Added - Export and import of user defined sensitive types in Data Safe

Author: Aman Singh

examples/datasafe/masking_policy_referential_relations/masking_policy_referential_relations.tf

@@ -0,0 +1,27 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+variable "tenancy_ocid" {}
+variable "user_ocid" {}
+variable "fingerprint" {}
+variable "private_key_path" {}
+variable "region" {}
+variable "compartment_ocid" {}
+variable "data_safe_masking_policy_id" {}
+
+
+
+provider "oci" {
+  tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+  region           = var.region
+}
+
+
+data "oci_data_safe_masking_policy_referential_relations" "test_masking_policy_referential_relations" {
+  #Required
+  masking_policy_id = var.data_safe_masking_policy_id
+
+}

examples/datasafe/sensitive_data_model_referential_relation/sensitive_data_model_referential_relation.tf

@@ -0,0 +1,74 @@
+variable "tenancy_ocid" {}
+variable "user_ocid" {}
+variable "fingerprint" {}
+variable "private_key_path" {}
+variable "region" {}
+variable "compartment_ocid" {}
+variable "data_safe_target_ocid" {}
+
+provider "oci" {
+  tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+  region           = var.region
+}
+
+variable "relation_type" {
+  default = "APP_DEFINED"
+}
+
+variable "is_sensitive" {
+  default = false
+}
+
+variable "sensitive_data_model_display_name" {
+  default = "displayName"
+}
+variable "sensitive_data_model_schemas_for_discovery" {
+  default = []
+}
+
+variable "sensitive_data_model_sensitive_type_ids_for_discovery" {
+  default = []
+}
+
+resource "oci_data_safe_sensitive_data_model" "test_sensitive_data_model" {
+  #Required
+  compartment_id = var.compartment_ocid
+  target_id      = var.data_safe_target_ocid
+
+  #Optional
+  display_name                              = var.sensitive_data_model_display_name
+  schemas_for_discovery                     = var.sensitive_data_model_schemas_for_discovery
+  sensitive_type_ids_for_discovery          = var.sensitive_data_model_sensitive_type_ids_for_discovery
+}
+
+resource "oci_data_safe_sensitive_data_model_referential_relation" "test_sensitive_data_model_referential_relation" {
+  #Required
+  sensitive_data_model_id = oci_data_safe_sensitive_data_model.test_sensitive_data_model.id
+  relation_type = var.relation_type
+  parent {
+    app_name = "HR"
+    column_group = ["EMAIL"]
+    object = "EMPLOYEES"
+    object_type = "TABLE"
+    schema_name = "HR"
+  }
+  child {
+    app_name = "HR"
+    column_group = ["FIRST_NAME"]
+    object = "EMPLOYEES"
+    object_type = "TABLE"
+    schema_name = "HR"
+  }
+  is_sensitive = var.is_sensitive
+}
+
+data "oci_data_safe_sensitive_data_model_referential_relations" "test_sensitive_data_model_referential_relations" {
+  #Required
+  sensitive_data_model_id = oci_data_safe_sensitive_data_model.test_sensitive_data_model.id
+
+  #Optional
+  relation_type = [oci_data_safe_sensitive_data_model_referential_relation.test_sensitive_data_model_referential_relation.relation_type]
+}

