CSRE-183: adding data forwarding resource

Author: Aqz2024

sumologic/provider.go

@@ -88,10 +88,11 @@ func Provider() terraform.ResourceProvider {
 			"sumologic_role":                                     resourceSumologicRole(),
 			"sumologic_user":                                     resourceSumologicUser(),
 			"sumologic_ingest_budget":                            resourceSumologicIngestBudget(),
-			"sumologic_collector_ingest_budget_assignment":       resourceSumologicCollectorIngestBudgetAssignment(),
+			"sumologic_collector_ingestcf_budget_assignment":     resourceSumologicCollectorIngestBudgetAssignment(),
 			"sumologic_folder":                                   resourceSumologicFolder(),
 			"sumologic_content":                                  resourceSumologicContent(),
 			"sumologic_scheduled_view":                           resourceSumologicScheduledView(),
+			"sumologic_data_forwarding":                          resourceSumologicDataForwarding(),
 			"sumologic_partition":                                resourceSumologicPartition(),
 			"sumologic_field_extraction_rule":                    resourceSumologicFieldExtractionRule(),
 			"sumologic_connection":                               resourceSumologicConnection(),

sumologic/resource_sumologic_data_forwarding.go

@@ -0,0 +1,177 @@
+package sumologic
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"log"
+)
+
+func resourceSumologicDataForwarding() *schema.Resource {
+	return &schema.Resource{
+
+		Create: resourceSumologicDataForwardingCreate,
+		Read:   resourceSumologicDataForwardingRead,
+		Update: resourceSumologicDataForwardingUpdate,
+		Delete: resourceSumologicDataForwardingDelete,
+
+		Schema: map[string]*schema.Schema{
+
+			"destination_name": {
+				Type:     schema.TypeString,
+				Required: true,
+				//What validation func do we need for this fields?
+			},
+			"description": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
+			"destination_type": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
+			"bucket_name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"status": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
+			"authentication": {
+				Type:     schema.TypeList,
+				Required: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"type": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+						"role_arn": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"access_key": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"secret_key": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+					},
+				},
+			},
+			"s3_region": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
+			"s3_server_side_encryption": {
+				Type:     schema.TypeBool, //bool
+				Optional: true,
+			},
+		},
+	}
+
+}
+
+func resourceSumologicDataForwardingCreate(d *schema.ResourceData, meta interface{}) error {
+	c := meta.(*Client)
+
+	if d.Id() == "" {
+		dataForwarding := resourceToDataForwarding(d)
+		createdDataForwarding, err := c.CreateDataForwarding(dataForwarding)
+
+		if err != nil {
+			return err
+		}
+
+		d.SetId(createdDataForwarding.ID)
+
+	}
+
+	return resourceSumologicDataForwardingUpdate(d, meta)
+}
+
+func resourceSumologicDataForwardingUpdate(d *schema.ResourceData, meta interface{}) error {
+
+	dataForwarding := resourceToDataForwarding(d)
+
+	c := meta.(*Client)
+	err := c.UpdateDataForwarding(dataForwarding)
+
+	if err != nil {
+		return err
+	}
+
+	return resourceSumologicDataForwardingRead(d, meta)
+}
+
+func resourceSumologicDataForwardingRead(d *schema.ResourceData, meta interface{}) error {
+	c := meta.(*Client)
+
+	id := d.Id()
+	dataForwarding, err := c.getDataForwarding(id)
+
+	if err != nil {
+		return err
+	}
+
+	if dataForwarding == nil {
+		log.Printf("[WARN] Data Forwarding not found, removing from state: %v - %v", id, err)
+		d.SetId("")
+
+		return nil
+	}
+
+	d.Set("destination_name", dataForwarding.DestinationName)
+	d.Set("description", dataForwarding.Description)
+	d.Set("destination_type", dataForwarding.DestinationType)
+	d.Set("bucket_name", dataForwarding.BucketName)
+	d.Set("status", dataForwarding.Status)
+	d.Set("S3_region", dataForwarding.S3Region)
+	d.Set("S3_server_side_encryption", dataForwarding.S3ServerSideEncryption)
+
+	return nil
+}
+
+func resourceSumologicDataForwardingDelete(d *schema.ResourceData, meta interface{}) error {
+	c := meta.(*Client)
+	id := d.Id()
+
+	return c.DeleteDataForwarding(id)
+}
+
+func resourceToDataForwarding(d *schema.ResourceData) DataForwarding {
+
+	authentication := extractAuthenticationDetails(d.Get("authentication").([]interface{}))
+
+	return DataForwarding{
+		ID:                     d.Id(),
+		DestinationName:        d.Get("destination_name").(string),
+		Description:            d.Get("description").(string),
+		DestinationType:        d.Get("destination_type").(string),
+		BucketName:             d.Get("bucket_name").(string),
+		Status:                 d.Get("status").(string),
+		AccessMethod:           authentication["type"].(string),
+		AccessKey:              authentication["access_key"].(string),
+		SecretKey:              authentication["secret_key"].(string),
+		RoleArn:                authentication["role_arn"].(string),
+		S3Region:               d.Get("s3_region").(string),
+		S3ServerSideEncryption: d.Get("s3_server_side_encryption").(bool),
+	}
+}
+
+func extractAuthenticationDetails(authenticationList []interface{}) map[string]interface{} {
+	if len(authenticationList) > 0 {
+		authMap := authenticationList[0].(map[string]interface{})
+		return authMap
+	}
+	// Default values if authentication block is not provided
+	return map[string]interface{}{
+		"type":       "",
+		"role_arn":   "",
+		"access_key": "",
+		"secret_key": "",
+	}
+}

