diff --git a/ibm/provider/provider.go b/ibm/provider/provider.go index ffdf14d8788..2cac84cdd34 100644 --- a/ibm/provider/provider.go +++ b/ibm/provider/provider.go @@ -763,9 +763,12 @@ func Provider() *schema.Provider { // Security and Compliance Center "ibm_scc_instance_settings": scc.DataSourceIbmSccInstanceSettings(), "ibm_scc_control_library": scc.DataSourceIbmSccControlLibrary(), + "ibm_scc_control_libraries": scc.DataSourceIbmSccControlLibraries(), "ibm_scc_profile": scc.DataSourceIbmSccProfile(), + "ibm_scc_profiles": scc.DataSourceIbmSccProfiles(), "ibm_scc_profile_attachment": scc.DataSourceIbmSccProfileAttachment(), "ibm_scc_provider_type": scc.DataSourceIbmSccProviderType(), + "ibm_scc_provider_types": scc.DataSourceIbmSccProviderTypes(), "ibm_scc_provider_type_collection": scc.DataSourceIbmSccProviderTypeCollection(), "ibm_scc_provider_type_instance": scc.DataSourceIbmSccProviderTypeInstance(), "ibm_scc_latest_reports": scc.DataSourceIbmSccLatestReports(), diff --git a/ibm/service/scc/data_source_ibm_scc_control_libraries.go b/ibm/service/scc/data_source_ibm_scc_control_libraries.go new file mode 100644 index 00000000000..fd7c49104cb --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_control_libraries.go @@ -0,0 +1,214 @@ +// Copyright IBM Corp. 2023 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package scc + +import ( + "context" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/validate" + "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" +) + +func DataSourceIbmSccControlLibraries() *schema.Resource { + return AddSchemaData(&schema.Resource{ + ReadContext: dataSourceIbmSccControlLibrariesRead, + + Schema: map[string]*schema.Schema{ + "control_library_type": { + Type: schema.TypeString, + Description: "The type of control library to be found.", + ValidateFunc: validate.InvokeValidator("ibm_scc_control_library", "control_library_type"), + Optional: true, + }, + "control_libraries": &schema.Schema{ + Type: schema.TypeList, + Computed: true, + Description: "The list of control libraries found.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + Description: "The ID of the control library.", + }, + "account_id": { + Type: schema.TypeString, + Computed: true, + Description: "The ID of associated with the control library.", + }, + // "instance_id": { + // Type: schema.TypeString, + // Computed: true, + // Description: "The profile description.", + // }, + "control_library_name": { + Type: schema.TypeString, + Computed: true, + Description: "The name of the control library.", + }, + "control_library_description": { + Type: schema.TypeString, + Computed: true, + Description: "The description of the control library.", + }, + "control_library_type": { + Type: schema.TypeString, + Computed: true, + Description: "The type of the control library.", + }, + "version_group_label": { + Type: schema.TypeString, + Computed: true, + Description: "The version group label of the control library.", + }, + "control_library_version": { + Type: schema.TypeString, + Computed: true, + Description: "The version of the control library.", + }, + "latest": { + Type: schema.TypeBool, + Computed: true, + Description: "The latest version of the control library.", + }, + // "hierarchy_enabled": { + // Type: schema.TypeBool, + // Computed: true, + // Description: "The indication of whether hierarchy is enabled for the control library.", + // }, + "created_by": { + Type: schema.TypeString, + Computed: true, + Description: "The user who created the control library.", + }, + "created_on": { + Type: schema.TypeString, + Computed: true, + Description: "The date when the control library was created.", + }, + "updated_by": { + Type: schema.TypeString, + Computed: true, + Description: "The user who updated the control library.", + }, + "updated_on": { + Type: schema.TypeString, + Computed: true, + Description: "The date when the control library was updated.", + }, + "controls_count": { + Type: schema.TypeInt, + Computed: true, + Description: "The number of controls for the control library.", + }, + // "control_parents_count": { + // Type: schema.TypeInt, + // Computed: true, + // Description: "The number of parent controls for the control library.", + // }, + }, + }, + }, + }, + }) +} + +func dataSourceIbmSccControlLibrariesRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + securityandcompliancecenterapiClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return diag.FromErr(err) + } + + listControlLibrariesOptions := &securityandcompliancecenterapiv3.ListControlLibrariesOptions{} + listControlLibrariesOptions.SetInstanceID(d.Get("instance_id").(string)) + if val, ok := d.GetOk("control_library_type"); ok && val != nil { + listControlLibrariesOptions.SetControlLibraryType(val.(string)) + } + + pager, err := securityandcompliancecenterapiClient.NewControlLibrariesPager(listControlLibrariesOptions) + if err != nil { + log.Printf("[DEBUG] ListControlLibrarysWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListControlLibrarysWithContext failed %s", err)) + } + controlLibraryList, err := pager.GetAll() + if err != nil { + log.Printf("[DEBUG] ListControlLibrarysWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListControlLibrarysWithContext failed %s", err)) + } + d.SetId(fmt.Sprintf("%s/control_libraries", d.Get("instance_id").(string))) + if err = d.Set("instance_id", d.Get("instance_id")); err != nil { + return diag.FromErr(fmt.Errorf("Error setting instance_id %s", err)) + } + controlLibraries := []map[string]interface{}{} + for _, cl := range controlLibraryList { + modelMap, err := dataSourceIbmSccControlLibraryToMap(&cl) + if err != nil { + return diag.FromErr(fmt.Errorf("Error setting control library:%v\n%s", cl, err)) + } + controlLibraries = append(controlLibraries, modelMap) + } + if err = d.Set("control_libraries", controlLibraries); err != nil { + return diag.FromErr(fmt.Errorf("Error setting control_libraries: %s", err)) + } + return nil +} + +func dataSourceIbmSccControlLibraryToMap(controlLibrary *securityandcompliancecenterapiv3.ControlLibraryItem) (map[string]interface{}, error) { + modelMap := make(map[string]interface{}) + if controlLibrary.ID != nil { + modelMap["id"] = controlLibrary.ID + } + if controlLibrary.AccountID != nil { + modelMap["account_id"] = controlLibrary.AccountID + } + // if controlLibrary.InstanceID != nil { + // modelMap["instance_id"] = controlLibrary.InstanceID + // } + if controlLibrary.ControlLibraryName != nil { + modelMap["control_library_name"] = controlLibrary.ControlLibraryName + } + if controlLibrary.ControlLibraryDescription != nil { + modelMap["control_library_description"] = controlLibrary.ControlLibraryDescription + } + if controlLibrary.ControlLibraryType != nil { + modelMap["control_library_type"] = controlLibrary.ControlLibraryType + } + if controlLibrary.VersionGroupLabel != nil { + modelMap["version_group_label"] = controlLibrary.VersionGroupLabel + } + if controlLibrary.ControlLibraryVersion != nil { + modelMap["control_library_version"] = controlLibrary.ControlLibraryVersion + } + if controlLibrary.Latest != nil { + modelMap["latest"] = controlLibrary.Latest + } + // if controlLibrary.HierarchyEnabled != nil { + // modelMap["hierarchy_enabled"] = controlLibrary.HierarchyEnabled + // } + if controlLibrary.CreatedBy != nil { + modelMap["created_by"] = controlLibrary.CreatedBy + } + if controlLibrary.CreatedOn != nil { + modelMap["created_on"] = controlLibrary.CreatedOn.String() + } + if controlLibrary.UpdatedBy != nil { + modelMap["updated_by"] = controlLibrary.UpdatedBy + } + if controlLibrary.UpdatedOn != nil { + modelMap["updated_on"] = controlLibrary.UpdatedOn.String() + } + if controlLibrary.ControlsCount != nil { + modelMap["controls_count"] = controlLibrary.ControlsCount + } + // if controlLibrary.ControlParentCount != nil { + // modelMap["controls_parents_count"] = controlLibrary.ControlParentsCount + // } + return modelMap, nil +} diff --git a/ibm/service/scc/data_source_ibm_scc_control_libraries_test.go b/ibm/service/scc/data_source_ibm_scc_control_libraries_test.go new file mode 100644 index 00000000000..d5a799bf701 --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_control_libraries_test.go @@ -0,0 +1,59 @@ +package scc_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" +) + +func TestAccIbmSccControlLibrariesDataSourceBasic(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccControlLibrariesDataSourceConfigBasic(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_control_libraries.scc_control_libraries_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_control_libraries.scc_control_libraries_instance", "control_libraries.#"), + ), + }, + }, + }) +} + +func TestAccIbmSccControlLibrariesDataSourceAllArgs(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccControlLibrariesDataSourceConfigAllArgs(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_control_libraries.scc_control_libraries_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_control_libraries.scc_control_libraries_instance", "control_libraries.#"), + ), + }, + }, + }) +} + +func testAccCheckIbmSccControlLibrariesDataSourceConfigBasic(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_control_libraries" "scc_control_libraries_instance" { + instance_id = "%s" + } + `, instanceID) +} + +func testAccCheckIbmSccControlLibrariesDataSourceConfigAllArgs(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_control_libraries" "scc_control_libraries_instance" { + control_library_type = "predefined" + instance_id = "%s" + } + `, instanceID) +} diff --git a/ibm/service/scc/data_source_ibm_scc_profiles.go b/ibm/service/scc/data_source_ibm_scc_profiles.go new file mode 100644 index 00000000000..51bad458068 --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_profiles.go @@ -0,0 +1,199 @@ +// Copyright IBM Corp. 2023 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package scc + +import ( + "context" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/validate" + "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" +) + +func DataSourceIbmSccProfiles() *schema.Resource { + return AddSchemaData(&schema.Resource{ + ReadContext: dataSourceIbmSccProfilesRead, + + Schema: map[string]*schema.Schema{ + "profile_type": { + Type: schema.TypeString, + Optional: true, + }, + "profiles": &schema.Schema{ + Type: schema.TypeList, + Computed: true, + Description: "The list of profiles found.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + Description: "The profile ID.", + }, + "profile_name": { + Type: schema.TypeString, + Computed: true, + Description: "The profile name.", + }, + "profile_description": { + Type: schema.TypeString, + Computed: true, + Description: "The profile description.", + }, + "profile_type": { + Type: schema.TypeString, + Computed: true, + ValidateFunc: validate.InvokeValidator("ibm_scc_profile", "profile_type"), + Description: "The profile type, such as custom or predefined.", + }, + "profile_version": { + Type: schema.TypeString, + Computed: true, + Description: "The version status of the profile.", + }, + "version_group_label": { + Type: schema.TypeString, + Computed: true, + Description: "The version group label of the profile.", + }, + "latest": { + Type: schema.TypeBool, + Computed: true, + Description: "The latest version of the profile.", + }, + "hierarchy_enabled": { + Type: schema.TypeBool, + Computed: true, + Description: "The indication of whether hierarchy is enabled for the profile.", + }, + "created_by": { + Type: schema.TypeString, + Computed: true, + Description: "The user who created the profile.", + }, + "created_on": { + Type: schema.TypeString, + Computed: true, + Description: "The date when the profile was created.", + }, + "updated_by": { + Type: schema.TypeString, + Computed: true, + Description: "The user who updated the profile.", + }, + "updated_on": { + Type: schema.TypeString, + Computed: true, + Description: "The date when the profile was updated.", + }, + "controls_count": { + Type: schema.TypeInt, + Computed: true, + Description: "The number of controls for the profile.", + }, + "control_parents_count": { + Type: schema.TypeInt, + Computed: true, + Description: "The number of parent controls for the profile.", + }, + "attachments_count": { + Type: schema.TypeInt, + Computed: true, + Description: "The number of attachments related to this profile.", + }, + }, + }, + }, + }, + }) +} + +func dataSourceIbmSccProfilesRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + securityandcompliancecenterapiClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return diag.FromErr(err) + } + + listProfilesOptions := &securityandcompliancecenterapiv3.ListProfilesOptions{} + listProfilesOptions.SetInstanceID(d.Get("instance_id").(string)) + if val, ok := d.GetOk("profile_type"); ok && val != nil { + listProfilesOptions.SetProfileType(d.Get("profile_type").(string)) + } + + pager, err := securityandcompliancecenterapiClient.NewProfilesPager(listProfilesOptions) + if err != nil { + log.Printf("[DEBUG] ListProfilesWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListProfilesWithContext failed %s", err)) + } + profileList, err := pager.GetAll() + if err != nil { + log.Printf("[DEBUG] ListProfilesWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListProfilesWithContext failed %s", err)) + } + d.SetId(fmt.Sprintf("%s/profiles", d.Get("instance_id").