examples/datasafe/sensitive_types_export/sensitive_types_export.tf

@@ -0,0 +1,76 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+variable "tenancy_ocid" {}
+variable "user_ocid" {}
+variable "fingerprint" {}
+variable "private_key_path" {}
+variable "region" {}
+variable "compartment_ocid" {}
+
+provider "oci" {
+  tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+  region           = var.region
+}
+
+variable "sensitive_types_export_is_include_all_sensitive_types" {
+  default = true
+}
+
+variable "sensitive_types_export_display_name" {
+  default = "displayName"
+}
+
+variable "sensitive_types_export_description" {
+  default = "description"
+}
+
+variable "sensitive_types_export_freeform_tags" {
+  default = { "Department" = "Finance" }
+}
+
+variable "sensitive_types_export_access_level" {
+  default = "ACCESSIBLE"
+}
+
+variable "sensitive_types_export_compartment_id_in_subtree" {
+  default = true
+}
+
+variable "sensitive_types_export_state" {
+  default = "ACTIVE"
+}
+
+variable "sensitive_types_export_time_created_less_than" {
+  default = "2038-01-01T00:00:00.000Z"
+}
+
+resource "oci_data_safe_sensitive_types_export" "test_sensitive_types_export" {
+  #Required
+  compartment_id = var.compartment_ocid
+  is_include_all_sensitive_types = var.sensitive_types_export_is_include_all_sensitive_types
+
+  #Optional
+  display_name = var.sensitive_types_export_display_name
+  description = var.sensitive_types_export_description
+  freeform_tags = var.sensitive_types_export_freeform_tags
+}
+
+data "oci_data_safe_sensitive_types_exports" "test_sensitive_types_exports" {
+  #Required
+  compartment_id = var.compartment_ocid
+
+  #Optional
+  access_level = var.sensitive_types_export_access_level
+  compartment_id_in_subtree = var.sensitive_types_export_compartment_id_in_subtree
+  display_name = var.sensitive_types_export_display_name
+  state = var.sensitive_types_export_state
+  time_created_less_than = var.sensitive_types_export_time_created_less_than
+}
+
+data "oci_data_safe_sensitive_types_export" "test_sensitive_types_export" {
+  sensitive_types_export_id = oci_data_safe_sensitive_types_export.test_sensitive_types_export.id
+}

examples/datasafe/user_assessment_password_expiry_analytics/user_assessment_password_expiry_analytics.tf

@@ -0,0 +1,45 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+variable "tenancy_ocid" {}
+variable "user_ocid" {}
+variable "fingerprint" {}
+variable "private_key_path" {}
+variable "region" {}
+variable "compartment_ocid" {}
+variable "data_safe_user_assessment_id" {}
+
+variable "ua_password_expiry_analytic_compartment_id_in_subtree" {
+  default = true
+}
+
+variable "ua_password_expiry_analytic_access_level" {
+  default = "RESTRICTED"
+}
+
+variable "ua_password_expiry_analytic_time_less_than"{
+  default = "2038-01-01T00:00:00.000Z"
+}
+
+variable "ua_password_expiry_analytic_user_category" {
+  default = "HIGH"
+}
+
+provider "oci" {
+  tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+  region           = var.region
+}
+
+data "oci_data_safe_user_assessment_password_expiry_date_analytics" "test_user_assessment_password_expiry_date_analytics" {
+  #Required
+  user_assessment_id = var.data_safe_user_assessment_id
+
+  #Optional
+  compartment_id_in_subtree = var.ua_password_expiry_analytic_compartment_id_in_subtree
+  access_level = var.ua_password_expiry_analytic_access_level
+  time_password_expiry_less_than = var.ua_password_expiry_analytic_time_less_than
+  user_category = var.ua_password_expiry_analytic_user_category
+}

internal/integrationtest/data_safe_masking_policy_health_report_log_test.go

@@ -45,10 +45,12 @@ func TestDataSafeMaskingPolicyHealthReportLogResource_basic(t *testing.T) {
 		// verify datasource
 		{
 			Config: config +
-				acctest.GenerateDataSourceFromRepresentationMap("oci_data_safe_masking_policy_health_report_logs", "test_masking_policy_health_report_logs", acctest.Required, acctest.Create, DataSafeMaskingPolicyHealthReportLogDataSourceRepresentation) +
+				acctest.GenerateDataSourceFromRepresentationMap("oci_data_safe_masking_policy_health_report_logs", "test_masking_policy_health_report_logs", acctest.Optional, acctest.Create, DataSafeMaskingPolicyHealthReportLogDataSourceRepresentation) +
 				compartmentIdVariableStr + healthReportIdVariableStr + DataSafeMaskingPolicyHealthReportLogResourceConfig,
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttrSet(datasourceName, "masking_policy_health_report_id"),
+				resource.TestCheckResourceAttrSet(datasourceName, "message_type"),
+				resource.TestCheckResourceAttrSet(datasourceName, "masking_policy_health_report_log_collection.0.items.0.health_check_type"),
 			),
 		},
 	})

internal/integrationtest/data_safe_masking_policy_health_report_test.go

@@ -68,6 +68,11 @@ func TestDataSafeMaskingPolicyHealthReportResource_basic(t *testing.T) {
 				compartmentIdVariableStr,
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttr(datasourceName, "compartment_id", compartmentId),
+				resource.TestCheckResourceAttr(datasourceName, "masking_policy_health_report_collection.0.items.#", "1"),
+				resource.TestCheckResourceAttrSet(datasourceName, "masking_policy_health_report_collection.0.items.0.masking_policy_id"),
+				resource.TestCheckResourceAttrSet(datasourceName, "masking_policy_health_report_collection.0.items.0.display_name"),
+				resource.TestCheckResourceAttrSet(datasourceName, "masking_policy_health_report_collection.0.items.0.error_count"),
+				resource.TestCheckResourceAttrSet(datasourceName, "masking_policy_health_report_collection.0.items.0.warning_count"),
 			),
 		},
 		// verify singular datasource
@@ -80,10 +85,12 @@ func TestDataSafeMaskingPolicyHealthReportResource_basic(t *testing.T) {
 
