From 4eb67263c701e1d7e2be114760189879d4b9d4c4 Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Wed, 6 Mar 2024 15:58:24 -0600 Subject: [PATCH 01/12] init: pushing out the scc_profiles_datasource --- ibm/provider/provider.go | 1 + .../scc/data_source_ibm_scc_profiles.go | 197 ++++++++++++++++++ .../scc/data_source_ibm_scc_profiles_test.go | 34 +++ 3 files changed, 232 insertions(+) create mode 100644 ibm/service/scc/data_source_ibm_scc_profiles.go create mode 100644 ibm/service/scc/data_source_ibm_scc_profiles_test.go diff --git a/ibm/provider/provider.go b/ibm/provider/provider.go index ffdf14d8788..3200cf37736 100644 --- a/ibm/provider/provider.go +++ b/ibm/provider/provider.go @@ -764,6 +764,7 @@ func Provider() *schema.Provider { "ibm_scc_instance_settings": scc.DataSourceIbmSccInstanceSettings(), "ibm_scc_control_library": scc.DataSourceIbmSccControlLibrary(), "ibm_scc_profile": scc.DataSourceIbmSccProfile(), + "ibm_scc_profiles": scc.DataSourceIbmSccProfiles(), "ibm_scc_profile_attachment": scc.DataSourceIbmSccProfileAttachment(), "ibm_scc_provider_type": scc.DataSourceIbmSccProviderType(), "ibm_scc_provider_type_collection": scc.DataSourceIbmSccProviderTypeCollection(), diff --git a/ibm/service/scc/data_source_ibm_scc_profiles.go b/ibm/service/scc/data_source_ibm_scc_profiles.go new file mode 100644 index 00000000000..897cd173382 --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_profiles.go @@ -0,0 +1,197 @@ +// Copyright IBM Corp. 2023 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package scc + +import ( + "context" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" +) + +func DataSourceIbmSccProfiles() *schema.Resource { + return AddSchemaData(&schema.Resource{ + ReadContext: dataSourceIbmSccProfilesRead, + + Schema: map[string]*schema.Schema{ + "profile_type": { + Type: schema.TypeString, + Optional: true, + }, + "profiles": &schema.Schema{ + Type: schema.TypeList, + Computed: true, + Description: "The list of profiles found.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Required: true, + Description: "The profile ID.", + }, + "profile_name": { + Type: schema.TypeString, + Computed: true, + Description: "The profile name.", + }, + "profile_description": { + Type: schema.TypeString, + Computed: true, + Description: "The profile description.", + }, + "profile_type": { + Type: schema.TypeString, + Computed: true, + Description: "The profile type, such as custom or predefined.", + }, + "profile_version": { + Type: schema.TypeString, + Computed: true, + Description: "The version status of the profile.", + }, + "version_group_label": { + Type: schema.TypeString, + Computed: true, + Description: "The version group label of the profile.", + }, + "latest": { + Type: schema.TypeBool, + Computed: true, + Description: "The latest version of the profile.", + }, + "hierarchy_enabled": { + Type: schema.TypeBool, + Computed: true, + Description: "The indication of whether hierarchy is enabled for the profile.", + }, + "created_by": { + Type: schema.TypeString, + Computed: true, + Description: "The user who created the profile.", + }, + "created_on": { + Type: schema.TypeString, + Computed: true, + Description: "The date when the profile was created.", + }, + "updated_by": { + Type: schema.TypeString, + Computed: true, + Description: "The user who updated the profile.", + }, + "updated_on": { + Type: schema.TypeString, + Computed: true, + Description: "The date when the profile was updated.", + }, + "controls_count": { + Type: schema.TypeInt, + Computed: true, + Description: "The number of controls for the profile.", + }, + "control_parents_count": { + Type: schema.TypeInt, + Computed: true, + Description: "The number of parent controls for the profile.", + }, + "attachments_count": { + Type: schema.TypeInt, + Computed: true, + Description: "The number of attachments related to this profile.", + }, + }, + }, + }, + }, + }) +} + +func dataSourceIbmSccProfilesRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + securityandcompliancecenterapiClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return diag.FromErr(err) + } + + listProfilesOptions := &securityandcompliancecenterapiv3.ListProfilesOptions{} + listProfilesOptions.SetInstanceID(d.Get("instance_id").(string)) + if val, ok := d.GetOk("profile_type"); ok && val != nil { + listProfilesOptions.SetProfileType(d.Get("profile_type").(string)) + } + + pager, err := securityandcompliancecenterapiClient.NewProfilesPager(listProfilesOptions) + if err != nil { + log.Printf("[DEBUG] ListProfilesWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListProfilesWithContext failed %s", err)) + } + profileList, err := pager.GetAll() + if err != nil { + log.Printf("[DEBUG] ListProfilesWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListProfilesWithContext failed %s", err)) + } + d.SetId(fmt.Sprintf("%s/profiles", d.Get("instance_id").(string))) + if err = d.Set("instance_id", d.Get("instance_id")); err != nil { + return diag.FromErr(fmt.Errorf("Error setting instance_id %s", err)) + } + profiles := []map[string]interface{}{} + for _, profile := range profileList { + modelMap, err := dataSourceIbmSccProfileToMap(&profile) + if err != nil { + return diag.FromErr(fmt.Errorf("Error setting profile:%v\n%s", profile, err)) + } + profiles = append(profiles, modelMap) + } + if err = d.Set("profiles", profiles); err != nil { + return diag.FromErr(fmt.Errorf("Error setting profiles %s", err)) + } + return nil +} + +func dataSourceIbmSccProfileToMap(profile *securityandcompliancecenterapiv3.ProfileItem) (map[string]interface{}, error) { + modelMap := make(map[string]interface{}) + if profile.ID != nil { + modelMap["id"] = profile.ID + } + if profile.ProfileName != nil { + modelMap["profile_name"] = profile.ProfileName + } + if profile.ProfileDescription != nil { + modelMap["profile_description"] = profile.ProfileDescription + } + if profile.ProfileType != nil { + modelMap["profile_type"] = profile.ProfileType + } + if profile.ProfileVersion != nil { + modelMap["profile_version"] = profile.ProfileVersion + } + if profile.VersionGroupLabel != nil { + modelMap["version_group_label"] = profile.VersionGroupLabel + } + if profile.Latest != nil { + modelMap["latest"] = profile.Latest + } + if profile.CreatedBy != nil { + modelMap["created_by"] = profile.CreatedBy + } + if profile.CreatedOn != nil { + modelMap["created_on"] = profile.CreatedOn.String() + } + if profile.UpdatedBy != nil { + modelMap["updated_by"] = profile.UpdatedBy + } + if profile.UpdatedOn != nil { + modelMap["updated_on"] = profile.UpdatedOn.String() + } + if profile.ControlsCount != nil { + modelMap["controls_count"] = profile.ControlsCount + } + if profile.AttachmentsCount != nil { + modelMap["attachments_count"] = profile.AttachmentsCount + } + return modelMap, nil +} diff --git a/ibm/service/scc/data_source_ibm_scc_profiles_test.go b/ibm/service/scc/data_source_ibm_scc_profiles_test.go new file mode 100644 index 00000000000..f6c4a987019 --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_profiles_test.go @@ -0,0 +1,34 @@ +package scc_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" +) + +func TestAccIbmSccProfilesDataSourceBasic(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccProfilesDataSourceConfigBasic(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.#"), + ), + }, + }, + }) +} + +func testAccCheckIbmSccProfilesDataSourceConfigBasic(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_profiles" "scc_profiles_instance" { + instance_id = "%s" + } + `, instanceID) +} From 06c184d367bfb87b0ec54b219476aba608ebec4f Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Thu, 7 Mar 2024 11:14:36 -0600 Subject: [PATCH 02/12] feat: adding the data_source provider_types --- ibm/provider/provider.go | 1 + .../scc/data_source_ibm_scc_profiles.go | 2 +- .../scc/data_source_ibm_scc_provider_types.go | 208 ++++++++++++++++++ ...data_source_ibm_scc_provider_types_test.go | 34 +++ 4 files changed, 244 insertions(+), 1 deletion(-) create mode 100644 ibm/service/scc/data_source_ibm_scc_provider_types.go create mode 100644 ibm/service/scc/data_source_ibm_scc_provider_types_test.go diff --git a/ibm/provider/provider.go b/ibm/provider/provider.go index 3200cf37736..08dd637e247 100644 --- a/ibm/provider/provider.go +++ b/ibm/provider/provider.go @@ -767,6 +767,7 @@ func Provider() *schema.Provider { "ibm_scc_profiles": scc.DataSourceIbmSccProfiles(), "ibm_scc_profile_attachment": scc.DataSourceIbmSccProfileAttachment(), "ibm_scc_provider_type": scc.DataSourceIbmSccProviderType(), + "ibm_scc_provider_types": scc.DataSourceIbmSccProviderTypes(), "ibm_scc_provider_type_collection": scc.DataSourceIbmSccProviderTypeCollection(), "ibm_scc_provider_type_instance": scc.DataSourceIbmSccProviderTypeInstance(), "ibm_scc_latest_reports": scc.DataSourceIbmSccLatestReports(), diff --git a/ibm/service/scc/data_source_ibm_scc_profiles.go b/ibm/service/scc/data_source_ibm_scc_profiles.go index 897cd173382..a43df88cd4a 100644 --- a/ibm/service/scc/data_source_ibm_scc_profiles.go +++ b/ibm/service/scc/data_source_ibm_scc_profiles.go @@ -147,7 +147,7 @@ func dataSourceIbmSccProfilesRead(context context.Context, d *schema.ResourceDat profiles = append(profiles, modelMap) } if err = d.Set("profiles", profiles); err != nil { - return diag.FromErr(fmt.Errorf("Error setting profiles %s", err)) + return diag.FromErr(fmt.Errorf("Error setting profiles: %s", err)) } return nil } diff --git a/ibm/service/scc/data_source_ibm_scc_provider_types.go b/ibm/service/scc/data_source_ibm_scc_provider_types.go new file mode 100644 index 00000000000..7605931886d --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_provider_types.go @@ -0,0 +1,208 @@ +// Copyright IBM Corp. 2023 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package scc + +import ( + "context" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex" + "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" +) + +func DataSourceIbmSccProviderTypes() *schema.Resource { + return AddSchemaData(&schema.Resource{ + ReadContext: dataSourceIbmSccProviderTypesRead, + + Schema: map[string]*schema.Schema{ + "provider_types": &schema.Schema{ + Type: schema.TypeList, + Computed: true, + Description: "The list of provider_types found.