first commit

2021-08-12 12:22:23 +02:00 · 2021-08-12 12:22:23 +02:00 · ba60cd9029
commit ba60cd9029
12 changed files with 250 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,47 @@
+[![CircleCI](https://circleci.com/gh/devops-workflow/terraform-datadog-users.svg?style=svg)](https://circleci.com/gh/devops-workflow/terraform-datadog-users)
+
+terraform-datadog-users
+=======================
+
+Terraform module for managing Datadog users
+
+```hcl
+module "datadog-users" {
+  source  = "devops-workflow/users/datadog"
+  version = "1.0.0"
+
+  users = [
+    {
+      name   = "user1"
+      handle = "user1@example.com"
+    },
+    {
+      name     = "admin1"
+      handle   = "admin1@example.com"
+      admin    = "true"
+      disabled = "false"
+    },
+    {
+      name     = "dis1"
+      handle   = "dis1@example.com"
+      email    = "disy1@example.com"
+      disabled = "true"
+      role     = "ro"
+    },
+  ]
+}
+```
+
+User data structure is a list of maps.
+
+#### User field mappings
+
+| User Field |  Default  | Datadog Provider Field | Description |
+|:-----------|:---------:|:-----------------------|:------------|
+| admin      | `false`   | is_admin  | Make user an admin? |
+| disabled   | `false`   | disabled  | Disable user |
+| email      | `handle`  | email     | User email. Needed when user's email changed after account creation. Will default to `handle` if not provided |
+| handle     | __REQUIRED__ | handle | email handle of user |
+| name       | __REQUIRED__ | name   | User name |
+| role       | `st`      | role      | User role. Options are `st` standard, `adm` admin, `ro` read-only |
+# terraform-datadog-users
--- a/examples/README.md
+++ b/examples/README.md
@ -0,0 +1,4 @@
+
+# Example and manual test cases
+
+Each directory contains a configuration that serves as a manual test case and an example
--- a/examples/disable/README.md
+++ b/examples/disable/README.md
@ -0,0 +1 @@
+# Example: Module disabled
--- a/examples/disable/main.tf
+++ b/examples/disable/main.tf
@ -0,0 +1,5 @@
+module "disabled" {
+  source  = "../../"
+  enabled = false
+  users   = []
+}
--- a/examples/disable/outputs.tf
+++ b/examples/disable/outputs.tf
@ -0,0 +1,30 @@
+output "disabled" {
+  description = "List of user disabled status"
+  value       = "${module.disabled.disabled}"
+}
+
+output "ids" {
+  description = "List of user IDs"
+  value       = "${module.disabled.ids}"
+}
+
+output "verified" {
+  description = "List of user verified status"
+  value       = "${module.disabled.verified}"
+}
+
+output "emails" {
+  value = "${module.disabled.emails}"
+}
+
+output "handles" {
+  value = "${module.disabled.handles}"
+}
+
+output "names" {
+  value = "${module.disabled.names}"
+}
+
+output "users" {
+  value = "${module.disabled.users}"
+}
--- a/examples/users/README.md
+++ b/examples/users/README.md
@ -0,0 +1 @@
+# Example: users
--- a/examples/users/main.tf
+++ b/examples/users/main.tf
@ -0,0 +1,23 @@
+module "users" {
+  source = "../../"
+
+  users = [
+    {
+      name   = "user1"
+      handle = "user1@example.com"
+    },
+    {
+      name     = "admin1"
+      handle   = "admin1@example.com"
+      admin    = "true"
+      disabled = "false"
+    },
+    {
+      name     = "dis1"
+      handle   = "dis1@example.com"
+      email    = "disy1@example.com"
+      disabled = "false"
+      role     = "ro"
+    },
+  ]
+}
--- a/examples/users/outputs.tf
+++ b/examples/users/outputs.tf
@ -0,0 +1,30 @@
+output "disabled" {
+  description = "List of user disabled status"
+  value       = "${module.users.disabled}"
+}
+
+output "ids" {
+  description = "List of user IDs"
+  value       = "${module.users.ids}"
+}
+
+output "verified" {
