diff --git a/docs/resources/group_eligible_assignment.md b/docs/resources/group_eligible_assignment.md index 98f782a..7c2f2ce 100644 --- a/docs/resources/group_eligible_assignment.md +++ b/docs/resources/group_eligible_assignment.md @@ -37,6 +37,7 @@ The resource does not support all the available configuration options for PIM El ### Read-Only -- `id` (String) The ID of the resource is the targetScheduleId value. +- `eligible_assignment_id` (String) The ID of the eligibility schedule request. +- `id` (String) The ID of the resource is the '{scope}|{principal_id}' value. - `start_date_time` (String) - `status` (String) diff --git a/examples/resources/group_eligible_assignment/.terraform.lock.hcl b/examples/resources/group_eligible_assignment/.terraform.lock.hcl deleted file mode 100644 index 94a951d..0000000 --- a/examples/resources/group_eligible_assignment/.terraform.lock.hcl +++ /dev/null @@ -1,22 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/time" { - version = "0.10.0" - constraints = "0.10.0" - hashes = [ - "h1:NAl8eupFAZXCAbE5uiHZTz+Yqler55B3fMG+jNPrjjM=", - "zh:0ab31efe760cc86c9eef9e8eb070ae9e15c52c617243bbd9041632d44ea70781", - "zh:0ee4e906e28f23c598632eeac297ab098d6d6a90629d15516814ab90ad42aec8", - "zh:3bbb3e9da728b82428c6f18533b5b7c014e8ff1b8d9b2587107c966b985e5bcc", - "zh:6771c72db4e4486f2c2603c81dfddd9e28b6554d1ded2996b4cb37f887b467de", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:833c636d86c2c8f23296a7da5d492bdfd7260e22899fc8af8cc3937eb41a7391", - "zh:c545f1497ae0978ffc979645e594b57ff06c30b4144486f4f362d686366e2e42", - "zh:def83c6a85db611b8f1d996d32869f59397c23b8b78e39a978c8a2296b0588b2", - "zh:df9579b72cc8e5fac6efee20c7d0a8b72d3d859b50828b1c473d620ab939e2c7", - "zh:e281a8ecbb33c185e2d0976dc526c93b7359e3ffdc8130df7422863f4952c00e", - "zh:ecb1af3ae67ac7933b5630606672c94ec1f54b119bf77d3091f16d55ab634461", - "zh:f8109f13e07a741e1e8a52134f84583f97a819e33600be44623a21f6424d6593", - ] -} diff --git a/examples/resources/group_eligible_assignment/import.sh b/examples/resources/group_eligible_assignment/import.sh new file mode 100644 index 0000000..5899c27 --- /dev/null +++ b/examples/resources/group_eligible_assignment/import.sh @@ -0,0 +1,2 @@ +# The resource can be imported using the scope and principal: `{scope}||{principal_id}`. +terraform import azurepim_group_eligible_assignment.example "00000000-0000-0000-0000-000000000000|00000000-0000-0000-0000-000000000000" diff --git a/examples/resources/group_eligible_assignment/main.tf b/examples/resources/group_eligible_assignment/main.tf deleted file mode 100644 index ae1eb0f..0000000 --- a/examples/resources/group_eligible_assignment/main.tf +++ /dev/null @@ -1,16 +0,0 @@ -terraform { - required_providers { - azurepim = { - source = "telenornorway/azurepim" - } - } -} - -provider "azurepim" {} - -resource "azurepim_group_eligible_assignment" "example" { - role = "member" - scope = "6313f603-4f44-437b-a074-82d99cd5bed3" - justification = "because i can" - principal_id = "03df64c6-450c-4047-a9bc-1819006f1b51" -} diff --git a/examples/resources/group_eligible_assignment/resource.tf b/examples/resources/group_eligible_assignment/resource.tf new file mode 100644 index 0000000..2fd0e54 --- /dev/null +++ b/examples/resources/group_eligible_assignment/resource.tf @@ -0,0 +1,34 @@ +terraform { + required_providers { + azurepim = { + source = "telenornorway/azurepim" + } + azuread = { + source = "hashicorp/azuread" + version = "2.48.0" + } + } +} + +provider "azurepim" {} + +data "azuread_client_config" "current" {} + +resource "azuread_group" "main" { + display_name = "p-grp-1" + owners = [data.azuread_client_config.current.object_id] + security_enabled = true +} + +resource "azuread_group" "pag" { + display_name = "p-pag-1" + owners = [data.azuread_client_config.current.object_id] + security_enabled = true +} + +resource "azurepim_group_eligible_assignment" "main" { + role = "member" + scope = azuread_group.pag.object_id + justification = "this is a test" + principal_id = azuread_group.main.object_id +} diff --git a/go.mod b/go.mod index 3f390b5..8e9a086 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,8 @@ module github.com/TelenorNorway/terraform-provider-azurepim -go 1.20 +go 1.21 + +toolchain go1.22.2 require ( github.com/hashicorp/terraform-plugin-docs v0.18.0 diff --git a/go.sum b/go.sum index d314785..0c2efed 100644 --- a/go.sum +++ b/go.sum @@ -1,4 +1,5 @@ dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= +dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 h1:E+OJmp2tPvt1W+amx48v1eqbjDYsgN+RzP4q16yV5eM= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1/go.mod h1:a6xsAQUZg+VsS3TJ05SRp524Hs4pZ/AeFSr5ENf0Yjo= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ= @@ -16,6 +17,7 @@ github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYr github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= +github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= github.com/ProtonMail/go-crypto v1.1.0-alpha.0 h1:nHGfwXmFvJrSR9xu8qL7BkO4DqTHXE9N5vPhgY2I+j0= github.com/ProtonMail/go-crypto v1.1.0-alpha.0/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE= github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE= @@ -28,32 +30,42 @@ github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgI github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= +github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= github.com/cjlapao/common-go v0.0.39 h1:bAAUrj2B9v0kMzbAOhzjSmiyDy+rd56r2sy7oEiQLlA= github.com/cjlapao/common-go v0.0.39/go.mod h1:M3dzazLjTjEtZJbbxoA5ZDiGCiHmpwqW9l4UWaddwOA= github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= +github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= +github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= +github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= +github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= github.com/go-git/go-billy/v5 v5.5.0 h1:yEY4yhzCDuMGSv83oGxiBotRzhwhNr8VZyphhiu+mTU= +github.com/go-git/go-billy/v5 v5.5.0/go.mod h1:hmexnoNsr2SJU1Ju67OaNz5ASJY3+sHgFRpCtpDCKow= github.com/go-git/go-git/v5 v5.11.0 h1:XIZc1p+8YzypNr34itUfSvYJcv+eYdTnTvOZ2vD3cA4= +github.com/go-git/go-git/v5 v5.11.0/go.mod h1:6GFcX2P3NM7FPBfpePbpLd21XxsgdAt+lKqXmCUiUCY= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= +github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw= github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= @@ -126,13 +138,18 @@ github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/imdario/mergo v0.3.15 h1:M8XP7IuFNsqUx6VPK2P9OSmsYsI/YFaGil0uD21V3dM= github.com/imdario/mergo v0.3.15/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= +github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= +github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= +github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= @@ -179,6 +196,7 @@ github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4= +github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -186,13 +204,16 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/posener/complete v1.2.3 h1:NP0eAhjcjImqslEwo/1hq7gpajME0fTLTezBKDqfXqo= github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww= github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= +github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/skeema/knownhosts v1.2.1 h1:SHWdIUa82uGZz+F+47k8SY4QhhI291cXCpopT1lK2AQ= +github.com/skeema/knownhosts v1.2.1/go.mod h1:xYbVRSPxqBZFrdmDyMmsOs+uX1UZC3nTN3ThzgDxUwo= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= @@ -213,6 +234,7 @@ github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21 github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= +github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yuin/goldmark v1.6.0 h1:boZcn2GTjpsynOsC0iJHnBWa4Bi0qzfJjthwauItG68= github.com/yuin/goldmark