diff --git a/ibm/service/iamidentity/resource_ibm_iam_trusted_profile.go b/ibm/service/iamidentity/resource_ibm_iam_trusted_profile.go index 1fdd980355..edfda369f5 100644 --- a/ibm/service/iamidentity/resource_ibm_iam_trusted_profile.go +++ b/ibm/service/iamidentity/resource_ibm_iam_trusted_profile.go @@ -1,6 +1,10 @@ -// Copyright IBM Corp. 2021 All Rights Reserved. +// Copyright IBM Corp. 2025 All Rights Reserved. // Licensed under the Mozilla Public License v2.0 +/* + * IBM OpenAPI Terraform Generator Version: 3.98.0-8be2046a-20241205-162752 + */ + package iamidentity import ( @@ -8,11 +12,12 @@ import ( "fmt" "log" - "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" - "github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex" + "github.com/IBM/go-sdk-core/v5/core" "github.com/IBM/platform-services-go-sdk/iamidentityv1" ) @@ -25,104 +30,104 @@ func ResourceIBMIAMTrustedProfile() *schema.Resource { Importer: &schema.ResourceImporter{}, Schema: map[string]*schema.Schema{ - "name": { + "name": &schema.Schema{ Type: schema.TypeString, Required: true, Description: "Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account.", }, - "account_id": { + "description": &schema.Schema{ Type: schema.TypeString, - Computed: true, - Description: "The account ID of the trusted profile.", + Optional: true, + Description: "The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile.", }, - "description": { + "account_id": &schema.Schema{ Type: schema.TypeString, - Optional: true, - Description: "The optional description of the trusted profile. The 'description' property is only available if a description was provided during creation of trusted profile.", + Computed: true, + Description: "ID of the account that this trusted profile belong to.", }, - "profile_id": { + "id": &schema.Schema{ Type: schema.TypeString, Computed: true, - Description: "Unique identifier of this trusted profile.", + Description: "the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.", }, - "entity_tag": { + "entity_tag": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates.", }, - "crn": { + "crn": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'.", }, - "created_at": { + "created_at": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "If set contains a date time string of the creation date in ISO format.", }, - "modified_at": { + "modified_at": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "If set contains a date time string of the last modification date in ISO format.", }, - "iam_id": { + "iam_id": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "The iam_id of this trusted profile.", }, - "ims_account_id": { - Type: schema.TypeInt, + "template_id": &schema.Schema{ + Type: schema.TypeString, Computed: true, - Description: "IMS acount ID of the trusted profile.", + Description: "ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.", }, - "ims_user_id": { - Type: schema.TypeInt, + "assignment_id": &schema.Schema{ + Type: schema.TypeString, Computed: true, - Description: "IMS user ID of the trusted profile.", + Description: "ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account.", }, - "template_id": { - Type: schema.TypeString, + "ims_account_id": &schema.Schema{ + Type: schema.TypeInt, Computed: true, - Description: "Template id the profile was created from.", + Description: "IMS acount ID of the trusted profile.", }, - "assignment_id": { - Type: schema.TypeString, + "ims_user_id": &schema.Schema{ + Type: schema.TypeInt, Computed: true, - Description: "Id of assignment that assigned the template.", + Description: "IMS user ID of the trusted profile.", }, - "history": { + "history": &schema.Schema{ Type: schema.TypeList, Computed: true, Description: "History of the trusted profile.", Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ - "timestamp": { + "timestamp": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "Timestamp when the action was triggered.", }, - "iam_id": { + "iam_id": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "IAM ID of the identity which triggered the action.", }, - "iam_id_account": { + "iam_id_account": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "Account of the