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The unique identifier of the provider type.", + }, + "type": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The type of the provider type.", + }, + "name": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The name of the provider type.", + }, + "description": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The provider type description.", + }, + "s2s_enabled": &schema.Schema{ + Type: schema.TypeBool, + Computed: true, + Description: "A boolean that indicates whether the provider type is s2s-enabled.", + }, + "instance_limit": &schema.Schema{ + Type: schema.TypeInt, + Computed: true, + Description: "The maximum number of instances that can be created for the provider type.", + }, + "mode": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The mode that is used to get results from provider (`PUSH` or `PULL`).", + }, + "data_type": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The format of the results that a provider supports.", + }, + "label": &schema.Schema{ + Type: schema.TypeList, + Computed: true, + Description: "The label that is associated with the provider type.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "text": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The text of the label.", + }, + "tip": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The text to be shown when user hover overs the label.", + }, + }, + }, + }, + "attributes": &schema.Schema{ + Type: schema.TypeMap, + Computed: true, + Description: "The attributes that are required when you're creating an instance of a provider type. The attributes field can have multiple keys in its value. Each of those keys has a value object that includes the type, and display name as keys. For example, `{type:\"\", display_name:\"\"}`. **NOTE;** If the provider type is s2s-enabled, which means that if the `s2s_enabled` field is set to `true`, then a CRN field of type text is required in the attributes value object.", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "created_at": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "Time at which resource was created.", + }, + "updated_at": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "Time at which resource was updated.", + }, + }, + }, + }, + }, + }) +} + +func dataSourceIbmSccProviderTypesRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + securityAndComplianceCenterApIsClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return diag.FromErr(err) + } + + listProviderTypesByIdOptions := &securityandcompliancecenterapiv3.ListProviderTypesOptions{} + + listProviderTypesByIdOptions.SetInstanceID(d.Get("instance_id").(string)) + + providerTypeItems, response, err := securityAndComplianceCenterApIsClient.ListProviderTypesWithContext(context, listProviderTypesByIdOptions) + if err != nil { + log.Printf("[DEBUG] GetProviderTypeByIDWithContext failed %s\n%s", err, response) + return diag.FromErr(fmt.Errorf("GetProviderTypeByIDWithContext failed %s\n%s", err, response)) + } + + d.SetId(fmt.Sprintf("%s/provider_types", d.Get("instance_id").(string))) + + providerTypes := []map[string]interface{}{} + for _, providerType := range providerTypeItems.ProviderTypes { + modelMap, err := dataSourceIbmSccProviderToMap(&providerType) + if err != nil { + return diag.FromErr(fmt.Errorf("Error setting provider_type: %v\n%s", providerType, err)) + } + providerTypes = append(providerTypes, modelMap) + } + if err = d.Set("provider_types", providerTypes); err != nil { + return diag.FromErr(fmt.Errorf("Error setting provider_types: %s", err)) + } + + return nil +} + +func dataSourceIbmSccProviderToMap(model *securityandcompliancecenterapiv3.ProviderTypeItem) (map[string]interface{}, error) { + modelMap := make(map[string]interface{}) + if model.ID != nil { + modelMap["id"] = model.ID + } + + if model.Type != nil { + modelMap["type"] = model.Type + } + + if model.Name != nil { + modelMap["name"] = model.Name + } + + if model.Description != nil { + modelMap["description"] = model.Description + } + + if model.S2sEnabled != nil { + modelMap["s2s_enabled"] = model.S2sEnabled + } + + if model.InstanceLimit != nil { + modelMap["instance_limit"] = model.InstanceLimit + } + + if model.Mode != nil { + modelMap["mode"] = model.Mode + } + + if model.DataType != nil { + modelMap["data_type"] = model.DataType + } + + if model.Attributes != nil { + convertedMap := make(map[string]interface{}, len(model.Attributes)) + for k, v := range model.Attributes { + convertedMap[k] = v + } + modelMap["attributes"] = flex.Flatten(convertedMap) + } + + if model.Label != nil { + labelList := []map[string]interface{}{} + convertedMap, err := dataSourceIbmSccProviderTypeLabelTypeToMap(model.Label) + if err != nil { + return modelMap, err + } + labelList = append(labelList, convertedMap) + modelMap["label"] = labelList + } + + if model.CreatedAt != nil { + modelMap["created_at"] = flex.DateTimeToString(model.CreatedAt) + } + + if model.UpdatedAt != nil { + modelMap["updated_at"] = flex.DateTimeToString(model.UpdatedAt) + } + + return modelMap, nil +} diff --git a/ibm/service/scc/data_source_ibm_scc_provider_types_test.go b/ibm/service/scc/data_source_ibm_scc_provider_types_test.go new file mode 100644 index 00000000000..a35f0a1eb3f --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_provider_types_test.go @@ -0,0 +1,34 @@ +package scc_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" +) + +func TestAccIbmSccProviderTypesDataSourceBasic(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccProviderTypesDataSourceConfigBasic(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "provider_types.#"), + ), + }, + }, + }) +} + +func testAccCheckIbmSccProviderTypesDataSourceConfigBasic(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_provider_types" "scc_provider_types_instance" { + instance_id = "%s" + } + `, instanceID) +} From 6da421a49ce40e6d5acb7d0f0146e402d1472674 Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Thu, 7 Mar 2024 17:36:38 -0600 Subject: [PATCH 03/12] fix: using TypeSet for unique assessments --- .../scc/resource_ibm_scc_control_library.go | 25 +++++++++++--- .../resource_ibm_scc_control_library_test.go | 34 +++++++++++++------ 2 files changed, 44 insertions(+), 15 deletions(-) diff --git a/ibm/service/scc/resource_ibm_scc_control_library.go b/ibm/service/scc/resource_ibm_scc_control_library.go index 381efbe2c30..f791694ac66 100644 --- a/ibm/service/scc/resource_ibm_scc_control_library.go +++ b/ibm/service/scc/resource_ibm_scc_control_library.go @@ -7,6 +7,9 @@ import ( "context" "fmt" "log" + "math/big" + "strconv" + "strings" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -152,7 +155,7 @@ func ResourceIbmSccControlLibrary() *schema.Resource { Description: "The number of assessments.", }, "assessments": { - Type: schema.TypeList, + Type: schema.TypeSet, Optional: true, Description: "The assessments.", Elem: &schema.Resource{ @@ -660,7 +663,7 @@ func resourceIbmSccControlLibraryMapToControlSpecifications(modelMap map[string] } if modelMap["assessments"] != nil { assessments := []securityandcompliancecenterapiv3.Implementation{} - for _, assessmentsItem := range modelMap["assessments"].([]interface{}) { + for _, assessmentsItem := range modelMap["assessments"].(*schema.Set).List() { assessmentsItemModel, err := resourceIbmSccControlLibraryMapToImplementation(assessmentsItem.(map[string]interface{})) if err != nil { return model, err @@ -876,6 +879,17 @@ func resourceIbmSccControlLibraryControlsInControlLibToMap(model *securityandcom return modelMap, nil } +// using the assessment_id for comparison +func compareAssessmentSetFunc(v interface{}) int { + m := v.(map[string]interface{}) + id := (m["assessment_id"]).