v1.6.0/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= @@ -247,6 +269,7 @@ golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -296,6 +319,7 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= +gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= diff --git a/internal/provider/group_eligible_assignment_resource.go b/internal/provider/group_eligible_assignment_resource.go index 6524c32..c8915fe 100644 --- a/internal/provider/group_eligible_assignment_resource.go +++ b/internal/provider/group_eligible_assignment_resource.go @@ -10,6 +10,7 @@ import ( "fmt" "io" "net/http" + "strings" "time" azcorepolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" @@ -24,6 +25,7 @@ import ( "github.com/hashicorp/terraform-plugin-framework/types" "github.com/hashicorp/terraform-plugin-log/tflog" msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go" + "github.com/microsoftgraph/msgraph-beta-sdk-go/identitygovernance" graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models" graphpolicies "github.com/microsoftgraph/msgraph-beta-sdk-go/policies" ) @@ -43,13 +45,14 @@ type GroupEligibleAssignment struct { // GroupEligibleAssignmentModel describes the resource data model. type GroupEligibleAssignmentModel struct { - Id types.String `tfsdk:"id"` - Role types.String `tfsdk:"role"` - Scope types.String `tfsdk:"scope"` - Justification types.String `tfsdk:"justification"` - PrincipalID types.String `tfsdk:"principal_id"` - Status types.String `tfsdk:"status"` - StartDateTime types.String `tfsdk:"start_date_time"` + Id types.String `tfsdk:"id"` + Role types.String `tfsdk:"role"` + Scope types.String `tfsdk:"scope"` + Justification types.String `tfsdk:"justification"` + PrincipalID types.String `tfsdk:"principal_id"` + Status types.String `tfsdk:"status"` + StartDateTime types.String `tfsdk:"start_date_time"` + EligibleAssignmentID types.String `tfsdk:"eligible_assignment_id"` } func (r *GroupEligibleAssignment) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { @@ -72,7 +75,7 @@ The resource does not support all the available configuration options for PIM El Attributes: map[string]schema.Attribute{ "id": schema.StringAttribute{ Computed: true, - MarkdownDescription: "The ID of the resource is the targetScheduleId value.", + MarkdownDescription: "The ID of the resource is the '{scope}|{principal_id}' value.", PlanModifiers: []planmodifier.String{ stringplanmodifier.UseStateForUnknown(), }, @@ -114,6 +117,10 @@ The resource does not support all the available configuration options for PIM El "start_date_time": schema.StringAttribute{ Computed: true, }, + "eligible_assignment_id": schema.StringAttribute{ + Computed: true, + MarkdownDescription: "The ID of the eligibility schedule request.", + }, }, } } @@ -174,7 +181,7 @@ func (r *GroupEligibleAssignment) Create(ctx context.Context, req resource.Creat return } - data.Id = types.StringValue(*eligibilityScheduleRequests.GetId()) + data.Id = types.StringValue(fmt.Sprintf("%s|%s", *eligibilityScheduleRequests.GetGroupId(), *eligibilityScheduleRequests.GetPrincipalId())) status := eligibilityScheduleRequests.GetStatus() if status == nil { @@ -192,6 +199,7 @@ func (r *GroupEligibleAssignment) Create(ctx context.Context, req resource.Creat data.Role = types.StringValue(role) data.Scope = types.StringValue(*eligibilityScheduleRequests.GetGroupId()) data.StartDateTime = types.StringValue(eligibilityScheduleRequests.GetScheduleInfo().GetStartDateTime().Format(time.RFC3339)) + data.EligibleAssignmentID = types.StringValue(*eligibilityScheduleRequests.GetId()) tflog.Trace(ctx, "created a resource") @@ -317,32 +325,59 @@ func (r *GroupEligibleAssignment) Read(ctx context.Context, req resource.ReadReq return } + idSplit := strings.Split(data.Id.ValueString(), "|") + if len(idSplit) != 2 { + resp.Diagnostics.AddError("Invalid ID", "ID must be in the format '{scope}|{principal_id}'") + return + } + + scope, principalID := idSplit[0], idSplit[1] + filter := toPtr(fmt.Sprintf("groupId eq '%s' and principalId eq '%s'", scope, principalID)) groupEligibleResp, err := r.graphClient. IdentityGovernance(). PrivilegedAccess(). Group(). EligibilityScheduleRequests(). - ByPrivilegedAccessGroupEligibilityScheduleRequestId(data.Id.ValueString()). - Get(ctx, nil) + Get(ctx, &identitygovernance.PrivilegedAccessGroupEligibilityScheduleRequestsRequestBuilderGetRequestConfiguration{ + QueryParameters: &identitygovernance.PrivilegedAccessGroupEligibilityScheduleRequestsRequestBuilderGetQueryParameters{ + Filter: filter, + }, + }) if err != nil { - resp.Diagnostics.AddError("Client call failed", "Unable to get eligibility schedule requests: "+err.Error()) + resp.Diagnostics.AddError("Client call failed", fmt.Sprintf("Unable to get eligibility schedule requests with filter '%s': %s", *filter, err.Error())) return } - data.Id = types.StringValue(*groupEligibleResp.GetId()) - data.Justification = types.StringValue(*groupEligibleResp.GetJustification()) - data.Status = types.StringValue(*groupEligibleResp.GetStatus()) - data.PrincipalID = types.StringValue(*groupEligibleResp.GetPrincipalId()) + groupEligibles := groupEligibleResp.GetValue() + var groupEligibleProvisioned []graphmodels.PrivilegedAccessGroupEligibilityScheduleRequestable + for _, groupEligible := range groupEligibles { + // The list can return multiple results, but we can remove old assignments which might have status like "Revoked". + if *groupEligible.GetStatus() == "Provisioned" { + groupEligibleProvisioned = append(groupEligibleProvisioned, groupEligible) + } + } + + if len(groupEligibleProvisioned) != 1 { + resp.Diagnostics.AddError("Client call failed", fmt.Sprintf("Got %d results, want 1", len(groupEligibles))) + return + } + + groupEligible := groupEligibleProvisioned[0] + + data.EligibleAssignmentID = types.StringValue(*groupEligible.GetId()) + data.Justification = types.StringValue(*groupEligible.GetJustification()) + data.Status = types.StringValue(*groupEligible.GetStatus()) + data.PrincipalID = types.StringValue(*groupEligible.GetPrincipalId()) - role, err := convertAccessIdToRole(*groupEligibleResp.GetAccessId()) + role, err := convertAccessIdToRole(*groupEligible.GetAccessId()) if err != nil { resp.Diagnostics.AddError("Conversion failed", "Unable to convert access ID to role: "+err.Error()) return } data.Role = types.StringValue(role) - data.Scope = types.StringValue(*groupEligibleResp.GetGroupId()) - data.StartDateTime = types.StringValue(groupEligibleResp.GetScheduleInfo().GetStartDateTime().Format(time.RFC3339)) + data.Scope = types.StringValue(*groupEligible.GetGroupId()) + data.StartDateTime = types.StringValue(groupEligible.GetScheduleInfo().GetStartDateTime().Format(time.RFC3339)) // Save updated data into Terraform state resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) @@ -381,7 +416,7 @@ func (r *GroupEligibleAssignment) Delete(ctx context.Context, req resource.Delet } requestBody.SetAction(toPtr(graphmodels.ADMINREMOVE_SCHEDULEREQUESTACTIONS)) - requestBody.SetId(toPtr(data.Id.ValueString())) + requestBody.SetId(toPtr(data.EligibleAssignmentID.ValueString())) _, err = r.graphClient. IdentityGovernance(). diff --git a/internal/provider/group_eligible_assignment_resource_test.go b/internal/provider/group_eligible_assignment_resource_test.go index ff4e7a3..df65e5e 100644 --- a/internal/provider/group_eligible_assignment_resource_test.go +++ b/internal/provider/group_eligible_assignment_resource_test.go @@ -24,6 +24,12 @@ func TestAccGroupEligibleAssignmentResource(t *testing.T) { resource.TestCheckResourceAttr("azurepim_group_eligible_assignment.test", "role", "member"), ), }, + // ImportState testing + { + ResourceName: "azurepim_group_eligible_assignment.test", + ImportState: true, + ImportStateVerify: true, + }, }, }) }