(string))) + if err = d.Set("instance_id", d.Get("instance_id")); err != nil { + return diag.FromErr(fmt.Errorf("Error setting instance_id %s", err)) + } + profiles := []map[string]interface{}{} + for _, profile := range profileList { + modelMap, err := dataSourceIbmSccProfileToMap(&profile) + if err != nil { + return diag.FromErr(fmt.Errorf("Error setting profile:%v\n%s", profile, err)) + } + profiles = append(profiles, modelMap) + } + if err = d.Set("profiles", profiles); err != nil { + return diag.FromErr(fmt.Errorf("Error setting profiles: %s", err)) + } + return nil +} + +func dataSourceIbmSccProfileToMap(profile *securityandcompliancecenterapiv3.ProfileItem) (map[string]interface{}, error) { + modelMap := make(map[string]interface{}) + if profile.ID != nil { + modelMap["id"] = profile.ID + } + if profile.ProfileName != nil { + modelMap["profile_name"] = profile.ProfileName + } + if profile.ProfileDescription != nil { + modelMap["profile_description"] = profile.ProfileDescription + } + if profile.ProfileType != nil { + modelMap["profile_type"] = profile.ProfileType + } + if profile.ProfileVersion != nil { + modelMap["profile_version"] = profile.ProfileVersion + } + if profile.VersionGroupLabel != nil { + modelMap["version_group_label"] = profile.VersionGroupLabel + } + if profile.Latest != nil { + modelMap["latest"] = profile.Latest + } + if profile.CreatedBy != nil { + modelMap["created_by"] = profile.CreatedBy + } + if profile.CreatedOn != nil { + modelMap["created_on"] = profile.CreatedOn.String() + } + if profile.UpdatedBy != nil { + modelMap["updated_by"] = profile.UpdatedBy + } + if profile.UpdatedOn != nil { + modelMap["updated_on"] = profile.UpdatedOn.String() + } + if profile.ControlsCount != nil { + modelMap["controls_count"] = profile.ControlsCount + } + if profile.AttachmentsCount != nil { + modelMap["attachments_count"] = profile.AttachmentsCount + } + return modelMap, nil +} diff --git a/ibm/service/scc/data_source_ibm_scc_profiles_test.go b/ibm/service/scc/data_source_ibm_scc_profiles_test.go new file mode 100644 index 00000000000..efed00e9640 --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_profiles_test.go @@ -0,0 +1,63 @@ +package scc_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" +) + +func TestAccIbmSccProfilesDataSourceBasic(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccProfilesDataSourceConfigBasic(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.#"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.0.id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.0.profile_name"), + ), + }, + }, + }) +} + +func TestAccIbmSccProfilesDataSourceAllArgs(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccProfilesDataSourceConfigAllArgs(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.#"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.0.id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.0.profile_name"), + ), + }, + }, + }) +} + +func testAccCheckIbmSccProfilesDataSourceConfigBasic(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_profiles" "scc_profiles_instance" { + instance_id = "%s" + } + `, instanceID) +} + +func testAccCheckIbmSccProfilesDataSourceConfigAllArgs(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_profiles" "scc_profiles_instance" { + instance_id = "%s" + profile_type = "predefined" + } + `, instanceID) +} diff --git a/ibm/service/scc/data_source_ibm_scc_provider_type.go b/ibm/service/scc/data_source_ibm_scc_provider_type.go index b63556cfcb0..40446c10bdb 100644 --- a/ibm/service/scc/data_source_ibm_scc_provider_type.go +++ b/ibm/service/scc/data_source_ibm_scc_provider_type.go @@ -214,10 +214,3 @@ func dataSourceIbmSccProviderTypeLabelTypeToMap(model *securityandcompliancecent } return modelMap, nil } - -func dataSourceIbmSccProviderTypeAdditionalPropertyToMap(model *securityandcompliancecenterapiv3.AdditionalProperty) (map[string]interface{}, error) { - modelMap := make(map[string]interface{}) - modelMap["type"] = model.Type - modelMap["display_name"] = model.DisplayName - return modelMap, nil -} diff --git a/ibm/service/scc/data_source_ibm_scc_provider_types.go b/ibm/service/scc/data_source_ibm_scc_provider_types.go new file mode 100644 index 00000000000..7605931886d --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_provider_types.go @@ -0,0 +1,208 @@ +// Copyright IBM Corp. 2023 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package scc + +import ( + "context" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex" + "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" +) + +func DataSourceIbmSccProviderTypes() *schema.Resource { + return AddSchemaData(&schema.Resource{ + ReadContext: dataSourceIbmSccProviderTypesRead, + + Schema: map[string]*schema.Schema{ + "provider_types": &schema.Schema{ + Type: schema.TypeList, + Computed: true, + Description: "The list of provider_types found.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The unique identifier of the provider type.", + }, + "type": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The type of the provider type.", + }, + "name": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The name of the provider type.", + }, + "description": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The provider type description.", + }, + "s2s_enabled": &schema.Schema{ + Type: schema.TypeBool, + Computed: true, + Description: "A boolean that indicates whether the provider type is s2s-enabled.", + }, + "instance_limit": &schema.Schema{ + Type: schema.TypeInt, + Computed: true, + Description: "The maximum number of instances that can be created for the provider type.", + }, + "mode": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The mode that is used to get results from provider (`PUSH` or `PULL`).", + }, + "data_type": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The format of the results that a provider supports.", + }, + "label": &schema.Schema{ + Type: schema.TypeList, + Computed: true, + Description: "The label that is associated with the provider type.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "text": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The text of the label.", + }, + "tip": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The text to be shown when user hover overs the label.", + }, + }, + }, + }, + "attributes": &schema.Schema{ + Type: schema.TypeMap, + Computed: true, + Description: "The attributes that are required when you're creating an instance of a provider type. The attributes field can have multiple keys in its value. Each of those keys has a value object that includes the type, and display name as keys. For example, `{type:\"\", display_name:\"\"}`. **NOTE;** If the provider type is s2s-enabled, which means that if the `s2s_enabled` field is set to `true`, then a CRN field of type text is required in the attributes value object.", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "created_at": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "Time at which resource was created.", + }, + "updated_at": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "Time at which resource was updated.", + }, + }, + }, + }, + }, + }) +} + +func dataSourceIbmSccProviderTypesRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + securityAndComplianceCenterApIsClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return diag.FromErr(err) + } + + listProviderTypesByIdOptions := &securityandcompliancecenterapiv3.ListProviderTypesOptions{} + + listProviderTypesByIdOptions.SetInstanceID(d.Get("instance_id").