diff --git a/go.mod b/go.mod index 516f6ef92b..9ad5041d61 100644 --- a/go.mod +++ b/go.mod @@ -22,8 +22,8 @@ require ( github.com/IBM/go-sdk-core v1.1.0 github.com/IBM/go-sdk-core/v3 v3.2.4 github.com/IBM/go-sdk-core/v5 v5.18.1 - github.com/IBM/ibm-cos-sdk-go v1.10.3 - github.com/IBM/ibm-cos-sdk-go-config/v2 v2.1.0 + github.com/IBM/ibm-cos-sdk-go v1.12.0 + github.com/IBM/ibm-cos-sdk-go-config/v2 v2.2.0 github.com/IBM/ibm-hpcs-tke-sdk v0.0.0-20211109141421-a4b61b05f7d1 github.com/IBM/ibm-hpcs-uko-sdk v0.0.20-beta github.com/IBM/keyprotect-go-client v0.15.1 @@ -62,8 +62,8 @@ require ( github.com/pkg/errors v0.9.1 github.com/rook/rook v1.11.4 github.com/softlayer/softlayer-go v1.0.3 - github.com/stretchr/testify v1.9.0 - golang.org/x/crypto v0.28.0 + github.com/stretchr/testify v1.10.0 + golang.org/x/crypto v0.29.0 gopkg.in/yaml.v3 v3.0.1 gotest.tools v2.2.0+incompatible k8s.io/api v0.26.3 @@ -216,12 +216,12 @@ require ( go.opentelemetry.io/otel v1.14.0 // indirect go.opentelemetry.io/otel/trace v1.14.0 // indirect go.uber.org/ratelimit v0.2.0 // indirect - golang.org/x/mod v0.21.0 // indirect - golang.org/x/net v0.30.0 // indirect + golang.org/x/mod v0.19.0 // indirect + golang.org/x/net v0.31.0 // indirect golang.org/x/oauth2 v0.7.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/term v0.25.0 // indirect - golang.org/x/text v0.19.0 // indirect + golang.org/x/sys v0.27.0 // indirect + golang.org/x/term v0.26.0 // indirect + golang.org/x/text v0.20.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.26.0 // indirect golang.org/x/tools/cmd/cover v0.1.0-deprecated // indirect diff --git a/go.sum b/go.sum index db75896c2e..84c21800f4 100644 --- a/go.sum +++ b/go.sum @@ -159,10 +159,10 @@ github.com/IBM/go-sdk-core/v5 v5.10.2/go.mod h1:WZPFasUzsKab/2mzt29xPcfruSk5js2y github.com/IBM/go-sdk-core/v5 v5.17.4/go.mod h1:KsAAI7eStAWwQa4F96MLy+whYSh39JzNjklZRbN/8ns= github.com/IBM/go-sdk-core/v5 v5.18.1 h1:wdftQO8xejECTWTKF3FGXyW0McKxxDAopH7MKwA187c= github.com/IBM/go-sdk-core/v5 v5.18.1/go.mod h1:3ywpylZ41WhWPusqtpJZWopYlt2brebcphV7mA2JncU= -github.com/IBM/ibm-cos-sdk-go v1.10.3 h1:YfZSLqMiCrqDPbr3r+amY2sicIXlrd+3L5pok6QRXIQ= -github.com/IBM/ibm-cos-sdk-go v1.10.3/go.mod h1:T9x7pC47DUd5jD/TMFzlvly39P6EdW5wOemA78XEo2g= -github.com/IBM/ibm-cos-sdk-go-config/v2 v2.1.0 h1:U7EmXSfv7jtugRpTpOkPUmgS/xiNKtGfKVH3BGyC1hg= -github.com/IBM/ibm-cos-sdk-go-config/v2 v2.1.0/go.mod h1:vMQ0DKpyoPk1MstfipPBoLfFxl3HWjzG/wH/UVg/xiU= +github.com/IBM/ibm-cos-sdk-go v1.12.0 h1:Wrk3ve4JS3euhl7XjNFd3RlvPT56199G2/rKaPWpRKU= +github.com/IBM/ibm-cos-sdk-go v1.12.0/go.mod h1:v/VBvFuysZMIX9HcaIrz6a+FLVw9px8fq6XabFwD+E4= +github.com/IBM/ibm-cos-sdk-go-config/v2 v2.2.0 h1:H5XSKuOEf+z+506ITq3FSXhFNBaZt7OLpH4OTQGcNXw= +github.com/IBM/ibm-cos-sdk-go-config/v2 v2.2.0/go.mod h1:ci4tI9mIZEtN6cenuVN9RWyNJu8CkWHmYH758K2lVEQ= github.com/IBM/ibm-hpcs-tke-sdk v0.0.0-20211109141421-a4b61b05f7d1 h1:T5UwRKKd+BoaPZ7UIlpJrzXzVTUEs8HcxwQ3pCIbORs= github.com/IBM/ibm-hpcs-tke-sdk v0.0.0-20211109141421-a4b61b05f7d1/go.mod h1:M2JyuyeWHPtgGNeezr6YqVRuaav2MpY8Ha4QrEYvMoI= github.com/IBM/ibm-hpcs-uko-sdk v0.0.20-beta h1:P1fdIfKsD9xvJQ5MHIEztPS9yfNf9x+VDTamaYcmqcs= @@ -1625,8 +1625,9 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/tencentcloud/tencentcloud-sdk-go v3.0.171+incompatible h1:K3fcS92NS8cRntIdu8Uqy2ZSePvX73nNhOkKuPGJLXQ= github.com/tencentcloud/tencentcloud-sdk-go v3.0.171+incompatible/go.mod h1:0PfYow01SHPMhKY31xa+EFz2RStxIqj6JFAJS+IkCi4= @@ -1790,8 +1791,8 @@ golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= -golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= +golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ= +golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1918,8 +1919,8 @@ golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= -golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= +golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= +golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190130055435-99b60b757ec1/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1957,8 +1958,8 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= -golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ= +golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -2070,8 +2071,8 @@ golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s= +golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -2090,8 +2091,8 @@ golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= -golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= -golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= +golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU= +golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -2114,8 +2115,8 @@ golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= -golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug= +golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/ibm/acctest/acctest.go b/ibm/acctest/acctest.go index c851227cfb..3a59f8ee59 100644 --- a/ibm/acctest/acctest.go +++ b/ibm/acctest/acctest.go @@ -36,9 +36,12 @@ var ( CisResourceGroup string CloudShellAccountID string CosCRN string + CosBackupPolicyID string BucketCRN string + BackupVaultName string ActivityTrackerInstanceCRN string MetricsMonitoringCRN string + KmsKeyCrn string BucketName string CosName string Ibmid1 string @@ -576,6 +579,22 @@ func init() { BucketCRN = "" fmt.Println("[WARN] Set the environment variable IBM_COS_Bucket_CRN with a VALID BUCKET CRN for testing ibm_cos_bucket* resources") } + BackupVaultName = os.Getenv("IBM_COS_Backup_Vault") + if BackupVaultName == "" { + BackupVaultName = "" + fmt.Println("[WARN] Set the environment variable IBM_COS_Backup_Vault with a VALID BACKUP VAULT NAME for testing ibm_cos_backup_vault* resources") + } + KmsKeyCrn = os.Getenv("IBM_KMS_KEY_CRN") + if KmsKeyCrn == "" { + KmsKeyCrn = "" + fmt.Println("[WARN] Set the environment variable IBM_KMS_KEY_CRN with a VALID key crn for a KP/HPCS root key") + } + + CosBackupPolicyID = os.Getenv("IBM_COS_Backup_Policy_Id") + if CosBackupPolicyID == "" { + CosBackupPolicyID = "" + fmt.Println("[WARN] Set the environment variable IBM_COS_Backup_Policy_Id with a VALID POLICYS ID for testing ibm_cos_backup_policy* resources") + } ActivityTrackerInstanceCRN = os.Getenv("IBM_COS_ACTIVITY_TRACKER_CRN") if ActivityTrackerInstanceCRN == "" { ActivityTrackerInstanceCRN = "" diff --git a/ibm/provider/provider.go b/ibm/provider/provider.go index 71d6d365a5..8f29477670 100644 --- a/ibm/provider/provider.go +++ b/ibm/provider/provider.go @@ -354,6 +354,8 @@ func Provider() *schema.Provider { "ibm_cr_namespaces": registry.DataIBMContainerRegistryNamespaces(), "ibm_cloud_shell_account_settings": cloudshell.DataSourceIBMCloudShellAccountSettings(), "ibm_cos_bucket": cos.DataSourceIBMCosBucket(), + "ibm_cos_backup_vault": cos.DataSourceIBMCosBackupVault(), + "ibm_cos_backup_policy": cos.DataSourceIBMCosBackupPolicy(), "ibm_cos_bucket_object": cos.DataSourceIBMCosBucketObject(), "ibm_dns_domain_registration": classicinfrastructure.DataSourceIBMDNSDomainRegistration(), "ibm_dns_domain": classicinfrastructure.DataSourceIBMDNSDomain(), @@ -1139,6 +1141,8 @@ func Provider() *schema.Provider { "ibm_cos_bucket_object_lock_configuration": cos.ResourceIBMCOSBucketObjectlock(), "ibm_cos_bucket_website_configuration": cos.ResourceIBMCOSBucketWebsiteConfiguration(), "ibm_cos_bucket_lifecycle_configuration": cos.ResourceIBMCOSBucketLifecycleConfiguration(), + "ibm_cos_backup_vault": cos.ResourceIBMCOSBackupVault(), + "ibm_cos_backup_policy": cos.ResourceIBMCOSBackupPolicy(), "ibm_dns_domain": classicinfrastructure.ResourceIBMDNSDomain(), "ibm_dns_domain_registration_nameservers": classicinfrastructure.ResourceIBMDNSDomainRegistrationNameservers(), "ibm_dns_secondary": classicinfrastructure.ResourceIBMDNSSecondary(), diff --git a/ibm/service/cos/data_source_ibm_cos_backup_policy.go b/ibm/service/cos/data_source_ibm_cos_backup_policy.go new file mode 100644 index 0000000000..480d22d5a8 --- /dev/null +++ b/ibm/service/cos/data_source_ibm_cos_backup_policy.go @@ -0,0 +1,82 @@ +// Copyright IBM Corp. 2017, 2021 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package cos + +import ( + "fmt" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + rc "github.com/IBM/ibm-cos-sdk-go-config/v2/resourceconfigurationv1" + "github.com/IBM/ibm-cos-sdk-go/aws" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func DataSourceIBMCosBackupPolicy() *schema.Resource { + return &schema.Resource{ + Read: dataSourceIBMCosBackupPolicyRead, + + Schema: map[string]*schema.Schema{ + "bucket_name": { + Type: schema.TypeString, + Required: true, + Description: "Name of the source bucket", + }, + "policy_id": { + Type: schema.TypeString, + Required: true, + Description: "Id of the backup policy applied on the source bucket", + }, + "policy_name": { + Type: schema.TypeString, + Computed: true, + Description: "Name of the backup policy to be applied on the source bucket.", + }, + "target_backup_vault_crn": { + Type: schema.TypeString, + Computed: true, + Description: "The CRN for a COS BackupVault.", + }, + "backup_type": { + Type: schema.TypeString, + Computed: true, + Description: "The type of backup to support.", + }, + }, + } +} + +func dataSourceIBMCosBackupPolicyRead(d *schema.ResourceData, meta interface{}) error { + rcClient, err := meta.(conns.ClientSession).CosConfigV1API() + if err != nil { + return err + } + bucketName := d.Get("bucket_name").(string) + policySetID := d.Get("policy_id").(string) + d.Set("policy_id", policySetID) + var policy_name, target_backup_vault_crn string + getBucketBackupPolicyOptions := &rc.GetBackupPolicyOptions{ + Bucket: aws.String(bucketName), + PolicyID: aws.String(policySetID), + } + + res, _, err := rcClient.GetBackupPolicy(getBucketBackupPolicyOptions) + if err != nil { + return err + } + if res != nil { + if res.PolicyName != nil { + d.Set("policy_name", aws.String(*res.PolicyName)) + policy_name = *res.PolicyName + } + if res.TargetBackupVaultCrn != nil { + d.Set("target_backup_vault_crn", aws.String(*res.TargetBackupVaultCrn)) + target_backup_vault_crn = *res.TargetBackupVaultCrn + } + if res.BackupType != nil { + d.Set("backup_type", aws.String(*res.BackupType)) + } + } + policyID := fmt.Sprintf("%s:%s:%s:target:%s", bucketName, policySetID, policy_name, target_backup_vault_crn) + d.SetId(policyID) + return nil +} diff --git a/ibm/service/cos/data_source_ibm_cos_backup_policy_test.go b/ibm/service/cos/data_source_ibm_cos_backup_policy_test.go new file mode 100644 index 0000000000..b749e0c8a8 --- /dev/null +++ b/ibm/service/cos/data_source_ibm_cos_backup_policy_test.go @@ -0,0 +1,39 @@ +// Copyright IBM Corp. 2017, 2021 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package cos_test + +import ( + "fmt" + "testing" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccIBMCOSBackupPolicyDataSource_basic(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckCOS(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccIBMCOSBackupPolicyDataSourceConfig_basic_read(acc.BucketName, acc.CosBackupPolicyID), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_cos_backup_policy.policy", "bucket_name"), + resource.TestCheckResourceAttrSet("data.ibm_cos_backup_policy.policy", "policy_id"), + resource.TestCheckResourceAttr("data.ibm_cos_backup_policy.policy", "backup_type", "continuous"), + ), + }, + }, + }) +} + +func testAccIBMCOSBackupPolicyDataSourceConfig_basic_read(name string, policy_id string) string { + return fmt.Sprintf(` + + data "ibm_cos_backup_policy" "policy" { + bucket_name = "%s" + policy_id = "%s" + }`, name, policy_id) +} diff --git a/ibm/service/cos/data_source_ibm_cos_backup_vault.go b/ibm/service/cos/data_source_ibm_cos_backup_vault.go new file mode 100644 index 0000000000..2cb2300637 --- /dev/null +++ b/ibm/service/cos/data_source_ibm_cos_backup_vault.go @@ -0,0 +1,90 @@ +// Copyright IBM Corp. 2017, 2021 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package cos + +import ( + "fmt" + "strings" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + rc "github.com/IBM/ibm-cos-sdk-go-config/v2/resourceconfigurationv1" + "github.com/IBM/ibm-cos-sdk-go/aws" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func DataSourceIBMCosBackupVault() *schema.Resource { + return &schema.Resource{ + Read: dataSourceIBMCosBackupVaultRead, + + Schema: map[string]*schema.Schema{ + "backup_vault_name": { + Type: schema.TypeString, + Required: true, + }, + "service_instance_id": { + Type: schema.TypeString, + Required: true, + }, + "region": { + Type: schema.TypeString, + Required: true, + }, + "activity_tracking_management_events": { + Type: schema.TypeBool, + Computed: true, + }, + "metrics_monitoring_usage_metrics": { + Type: schema.TypeBool, + Computed: true, + }, + "kms_key_crn": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} + +func dataSourceIBMCosBackupVaultRead(d *schema.ResourceData, meta interface{}) error { + rcClient, err := meta.(conns.ClientSession).CosConfigV1API() + if err != nil { + return err + } + backupVaultName := d.Get("backup_vault_name").(string) + instanceCRN := d.Get("service_instance_id").(string) + region := d.Get("region").(string) + getBucketBackupVaultOptions := &rc.GetBackupVaultOptions{ + BackupVaultName: aws.String(backupVaultName), + } + + d.Set("service_instance_id", instanceCRN) + d.Set("region", region) + res, _, err := rcClient.GetBackupVault(getBucketBackupVaultOptions) + if err != nil { + return err + } + + vaultID := fmt.Sprintf("%s:%s:%s:meta:%s", strings.Replace(instanceCRN, "::", "", -1), "backup-vault", backupVaultName, region) + d.SetId(vaultID) + if res != nil { + if res.ActivityTracking != nil { + if res.ActivityTracking.ManagementEvents != nil { + d.Set("activity_tracking_management_events", *res.ActivityTracking.ManagementEvents) + } + } else { + d.Set("activity_tracking_management_events", nil) + } + if res.MetricsMonitoring != nil { + d.Set("metrics_monitoring_usage_metrics", *res.MetricsMonitoring.UsageMetricsEnabled) + } else { + d.Set("metrics_monitoring_usage_metrics", nil) + } + if res.SseKpCustomerRootKeyCrn != nil { + d.Set("kms_key_crn", aws.String(*res.SseKpCustomerRootKeyCrn)) + } + + } + + return nil +} diff --git a/ibm/service/cos/data_source_ibm_cos_backup_vault_test.go b/ibm/service/cos/data_source_ibm_cos_backup_vault_test.go new file mode 100644 index 0000000000..6aa09e1107 --- /dev/null +++ b/ibm/service/cos/data_source_ibm_cos_backup_vault_test.go @@ -0,0 +1,40 @@ +// Copyright IBM Corp. 2017, 2021 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package