-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: new lacework_team_member resource (#245)
***Issue***: https://lacework.atlassian.net/browse/ALLY-737 ***User Story*** As a Lacework and Terraform multi-cloud user, I want to manage my team members as code, So I can increase productivity, enhance developer experience, improve stability, higher reliability, consistency and standardization, and stronger security guarantees. ***Description:*** Add new Terraform resource to manage team members. For standalone accounts: ```hcl provider "lacework" {} resource "lacework_team_member" "example" { email = var.email first_name = var.first_name last_name = var.last_name company = "Marvel Comics" administrator = var.administrator } ``` For organizational accounts: ```hcl provider "lacework" { organization = true } resource "lacework_team_member" "example" { email = var.email first_name = var.first_name last_name = var.last_name company = "Pokemon International Company" organization { admin_accounts = var.admin_accounts user_accounts = var.user_accounts } } ```
- Loading branch information
Showing
831 changed files
with
13,142 additions
and
209,132 deletions.
There are no files selected for viewing
48 changes: 48 additions & 0 deletions
48
examples/resource_lacework_team_member_organization/main.tf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
terraform { | ||
required_providers { | ||
lacework = { | ||
source = "lacework/lacework" | ||
} | ||
} | ||
} | ||
|
||
provider "lacework" { | ||
organization = true | ||
} | ||
|
||
resource "lacework_team_member" "example" { | ||
email = var.email | ||
first_name = var.first_name | ||
last_name = var.last_name | ||
company = "Pokemon International Company" | ||
|
||
organization { | ||
admin_accounts = var.admin_accounts | ||
user_accounts = var.user_accounts | ||
} | ||
} | ||
|
||
variable "email" { | ||
type = string | ||
default = "vatasha.white+1@lacework.net" | ||
} | ||
|
||
variable "first_name" { | ||
type = string | ||
default = "Vatasha" | ||
} | ||
|
||
variable "last_name" { | ||
type = string | ||
default = "White" | ||
} | ||
|
||
variable "admin_accounts" { | ||
type = list(string) | ||
default = [] | ||
} | ||
|
||
variable "user_accounts" { | ||
type = list(string) | ||
default = ["YOUR-ACCOUNT"] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
terraform { | ||
required_providers { | ||
lacework = { | ||
source = "lacework/lacework" | ||
} | ||
} | ||
} | ||
|
||
provider "lacework" {} | ||
|
||
resource "lacework_team_member" "example" { | ||
email = var.email | ||
first_name = var.first_name | ||
last_name = var.last_name | ||
company = "Marvel Comics" | ||
administrator = var.administrator | ||
} | ||
|
||
variable "email" { | ||
type = string | ||
default = "vatasha.white+2@lacework.net" | ||
} | ||
|
||
variable "first_name" { | ||
type = string | ||
default = "Shuri" | ||
} | ||
|
||
variable "last_name" { | ||
type = string | ||
default = "White" | ||
} | ||
|
||
variable "administrator" { | ||
type = bool | ||
default = false | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
package integration | ||
|
||
import ( | ||
"fmt" | ||
"os" | ||
"testing" | ||
"time" | ||
|
||
"github.com/gruntwork-io/terratest/modules/terraform" | ||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
// TestTeamMemberStandalone applies integration terraform: | ||
// => '../examples/resource_lacework_team_member_standalone' | ||
// | ||
// It uses the go-sdk to verify the created team member, | ||
// applies an update with new description and destroys it | ||
func TestTeamMemberStandalone(t *testing.T) { | ||
email := fmt.Sprintf("vatasha.white+%d@lacework.net", time.Now().Unix()) | ||
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ | ||
TerraformDir: "../examples/resource_lacework_team_member_standalone", | ||
Vars: map[string]interface{}{"email": email}, | ||
}) | ||
defer terraform.Destroy(t, terraformOptions) | ||
|
||
// Create new Standalone Team Member | ||
create := terraform.InitAndApplyAndIdempotent(t, terraformOptions) | ||
tm := GetTeamMember(create) | ||
assert.Equal(t, email, tm.UserName) | ||
assert.Equal(t, "Marvel Comics", tm.Props.Company) | ||
assert.Equal(t, "Shuri", tm.Props.FirstName) | ||
assert.Equal(t, "White", tm.Props.LastName) | ||
assert.False(t, tm.Props.AccountAdmin) | ||
|
||
// Update Standalone Team Member | ||
terraformOptions.Vars["first_name"] = "Vatasha" | ||
terraformOptions.Vars["administrator"] = true | ||
|
||
update := terraform.ApplyAndIdempotent(t, terraformOptions) | ||
tmUpdate := GetTeamMember(update) | ||
assert.Equal(t, email, tmUpdate.UserName) | ||
assert.Equal(t, "Marvel Comics", tm.Props.Company) | ||
assert.Equal(t, "Vatasha", tmUpdate.Props.FirstName) | ||
assert.Equal(t, "White", tmUpdate.Props.LastName) | ||
assert.True(t, tmUpdate.Props.AccountAdmin) | ||
|
||
} | ||
|
||
// TestTeamMemberOrg applies integration terraform: | ||
// => '../examples/resource_lacework_team_member_organization' | ||
// | ||
// It uses the go-sdk to verify the created team member, | ||
// applies an update with new description and destroys it | ||
func TestTeamMemberOrg(t *testing.T) { | ||
if os.Getenv("CI_STANDALONE_ACCOUNT") != "" { | ||
t.Skip("skipping organizational account test") | ||
} | ||
|
||
email := fmt.Sprintf("vatasha.white+%d@lacework.net", time.Now().Unix()) | ||
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ | ||
TerraformDir: "../examples/resource_lacework_team_member_organization", | ||
Vars: map[string]interface{}{ | ||
"email": email, | ||
"user_accounts": []string{os.Getenv("LW_ACCOUNT")}, | ||
}, | ||
}) | ||
defer terraform.Destroy(t, terraformOptions) | ||
|
||
// Create new Org Team Member | ||
create := terraform.InitAndApply(t, terraformOptions) | ||
tm := GetOrgTeamMember(create) | ||
assert.Equal(t, email, tm.UserName) | ||
assert.Equal(t, "Pokemon International Company", tm.Props.Company) | ||
assert.Equal(t, "Vatasha", tm.Props.FirstName) | ||
assert.Equal(t, "White", tm.Props.LastName) | ||
|
||
// The second apply should be idempotent. Why? | ||
// Because the APIs doesn't return some fields | ||
terraform.ApplyAndIdempotent(t, terraformOptions) | ||
|
||
// Update Org Team Member | ||
terraformOptions.Vars["first_name"] = "Shuri" | ||
terraformOptions.Vars["user_accounts"] = []string{} | ||
terraformOptions.Vars["admin_accounts"] = []string{os.Getenv("LW_ACCOUNT")} | ||
|
||
update := terraform.ApplyAndIdempotent(t, terraformOptions) | ||
tmUpdate := GetOrgTeamMember(update) | ||
assert.Equal(t, email, tmUpdate.UserName) | ||
assert.Equal(t, "Pokemon International Company", tm.Props.Company) | ||
assert.Equal(t, "Shuri", tmUpdate.Props.FirstName) | ||
assert.Equal(t, "White", tmUpdate.Props.LastName) | ||
// TODO check with search for list of admin accounts | ||
} |
Oops, something went wrong.