docs(provider): update comprehensive user resource documentation

Author: B3ns44d

docs/data-sources/user.md

@@ -27,7 +27,7 @@ terraform {
 # Configure the provider for local Redis
 provider "redisacl" {
   address  = "localhost:6379"
-  username = "redis" # Change this to your Redis username
+  username = "redis"               # Change this to your Redis username
   password = "your-redis-password" # Change this to your Redis password
 }
 

docs/index.md

@@ -26,7 +26,7 @@ terraform {
 # Configure the provider for local Redis
 provider "redisacl" {
   address  = "localhost:6379"
-  username = "redis" # Change this to your Redis username
+  username = "redis"               # Change this to your Redis username
   password = "your-redis-password" # Change this to your Redis password
 }
 

docs/resources/user.md

@@ -0,0 +1,174 @@
+---
+page_title: "redisacl_user Resource - redisacl"
+subcategory: ""
+description: |-
+  Manages a Redis ACL user.
+---
+
+# redisacl_user (Resource)
+
+Manages a Redis ACL user.
+
+## Example Usage
+
+```terraform
+# Basic Redis ACL User Management Example
+# This example demonstrates basic user creation and management
+
+terraform {
+  required_providers {
+    redisacl = {
+      source  = "B3ns44d/redisacl"
+      version = "1.0.1"
+    }
+  }
+}
+
+# Configure the provider for local Redis
+provider "redisacl" {
+  address  = "localhost:6379"
+  username = "redis"               # Change this to your Redis username
+  password = "your-redis-password" # Change this to your Redis password
+}
+
+# Create a read-only user for applications
+resource "redisacl_user" "readonly_app" {
+  name      = "readonly-app"
+  enabled   = true
+  passwords = ["app-readonly-password"]
+
+  # Allow access to application keys only
+  keys = "~app:* ~cache:*"
+
+  # Allow all pub/sub channels
+  channels = "&*"
+
+  # Only allow read operations
+  commands = "+@read -@write -@dangerous"
+}
+
+# Create a write user for data ingestion
+resource "redisacl_user" "write_app" {
+  name      = "write-app"
+  enabled   = true
+  passwords = ["app-write-password"]
+
+  # Allow access to specific key patterns
+  keys = "~data:* ~temp:*"
+
+  # Allow specific pub/sub channels
+  channels = "&notifications:* &events:*"
+
+  # Allow read and write, but not dangerous operations
+  commands = "+@read +@write -@dangerous"
+}
+
+# Create an admin user with full access
+resource "redisacl_user" "admin" {
+  name      = "admin-user"
+  enabled   = true
+  passwords = ["secure-admin-password"]
+
+  # Full access to all keys and channels
+  keys     = "~*"
+  channels = "&*"
+  commands = "+@all"
+
+  # Allow self-modification (needed for admin operations)
+  allow_self_mutation = true
+}
+
+# Create a monitoring user with limited access
+resource "redisacl_user" "monitoring" {
+  name      = "monitoring-user"
+  enabled   = true
+  passwords = ["monitoring-password"]
+
+  # No key access needed for monitoring
+  keys = "~"
+
+  # No pub/sub access needed
+  channels = "&"
+
+  # Only allow monitoring and info commands
+  commands = "+ping +info +client +config|get +memory +latency +slowlog"
+}
+
+# Data source to read the default user
+data "redisacl_user" "default" {
+  name = "default"
+}
+
+# Data source to list all users
+data "redisacl_users" "all" {}
+
+# Outputs
+output "default_user_info" {
+  description = "Information about the default Redis user"
+  value = {
+    enabled  = data.redisacl_user.default.enabled
+    keys     = data.redisacl_user.default.keys
+    commands = data.redisacl_user.default.commands
+  }
+}
+
+output "all_users" {
+  description = "List of all Redis ACL users"
+  value = [for user in data.redisacl_users.all.users : {
+    name    = user.name
+    enabled = user.enabled
+  }]
+}
+
+output "created_users" {
+  description = "Information about created users"
+  value = {
+    readonly_app = {
+      name = redisacl_user.readonly_app.name
+      keys = redisacl_user.readonly_app.keys
+    }
+    write_app = {
+      name = redisacl_user.write_app.name
+      keys = redisacl_user.write_app.keys
+    }
+    admin = {
+      name = redisacl_user.admin.name
+    }
+    monitoring = {
+      name = redisacl_user.monitoring.name
+    }
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) The name of the user.
+
+### Optional
+
+- `allow_self_mutation` (Boolean) Whether to allow the user to modify itself.
+- `channels` (String) The channel patterns the user has access to (space-separated if multiple).
+- `commands` (String) The commands the user can execute (space-separated).
+- `enabled` (Boolean) Whether the user is enabled.
+- `keys` (String) The key patterns the user has access to (space-separated if multiple).
+- `passwords` (List of String, Sensitive) A list of passwords for the user.
+- `selectors` (List of String) A list of selectors for the user (each a string of space-separated rules).
+
+### Read-Only
+
+- `id` (String) The ID of the user (same as name).
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+# Redis ACL users can be imported using their username
+terraform import redisacl_user.example username
+```
+
+**Note:** When importing a Redis ACL user, the `passwords` field will be empty in the Terraform state for security reasons. You'll need to set the passwords in your configuration after import.

examples/basic-usage/main.tf

@@ -13,7 +13,7 @@ terraform {
 # Configure the provider for local Redis
 provider "redisacl" {
   address  = "localhost:6379"
-  username = "redis" # Change this to your Redis username
+  username = "redis"               # Change this to your Redis username
   password = "your-redis-password" # Change this to your Redis password
 }