diff --git a/.secrets.baseline b/.secrets.baseline index dae78c7d80..41dd2077b3 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "go.mod|go.sum|.*.map|^.secrets.baseline$", "lines": null }, - "generated_at": "2023-12-26T12:35:45Z", + "generated_at": "2024-01-16T23:03:03Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -760,7 +760,7 @@ "hashed_secret": "731438016c5ab94431f61820f35e3ae5f8ad6004", "is_secret": false, "is_verified": false, - "line_number": 428, + "line_number": 436, "type": "Secret Keyword", "verified_result": null }, @@ -768,7 +768,7 @@ "hashed_secret": "12da2e35d6b50c902c014f1ab9e3032650368df7", "is_secret": false, "is_verified": false, - "line_number": 434, + "line_number": 442, "type": "Secret Keyword", "verified_result": null }, @@ -776,7 +776,7 @@ "hashed_secret": "813274ccae5b6b509379ab56982d862f7b5969b6", "is_secret": false, "is_verified": false, - "line_number": 1157, + "line_number": 1165, "type": "Base64 High Entropy String", "verified_result": null } @@ -864,7 +864,7 @@ "hashed_secret": "c8b6f5ef11b9223ac35a5663975a466ebe7ebba9", "is_secret": false, "is_verified": false, - "line_number": 1838, + "line_number": 1840, "type": "Secret Keyword", "verified_result": null }, @@ -872,7 +872,7 @@ "hashed_secret": "8abf4899c01104241510ba87685ad4de76b0c437", "is_secret": false, "is_verified": false, - "line_number": 1844, + "line_number": 1846, "type": "Secret Keyword", "verified_result": null } @@ -3105,36 +3105,6 @@ "verified_result": null } ], - "ibm/service/scc/data_source_ibm_scc_provider_type_instance_test.go": [ - { - "hashed_secret": "83747cea2b26d7652ed39218ddcdb1461c570535", - "is_secret": false, - "is_verified": false, - "line_number": 79, - "type": "Hex High Entropy String", - "verified_result": null - } - ], - "ibm/service/scc/data_source_ibm_scc_provider_type_test.go": [ - { - "hashed_secret": "83747cea2b26d7652ed39218ddcdb1461c570535", - "is_secret": false, - "is_verified": false, - "line_number": 43, - "type": "Hex High Entropy String", - "verified_result": null - } - ], - "ibm/service/scc/resource_ibm_scc_provider_type_instance_test.go": [ - { - "hashed_secret": "83747cea2b26d7652ed39218ddcdb1461c570535", - "is_secret": false, - "is_verified": false, - "line_number": 94, - "type": "Hex High Entropy String", - "verified_result": null - } - ], "ibm/service/schematics/data_source_ibm_schematics_action.go": [ { "hashed_secret": "49f3bb8f759241df51c899d3725d877bad58f66e", @@ -3831,24 +3801,6 @@ "verified_result": null } ], - "ibm/service/secretsmanager/resource_ibm_sm_service_credentilas_secret.go": [ - { - "hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4", - "is_secret": false, - "is_verified": false, - "line_number": 190, - "type": "Secret Keyword", - "verified_result": null - }, - { - "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f", - "is_secret": false, - "is_verified": false, - "line_number": 443, - "type": "Secret Keyword", - "verified_result": null - } - ], "ibm/service/secretsmanager/resource_ibm_sm_username_password_secret.go": [ { "hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4", diff --git a/go.mod b/go.mod index f9c2987535..a7e7443cf0 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,7 @@ require ( github.com/IBM/platform-services-go-sdk v0.55.0 github.com/IBM/project-go-sdk v0.1.6 github.com/IBM/push-notifications-go-sdk v0.0.0-20210310100607-5790b96c47f5 - github.com/IBM/scc-go-sdk/v5 v5.1.3 + github.com/IBM/scc-go-sdk/v5 v5.1.4 github.com/IBM/schematics-go-sdk v0.2.3 github.com/IBM/secrets-manager-go-sdk/v2 v2.0.2 github.com/IBM/vpc-beta-go-sdk v0.6.0 @@ -210,7 +210,7 @@ require ( golang.org/x/net v0.19.0 // indirect golang.org/x/oauth2 v0.7.0 // indirect golang.org/x/sync v0.5.0 // indirect - golang.org/x/sys v0.15.0 // indirect + golang.org/x/sys v0.16.0 // indirect golang.org/x/term v0.15.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect diff --git a/go.sum b/go.sum index 1b508fa5cb..10b7428166 100644 --- a/go.sum +++ b/go.sum @@ -166,8 +166,8 @@ github.com/IBM/push-notifications-go-sdk v0.0.0-20210310100607-5790b96c47f5 h1:N github.com/IBM/push-notifications-go-sdk v0.0.0-20210310100607-5790b96c47f5/go.mod h1:b07XHUVh0XYnQE9s2mqgjYST1h9buaQNqN4EcKhOsX0= github.com/IBM/sarama v1.41.2 h1:ZDBZfGPHAD4uuAtSv4U22fRZBgst0eEwGFzLj0fb85c= github.com/IBM/sarama v1.41.2/go.mod h1:xdpu7sd6OE1uxNdjYTSKUfY8FaKkJES9/+EyjSgiGQk= -github.com/IBM/scc-go-sdk/v5 v5.1.3 h1:8zqJx/HgChTlMaC21HzthIR4HbFkuJ3dR/D68254jRg= -github.com/IBM/scc-go-sdk/v5 v5.1.3/go.mod h1:YtAVlzq10bwR82QX4ZavhDIwa1s85RuVO9N/KmXVcuk= +github.com/IBM/scc-go-sdk/v5 v5.1.4 h1:+HoeUJCyGAJpQv2hBskKdMC1I6K617zbHF5lpbK5VYI= +github.com/IBM/scc-go-sdk/v5 v5.1.4/go.mod h1:YtAVlzq10bwR82QX4ZavhDIwa1s85RuVO9N/KmXVcuk= github.com/IBM/schematics-go-sdk v0.2.3 h1:lgTt0Sbudii3cuSk1YSQgrtiZAXDbBABAoVj3eQuBrU= github.com/IBM/schematics-go-sdk v0.2.3/go.mod h1:Tw2OSAPdpC69AxcwoyqcYYaGTTW6YpERF9uNEU+BFRQ= github.com/IBM/secrets-manager-go-sdk/v2 v2.0.2 h1:+Svh1OmoFxMBnZQSOUtp2UUzrOGFsSQlE5TFL/ptJco= @@ -1902,8 +1902,8 @@ golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= diff --git a/ibm/acctest/acctest.go b/ibm/acctest/acctest.go