Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds LDAP user and group policy attachment resources #581

Merged
merged 5 commits into from
Aug 30, 2024
Merged

Adds LDAP user and group policy attachment resources #581

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
68bb410
Adds resource: minio_iam_ldap_group_policy_attachment
ngharo Aug 23, 2024
e4a79d4
Rename group_name attribute to group_dn
ngharo Aug 23, 2024
44e9f2e
Generate documentation
ngharo Aug 30, 2024
1179554
Remove LDAP example from iam_user_policy_attachment
ngharo Aug 30, 2024
8eb50f2
Fix lint issue with capitalized strings
felladrin Aug 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 1 addition & 9 deletions docs/resources/iam_group_policy_attachment.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ resource "minio_iam_group" "developer" {
name = "developer"
}

resource "minio_iam_group_policy" "test_policy" {
resource "minio_iam_policy" "test_policy" {
name = "state-terraform-s3"
policy = <<EOF
{
Expand Down Expand Up @@ -51,14 +51,6 @@ output "minio_users" {
output "minio_group" {
value = minio_iam_group_policy_attachment.developer.policy_name
}


# Example using an LDAP Group instead of a static MinIO group

resource "minio_iam_group_policy_attachment" "developer" {
user_name = "OU=Unit,DC=example,DC=com"
policy_name = "${minio_iam_policy.test_policy.id}"
}
```

<!-- schema generated by tfplugindocs -->
Expand Down
56 changes: 56 additions & 0 deletions docs/resources/iam_ldap_group_policy_attachment.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "minio_iam_ldap_group_policy_attachment Resource - terraform-provider-minio"
subcategory: ""
description: |-
Attaches LDAP group to a policy. Can be used against both built-in and user-defined policies.
---

# minio_iam_ldap_group_policy_attachment (Resource)

Attaches LDAP group to a policy. Can be used against both built-in and user-defined policies.

## Example Usage

```terraform
resource "minio_iam_policy" "test_policy" {
name = "state-terraform-s3"
policy = <<EOF
{
"Version":"2012-10-17",
"Statement": [
{
"Sid":"ListAllBucket",
"Effect": "Allow",
"Action": ["s3:PutObject"],
"Principal":"*",
"Resource": "arn:aws:s3:::state-terraform-s3/*"
}
]
}
EOF
}

resource "minio_iam_ldap_group_policy_attachment" "developer" {
group_dn = "CN=terraform-user,OU=Unit,DC=example,DC=com"
policy_name = minio_iam_policy.test_policy.id
}

# Example using a builtin policy
resource "minio_iam_ldap_group_policy_attachment" "admins" {
group_dn = "CN=minioadmins-admins,OU=Unit,DC=example,DC=com"
policy_name = "consoleAdmin"
}
```

<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `group_dn` (String) The distinguished name (dn) of group to attach policy to
- `policy_name` (String) Name of policy to attach to group

### Read-Only

- `id` (String) The ID of this resource.
56 changes: 56 additions & 0 deletions docs/resources/iam_ldap_user_policy_attachment.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "minio_iam_ldap_user_policy_attachment Resource - terraform-provider-minio"
subcategory: ""
description: |-
Attaches LDAP user to a policy. Can be used against both built-in and user-defined policies.
---

# minio_iam_ldap_user_policy_attachment (Resource)

Attaches LDAP user to a policy. Can be used against both built-in and user-defined policies.

## Example Usage

```terraform
resource "minio_iam_policy" "test_policy" {
name = "state-terraform-s3"
policy = <<EOF
{
"Version":"2012-10-17",
"Statement": [
{
"Sid":"ListAllBucket",
"Effect": "Allow",
"Action": ["s3:PutObject"],
"Principal":"*",
"Resource": "arn:aws:s3:::state-terraform-s3/*"
}
]
}
EOF
}

resource "minio_iam_ldap_user_policy_attachment" "developer" {
user_dn = "CN=developer,OU=Unit,DC=example,DC=com"
policy_name = minio_iam_policy.test_policy.id
}

# Example using a builtin policy
resource "minio_iam_ldap_user_policy_attachment" "admins" {
user_dn = "CN=admin,OU=Unit,DC=example,DC=com"
policy_name = "consoleAdmin"
}
```

<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `policy_name` (String) Name of policy to attach to user
- `user_dn` (String) The dn of user to attach policy to

### Read-Only

- `id` (String) The ID of this resource.
7 changes: 0 additions & 7 deletions docs/resources/iam_user_policy_attachment.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,13 +51,6 @@ output "minio_users" {
output "minio_group" {
value = minio_iam_user_policy_attachment.developer.policy_name
}

# Example using an LDAP User instead of a static MinIO group

resource "minio_iam_user_policy_attachment" "developer" {
user_name = "CN=My User,OU=Unit,DC=example,DC=com"
policy_name = minio_iam_policy.test_policy.id
}
```