identity which triggered the action.", }, - "action": { + "action": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "Action of the history entry.", }, - "params": { + "params": &schema.Schema{ Type: schema.TypeList, Computed: true, Description: "Params of the history entry.", Elem: &schema.Schema{Type: schema.TypeString}, }, - "message": { + "message": &schema.Schema{ Type: schema.TypeString, Computed: true, Description: "Message which summarizes the executed action.", @@ -137,7 +142,9 @@ func ResourceIBMIAMTrustedProfile() *schema.Resource { func resourceIBMIamTrustedProfileCreate(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { iamIdentityClient, err := meta.(conns.ClientSession).IAMIdentityV1API() if err != nil { - return diag.FromErr(err) + tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "create", "initialize-client") + log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage()) + return tfErr.GetDiag() } createProfileOptions := &iamidentityv1.CreateProfileOptions{} @@ -155,10 +162,11 @@ func resourceIBMIamTrustedProfileCreate(context context.Context, d *schema.Resou createProfileOptions.SetDescription(d.Get("description").(string)) } - trustedProfile, response, err := iamIdentityClient.CreateProfile(createProfileOptions) + trustedProfile, _, err := iamIdentityClient.CreateProfileWithContext(context, createProfileOptions) if err != nil { - log.Printf("[DEBUG] CreateProfileWithContext failed %s\n%s", err, response) - return diag.FromErr(fmt.Errorf("CreateProfileWithContext failed %s\n%s", err, response)) + tfErr := flex.TerraformErrorf(err, fmt.Sprintf("CreateProfileWithContext failed: %s", err.Error()), "ibm_iam_trusted_profile", "create") + log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage()) + return tfErr.GetDiag() } d.SetId(*trustedProfile.ID) @@ -169,149 +177,134 @@ func resourceIBMIamTrustedProfileCreate(context context.Context, d *schema.Resou func resourceIBMIamTrustedProfileRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { iamIdentityClient, err := meta.(conns.ClientSession).IAMIdentityV1API() if err != nil { - return diag.FromErr(err) + tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "initialize-client") + log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage()) + return tfErr.GetDiag() } getProfileOptions := &iamidentityv1.GetProfileOptions{} getProfileOptions.SetProfileID(d.Id()) - trustedProfile, response, err := iamIdentityClient.GetProfile(getProfileOptions) + trustedProfile, response, err := iamIdentityClient.GetProfileWithContext(context, getProfileOptions) if err != nil { if response != nil && response.StatusCode == 404 { d.SetId("") return nil } - log.Printf("[DEBUG] GetProfile failed %s\n%s", err, response) - return diag.FromErr(fmt.Errorf("GetProfile failed %s\n%s", err, response)) + tfErr := flex.TerraformErrorf(err, fmt.Sprintf("GetProfileWithContext failed: %s", err.Error()), "ibm_iam_trusted_profile", "read") + log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage()) + return tfErr.GetDiag() } if err = d.Set("name", trustedProfile.Name); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting name: %s", err)) + err = fmt.Errorf("Error setting name: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-name").GetDiag() } - if err = d.Set("account_id", trustedProfile.AccountID); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting account_id: %s", err)) + if !core.IsNil(trustedProfile.Description) { + if err = d.Set("description", trustedProfile.Description); err != nil { + err = fmt.Errorf("Error setting description: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-description").GetDiag() + } } - if err = d.Set("description", trustedProfile.Description); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting description: %s", err)) + if err = d.Set("account_id", trustedProfile.AccountID); err != nil { + err = fmt.Errorf("Error setting account_id: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-account_id").GetDiag() } - if err = d.Set("profile_id", trustedProfile.ID); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting id: %s", err)) + if err = d.Set("id", trustedProfile.ID); err != nil { + err = fmt.Errorf("Error