = getSupplementFromMetadata(m).RoleTypeSubscribe(ctx, d.Get("role_type").(string), d.Get("notification_type").(string)) | ||
} else { | ||
_, err = getSupplementFromMetadata(m).RoleTypeUnsubscribe(ctx, d.Get("role_type").(string), d.Get("notification_type").(string)) | ||
} | ||
if err != nil { | ||
return diag.Errorf("failed to change subscription: %v", err) | ||
} | ||
} | ||
d.SetId(d.Get("notification_type").(string)) | ||
return resourceRoleSubscriptionRead(ctx, d, m) | ||
} | ||
|
||
func resourceRoleSubscriptionRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { | ||
subscription, _, err := getSupplementFromMetadata(m).GetRoleTypeSubscription(ctx, d.Get("role_type").(string), d.Get("notification_type").(string)) | ||
if err != nil { | ||
return diag.Errorf("failed get subscription: %v", err) | ||
} | ||
_ = d.Set("status", subscription.Status) | ||
return nil | ||
} | ||
|
||
func resourceRoleSubscriptionUpdate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { | ||
var err error | ||
oldStatus, newStatus := d.GetChange("status") | ||
if oldStatus == newStatus { | ||
return nil | ||
} | ||
if newStatus == "subscribed" { | ||
_, err = getSupplementFromMetadata(m).RoleTypeSubscribe(ctx, d.Get("role_type").(string), d.Get("notification_type").(string)) | ||
} else { | ||
_, err = getSupplementFromMetadata(m).RoleTypeUnsubscribe(ctx, d.Get("role_type").(string), d.Get("notification_type").(string)) | ||
} | ||
if err != nil { | ||
return diag.Errorf("failed to change subscription: %v", err) | ||
} | ||
return nil | ||
} | ||
|
||
func resourceRoleSubscriptionDelete(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { | ||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
package okta | ||
|
||
import ( | ||
"fmt" | ||
"testing" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" | ||
) | ||
|
||
func TestAccOktaRoleSubscription_crud(t *testing.T) { | ||
ri := acctest.RandInt() | ||
resourceName := fmt.Sprintf("%s.test", roleSubscription) | ||
mgr := newFixtureManager(roleSubscription) | ||
config := mgr.GetFixtures("basic.tf", ri, t) | ||
|
||
resource.Test(t, resource.TestCase{ | ||
PreCheck: func() { testAccPreCheck(t) }, | ||
ProviderFactories: testAccProvidersFactories, | ||
CheckDestroy: nil, | ||
Steps: []resource.TestStep{ | ||
{ | ||
Config: config, | ||
Check: resource.ComposeTestCheckFunc( | ||
resource.TestCheckResourceAttr(resourceName, "status", "unsubscribed")), | ||
}, | ||
}, | ||
}) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
package okta | ||
|
||
var validNotificationTypes = []string{ | ||
"CONNECTOR_AGENT", "USER_LOCKED_OUT", "APP_IMPORT", "LDAP_AGENT", | ||
"AD_AGENT", "OKTA_ANNOUNCEMENT", "OKTA_ISSUE", "OKTA_UPDATE", "IWA_AGENT", "USER_DEPROVISION", | ||
"REPORT_SUSPICIOUS_ACTIVITY", "RATELIMIT_NOTIFICATION", | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
package sdk | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
"net/http" | ||
|
||
"github.com/okta/okta-sdk-golang/v2/okta" | ||
) | ||
|
||
type Subscription struct { | ||
NotificationType string `json:"notificationType"` | ||
Channels []string `json:"channels"` | ||
Status string `json:"status"` | ||
Links interface{} `json:"links"` | ||
} | ||
|
||
func (m *APISupplement) GetRoleTypeSubscription(ctx context.Context, roleType, notificationType string) (*Subscription, *okta.Response, error) { | ||
url := fmt.Sprintf("/api/v1/roles/%s/subscriptions/%s", roleType, notificationType) | ||
re := m.cloneRequestExecutor() | ||
req, err := re.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) | ||
if err != nil { | ||
return nil, nil, err | ||
} | ||
var subscription *Subscription | ||
resp, err := re.Do(ctx, req, &subscription) | ||
if err != nil { | ||
return nil, resp, err | ||
} | ||
return subscription, resp, nil | ||
} | ||
|
||
func (m *APISupplement) RoleTypeSubscribe(ctx context.Context, roleType, notificationType string) (*okta.Response, error) { | ||