index 16bfc30ab4..59e5e42264 100644 --- a/ibm/acctest/acctest.go +++ b/ibm/acctest/acctest.go @@ -266,9 +266,13 @@ var Snapshot_month string // Secuity and Complinace Center var ( SccApiEndpoint string + SccEventNotificationsCRN string + SccInstanceID string + SccObjectStorageCRN string + SccObjectStorageBucket string SccProviderTypeAttributes string + SccProviderTypeID string SccReportID string - SccInstanceID string ) // ROKS Cluster @@ -1401,6 +1405,26 @@ func init() { fmt.Println("[WARN] Set the environment variable IBMCLOUD_SCC_PROVIDER_TYPE_ATTRIBUTES with a VALID SCC PROVIDER TYPE ATTRIBUTE") } + SccProviderTypeID = os.Getenv("IBMCLOUD_SCC_PROVIDER_TYPE_ID") + if SccProviderTypeID == "" { + fmt.Println("[WARN] Set the environment variable IBMCLOUD_SCC_PROVIDER_TYPE_ID with a VALID SCC PROVIDER TYPE ID") + } + + SccEventNotificationsCRN = os.Getenv("IBMCLOUD_SCC_EVENT_NOTIFICATION_CRN") + if SccEventNotificationsCRN == "" { + fmt.Println("[WARN] Set the environment variable IBMCLOUD_SCC_EVENT_NOTIFICATION_CRN") + } + + SccObjectStorageCRN = os.Getenv("IBMCLOUD_SCC_OBJECT_STORAGE_CRN") + if SccObjectStorageCRN == "" { + fmt.Println("[WARN] Set the environment variable IBMCLOUD_SCC_OBJECT_STORAGE_CRN with a valid cloud object storage crn") + } + + SccObjectStorageBucket = os.Getenv("IBMCLOUD_SCC_OBJECT_STORAGE_BUCKET") + if SccObjectStorageBucket == "" { + fmt.Println("[WARN] Set the environment variable IBMCLOUD_SCC_OBJECT_STORAGE_BUCKET with a valid cloud object storage bucket") + } + HostPoolID = os.Getenv("IBM_CONTAINER_DEDICATEDHOST_POOL_ID") if HostPoolID == "" { fmt.Println("[INFO] Set the environment variable IBM_CONTAINER_DEDICATEDHOST_POOL_ID for ibm_container_vpc_cluster resource to test dedicated host functionality") @@ -1820,7 +1844,11 @@ func TestAccPreCheckScc(t *testing.T) { } if SccProviderTypeAttributes == "" { - t.Fatal("IBMCLOUD_SCC_PROVIDER_TYPE_ATTRIBUTES missing. Set the environment variable IBMCLOUD_SCC_PROVIDER_TYPE_ATTRIBUTES with a VALID ATTRIBUTE") + t.Fatal("IBMCLOUD_SCC_PROVIDER_TYPE_ATTRIBUTES missing. Set the environment variable IBMCLOUD_SCC_PROVIDER_TYPE_ATTRIBUTES with a VALID SCC provider_type JSON object") + } + + if SccProviderTypeID == "" { + t.Fatal("IBMCLOUD_SCC_PROVIDER_TYPE_ID missing. Set the environment variable IBMCLOUD_SCC_PROVIDER_TYPE_ID with a VALID SCC provider_type ID") } if SccInstanceID == "" { @@ -1828,7 +1856,19 @@ func TestAccPreCheckScc(t *testing.T) { } if SccReportID == "" { - t.Fatal("IBMCLOUD_SCC_REPORT_ID missing. Set the environment variable IBMCLOUD_SCC_REPORT_ID with a VALID REPORT_ID") + t.Fatal("IBMCLOUD_SCC_REPORT_ID missing. Set the environment variable IBMCLOUD_SCC_REPORT_ID with a VALID SCC REPORT_ID") + } + + if SccEventNotificationsCRN == "" { + t.Fatal("IBMCLOUD_SCC_EVENT_NOTIFICATION_CRN missing. Set the environment variable IBMCLOUD_SCC_EVENT_NOTIFICATION_CRN with a valid EN CRN") + } + + if SccObjectStorageCRN == "" { + t.Fatal("IBMCLOUD_SCC_OBJECT_STORAGE_CRN missing. Set the environment variable IBMCLOUD_SCC_OBJECT_STORAGE_CRN with a valid COS CRN") + } + + if SccObjectStorageBucket == "" { + t.Fatal("IBMCLOUD_SCC_OBJECT_STORAGE_CRN missing. Set the environment variable IBMCLOUD_SCC_OBJECT_STORAGE_BUCKET with a valid COS bucket") } } diff --git a/ibm/provider/provider.go b/ibm/provider/provider.go index 0bf1e29b21..ca5a143773 100644 --- a/ibm/provider/provider.go +++ b/ibm/provider/provider.go @@ -1305,6 +1305,7 @@ func Provider() *schema.Provider { "ibm_scc_template_attachment": scc.ResourceIBMSccTemplateAttachment(), // Security and Compliance Center + "ibm_scc_instance_settings": scc.ResourceIbmSccInstanceSettings(), "ibm_scc_rule": scc.ResourceIbmSccRule(), "ibm_scc_control_library": scc.ResourceIbmSccControlLibrary(), "ibm_scc_profile": scc.ResourceIbmSccProfile(), @@ -1576,6 +1577,7 @@ func Validator() validate.ValidatorDict { "ibm_satellite_host": satellite.ResourceIBMSatelliteHostValidator(), // Added for SCC + "ibm_scc_instance_settings": scc.ResourceIbmSccInstanceSettingsValidator(), "ibm_scc_rule": scc.ResourceIbmSccRuleValidator(), "ibm_scc_control_library": scc.ResourceIbmSccControlLibraryValidator(), "ibm_scc_profile": scc.ResourceIbmSccProfileValidator(), diff --git a/ibm/service/scc/data_source_ibm_scc_provider_type.go b/ibm/service/scc/data_source_ibm_scc_provider_type.go index 6e3bfffe0c..b63556cfcb 100644 --- a/ibm/service/scc/data_source_ibm_scc_provider_type.go +++ b/ibm/service/scc/data_source_ibm_scc_provider_type.go @@ -17,7 +17,7 @@ import ( ) func DataSourceIbmSccProviderType() *schema.Resource { - return &schema.Resource{ + return AddSchemaData(&schema.Resource{ ReadContext: dataSourceIbmSccProviderTypeRead, Schema: map[string]*schema.Schema{ @@ -109,7 +109,7 @@ func DataSourceIbmSccProviderType() *schema.Resource { Description: "Time at which resource was updated.", }, }, - } + }) } func dataSourceIbmSccProviderTypeRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { @@ -120,6 +120,7 @@ func dataSourceIbmSccProviderTypeRead(context context.Context, d *schema.Resourc getProviderTypeByIdOptions := &securityandcompliancecenterapiv3.GetProviderTypeByIdOptions{} + getProviderTypeByIdOptions.SetInstanceID(d.Get("instance_id").