Update AWS cloud host credentials (#136)

* Add AWS Host Crendential support

* Remove debug logging

Author: martezr

CHANGELOG.md

@@ -1,7 +1,10 @@
 ## UNRELEASED
 
+## 0.9.3 (June 13, 2023)
+
 NOTES:
 
+* Updated the `aws_cloud` resource to add support for using host IAM credentials when authenticating to the cloud. [#103](https://github.com/gomorpheus/terraform-provider-morpheus/issues/103) 
 * Updated the `api_option_list`, `manual_option_list`, and `rest_option_list` resources to better handle the difference in the payload returned from the API and the payload defined by Terraform. The payloads are now being compared after a trim operation has been performed on the payload passed by Terraform to address cases in which a HEREDOC is used that includes additional spacing for readability. [#128](https://github.com/gomorpheus/terraform-provider-morpheus/issues/128)
 * Updated the `vsphere_cloud` resource to support importing existing VMware vSphere cloud integrations. [#129](https://github.com/gomorpheus/terraform-provider-morpheus/issues/129)
 * Updated the logic for setting the state for the `provisioning_workflow` resource to properly account for the API returning the tasks in API versions prior to 5.5.x in an out of order sequence. This resulted in an inconsistent state and plans constantly indicating that there were changes to be made despite the real configuration not chaning. [#116](https://github.com/gomorpheus/terraform-provider-morpheus/issues/116)

docs/guides/getting_started.md

@@ -25,7 +25,7 @@ terraform {
   required_providers {
     morpheus = {
       source  = "gomorpheus/morpheus"
-      version = "0.9.2"
+      version = "0.9.3"
     }
   }
 }
@@ -59,9 +59,9 @@ $ terraform init
 Initializing the backend...
 
 Initializing provider plugins...
-- Finding morpheusdata.com/gomorpheus/morpheus versions matching "0.9.0"...
-- Installing morpheusdata.com/gomorpheus/morpheus v0.9.0...
-- Installed morpheusdata.com/gomorpheus/morpheus v0.9.0 (unauthenticated)
+- Finding morpheusdata.com/gomorpheus/morpheus versions matching "0.9.3"...
+- Installing morpheusdata.com/gomorpheus/morpheus v0.9.3...
+- Installed morpheusdata.com/gomorpheus/morpheus v0.9.3 (unauthenticated)
 
 Terraform has created a lock file .terraform.lock.hcl to record the provider
 selections it made above. Include this file in your version control repository

docs/index.md

@@ -25,7 +25,7 @@ terraform {
   required_providers {
     morpheus = {
       source  = "gomorpheus/morpheus"
-      version = "0.9.2"
+      version = "0.9.3"
     }
   }
 }

docs/resources/aws_cloud.md

@@ -94,6 +94,7 @@ resource "morpheus_aws_cloud" "tf_example_aws_cloud" {
 - `tenant_id` (String) The id of the morpheus tenant the cloud is assigned to
 - `time_zone` (String) The time zone for the cloud
 - `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
+- `use_host_iam_credentials` (Boolean) Whether to use the IAM profile associated with the Morpheus server or not
 - `visibility` (String) Determines whether the cloud is visible in sub-tenants or not
 - `vpc` (String) The VPC ID for a specific VPC (all or the AWS VPC id (vpc-25e6dae))
 

examples/guides/getting_started/provider.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     morpheus = {
       source  = "gomorpheus/morpheus"
-      version = "0.9.2"
+      version = "0.9.3"
     }
   }
 }

examples/provider/provider.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     morpheus = {
       source  = "gomorpheus/morpheus"
-      version = "0.9.2"
+      version = "0.9.3"
     }
   }
 }