(*string) + assId := (*id)[5:18] + var i big.Int + i.SetString(strings.Replace(assId, "-", "", 4), 16) + val, _ := strconv.Atoi(i.String()) + return val +} + func resourceIbmSccControlLibraryControlSpecificationsToMap(model *securityandcompliancecenterapiv3.ControlSpecifications) (map[string]interface{}, error) { modelMap := make(map[string]interface{}) if model.ControlSpecificationID != nil { @@ -900,7 +914,7 @@ func resourceIbmSccControlLibraryControlSpecificationsToMap(model *securityandco modelMap["assessments_count"] = flex.IntValue(model.AssessmentsCount) } if model.Assessments != nil { - assessments := []map[string]interface{}{} + assessments := []interface{}{} for _, assessmentsItem := range model.Assessments { assessmentsItemMap, err := resourceIbmSccControlLibraryImplementationToMap(&assessmentsItem) if err != nil { @@ -908,7 +922,10 @@ func resourceIbmSccControlLibraryControlSpecificationsToMap(model *securityandco } assessments = append(assessments, assessmentsItemMap) } - modelMap["assessments"] = assessments + assessmentsList := schema.NewSet(compareAssessmentSetFunc, assessments) + modelMap["assessments"] = assessmentsList + + // modelMap["assessments"] = assessments } return modelMap, nil } diff --git a/ibm/service/scc/resource_ibm_scc_control_library_test.go b/ibm/service/scc/resource_ibm_scc_control_library_test.go index d6b36564372..27f392c8f82 100644 --- a/ibm/service/scc/resource_ibm_scc_control_library_test.go +++ b/ibm/service/scc/resource_ibm_scc_control_library_test.go @@ -58,7 +58,7 @@ func TestAccIbmSccControlLibraryAllArgs(t *testing.T) { controlLibraryDescription := fmt.Sprintf("tf_control_library_description_%d", acctest.RandIntRange(10, 100)) controlLibraryType := "custom" versionGroupLabel := "11111111-2222-3333-4444-555555555555" - controlLibraryVersion := "0.0.1" + controlLibraryVersion := "0.0.0" latest := "true" controlsCount := "1" @@ -66,7 +66,7 @@ func TestAccIbmSccControlLibraryAllArgs(t *testing.T) { controlLibraryDescriptionUpdate := controlLibraryDescription controlLibraryTypeUpdate := "custom" versionGroupLabelUpdate := versionGroupLabel - controlLibraryVersionUpdate := "0.0.2" + controlLibraryVersionUpdate := "0.0.1" latestUpdate := "true" resource.Test(t, resource.TestCase{ @@ -75,7 +75,7 @@ func TestAccIbmSccControlLibraryAllArgs(t *testing.T) { CheckDestroy: testAccCheckIbmSccControlLibraryDestroy, Steps: []resource.TestStep{ resource.TestStep{ - Config: testAccCheckIbmSccControlLibraryConfig(acc.SccInstanceID, controlLibraryName, controlLibraryDescription, controlLibraryType, versionGroupLabel, controlLibraryVersion, latest), + Config: testAccCheckIbmSccControlLibraryConfigBasic(acc.SccInstanceID, controlLibraryName, controlLibraryDescription, controlLibraryType), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckIbmSccControlLibraryExists("ibm_scc_control_library.scc_control_library_instance", conf), resource.TestCheckResourceAttr("ibm_scc_control_library.scc_control_library_instance", "control_library_name", controlLibraryName), @@ -115,7 +115,7 @@ func testAccCheckIbmSccControlLibraryConfigBasic(instanceID string, controlLibra control_library_name = "%s" control_library_description = "%s" control_library_type = "%s" - version_group_label = "03354ab4-03be-41c0-a469-826fc0262e78" + version_group_label = "11111111-2222-3333-4444-555555555555" latest = true controls { control_name = "control-name" @@ -134,13 +134,19 @@ func testAccCheckIbmSccControlLibraryConfigBasic(instanceID string, controlLibra assessment_id = "rule-a637949b-7e51-46c4-afd4-b96619001bf1" assessment_method = "ibm-cloud-rule" assessment_type = "automated" - assessment_description = "assessment_description" + assessment_description = "test 1" parameters { parameter_display_name = "Sign out due to inactivity in seconds" - parameter_name = "session_invalidation_in_seconds" - parameter_type = "numeric" + parameter_name = "session_invalidation_in_seconds" + parameter_type = "numeric" } } + assessments { + assessment_id = "rule-f88e215f-bb33-4bd8-bd1c-d8a065e9aa70" + assessment_method = "ibm-cloud-rule" + assessment_type = "automated" + assessment_description = "test 2" + } } control_docs { control_docs_id = "control_docs_id" @@ -177,15 +183,21 @@ func testAccCheckIbmSccControlLibraryConfig(instanceID string, controlLibraryNam component_name = "f3517159-889e-4781-819a-89d89b747c85" environment = "environment" control_specification_description = "control_specification_description" + assessments { + assessment_id = "rule-f88e215f-bb33-4bd8-bd1c-d8a065e9aa70" + assessment_method = "ibm-cloud-rule" + assessment_type = "automated" + assessment_description = "test 2" + } assessments { assessment_id = "rule-a637949b-7e51-46c4-afd4-b96619001bf1" assessment_method = "ibm-cloud-rule" assessment_type = "automated" - assessment_description = "assessment_description" + assessment_description = "test 1" parameters { - parameter_display_name = "Sign out due to inactivity in seconds" - parameter_name = "session_invalidation_in_seconds" - parameter_type = "numeric" + parameter_display_name = "Sign out due to inactivity in seconds" + parameter_name = "session_invalidation_in_seconds" + parameter_type = "numeric" } } } From 32156b30f490887804b65d3fa15054c8782e807b Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Tue, 12 Mar 2024 10:54:06 -0500 Subject: [PATCH 04/12] bug: working on resource_ibm_scc_profile_test --- ibm/service/scc/data_source_ibm_scc_provider_type.go | 7 ------- ibm/service/scc/resource_ibm_scc_profile_test.go | 6 +++--- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/ibm/service/scc/data_source_ibm_scc_provider_type.go b/ibm/service/scc/data_source_ibm_scc_provider_type.go index b63556cfcb0..40446c10bdb 100644 --- a/ibm/service/scc/data_source_ibm_scc_provider_type.go +++ b/ibm/service/scc/data_source_ibm_scc_provider_type.go @@ -214,10 +214,3 @@ func dataSourceIbmSccProviderTypeLabelTypeToMap(model *securityandcompliancecent } return modelMap, nil } - -func dataSourceIbmSccProviderTypeAdditionalPropertyToMap(model *securityandcompliancecenterapiv3.AdditionalProperty) (map[string]interface{}, error) { - modelMap := make(map[string]interface{}) - modelMap["type"] = model.Type - modelMap["display_name"] = model.DisplayName - return modelMap, nil -} diff --git a/ibm/service/scc/resource_ibm_scc_profile_test.go b/ibm/service/scc/resource_ibm_scc_profile_test.go index 0708724cbd5..9013ae8a0f7 100644 --- a/ibm/service/scc/resource_ibm_scc_profile_test.go +++ b/ibm/service/scc/resource_ibm_scc_profile_test.go @@ -194,7 +194,7 @@ func testAccCheckIbmSccProfileConfig(instanceID string, profileName string, prof status = "enabled" } } - + resource "ibm_scc_profile" "scc_profile_instance" { instance_id = resource.ibm_scc_control_library.scc_control_library_instance.instance_id profile_name = "%s" @@ -207,11 +207,11 @@ func testAccCheckIbmSccProfileConfig(instanceID string, profileName string, prof } default_parameters { assessment_type = "automated" - assessment_id = resource.ibm_scc_control_library.scc_control_library_instance.controls[0].control_specifications[0].assessments[0].assessment_id + assessment_id = {for k,v in resource.ibm_scc_control_library.scc_control_library_instance.controls[0].control_specifications[0].assessments: k => v if v.assessment_id == "rule-a637949b-7e51-46c4-afd4-b96619001bf1"}[0].assessment_id parameter_name = "session_invalidation_in_seconds" parameter_type = "numeric" parameter_default_value = "9" - parameter_display_name = resource.ibm_scc_control_library.scc_control_library_instance.controls[0].control_specifications[0].assessments[0].parameters[0].parameter_display_name + parameter_display_name = {for k,v in resource.ibm_scc_control_library.scc_control_library_instance.controls[0].control_specifications[0].assessments: k => v if v.assessment_id == "rule-a637949b-7e51-46c4-afd4-b96619001bf1"}[0].parameters[0].parameter_display_name } } From 5dfec705149c51e91b0a8d956a7f9eea891e6ee0 Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Tue, 12 Mar 2024 13:27:35 -0500 Subject: [PATCH 05/12] Changing various resources to typeSet. --- .../scc/resource_ibm_scc_control_library.go | 10 ++++++++-- .../resource_ibm_scc_profile_attachment.go | 20 ++++++++++++++++--- .../scc/resource_ibm_scc_profile_test.go | 4 ++-- 3 files changed, 27 insertions(+), 7 deletions(-) diff --git a/ibm/service/scc/resource_ibm_scc_control_library.go b/ibm/service/scc/resource_ibm_scc_control_library.go index f791694ac66..aa17e2bd40d 100644 --- a/ibm/service/scc/resource_ibm_scc_control_library.go +++ b/ibm/service/scc/resource_ibm_scc_control_library.go @@ -154,6 +154,7 @@ func ResourceIbmSccControlLibrary() *schema.Resource { Computed: true, Description: "The number of assessments.", }, + "assessments": { Type: schema.TypeSet, Optional: true, @@ -212,6 +213,13 @@ func ResourceIbmSccControlLibrary() *schema.Resource { }, }, }, + "assessments_map": { + Type: schema.TypeMap, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, }, }, }, @@ -924,8 +932,6 @@ func resourceIbmSccControlLibraryControlSpecificationsToMap(model *securityandco } assessmentsList := schema.NewSet(compareAssessmentSetFunc, assessments) modelMap["assessments"] = assessmentsList - - // modelMap["assessments"] = assessments } return modelMap, nil } diff --git a/ibm/service/scc/resource_ibm_scc_profile_attachment.go b/ibm/service/scc/resource_ibm_scc_profile_attachment.go index 44ebbe12ebf..5e4e955d2d2 100644 --- a/ibm/service/scc/resource_ibm_scc_profile_attachment.go +++ b/ibm/service/scc/resource_ibm_scc_profile_attachment.go @@ -7,6 +7,9 @@ import ( "context" "fmt" "log" + "math/big" + "strconv" + "strings" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -162,7 +165,7 @@ func ResourceIbmSccProfileAttachment() *schema.Resource { }, }, "attachment_parameters": { - Type: schema.TypeList, + Type: schema.TypeSet, Optional: true, Description: "The profile parameters for the attachment.", Elem: &schema.Resource{ @@ -321,6 +324,16 @@ func resourceIbmSccProfileAttachmentCreate(context context.Context, d *schema.Re return resourceIbmSccProfileAttachmentRead(context, d, meta) } +func cmpAttachParamSetFunc(v interface{}) int { + m := v.