Skip to content

Commit 69ee5d7

Browse files
authored
⭐️ new resource mondoo_iam_workload_identity_binding (#205)
* 🧹 update mondoo-go dependency * ⭐️ new resource mondoo_iam_workload_identity_binding * 📝 update example + docs * 🧹 update mondoo-go * 🔥 remove workaround, inconsistencies fixed * ✨ allow importing bindings --------- Signed-off-by: Salim Afiune Maya <afiune@mondoo.com>
1 parent fe26527 commit 69ee5d7

8 files changed

Lines changed: 463 additions & 38 deletions

File tree

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
---
2+
# generated by https://github.com/hashicorp/terraform-plugin-docs
3+
page_title: "mondoo_iam_workload_identity_binding Resource - terraform-provider-mondoo"
4+
subcategory: ""
5+
description: |-
6+
Allows management of a Mondoo Workload Identity Federation bindings.
7+
---
8+
9+
# mondoo_iam_workload_identity_binding (Resource)
10+
11+
Allows management of a Mondoo Workload Identity Federation bindings.
12+
13+
## Example Usage
14+
15+
```terraform
16+
provider "mondoo" {
17+
space = "hungry-poet-123456"
18+
}
19+
20+
resource "mondoo_iam_workload_identity_binding" "example" {
21+
name = "GitHub binding example"
22+
issuer_uri = "https://token.actions.githubusercontent.com"
23+
subject = "repo:mondoohq/server:ref:refs/heads/main"
24+
expiration = 3600
25+
}
26+
```
27+
28+
<!-- schema generated by tfplugindocs -->
29+
## Schema
30+
31+
### Required
32+
33+
- `issuer_uri` (String) URI for the token issuer, e.g. https://accounts.google.com.
34+
- `name` (String) Name of the binding.
35+
- `subject` (String) Unique identifier to confirm.
36+
37+
### Optional
38+
39+
- `allowed_audiences` (List of String) List of allowed audiences.
40+
- `description` (String) Description of the binding.
41+
- `expiration` (Number) Expiration in seconds associated with the binding.
42+
- `mappings` (Map of String) List of additional configurations to confirm.
43+
- `roles` (List of String) List of roles associated with the binding (e.g. agent mrn).
44+
- `space_id` (String) Mondoo space identifier. If there is no ID, the provider space is used.
45+
46+
### Read-Only
47+
48+
- `mrn` (String) The Mondoo resource name (MRN) of the created binding.
Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
terraform {
2+
required_providers {
3+
mondoo = {
4+
source = "mondoohq/mondoo"
5+
version = ">= 0.19"
6+
}
7+
}
8+
}
Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
provider "mondoo" {
2+
space = "hungry-poet-123456"
3+
}
4+
5+
resource "mondoo_iam_workload_identity_binding" "example" {
6+
name = "GitHub binding example"
7+
issuer_uri = "https://token.actions.githubusercontent.com"
8+
subject = "repo:mondoohq/server:ref:refs/heads/main"
9+
expiration = 3600
10+
}

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ require (
1414
github.com/hashicorp/terraform-plugin-testing v1.11.0
1515
github.com/stretchr/testify v1.10.0
1616
go.mondoo.com/cnquery/v11 v11.37.1
17-
go.mondoo.com/mondoo-go v0.0.0-20250108144440-673a4fac8289
17+
go.mondoo.com/mondoo-go v0.0.0-20250129071639-c3de624e0c5a
1818
gopkg.in/yaml.v2 v2.4.0
1919
)
2020