url := fmt.Sprintf("/api/v1/roles/%s/subscriptions/%s/subscribe", roleType, notificationType) | ||
re := m.cloneRequestExecutor() | ||
req, err := re.WithAccept("application/json").WithContentType("application/json").NewRequest(http.MethodPost, url, nil) | ||
if err != nil { | ||
return nil, err | ||
} | ||
return re.Do(ctx, req, nil) | ||
} | ||
|
||
func (m *APISupplement) RoleTypeUnsubscribe(ctx context.Context, roleType, notificationType string) (*okta.Response, error) { | ||
url := fmt.Sprintf("/api/v1/roles/%s/subscriptions/%s/unsubscribe", roleType, notificationType) | ||
re := m.cloneRequestExecutor() | ||
req, err := re.WithAccept("application/json").WithContentType("application/json").NewRequest(http.MethodPost, url, nil) | ||
if err != nil { | ||
return nil, err | ||
} | ||
return re.Do(ctx, req, nil) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
--- | ||
layout: "okta" | ||
page_title: "Okta: okta_role_subscription" | ||
sidebar_current: "docs-okta-datasource-role-subscription" | ||
description: |- | ||
Get subscriptions of a Role with a specific type | ||
--- | ||
|
||
# okta_role_subscription | ||
|
||
Use this data source to retrieve role subscription with a specific type. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
data "okta_role_subscription" "example" { | ||
notification_type = "APP_IMPORT" | ||
role_type = "SUPER_ADMIN" | ||
} | ||
``` | ||
|
||
## Arguments Reference | ||
|
||
- `role_type` - (Required) Type of the role. Valid values: `"SUPER_ADMIN"`, `"ORG_ADMIN"`, `"APP_ADMIN"`, `"USER_ADMIN"`, | ||
`"HELP_DESK_ADMIN"`, `"READ_ONLY_ADMIN"`, `"MOBILE_ADMIN"`, `"API_ACCESS_MANAGEMENT_ADMIN"`, `"REPORT_ADMIN"`, | ||
`"GROUP_MEMBERSHIP_ADMIN"`. | ||
|
||
- `notification_type` - (Required) Type of the notification. Valid values: `"CONNECTOR_AGENT"`, `"USER_LOCKED_OUT"`, | ||
`"APP_IMPORT"`, `"LDAP_AGENT"`, `"AD_AGENT"`, `"OKTA_ANNOUNCEMENT"`, `"OKTA_ISSUE"`, `"OKTA_UPDATE"`, `"IWA_AGENT"`, | ||
`"USER_DEPROVISION"`, `"REPORT_SUSPICIOUS_ACTIVITY"`, `"RATELIMIT_NOTIFICATION"`. | ||
|
||
## Attributes Reference | ||
|
||
- `id` - ID of the resource. Same a `notification_type`. | ||
|
||
- `status` - Subscription status. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
--- | ||
layout: 'okta' | ||
page_title: 'Okta: okta_role_subscription' | ||
sidebar_current: 'docs-okta-resource-role-subscription' | ||
description: |- | ||
Manages group subscription. | ||
--- | ||
|
||
# okta_role_subscription | ||
|
||
This resource allows you to configure subscriptions of a Role with a specific type. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
resource "okta_role_subscription" "test" { | ||
role_type = "SUPER_ADMIN" | ||
notification_type = "APP_IMPORT" | ||
status = "unsubscribed" | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
- `role_type` - (Required) Type of the role. Valid values: `"SUPER_ADMIN"`, `"ORG_ADMIN"`, `"APP_ADMIN"`, `"USER_ADMIN"`, | ||
`"HELP_DESK_ADMIN"`, `"READ_ONLY_ADMIN"`, `"MOBILE_ADMIN"`, `"API_ACCESS_MANAGEMENT_ADMIN"`, `"REPORT_ADMIN"`, | ||
`"GROUP_MEMBERSHIP_ADMIN"`. | ||
|
||
- `notification_type` - (Required) Type of the notification. Valid values: `"CONNECTOR_AGENT"`, `"USER_LOCKED_OUT"`, | ||
`"APP_IMPORT"`, `"LDAP_AGENT"`, `"AD_AGENT"`, `"OKTA_ANNOUNCEMENT"`, `"OKTA_ISSUE"`, `"OKTA_UPDATE"`, `"IWA_AGENT"`, | ||
`"USER_DEPROVISION"`, `"REPORT_SUSPICIOUS_ACTIVITY"`, `"RATELIMIT_NOTIFICATION"`. | ||
|
||
- `status` - (Optional) Subscription status. Valid values: `"subscribed"`, `"unsubscribed"`. | ||
|
||
## Attributes Reference | ||
|
||
- `id` - ID of the resource. Same a `notification_type`. | ||
|
||
## Import | ||
|
||
A role subscription can be imported via the Okta ID. | ||
|
||
``` | ||
$ terraform import okta_role_subscription.example <role_type>/<notification_type> | ||
``` |