(map[string]interface{}) + id := (m["assessment_id"]).(*string) + assId := (*id)[5:18] + var i big.Int + i.SetString(strings.Replace(assId, "-", "", 4), 16) + val, _ := strconv.Atoi(i.String()) + return val +} + func resourceIbmSccProfileAttachmentRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { securityandcompliancecenterapiClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() if err != nil { @@ -419,14 +432,15 @@ func resourceIbmSccProfileAttachmentRead(context context.Context, d *schema.Reso } } if !core.IsNil(attachmentItem.AttachmentParameters) { - attachmentParameters := []map[string]interface{}{} + attachmentParametersList := []interface{}{} for _, attachmentParametersItem := range attachmentItem.AttachmentParameters { attachmentParametersItemMap, err := resourceIbmSccProfileAttachmentAttachmentParameterPrototypeToMap(&attachmentParametersItem) if err != nil { return diag.FromErr(err) } - attachmentParameters = append(attachmentParameters, attachmentParametersItemMap) + attachmentParametersList = append(attachmentParametersList, attachmentParametersItemMap) } + attachmentParameters := schema.NewSet(cmpAttachParamSetFunc, attachmentParametersList) if err = d.Set("attachment_parameters", attachmentParameters); err != nil { return diag.FromErr(fmt.Errorf("Error setting attachment_parameters: %s", err)) } diff --git a/ibm/service/scc/resource_ibm_scc_profile_test.go b/ibm/service/scc/resource_ibm_scc_profile_test.go index 9013ae8a0f7..74d542bcac4 100644 --- a/ibm/service/scc/resource_ibm_scc_profile_test.go +++ b/ibm/service/scc/resource_ibm_scc_profile_test.go @@ -207,11 +207,11 @@ func testAccCheckIbmSccProfileConfig(instanceID string, profileName string, prof } default_parameters { assessment_type = "automated" - assessment_id = {for k,v in resource.ibm_scc_control_library.scc_control_library_instance.controls[0].control_specifications[0].assessments: k => v if v.assessment_id == "rule-a637949b-7e51-46c4-afd4-b96619001bf1"}[0].assessment_id + assessment_id = "rule-a637949b-7e51-46c4-afd4-b96619001bf1" parameter_name = "session_invalidation_in_seconds" parameter_type = "numeric" parameter_default_value = "9" - parameter_display_name = {for k,v in resource.ibm_scc_control_library.scc_control_library_instance.controls[0].control_specifications[0].assessments: k => v if v.assessment_id == "rule-a637949b-7e51-46c4-afd4-b96619001bf1"}[0].parameters[0].parameter_display_name + parameter_display_name = "Sign out due to inactivity in seconds" } } From c5ca1b04fd548349cd43f02ffcdcf8deee168dcc Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Fri, 15 Mar 2024 13:44:40 -0500 Subject: [PATCH 06/12] adding the datasource --- .../data_source_ibm_scc_control_libraries.go | 206 ++++++++++++++++++ 1 file changed, 206 insertions(+) create mode 100644 ibm/service/scc/data_source_ibm_scc_control_libraries.go diff --git a/ibm/service/scc/data_source_ibm_scc_control_libraries.go b/ibm/service/scc/data_source_ibm_scc_control_libraries.go new file mode 100644 index 00000000000..c43b978bb72 --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_control_libraries.go @@ -0,0 +1,206 @@ +// Copyright IBM Corp. 2023 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package scc + +import ( + "context" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" +) + +func DataSourceIbmSccControlLibraries() *schema.Resource { + return AddSchemaData(&schema.Resource{ + ReadContext: dataSourceIbmSccControlLibrariesRead, + + Schema: map[string]*schema.Schema{ + "control_library_type": { + Type: schema.TypeString, + Optional: true, + }, + "control_libraries": &schema.Schema{ + Type: schema.TypeList, + Computed: true, + Description: "The list of control_libraries found.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Required: true, + Description: "The ID of the control library.", + }, + "account_id": { + Type: schema.TypeString, + Computed: true, + Description: "The ID of associated with the control library.", + }, + // "instance_id": { + // Type: schema.TypeString, + // Computed: true, + // Description: "The profile description.", + // }, + "control_library_name": { + Type: schema.TypeString, + Computed: true, + Description: "The name of the control library.", + }, + "control_library_description": { + Type: schema.TypeString, + Computed: true, + Description: "The description of the control library.", + }, + "control_library_type": { + Type: schema.TypeString, + Computed: true, + Description: "The type of the control library.", + }, + "version_group_label": { + Type: schema.TypeString, + Computed: true, + Description: "The version group label of the control library.", + }, + "control_library_version": { + Type: schema.TypeString, + Computed: true, + Description: "The version of the control library.", + }, + // "hierarchy_enabled": { + // Type: schema.TypeBool, + // Computed: true, + // Description: "The indication of whether hierarchy is enabled for the control library.", + // }, + "created_by": { + Type: schema.TypeString, + Computed: true, + Description: "The user who created the control library.", + }, + "created_on": { + Type: schema.TypeString, + Computed: true, + Description: "The date when the control library was created.", + }, + "updated_by": { + Type: schema.TypeString, + Computed: true, + Description: "The user who updated the control library.", + }, + "updated_on": { + Type: schema.TypeString, + Computed: true, + Description: "The date when the control library was updated.", + }, + "controls_count": { + Type: schema.TypeInt, + Computed: true, + Description: "The number of controls for the control library.", + }, + // "control_parents_count": { + // Type: schema.TypeInt, + // Computed: true, + // Description: "The number of parent controls for the control library.", + // }, + }, + }, + }, + }, + }) +} + +func dataSourceIbmSccControlLibrariesRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + securityandcompliancecenterapiClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return diag.FromErr(err) + } + + listControlLibrariesOptions := &securityandcompliancecenterapiv3.ListControlLibrariesOptions{} + listControlLibrariesOptions.SetInstanceID(d.Get("instance_id").(string)) + if val, ok := d.GetOk("control_library_type"); ok && val != nil { + listControlLibrariesOptions.SetControlLibraryType(val.(string)) + } + + pager, err := securityandcompliancecenterapiClient.NewControlLibrariesPager(listControlLibrariesOptions) + if err != nil { + log.Printf("[DEBUG] ListcontrolLibrarysWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListcontrolLibrarysWithContext failed %s", err)) + } + controlLibraryList, err := pager.GetAll() + if err != nil { + log.Printf("[DEBUG] ListcontrolLibrarysWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListcontrolLibrarysWithContext failed %s", err)) + } + d.SetId(fmt.Sprintf("%s/control_libraries", d.Get("instance_id").(string))) + if err = d.Set("instance_id", d.Get("instance_id")); err != nil { + return diag.FromErr(fmt.Errorf("Error setting instance_id %s", err)) + } + controlLibraries := []map[string]interface{}{} + for _, cl := range controlLibraryList { + modelMap, err := dataSourceIbmSccControlLibraryToMap(&cl) + if err != nil { + return diag.FromErr(fmt.Errorf("Error setting control library:%v\n%s", cl, err)) + } + controlLibraries = append(controlLibraries, modelMap) + } + if err = d.Set("control_libraries", controlLibraries); err != nil { + return diag.FromErr(fmt.Errorf("Error setting control_libraries: %s", err)) + } + return nil +} + +func dataSourceIbmSccControlLibraryToMap(controlLibrary *securityandcompliancecenterapiv3.ControlLibraryItem) (map[string]interface{}, error) { + modelMap := make(map[string]interface{}) + if controlLibrary.ID != nil { + modelMap["id"] = controlLibrary.ID + } + if controlLibrary.AccountID != nil { + modelMap["account_id"] = controlLibrary.AccountID + } + // if controlLibrary.InstanceID != nil { + // modelMap["instance_id"] = controlLibrary.InstanceID + // } + if controlLibrary.ControlLibraryName != nil { + modelMap["control_library_name"] = controlLibrary.ControlLibraryName + } + if controlLibrary.ControlLibraryDescription != nil { + modelMap["control_library_description"] = controlLibrary.ControlLibraryDescription + } + if controlLibrary.ControlLibraryType != nil { + modelMap["control_library_type"] = controlLibrary.ControlLibraryType + } + if controlLibrary.VersionGroupLabel != nil { + modelMap["version_group_label"] = controlLibrary.VersionGroupLabel + } + if controlLibrary.ControlLibraryVersion != nil { + modelMap["control_library_version"] = controlLibrary.ControlLibraryVersion + } + if controlLibrary.Latest != nil { + modelMap["latest"] = controlLibrary.Latest + } + // if controlLibrary.HierarchyEnabled != nil { + // modelMap["hierarchy_enabled"] = controlLibrary.HierarchyEnabled + // } + if controlLibrary.CreatedBy != nil { + modelMap["created_by"] = controlLibrary.CreatedBy + } + if controlLibrary.CreatedOn != nil { + modelMap["created_on"] = controlLibrary.CreatedOn.String() + } + if controlLibrary.UpdatedBy != nil { + modelMap["updated_by"] = controlLibrary.UpdatedBy + } + if controlLibrary.UpdatedOn != nil { + modelMap["updated_on"] = controlLibrary.UpdatedOn.String() + } + if controlLibrary.ControlsCount != nil { + modelMap["controls_count"] = controlLibrary.ControlsCount + } + // if controlLibrary.ControlParentCount != nil { + // modelMap["controls_parents_count"] = controlLibrary.ControlParentsCount + // } + return modelMap, nil +} From 3ded53b0161768bbb859b6e0b21d9ade47db1063 Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Fri, 15 Mar 2024 15:33:30 -0500 Subject: [PATCH 07/12] adding the datasource control libraries and profiles --- ibm/provider/provider.go | 1 + .../data_source_ibm_scc_control_libraries.go | 22 ++++--- ...a_source_ibm_scc_control_libraries_test.go | 59 +++++++++++++++++++ .../scc/data_source_ibm_scc_profiles.go | 8 ++- .../scc/data_source_ibm_scc_profiles_test.go | 25 ++++++++ 5 files changed, 105 insertions(+), 10 deletions(-) create mode 100644 ibm/service/scc/data_source_ibm_scc_control_libraries_test.go diff --git a/ibm/provider/provider.go b/ibm/provider/provider.go index 08dd637e247..2cac84cdd34 100644 --- a/ibm/provider/provider.go +++ b/ibm/provider/provider.go @@ -763,6 +763,7 @@ func Provider() *schema.Provider { // Security and Compliance Center "ibm_scc_instance_settings": scc.DataSourceIbmSccInstanceSettings(), "ibm_scc_control_library": scc.DataSourceIbmSccControlLibrary(), + "ibm_scc_control_libraries": scc.DataSourceIbmSccControlLibraries(), "ibm_scc_profile": scc.DataSourceIbmSccProfile(), "ibm_scc_profiles": scc.DataSourceIbmSccProfiles(), "ibm_scc_profile_attachment": scc.DataSourceIbmSccProfileAttachment(), diff --git a/ibm/service/scc/data_source_ibm_scc_control_libraries.go b/ibm/service/scc/data_source_ibm_scc_control_libraries.go index c43b978bb72..19198d625ef 100644 --- a/ibm/service/scc/data_source_ibm_scc_control_libraries.go +++ b/ibm/service/scc/data_source_ibm_scc_control_libraries.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/validate" "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" ) @@ -21,13 +22,15 @@ func DataSourceIbmSccControlLibraries() *schema.Resource { Schema: map[string]*schema.Schema{ "control_library_type": { - Type: schema.TypeString, - Optional: true, + Type: schema.TypeString, + Description: "The type of control library to be found.", + ValidateFunc: validate.InvokeValidator("ibm_scc_control_library", "control_library_type"), + Optional: true, }, "control_libraries": &schema.Schema{ Type: schema.TypeList, Computed: true, - Description: "The list of control_libraries found.", + Description: "The list of control libraries found.", Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "id": { @@ -70,6 +73,11 @@ func DataSourceIbmSccControlLibraries() *schema.Resource { Computed: true, Description: "The version of the control library.", }, + "latest": { + Type: schema.TypeBool, + Computed: true, + Description: "The latest version of the control library.", + }, // "hierarchy_enabled": { // Type: schema.TypeBool, // Computed: true, @@ -126,13 +134,13 @@ func dataSourceIbmSccControlLibrariesRead(context context.Context, d *schema.Res pager, err := securityandcompliancecenterapiClient.NewControlLibrariesPager(listControlLibrariesOptions) if err != nil { - log.Printf("[DEBUG] ListcontrolLibrarysWithContext failed %s", err) - return diag.FromErr(fmt.Errorf("ListcontrolLibrarysWithContext failed %s", err)) + log.Printf("[DEBUG] ListControlLibrarysWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListControlLibrarysWithContext failed %s", err)) } controlLibraryList, err := pager.GetAll() if err != nil { - log.Printf("[DEBUG] ListcontrolLibrarysWithContext failed %s", err) - return diag.FromErr(fmt.Errorf("ListcontrolLibrarysWithContext failed %s", err)) + log.Printf("[DEBUG] ListControlLibrarysWithContext failed %s", err) + return diag.FromErr(fmt.Errorf("ListControlLibrarysWithContext failed %s", err)) } d.SetId(fmt.Sprintf("%s/control_libraries", d.Get("instance_id").(string))) if err = d.Set("instance_id", d.Get("instance_id")); err != nil { diff --git a/ibm/service/scc/data_source_ibm_scc_control_libraries_test.go b/ibm/service/scc/data_source_ibm_scc_control_libraries_test.go new file mode 100644 index 00000000000..d5a799bf701 --- /dev/null +++ b/ibm/service/scc/data_source_ibm_scc_control_libraries_test.go @@ -0,0 +1,59 @@ +package scc_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" +) + +func TestAccIbmSccControlLibrariesDataSourceBasic(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccControlLibrariesDataSourceConfigBasic(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_control_libraries.scc_control_libraries_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_control_libraries.scc_control_libraries_instance", "control_libraries.#"), + ), + }, + }, + }) +} + +func TestAccIbmSccControlLibrariesDataSourceAllArgs(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccControlLibrariesDataSourceConfigAllArgs(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_control_libraries.scc_control_libraries_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_control_libraries.scc_control_libraries_instance", "control_libraries.#"), + ), + }, + }, + }) +} + +func testAccCheckIbmSccControlLibrariesDataSourceConfigBasic(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_control_libraries" "scc_control_libraries_instance" { + instance_id = "%s" + } + `, instanceID) +} + +func testAccCheckIbmSccControlLibrariesDataSourceConfigAllArgs(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_control_libraries" "scc_control_libraries_instance" { + control_library_type = "predefined" + instance_id = "%s" + } + `, instanceID) +} diff --git a/ibm/service/scc/data_source_ibm_scc_profiles.go b/ibm/service/scc/data_source_ibm_scc_profiles.go index a43df88cd4a..7eb3d361deb 100644 --- a/ibm/service/scc/data_source_ibm_scc_profiles.go +++ b/ibm/service/scc/data_source_ibm_scc_profiles.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/validate" "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" ) @@ -46,9 +47,10 @@ func DataSourceIbmSccProfiles() *schema.Resource { Description: "The profile description.", }, "profile_type": { - Type: schema.TypeString, - Computed: true, - Description: "The profile type, such as custom or predefined.", + Type: schema.TypeString, + Computed: true, + ValidateFunc: validate.InvokeValidator("ibm_scc_profile", "profile_type"), + Description: "The profile type, such as custom or predefined.", }, "profile_version": { Type: schema.TypeString, diff --git a/ibm/service/scc/data_source_ibm_scc_profiles_test.go b/ibm/service/scc/data_source_ibm_scc_profiles_test.go index f6c4a987019..5b4c894fa15 100644 --- a/ibm/service/scc/data_source_ibm_scc_profiles_test.go +++ b/ibm/service/scc/data_source_ibm_scc_profiles_test.go @@ -25,6 +25,22 @@ func TestAccIbmSccProfilesDataSourceBasic(t *testing.T) { }) } +func TestAccIbmSccProfilesDataSourceAllArgs(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckScc(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccProfilesDataSourceConfigAllArgs(acc.SccInstanceID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.#"), + ), + }, + }, + }) +} + func testAccCheckIbmSccProfilesDataSourceConfigBasic(instanceID string) string { return fmt.Sprintf(` data "ibm_scc_profiles" "scc_profiles_instance" { @@ -32,3 +48,12 @@ func testAccCheckIbmSccProfilesDataSourceConfigBasic(instanceID string) string { } `, instanceID) } + +func testAccCheckIbmSccProfilesDataSourceConfigAllArgs(instanceID string) string { + return fmt.Sprintf(` + data "ibm_scc_profiles" "scc_profiles_instance" { + instance_id = "%s" + profile_type = "predefined" + } + `, instanceID) +} From e8198f4214ab199b40d3c3729caed0904c01fdd6 Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Fri, 15 Mar 2024 16:55:12 -0500 Subject: [PATCH 08/12] Updating some documentation --- .../data_source_ibm_scc_control_libraries.go | 2 +- .../scc/data_source_ibm_scc_profiles.go | 2 +- .../d/scc_control_libraries.html.markdown | 49 +++++++++++++++++++ .../d/scc_instance_settings.html.markdown | 2 +- website/docs/d/scc_profiles.html.markdown | 22 +++++++++ .../docs/r/scc_control_library.html.markdown | 7 ++- .../r/scc_instance_settings.html.markdown | 7 ++- website/docs/r/scc_profile.html.markdown | 11 ++++- .../r/scc_profile_attachment.html.markdown | 9 +++- .../scc_provider_type_instance.html.markdown | 12 +++-- website/docs/r/scc_rule.html.markdown | 10 +++- 11 files changed, 116 insertions(+), 17 deletions(-) create mode 100644 website/docs/d/scc_control_libraries.html.markdown create mode 100644 website/docs/d/scc_profiles.html.markdown diff --git a/ibm/service/scc/data_source_ibm_scc_control_libraries.go b/ibm/service/scc/data_source_ibm_scc_control_libraries.go index 19198d625ef..fd7c49104cb 100644 --- a/ibm/service/scc/data_source_ibm_scc_control_libraries.go +++ b/ibm/service/scc/data_source_ibm_scc_control_libraries.go @@ -35,7 +35,7 @@ func DataSourceIbmSccControlLibraries() *schema.Resource { Schema: map[string]*schema.Schema{ "id": { Type: schema.TypeString, - Required: true, + Computed: true, Description: "The ID of the control library.", }, "account_id": { diff --git a/ibm/service/scc/data_source_ibm_scc_profiles.go b/ibm/service/scc/data_source_ibm_scc_profiles.go index 7eb3d361deb..51bad458068 100644 --- a/ibm/service/scc/data_source_ibm_scc_profiles.go +++ b/ibm/service/scc/data_source_ibm_scc_profiles.go @@ -33,7 +33,7 @@ func DataSourceIbmSccProfiles() *schema.Resource { Schema: map[string]*schema.Schema{ "id": { Type: schema.TypeString, - Required: true, + Computed: true, Description: "The profile ID.", }, "profile_name": { diff --git a/website/docs/d/scc_control_libraries.html.markdown b/website/docs/d/scc_control_libraries.html.markdown new file mode 100644 index 00000000000..297a052fec6 --- /dev/null +++ b/website/docs/d/scc_control_libraries.html.markdown @@ -0,0 +1,49 @@ +--- +layout: "ibm" +page_title: "IBM : ibm_scc_control_libraries" +description: |- + Get information about scc_control_libraries +subcategory: "Security and Compliance Center" +--- + +# ibm_scc_control_library + +Retrieve information about a list of scc_control_libraries from a read-only data source. Then, you can reference the fields of the data source in other resources within the same configuration by using interpolation syntax. + +~> NOTE: if you specify the `region` in the provider, that region will become the default URL. Else, exporting the environmental variable IBMCLOUD_SCC_API_ENDPOINT will override any URL(ex. `export IBMCLOUD_SCC_API_ENDPOINT=https://us-south.compliance.cloud.ibm.com`). + +## Example Usage + +```hcl +data "ibm_scc_control_libraries" "scc_control_libraries" { + instance_id = "00000000-1111-2222-3333-444444444444" +} +``` + +## Argument Reference + +You can specify the following arguments for this data source. + +* `control_library_type` - (Optional, Forces new resource, String) The type of control library to query. + * Constraints: Allowable values are: `predefined`, `custom`. +* `instance_id` - (Required, Forces new resource, String) The ID of the SCC instance in a particular region. + +## Attribute Reference + +After your data source is created, you can read values from the following attributes. + +* `control_libraries` - (List) The list of control libraries. + + Nested schema for **control_libraries**: + * `id` - (String) The unique identifier of the scc_control_library. + * `account_id` - (String) The account ID. + * `control_library_description` - (String) The control library description. + * `control_library_name` - (String) The control library name. + * `control_library_type` - (String) The control library type. + * `control_library_version` - (String) The control library version. + * `control_count` - (Integer) The number of controls in the control library. + * `created_by` - (String) The user who created the control library. + * `created_on` - (String) The date when the control library was created. + * `updated_by` - (String) The user who updated the control library. + * `updated_on` - (String) The date when the control library was updated. + * `version_group_label` - (String) The version group label. diff --git a/website/docs/d/scc_instance_settings.html.markdown b/website/docs/d/scc_instance_settings.html.markdown index ce53c591710..3c69abbb594 100644 --- a/website/docs/d/scc_instance_settings.html.markdown +++ b/website/docs/d/scc_instance_settings.html.markdown @@ -15,7 +15,7 @@ Provides a read-only data source to retrieve information about scc_instance_sett ## Example Usage ```hcl -resource "ibm_scc_instance_settings" "scc_instance_settings_instance" { +data "ibm_scc_instance_settings" "scc_instance_settings_instance" { instance_id = "00000000-1111-2222-3333-444444444444" } ``` diff --git a/website/docs/d/scc_profiles.html.markdown b/website/docs/d/scc_profiles.html.markdown new file mode 100644 index 00000000000..646f370f5eb --- /dev/null +++ b/website/docs/d/scc_profiles.html.markdown @@ -0,0 +1,22 @@ +--- +layout: "ibm" +page_title: "IBM : ibm_scc_profiles" +description: |- + Get information about scc_profiles +subcategory: "Security and Compliance Center" +--- + +# ibm_scc_profiles + +Retrieve information about a list of profiles from a read-only data source. Then, you can reference the fields of the data source in other resources within the same configuration by using interpolation syntax. + +~> NOTE: if you specify the `region` in the provider, that region will become the default URL. Else, exporting the environmental variable IBMCLOUD_SCC_API_ENDPOINT will override any URL(ex. `export IBMCLOUD_SCC_API_ENDPOINT=https://us-south.compliance.cloud.ibm.com`). + +## Example Usage + +```hcl +data "ibm_scc_profiles" "scc_profiles" { + instance_id = "00000000-1111-2222-3333-444444444444" + profile_id = ibm_scc_profile.scc_profile_instance.profile_id +} +``` \ No newline at end of file diff --git a/website/docs/r/scc_control_library.html.markdown b/website/docs/r/scc_control_library.html.markdown index 98ef982637a..138ecc2a601 100644 --- a/website/docs/r/scc_control_library.html.markdown +++ b/website/docs/r/scc_control_library.html.markdown @@ -161,19 +161,18 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_control_library` resource by using `id`. The `id` property can be formed from `instance_id` and `control_library_id` in the following format: - -``` +```bash / ``` * `instance_id`: A string. The instance ID. * `control_library_id`: A string. The control library ID. # Syntax -``` +```bash $ terraform import ibm_scc_control_library.scc_control_library / ``` # Example -``` +```bash $ terraform import ibm_scc_control_library.scc_control_library 00000000-1111-2222-3333-444444444444/f3517159-889e-4781-819a-89d89b747c85 ``` diff --git a/website/docs/r/scc_instance_settings.html.markdown b/website/docs/r/scc_instance_settings.html.markdown index 98bd28df3b2..0c0b5c1f517 100644 --- a/website/docs/r/scc_instance_settings.html.markdown +++ b/website/docs/r/scc_instance_settings.html.markdown @@ -60,6 +60,11 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_instance_settings` resource by using `instance_id`. The unique identifier of the scc_instance_settings. # Syntax -``` +```bash $ terraform import ibm_scc_instance_settings.scc_instance_settings ``` + +# Example +```bash +$ terraform import ibm_scc_instance_settings.scc_instance_settings 00000000-1111-2222-3333-444444444444 +``` \ No newline at end of file diff --git a/website/docs/r/scc_profile.html.markdown b/website/docs/r/scc_profile.html.markdown index 9f1d94cc57a..2305dd3cdd0 100644 --- a/website/docs/r/scc_profile.html.markdown +++ b/website/docs/r/scc_profile.html.markdown @@ -186,13 +186,20 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_profile` resource by using `id`. The `id` property can be formed from `instance_id` and `profiles_id` in the following format: -``` +```bash / ``` + * `instance_id`: A string. The instance ID. * `profile_id`: A string. The profile ID. # Syntax -``` + +```bash $ terraform import ibm_scc_profile.scc_profile / ``` + +# Example +```bash +$ terraform import ibm_scc_profile.scc_profile 00000000-1111-2222-3333-444444444444/00000000-1111-2222-3333-444444444444 +``` \ No newline at end of file diff --git a/website/docs/r/scc_profile_attachment.html.markdown b/website/docs/r/scc_profile_attachment.html.markdown index d8219395403..6648d801882 100644 --- a/website/docs/r/scc_profile_attachment.html.markdown +++ b/website/docs/r/scc_profile_attachment.html.markdown @@ -136,7 +136,7 @@ Nested schema for **last_scan**: You can import the `ibm_scc_profile_attachment` resource by using `id`. The `id` property can be formed from `instance_id`, `profiles_id`, and `attachment_id` in the following format: -``` +```bash // ``` * `instance_id`: A string. The instance ID. @@ -144,6 +144,11 @@ The `id` property can be formed from `instance_id`, `profiles_id`, and `attachme * `attachment_id`: A string. The attachment ID. # Syntax -``` +```bash $ terraform import ibm_scc_profile_attachment.scc_profile_attachment // ``` + +# Example +```bash +$ terraform import ibm_scc_profile_attachment.scc_profile_attachment 00000000-1111-2222-3333-444444444444/00000000-1111-2222-3333-444444444444/f3517159-889e-4781-819a-89d89b747c85 +``` \ No newline at end of file diff --git a/website/docs/r/scc_provider_type_instance.html.markdown b/website/docs/r/scc_provider_type_instance.html.markdown index f67260edc40..1e4e2815485 100644 --- a/website/docs/r/scc_provider_type_instance.html.markdown +++ b/website/docs/r/scc_provider_type_instance.html.markdown @@ -48,14 +48,20 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_provider_type_instance` resource by using `id`. The `id` property can be formed from `instance_id`, `provider_type_id`, and `provider_type_instance_id` in the following format: -``` -/ +```bash +// ``` * `instance_id`: A string. The instance ID. * `provider_type_id`: A string. The provider type ID. * `provider_type_instance_id`: A string. The provider type instance ID. # Syntax -``` + +```bash $ terraform import ibm_scc_provider_type_instance.scc_provider_type_instance // ``` + +# Example +```bash +$ terraform import ibm_scc_provider_type_instance.scc_provider_type_instance 00000000-1111-2222-3333-444444444444/00000000-1111-2222-3333-444444444444/f3517159-889e-4781-819a-89d89b747c85 +``` \ No newline at end of file diff --git a/website/docs/r/scc_rule.html.markdown b/website/docs/r/scc_rule.html.markdown index 1fbe9fbbf42..969767b8b16 100644 --- a/website/docs/r/scc_rule.html.markdown +++ b/website/docs/r/scc_rule.html.markdown @@ -193,13 +193,19 @@ After your resource is created, you can read values from the listed arguments an You can import the `ibm_scc_rule` resource by using `id`. The rule ID. The `id` property can be formed from `instance_id` and `rule_id` in the following format: -``` +```bash / ``` * `instance_id`: A string. The instance