(string)) getProviderTypeByIdOptions.SetProviderTypeID(d.Get("provider_type_id").(string)) providerTypeItem, response, err := securityAndComplianceCenterApIsClient.GetProviderTypeByIDWithContext(context, getProviderTypeByIdOptions) diff --git a/ibm/service/scc/data_source_ibm_scc_provider_type_instance_test.go b/ibm/service/scc/data_source_ibm_scc_provider_type_instance_test.go index f5ae316512..bfdbf88791 100644 --- a/ibm/service/scc/data_source_ibm_scc_provider_type_instance_test.go +++ b/ibm/service/scc/data_source_ibm_scc_provider_type_instance_test.go @@ -20,7 +20,7 @@ func TestAccIbmSccProviderTypeInstanceDataSourceBasic(t *testing.T) { Providers: acc.TestAccProviders, Steps: []resource.TestStep{ { - Config: testAccCheckIbmSccProviderTypeInstanceDataSourceConfigBasic(acc.SccInstanceID, providerTypeInstanceName, acc.SccProviderTypeAttributes), + Config: testAccCheckIbmSccProviderTypeInstanceDataSourceConfigBasic(acc.SccInstanceID, providerTypeInstanceName, acc.SccProviderTypeAttributes, acc.SccProviderTypeID), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type_instance.scc_provider_type_instance_tf", "id"), resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type_instance.scc_provider_type_instance_tf", "provider_type_id"), @@ -39,7 +39,7 @@ func TestAccIbmSccProviderTypeInstanceDataSourceAllArgs(t *testing.T) { Providers: acc.TestAccProviders, Steps: []resource.TestStep{ { - Config: testAccCheckIbmSccProviderTypeInstanceDataSourceConfig(acc.SccInstanceID, providerTypeInstanceName, acc.SccProviderTypeAttributes), + Config: testAccCheckIbmSccProviderTypeInstanceDataSourceConfig(acc.SccInstanceID, providerTypeInstanceName, acc.SccProviderTypeAttributes, acc.SccProviderTypeID), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type_instance.scc_provider_type_instance_tf", "id"), resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type_instance.scc_provider_type_instance_tf", "provider_type_id"), @@ -55,11 +55,11 @@ func TestAccIbmSccProviderTypeInstanceDataSourceAllArgs(t *testing.T) { }) } -func testAccCheckIbmSccProviderTypeInstanceDataSourceConfigBasic(instanceID string, providerTypeInstanceName string, providerTypeInstanceAttributes string) string { +func testAccCheckIbmSccProviderTypeInstanceDataSourceConfigBasic(instanceID, providerTypeInstanceName, providerTypeInstanceAttributes, providerTypeInstanceID string) string { return fmt.Sprintf(` resource "ibm_scc_provider_type_instance" "scc_provider_type_instance" { instance_id = "%s" - provider_type_id = "afa2476ecfa5f09af248492fe991b4d1" + provider_type_id = "%s" name = "%s" attributes = %s } @@ -69,14 +69,14 @@ func testAccCheckIbmSccProviderTypeInstanceDataSourceConfigBasic(instanceID stri provider_type_id = ibm_scc_provider_type_instance.scc_provider_type_instance.provider_type_id provider_type_instance_id = ibm_scc_provider_type_instance.scc_provider_type_instance.provider_type_instance_id } - `, instanceID, providerTypeInstanceName, providerTypeInstanceAttributes) + `, instanceID, providerTypeInstanceID, providerTypeInstanceName, providerTypeInstanceAttributes) } -func testAccCheckIbmSccProviderTypeInstanceDataSourceConfig(instanceID string, providerTypeInstanceName string, providerTypeInstanceAttributes string) string { +func testAccCheckIbmSccProviderTypeInstanceDataSourceConfig(instanceID, providerTypeInstanceName, providerTypeInstanceAttributes, providerTypeInstanceID string) string { return fmt.Sprintf(` resource "ibm_scc_provider_type_instance" "scc_provider_type_instance" { instance_id = "%s" - provider_type_id = "afa2476ecfa5f09af248492fe991b4d1" + provider_type_id = "%s" name = "%s" attributes = %s } @@ -86,5 +86,5 @@ func testAccCheckIbmSccProviderTypeInstanceDataSourceConfig(instanceID string, p provider_type_id = ibm_scc_provider_type_instance.scc_provider_type_instance.provider_type_id provider_type_instance_id = ibm_scc_provider_type_instance.scc_provider_type_instance.provider_type_instance_id } - `, instanceID, providerTypeInstanceName, providerTypeInstanceAttributes) + `, instanceID, providerTypeInstanceID, providerTypeInstanceName, providerTypeInstanceAttributes) } diff --git a/ibm/service/scc/data_source_ibm_scc_provider_type_test.go b/ibm/service/scc/data_source_ibm_scc_provider_type_test.go index ea2db7e89e..d302b59a7f 100644 --- a/ibm/service/scc/data_source_ibm_scc_provider_type_test.go +++ b/ibm/service/scc/data_source_ibm_scc_provider_type_test.go @@ -18,7 +18,7 @@ func TestAccIbmSccProviderTypeDataSourceBasic(t *testing.T) { Providers: acc.TestAccProviders, Steps: []resource.TestStep{ resource.TestStep{ - Config: testAccCheckIbmSccProviderTypeDataSourceConfigBasic(), + Config: testAccCheckIbmSccProviderTypeDataSourceConfigBasic(acc.SccInstanceID, acc.SccProviderTypeID), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type.scc_provider_type_instance", "id"), resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type.scc_provider_type_instance", "provider_type_id"), @@ -30,17 +30,17 @@ func TestAccIbmSccProviderTypeDataSourceBasic(t *testing.T) { resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type.scc_provider_type_instance", "mode"), resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type.scc_provider_type_instance", "data_type"), resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type.scc_provider_type_instance", "icon"), - resource.TestCheckResourceAttrSet("data.ibm_scc_provider_type.scc_provider_type_instance", "attributes.