cos_test + +import ( + "fmt" + "testing" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccIBMCOSBackupVaultDataSource_basic(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheckCOS(t) }, + Providers: acc.TestAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccIBMCOSBackupVaultDataSourceConfig_basic_read(acc.BackupVaultName, acc.CosCRN, acc.RegionName), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet("data.ibm_cos_backup_vault.vault", "backup_vault_name"), + resource.TestCheckResourceAttrSet("data.ibm_cos_backup_vault.vault", "service_instance_id"), + resource.TestCheckResourceAttrSet("data.ibm_cos_backup_vault.vault", "region"), + ), + }, + }, + }) +} + +func testAccIBMCOSBackupVaultDataSourceConfig_basic_read(name string, crn string, region string) string { + return fmt.Sprintf(` + + data "ibm_cos_backup_vault" "vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + }`, name, crn, region) +} diff --git a/ibm/service/cos/resource_ibm_cos_backup_policy.go b/ibm/service/cos/resource_ibm_cos_backup_policy.go new file mode 100644 index 0000000000..c2107fb7a2 --- /dev/null +++ b/ibm/service/cos/resource_ibm_cos_backup_policy.go @@ -0,0 +1,153 @@ +package cos + +import ( + "context" + "fmt" + "strings" + "time" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/validate" + rc "github.com/IBM/ibm-cos-sdk-go-config/v2/resourceconfigurationv1" + "github.com/IBM/ibm-cos-sdk-go/aws" + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func ResourceIBMCOSBackupPolicy() *schema.Resource { + return &schema.Resource{ + CreateContext: resourceIBMCOSBackupPolicyCreate, + ReadContext: resourceIBMCOSBackupPolicyRead, + DeleteContext: resourceIBMCOSBackupPolicyDelete, + Importer: &schema.ResourceImporter{}, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(60 * time.Minute), + Update: schema.DefaultTimeout(20 * time.Minute), + Delete: schema.DefaultTimeout(10 * time.Minute), + }, + Schema: map[string]*schema.Schema{ + "bucket_crn": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: "Bucket Crn of the source bucket.", + }, + "policy_name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: "Name of the backup policy to be applied on the source bucket.", + }, + "target_backup_vault_crn": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: "The CRN for a COS BackupVault.", + }, + "backup_type": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validate.ValidateAllowedStringValues([]string{"continuous"}), + Description: "The type of backup to support.", + }, + "policy_id": { + Type: schema.TypeString, + Computed: true, + Description: "Id of the backup policy applied on the source bucket", + }, + }, + } +} + +func resourceIBMCOSBackupPolicyCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + bucketCRN := d.Get("bucket_crn").(string) + bucketName := strings.Split(bucketCRN, ":bucket:")[1] + policyName := d.Get("policy_name").(string) + targetBackupVaultCRN := d.Get("target_backup_vault_crn").(string) + backupType := d.Get("backup_type").(string) + rcClient, err := meta.(conns.ClientSession).CosConfigV1API() + if err != nil { + return diag.Errorf("Failed to create rc client %v", err) + } + createBucketBackupPolicyOptions := &rc.CreateBackupPolicyOptions{ + Bucket: aws.String(bucketName), + PolicyName: aws.String(policyName), + TargetBackupVaultCrn: aws.String(targetBackupVaultCRN), + BackupType: aws.String(backupType), + } + res, _, err := rcClient.CreateBackupPolicy(createBucketBackupPolicyOptions) + if err != nil { + return diag.Errorf("Failed to create the backup policy %s, %v", bucketName, err) + } + policyId := *res.PolicyID + policySetID := fmt.Sprintf("%s:%s:%s:target:%s", bucketName, policyId, policyName, targetBackupVaultCRN) + d.SetId(policySetID) + return resourceIBMCOSBackupPolicyRead(ctx, d, meta) +} + +func resourceIBMCOSBackupPolicyRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + bucketName := parseBackupPolicyID(d.Id(), "bucketName") + policyId := parseBackupPolicyID(d.Id(), "policyId") + rcClient, err := meta.(conns.ClientSession).CosConfigV1API() + if err != nil { + return diag.Errorf("Failed to create rc client %v", err) + } + d.Set("policy_id", policyId) + getBucketBackupPolicyOptions := &rc.GetBackupPolicyOptions{ + Bucket: aws.String(bucketName), + PolicyID: aws.String(policyId), + } + + res, _, err := rcClient.GetBackupPolicy(getBucketBackupPolicyOptions) + if err != nil { + return diag.Errorf("Error while reading the backup policy vault : %v", err) + } + if res != nil { + if res.PolicyName != nil { + d.Set("policy_name", aws.String(*res.PolicyName)) + } + if res.TargetBackupVaultCrn != nil { + d.Set("target_backup_vault_crn", aws.String(*res.TargetBackupVaultCrn)) + } + if res.BackupType != nil { + d.Set("backup_type", aws.String(*res.BackupType)) + } + } + return nil +} + +func resourceIBMCOSBackupPolicyDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + bucketName := parseBackupPolicyID(d.Id(), "bucketName") + policyId := parseBackupPolicyID(d.Id(), "policyId") + rcClient, err := meta.(conns.ClientSession).CosConfigV1API() + if err != nil { + return diag.Errorf("Failed to create rc client %v", err) + } + deleteBucketBackupPolicyOptions := &rc.DeleteBackupPolicyOptions{ + Bucket: aws.String(bucketName), + PolicyID: aws.String(policyId), + } + _, deleteErr := rcClient.DeleteBackupPolicy(deleteBucketBackupPolicyOptions) + if deleteErr != nil { + return diag.Errorf("Error deleting the backup policy %v", deleteErr) + } + return nil +} + +func parseBackupPolicyID(id string, info string) string { + if info == "bucketName" { + return strings.Split(id, ":")[0] + } + if info == "policyId" { + return strings.Split(id, ":")[1] + } + if info == "policyName" { + return strings.Split(id, ":")[2] + } + if info == "targebucketCrn" { + return strings.Split(id, ":target:")[1] + } + return "" +} diff --git a/ibm/service/cos/resource_ibm_cos_backup_policy_test.go b/ibm/service/cos/resource_ibm_cos_backup_policy_test.go new file mode 100644 index 0000000000..e92fa0baf9 --- /dev/null +++ b/ibm/service/cos/resource_ibm_cos_backup_policy_test.go @@ -0,0 +1,915 @@ +package cos_test + +import ( + "fmt" + "regexp" + "strings" + "testing" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccIBMCosBackup_Policy_Basic_Valid(t *testing.T) { + accountID := acc.IBM_AccountID_REPL + bucketName := fmt.Sprintf("terraform-backup-source%d", acctest.RandIntRange(10, 100)) + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + guid := strings.Split(acc.CosCRN, ":")[7] + policyName := fmt.Sprintf("backup-policy%d", acctest.RandIntRange(10, 100)) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Policy_Basic_Valid(acc.CosCRN, bucketName, backupVaultName, region, accountID, policyName, guid), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_policy.policy", "policy_name", policyName), + ), + }, + }, + }) +} + +func TestAccIBMCosBackup_Policy_BV_With_Activity_Tracking_Valid(t *testing.T) { + accountID := acc.IBM_AccountID_REPL + bucketName := fmt.Sprintf("terraform-backup-source%d", acctest.RandIntRange(10, 100)) + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + guid := strings.Split(acc.CosCRN, ":")[7] + policyName := fmt.Sprintf("backup-policy%d", acctest.RandIntRange(10, 