[TF-34171] Adding a new resource tfe_organization_ttl_policy that describes the Max TTL policy for the organization

debrin-og · debrin-og · commit 9158ceb6e579 · 2026-02-25T11:34:19.000+05:30
diff --git a/internal/provider/provider_next.go b/internal/provider/provider_next.go
@@ -185,6 +185,7 @@ func (p *frameworkProvider) Resources(ctx context.Context) []func() resource.Res
 		NewAzureOIDCConfigurationResource,
 		NewVaultOIDCConfigurationResource,
 		NewHYOKConfigurationResource,
+		NewOrganizationTTLPolicyResource,
 	}
 }
 
diff --git a/internal/provider/resource_tfe_organization_ttl_policy.go b/internal/provider/resource_tfe_organization_ttl_policy.go
@@ -0,0 +1,116 @@
+package provider
+
+import (
+	"context"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
+
+	"github.com/hashicorp/terraform-plugin-framework/resource"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+)
+
+// Resource schema definition
+type organizationTTLPolicyResource struct{}
+
+type organizationTTLPolicyModel struct {
+	Organization      types.String `tfsdk:"organization"`
+	UserToken         types.String `tfsdk:"user_token"`
+	OrganizationToken types.String `tfsdk:"organization_token"`
+	TeamToken         types.String `tfsdk:"team_token"`
+	AuditTrailToken   types.String `tfsdk:"audit_trail_token"`
+}
+
+func NewOrganizationTTLPolicyResource() resource.Resource {
+	return &organizationTTLPolicyResource{}
+}
+
+func (r *organizationTTLPolicyResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_organization_ttl_policy"
+}
+
+func (r *organizationTTLPolicyResource) Schema(_ context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) {
+	resp.Schema = schema.Schema{
+		Version: 0,
+		Attributes: map[string]schema.Attribute{
+			"organization": schema.StringAttribute{
+				Description: "The name of the organization.",
+				Required:    true,
+				PlanModifiers: []planmodifier.String{
+					stringplanmodifier.RequiresReplace(),
+				},
+			},
+			"user_token_max_ttl": schema.StringAttribute{
+				Description: "The maximum TTL allowed for usage of user tokens in the organization",
+				Optional:    true,
+				Computed:    true,
+				Default:     stringdefault.StaticString("2y"),
+				PlanModifiers: []planmodifier.String{
+					stringplanmodifier.RequiresReplace(),
+				},
+			},
+			"org_token_max_ttl": schema.StringAttribute{
+				Description: "The maximum TTL allowed for usage of organization tokens in the organization",
+				Optional:    true,
+				Computed:    true,
+				Default:     stringdefault.StaticString("2y"),
+				PlanModifiers: []planmodifier.String{
+					stringplanmodifier.RequiresReplace(),
+				},
+			},
+			"team_token_max_ttl": schema.StringAttribute{
+				Description: "The maximum TTL allowed for usage of team tokens in the organization",
+				Optional:    true,
+				Computed:    true,
+				Default:     stringdefault.StaticString("2y"),
+				PlanModifiers: []planmodifier.String{
+					stringplanmodifier.RequiresReplace(),
+				},
+			},
+			"audit_trail_token_max_ttl": schema.StringAttribute{
+				Description: "The maximum TTL allowed for usage of audit trail tokens in the organization",
+				Optional:    true,
+				Computed:    true,
+				Default:     stringdefault.StaticString("2y"),
+				PlanModifiers: []planmodifier.String{
+					stringplanmodifier.RequiresReplace(),
+				},
+			},
+		},
+	}
+}
+
+// Create operation
+func (r *organizationTTLPolicyResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) {
+	var plan organizationTTLPolicyModel
+	resp.Diagnostics.Append(req.Plan.Get(ctx, &plan)...)
+	// TODO: Call API to create the policy
+	//plan.ID = types.StringValue(fmt.Sprintf("org-ttl-policy-%s", plan.UserToken.ValueString()))
+	//resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...)
+}
+
+// Read operation
+func (r *organizationTTLPolicyResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) {
+	var state organizationTTLPolicyModel
+	resp.Diagnostics.Append(req.State.Get(ctx, &state)...)
+	// TODO: Call API to read the policy
+	resp.Diagnostics.Append(resp.State.Set(ctx, &state)...)
+}
+
+// Update operation
+func (r *organizationTTLPolicyResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
+	var plan organizationTTLPolicyModel
+	resp.Diagnostics.Append(req.Plan.Get(ctx, &plan)...)
+	// TODO: Call API to update the policy
+	resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...)
+}
+
+// Delete operation
+func (r *organizationTTLPolicyResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+	var state organizationTTLPolicyModel
+	resp.Diagnostics.Append(req.State.Get(ctx, &state)...)
+	// TODO: Call API to delete the policy
+	// resp.Diagnostics.Append(resp.State.RemoveResource(ctx)...)
+}

Original file line number	Diff line number	Diff line change
`@@ -185,6 +185,7 @@ func (p *frameworkProvider) Resources(ctx context.Context) []func() resource.Res`
`185`	`185`	`NewAzureOIDCConfigurationResource,`
`186`	`186`	`NewVaultOIDCConfigurationResource,`
`187`	`187`	`NewHYOKConfigurationResource,`
	`188`	`+ NewOrganizationTTLPolicyResource,`
`188`	`189`	`}`
`189`	`190`	`}`
`190`	`191`