%"), ), }, }, }) } -func testAccCheckIbmSccProviderTypeDataSourceConfigBasic() string { +func testAccCheckIbmSccProviderTypeDataSourceConfigBasic(instanceID, providerTypeID string) string { return fmt.Sprintf(` data "ibm_scc_provider_type" "scc_provider_type_instance" { - provider_type_id = "afa2476ecfa5f09af248492fe991b4d1" + instance_id = "%s" + provider_type_id = "%s" } - `) + `, instanceID, providerTypeID) } diff --git a/ibm/service/scc/resource_ibm_scc_instance_settings.go b/ibm/service/scc/resource_ibm_scc_instance_settings.go new file mode 100644 index 0000000000..deecd0f438 --- /dev/null +++ b/ibm/service/scc/resource_ibm_scc_instance_settings.go @@ -0,0 +1,340 @@ +package scc + +import ( + "context" + "errors" + "fmt" + "log" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/validate" + "github.com/IBM/go-sdk-core/v5/core" + "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" +) + +func ResourceIbmSccInstanceSettings() *schema.Resource { + return AddSchemaData(&schema.Resource{ + CreateContext: resourceIbmSccInstanceSettingsCreate, + ReadContext: resourceIbmSccInstanceSettingsRead, + UpdateContext: resourceIbmSccInstanceSettingsUpdate, + DeleteContext: resourceIbmSccInstanceSettingsDelete, + Importer: &schema.ResourceImporter{}, + + Schema: map[string]*schema.Schema{ + "event_notifications": &schema.Schema{ + Type: schema.TypeList, + MaxItems: 1, + Required: true, + Description: "The Event Notifications settings.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "instance_crn": &schema.Schema{ + Type: schema.TypeString, + Optional: true, + Description: "The Event Notifications instance CRN.", + }, + "updated_on": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The date when the Event Notifications connection was updated.", + }, + "source_id": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The connected Security and Compliance Center instance CRN.", + }, + }, + }, + }, + "object_storage": &schema.Schema{ + Type: schema.TypeList, + MaxItems: 1, + Required: true, + Description: "The Cloud Object Storage settings.", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "instance_crn": &schema.Schema{ + Type: schema.TypeString, + Optional: true, + Description: "The connected Cloud Object Storage instance CRN.", + }, + "bucket": &schema.Schema{ + Type: schema.TypeString, + Optional: true, + Description: "The connected Cloud Object Storage bucket name.", + }, + "bucket_location": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The connected Cloud Object Storage bucket location.", + }, + "bucket_endpoint": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The connected Cloud Object Storage bucket endpoint.", + }, + "updated_on": &schema.Schema{ + Type: schema.TypeString, + Computed: true, + Description: "The date when the bucket connection was updated.", + }, + }, + }, + }, + }, + }) +} + +func ResourceIbmSccInstanceSettingsValidator() *validate.ResourceValidator { + validateSchema := make([]validate.ValidateSchema, 0) + validateSchema = append(validateSchema, + validate.ValidateSchema{ + Identifier: "instance_id", + ValidateFunctionIdentifier: validate.ValidateRegexpLen, + Type: validate.TypeString, + Optional: true, + Regexp: `^[a-zA-Z0-9 ,\-_]+$`, + MinValueLength: 1, + MaxValueLength: 1024, + }, + ) + + resourceValidator := validate.ResourceValidator{ResourceName: "ibm_scc_instance_settings", Schema: validateSchema} + return &resourceValidator +} + +func resourceIbmSccInstanceSettingsCreate(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + adminClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return diag.FromErr(err) + } + + updateSettingsOptions := &securityandcompliancecenterapiv3.UpdateSettingsOptions{} + instance_id := d.Get("instance_id").(string) + updateSettingsOptions.SetInstanceID(instance_id) + + var eventNotificationsModel *securityandcompliancecenterapiv3.EventNotifications + if _, ok := d.GetOk("event_notifications"); ok { + eventNotificationsData, err := resourceIbmSccInstanceSettingsMapToEventNotifications(d.Get("event_notifications.0").(map[string]interface{})) + if err != nil { + return diag.FromErr(err) + } + eventNotificationsModel = eventNotificationsData + eventNotificationsModel.SourceName = core.StringPtr("compliance") + eventNotificationsModel.SourceDescription = core.StringPtr("This source is used for integration with IBM Cloud Security and Compliance Center.") + } else { + eventNotificationsModel = &securityandcompliancecenterapiv3.EventNotifications{} + eventNotificationsModel.InstanceCrn = core.StringPtr("") + } + updateSettingsOptions.SetEventNotifications(eventNotificationsModel) + + var objectStorageModel *securityandcompliancecenterapiv3.ObjectStorage + if _, ok := d.GetOk("object_storage"); ok { + objectStorageData, err := resourceIbmSccInstanceSettingsMapToObjectStorage(d.Get("object_storage.0").