100)) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Policy_BV_With_Activity_Tracking_Valid(acc.CosCRN, bucketName, backupVaultName, region, accountID, policyName, guid), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "activity_tracking_management_events", "true"), + resource.TestCheckResourceAttr("ibm_cos_backup_policy.policy", "policy_name", policyName), + ), + }, + }, + }) +} + +func TestAccIBMCosBackup_Policy_BV_With_Metrics_Monitoring_Valid(t *testing.T) { + accountID := acc.IBM_AccountID_REPL + bucketName := fmt.Sprintf("terraform-backup-source%d", acctest.RandIntRange(10, 100)) + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + guid := strings.Split(acc.CosCRN, ":")[7] + policyName := fmt.Sprintf("backup-policy%d", acctest.RandIntRange(10, 100)) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Policy_BV_With_Metrics_Monitoring_Valid(acc.CosCRN, bucketName, backupVaultName, region, accountID, policyName, guid), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "metrics_monitoring_usage_metrics", "true"), + resource.TestCheckResourceAttr("ibm_cos_backup_policy.policy", "policy_name", policyName), + ), + }, + }, + }) +} + +func TestAccIBMCosBackup_Policy_BV_With_KP_Valid(t *testing.T) { + accountID := acc.IBM_AccountID_REPL + bucketName := fmt.Sprintf("terraform-backup-source%d", acctest.RandIntRange(10, 100)) + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + guid := strings.Split(acc.CosCRN, ":")[7] + policyName := fmt.Sprintf("backup-policy%d", acctest.RandIntRange(10, 100)) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Policy_BV_With_KP_Valid(acc.CosCRN, bucketName, backupVaultName, region, accountID, policyName, guid, acc.KmsKeyCrn), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "kms_key_crn", acc.KmsKeyCrn), + resource.TestCheckResourceAttr("ibm_cos_backup_policy.policy", "policy_name", policyName), + ), + }, + }, + }) +} +func TestAccIBMCosBackup_Policy_Multiple_Policy_Valid(t *testing.T) { + accountID := acc.IBM_AccountID_REPL + bucketName := fmt.Sprintf("terraform-backup-source%d", acctest.RandIntRange(10, 100)) + backupVaultName1 := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + backupVaultName2 := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + + region := "us" + guid := strings.Split(acc.CosCRN, ":")[7] + policyName1 := fmt.Sprintf("backup-policy1%d", acctest.RandIntRange(10, 100)) + policyName2 := fmt.Sprintf("backup-policy2%d", acctest.RandIntRange(10, 100)) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Policy_Multiple_Policy_Valid(acc.CosCRN, bucketName, backupVaultName1, backupVaultName2, region, accountID, policyName1, policyName2, guid), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault1", "backup_vault_name", backupVaultName1), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault2", "backup_vault_name", backupVaultName2), + resource.TestCheckResourceAttr("ibm_cos_backup_policy.policy1", "policy_name", policyName1), + resource.TestCheckResourceAttr("ibm_cos_backup_policy.policy2", "policy_name", policyName2), + ), + }, + }, + }) +} + +func TestAccIBMCosBackup_Policy_Non_Versioning_Source_Bucket_Invalid(t *testing.T) { + accountID := acc.IBM_AccountID_REPL + bucketName := fmt.Sprintf("terraform-backup-source%d", acctest.RandIntRange(10, 100)) + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + guid := strings.Split(acc.CosCRN, ":")[7] + policyName := fmt.Sprintf("backup-policy%d", acctest.RandIntRange(10, 100)) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Policy_Non_Versioning_Source_Bucket_Invalid(acc.CosCRN, bucketName, backupVaultName, region, accountID, policyName, guid), + ExpectError: regexp.MustCompile("Source bucket does not have versioning enabled"), + }, + }, + }) +} + +func TestAccIBMCosBackup_Policy_Multiple_Invalid(t *testing.T) { + accountID := acc.IBM_AccountID_REPL + bucketName := fmt.Sprintf("terraform-backup-source%d", acctest.RandIntRange(10, 100)) + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + guid := strings.Split(acc.CosCRN, ":")[7] + policyName1 := fmt.Sprintf("backup-policy1%d", acctest.RandIntRange(10, 100)) + policyName2 := fmt.Sprintf("backup-policy2%d", acctest.RandIntRange(10, 100)) + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Policy_Multiple_Invalid(acc.CosCRN, bucketName, backupVaultName, region, accountID, policyName1, policyName2, guid), + ExpectError: regexp.MustCompile("Bad Request"), + }, + }, + }) +} + +func TestAccIBMCosBackup_Policy_Invalid_Backup_Type(t *testing.T) { + accountID := acc.IBM_AccountID_REPL + bucketName := fmt.Sprintf("terraform-backup-source%d", acctest.RandIntRange(10, 100)) + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + guid := strings.Split(acc.CosCRN, ":")[7] + policyName := fmt.Sprintf("backup-policy%d", acctest.RandIntRange(10, 100)) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Policy_Invalid_Backup_Type(acc.CosCRN, bucketName, backupVaultName, region, accountID, policyName, guid), + ExpectError: regexp.MustCompile("Error:"), + }, + }, + }) +} + +func testAccCheckIBMCosBackup_Policy_Basic_Valid(instance_id string, bucketName string, bucketVaultName string, region string, accountId string, policyName string, guid string) string { + + return fmt.Sprintf(` + +resource "ibm_cos_bucket" "bucket" { + bucket_name = "%s" + resource_instance_id = "%s" + cross_region_location = "us" + storage_class = "standard" + object_versioning { + enable = true + } + + } +resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + } + +resource "ibm_iam_authorization_policy" "policy" { + roles = [ + "Backup Manager", "Writer" + ] + subject_attributes { + name = "accountId" + value = "%s" + } + subject_attributes { + name = "serviceName" + value = "cloud-object-storage" + } + subject_attributes { + name = "serviceInstance" + value = "%s" + } + subject_attributes { + name = "resource" + value = "%s" + } + subject_attributes { + name = "resourceType" + value = "bucket" + } + resource_attributes { + name = "accountId" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "serviceName" + operator = "stringEquals" + value = "cloud-object-storage" + } + resource_attributes { + name = "serviceInstance" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resource" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resourceType" + operator = "stringEquals" + value = "backup-vault" + } +} + +resource "ibm_cos_backup_policy" "policy" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault.backup_vault_crn + backup_type = "continuous" +} + + `, bucketName, instance_id, bucketVaultName, instance_id, region, accountId, guid, bucketName, accountId, guid, bucketVaultName, policyName) +} + +func testAccCheckIBMCosBackup_Policy_Multiple_Policy_Valid(instance_id string, bucketName string, bucketVaultName1 string, bucketVaultName2 string, region string, accountId string, policyName1 string, policyName2 string, guid string) string { + + return fmt.Sprintf(` + +resource "ibm_cos_bucket" "bucket" { + bucket_name = "%s" + resource_instance_id = "%s" + cross_region_location = "us" + storage_class = "standard" + object_versioning { + enable = true + } +} +resource "ibm_cos_backup_vault" "backup-vault1" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + } + +resource "ibm_cos_backup_vault" "backup-vault2" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + } + +resource "ibm_iam_authorization_policy" "policy" { + roles = [ + "Backup Manager", "Writer" + ] + subject_attributes { + name = "accountId" + value = "%s" + } + subject_attributes { + name = "serviceName" + value = "cloud-object-storage" + } + subject_attributes { + name = "serviceInstance" + value = "%s" + } + subject_attributes { + name = "resource" + value = "%s" + } + subject_attributes { + name = "resourceType" + value = "bucket" + } + resource_attributes { + name = "accountId" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "serviceName" + operator = "stringEquals" + value = "cloud-object-storage" + } + resource_attributes { + name = "serviceInstance" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resource" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resourceType" + operator = "stringEquals" + value = "backup-vault" + } +} +resource "ibm_iam_authorization_policy" "policy2" { + roles = [ + "Backup Manager", "Writer" + ] + subject_attributes { + name = "accountId" + value = "%s" + } + subject_attributes { + name = "serviceName" + value = "cloud-object-storage" + } + subject_attributes { + name = "serviceInstance" + value = "%s" + } + subject_attributes { + name = "resource" + value = "%s" + } + subject_attributes { + name = "resourceType" + value = "bucket" + } + resource_attributes { + name = "accountId" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "serviceName" + operator = "stringEquals" + value = "cloud-object-storage" + } + resource_attributes { + name = "serviceInstance" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resource" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resourceType" + operator = "stringEquals" + value = "backup-vault" + } +} + +resource "ibm_cos_backup_policy" "policy1" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault1.backup_vault_crn + backup_type = "continuous" +} + +resource "ibm_cos_backup_policy" "policy2" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault2.backup_vault_crn + backup_type = "continuous" + } + `, bucketName, instance_id, bucketVaultName1, instance_id, region, bucketVaultName2, instance_id, region, accountId, guid, bucketName, accountId, guid, bucketVaultName1, accountId, guid, bucketName, accountId, guid, bucketVaultName2, policyName1, policyName2) +} + +func testAccCheckIBMCosBackup_Policy_BV_With_Activity_Tracking_Valid(instance_id string, bucketName string, bucketVaultName string, region string, accountId string, policyName string, guid string) string { + + return fmt.Sprintf(` + +resource "ibm_cos_bucket" "bucket" { + bucket_name = "%s" + resource_instance_id = "%s" + cross_region_location = "us" + storage_class = "standard" + object_versioning { + enable = true + } + } +resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + activity_tracking_management_events = true + } + +resource "ibm_iam_authorization_policy" "policy" { + roles = [ + "Backup Manager", "Writer" + ] + subject_attributes { + name = "accountId" + value = "%s" + } + subject_attributes { + name = "serviceName" + value = "cloud-object-storage" + } + subject_attributes { + name = "serviceInstance" + value = "%s" + } + subject_attributes { + name = "resource" + value = "%s" + } + subject_attributes { + name = "resourceType" + value = "bucket" + } + resource_attributes { + name = "accountId" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "serviceName" + operator = "stringEquals" + value = "cloud-object-storage" + } + resource_attributes { + name = "serviceInstance" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resource" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resourceType" + operator = "stringEquals" + value = "backup-vault" + } +} + +resource "ibm_cos_backup_policy" "policy" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault.backup_vault_crn + backup_type = "continuous" +} + + `, bucketName, instance_id, bucketVaultName, instance_id, region, accountId, guid, bucketName, accountId, guid, bucketVaultName, policyName) +} + +func testAccCheckIBMCosBackup_Policy_BV_With_Metrics_Monitoring_Valid(instance_id string, bucketName string, bucketVaultName string, region string, accountId string, policyName string, guid string) string { + + return fmt.Sprintf(` + +resource "ibm_cos_bucket" "bucket" { + bucket_name = "%s" + resource_instance_id = "%s" + cross_region_location = "us" + storage_class = "standard" + object_versioning { + enable = true + } + +} +resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + metrics_monitoring_usage_metrics = true +} + +resource "ibm_iam_authorization_policy" "policy" { + roles = [ + "Backup Manager", "Writer" + ] + subject_attributes { + name = "accountId" + value = "%s" + } + subject_attributes { + name = "serviceName" + value = "cloud-object-storage" + } + subject_attributes { + name = "serviceInstance" + value = "%s" + } + subject_attributes { + name = "resource" + value = "%s" + } + subject_attributes { + name = "resourceType" + value = "bucket" + } + resource_attributes { + name = "accountId" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "serviceName" + operator = "stringEquals" + value = "cloud-object-storage" + } + resource_attributes { + name = "serviceInstance" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resource" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resourceType" + operator = "stringEquals" + value = "backup-vault" + } +} + +resource "ibm_cos_backup_policy" "policy" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault.backup_vault_crn + backup_type = "continuous" +} + + `, bucketName, instance_id, bucketVaultName, instance_id, region, accountId, guid, bucketName, accountId, guid, bucketVaultName, policyName) +} + +func testAccCheckIBMCosBackup_Policy_BV_With_KP_Valid(instance_id string, bucketName string, bucketVaultName string, region string, accountId string, policyName string, guid string, key string) string { + + return fmt.Sprintf(` + +resource "ibm_cos_bucket" "bucket" { + bucket_name = "%s" + resource_instance_id = "%s" + cross_region_location = "us" + storage_class = "standard" + object_versioning { + enable = true + } +} +resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + kms_key_crn = "%s" +} + +resource "ibm_iam_authorization_policy" "policy" { + roles = [ + "Backup Manager", "Writer" + ] + subject_attributes { + name = "accountId" + value = "%s" + } + subject_attributes { + name = "serviceName" + value = "cloud-object-storage" + } + subject_attributes { + name = "serviceInstance" + value = "%s" + } + subject_attributes { + name = "resource" + value = "%s" + } + subject_attributes { + name = "resourceType" + value = "bucket" + } + resource_attributes { + name = "accountId" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "serviceName" + operator = "stringEquals" + value = "cloud-object-storage" + } + resource_attributes { + name = "serviceInstance" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resource" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resourceType" + operator = "stringEquals" + value = "backup-vault" + } +} + +resource "ibm_cos_backup_policy" "policy" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault.backup_vault_crn + backup_type = "continuous" +} + + `, bucketName, instance_id, bucketVaultName, instance_id, region, key, accountId, guid, bucketName, accountId, guid, bucketVaultName, policyName) +} + +func testAccCheckIBMCosBackup_Policy_Non_Versioning_Source_Bucket_Invalid(instance_id string, bucketName string, bucketVaultName string, region string, accountId string, policyName string, guid string) string { + + return fmt.Sprintf(` + +resource "ibm_cos_bucket" "bucket" { + bucket_name = "%s" + resource_instance_id = "%s" + cross_region_location = "us" + storage_class = "standard" +} +resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" +} + +resource "ibm_iam_authorization_policy" "policy" { + roles = [ + "Backup Manager", "Writer" + ] + subject_attributes { + name = "accountId" + value = "%s" + } + subject_attributes { + name = "serviceName" + value = "cloud-object-storage" + } + subject_attributes { + name = "serviceInstance" + value = "%s" + } + subject_attributes { + name = "resource" + value = "%s" + } + subject_attributes { + name = "resourceType" + value = "bucket" + } + resource_attributes { + name = "accountId" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "serviceName" + operator = "stringEquals" + value = "cloud-object-storage" + } + resource_attributes { + name = "serviceInstance" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resource" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resourceType" + operator = "stringEquals" + value = "backup-vault" + } +} + +resource "ibm_cos_backup_policy" "policy" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault.backup_vault_crn + backup_type = "continuous" +} + + `, bucketName, instance_id, bucketVaultName, instance_id, region, accountId, guid, bucketName, accountId, guid, bucketVaultName, policyName) +} + +func testAccCheckIBMCosBackup_Policy_Multiple_Invalid(instance_id string, bucketName string, bucketVaultName string, region string, accountId string, policyName1 string, policyName2 string, guid string) string { + + return fmt.Sprintf(` + +resource "ibm_cos_bucket" "bucket" { + bucket_name = "%s" + resource_instance_id = "%s" + cross_region_location = "us" + storage_class = "standard" + object_versioning { + enable = true + } +} +resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" +} +resource "ibm_iam_authorization_policy" "policy" { + roles = [ + "Backup Manager", "Writer" + ] + subject_attributes { + name = "accountId" + value = "%s" + } + subject_attributes { + name = "serviceName" + value = "cloud-object-storage" + } + subject_attributes { + name = "serviceInstance" + value = "%s" + } + subject_attributes { + name = "resource" + value = "%s" + } + subject_attributes { + name = "resourceType" + value = "bucket" + } + resource_attributes { + name = "accountId" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "serviceName" + operator = "stringEquals" + value = "cloud-object-storage" + } + resource_attributes { + name = "serviceInstance" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resource" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resourceType" + operator = "stringEquals" + value = "backup-vault" + } +} + +resource "ibm_cos_backup_policy" "policy1" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault.backup_vault_crn + backup_type = "continuous" +} + +resource "ibm_cos_backup_policy" "policy2" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault.backup_vault_crn + backup_type = "continuous" + } + `, bucketName, instance_id, bucketVaultName, instance_id, region, accountId, guid, bucketName, accountId, guid, bucketVaultName, policyName1, policyName2) +} + +func testAccCheckIBMCosBackup_Policy_Invalid_Backup_Type(instance_id string, bucketName string, bucketVaultName string, region string, accountId string, policyName string, guid string) string { + + return fmt.Sprintf(` + +resource "ibm_cos_bucket" "bucket" { + bucket_name = "%s" + resource_instance_id = "%s" + cross_region_location = "us" + storage_class = "standard" + object_versioning { + enable = true + } +} +resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" +} + +resource "ibm_iam_authorization_policy" "policy" { + roles = [ + "Backup Manager", "Writer" + ] + subject_attributes { + name = "accountId" + value = "%s" + } + subject_attributes { + name = "serviceName" + value = "cloud-object-storage" + } + subject_attributes { + name = "serviceInstance" + value = "%s" + } + subject_attributes { + name = "resource" + value = "%s" + } + subject_attributes { + name = "resourceType" + value = "bucket" + } + resource_attributes { + name = "accountId" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "serviceName" + operator = "stringEquals" + value = "cloud-object-storage" + } + resource_attributes { + name = "serviceInstance" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resource" + operator = "stringEquals" + value = "%s" + } + resource_attributes { + name = "resourceType" + operator = "stringEquals" + value = "backup-vault" + } +} + +resource "ibm_cos_backup_policy" "policy" { + bucket_crn = ibm_cos_bucket.bucket.crn + policy_name = "%s" + target_backup_vault_crn = ibm_cos_backup_vault.backup-vault.backup_vault_crn + backup_type = "invalid" +} + + `, bucketName, instance_id, bucketVaultName, instance_id, region, accountId, guid, bucketName, accountId, guid, bucketVaultName, policyName) +} diff --git a/ibm/service/cos/resource_ibm_cos_backup_vault.go b/ibm/service/cos/resource_ibm_cos_backup_vault.go new file mode 100644 index 0000000000..90afcdd3a8 --- /dev/null +++ b/ibm/service/cos/resource_ibm_cos_backup_vault.go @@ -0,0 +1,229 @@ +package cos + +import ( + "context" + "fmt" + "strings" + "time" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + rc "github.com/IBM/ibm-cos-sdk-go-config/v2/resourceconfigurationv1" + "github.com/IBM/ibm-cos-sdk-go/aws" + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func ResourceIBMCOSBackupVault() *schema.Resource { + return &schema.Resource{ + CreateContext: resourceIBMCOSBackupVaultCreate, + ReadContext: resourceIBMCOSBackupVaultRead, + UpdateContext: resourceIBMCOSBackupVaultUpdate, + DeleteContext: resourceIBMCOSBackupVaultDelete, + Importer: &schema.ResourceImporter{}, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(60 * time.Minute), + Update: schema.DefaultTimeout(20 * time.Minute), + Delete: schema.DefaultTimeout(10 * time.Minute), + }, + Schema: map[string]*schema.Schema{ + "backup_vault_name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: "Name of the Backup Vault.", + }, + "service_instance_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: "Instance id for the backup vault.", + }, + "region": { + Type: schema.TypeString, + Required: true, + Description: "Location where backup vault to be created.", + }, + "backup_vault_crn": { + Type: schema.TypeString, + Computed: true, + Description: "CRN of resource instance", + }, + "activity_tracking_management_events": { + Type: schema.TypeBool, + Optional: true, + Description: "Activity Tracking configuration.Whether to send notifications for management events on the BackupVault.", + }, + "metrics_monitoring_usage_metrics": { + Type: schema.TypeBool, + Optional: true, + Description: "Metrics Monitoring configuration.Whether usage metrics are collected for this BackupVault.", + }, + "kms_key_crn": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Description: "The CRN for a KeyProtect root key.", + }, + }, + } +} + +func resourceIBMCOSBackupVaultCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + + backupVaultName := d.Get("backup_vault_name").