setting id: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-id").GetDiag() } if err = d.Set("entity_tag", trustedProfile.EntityTag); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting entity_tag: %s", err)) + err = fmt.Errorf("Error setting entity_tag: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-entity_tag").GetDiag() } if err = d.Set("crn", trustedProfile.CRN); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting crn: %s", err)) + err = fmt.Errorf("Error setting crn: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-crn").GetDiag() } - if err = d.Set("created_at", flex.DateTimeToString(trustedProfile.CreatedAt)); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting created_at: %s", err)) + if !core.IsNil(trustedProfile.CreatedAt) { + if err = d.Set("created_at", flex.DateTimeToString(trustedProfile.CreatedAt)); err != nil { + err = fmt.Errorf("Error setting created_at: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-created_at").GetDiag() + } } - if err = d.Set("modified_at", flex.DateTimeToString(trustedProfile.ModifiedAt)); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting modified_at: %s", err)) + if !core.IsNil(trustedProfile.ModifiedAt) { + if err = d.Set("modified_at", flex.DateTimeToString(trustedProfile.ModifiedAt)); err != nil { + err = fmt.Errorf("Error setting modified_at: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-modified_at").GetDiag() + } } if err = d.Set("iam_id", trustedProfile.IamID); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting iam_id: %s", err)) + err = fmt.Errorf("Error setting iam_id: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-iam_id").GetDiag() } - if err = d.Set("ims_account_id", flex.IntValue(trustedProfile.ImsAccountID)); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting ims_account_id: %s", err)) + if !core.IsNil(trustedProfile.TemplateID) { + if err = d.Set("template_id", trustedProfile.TemplateID); err != nil { + err = fmt.Errorf("Error setting template_id: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-template_id").GetDiag() + } } - if err = d.Set("ims_user_id", flex.IntValue(trustedProfile.ImsUserID)); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting ims_user_id: %s", err)) + if !core.IsNil(trustedProfile.AssignmentID) { + if err = d.Set("assignment_id", trustedProfile.AssignmentID); err != nil { + err = fmt.Errorf("Error setting assignment_id: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-assignment_id").GetDiag() + } } - if err = d.Set("template_id", trustedProfile.TemplateID); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting template_id: %s", err)) + if !core.IsNil(trustedProfile.ImsAccountID) { + if err = d.Set("ims_account_id", flex.IntValue(trustedProfile.ImsAccountID)); err != nil { + err = fmt.Errorf("Error setting ims_account_id: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-ims_account_id").GetDiag() + } } - if err = d.Set("assignment_id", trustedProfile.AssignmentID); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting assignment_id: %s", err)) + if !core.IsNil(trustedProfile.ImsUserID) { + if err = d.Set("ims_user_id", flex.IntValue(trustedProfile.ImsUserID)); err != nil { + err = fmt.Errorf("Error setting ims_user_id: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-ims_user_id").GetDiag() + } } - - history := []map[string]interface{}{} - if trustedProfile.History != nil { + if !core.IsNil(trustedProfile.History) { + history := []map[string]interface{}{} for _, historyItem := range trustedProfile.History { - historyItemMap := resourceIBMIamTrustedProfileEnityHistoryRecordToMap(historyItem) + historyItemMap, err := ResourceIBMIamTrustedProfileEnityHistoryRecordToMap(&historyItem) // #nosec G601 + if err != nil { + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "history-to-map").GetDiag() + } history = append(history, historyItemMap) } - } - if err = d.Set("history", history); err != nil { - return diag.FromErr(fmt.Errorf("[ERROR] Error setting history: %s", err)) + if err = d.Set("history", history); err != nil { + err = fmt.Errorf("Error setting history: %s", err) + return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "read", "set-history").GetDiag() + } } return