search

IBM-Cloud / terraform-provider-ibm

https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs
Mozilla Public License 2.0
336 stars 645 forks source link

Resource to send a Private Catalog & accept #5436

Open pauljegouic opened 1 week ago

pauljegouic commented 1 week ago

Hello there,

I would like to have the ability to manage the share requests and approval process by automation in the Private Catalog.

image

I would need something to be able to send/revoke a request from an account, and the ability to accept/revoke the request received on the target account.

Here is my functional attempt to perform it : 


# SOURCE ACCOUNT
resource "null_resource" "share_catalog_access" {
  triggers = {
    always_run = "${timestamp()}"
  }
  provisioner "local-exec" {
    command = <<EOT
         IC_API_KEY=${var.iz_admin_api_key}
          export TOKEN=$(curl -X POST "https://iam.cloud.ibm.com/identity/token" --header 'Content-Type: application/x-www-form-urlencoded'   --header 'Accept: application/json'   --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey'   --data-urlencode "apikey=$IC_API_KEY" | jq -r .access_token)

          res=$(curl -v -X "POST" "https://cm.globalcatalog.cloud.ibm.com/api/v1-beta/shareapproval/offering/access" -H "accept: */*" -H "Authorization: Bearer $TOKEN" --data-raw '["-acct-${data.ibm_iam_account_settings.iam_account_settings.account_id}"]')
        EOT
  }
}

#TARGET ACCOUNT 
resource "null_resource" "accept_catalog_request" {
  depends_on = [null_resource.share_catalog_access]
  triggers = {
    always_run = "${timestamp()}"
  }
  provisioner "local-exec" {
    command = <<EOT
         if [ ! -z $IC_IAM_TOKEN ]
          then
              export TOKEN="$IC_IAM_TOKEN"
          else
              export TOKEN=$(curl -X POST "https://iam.cloud.ibm.com/identity/token" --header 'Content-Type: application/x-www-form-urlencoded'   --header 'Accept: application/json'   --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey'   --data-urlencode "apikey=$IC_API_KEY" | jq -r .access_token)
          fi

          res=$(curl -v -X "POST" "https://cm.globalcatalog.cloud.ibm.com/api/v1-beta/shareapproval/offering/access/source/approved" -H "accept: */*" -H "Authorization: Bearer $TOKEN" --data-raw '["-acct-1ccbee2da57a496badb5e5ec00f8158d"]')
        EOT
  }
}

Obviously this would require a multi provider context.