sumologic/resource_sumologic_data_forwarding_test.go

@@ -0,0 +1,111 @@
+package sumologic
+
+import (
+	"fmt"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/terraform"
+	"testing"
+)
+
+//func getRandomizedParams() (string, string, string) {
+//	name := acctest.RandomWithPrefix("tf-acc-test")
+//	description := acctest.RandomWithPrefix("tf-acc-test")
+//	category := acctest.RandomWithPrefix("tf-acc-test")
+//	return name, description, category }
+
+func TestAccSumologicDataForwarding_create(t *testing.T) {
+	//var dataForwarding DataForwarding
+	testAwsAccessKey := ""
+	testAwsSecretKey := ""
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccSumologicDataForwardingConfig(testAwsAccessKey, testAwsSecretKey),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckDataForwardingExists(),
+					resource.TestCheckResourceAttr("sumologic_data_forwarding.test", "destination_name", "abc")),
+			},
+		},
+	})
+
+}
+
+func testAccCheckDataForwardingExists() resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		client := testAccProvider.Meta().(*Client)
+		for _, r := range s.RootModule().Resources {
+			id := r.Primary.ID
+			if _, err := client.GetPartition(id); err != nil {
+				return fmt.Errorf("Received an error retrieving data forwarding %s", err)
+			}
+		}
+		return nil
+	}
+}
+
+func testAccSumologicDataForwardingConfig(testAwsAccessKey string, testAwsSecretKey string) string {
+	return fmt.Sprintf(`
+resource "aws_s3_bucket" "test_bucket" {
+  bucket = "S3-tests-data-forwarding"
+}
+
+resource "aws_iam_role" "sumo_role" {
+  name = "SumoRole"
+  assume_role_policy = jsonencode({
+    "Version": "2012-10-17",
+    "Statement": [
+      {
+        "Effect": "Allow",
+        "Principal": {
+          "AWS": "arn:aws:iam::246946804217:root"
+        },
+        "Action": "sts:AssumeRole",
+        "Condition": {
+          "StringEquals": {
+            "sts:ExternalId": "long:0000000000000005"
+          }
+        }
+      }
+    ]
+  })
+  path = "/"
+}
+
+resource "aws_iam_policy" "sumo_policy" {
+  name   = "SumoPolicy"
+  policy = jsonencode({
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": ["s3:PutObject"],
+      "Resource": ["arn:aws:s3:::${aws_s3_bucket.test_bucket.bucket}/*"]
+    }
+  ]
+})
+}
+
+resource "aws_iam_role_policy_attachment" "sumo_policy_attach" {
+  role       = aws_iam_role.sumo_role.name
+  policy_arn = aws_iam_policy.sumo_policy.arn
+}
+
+output "sumo_role_arn" {
+  description = "ARN of the created role. Copy this ARN back to Sumo to complete the data forwarding destination creation process."
+  value       = aws_iam_role.sumo_role.arn
+}
+
+resource "sumologic_data_forwarding" "test" {
+	destination_name = "abc"
+	bucket_name = "${aws_s3_bucket.test_bucket.bucket}"
+	authentication {
+		type = "RoleBased"
+		role_arn = "${aws_iam_role_policy_attachment.sumo_policy_attach.policy_arn}"
+	}
+	destination_type = "temp"	
+}
+`)
+}

sumologic/sumologic_data_forwarding.go

@@ -0,0 +1,74 @@
+package sumologic
+
+import (
+	"encoding/json"
+	"fmt"
+)
+
+func (s *Client) getDataForwarding(id string) (*DataForwarding, error) {
+
+	data, _, err := s.Get(fmt.Sprintf("v1/logsDataForwarding/destinations/%s", id))
+	if err != nil {
+		return nil, err
+	}
+	if data == nil {
+		return nil, nil
+	}
+
+	var dataForwarding DataForwarding
+	err = json.Unmarshal(data, &dataForwarding)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return &dataForwarding, nil
+
+}
+func (s *Client) CreateDataForwarding(dataForwarding DataForwarding) (*DataForwarding, error) {
+	var createdDataForwarding DataForwarding
+
+	responseBody, err := s.Post("v1/logsDataForwarding/destinations", dataForwarding)
+
+	if err != nil {
+		return nil, err
+	}
+
+	err = json.Unmarshal(responseBody, &createdDataForwarding)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return &createdDataForwarding, nil
+}
+
+func (s *Client) UpdateDataForwarding(dataForwarding DataForwarding) error {
+
+	url := fmt.Sprintf("v1/logsDataForwarding/destinations/%s", dataForwarding.ID)
+	_, err := s.Put(url, dataForwarding)
+
+	return err
+}
+func (s *Client) DeleteDataForwarding(id string) error {
+	url := fmt.Sprintf("v1/logsDataForwarding/destinations/%s", id)
+
+	_, err := s.Delete(url)
+
+	return err
+}
+
+type DataForwarding struct {
+	ID                     string `json:"id,omitempty"`
+	DestinationName        string `json:"destinationName"`
+	Description            string `json:"description"`
+	DestinationType        string `json:"destinationType"`
+	BucketName             string `json:"bucketName"`
+	Status                 string `json:"status"`
+	AccessMethod           string `json:"authenticationMode"`
+	AccessKey              string `json:"accessKeyId"`
+	SecretKey              string `json:"secretAccessKey"`
+	RoleArn                string `json:"roleArn"`
+	S3Region               string `json:"region"`
+	S3ServerSideEncryption bool   `json:"encrypted"`
+}