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "compartment_id"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "display_name"),
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "error_count"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "id"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "state"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "time_created"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "time_updated"),
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "warning_count"),
 			),
 		},
 	})

internal/integrationtest/data_safe_masking_policy_referential_relation_test.go

@@ -0,0 +1,65 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+package integrationtest
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	"github.com/oracle/terraform-provider-oci/httpreplay"
+	"github.com/oracle/terraform-provider-oci/internal/acctest"
+
+	"github.com/oracle/terraform-provider-oci/internal/utils"
+)
+
+var (
+	DataSafeMaskingPolicyReferentialRelationDataSourceRepresentation = map[string]interface{}{
+		"masking_policy_id": acctest.Representation{RepType: acctest.Required, Create: `${var.masking_policy_id}`},
+		"relation_type":     acctest.Representation{RepType: acctest.Optional, Create: []string{`DB_DEFINED`}},
+		"schema_name":       acctest.Representation{RepType: acctest.Optional, Create: []string{`HR`}},
+		"column_name":       acctest.Representation{RepType: acctest.Optional, Create: []string{`EMPLOYEE_ID`}},
+		"object":            acctest.Representation{RepType: acctest.Optional, Create: []string{`EMPLOYEES`}},
+	}
+
+	DataSafeMaskingPolicyReferentialRelationResourceConfig = ""
+)
+
+// issue-routing-tag: data_safe/default
+func TestDataSafeMaskingPolicyReferentialRelationResource_basic(t *testing.T) {
+	httpreplay.SetScenario("TestDataSafeMaskingPolicyReferentialRelationResource_basic")
+	defer httpreplay.SaveScenario()
+
+	config := acctest.ProviderTestConfig()
+
+	compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid")
+	compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId)
+
+	maskingPolicyId := utils.GetEnvSettingWithBlankDefault("data_safe_masking_policy_id")
+	maskingPolicyIdVariableStr := fmt.Sprintf("variable \"masking_policy_id\" { default = \"%s\" }\n", maskingPolicyId)
+
+	datasourceName := "data.oci_data_safe_masking_policy_referential_relations.test_masking_policy_referential_relations"
+
+	acctest.SaveConfigContent("", "", "", t)
+
+	acctest.ResourceTest(t, nil, []resource.TestStep{
+		// verify datasource
+		{
+			Config: config +
+				acctest.GenerateDataSourceFromRepresentationMap("oci_data_safe_masking_policy_referential_relations", "test_masking_policy_referential_relations", acctest.Optional, acctest.Create, DataSafeMaskingPolicyReferentialRelationDataSourceRepresentation) +
+				compartmentIdVariableStr + maskingPolicyIdVariableStr + DataSafeMaskingPolicyReferentialRelationResourceConfig,
+			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
+				resource.TestCheckResourceAttrSet(datasourceName, "masking_policy_id"),
+				resource.TestCheckResourceAttr(datasourceName, "relation_type.0", "DB_DEFINED"),
+				resource.TestCheckResourceAttr(datasourceName, "schema_name.0", "HR"),
+				resource.TestCheckResourceAttr(datasourceName, "column_name.0", "EMPLOYEE_ID"),
+				resource.TestCheckResourceAttr(datasourceName, "object.0", "EMPLOYEES"),
+
+				resource.TestCheckResourceAttrSet(datasourceName, "masking_policy_referential_relation_collection.#"),
+				resource.TestCheckResourceAttr(datasourceName, "masking_policy_referential_relation_collection.0.items.#", "5"),
+			),
+		},
+	})
+}

internal/integrationtest/data_safe_security_assessment_test.go

@@ -65,7 +65,7 @@ var (
 	}
 
 	ignoreChangesSecurityAssessmentRepresentation = map[string]interface{}{
-		"ignore_changes": acctest.Representation{RepType: acctest.Required, Create: []string{`defined_tags`}},
+		"ignore_changes": acctest.Representation{RepType: acctest.Required, Create: []string{`defined_tags`, `freeform_tags`, `system_tags`}},
 	}
 