go.sum

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -610,8 +610,10 @@ go.etcd.io/etcd/client/pkg/v3 v3.5.4/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3
610610
go.etcd.io/etcd/client/v3 v3.5.4/go.mod h1:ZaRkVgBZC+L+dLCjTcF1hRXpgZXQPOvnA/Ak/gq3kiY=
611611
go.mondoo.com/cnquery/v11 v11.37.1 h1:bzM4o7+k/WGrqFHaY0t1aUZjVG+ufOL8BwEphoFiL6w=
612612
go.mondoo.com/cnquery/v11 v11.37.1/go.mod h1:Fy0e1XJzZgtQyRAuPzoEapfxB2G5DjwWagJAPqKT/Ks=
613-
go.mondoo.com/mondoo-go v0.0.0-20250108144440-673a4fac8289 h1:D47xahKosrO4gjRtjnBte3tlHbtDAGYkEWyPXheRaac=
614-
go.mondoo.com/mondoo-go v0.0.0-20250108144440-673a4fac8289/go.mod h1:dGj5d8BoLzVppdYI2k0Oay9pcg7bqsCYbyiBH9uhKGc=
613+
go.mondoo.com/mondoo-go v0.0.0-20250127074240-22a812af6d20 h1:RkZ6b/BOuVVWn4vS+0e4Tv0G9MP0L4hZLvgEs+2ESmg=
614+
go.mondoo.com/mondoo-go v0.0.0-20250127074240-22a812af6d20/go.mod h1:0HMHhLaS0V1himFIJQxABmvqEAdWv1NUScXpSjrhxqo=
615+
go.mondoo.com/mondoo-go v0.0.0-20250129071639-c3de624e0c5a h1:DtwCDuKcXUVJZyKni8TlkxxlFdutPVK6JFCldIuq8cw=
616+
go.mondoo.com/mondoo-go v0.0.0-20250129071639-c3de624e0c5a/go.mod h1:0HMHhLaS0V1himFIJQxABmvqEAdWv1NUScXpSjrhxqo=
615617
go.mondoo.com/ranger-rpc v0.6.5 h1:KKoeTGPonJI3T6lrT9oxdH9eNlZC6pdqYvsuWZWyB6w=
616618
go.mondoo.com/ranger-rpc v0.6.5/go.mod h1:kwPJSYj32vZJjWoQSKEao5YoUO/ZRcjVGxBOL4tApf0=
617619
go.mongodb.org/mongo-driver v1.10.0 h1:UtV6N5k14upNp4LTduX0QCufG124fSu25Wz9tu94GLg=

internal/provider/gql.go

Lines changed: 1 addition & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -223,40 +223,6 @@ type SpaceReportPayload struct {
223223
SpaceReport SpaceReport
224224
}
225225

226-
func (c *ExtendedGqlClient) GetPolicySpaceReport(ctx context.Context, spaceMrn string) (*[]Policy, error) {
227-
// Define the query struct according to the provided query
228-
var spaceReportQuery struct {
229-
Report struct {
230-
SpaceReport SpaceReport `graphql:"... on SpaceReport"`
231-
} `graphql:"spaceReport(input: $input)"`
232-
}
233-
// Define the input variable according to the provided query
234-
input := mondoov1.SpaceReportInput{
235-
SpaceMrn: mondoov1.String(spaceMrn),
236-
}
237-
238-
variables := map[string]interface{}{
239-
"input": input,
240-
}
241-
242-
tflog.Trace(ctx, "GetSpaceReportInput", map[string]interface{}{
243-
"input": fmt.Sprintf("%+v", input),
244-
})
245-
246-
// Execute the query
247-
err := c.Query(ctx, &spaceReportQuery, variables)
248-
if err != nil {
249-
return nil, err
250-
}
251-
252-
var policies []Policy
253-
for _, edges := range spaceReportQuery.Report.SpaceReport.PolicyReportSummaries.Edges {
254-
policies = append(policies, edges.Node.Policy)
255-
}
256-
257-
return &policies, nil
258-
}
259-
260226
type ContentInput struct {
261227
ScopeMrn string
262228
CatalogType string
@@ -467,7 +433,7 @@ func (c *ExtendedGqlClient) CreateIntegration(ctx context.Context, spaceMrn, nam
467433
ConfigurationOptions: opts,
468434
}
469435

470-
tflog.Trace(ctx, "CreateSpaceInput", map[string]interface{}{
436+
tflog.Trace(ctx, "CreateClientIntegrationInput", map[string]interface{}{
471437
"input": fmt.Sprintf("%+v", createInput),
472438
})
473439

0 commit comments

Comments
 (0)