morpheus/resource_aws_cloud.go

@@ -117,14 +117,13 @@ func resourceAWSCloud() *schema.Resource {
 				Optional:    true,
 				Computed:    true,
 			},
-			/* AWAITING SDK SUPPORT
 			"use_host_iam_credentials": {
-				Description: "Whether to use the IAM profile associated with the Morpheus server or not",
-				Type:        schema.TypeBool,
-				Optional:    true,
-				Computed:    true,
+				Description:   "Whether to use the IAM profile associated with the Morpheus server or not",
+				Type:          schema.TypeBool,
+				Optional:      true,
+				Computed:      true,
+				ConflictsWith: []string{"access_key", "secret_key"},
 			},
-			*/
 			"inventory": {
 				Type:         schema.TypeString,
 				Description:  "Whether to import existing virtual machines (off, basic, full)",
@@ -224,6 +223,11 @@ func resourceAWSCloudCreate(ctx context.Context, d *schema.ResourceData, meta in
 		config["secretKey"] = d.Get("secret_key").(string)
 	}
 
+	if d.Get("use_host_iam_credentials").(bool) {
+		config["useHostCredentials"] = "on"
+	} else {
+		config["useHostCredentials"] = "off"
+	}
 	config["stsAssumeRole"] = d.Get("role_arn").(string)
 
 	cloud["inventoryLevel"] = d.Get("inventory").(string)
@@ -273,7 +277,7 @@ func resourceAWSCloudCreate(ctx context.Context, d *schema.ResourceData, meta in
 	cloudOutput := result.Cloud
 
 	stateConf := &resource.StateChangeConf{
-		Pending: []string{"initializing"},
+		Pending: []string{"initializing", "syncing"},
 		Target:  []string{"ok"},
 		Refresh: func() (interface{}, string, error) {
 			cloudDetails, err := client.GetCloud(cloudOutput.ID, &morpheus.Request{})
@@ -286,7 +290,7 @@ func resourceAWSCloudCreate(ctx context.Context, d *schema.ResourceData, meta in
 		},
 		Timeout:      1 * time.Hour,
 		MinTimeout:   1 * time.Minute,
-		Delay:        3 * time.Minute,
+		Delay:        1 * time.Minute,
 		PollInterval: 1 * time.Minute,
 	}
 
@@ -351,6 +355,11 @@ func resourceAWSCloudRead(ctx context.Context, d *schema.ResourceData, meta inte
 		d.Set("credential_id", cloud.Credential.ID)
 		d.Set("access_key", cloud.Config.AccessKey)
 		d.Set("secret_key", cloud.Config.SecretKeyHash)
+		if cloud.Config.UseHostCredentials == "" {
+			d.Set("use_host_iam_credentials", false)
+		} else {
+			d.Set("use_host_iam_credentials", true)
+		}
 		d.Set("role_arn", cloud.Config.StsAssumeRole)
 		d.Set("inventory", cloud.InventoryLevel)
 		if cloud.Config.VPC == "" {
@@ -408,6 +417,11 @@ func resourceAWSCloudUpdate(ctx context.Context, d *schema.ResourceData, meta in
 		config["secretKey"] = d.Get("secret_key").(string)
 	}
 
+	if d.Get("use_host_iam_credentials").(bool) {
+		config["useHostCredentials"] = "on"
+	} else {
+		config["useHostCredentials"] = "off"
+	}
 	config["stsAssumeRole"] = d.Get("role_arn").(string)
 
 	cloud["inventoryLevel"] = d.Get("inventory").(string)

templates/guides/getting_started.md.tmpl

@@ -37,9 +37,9 @@ $ terraform init
 Initializing the backend...
 
 Initializing provider plugins...
-- Finding morpheusdata.com/gomorpheus/morpheus versions matching "0.9.0"...
-- Installing morpheusdata.com/gomorpheus/morpheus v0.9.0...
-- Installed morpheusdata.com/gomorpheus/morpheus v0.9.0 (unauthenticated)
+- Finding morpheusdata.com/gomorpheus/morpheus versions matching "0.9.3"...
+- Installing morpheusdata.com/gomorpheus/morpheus v0.9.3...
+- Installed morpheusdata.com/gomorpheus/morpheus v0.9.3 (unauthenticated)
 
 Terraform has created a lock file .terraform.lock.hcl to record the provider
 selections it made above. Include this file in your version control repository