nil } -func resourceIBMIamTrustedProfileResponseContextToMap(responseContext iamidentityv1.ResponseContext) map[string]interface{} { - responseContextMap := map[string]interface{}{} - - if responseContext.TransactionID != nil { - responseContextMap["transaction_id"] = responseContext.TransactionID - } - if responseContext.Operation != nil { - responseContextMap["operation"] = responseContext.Operation - } - if responseContext.UserAgent != nil { - responseContextMap["user_agent"] = responseContext.UserAgent - } - if responseContext.URL != nil { - responseContextMap["url"] = responseContext.URL - } - if responseContext.InstanceID != nil { - responseContextMap["instance_id"] = responseContext.InstanceID - } - if responseContext.ThreadID != nil { - responseContextMap["thread_id"] = responseContext.ThreadID - } - if responseContext.Host != nil { - responseContextMap["host"] = responseContext.Host - } - if responseContext.StartTime != nil { - responseContextMap["start_time"] = responseContext.StartTime - } - if responseContext.EndTime != nil { - responseContextMap["end_time"] = responseContext.EndTime - } - if responseContext.ElapsedTime != nil { - responseContextMap["elapsed_time"] = responseContext.ElapsedTime - } - if responseContext.ClusterName != nil { - responseContextMap["cluster_name"] = responseContext.ClusterName - } - - return responseContextMap -} - -func resourceIBMIamTrustedProfileEnityHistoryRecordToMap(enityHistoryRecord iamidentityv1.EnityHistoryRecord) map[string]interface{} { - enityHistoryRecordMap := map[string]interface{}{} - - enityHistoryRecordMap["timestamp"] = enityHistoryRecord.Timestamp - enityHistoryRecordMap["iam_id"] = enityHistoryRecord.IamID - enityHistoryRecordMap["iam_id_account"] = enityHistoryRecord.IamIDAccount - enityHistoryRecordMap["action"] = enityHistoryRecord.Action - enityHistoryRecordMap["params"] = enityHistoryRecord.Params - enityHistoryRecordMap["message"] = enityHistoryRecord.Message - - return enityHistoryRecordMap -} - func resourceIBMIamTrustedProfileUpdate(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { iamIdentityClient, err := meta.(conns.ClientSession).IAMIdentityV1API() if err != nil { - return diag.FromErr(err) + tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "update", "initialize-client") + log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage()) + return tfErr.GetDiag() } updateProfileOptions := &iamidentityv1.UpdateProfileOptions{} updateProfileOptions.SetIfMatch("*") updateProfileOptions.SetProfileID(d.Id()) - updateProfileOptions.SetName(d.Get("name").(string)) + if _, ok := d.GetOk("name"); ok { + updateProfileOptions.SetName(d.Get("name").(string)) + } if _, ok := d.GetOk("description"); ok { updateProfileOptions.SetDescription(d.Get("description").(string)) } - _, response, err := iamIdentityClient.UpdateProfile(updateProfileOptions) + _, _, err = iamIdentityClient.UpdateProfileWithContext(context, updateProfileOptions) if err != nil { - log.Printf("[DEBUG] UpdateProfile failed %s\n%s", err, response) - return diag.FromErr(fmt.Errorf("UpdateProfile failed %s\n%s", err, response)) + tfErr := flex.TerraformErrorf(err, fmt.Sprintf("UpdateProfileWithContext failed: %s", err.Error()), "ibm_iam_trusted_profile", "update") + log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage()) + return tfErr.GetDiag() } return resourceIBMIamTrustedProfileRead(context, d, meta) @@ -320,20 +313,34 @@ func resourceIBMIamTrustedProfileUpdate(context context.Context, d *schema.Resou func resourceIBMIamTrustedProfileDelete(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { iamIdentityClient, err := meta.