(map[string]interface{})) + if err != nil { + return diag.FromErr(err) + } + objectStorageModel = objectStorageData + } else { + objectStorageModel := &securityandcompliancecenterapiv3.ObjectStorage{} + objectStorageModel.InstanceCrn = core.StringPtr("") + } + updateSettingsOptions.SetObjectStorage(objectStorageModel) + + _, response, err := adminClient.UpdateSettingsWithContext(context, updateSettingsOptions) + if err != nil { + log.Printf("[DEBUG] UpdateSettingsWithContext failed %s\n%s", err, response) + return diag.FromErr(fmt.Errorf("UpdateSettingsWithContext failed %s\n%s", err, response)) + } + + d.SetId(instance_id) + + return resourceIbmSccInstanceSettingsRead(context, d, meta) +} + +func resourceIbmSccInstanceSettingsRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + adminClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return diag.FromErr(err) + } + + getSettingsOptions := &securityandcompliancecenterapiv3.GetSettingsOptions{} + instance_id := d.Id() + getSettingsOptions.SetInstanceID(instance_id) + + settings, response, err := adminClient.GetSettingsWithContext(context, getSettingsOptions) + if err != nil { + if response != nil && response.StatusCode == 404 { + d.SetId("") + return nil + } + log.Printf("[DEBUG] GetSettingsWithContext failed %s\n%s", err, response) + return diag.FromErr(fmt.Errorf("GetSettingsWithContext failed %s\n%s", err, response)) + } + + if err = d.Set("instance_id", instance_id); err != nil { + return diag.FromErr(fmt.Errorf("Error setting instance_id: %s", err)) + } + if !core.IsNil(settings.EventNotifications) { + eventNotificationsMap, err := resourceIbmSccInstanceSettingsEventNotificationsToMap(settings.EventNotifications) + if err != nil { + return diag.FromErr(err) + } + if err = d.Set("event_notifications", []map[string]interface{}{eventNotificationsMap}); err != nil { + return diag.FromErr(fmt.Errorf("Error setting event_notifications: %s", err)) + } + } + if !core.IsNil(settings.ObjectStorage) { + objectStorageMap, err := resourceIbmSccInstanceSettingsObjectStorageToMap(settings.ObjectStorage) + if err != nil { + return diag.FromErr(err) + } + if err = d.Set("object_storage", []map[string]interface{}{objectStorageMap}); err != nil { + return diag.FromErr(fmt.Errorf("Error setting object_storage: %s", err)) + } + } + + return nil +} + +func resourceIbmSccInstanceSettingsUpdate(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + adminClient, err := meta.(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return diag.FromErr(err) + } + + updateSettingsOptions := &securityandcompliancecenterapiv3.UpdateSettingsOptions{} + instance_id := d.Get("instance_id").(string) + updateSettingsOptions.SetInstanceID(instance_id) + + hasChange := false + + if d.HasChange("event_notifications") { + eventNotifications, err := resourceIbmSccInstanceSettingsMapToEventNotifications(d.Get("event_notifications.0").(map[string]interface{})) + if err != nil { + return diag.FromErr(err) + } + if eventNotifications.InstanceCrn != nil && *eventNotifications.InstanceCrn != "" { + eventNotifications.SourceName = core.StringPtr("compliance") + eventNotifications.SourceDescription = core.StringPtr("This source is used for integration with IBM Cloud Security and Compliance Center.") + } + updateSettingsOptions.SetEventNotifications(eventNotifications) + hasChange = true + } + if d.HasChange("object_storage") { + objectStorage, err := resourceIbmSccInstanceSettingsMapToObjectStorage(d.Get("object_storage.0").(map[string]interface{})) + if err != nil { + return diag.FromErr(err) + } + updateSettingsOptions.SetObjectStorage(objectStorage) + hasChange = true + } + + if hasChange { + _, response, err := adminClient.UpdateSettingsWithContext(context, updateSettingsOptions) + if err != nil { + log.Printf("[DEBUG] UpdateSettingsWithContext failed %s\n%s", err, response) + return diag.FromErr(fmt.Errorf("UpdateSettingsWithContext failed %s\n%s", err, response)) + } + } + + return resourceIbmSccInstanceSettingsRead(context, d, meta) +} + +func resourceIbmSccInstanceSettingsDelete(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + + d.SetId("") + + return nil +} + +func resourceIbmSccInstanceSettingsMapToEventNotifications(modelMap map[string]interface{}) (*securityandcompliancecenterapiv3.EventNotifications, error) { + model := &securityandcompliancecenterapiv3.EventNotifications{} + if modelMap["instance_crn"] != nil && modelMap["instance_crn"].(string) != "" { + model.InstanceCrn = core.StringPtr(modelMap["instance_crn"].(string)) + } + if modelMap["updated_on"] != nil { + dateTime, err := core.ParseDateTime(modelMap["updated_on"].(string)) + if err != nil { + return model, err + } + model.UpdatedOn = &dateTime + } + if modelMap["source_id"] != nil && modelMap["source_id"].(string) != "" { + model.SourceID = core.StringPtr(modelMap["source_id"].(string)) + } + return model, nil +} + +func resourceIbmSccInstanceSettingsMapToObjectStorage(modelMap map[string]interface{}) (*securityandcompliancecenterapiv3.ObjectStorage, error) { + model := &securityandcompliancecenterapiv3.ObjectStorage{} + instanceCrnSet := false + if modelMap["instance_crn"] != nil && modelMap["instance_crn"].