ID. * `rule_id`: A string. The rule ID. # Syntax -``` + +```bash $ terraform import ibm_scc_rule.scc_rule / ``` + +# Example +```bash +$ terraform import ibm_scc_rule.scc_rule 00000000-1111-2222-3333-444444444444/00000000-1111-2222-3333-444444444444 +``` \ No newline at end of file From 19831544500fe4521d4e11d80541f0bcd82f7058 Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Mon, 18 Mar 2024 16:27:18 -0500 Subject: [PATCH 09/12] adding the updates to documentation and fmt'ing --- .../scc/data_source_ibm_scc_profiles_test.go | 4 ++ ...data_source_ibm_scc_provider_types_test.go | 2 + .../d/scc_control_libraries.html.markdown | 11 ++++ website/docs/d/scc_profile.html.markdown | 13 ++-- website/docs/d/scc_profiles.html.markdown | 57 +++++++++++++++- .../docs/d/scc_provider_types.html.markdown | 66 +++++++++++++++++++ .../r/scc_profile_attachment.html.markdown | 6 +- 7 files changed, 149 insertions(+), 10 deletions(-) create mode 100644 website/docs/d/scc_provider_types.html.markdown diff --git a/ibm/service/scc/data_source_ibm_scc_profiles_test.go b/ibm/service/scc/data_source_ibm_scc_profiles_test.go index 5b4c894fa15..efed00e9640 100644 --- a/ibm/service/scc/data_source_ibm_scc_profiles_test.go +++ b/ibm/service/scc/data_source_ibm_scc_profiles_test.go @@ -19,6 +19,8 @@ func TestAccIbmSccProfilesDataSourceBasic(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "instance_id"), resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.#"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.0.id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.0.profile_name"), ), }, }, @@ -35,6 +37,8 @@ func TestAccIbmSccProfilesDataSourceAllArgs(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "instance_id"), resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.#"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.0.id"), + resource.TestCheckResourceAttrSet("data.ibm_scc_profiles.scc_profiles_instance", "profiles.0.profile_name"), ), }, }, diff --git a/ibm/service/scc/data_source_ibm_scc_provider_types_test.go b/ibm/service/scc/data_source_ibm_scc_provider_types_test.go index a35f0a1eb3f..9b18ba62498 100644 --- a/ibm/service/scc/data_source_ibm_scc_provider_types_test.go +++ b/ibm/service/scc/data_source_ibm_scc_provider_types_test.go @@ -19,6 +19,8 @@ func TestAccIbmSccProviderTypesDataSourceBasic(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "instance_id"), resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "provider_types.#"), + resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "provider_types.0.name"), + resource.TestCheckResourceAttrSet("data.ibm_scc_provider_types.scc_provider_types_instance", "provider_types.0.id"), ), }, }, diff --git a/website/docs/d/scc_control_libraries.html.markdown b/website/docs/d/scc_control_libraries.html.markdown index 297a052fec6..4b63bc02e66 100644 --- a/website/docs/d/scc_control_libraries.html.markdown +++ b/website/docs/d/scc_control_libraries.html.markdown @@ -36,14 +36,25 @@ After your data source is created, you can read values from the following attrib Nested schema for **control_libraries**: * `id` - (String) The unique identifier of the scc_control_library. + * `account_id` - (String) The account ID. + * `control_library_description` - (String) The control library description. + * `control_library_name` - (String) The control library name. + * `control_library_type` - (String) The control library type. + * `control_library_version` - (String) The control library version. + * `control_count` - (Integer) The number of controls in the control library. + * `created_by` - (String) The user who created the control library. + * `created_on` - (String) The date when the control library was created. + * `updated_by` - (String) The user who updated the control library. + * `updated_on` - (String) The date when the control library was updated. + * `version_group_label` - (String) The version group label. diff --git a/website/docs/d/scc_profile.html.markdown b/website/docs/d/scc_profile.html.markdown index 73983c2183f..8938d79d1b5 100644 --- a/website/docs/d/scc_profile.html.markdown +++ b/website/docs/d/scc_profile.html.markdown @@ -33,14 +33,14 @@ You can specify the following arguments for this data source. After your data source is created, you can read values from the following attributes. -* `id` - The unique identifier of the scc_profile. * `attachments_count` - (Integer) The number of attachments related to this profile. * `control_parents_count` - (Integer) The number of parent controls for the profile. * `controls` - (List) The array of controls that are used to create the profile. * Constraints: The maximum length is `600` items. The minimum length is `0` items. -Nested schema for **controls**: + + Nested schema for **controls**: * `control_category` - (String) The control category. * Constraints: The maximum length is `512` characters. The minimum length is `2` characters. The value must match regular expression `/[A-Za-z0-9]+/`. * `control_description` - (String) The control description. @@ -64,7 +64,8 @@ Nested schema for **controls**: * `control_requirement` - (Boolean) Is this a control that can be automated or manually evaluated. * `control_specifications` - (List) The control specifications. * Constraints: The maximum length is `400` items. The minimum length is `0` items. - Nested schema for **control_specifications**: + + Nested schema for **control_specifications**: * `assessments` - (List) The assessments. * Constraints: The maximum length is `10` items. The minimum length is `0` items. Nested schema for **assessments**: @@ -79,7 +80,8 @@ Nested schema for **controls**: * `parameter_count` - (Integer) The parameter count. * `parameters` - (List) The parameters. * Constraints: The maximum length is `512` items. The minimum length is `0` items. - Nested schema for **parameters**: + + Nested schema for **parameters**: * `parameter_display_name` - (String) The parameter display name. * Constraints: The maximum length is `64` characters. The minimum length is `2` characters. The value must match regular expression `/^[a-zA-Z0-9_,'\\s\\-]*$/`. * `parameter_name` - (String) The parameter name. @@ -110,7 +112,8 @@ Nested schema for **controls**: * `default_parameters` - (List) The default parameters of the profile. * Constraints: The maximum length is `512` items. The minimum length is `0` items. -Nested schema for **default_parameters**: + + Nested schema for **default_parameters**: * `assessment_id` - (String) The implementation ID of the parameter. * Constraints: The maximum length is `64` characters. The minimum length is `2` characters. The value must match regular expression `/[A-Za-z0-9]+/`. * `assessment_type` - (String) The type of the implementation. diff --git a/website/docs/d/scc_profiles.html.markdown b/website/docs/d/scc_profiles.html.markdown index 646f370f5eb..1a40a835044 100644 --- a/website/docs/d/scc_profiles.html.markdown +++ b/website/docs/d/scc_profiles.html.markdown @@ -15,8 +15,59 @@ Retrieve information about a list of profiles from a read-only data source. Then ## Example Usage ```hcl -data "ibm_scc_profiles" "scc_profiles" { +data "ibm_scc_profiles" "scc_profiles_instace" { instance_id = "00000000-1111-2222-3333-444444444444" - profile_id = ibm_scc_profile.scc_profile_instance.profile_id + profile_type = ibm_scc_profile.scc_profile_instance.profile_id } -``` \ No newline at end of file +``` + +## Argument Reference + +You can specify the following arguments for this data source. + +* `profile_type` - (Optional, Forces new resource, String) The type of profiles to query. + * Constraints: Allowable values are: `predefined`, `custom`. +* `instance_id` - (Required, Forces new resource, String) The ID of the SCC instance in a particular region. + +## Attribute Reference + +After your data source is created, you can read values from the following attributes. + +* `profiles` - (List) The list of profiles. + + Nested schema for **profiles**: + * `id` - The unique identifier of the scc_profile. + + * `attachments_count` - (Integer) The number of attachments related to this profile. + + * `control_parents_count` - (Integer) The number of parent controls for the profile. + + * `instance_id` - (String) The instance ID. + + * `latest` - (Boolean) The latest version of the profile. + + * `profile_description` - (String) The profile description. + * Constraints: The maximum length is `256` characters. The minimum length is `2` characters. The value must match regular expression `/[A-Za-z0-9]+/`. + + * `profile_name` - (String) The profile name. + + + * `profile_type` - (String) The profile type, such as custom or predefined. + + * `profile_version` - (String) The version status of the profile. + + * `version_group_label` - (String) The version group label of the profile. + + * `latest` - (Boolean) The latest version of the profile. + + * `hierarchy_enabled` - (Boolean) The indication of whether hierarchy is enabled for the profile. + + * `created_by` - (String) The user who created the profile. + + * `created_on` - (String) The date when the profile was created. + + * `controls_count` - (Integer) The number of controls for the profile. + + * `control_parents_count` - (Integer) The number of parent controls for the profile. + + * `attachments_count` - (Integer) The number of attachments related to this profile. \ No newline