+  description = "List of user verified status"
+  value       = "${module.users.verified}"
+}
+
+output "emails" {
+  value = "${module.users.emails}"
+}
+
+output "handles" {
+  value = "${module.users.handles}"
+}
+
+output "names" {
+  value = "${module.users.names}"
+}
+
+output "users" {
+  value = "${module.users.users}"
+}
--- a/main.tf
+++ b/main.tf
@ -0,0 +1,30 @@
+# terraform-datadog-users
+
+# https://www.terraform.io/docs/providers/datadog/r/user.html
+
+module "enabled" {
+  #source  = "devops-workflow/boolean/local"
+  source  = "git::git@github.com:webuildyourcloud/terraform-local-boolean.git"
+  version = "0.1.1"
+  value   = var.enabled
+}
+
+data "null_data_source" "this" {
+  count = "module.enabled.value ? length(var.users) : 0"
+
+  inputs {
+    handle = lookup(var.users[count.index], "handle")
+    email  = lookup(var.users[count.index], "email", lookup(var.users[count.index], "handle"))
+    name   = lookup(var.users[count.index], "name")
+  }
+}
+
+resource "datadog_user" "this" {
+  count    = "module.enabled.value ? length(var.users) : 0"
+  disabled = lookup(var.users[count.index], "disabled", false)
+  email    = lookup(var.users[count.index], "email", lookup(var.users[count.index], "handle"))
+  handle   = lookup(var.users[count.index], "handle")
+  is_admin = lookup(var.users[count.index], "is_admin", false)
+  name     = lookup(var.users[count.index], "name")
+  role     = lookup(var.users[count.index], "role", "st")
+}
--- a/outputs.tf
+++ b/outputs.tf
@ -0,0 +1,33 @@
+output "disabled" {
+  description = "List of user disabled status"
+  value       = compact(concat(datadog_user.this.*.disabled, list("")))
+}
+
+output "ids" {
+  description = "List of user IDs"
+  value       = compact(concat(datadog_user.this.*.id, list("")))
+}
+
+output "verified" {
+  description = "List of user verified status"
+  value       = compact(concat(datadog_user.this.*.verified, list("")))
+}
+
+output "emails" {
+  description = "List of user emails"
+  value       = compact(concat(data.null_data_source.this.*.outputs.email, list("")))
+}
+
+output "handles" {
+  description = "List of user handles"
+  value       = compact(concat(data.null_data_source.this.*.outputs.handle, list("")))
+}
+
+output "names" {
+  description = "List of user names"
+  value       = compact(concat(data.null_data_source.this.*.outputs.name, list("")))
+}
+
+output "users" {
+  value = "var.users"
+}
--- a/variables.tf
+++ b/variables.tf
@ -0,0 +1,43 @@
+variable "enabled" {
+  description = "Set to false to prevent the module from creating anything"
+  default     = true
+}
+
+variable "users" {
+  description = "List of Datadog user maps to manage"
+  type        = list(string)
+}
+
+variable "datadog_api_key" {
+  description   = "The datadog API key"
+  type          = string
+}
+
+variable "datadog_app_key" {
+  description   = "The datadog APP key"
+  type          = string
+}
+
+#variable "api_url" {
+#  description   = "Which API to Connect to, we are using the EU one for GDPR compliance"
+#  type          = string
+#  default       = "https://api.datadoghq.eu"
+#}
+#
+#variable "http_client_retry_enabled" {
+#  description   = "Enables Request retries on HTTP status codes 429 and 5xx"
+#  type          = bool
+#  default       = true
+#}
+#
+#variable "http_client_retry_timeout" {
+#  description   = "Sets the number of HTTP request retry timeout period"
+#  type          = string
+#  default       = ""
+#}
+#
+#variable "validate" {
+#  description   = "Validates the provided APP and API keys during provider initialization"
+#  type          = bool
+#  default       = true
+#}
--- a/versions.tf
+++ b/versions.tf
@ -0,0 +1,3 @@
+terraform {
+  required_version = ">= 0.13"
+}