search

DataDog / terraform-provider-datadog

Terraform Datadog provider
https://www.terraform.io/docs/providers/datadog/
Mozilla Public License 2.0
403 stars 379 forks source link

Feature Request: Add support to upload the SAML IdP metadata #1211

Open michelzanini opened 3 years ago

michelzanini commented 3 years ago

Hi,

It would be useful to have a resource to update the SAML IdP metadata. We can configure everything around SAML with datadog_organization_settings, except the IdP metadata.

This is the API that can be used: https://docs.datadoghq.com/api/latest/organizations/#upload-idp-metadata

Thanks.

rajivchirania commented 2 years ago

Is their any progress on this request

RaghavK12RK commented 2 years ago

Can we have an code for idp_metadata_file upload for datadog_organisation in terraform?

briggsy87 commented 2 years ago

I am also looking for the ability to work with this API endpoint in terraform.

Does anyone have a decent work around in the meantime? Maybe a proof of concept for running some sort of local-exec that makes a curl/python/etc. call to the API directly?

carlindesautels commented 2 years ago

This is also an issue for me. Can we get some eyes on this?

jorneilander commented 1 year ago

Also waiting for this feature 👍

jorneilander commented 1 year ago

I am also looking for the ability to work with this API endpoint in terraform.

Does anyone have a decent work around in the meantime? Maybe a proof of concept for running some sort of local-exec that makes a curl/python/etc. call to the API directly?

We're using this at the moment. Also takes into account rate limiting that Datadog has implemented. 

idp_metadata_url = "https://login.microsoftonline.com/<AZURE_TENANT_ID>/federationmetadata/2007-06/federationmetadata.xml?appid=<AZURE_APP_ID>"

provisioner "local-exec" {
    environment = {
      DD_API_KEY         = ""
      DD_APPLICATION_KEY = ""
    }
    command = <<-EOC
      curl --silent --fail --request POST "https://api.datadoghq.eu/api/v2/saml_configurations/idp_metadata" \
        --header "Content-Type: application/xml" \
        --header "DD-API-KEY: $DD_API_KEY" \
        --header "DD-APPLICATION-KEY: $DD_APPLICATION_KEY" \
        --retry 5 \
        --retry-delay 30 \
        --data "$(curl --silent --fail "${local.idp_metadata_url}" | tail -c +4)"
EOC
  }

}

tail -c +4 is in there because Azure adds an XML BOM to the download which isn't accepted by Datadog's API. Funny fact, the BOM isn't in there when you download it via your browser 🤨 .

mtavaresmedeiros commented 1 year ago

any update on it?