diff --git a/README.md b/README.md index b89d891..9ba1b91 100644 --- a/README.md +++ b/README.md @@ -19,12 +19,7 @@ module "datadog_users" { users = [ { - access_roles = { - "datadog" = { - enabled = true, - role = "standard" - }, - }, + roles = ["standard"], email = "jane.smith@example.com", name = "Jane Smith", role = "Editor", @@ -63,7 +58,6 @@ sops example.yaml | ------------------------------------------------------------------------ | ------- | | [terraform](#requirement_terraform) | >= 1.3 | | [datadog](#requirement_datadog) | >= 3.14 | -| [sops](#requirement_sops) | >= 0.5 | ## Providers @@ -86,9 +80,9 @@ No modules. ## Inputs -| Name | Description | Type | Default | Required | -| ------------------------------------------------ | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------- | :------: | -| [users](#input_users) | n/a |
list(object({| n/a | yes | +| Name | Description | Type | Default | Required | +| ------------------------------------------------ | ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | :------: | +| [users](#input_users) | n/a |
access_roles = map(any)
disabled = optional(bool, false)
email = string
name = string
role = string
send_user_invitation = optional(bool, true)
username = string
}))
list(object({| n/a | yes | ## Outputs diff --git a/examples/complete/example.yaml b/examples/complete/example.yaml index 1a63f89..7488992 100644 --- a/examples/complete/example.yaml +++ b/examples/complete/example.yaml @@ -1,5 +1,5 @@ -datadog_api_key: ENC[AES256_GCM,data:cGxuKLw01YXMzg==,iv:sqCip8ibQM10cZqPlb3H9xRojvtD45RU5ZP+3WmlWFQ=,tag:wyIH0RnYdraYyFl3BlGEhw==,type:int] -datadog_app_key: ENC[AES256_GCM,data:tjZKfOL4Keulow==,iv:qaVRDuuDa5EY/dvqg1eH5ZtBcuvAIdyRO2FItl+7Rok=,tag:EUql9eObFKKtolab/Zi1MA==,type:int] +datadog_api_key: ENC[AES256_GCM,data:i3Scnwrz2EX87g==,iv:fHkcmMN3lVzxNVuQqdrTe6tV1gNGLdeb+Hks9CFC+3k=,tag:2+jWdi+WJO7iIOOwvjtHog==,type:int] +datadog_app_key: ENC[AES256_GCM,data:mOBHdrNr4QrVgw==,iv:DCRSQgpnPflxGLIMKcuUTFBe2vrGadul5FoQ8Wn+fcE=,tag:6nfD4HFN8tPiu6iBU3fTTg==,type:int] sops: kms: [] gcp_kms: [] @@ -15,8 +15,8 @@ sops: ejRyZCthYkxvcnN0bHRJVG5RZlo1UEEKDoY/9Bf5OnbMQoOk7wdsTMhTHfmVLHUz bYEgOsOwxlL+YEgme0vRFhL3MXGCRJwZISDdGTkFFYz0Rfp4CWksew== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-03-05T18:39:37Z" - mac: ENC[AES256_GCM,data:T1ziXhQOuU7pvRVVA9kewyn5efhrrLZ1TYarfVCjF/HL09iRXTTlF0ZkRTOjyqoRoXd+0MEfaVvKlRptcE1WxoR4saOCyju+k3zVQ0i1suOvfmwueHfpZvAetClC2Bwg09iOrR+lE8wz7WnqIBkup53tshjJhpXif9TknnSP2vI=,iv:LovT/poawV4dHPAs0GkZ9tyrY/ClHPAah6xDqa67/J0=,tag:LyZaZ0cHN9namt8PvhOMdg==,type:str] + lastmodified: "2024-03-05T19:19:26Z" + mac: ENC[AES256_GCM,data:IlCs1adqZyo3PgCBag3inKG94A1qQXh4DnSYNcVHwU4JN/h0W/gdUC2/8yTTCinyoXL6Zgdva+QmvQmgWyiVBRzHLkm0/cKHNf82VSKqlYnjurU74AFsy1FYLHD2iC73sw8CCIhfDm/+NLS7Xcqmrzi6L1WEkw+zg+8tNU97Kb0=,iv:NAw88GWNh4H+duOaVGCStbSf3q8Sd+UGrBI53+s3jvY=,tag:DEmdoV1I+KODwV2ucoH1lw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/examples/complete/fixtures.auto.tfvars b/examples/complete/fixtures.auto.tfvars index 008e224..8ed366a 100644 --- a/examples/complete/fixtures.auto.tfvars +++ b/examples/complete/fixtures.auto.tfvars @@ -1,23 +1,13 @@ users = [ { - access_roles = { - "datadog" = { - enabled = true, - role = "standard" - }, - }, + roles = ["standard"], email = "john.doe@example.com", name = "John Doe", role = "Administrator", username = "johndoe" }, { - access_roles = { - "datadog" = { - enabled = true, - role = "read_only" - }, - }, + roles = ["read_only"], email = "jane.smith@example.com", name = "Jane Smith", role = "Editor", diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf index e86074f..edb1946 100644 --- a/examples/complete/variables.tf +++ b/examples/complete/variables.tf @@ -1,11 +1,15 @@ variable "users" { type = list(object({ - access_roles = map(any) disabled = optional(bool, false) email = string name = string - role = string + roles = set(string) send_user_invitation = optional(bool, true) username = string })) + + validation { + condition = alltrue([for role in flatten([for user in var.users : user.roles]) : contains(["standard", "admin", "read_only"], role)]) + error_message = "Each role must be one of 'standard', 'admin', or 'read_only'." + } } diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index b005ffc..1ed3cd6 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -2,10 +2,6 @@ terraform { required_version = "~> 1.5" required_providers { - sops = { - source = "carlpett/sops" - version = "~> 0.5" - } datadog = { source = "datadog/datadog" version = "~> 3.14" diff --git a/main.tf b/main.tf index 840c9f4..9b8d26e 100644 --- a/main.tf +++ b/main.tf @@ -12,6 +12,6 @@ resource "datadog_user" "users" { disabled = each.value.disabled email = each.value.email name = each.value.name - roles = [local.roles[each.value.access_roles["datadog"].role]] + roles = [for role in each.value.roles : local.roles[role]] send_user_invitation = each.value.send_user_invitation } diff --git a/variables.tf b/variables.tf index e86074f..edb1946 100644 --- a/variables.tf +++ b/variables.tf @@ -1,11 +1,15 @@ variable "users" { type = list(object({ - access_roles = map(any) disabled = optional(bool, false) email = string name = string - role = string + roles = set(string) send_user_invitation = optional(bool, true) username = string })) + + validation { + condition = alltrue([for role in flatten([for user in var.users : user.roles]) : contains(["standard", "admin", "read_only"], role)]) + error_message = "Each role must be one of 'standard', 'admin', or 'read_only'." + } } diff --git a/versions.tf b/versions.tf index 1cfc0e1..8bc57ef 100644 --- a/versions.tf +++ b/versions.tf @@ -2,10 +2,6 @@ terraform { required_version = ">= 1.3" required_providers { - sops = { - source = "carlpett/sops" - version = ">= 0.5" - } datadog = { source = "datadog/datadog" version = ">= 3.14"
disabled = optional(bool, false)
email = string
name = string
roles = set(string)
send_user_invitation = optional(bool, true)
username = string
}))