(string) + instanceCRN := d.Get("service_instance_id").(string) + region := d.Get("region").(string) + rcClient, err := meta.(conns.ClientSession).CosConfigV1API() + if err != nil { + return diag.Errorf("Failed to create rc client %v", err) + } + createBackupVault := &rc.CreateBackupVaultOptions{} + createBackupVault.BackupVaultName = aws.String(backupVaultName) + createBackupVault.ServiceInstanceID = aws.String(instanceCRN) + createBackupVault.Region = aws.String(region) + + if managementEvents, ok := d.GetOkExists("activity_tracking_management_events"); ok { + createBackupVault.ActivityTracking = &rc.BackupVaultActivityTracking{} + managementEvents := managementEvents.(bool) + createBackupVault.ActivityTracking.ManagementEvents = &managementEvents + } + if usageMetrics, ok := d.GetOkExists("metrics_monitoring_usage_metrics"); ok { + um := usageMetrics.(bool) + createBackupVault.MetricsMonitoring = &rc.BackupVaultMetricsMonitoring{} + createBackupVault.MetricsMonitoring.UsageMetricsEnabled = &um + } + if key, ok := d.GetOk("kms_key_crn"); ok { + createBackupVault.SseKpCustomerRootKeyCrn = aws.String(key.(string)) + } + _, _, err = rcClient.CreateBackupVault(createBackupVault) + if err != nil { + return diag.Errorf("Failed to create the backup vault %s, %v", backupVaultName, err) + } + vaultID := fmt.Sprintf("%s:%s:%s:meta:%s", strings.Replace(instanceCRN, "::", "", -1), "backup-vault", backupVaultName, region) + d.SetId(vaultID) + return resourceIBMCOSBackupVaultUpdate(ctx, d, meta) +} + +func resourceIBMCOSBackupVaultUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + backupVaultName := d.Get("backup_vault_name").(string) + rcClient, err := meta.(conns.ClientSession).CosConfigV1API() + if err != nil { + return diag.Errorf("Failed to create rc client %v", err) + } + backupVaultPatch := &rc.BackupVaultPatch{} + hasChange := false + if d.HasChange("activity_tracking_management_events") { + hasChange = true + _, newValue := d.GetChange("activity_tracking_management_events") + if newValue != nil { + backupVaultPatch.ActivityTracking = &rc.BackupVaultActivityTracking{} + backupVaultPatch.ActivityTracking.ManagementEvents = aws.Bool(d.Get("activity_tracking_management_events").(bool)) + } else { + backupVaultPatch.ActivityTracking = &rc.BackupVaultActivityTracking{} + } + } + + if d.HasChange("metrics_monitoring_usage_metrics") { + hasChange = true + _, newValue := d.GetChange("metrics_monitoring_usage_metrics") + if newValue != nil { + backupVaultPatch.MetricsMonitoring = &rc.BackupVaultMetricsMonitoring{} + backupVaultPatch.MetricsMonitoring.UsageMetricsEnabled = aws.Bool(d.Get("metrics_monitoring_usage_metrics").(bool)) + } else { + backupVaultPatch.MetricsMonitoring = &rc.BackupVaultMetricsMonitoring{} + } + } + + if hasChange == true { + bucketPatchModelAsPatch, asPatchErr := backupVaultPatch.AsPatch() + if asPatchErr != nil { + return diag.Errorf("Unable to create the update patch for backup vault %v", asPatchErr) + } + updateBucketBackupVaultOptions := &rc.UpdateBackupVaultOptions{ + BackupVaultName: aws.String(backupVaultName), + BackupVaultPatch: bucketPatchModelAsPatch, + } + _, _, err = rcClient.UpdateBackupVault(updateBucketBackupVaultOptions) + if err != nil { + return diag.Errorf("Unable to update the backup vault configurations %v", err) + } + } + return resourceIBMCOSBackupVaultRead(ctx, d, meta) +} + +func resourceIBMCOSBackupVaultRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + backupVaultName := parseBackupVaultID(d.Id(), "backupVaultName") + instanceCRN := parseBackupVaultID(d.Id(), "instanceCRN") + region := parseBackupVaultID(d.Id(), "region") + crn := parseBackupVaultID(d.Id(), "backupVaultCrn") + rcClient, err := meta.(conns.ClientSession).CosConfigV1API() + if err != nil { + return diag.Errorf("Failed to create rc client %v", err) + } + d.Set("service_instance_id", instanceCRN) + d.Set("region", region) + d.Set("backup_vault_crn", crn) + getBucketBackupVaultOptions := &rc.GetBackupVaultOptions{ + BackupVaultName: aws.String(backupVaultName), + } + res, _, err := rcClient.GetBackupVault(getBucketBackupVaultOptions) + if err != nil { + return diag.Errorf("Error while reading he backup vault : %v", err) + } + if res != nil { + + if res.ActivityTracking != nil { + if res.ActivityTracking.ManagementEvents != nil { + d.Set("activity_tracking_management_events", *res.ActivityTracking.ManagementEvents) + } + } else { + d.Set("activity_tracking_management_events", nil) + } + if res.MetricsMonitoring != nil { + d.Set("metrics_monitoring_usage_metrics", *res.MetricsMonitoring.UsageMetricsEnabled) + } else { + d.Set("metrics_monitoring_usage_metrics", nil) + } + if res.SseKpCustomerRootKeyCrn != nil { + d.Set("kms_key_crn", *res.SseKpCustomerRootKeyCrn) + } + } + + return nil +} + +func resourceIBMCOSBackupVaultDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + + backupVaultName := parseBackupVaultID(d.Id(), "backupVaultName") + rcClient, err := meta.(conns.ClientSession).CosConfigV1API() + if err != nil { + return diag.Errorf("Failed to create rc client %v", err) + } + deleteBucketBackupVaultOptions := &rc.DeleteBackupVaultOptions{ + BackupVaultName: aws.String(backupVaultName), + } + _, deleteErr := rcClient.DeleteBackupVault(deleteBucketBackupVaultOptions) + if deleteErr != nil { + return diag.Errorf("Error deleting the backup vault %v", deleteErr) + } + return nil +} + +func parseBackupVaultID(id string, info string) string { + backupVaultCrn := strings.Split(id, ":meta:")[0] + + if info == "backupVaultName" { + return strings.Split(backupVaultCrn, ":backup-vault:")[1] + } + if info == "instanceCRN" { + return fmt.Sprintf("%s::", strings.Split(backupVaultCrn, ":backup-vault:")[0]) + } + if info == "backupVaultCrn" { + return backupVaultCrn + } + if info == "region" { + return strings.Split(id, ":meta:")[1] + } + return "" +} diff --git a/ibm/service/cos/resource_ibm_cos_backup_vault_test.go b/ibm/service/cos/resource_ibm_cos_backup_vault_test.go new file mode 100644 index 0000000000..51bd7b2f26 --- /dev/null +++ b/ibm/service/cos/resource_ibm_cos_backup_vault_test.go @@ -0,0 +1,337 @@ +package cos_test + +import ( + "fmt" + "regexp" + "testing" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccIBMCosBackup_Vault_Create_Valid(t *testing.T) { + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Vault_Create_Valid(acc.CosCRN, backupVaultName, region), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + ), + }, + }, + }) +} + +func TestAccIBMCosBackup_Vault_Create_With_Activity_Tracking_Valid(t *testing.T) { + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + activityTrackingManagementEvents := true + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Vault_Create_With_Activity_Tracking_Valid(acc.CosCRN, backupVaultName, region, activityTrackingManagementEvents), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "activity_tracking_management_events", "true"), + ), + }, + }, + }) +} +func TestAccIBMCosBackup_Vault_Create_With_Metrics_Monitoring_Valid(t *testing.T) { + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + usageMetrics := true + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Vault_Create_With_Metrics_Monitoring_Valid(acc.CosCRN, backupVaultName, region, usageMetrics), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "metrics_monitoring_usage_metrics", "true"), + ), + }, + }, + }) +} +func TestAccIBMCosBackup_Vault_Create_With_KP_Valid(t *testing.T) { + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Vault_Create_With_KP_Valid(acc.CosCRN, backupVaultName, region, acc.KmsKeyCrn), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "kms_key_crn", acc.KmsKeyCrn), + ), + }, + }, + }) +} + +func TestAccIBMCosBackup_Vault_Create_With_AT_Enabled_MM_Disabled_Valid(t *testing.T) { + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + activityTrackingManagementEvents := true + usageMetrics := false + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Vault_Create_With_AT_Enabled_MM_Disabled_Valid(acc.CosCRN, backupVaultName, region, activityTrackingManagementEvents, usageMetrics), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "activity_tracking_management_events", "true"), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "metrics_monitoring_usage_metrics", "false"), + ), + }, + }, + }) +} + +func TestAccIBMCosBackup_Vault_Create_With_AT_Disabled_MM_Enabled_Valid(t *testing.T) { + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + activityTrackingManagementEvents := false + usageMetrics := true + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Vault_Create_With_AT_Disabled_MM_Enabled_Valid(acc.CosCRN, backupVaultName, region, activityTrackingManagementEvents, usageMetrics), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "activity_tracking_management_events", "false"), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "metrics_monitoring_usage_metrics", "true"), + ), + }, + }, + }) +} + +func TestAccIBMCosBackup_Vault_Create_Multiple_Valid(t *testing.T) { + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + backupVaultName2 := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Vault_Create_Multiple_Valid(acc.CosCRN, backupVaultName, backupVaultName2, region), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault2", "backup_vault_name", backupVaultName2), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault2", "region", region), + ), + }, + }, + }) +} + +func TestAccIBMCosBackup_Vault_Create_Multiple_Vault_With_Same_Name_Invalid(t *testing.T) { + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Vault_Create_Multiple_Invalid(acc.CosCRN, backupVaultName, region), + ExpectError: regexp.MustCompile("Error: Failed to create the backup vault"), + }, + }, + }) +} + +func TestAccIBMCosBackup_Vault_Create_All_Configurations_Valid(t *testing.T) { + backupVaultName := fmt.Sprintf("terraform-backup-vault%d", acctest.RandIntRange(10, 100)) + region := "us" + activityTrackingManagementEvents := true + usageMetrics := true + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIBMCosBucketDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckIBMCosBackup_Vault_Create_With_All_Configurations_Valid(acc.CosCRN, backupVaultName, region, activityTrackingManagementEvents, usageMetrics, acc.KmsKeyCrn), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "backup_vault_name", backupVaultName), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "region", region), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "activity_tracking_management_events", "true"), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "metrics_monitoring_usage_metrics", "true"), + resource.TestCheckResourceAttr("ibm_cos_backup_vault.backup-vault", "kms_key_crn", acc.KmsKeyCrn), + ), + }, + }, + }) +} + +// tests + +func testAccCheckIBMCosBackup_Vault_Create_Valid(instance_id string, bucketVaultName string, region string) string { + + return fmt.Sprintf(` + resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + } + + `, bucketVaultName, instance_id, region) +} + +func testAccCheckIBMCosBackup_Vault_Create_With_Activity_Tracking_Valid(instance_id string, bucketVaultName string, region string, managementEvents bool) string { + + return fmt.Sprintf(` + resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + activity_tracking_management_events = "%t" + } + + `, bucketVaultName, instance_id, region, managementEvents) +} + +func testAccCheckIBMCosBackup_Vault_Create_With_Metrics_Monitoring_Valid(instance_id string, bucketVaultName string, region string, usageMetrics bool) string { + + return fmt.Sprintf(` + resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + metrics_monitoring_usage_metrics = "%t" + } + + `, bucketVaultName, instance_id, region, usageMetrics) +} + +func testAccCheckIBMCosBackup_Vault_Create_With_KP_Valid(instance_id string, bucketVaultName string, region string, kmsKeyCrn string) string { + + return fmt.Sprintf(` + resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + kms_key_crn = "%s" + } + + `, bucketVaultName, instance_id, region, kmsKeyCrn) +} + +func testAccCheckIBMCosBackup_Vault_Create_With_AT_Enabled_MM_Disabled_Valid(instance_id string, bucketVaultName string, region string, managementEvents bool, usageMetrics bool) string { + + return fmt.Sprintf(` + resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + activity_tracking_management_events = "%t" + metrics_monitoring_usage_metrics = "%t" + } + + `, bucketVaultName, instance_id, region, managementEvents, usageMetrics) +} + +func testAccCheckIBMCosBackup_Vault_Create_With_AT_Disabled_MM_Enabled_Valid(instance_id string, bucketVaultName string, region string, managementEvents bool, usageMetrics bool) string { + + return fmt.Sprintf(` + resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + activity_tracking_management_events = "%t" + metrics_monitoring_usage_metrics = "%t" + } + + `, bucketVaultName, instance_id, region, managementEvents, usageMetrics) +} + +func testAccCheckIBMCosBackup_Vault_Create_Multiple_Valid(instance_id string, bucketVaultName string, bucketVaultName2 string, region string) string { + + return fmt.Sprintf(` + resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + } + + resource "ibm_cos_backup_vault" "backup-vault2" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + } + + `, bucketVaultName, instance_id, region, bucketVaultName2, instance_id, region) +} + +func testAccCheckIBMCosBackup_Vault_Create_Multiple_Invalid(instance_id string, bucketVaultName string, region string) string { + + return fmt.Sprintf(` + resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + } + + resource "ibm_cos_backup_vault" "backup-vault2" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + } + + `, bucketVaultName, instance_id, region, bucketVaultName, instance_id, region) +} + +func testAccCheckIBMCosBackup_Vault_Create_With_All_Configurations_Valid(instance_id string, bucketVaultName string, region string, managementEvents bool, usageMetrics bool, key string) string { + + return fmt.Sprintf(` + resource "ibm_cos_backup_vault" "backup-vault" { + backup_vault_name = "%s" + service_instance_id = "%s" + region = "%s" + activity_tracking_management_events = "%t" + metrics_monitoring_usage_metrics = "%t" + kms_key_crn = "%s" + } + + `, bucketVaultName, instance_id, region, managementEvents, usageMetrics, key) +}