(string) != "" { + model.InstanceCrn = core.StringPtr(modelMap["instance_crn"].(string)) + instanceCrnSet = true + } + if modelMap["bucket"] != nil && modelMap["bucket"].(string) != "" { + if instanceCrnSet { + model.Bucket = core.StringPtr(modelMap["bucket"].(string)) + } else { + return model, errors.New(`object_storage.instance_crn cannot be empty`) + } + } + if modelMap["bucket_location"] != nil && modelMap["bucket_location"].(string) != "" { + model.BucketLocation = core.StringPtr(modelMap["bucket_location"].(string)) + } + if modelMap["bucket_endpoint"] != nil && modelMap["bucket_endpoint"].(string) != "" { + model.BucketEndpoint = core.StringPtr(modelMap["bucket_endpoint"].(string)) + } + if modelMap["updated_on"] != nil { + dateTime, err := core.ParseDateTime(modelMap["updated_on"].(string)) + if err != nil { + return model, err + } + model.UpdatedOn = &dateTime + } + return model, nil +} + +func resourceIbmSccInstanceSettingsEventNotificationsToMap(model *securityandcompliancecenterapiv3.EventNotifications) (map[string]interface{}, error) { + modelMap := make(map[string]interface{}) + if model.InstanceCrn != nil { + modelMap["instance_crn"] = model.InstanceCrn + } + if model.UpdatedOn != nil { + modelMap["updated_on"] = model.UpdatedOn.String() + } + if model.SourceID != nil { + modelMap["source_id"] = model.SourceID + } + if model.SourceDescription != nil { + modelMap["source_description"] = model.SourceDescription + } + if model.SourceName != nil { + modelMap["source_name"] = model.SourceName + } + return modelMap, nil +} + +func resourceIbmSccInstanceSettingsObjectStorageToMap(model *securityandcompliancecenterapiv3.ObjectStorage) (map[string]interface{}, error) { + modelMap := make(map[string]interface{}) + if model.InstanceCrn != nil { + modelMap["instance_crn"] = model.InstanceCrn + } + if model.Bucket != nil { + modelMap["bucket"] = model.Bucket + } + if model.BucketLocation != nil { + modelMap["bucket_location"] = model.BucketLocation + } + if model.BucketEndpoint != nil { + modelMap["bucket_endpoint"] = model.BucketEndpoint + } + if model.UpdatedOn != nil { + modelMap["updated_on"] = model.UpdatedOn.String() + } + return modelMap, nil +} diff --git a/ibm/service/scc/resource_ibm_scc_instance_settings_test.go b/ibm/service/scc/resource_ibm_scc_instance_settings_test.go new file mode 100644 index 0000000000..ba476bf939 --- /dev/null +++ b/ibm/service/scc/resource_ibm_scc_instance_settings_test.go @@ -0,0 +1,139 @@ +// Copyright IBM Corp. 2023 All Rights Reserved. +// Licensed under the Mozilla Public License v2.0 + +package scc_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + + acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest" + "github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns" + "github.com/IBM/scc-go-sdk/v5/securityandcompliancecenterapiv3" +) + +func TestAccIbmSccInstanceSettingsBasic(t *testing.T) { + var conf securityandcompliancecenterapiv3.Settings + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIbmSccInstanceSettingsDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccInstanceSettingsConfigBasic(acc.SccInstanceID), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckIbmSccInstanceSettingsExists("ibm_scc_instance_settings.scc_instance_settings_instance", conf), + ), + }, + }, + }) +} + +func TestAccIbmSccInstanceSettingsAllArgs(t *testing.T) { + var conf securityandcompliancecenterapiv3.Settings + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acc.TestAccPreCheck(t) }, + Providers: acc.TestAccProviders, + CheckDestroy: testAccCheckIbmSccInstanceSettingsDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckIbmSccInstanceSettingsConfigBasic(acc.SccInstanceID), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckIbmSccInstanceSettingsExists("ibm_scc_instance_settings.scc_instance_settings_instance", conf), + ), + }, + resource.TestStep{ + Config: testAccCheckIbmSccInstanceSettingsConfig(acc.SccInstanceID, acc.SccEventNotificationsCRN, acc.SccObjectStorageCRN, acc.SccObjectStorageBucket), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckIbmSccInstanceSettingsExists("ibm_scc_instance_settings.scc_instance_settings_instance", conf), + ), + }, + resource.TestStep{ + ResourceName: "ibm_scc_instance_settings.scc_instance_settings_instance", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAccCheckIbmSccInstanceSettingsConfigBasic(instanceID string) string { + return fmt.Sprintf(` + resource "ibm_scc_instance_settings" "scc_instance_settings_instance" { + instance_id = "%s" + event_notifications { } + object_storage { } + } + `, instanceID) +} + +func testAccCheckIbmSccInstanceSettingsConfig(instanceID, enInstanceCRN, objStorInstanceCRN, objStorBucket string) string { + return fmt.Sprintf(` + resource "ibm_scc_instance_settings" "scc_instance_settings_instance" { + instance_id = "%s" + event_notifications { + instance_crn = "%s" + } + object_storage { + instance_crn = "%s" + bucket = "%s" + } + } + `, instanceID, enInstanceCRN, objStorInstanceCRN, objStorBucket) +} + +func testAccCheckIbmSccInstanceSettingsExists(n string, obj securityandcompliancecenterapiv3.Settings) resource.TestCheckFunc { + + return func(s *terraform.State) error { + _, ok := s.RootModule().Resources[n] + if !ok { + return fmt.Errorf("Not found: %s", n) + } + + adminClient, err := acc.TestAccProvider.Meta().