Add brand module

README.md

@@ -0,0 +1,23 @@
+# terraform-okta-modules
+
+![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/tedilabs/terraform-okta-modules?color=blue&sort=semver&style=flat-square)
+![GitHub](https://img.shields.io/github/license/tedilabs/terraform-okta-modules?color=blue&style=flat-square)
+[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white&style=flat-square)](https://github.com/pre-commit/pre-commit)
+
+Terraform module to manage all of things on Okta organization.
+
+- [brand](./modules/brand/)
+- [group](./modules/group/)
+- [user](./modules/user/)
+
+
+## Self Promotion
+
+Like this project? Follow the repository on [GitHub](https://github.com/tedilabs/terraform-okta-modules). And if you're feeling especially charitable, follow **[posquit0](https://github.com/posquit0)** on GitHub.
+
+
+## License
+
+Provided under the terms of the [Apache License](LICENSE).
+
+Copyright © 2024, [Byungjin Park](https://www.posquit0.com).

modules/brand/README.md

@@ -0,0 +1,57 @@
+# brand
+
+This module creates following resources.
+
+- `okta_brand`
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.6 |
+| <a name="requirement_datadog"></a> [datadog](#requirement\_datadog) | >= 3.37 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_datadog"></a> [datadog](#provider\_datadog) | 3.37.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [datadog_team.this](https://registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/team) | resource |
+| [datadog_team_link.this](https://registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/team_link) | resource |
+| [datadog_team_permission_setting.edit](https://registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/team_permission_setting) | resource |
+| [datadog_team_permission_setting.membership](https://registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/team_permission_setting) | resource |
+| [datadog_team.this](https://registry.terraform.io/providers/DataDog/datadog/latest/docs/data-sources/team) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_handle"></a> [handle](#input\_handle) | (Required) The identifier of the team. | `string` | n/a | yes |
+| <a name="input_name"></a> [name](#input\_name) | (Required) A name to help you identify the team. | `string` | n/a | yes |
+| <a name="input_description"></a> [description](#input\_description) | (Optional) A description to help you identify the team. | `string` | `"Managed by Terraform."` | no |
+| <a name="input_links"></a> [links](#input\_links) | (Optional) A list of configurations for the team links. Each block of `teams` block as defined below.<br>    (Required) `name` - A label to help you identify the link.<br>    (Required) `url` - The URL for the link.<br>    (Optional) `priority` - The link's position, used to sort links for the team. | <pre>list(object({<br>    name     = string<br>    url      = string<br>    priority = optional(number)<br>  }))</pre> | `[]` | no |
+| <a name="input_permissions"></a> [permissions](#input\_permissions) | (Optional) A configurations for the team permissions. `permissions` block as defined below.<br>    (Optional) `edit` - The scope who can edit the team. Users with the `User Access Manage` permission can always add members, remove members, and edit this setting. Defaults to `TEAM_MEMBER`.<br>    (Optional) `membership` - The scope who can manage the team's membership. Users with the `Teams Manage` permission can always edit team details and this setting. Defaults to `TEAM_MANAGER`. | <pre>object({<br>    edit       = optional(string, "TEAM_MEMBER")<br>    membership = optional(string, "TEAM_MANAGER")<br>  })</pre> | `{}` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_description"></a> [description](#output\_description) | The description of the team. |
+| <a name="output_handle"></a> [handle](#output\_handle) | The handle of the team. |
+| <a name="output_id"></a> [id](#output\_id) | The ID of the team. |
+| <a name="output_link_count"></a> [link\_count](#output\_link\_count) | The number of links belonging to the team. |
+| <a name="output_links"></a> [links](#output\_links) | The configurations for the team links. |
+| <a name="output_name"></a> [name](#output\_name) | The name of the team. |
+| <a name="output_permissions"></a> [permissions](#output\_permissions) | The configurations for the team permissions. |
+| <a name="output_user_count"></a> [user\_count](#output\_user\_count) | The number of users belonging to the team. |
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

