Skip to content

Commit

Permalink
update az OIDC docs (OctopusDeployLabs#585)
Browse files Browse the repository at this point in the history
fixed index.md template
  • Loading branch information
benPearce1 authored Feb 12, 2024
1 parent 38bbefc commit 66a300b
Show file tree
Hide file tree
Showing 6 changed files with 52 additions and 31 deletions.
31 changes: 26 additions & 5 deletions docs/resources/azure_openid_connect.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,20 @@ description: |-

This resource manages Azure OpenID Connect accounts in Octopus Deploy.


## Example Usage

```terraform
resource "octopusdeploy_azure_openid_connect" "example" {
application_id = "00000000-0000-0000-0000-000000000000"
name = "Azure OpenID Connect Account (OK to Delete)"
subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
execution_subject_keys = ["space", "project"]
health_subject_keys = ["space", "target", "type"]
account_test_subject_keys = ["space", "type"]
audience = "api://AzureADTokenExchange"
}
```

<!-- schema generated by tfplugindocs -->
## Schema
Expand All @@ -24,17 +37,25 @@ This resource manages Azure OpenID Connect accounts in Octopus Deploy.

### Optional

- `account_test_subject_keys` (List of String)
- `audience` (String)
- `account_test_subject_keys` (List of String) Keys to include in an account test. Valid options are: `space`, `account`, `type`
- `audience` (String) Federated credentials audience, this value is used to establish a connection between external workload identities and Microsoft Entra ID.
- `authentication_endpoint` (String) The authentication endpoint URI for this resource.
- `azure_environment` (String) The Azure environment associated with this resource. Valid Azure environments are `AzureCloud`, `AzureChinaCloud`, `AzureGermanCloud`, or `AzureUSGovernment`.
- `description` (String) The description of this Azure OpenID Connect account.
- `environments` (List of String) A list of environment IDs associated with this resource.
- `execution_subject_keys` (List of String)
- `health_subject_keys` (List of String)
- `execution_subject_keys` (List of String) Keys to include in a deployment or runbook. Valid options are `space`, `environment`, `project`, `tenant`, `runbook`, `account`, `type`
- `health_subject_keys` (List of String) Keys to include in a health check. Valid options are `space`, `account`, `target`, `type`
- `id` (String) The unique ID for this resource.
- `resource_manager_endpoint` (String) The resource manager endpoint URI for this resource.
- `space_id` (String) The space ID associated with this resource.
- `tenant_tags` (List of String) A list of tenant tags associated with this resource.
- `tenanted_deployment_participation` (String) The tenanted deployment mode of the resource. Valid account types are `Untenanted`, `TenantedOrUntenanted`, or `Tenanted`.
- `tenants` (List of String) A list of tenant IDs associated with this resource.

## Import

Import is supported using the following syntax:

```shell
terraform import [options] octopusdeploy_azure_openid_connect.<name> <account-id>
```
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
terraform import [options] octopusdeploy_azure_openid_connect.<name> <account-id>
10 changes: 10 additions & 0 deletions examples/resources/octopusdeploy_azure_openid_connect/resource.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
resource "octopusdeploy_azure_openid_connect" "example" {
application_id = "00000000-0000-0000-0000-000000000000"
name = "Azure OpenID Connect Account (OK to Delete)"
subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
execution_subject_keys = ["space", "project"]
health_subject_keys = ["space", "target", "type"]
account_test_subject_keys = ["space", "type"]
audience = "api://AzureADTokenExchange"
}
6 changes: 3 additions & 3 deletions octopusdeploy/schema_azure_oidc_account.go
Original file line number Diff line number Diff line change
Expand Up @@ -91,9 +91,9 @@ func getAzureOpenIdConnectAccountSchema() map[string]*schema.Schema {
"tenants": getTenantsSchema(),
"tenant_id": getTenantIDSchema(true),
"tenant_tags": getTenantTagsSchema(),
"execution_subject_keys": getSubjectKeysSchema(),
"health_subject_keys": getSubjectKeysSchema(),
"account_test_subject_keys": getSubjectKeysSchema(),
"execution_subject_keys": getSubjectKeysSchema("Keys to include in a deployment or runbook. Valid options are `space`, `environment`, `project`, `tenant`, `runbook`, `account`, `type`"),
"health_subject_keys": getSubjectKeysSchema("Keys to include in a health check. Valid options are `space`, `account`, `target`, `type`"),
"account_test_subject_keys": getSubjectKeysSchema("Keys to include in an account test. Valid options are: `space`, `account`, `type`"),
"audience": getOidcAudienceSchema(),
}
}
Expand Down
15 changes: 9 additions & 6 deletions octopusdeploy/schema_utilities.go
Original file line number Diff line number Diff line change
Expand Up @@ -453,17 +453,20 @@ func setDataSchema(schema *map[string]*schema.Schema) {
}
}

func getSubjectKeysSchema() *schema.Schema {
func getSubjectKeysSchema(description string) *schema.Schema {

return &schema.Schema{
Optional: true,
Type: schema.TypeList,
Elem: &schema.Schema{Type: schema.TypeString},
Optional: true,
Description: description,
Type: schema.TypeList,
Elem: &schema.Schema{Type: schema.TypeString},
}
}

func getOidcAudienceSchema() *schema.Schema {
return &schema.Schema{
Optional: true,
Type: schema.TypeString,
Description: "Federated credentials audience, this value is used to establish a connection between external workload identities and Microsoft Entra ID.",
Optional: true,
Type: schema.TypeString,
}
}
20 changes: 3 additions & 17 deletions templates/index.md.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ provider "octopusdeploy" {

### Multiple Spaces

To manage resources in multiple spaces you can use multiple instances of the provider with [aliases](https://www.terraform.io/docs/configuration/providers.html#alias-multiple-provider-instances) like so:
To manage resources in multiple spaces you can specify the space_id on the resource directly:

```terraform
provider "octopusdeploy" "unscoped" {
Expand All @@ -82,25 +82,11 @@ data "octopusdeploy_space" "support" {
name = "Support"
}

provider "octopusdeploy" {
alias = "space_support"
address = "https://octopus.example.com"
api_key = "API-XXXXXXXXXXXXX"
space_id = data.octopusdeploy_space.support.id
}

data "octopusdeploy_space" "dev" {
provider = octopusdeploy.unscoped
name = "Product Development"
}

provider "octopusdeploy" {
alias = "space_product_development"
address = "https://octopus.example.com"
api_key = "API-XXXXXXXXXXXXX"
space_id = data.octopusdeploy_space.dev.id
}

/*
This resource will use the default provider and the default space
*/
Expand All @@ -113,7 +99,7 @@ This resource will use the provider aliased as "space_support"
which is scoped to the space with the name, "support".
*/
resource "octopusdeploy_environment" "Env2" {
provider = "octopusdeploy.space_support"
space_id = data.octopusdeploy_space.support.id
name = "TestEnv2"
}

Expand All @@ -122,7 +108,7 @@ This resource will use the provider aliased as "space_product_development"
which is scoped to the space named "Product Development".
*/
resource "octopusdeploy_environment" "Env3" {
provider = "octopusdeploy.space_product_development"
space_id = data.octopusdeploy_space.dev.id
name = "TestEnv3"
}
```
Expand Down

0 comments on commit 66a300b

Please sign in to comment.