at end of file diff --git a/website/docs/d/scc_provider_types.html.markdown b/website/docs/d/scc_provider_types.html.markdown new file mode 100644 index 00000000000..2d97a4c8e1f --- /dev/null +++ b/website/docs/d/scc_provider_types.html.markdown @@ -0,0 +1,66 @@ +--- +layout: "ibm" +page_title: "IBM : ibm_scc_provider_types" +description: |- + Get information about various scc_provider_types +subcategory: "Security and Compliance Center" +--- + +# ibm_scc_provider_types + +Retrieve information about a provider type from a read-only data source. Then, you can reference the fields of the data source in other resources within the same configuration by using interpolation syntax. + +~> NOTE: if you specify the `region` in the provider, that region will become the default URL. Else, exporting the environmental variable IBMCLOUD_SCC_API_ENDPOINT will override any URL(ex. `export IBMCLOUD_SCC_API_ENDPOINT=https://us-south.compliance.cloud.ibm.com`). + +## Example Usage + +```hcl +data "ibm_scc_provider_types" "scc_provider_types_instance" { + instance_id = "00000000-1111-2222-3333-444444444444" +} +``` + +## Argument Reference + +You can specify the following arguments for this data source. + +* `instance_id` - (Required, Forces new resource, String) The ID of the SCC instance in a particular region. + + +## Attribute Reference + +After your data source is created, you can read values from the following attributes. + +* `provider_types` - (List) The list of provider_types. + +* `id` - The unique identifier of the scc_provider_type. + +* `type` - (String) The type of the provider type. + +* `name` - (String) The name of the provider type. + +* `description` - (String) The provider type description. + +* `s2s_enabled` - (Boolean) A boolean that indicates whether the provider type is s2s-enabled. + + **NOTE;** If the provider type is s2s-enabled, which means that if the `s2s_enabled` field is set to `true`, then a CRN field of type text is required in the attributes value object when creating a `ibm_scc_provider_type_instance` + +* `attributes` - (Map) The attributes that are required when you're creating an instance of a provider type. The attributes field can have multiple keys in its value. Each of those keys has a value object that includes the type, and display name as keys. For example, `{type:"", display_name:""}`. + +* `created_at` - (String) The time when the resource was created. + +* `data_type` - (String) The format of the results that a provider supports. + +* `icon` - (String) The icon of a provider in .svg format that is encoded as a base64 string. + +* `instance_limit` - (Integer) The maximum number of instances that can be created for the provider type. + +* `label` - (List) The label that is associated with the provider type. +Nested schema for **label**: + * `text` - (String) The text of the label. + * `tip` - (String) The text to be shown when user hover overs the label. + +* `mode` - (String) The mode that is used to get results from provider (`PUSH` or `PULL`). + +* `updated_at` - (String) The time when the resource was updated. + diff --git a/website/docs/r/scc_profile_attachment.html.markdown b/website/docs/r/scc_profile_attachment.html.markdown index 6648d801882..e9ee6988250 100644 --- a/website/docs/r/scc_profile_attachment.html.markdown +++ b/website/docs/r/scc_profile_attachment.html.markdown @@ -96,7 +96,8 @@ After your resource is created, you can read values from the listed arguments an * Constraints: The maximum length is `32` characters. The minimum length is `32` characters. The value must match regular expression `/^[a-zA-Z0-9-]*$/`. * `attachment_parameters` - (List) The profile parameters for the attachment. * Constraints: The maximum length is `512` items. The minimum length is `0` items. -Nested schema for **attachment_parameters**: + + Nested schema for **attachment_parameters**: * `assessment_id` - (String) The implementation ID of the parameter. * Constraints: The maximum length is `64` characters. The minimum length is `2` characters. The value must match regular expression `/[A-Za-z0-9]+/`. * `assessment_type` - (String) The type of the implementation. @@ -117,7 +118,8 @@ Nested schema for **attachment_parameters**: * `instance_id` - (String) The instance ID of the account that is associated to the attachment. * Constraints: The maximum length is `36` characters. The minimum length is `36` characters. The value must match regular expression `/^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/`. * `last_scan` - (List) The details of the last scan of an attachment. -Nested schema for **last_scan**: + + Nested schema for **last_scan**: * `id` - (String) The ID of the last scan of an attachment. * Constraints: The maximum length is `36` characters. The minimum length is `36` characters. The value must match regular expression `/^[a-zA-Z0-9-]*$/`. * `status` - (String) The status of the last scan of an attachment. From 7cbb7a03815e7bd891e4cfe7b74280f63a71dc79 Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Thu, 21 Mar 2024 16:43:14 -0500 Subject: [PATCH 10/12] Adding the err checks for interface conversion --- ibm/service/scc/resource_ibm_scc_control_library.go | 8 +++++++- ibm/service/scc/resource_ibm_scc_profile_attachment.go | 8 +++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/ibm/service/scc/resource_ibm_scc_control_library.go b/ibm/service/scc/resource_ibm_scc_control_library.go index aa17e2bd40d..30534983fbf 100644 --- a/ibm/service/scc/resource_ibm_scc_control_library.go +++ b/ibm/service/scc/resource_ibm_scc_control_library.go @@ -889,12 +889,18 @@ func resourceIbmSccControlLibraryControlsInControlLibToMap(model *securityandcom // using the assessment_id for comparison func compareAssessmentSetFunc(v interface{}) int { + if v == nil { + return 0 + } m := v.(map[string]interface{}) id := (m["assessment_id"]).(*string) assId := (*id)[5:18] var i big.Int i.SetString(strings.Replace(assId, "-", "", 4), 16) - val, _ := strconv.Atoi(i.String()) + val, err := strconv.Atoi(i.String()) + if err != nil { + log.Printf("[ERROR] Setting the Assessments for Control Library failed %s\n", err) + } return val } diff --git a/ibm/service/scc/resource_ibm_scc_profile_attachment.go b/ibm/service/scc/resource_ibm_scc_profile_attachment.go index 5e4e955d2d2..489b9272ccb 100644 --- a/ibm/service/scc/resource_ibm_scc_profile_attachment.go +++ b/ibm/service/scc/resource_ibm_scc_profile_attachment.go @@ -325,12 +325,18 @@ func resourceIbmSccProfileAttachmentCreate(context context.Context, d *schema.Re } func cmpAttachParamSetFunc(v interface{}) int { + if v == nil { + return 0 + } m := v.(map[string]interface{}) id := (m["assessment_id"]).(*string) assId := (*id)[5:18] var i big.Int i.SetString(strings.Replace(assId, "-", "", 4), 16) - val, _ := strconv.Atoi(i.String()) + val, err := strconv.Atoi(i.String()) + if err != nil { + log.Printf("[ERROR] Setting the Parameters of the Profile Attachment failed %s\n", err) + } return val } From 269a417f0daf549088a943920462c061ff51c358 Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Fri, 22 Mar 2024 12:36:59 -0500 Subject: [PATCH 11/12] making both fields to be required if instantiated --- ibm/service/scc/resource_ibm_scc_control_library.go | 2 +- ibm/service/scc/resource_ibm_scc_profile_attachment.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ibm/service/scc/resource_ibm_scc_control_library.go b/ibm/service/scc/resource_ibm_scc_control_library.go index 30534983fbf..e656c7d7de2 100644 --- a/ibm/service/scc/resource_ibm_scc_control_library.go +++ b/ibm/service/scc/resource_ibm_scc_control_library.go @@ -163,7 +163,7 @@ func ResourceIbmSccControlLibrary() *schema.Resource { Schema: map[string]*schema.Schema{ "assessment_id": { Type: schema.TypeString, - Optional: true, + Required: true, Description: "The assessment ID.", }, "assessment_method": { diff --git a/ibm/service/scc/resource_ibm_scc_profile_attachment.go b/ibm/service/scc/resource_ibm_scc_profile_attachment.go index 489b9272ccb..ddd1ae96a96 100644 --- a/ibm/service/scc/resource_ibm_scc_profile_attachment.go +++ b/ibm/service/scc/resource_ibm_scc_profile_attachment.go @@ -177,7 +177,7 @@ func ResourceIbmSccProfileAttachment() *schema.Resource { }, "assessment_id": { Type: schema.TypeString, - Optional: true, + Required: true, Description: "The implementation ID of the parameter.", }, "parameter_name": { From f8bc5cf5b069b312c2040ca65d8fef34f1124f4c Mon Sep 17 00:00:00 2001 From: Timothy-Yao Date: Fri, 22 Mar 2024 13:00:12 -0500 Subject: [PATCH 12/12] fixing the formatting of the test --- ibm/service/scc/resource_ibm_scc_profile_attachment_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ibm/service/scc/resource_ibm_scc_profile_attachment_test.go b/ibm/service/scc/resource_ibm_scc_profile_attachment_test.go index 14d8800be75..6c1d5cdc8e7 100644 --- a/ibm/service/scc/resource_ibm_scc_profile_attachment_test.go +++ b/ibm/service/scc/resource_ibm_scc_profile_attachment_test.go @@ -90,8 +90,8 @@ func testAccCheckIbmSccProfileAttachmentConfigBasic(instanceID string) string { assessment_description = "assessment_description" parameters { parameter_display_name = "Sign out due to inactivity in seconds" - parameter_name = "session_invalidation_in_seconds" - parameter_type = "numeric" + parameter_name = "session_invalidation_in_seconds" + parameter_type = "numeric" } } }