modules/brand/main.tf

@@ -0,0 +1,37 @@
+locals {
+  metadata = {
+    package = "terraform-okta-modules"
+    version = trimspace(file("${path.module}/../../VERSION"))
+    module  = basename(path.module)
+    name    = var.name
+  }
+  module_tags = {
+    "module.terraform.io/package"   = local.metadata.package
+    "module.terraform.io/version"   = local.metadata.version
+    "module.terraform.io/name"      = local.metadata.module
+    "module.terraform.io/full-name" = "${local.metadata.package}/${local.metadata.module}"
+    "module.terraform.io/instance"  = local.metadata.name
+  }
+}
+
+
+###################################################
+# Okta Brand
+###################################################
+
+resource "okta_brand" "this" {
+  name   = var.name
+  locale = var.locale
+
+  ## Custom Privacy Policy
+  agree_to_custom_privacy_policy = (var.custom_privacy_policy.enabled
+    ? true
+    : null
+  )
+  custom_privacy_policy_url = (var.custom_privacy_policy.enabled
+    ? var.custom_privacy_policy.url
+    : null
+  )
+
+  remove_powered_by_okta = !var.powered_by_okta
+}

modules/brand/outputs.tf

@@ -0,0 +1,45 @@
+output "id" {
+  description = "The ID of the brand."
+  value       = okta_brand.this.id
+}
+
+output "name" {
+  description = "The name of the brand."
+  value       = okta_brand.this.name
+}
+
+output "is_default" {
+  description = "Whether this brand is default or not."
+  value       = okta_brand.this.is_default
+}
+
+output "locale" {
+  description = "The preferred language for the brand."
+  value       = okta_brand.this.locale
+}
+
+output "custom_privacy_policy" {
+  description = "The configurations for the custom privacy policy."
+  value = {
+    enabled = var.custom_privacy_policy.enabled
+    url     = var.custom_privacy_policy.url
+  }
+}
+
+output "powered_by_okta" {
+  description = <<EOF
+  Whether "Powered by Okta" appears in any visible footers. Defaults to `false`.
+  EOF
+  value       = okta_brand.this.remove_powered_by_okta
+}
+
+# output "debug" {
+#   description = <<EOF
+#   The configurations for the team permissions.
+#   EOF
+#   value = {
+#     for k, v in okta_brand.this :
+#     k => v
+#     if !contains(["name", "id", "is_default", "brand_id", "locale", "agree_to_custom_privacy_policy", "custom_privacy_policy_url", "remove_powered_by_okta"], k)
+#   }
+# }

modules/brand/variables.tf

@@ -0,0 +1,43 @@
+variable "name" {
+  description = "(Required) A name of the brand."
+  type        = string
+  nullable    = false
+}
+
+variable "locale" {
+  description = "(Optional) The preferred language for the brand. Specified as an IETF BCP 47 language tag. Defaults to `en`."
+  type        = string
+  default     = "en"
+  nullable    = false
+}
+
+variable "custom_privacy_policy" {
+  description = <<EOF
+  (Optional) A configurations for the custom privacy policy of the brand. `custom_privacy_policy` block as defined below.
+    (Optional) `enabled` - Whether to use custom privacy policy. Defaults to `false`.
+    (Optional) `url` - The url of the custom privacy policy.
+  EOF
+  type = object({
+    enabled = optional(bool, false)
+    url     = optional(string)
+  })
+  default  = {}
+  nullable = false
+
+  validation {
+    condition = anytrue([
+      !var.custom_privacy_policy.enabled,
+      var.custom_privacy_policy.enabled && var.custom_privacy_policy.url != null
+    ])
+    error_message = "The value of `url` should be provided if the custom privacy policy is enabled."
+  }
+}
+
+variable "powered_by_okta" {
+  description = <<EOF
+  (Optional) Whether "Powered by Okta" appears in any visible footers. Defaults to `false`.
+  EOF
+  type        = bool
+  default     = false
+  nullable    = false
+}

modules/brand/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.6"
+
+  required_providers {
+    okta = {
+      source  = "okta/okta"
+      version = ">= 4.8"
+    }
+  }
+}