(string)) + + providerTypeItems, response, err := securityAndComplianceCenterApIsClient.ListProviderTypesWithContext(context, listProviderTypesByIdOptions) + if err != nil { + log.Printf("[DEBUG] GetProviderTypeByIDWithContext failed %s\n%s", err, response) + return diag.FromErr(fmt.Errorf("GetProviderTypeByIDWithContext failed %s\n%s", err, response)) + } + + d.SetId(fmt.Sprintf("%s/provider_types", d.Get("instance_id").(string))) + + providerTypes := []map[string]interface{}{} + for _, providerType := range providerTypeItems.ProviderTypes { + modelMap, err := dataSourceIbmSccProviderToMap(&providerType) + if err != nil { + return diag.FromErr(fmt.Errorf("Error setting provider_type: %v\n%s", providerType, err)) + } + providerTypes = append(providerTypes, modelMap) + } + if err = d.Set("provider_types", providerTypes); err != nil { + return diag.FromErr(fmt.Errorf("Error setting provider_types: %s", err)) + } + + return nil +} + +func dataSourceIbmSccProviderToMap(model *securityandcompliancecenterapiv3.ProviderTypeItem) (map[string]interface{}, error) { + modelMap := make(map[string]interface{}) + if model.ID != nil { + modelMap["id"] = model.ID + } + + if model.Type != nil { + modelMap["type"] = model.Type + } + + if model.Name != nil { + modelMap["name"] = model.Name + } + + if model.Description != nil { + modelMap["description"] = model.Description + } + + if model.S2sEnabled != nil { + modelMap["s2s_enabled"] = model.S2sEnabled + } + + if model.InstanceLimit != nil { + modelMap["instance_limit"] = model.InstanceLimit + } + + if model.Mode != nil { + modelMap["mode"] = model.Mode + } + + if model.DataType != nil { + modelMap["data_type"] = model.DataType + } + + if model.Attributes != nil { + convertedMap := make(map[string]interface{}, len(model.Attributes)) + for k, v := range model.Attributes { + convertedMap[k] = v + } + modelMap["attributes"] = flex.Flatten(convertedMap) + } + + if model.Label != nil { + labelList := []map[string]interface{}{} + convertedMap, err := dataSourceIbmSccProviderTypeLabelTypeToMap(model.Label) + if err != nil { + return modelMap, err + } + labelList = append(labelList, convertedMap) + modelMap["label"] = labelList + } + + if model.CreatedAt != nil { + modelMap["created_at"] = flex.DateTimeToString(model.CreatedAt) + } + + if model.UpdatedAt != nil { + modelMap["updated_at"] = flex.DateTimeToString(model.UpdatedAt) + } + + return modelMap, nil +} diff --git a/ibm/service/scc/data_source_ibm_scc_provider_types_test.go b/ibm/service/scc/data_source_ibm_scc_provider_types_test.go new file mode 100644 index 00000000000..9b18ba62498 --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_provider_types_test.go @@ -0,0 +1,36 @@ +package scc_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" +) + +func TestAccIbmSccProviderTypesDataSourceBasic(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccProviderTypesDataSourceConfigBasic(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "provider_types.#"), + resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "provider_types.0.name"), + resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "provider_types.0.id"), + ), + }, + }, + }) +} + +func testAccCheckIbmSccProviderTypesDataSourceConfigBasic(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_provider_types" "scc_provider_types_instance" { + instance_id = "%s" + } + `, instanceID) +} diff --git a/ibm/service/scc/resource_ibm_scc_control_library.go b/ibm/service/scc/resource_ibm_scc_control_library.go index 381efbe2c30..e656c7d7de2 100644 --- a/ibm/service/scc/resource_ibm_scc_control_library.go +++ b/ibm/service/scc/resource_ibm_scc_control_library.go @@ -7,6 +7,9 @@ import ( "context" "fmt" "log" + "math/big" + "strconv" + "strings" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -151,15 +154,16 @@ func ResourceIbmSccControlLibrary() *schema.Resource { Computed: true, Description: "The number of assessments.", }, + "assessments": { - Type: schema.TypeList, + Type: schema.TypeSet, Optional: true, Description: "The assessments.", Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "assessment_id": { Type: schema.TypeString, - Optional: true, + Required: true, Description: "The assessment ID.", }, "assessment_method": { @@ -209,6 +213,13 @@ func ResourceIbmSccControlLibrary() *schema.Resource { }, }, }, + "assessments_map": { + Type: schema.TypeMap, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, }, }, }, @@ -660,7 +671,7 @@ func resourceIbmSccControlLibraryMapToControlSpecifications(modelMap map[string] } if modelMap["assessments"] != nil { assessments := []securityandcompliancecenterapiv3.Implementation{} - for _, assessmentsItem := range modelMap["assessments"].([]interface{}) { + for _, assessmentsItem := range modelMap["assessments"].(*schema.Set).List() { assessmentsItemModel, err := resourceIbmSccControlLibraryMapToImplementation(assessmentsItem.(map[string]interface{})) if err != nil { return model, err @@ -876,6 +887,23 @@ func resourceIbmSccControlLibraryControlsInControlLibToMap(model *securityandcom return modelMap, nil } +// using the assessment_id for comparison +func compareAssessmentSetFunc(v interface{}) int { + if v == nil { + return 0 + } + m := v.(map[string]interface{}) + id := (m["assessment_id"]).(*string) + assId := (*id)[5:18] + var i big.Int + i.SetString(strings.Replace(assId, "-", "", 4), 16) + val, err := strconv.Atoi(i.String()) + if err != nil { + log.Printf("[ERROR] Setting the Assessments for Control Library failed %s\n", err) + } + return val +} + func resourceIbmSccControlLibraryControlSpecificationsToMap(model *securityandcompliancecenterapiv3.ControlSpecifications) (map[string]interface{}, error) { modelMap := make(map[string]interface{}) if model.ControlSpecificationID != nil { @@ -900,7 +928,7 @@ func resourceIbmSccControlLibraryControlSpecificationsToMap(model *securityandco modelMap["assessments_count"] = flex.IntValue(model.AssessmentsCount) } if model.Assessments != nil { - assessments := []map[string]interface{}{} + assessments := []interface{}{} for _, assessmentsItem := range model.Assessments { assessmentsItemMap, err := resourceIbmSccControlLibraryImplementationToMap(&assessmentsItem) if err != nil { @@ -908,7 +936,8 @@ func resourceIbmSccControlLibraryControlSpecificationsToMap(model *securityandco } assessments = append(assessments, assessmentsItemMap) } - modelMap["assessments"] = assessments + assessmentsList := schema.NewSet(compareAssessmentSetFunc, assessments) + modelMap["assessments"] = assessmentsList } return modelMap, nil } diff --git