<!-- schema generated by tfplugindocs -->
Expand Down
10 changes: 1 addition & 9 deletions examples/resources/minio_iam_group_policy_attachment/resource.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ resource "minio_iam_group" "developer" {
name = "developer"
}

resource "minio_iam_group_policy" "test_policy" {
resource "minio_iam_policy" "test_policy" {
name = "state-terraform-s3"
policy = <<EOF
{
Expand Down Expand Up @@ -36,11 +36,3 @@ output "minio_users" {
output "minio_group" {
value = minio_iam_group_policy_attachment.developer.policy_name
}


# Example using an LDAP Group instead of a static MinIO group

resource "minio_iam_group_policy_attachment" "developer" {
user_name = "OU=Unit,DC=example,DC=com"
policy_name = "${minio_iam_policy.test_policy.id}"
}
28 changes: 28 additions & 0 deletions examples/resources/minio_iam_ldap_group_policy_attachment/resource.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
resource "minio_iam_policy" "test_policy" {
name = "state-terraform-s3"
policy = <<EOF
{
"Version":"2012-10-17",
"Statement": [
{
"Sid":"ListAllBucket",
"Effect": "Allow",
"Action": ["s3:PutObject"],
"Principal":"*",
"Resource": "arn:aws:s3:::state-terraform-s3/*"
}
]
}
EOF
}

resource "minio_iam_ldap_group_policy_attachment" "developer" {
group_dn = "CN=terraform-user,OU=Unit,DC=example,DC=com"
policy_name = minio_iam_policy.test_policy.id
}

# Example using a builtin policy
resource "minio_iam_ldap_group_policy_attachment" "admins" {
group_dn = "CN=minioadmins-admins,OU=Unit,DC=example,DC=com"
policy_name = "consoleAdmin"
}
28 changes: 28 additions & 0 deletions examples/resources/minio_iam_ldap_user_policy_attachment/resource.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
resource "minio_iam_policy" "test_policy" {
name = "state-terraform-s3"
policy = <<EOF
{
"Version":"2012-10-17",
"Statement": [
{
"Sid":"ListAllBucket",
"Effect": "Allow",
"Action": ["s3:PutObject"],
"Principal":"*",
"Resource": "arn:aws:s3:::state-terraform-s3/*"
}
]
}
EOF
}

resource "minio_iam_ldap_user_policy_attachment" "developer" {
user_dn = "CN=developer,OU=Unit,DC=example,DC=com"
policy_name = minio_iam_policy.test_policy.id
}

# Example using a builtin policy
resource "minio_iam_ldap_user_policy_attachment" "admins" {
user_dn = "CN=admin,OU=Unit,DC=example,DC=com"
policy_name = "consoleAdmin"
}
7 changes: 0 additions & 7 deletions examples/resources/minio_iam_user_policy_attachment/resource.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,3 @@ output "minio_users" {
output "minio_group" {
value = minio_iam_user_policy_attachment.developer.policy_name
}

# Example using an LDAP User instead of a static MinIO group

resource "minio_iam_user_policy_attachment" "developer" {
user_name = "CN=My User,OU=Unit,DC=example,DC=com"
policy_name = minio_iam_policy.test_policy.id
}
2 changes: 2 additions & 0 deletions minio/provider.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,8 @@ func newProvider(envvarPrefixed ...string) *schema.Provider {
"minio_iam_user_policy_attachment": resourceMinioIAMUserPolicyAttachment(),
"minio_iam_group_policy_attachment": resourceMinioIAMGroupPolicyAttachment(),
"minio_iam_group_user_attachment": resourceMinioIAMGroupUserAttachment(),
"minio_iam_ldap_group_policy_attachment": resourceMinioIAMLDAPGroupPolicyAttachment(),
"minio_iam_ldap_user_policy_attachment": resourceMinioIAMLDAPUserPolicyAttachment(),
"minio_ilm_policy": resourceMinioILMPolicy(),
"minio_kms_key": resourceMinioKMSKey(),
"minio_ilm_tier": resourceMinioILMTier(),
Expand Down
Loading
Loading