(conns.ClientSession).IAMIdentityV1API() if err != nil { - return diag.FromErr(err) + tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_iam_trusted_profile", "delete", "initialize-client") + log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage()) + return tfErr.GetDiag() } deleteProfileOptions := &iamidentityv1.DeleteProfileOptions{} deleteProfileOptions.SetProfileID(d.Id()) - response, err := iamIdentityClient.DeleteProfile(deleteProfileOptions) + _, err = iamIdentityClient.DeleteProfileWithContext(context, deleteProfileOptions) if err != nil { - log.Printf("[DEBUG] DeleteProfile failed %s\n%s", err, response) - return diag.FromErr(fmt.Errorf("DeleteProfile failed %s\n%s", err, response)) + tfErr := flex.TerraformErrorf(err, fmt.Sprintf("DeleteProfileWithContext failed: %s", err.Error()), "ibm_iam_trusted_profile", "delete") + log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage()) + return tfErr.GetDiag() } d.SetId("") return nil } + +func ResourceIBMIamTrustedProfileEnityHistoryRecordToMap(model *iamidentityv1.EnityHistoryRecord) (map[string]interface{}, error) { + modelMap := make(map[string]interface{}) + modelMap["timestamp"] = *model.Timestamp + modelMap["iam_id"] = *model.IamID + modelMap["iam_id_account"] = *model.IamIDAccount + modelMap["action"] = *model.Action + modelMap["params"] = model.Params + modelMap["message"] = *model.Message + return modelMap, nil +} diff --git a/ibm/service/iamidentity/resource_ibm_iam_trusted_profile_test.go b/ibm/service/iamidentity/resource_ibm_iam_trusted_profile_test.go index 958eca3992..6f6eed8754 100644 --- a/ibm/service/iamidentity/resource_ibm_iam_trusted_profile_test.go +++ b/ibm/service/iamidentity/resource_ibm_iam_trusted_profile_test.go @@ -1,4 +1,4 @@ -// Copyright IBM Corp. 2021 All Rights Reserved. +// Copyright IBM Corp. 2025 All Rights Reserved. // Licensed under the Mozilla Public License v2.0 package iamidentity_test @@ -7,17 +7,19 @@ import ( "fmt" "testing" - acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" - "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/service/iamidentity" + "github.com/IBM/go-sdk-core/v5/core" "github.com/IBM/platform-services-go-sdk/iamidentityv1" + "github.com/stretchr/testify/assert" ) -func TestAccIBMIAMTrustedProfileBasic(t *testing.T) { +func TestAccIBMIamTrustedProfileBasic(t *testing.T) { var conf iamidentityv1.TrustedProfile name := fmt.Sprintf("tf_name_%d", acctest.RandIntRange(10, 100)) nameUpdate := fmt.Sprintf("tf_name_%d", acctest.RandIntRange(10, 100)) @@ -27,24 +29,24 @@ func TestAccIBMIAMTrustedProfileBasic(t *testing.T) { Providers: acc.TestAccProviders, CheckDestroy: testAccCheckIBMIamTrustedProfileDestroy, Steps: []resource.TestStep{ - { + resource.TestStep{ Config: testAccCheckIBMIamTrustedProfileConfigBasic(name), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckIBMIamTrustedProfileExists("ibm_iam_trusted_profile.iam_trusted_profile", conf), - resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile", "name", name), + testAccCheckIBMIamTrustedProfileExists("ibm_iam_trusted_profile.iam_trusted_profile_instance", conf), + resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile_instance", "name", name), ), }, - { + resource.TestStep{ Config: testAccCheckIBMIamTrustedProfileConfigBasic(nameUpdate), Check: resource.ComposeAggregateTestCheckFunc( - resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile", "name", nameUpdate), + resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile_instance", "name", nameUpdate), ), }, }, }) } -func TestAccIBMIAMTrustedProfileAllArgs(t *testing.T) { +func TestAccIBMIamTrustedProfileAllArgs(t *testing.T) { var conf iamidentityv1.TrustedProfile name := fmt.Sprintf("tf_name_%d", acctest.RandIntRange(10, 100)) description := fmt.Sprintf("tf_description_%d", acctest.RandIntRange(10, 100)) @@ -56,23 +58,23 @@ func TestAccIBMIAMTrustedProfileAllArgs(t *testing.T) { Providers: acc.TestAccProviders, CheckDestroy: testAccCheckIBMIamTrustedProfileDestroy, Steps: []resource.TestStep{ - { + resource.TestStep{ Config: testAccCheckIBMIamTrustedProfileConfig(name, description), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckIBMIamTrustedProfileExists("ibm_iam_trusted_profile.iam_trusted_profile", conf), - resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile", "name", name), - resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile", "description", description), + testAccCheckIBMIamTrustedProfileExists("ibm_iam_trusted_profile.iam_trusted_profile_instance", conf), + resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile_instance", "name", name), + resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile_instance", "description", description), ), }, - { + resource.TestStep{ Config: testAccCheckIBMIamTrustedProfileConfig(nameUpdate, descriptionUpdate), Check: resource.ComposeAggregateTestCheckFunc( - resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile", "name", nameUpdate), - resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile", "description", descriptionUpdate), + resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile_instance", "name", nameUpdate), + resource.TestCheckResourceAttr("ibm_iam_trusted_profile.iam_trusted_profile_instance", "description", descriptionUpdate), ), }, - { - ResourceName: "ibm_iam_trusted_profile.iam_trusted_profile", + resource.TestStep{ + ResourceName: "ibm_iam_trusted_profile.iam_trusted_profile_instance", ImportState: true, ImportStateVerify: true, }, @@ -82,8 +84,7 @@ func TestAccIBMIAMTrustedProfileAllArgs(t *testing.T) { func testAccCheckIBMIamTrustedProfileConfigBasic(name string) string { return fmt.Sprintf(` - - resource "ibm_iam_trusted_profile" "iam_trusted_profile" { + resource "ibm_iam_trusted_profile" "iam_trusted_profile_instance" { name = "%s" } `, name) @@ -92,9 +93,12 @@ func testAccCheckIBMIamTrustedProfileConfigBasic(name string) string { func testAccCheckIBMIamTrustedProfileConfig(name string, description string) string { return fmt.Sprintf(` - resource "ibm_iam_trusted_profile" "iam_trusted_profile" { + resource "ibm_iam_trusted_profile" "iam_trusted_profile_instance" { name = "%s" description = "%s" + lifecycle { + ignore_changes = [history] + } } `, name, description) } @@ -146,9 +150,35 @@ func testAccCheckIBMIamTrustedProfileDestroy(s *terraform.State) error { if err == nil { return fmt.Errorf("iam_trusted_profile still exists: %s", rs.Primary.ID) } else if response.StatusCode != 404 { - return fmt.Errorf("[ERROR] Error checking for iam_trusted_profile (%s) has been destroyed: %s", rs.Primary.ID, err) + return fmt.Errorf("Error checking for iam_trusted_profile (%s) has been destroyed: %s", rs.Primary.ID, err) } } return nil } + +func TestResourceIBMIamTrustedProfileEnityHistoryRecordToMap(t *testing.T) { + checkResult := func(result map[string]interface{}) { + model := make(map[string]interface{}) + model["timestamp"] = "testString" + model["iam_id"] = "testString" + model["iam_id_account"] = "testString" + model["action"] = "testString" + model["params"] = []string{"testString"} + model["message"] = "testString" + + assert.Equal(t, result, model) + } + + model := new(iamidentityv1.EnityHistoryRecord) + model.Timestamp = core.StringPtr("testString") + model.IamID = core.StringPtr("testString") + model.IamIDAccount = core.StringPtr("testString") + model.Action = core.StringPtr("testString") + model.Params = []string{"testString"} + model.Message = core.StringPtr("testString") + + result, err := iamidentity.ResourceIBMIamTrustedProfileEnityHistoryRecordToMap(model) + assert.Nil(t, err) + checkResult(result) +} diff --git a/website/docs/r/iam_trusted_profile.html.markdown b/website/docs/r/iam_trusted_profile.html.markdown index 30d64d198b..debe2933e5 100644 --- a/website/docs/r/iam_trusted_profile.html.markdown +++ b/website/docs/r/iam_trusted_profile.html.markdown @@ -3,56 +3,58 @@ layout: "ibm" page_title: "IBM : ibm_iam_trusted_profile" description: |- Manages iam_trusted_profile. -subcategory: "Identity & Access Management (IAM)" +subcategory: "IAM Identity Services" --- # ibm_iam_trusted_profile -Provides a resource for iam_trusted_profile. This allows iam_trusted_profile to be created, updated and deleted. +Create, update, and delete iam_trusted_profiles with this resource. -## Example usage +## Example Usage -```terraform -resource "ibm_iam_trusted_profile" "iam_trusted_profile" { +```hcl +resource "ibm_iam_trusted_profile" "iam_trusted_profile_instance" { name = "name" } ``` -## Argument reference +## Argument Reference -Review the argument reference that you can specify for your resource. +You can specify the following arguments for this resource. -* `description` - (Optional, String) The optional description of the trusted profile. The 'description' property is only available if a description was provided during creation of trusted