a/ibm/service/scc/resource_ibm_scc_control_library_test.go b/ibm/service/scc/resource_ibm_scc_control_library_test.go index d6b36564372..27f392c8f82 100644 --- a/ibm/service/scc/resource_ibm_scc_control_library_test.go +++ b/ibm/service/scc/resource_ibm_scc_control_library_test.go @@ -58,7 +58,7 @@ func TestAccIbmSccControlLibraryAllArgs(t *testing.T) { controlLibraryDescription := fmt.Sprintf("tf_control_library_description_%d", acctest.RandIntRange(10, 100)) controlLibraryType := "custom" versionGroupLabel := "11111111-2222-3333-4444-555555555555" - controlLibraryVersion := "0.0.1" + controlLibraryVersion := "0.0.0" latest := "true" controlsCount := "1" @@ -66,7 +66,7 @@ func TestAccIbmSccControlLibraryAllArgs(t *testing.T) { controlLibraryDescriptionUpdate := controlLibraryDescription controlLibraryTypeUpdate := "custom" versionGroupLabelUpdate := versionGroupLabel - controlLibraryVersionUpdate := "0.0.2" + controlLibraryVersionUpdate := "0.0.1" latestUpdate := "true" resource.Test(t, resource.TestCase{ @@ -75,7 +75,7 @@ func TestAccIbmSccControlLibraryAllArgs(t *testing.T) { CheckDestroy: testAccCheckIbmSccControlLibraryDestroy, Steps: []resource.TestStep{ resource.TestStep{ - Config: testAccCheckIbmSccControlLibraryConfig(acc.SccInstanceID, controlLibraryName, controlLibraryDescription, controlLibraryType, versionGroupLabel, controlLibraryVersion, latest), + Config: testAccCheckIbmSccControlLibraryConfigBasic(acc.SccInstanceID, controlLibraryName, controlLibraryDescription, controlLibraryType), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckIbmSccControlLibraryExists("ibm_scc_control_library.scc_control_library_instance", conf), resource.TestCheckResourceAttr("ibm_scc_control_library.scc_control_library_instance", "control_library_name", controlLibraryName), @@ -115,7 +115,7 @@ func testAccCheckIbmSccControlLibraryConfigBasic(instanceID string, controlLibra control_library_name = "%s" control_library_description = "%s" control_library_type = "%s" - version_group_label = "03354ab4-03be-41c0-a469-826fc0262e78" + version_group_label = "11111111-2222-3333-4444-555555555555" latest = true controls { control_name = "control-name" @@ -134,13 +134,19 @@ func testAccCheckIbmSccControlLibraryConfigBasic(instanceID string, controlLibra assessment_id = "rule-a637949b-7e51-46c4-afd4-b96619001bf1" assessment_method = "ibm-cloud-rule" assessment_type = "automated" - assessment_description = "assessment_description" + assessment_description = "test 1" parameters { parameter_display_name = "Sign out due to inactivity in seconds" - parameter_name = "session_invalidation_in_seconds" - parameter_type = "numeric" + parameter_name = "session_invalidation_in_seconds" + parameter_type = "numeric" } } + assessments { + assessment_id = "rule-f88e215f-bb33-4bd8-bd1c-d8a065e9aa70" + assessment_method = "ibm-cloud-rule" + assessment_type = "automated" + assessment_description = "test 2" + } } control_docs { control_docs_id = "control_docs_id" @@ -177,15 +183,21 @@ func testAccCheckIbmSccControlLibraryConfig(instanceID string, controlLibraryNam component_name = "f3517159-889e-4781-819a-89d89b747c85" environment = "environment" control_specification_description = "control_specification_description" + assessments { + assessment_id = "rule-f88e215f-bb33-4bd8-bd1c-d8a065e9aa70" + assessment_method = "ibm-cloud-rule" + assessment_type = "automated" + assessment_description = "test 2" + } assessments { assessment_id = "rule-a637949b-7e51-46c4-afd4-b96619001bf1" assessment_method = "ibm-cloud-rule" assessment_type = "automated" - assessment_description = "assessment_description" + assessment_description = "test 1" parameters { - parameter_display_name = "Sign out due to inactivity in seconds" - parameter_name = "session_invalidation_in_seconds" - parameter_type = "numeric" + parameter_display_name = "Sign out due to inactivity in seconds" + parameter_name = "session_invalidation_in_seconds" + parameter_type = "numeric" } } } diff --git a/ibm/service/scc/resource_ibm_scc_profile_attachment.go b/ibm/service/scc/resource_ibm_scc_profile_attachment.go index 44ebbe12ebf..ddd1ae96a96 100644 --- a/ibm/service/scc/resource_ibm_scc_profile_attachment.go +++ b/ibm/service/scc/resource_ibm_scc_profile_attachment.go @@ -7,6 +7,9 @@ import ( "context" "fmt" "log" + "math/big" + "strconv" + "strings" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -162,7 +165,7 @@ func ResourceIbmSccProfileAttachment() *schema.Resource { }, }, "attachment_parameters": { - Type: schema.TypeList, + Type: schema.TypeSet, Optional: true, Description: "The profile parameters for the attachment.", Elem: &schema.Resource{ @@ -174,7 +177,7 @@ func ResourceIbmSccProfileAttachment() *schema.Resource { }, "assessment_id": { Type: schema.TypeString, - Optional: true, + Required: true, Description: "The implementation ID of the parameter.", }, "parameter_name": { @@ -321,6 +324,22 @@ func resourceIbmSccProfileAttachmentCreate(context context.Context, d *schema.Re return resourceIbmSccProfileAttachmentRead(context, d, meta) } +func cmpAttachParamSetFunc(v interface{}) int { + if v == nil { + return 0 + } + m := v.(map[string]interface{}) + id := (m["assessment_id"]).(*string) + assId := (*id)[5:18] + var i big.Int + i.SetString(strings.Replace(assId, "-", "", 4), 16) + val, err := strconv.Atoi(i.String()) + if err != nil { + log.Printf("[ERROR] Setting the Parameters of the Profile Attachment failed %s\n", err) + } + return val +} + func resourceIbmSccProfileAttachmentRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { securityandcompliancecenterapiClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() if err != nil { @@ -419,14 +438,15 @@ func resourceIbmSccProfileAttachmentRead(context context.Context, d *schema.Reso } } if !core.IsNil(attachmentItem.AttachmentParameters) { - attachmentParameters := []map[string]interface{}{} + attachmentParametersList := []interface{}{} for _, attachmentParametersItem := range attachmentItem.AttachmentParameters { attachmentParametersItemMap, err := resourceIbmSccProfileAttachmentAttachmentParameterPrototypeToMap(&attachmentParametersItem) if err != nil { return diag.FromErr(err) } - attachmentParameters = append(attachmentParameters, attachmentParametersItemMap) + attachmentParametersList = append(attachmentParametersList, attachmentParametersItemMap) } + attachmentParameters := schema.NewSet(cmpAttachParamSetFunc, attachmentParametersList) if err = d.Set("attachment_parameters", attachmentParameters); err != nil { return diag.FromErr(fmt.Errorf("Error setting attachment_parameters: %s", err)) } diff --git a/ibm/service/scc/resource_ibm_scc_profile_attachment_test.go b/ibm/service/scc/resource_ibm_scc_profile_attachment_test.go index 14d8800be75..6c1d5cdc8e7 100644 --- a/ibm/service/scc/resource_ibm_scc_profile_attachment_test.go +++ b/ibm/service/scc/resource_ibm_scc_profile_attachment_test.go @@ -90,8 +90,8 @@ func testAccCheckIbmSccProfileAttachmentConfigBasic(instanceID string) string { assessment_description = "assessment_description" parameters { parameter_display_name = "Sign out due to inactivity in seconds" - parameter_name = "session_invalidation_in_seconds" - parameter_type = "numeric" + parameter_name = "session_invalidation_in_seconds" + parameter_type = "numeric" } } } diff --git a/ibm/service/scc/resource_ibm_scc_profile_test.go b/ibm/service/scc/resource_ibm_scc_profile_test.go index 0708724cbd5..74d542bcac4 100644 --- a/ibm/service/scc/resource_ibm_scc_profile_test.go +++ b/ibm/service/scc/resource_ibm_scc_profile_test.go @@ -194,7 +194,7 @@ func testAccCheckIbmSccProfileConfig(instanceID string, profileName string, prof status = "enabled" } } - + resource "ibm_scc_profile" "scc_profile_instance" { instance_id = resource.ibm_scc_control_library.scc_control_library_instance.instance_id profile_name = "%s" @@ -207,11 +207,11 @@ func testAccCheckIbmSccProfileConfig(instanceID string, profileName string, prof } default_parameters { assessment_type = "automated" - assessment_id = resource.ibm_scc_control_library.scc_control_library_instance.controls[0].control_specifications[0].assessments[0].assessment_id + assessment_id = "rule-a637949b-7e51-46c4-afd4-b96619001bf1" parameter_name = "session_invalidation_in_seconds" parameter_type = "numeric" parameter_default_value = "9" - parameter_display_name = resource.ibm_scc_control_library.scc_control_library_instance.controls[0].control_specifications[0].assessments[0].parameters[0].parameter_display_name + parameter_display_name = "Sign out due to inactivity in seconds" } } diff --git a/website/docs/d/scc_control_libraries.html.markdown b/website/docs/d/scc_control_libraries.html.markdown new file mode 100644 index 00000000000..4b63bc02e66 --- /dev/null +++ b/website/docs/d/scc_control_libraries.html.markdown @@ -0,0 +1,60 @@ +--- +layout: "ibm" +page_title: "IBM : ibm_scc_control_libraries" +description: |- + Get information about scc_control_libraries +subcategory: "Security and Compliance Center" +--- + +# ibm_scc_control_library + +Retrieve information about a list of scc_control_libraries from a read-only data source. Then, you can reference the fields of the data source in other resources within the same configuration by using interpolation syntax. + +~> NOTE: if you specify the `region` in the provider, that region will become the default URL. Else, exporting the environmental variable IBMCLOUD_SCC_API_ENDPOINT will override any URL(ex. `export IBMCLOUD_SCC_API_ENDPOINT=https://us-south.compliance.cloud.ibm.com`). + +## Example Usage + +```hcl +data "ibm_scc_control_libraries" "scc_control_libraries" { + instance_id = "00000000-1111-2222-3333-444444444444" +} +``` + +## Argument Reference + +You can specify the following arguments for this data source. + +* `control_library_type` - (Optional, Forces new resource, String) The type of control library to query. + * Constraints: Allowable values are: `predefined`, `custom`. +* `instance_id` - (Required, Forces new resource, String) The ID of the SCC instance in a particular region. + +## Attribute Reference + +After your data source is created, you can read values from the following attributes. + +* `control_libraries` - (List) The list of control libraries. + + Nested schema for **control_libraries**: + * `id` - (String) The unique identifier of the scc_control_library. + + * `account_id` - (String) The account ID. + + * `control_library_description` - (String) The control library description. + + * `control_library_name` - (String) The control library name. + + * `control_library_type` - (String) The control library type. + + * `control_library_version` - (String) The control library version. + + * `control_count` - (Integer) The number of controls in the control library. + + * `created_by` - (String) The user who created the control library. + + * `created_on` - (String) The date when the control library was created. + + * `updated_by` - (String) The user who updated the control library. + + * `updated_on` - (String) The date when the control library was updated. + + * `version_group_label` - (String) The version group label. diff --git a/website/docs/d/scc_instance_settings.html.markdown b/website/docs/d/scc_instance_settings.html.markdown index ce53c591710..3c69abbb594 100644 --- a/website/docs/d/scc_instance_settings.html.markdown +++ b/website/docs/d/scc_instance_settings.html.markdown @@ -15,7 +15,7 @@ Provides a read-only data source to retrieve information about scc_instance_sett ## Example Usage ```hcl -resource "ibm_scc_instance_settings" "scc_instance_settings_instance" { +data "ibm_scc_instance_settings" "scc_instance_settings_instance" { instance_id = "00000000-1111-2222-3333-444444444444" } ``` diff --git a/website/docs/d/scc_profile.html.markdown b/website/docs/d/scc_profile.html.markdown index 73983c2183f..8938d79d1b5 100644 --- a/website/docs/d/scc_profile.html.markdown +++ b/website/docs/d/scc_profile.html.markdown @@ -33,14 +33,14 @@ You can specify the following arguments for this data source. After your data source is created, you can read values from the following attributes. -* `id` - The unique identifier of the scc_profile. * `attachments_count` - (Integer) The number of attachments related to this profile. * `control_parents_count` - (Integer) The number of parent controls for the profile. * `controls` - (List) The array of controls that are used to create the profile. * Constraints: The maximum length is `600` items. The minimum length is `0` items. -Nested schema for **controls**: + + Nested schema for **controls**: * `control_category` - (String) The control category. * Constraints: The maximum length is `512` characters. The minimum length is `2` characters. The value must match regular expression `/[A-Za-z0-9]+/`. * `control_description` - (String) The control description. @@ -64,7 +64,8 @@ Nested schema for **controls**: * `control_requirement` - (Boolean) Is this a control that can be automated or manually evaluated. * `control_specifications` - (List) The control specifications. * Constraints: The maximum length is `400` items. The minimum length is `0` items. - Nested schema for **control_specifications**: + + Nested schema for **control_specifications**: * `assessments` - (List) The assessments. * Constraints: The maximum length is `10` items. The minimum length is `0` items. Nested schema for **assessments**: @@ -79,7 +80,8 @@ Nested schema for **controls**: * `parameter_count` - (Integer) The parameter count. * `parameters` - (List) The parameters. * Constraints: The maximum length is `512` items. The minimum length is `0` items. - Nested schema for **parameters**: + + Nested schema for **parameters**: * `parameter_display_name` - (String) The parameter display name. * Constraints: The maximum length is `64` characters. The minimum length is `2` characters. The value must match regular expression `/^[a-zA-Z0-9_,'\\s\\-]*$/`. * `parameter_name` - (String) The parameter name. @@ -110,7 +112,8 @@ Nested schema for **controls**: * `default_parameters` - (List) The default parameters of the profile. * Constraints: The maximum length is `512` items. The minimum length is `0` items. -Nested schema for **default_parameters**: + + Nested schema for **default_parameters**: * `assessment_id` - (String) The implementation ID of the parameter. * Constraints: The maximum length is `64` characters. The minimum length is `2` characters. The value must match regular expression `/[A-Za-z0-9]+/`. * `assessment_type` - (String) The type of the implementation. diff --git a/website/docs/d/scc_profiles.html.markdown b/website/docs/d/scc_profiles.html.markdown new file mode 100644 index 00000000000..1a40a835044 --- /dev/null +++ b/website/docs/d/scc_profiles.html.markdown @@ -0,0 +1,73 @@ +--- +layout: "ibm" +page_title: "IBM : ibm_scc_profiles" +description: |- + Get information about scc_profiles +subcategory: "Security and Compliance Center" +--- + +# ibm_scc_profiles + +Retrieve information about a list of profiles from a read-only data source. Then, you can reference the fields of the data source in other resources within the same configuration by using interpolation syntax. + +~> NOTE: if you specify the `region` in the provider, that region will become the default URL. Else, exporting the environmental variable IBMCLOUD_SCC_API_ENDPOINT will override any URL(ex. `export IBMCLOUD_SCC_API_ENDPOINT=https://us-south.compliance.cloud.ibm.com`). + +## Example Usage + +```hcl +data "ibm_scc_profiles" "scc_profiles_instace" { + instance_id = "00000000-1111-2222-3333-444444444444" + profile_type = ibm_scc_profile.scc_profile_instance.profile_id +} +``` + +## Argument Reference + +You can specify the following arguments for this data source. + +* `profile_type` - (Optional, Forces new resource, String) The type of profiles to query. + * Constraints: Allowable values are: `predefined`, `custom`. +* `instance_id` - (Required, Forces new resource, String) The ID of the SCC instance in a particular region. + +## Attribute Reference + +After your data source is created, you can read values from the following attributes. + +* `profiles` - (List) The list of profiles. + + Nested schema for **profiles**: + * `id` - The unique identifier of the scc_profile. + + * `attachments_count` - (Integer) The number of attachments related to this profile. + + * `control_parents_count` - (Integer) The number of parent controls for the profile. + + * `instance_id` - (String) The instance ID. + + * `latest` - (Boolean) The latest version of the profile. + + * `profile_description` - (String) The profile description. + * Constraints: The maximum length is `256` characters. The minimum length is `2` characters. The value must match regular expression `/[A-Za-z0-9]+/`. + + * `profile_name` - (String) The profile name. + + + * `profile_type` - (String) The profile type, such as custom or predefined. + + * `profile_version` - (String) The version status of the profile. + + * `version_group_label` - (String) The version group label of the profile. + + * `latest` - (Boolean) The latest version of the profile. + + * `hierarchy_enabled` - (Boolean) The indication of whether hierarchy is enabled for the profile. + + * `created_by` - (String) The user who created the profile. + + * `created_on` - (String) The date when the profile was created. + + * `controls_count` - (Integer) The number of controls for the profile. + + * `control_parents_count` - (Integer) The number of parent controls for the profile. + + * `attachments_count` - (Integer) The number of attachments related to this profile. \ No newline at end of file diff --git a/website/docs/d/scc_provider_types.html.markdown b/website/docs/d/scc_provider_types.html.markdown new file mode 100644 index 00000000000..2d97a4c8e1f --- /dev/null +++ b/website/docs/d/scc_provider_types.html.markdown @@ -0,0 +1,66 @@ +--- +layout: "ibm" +page_title: "IBM : ibm_scc_provider_types" +description: |- + Get information about various scc_provider_types +subcategory: "Security and Compliance Center" +--- + +# ibm_scc_provider_types + +Retrieve information about a provider type from a read-only data source. Then, you can reference the fields of the data source in other resources within the same configuration by using interpolation syntax. + +~> NOTE: if you specify the `region` in the provider, that region will become the default URL. Else, exporting the environmental variable IBMCLOUD_SCC_API_ENDPOINT will override any URL(ex. `export IBMCLOUD_SCC_API_ENDPOINT=https://us-south.compliance.cloud.ibm.com`). + +## Example Usage + +```hcl +data "ibm_scc_provider_types" "scc_provider_types_instance" { + instance_id = "00000000-1111-2222-3333-444444444444" +} +``` + +## Argument Reference + +You can specify the following arguments for this data source. + +* `instance_id` - (Required, Forces new resource, String) The ID of the SCC instance in a particular region. + + +## Attribute Reference + +After your data source is created, you can read values from the following attributes. + +* `provider_types` - (List) The list of provider_types. + +* `id` - The unique identifier of the scc_provider_type. + +* `type` - (String) The type of the provider type. + +* `name` - (String) The name of the provider type. + +* `description` - (String) The provider type description. + +* `s2s_enabled` - (Boolean) A boolean that indicates whether the provider type is s2s-enabled. + + **NOTE;** If the provider type is s2s-enabled, which means that if the `s2s_enabled` field is set to `true`, then a CRN field of type text is required in the attributes value object when creating a `ibm_scc_provider_type_instance` + +* `attributes` - (Map) The attributes that are required when you're creating an instance of a provider type. The attributes field can have multiple keys in its value. Each of those keys has a value object that includes the type, and display name as keys. For example, `{type:"", display_name:""}`. + +* `created_at` - (String) The time when the resource was created. + +* `data_type` - (String) The format of the results that a provider supports. + +* `icon` - (String) The icon of a provider in .svg format that is encoded as a base64 string. + +* `instance_limit` - (Integer) The maximum number of instances that can be created for the provider type. + +* `label` - (List) The label that is associated with the provider type. +Nested schema for **label**: + * `text` - (String) The text of the label. + * `tip` - (String) The text to be shown when user hover overs the label. + +* `mode` - (String) The mode that is used to get results from provider (`PUSH` or `PULL`). + +* `updated_at` - (String) The