 	DataSafeSecurityAssessmentResourceDependencies = DefinedTagsDependencies
@@ -106,7 +106,6 @@ func TestDataSafeSecurityAssessmentResource_basic(t *testing.T) {
 				acctest.GenerateResourceFromRepresentationMap("oci_data_safe_security_assessment", "test_security_assessment", acctest.Required, acctest.Create, securityAssessmentRepresentation),
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
-				resource.TestCheckResourceAttrSet(resourceName, "target_id"),
 
 				func(s *terraform.State) (err error) {
 					resId, err = acctest.FromInstanceState(s, resourceName, "id")
@@ -127,9 +126,9 @@ func TestDataSafeSecurityAssessmentResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
 				resource.TestCheckResourceAttr(resourceName, "description", "description"),
 				resource.TestCheckResourceAttr(resourceName, "display_name", "EBS assessment"),
-				resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"),
+				resource.TestCheckResourceAttrSet(resourceName, "freeform_tags.%"),
 				resource.TestCheckResourceAttrSet(resourceName, "id"),
-				resource.TestCheckResourceAttr(resourceName, "is_assessment_scheduled", "false"),
+				resource.TestCheckResourceAttr(resourceName, "is_assessment_scheduled", "true"),
 				resource.TestCheckResourceAttrSet(resourceName, "state"),
 				resource.TestCheckResourceAttrSet(resourceName, "target_id"),
 				resource.TestCheckResourceAttrSet(resourceName, "time_created"),
@@ -159,7 +158,7 @@ func TestDataSafeSecurityAssessmentResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentIdU),
 				resource.TestCheckResourceAttr(resourceName, "description", "description"),
 				resource.TestCheckResourceAttr(resourceName, "display_name", "EBS assessment"),
-				resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"),
+				resource.TestCheckResourceAttrSet(resourceName, "freeform_tags.%"),
 				resource.TestCheckResourceAttrSet(resourceName, "id"),
 				resource.TestCheckResourceAttr(resourceName, "is_assessment_scheduled", "true"),
 				resource.TestCheckResourceAttrSet(resourceName, "state"),
@@ -183,7 +182,7 @@ func TestDataSafeSecurityAssessmentResource_basic(t *testing.T) {
 				acctest.GenerateResourceFromRepresentationMap("oci_data_safe_security_assessment", "test_security_assessment", acctest.Required, acctest.Update, securityAssessmentChangeCompartmentRepresentation),
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
-				resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"),
+				resource.TestCheckResourceAttrSet(resourceName, "freeform_tags.%"),
 				resource.TestCheckResourceAttrSet(resourceName, "id"),
 				resource.TestCheckResourceAttr(resourceName, "is_assessment_scheduled", "true"),
 				resource.TestCheckResourceAttrSet(resourceName, "state"),
@@ -214,7 +213,7 @@ func TestDataSafeSecurityAssessmentResource_basic(t *testing.T) {
 
 				resource.TestCheckResourceAttr(datasourceName, "security_assessments.#", "1"),
 				resource.TestCheckResourceAttr(datasourceName, "security_assessments.0.compartment_id", compartmentId),
-				resource.TestCheckResourceAttr(datasourceName, "security_assessments.0.freeform_tags.%", "1"),
+				resource.TestCheckResourceAttrSet(datasourceName, "security_assessments.0.freeform_tags.%"),
 				resource.TestCheckResourceAttrSet(datasourceName, "security_assessments.0.id"),
 				resource.TestCheckResourceAttrSet(datasourceName, "security_assessments.0.is_baseline"),
 				resource.TestCheckResourceAttrSet(datasourceName, "security_assessments.0.state"),
@@ -237,7 +236,7 @@ func TestDataSafeSecurityAssessmentResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttr(singularDatasourceName, "compartment_id", compartmentId),
 				resource.TestCheckResourceAttr(singularDatasourceName, "description", "description2"),
 				resource.TestCheckResourceAttr(singularDatasourceName, "display_name", "displayName2"),
-				resource.TestCheckResourceAttr(singularDatasourceName, "freeform_tags.%", "1"),
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "freeform_tags.%"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "id"),
 				resource.TestCheckResourceAttr(singularDatasourceName, "is_assessment_scheduled", "true"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "is_baseline"),