profile. +* `description` - (Optional, String) The optional description of the trusted profile. The 'description' property is only available if a description was provided during a create of a trusted profile. * `name` - (Required, String) Name of the trusted profile. The name is checked for uniqueness. Therefore trusted profiles with the same names can not exist in the same account. -## Attribute reference +## Attribute Reference -In addition to all argument references listed, you can access the following attribute references after your resource is created. +After your resource is created, you can read values from the listed arguments and the following attributes. -* `account_id` - (String) The account ID of the trusted profile. * `id` - The unique identifier of the iam_trusted_profile. -* `created_at` - (Optional, String) If set contains a date time string of the creation date in ISO format. -* `crn` - (Required, String) The Cloud Resource Name of the item. For example: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'. -* `entity_tag` - (Required, String) Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates. -* `history` - (Optional, List) History of the trusted profile. -Nested scheme for **history**: - * `timestamp` - (Required, String) Timestamp when the action was triggered. - * `iam_id` - (Required, String) IAM ID of the identity which triggered the action. - * `iam_id_account` - (Required, String) Account of the identity which triggered the action. - * `action` - (Required, String) Action of the history entry. - * `params` - (Required, List) Params of the history entry. - * `message` - (Required, String) Message which summarizes the executed action. -* `iam_id` - (Required, String) The iam_id of this trusted profile. -* `id` - (Required, String) the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'. -* `ims_account_id` - (Optional, Integer) IMS acount ID of the trusted profile. -* `ims_user_id` - (Optional, Integer) IMS user ID of the trusted profile. -* `modified_at` - (Optional, String) If set contains a date time string of the last modification date in ISO format. +* `assignment_id` - (String) ID of the assignment that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account. +* `created_at` - (String) If set contains a date time string of the creation date in ISO format. +* `crn` - (String) Cloud Resource Name of the item. Example Cloud Resource Name: 'crn:v1:bluemix:public:iam-identity:us-south:a/myaccount::profile:Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'. +* `entity_tag` - (String) Version of the trusted profile details object. You need to specify this value when updating the trusted profile to avoid stale updates. +* `history` - (List) History of the trusted profile. +Nested schema for **history**: + * `action` - (String) Action of the history entry. + * `iam_id` - (String) IAM ID of the identity which triggered the action. + * `iam_id_account` - (String) Account of the identity which triggered the action. + * `message` - (String) Message which summarizes the executed action. + * `params` - (List) Params of the history entry. + * `timestamp` - (String) Timestamp when the action was triggered. +* `iam_id` - (String) The iam_id of this trusted profile. +* `id` - (String) the unique identifier of the trusted profile. Example:'Profile-94497d0d-2ac3-41bf-a993-a49d1b14627c'. +* `ims_account_id` - (Integer) IMS acount ID of the trusted profile. +* `ims_user_id` - (Integer) IMS user ID of the trusted profile. +* `modified_at` - (String) If set contains a date time string of the last modification date in ISO format. +* `template_id` - (String) ID of the IAM template that was used to create an enterprise-managed trusted profile in your account. When returned, this indicates that the trusted profile is created from and managed by a template in the root enterprise account. + ## Import You can import the `ibm_iam_trusted_profile` resource by using `profile_id`. ID of the account that this trusted profile belong to. # Syntax -``` -$ terraform import ibm_iam_trusted_profile.iam_trusted_profiles -``` +
+$ terraform import ibm_iam_trusted_profile.iam_trusted_profile <account_id>
+