time when the resource was updated. + diff --git a/website/docs/r/scc_control_library.html.markdown b/website/docs/r/scc_control_library.html.markdown index 98ef982637a..138ecc2a601 100644 --- a/website/docs/r/scc_control_library.html.markdown +++ b/website/docs/r/scc_control_library.html.markdown @@ -161,19 +161,18 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_control_library` resource by using `id`. The `id` property can be formed from `instance_id` and `control_library_id` in the following format: - -``` +```bash / ``` * `instance_id`: A string. The instance ID. * `control_library_id`: A string. The control library ID. # Syntax -``` +```bash $ terraform import ibm_scc_control_library.scc_control_library / ``` # Example -``` +```bash $ terraform import ibm_scc_control_library.scc_control_library 00000000-1111-2222-3333-444444444444/f3517159-889e-4781-819a-89d89b747c85 ``` diff --git a/website/docs/r/scc_instance_settings.html.markdown b/website/docs/r/scc_instance_settings.html.markdown index 98bd28df3b2..0c0b5c1f517 100644 --- a/website/docs/r/scc_instance_settings.html.markdown +++ b/website/docs/r/scc_instance_settings.html.markdown @@ -60,6 +60,11 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_instance_settings` resource by using `instance_id`. The unique identifier of the scc_instance_settings. # Syntax -``` +```bash $ terraform import ibm_scc_instance_settings.scc_instance_settings ``` + +# Example +```bash +$ terraform import ibm_scc_instance_settings.scc_instance_settings 00000000-1111-2222-3333-444444444444 +``` \ No newline at end of file diff --git a/website/docs/r/scc_profile.html.markdown b/website/docs/r/scc_profile.html.markdown index 9f1d94cc57a..2305dd3cdd0 100644 --- a/website/docs/r/scc_profile.html.markdown +++ b/website/docs/r/scc_profile.html.markdown @@ -186,13 +186,20 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_profile` resource by using `id`. The `id` property can be formed from `instance_id` and `profiles_id` in the following format: -``` +```bash / ``` + * `instance_id`: A string. The instance ID. * `profile_id`: A string. The profile ID. # Syntax -``` + +```bash $ terraform import ibm_scc_profile.scc_profile / ``` + +# Example +```bash +$ terraform import ibm_scc_profile.scc_profile 00000000-1111-2222-3333-444444444444/00000000-1111-2222-3333-444444444444 +``` \ No newline at end of file diff --git a/website/docs/r/scc_profile_attachment.html.markdown b/website/docs/r/scc_profile_attachment.html.markdown index d8219395403..e9ee6988250 100644 --- a/website/docs/r/scc_profile_attachment.html.markdown +++ b/website/docs/r/scc_profile_attachment.html.markdown @@ -96,7 +96,8 @@ After your resource is created, you can read values from the listed arguments an * Constraints: The maximum length is `32` characters. The minimum length is `32` characters. The value must match regular expression `/^[a-zA-Z0-9-]*$/`. * `attachment_parameters` - (List) The profile parameters for the attachment. * Constraints: The maximum length is `512` items. The minimum length is `0` items. -Nested schema for **attachment_parameters**: + + Nested schema for **attachment_parameters**: * `assessment_id` - (String) The implementation ID of the parameter. * Constraints: The maximum length is `64` characters. The minimum length is `2` characters. The value must match regular expression `/[A-Za-z0-9]+/`. * `assessment_type` - (String) The type of the implementation. @@ -117,7 +118,8 @@ Nested schema for **attachment_parameters**: * `instance_id` - (String) The instance ID of the account that is associated to the attachment. * Constraints: The maximum length is `36` characters. The minimum length is `36` characters. The value must match regular expression `/^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/`. * `last_scan` - (List) The details of the last scan of an attachment. -Nested schema for **last_scan**: + + Nested schema for **last_scan**: * `id` - (String) The ID of the last scan of an attachment. * Constraints: The maximum length is `36` characters. The minimum length is `36` characters. The value must match regular expression `/^[a-zA-Z0-9-]*$/`. * `status` - (String) The status of the last scan of an attachment. @@ -136,7 +138,7 @@ Nested schema for **last_scan**: You can import the `ibm_scc_profile_attachment` resource by using `id`. The `id` property can be formed from `instance_id`, `profiles_id`, and `attachment_id` in the following format: -``` +```bash // ``` * `instance_id`: A string. The instance ID. @@ -144,6 +146,11 @@ The `id` property can be formed from `instance_id`, `profiles_id`, and `attachme * `attachment_id`: A string. The attachment ID. # Syntax -``` +```bash $ terraform import ibm_scc_profile_attachment.scc_profile_attachment // ``` + +# Example +```bash +$ terraform import ibm_scc_profile_attachment.scc_profile_attachment 00000000-1111-2222-3333-444444444444/00000000-1111-2222-3333-444444444444/f3517159-889e-4781-819a-89d89b747c85 +``` \ No newline at end of file diff --git a/website/docs/r/scc_provider_type_instance.html.markdown b/website/docs/r/scc_provider_type_instance.html.markdown index f67260edc40..1e4e2815485 100644 --- a/website/docs/r/scc_provider_type_instance.html.markdown +++ b/website/docs/r/scc_provider_type_instance.html.markdown @@ -48,14 +48,20 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_provider_type_instance` resource by using `id`. The `id` property can be formed from `instance_id`, `provider_type_id`, and `provider_type_instance_id` in the following format: -``` -/ +```bash +// ``` * `instance_id`: A string. The instance ID. * `provider_type_id`: A string. The provider type ID. * `provider_type_instance_id`: A string. The provider type instance ID. # Syntax -``` + +```bash $ terraform import ibm_scc_provider_type_instance.scc_provider_type_instance // ``` + +# Example +```bash +$ terraform import ibm_scc_provider_type_instance.scc_provider_type_instance 00000000-1111-2222-3333-444444444444/00000000-1111-2222-3333-444444444444/f3517159-889e-4781-819a-89d89b747c85 +``` \ No newline at end of file diff --git a/website/docs/r/scc_rule.html.markdown b/website/docs/r/scc_rule.html.markdown index 1fbe9fbbf42..969767b8b16 100644 --- a/website/docs/r/scc_rule.html.markdown +++ b/website/docs/r/scc_rule.html.markdown @@ -193,13 +193,19 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_rule` resource by using `id`. The rule ID. The `id` property can be formed from `instance_id` and `rule_id` in the following format: -``` +```bash / ``` * `instance_id`: A string. The instance ID. * `rule_id`: A string. The rule ID. # Syntax -``` + +```bash $ terraform import ibm_scc_rule.scc_rule / ``` + +# Example +```bash +$ terraform import ibm_scc_rule.scc_rule 00000000-1111-2222-3333-444444444444/00000000-1111-2222-3333-444444444444 +``` \ No newline at end of file