(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return err + } + + getSettingsOptions := &securityandcompliancecenterapiv3.GetSettingsOptions{} + instanceID := acc.SccInstanceID + getSettingsOptions.SetInstanceID(instanceID) + + settings, _, err := adminClient.GetSettings(getSettingsOptions) + if err != nil { + return err + } + + obj = *settings + return nil + } +} + +func testAccCheckIbmSccInstanceSettingsDestroy(s *terraform.State) error { + adminClient, err := acc.TestAccProvider.Meta().(conns.ClientSession).SecurityAndComplianceCenterV3() + if err != nil { + return err + } + for _, rs := range s.RootModule().Resources { + if rs.Type != "ibm_scc_instance_settings" { + continue + } + + getSettingsOptions := &securityandcompliancecenterapiv3.GetSettingsOptions{} + instanceID := acc.SccInstanceID + getSettingsOptions.SetInstanceID(instanceID) + + // Deleting a instance_settings_resource doesn't delete the entity + _, response, err := adminClient.GetSettings(getSettingsOptions) + if response.StatusCode != 200 { + return fmt.Errorf("Error checking for scc_instance_settings (%s) has been destroyed: %s", rs.Primary.ID, err) + } + } + + return nil +} diff --git a/ibm/service/scc/resource_ibm_scc_provider_type_instance_test.go b/ibm/service/scc/resource_ibm_scc_provider_type_instance_test.go index cbf5170421..bbbe2da180 100644 --- a/ibm/service/scc/resource_ibm_scc_provider_type_instance_test.go +++ b/ibm/service/scc/resource_ibm_scc_provider_type_instance_test.go @@ -28,14 +28,14 @@ func TestAccIbmSccProviderTypeInstanceBasic(t *testing.T) { CheckDestroy: testAccCheckIbmSccProviderTypeInstanceDestroy, Steps: []resource.TestStep{ { - Config: testAccCheckIbmSccProviderTypeInstanceConfigBasic(acc.SccInstanceID, name, acc.SccProviderTypeAttributes), + Config: testAccCheckIbmSccProviderTypeInstanceConfigBasic(acc.SccInstanceID, name, acc.SccProviderTypeAttributes, acc.SccProviderTypeID), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckIbmSccProviderTypeInstanceExists("ibm_scc_provider_type_instance.scc_provider_type_instance_wlp", conf), resource.TestCheckResourceAttr("ibm_scc_provider_type_instance.scc_provider_type_instance_wlp", "name", name), ), }, { - Config: testAccCheckIbmSccProviderTypeInstanceConfigBasic(acc.SccInstanceID, nameUpdate, acc.SccProviderTypeAttributes), + Config: testAccCheckIbmSccProviderTypeInstanceConfigBasic(acc.SccInstanceID, nameUpdate, acc.SccProviderTypeAttributes, acc.SccProviderTypeID), Check: resource.ComposeAggregateTestCheckFunc( resource.TestCheckResourceAttr("ibm_scc_provider_type_instance.scc_provider_type_instance_wlp", "name", nameUpdate), ), @@ -55,14 +55,14 @@ func TestAccIbmSccProviderTypeInstanceAllArgs(t *testing.T) { CheckDestroy: testAccCheckIbmSccProviderTypeInstanceDestroy, Steps: []resource.TestStep{ { - Config: testAccCheckIbmSccProviderTypeInstanceConfig(acc.SccInstanceID, name, acc.SccProviderTypeAttributes), + Config: testAccCheckIbmSccProviderTypeInstanceConfig(acc.SccInstanceID, name, acc.SccProviderTypeAttributes, acc.SccProviderTypeID), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckIbmSccProviderTypeInstanceExists("ibm_scc_provider_type_instance.scc_provider_type_instance_wlp", conf), resource.TestCheckResourceAttr("ibm_scc_provider_type_instance.scc_provider_type_instance_wlp", "name", name), ), }, { - Config: testAccCheckIbmSccProviderTypeInstanceConfig(acc.SccInstanceID, nameUpdate, acc.SccProviderTypeAttributes), + Config: testAccCheckIbmSccProviderTypeInstanceConfig(acc.SccInstanceID, nameUpdate, acc.SccProviderTypeAttributes, acc.SccProviderTypeID), Check: resource.ComposeAggregateTestCheckFunc( resource.TestCheckResourceAttr("ibm_scc_provider_type_instance.scc_provider_type_instance_wlp", "name", nameUpdate), ), @@ -76,26 +76,26 @@ func TestAccIbmSccProviderTypeInstanceAllArgs(t *testing.T) { }) } -func testAccCheckIbmSccProviderTypeInstanceConfigBasic(instanceID string, name string, attributes string) string { +func testAccCheckIbmSccProviderTypeInstanceConfigBasic(instanceID string, name string, attributes string, providerTypeID string) string { return fmt.Sprintf(` resource "ibm_scc_provider_type_instance" "scc_provider_type_instance_wlp" { instance_id = "%s" - provider_type_id = "afa2476ecfa5f09af248492fe991b4d1" + provider_type_id = "%s" name = "%s" attributes = %s } - `, instanceID, name, attributes) + `, instanceID, providerTypeID, name, attributes) } -func testAccCheckIbmSccProviderTypeInstanceConfig(instanceID string, name string, attributes string) string { +func testAccCheckIbmSccProviderTypeInstanceConfig(instanceID string, name string, attributes string, providerTypeID string) string { return fmt.Sprintf(` resource "ibm_scc_provider_type_instance" "scc_provider_type_instance_wlp" { instance_id = "%s" - provider_type_id = "afa2476ecfa5f09af248492fe991b4d1" + provider_type_id = "%s" name = "%s" attributes = %s } - `, instanceID, name, attributes) + `, instanceID, providerTypeID, name, attributes) } func testAccCheckIbmSccProviderTypeInstanceExists(n string, obj securityandcompliancecenterapiv3.ProviderTypeInstanceItem) resource.TestCheckFunc { diff --git a/website/docs/r/scc_instance.html.markdown b/website/docs/r/scc_instance.html.markdown new file mode 100644 index 0000000000..1347256fb6 --- /dev/null +++ b/website/docs/r/scc_instance.html.markdown @@ -0,0 +1,41 @@ +--- +layout: "ibm" +page_title: "IBM : ibm_scc_instance" +description: |- + Manages scc_instance. +subcategory: "Security and Compliance Center" +--- + +# ibm_scc_instance + +Create, update, and delete scc_instance with this resource. + +~> NOTE: This document details how to use the resource `ibm_resource_instance` targeting the service `Security and Compliance Center`. For more information about the Terraform resource `ibm_resource_instance`, click [here](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/resource_instance) + +## Example Usage + +```hcl +data "ibm_resource_group" "group" { + name = "test" +} + +resource "ibm_resource_instance" "scc_instance" { + name = "test" + service = "compliance" + plan = "security-compliance-center-standard-plan" # also support security-compliance-center-trial-plan + location = "us-south" + resource_group_id = data.ibm_resource_group.group.id + tags = ["tag1", "tag2"] +} +``` + +## Argument reference +Review the argument references that you can specify for your resource. + +- `location` - (Required, Forces new resource, String) Target location or environment to create the resource instance. +- `plan` - (Required, String) The name of the plan type supported by service. You can retrieve the value by running the `ibmcloud catalog service ` command. +- `name` - (Required, String) A descriptive name used to identify the resource instance. +- `resource_group_id` - (Optional, Forces new resource, String) The ID of the resource group where you want to create the service. You can retrieve the value from data source `ibm_resource_group`. If not provided creates the service in `default` resource group. +- `tags` (Optional, Array of Strings) Tags associated with the instance. +- `service` - (Required, Forces new resource, String) The name of the service offering. + diff --git a/website/docs/r/scc_instance_settings.html.markdown b/website/docs/r/scc_instance_settings.html.markdown new file mode 100644 index 0000000000..98bd28df3b --- /dev/null +++ b/website/docs/r/scc_instance_settings.html.markdown @@ -0,0 +1,65 @@ +--- +layout: "ibm" +page_title: "IBM : ibm_scc_instance_settings" +description: |- + Manages scc_instance_settings. +subcategory: "Security and Compliance Center" +--- + +# ibm_scc_instance_settings + +Create, update, and delete scc_instance_settingss with this resource. + +## Example Usage + +```hcl +resource "ibm_scc_instance_settings" "scc_instance_settings_instance" { + instance_id = "00000000-1111-2222-3333-444444444444" + event_notifications { + instance_crn = "" + } + object_storage { + instance_crn = "" + bucket = "" + } +} +``` + +## Argument Reference + +You can specify the following arguments for this resource. + +* `instance_id` - (Required, Forces new resource, String) The ID of the SCC instance in a particular region. +* `event_notifications` - (Optional, List) The Event Notifications settings. +Nested schema for **event_notifications**: + * `instance_crn` - (Optional, String) The Event Notifications instance CRN. + * Constraints: The maximum length is `512` characters. The minimum length is `0` characters. The value must match regular expression `/^crn:v[0-9](:([A-Za-z0-9-._~!$&'()*+,;=@\/]|%[0-9A-Z]{2})*){8}|$/`. + * `source_id` - (Computed, String) The connected Security and Compliance Center instance CRN. + * Constraints: The maximum length is `512` characters. The minimum length is `1` character. The value must match regular expression `/([A-Za-z0-9]+(:[A-Za-z0-9]+)+)/`. + * `updated_on` - (Optional, String) The date when the Event Notifications connection was updated. +* `object_storage` - (Optional, List) The Cloud Object Storage settings. +Nested schema for **object_storage**: + * `bucket` - (Optional, String) The connected Cloud Object Storage bucket name. + * Constraints: The maximum length is `64` characters. The minimum length is `0` characters. The value must match regular expression `/[A-Za-z]+|/`. + * `bucket_endpoint` - (Computed, String) The connected Cloud Object Storage bucket endpoint. + * Constraints: The maximum length is `512` characters. The minimum length is `1` character. The value must match regular expression `/([A-Za-z0-9-]+)/`. + * `bucket_location` - (Computed, String) The connected Cloud Object Storage bucket location. + * Constraints: The maximum length is `32` characters. The minimum length is `0` characters. The value must match regular expression `/[A-Za-z]+/`. + * `instance_crn` - (Optional, String) The connected Cloud Object Storage instance CRN. + * Constraints: The maximum length is `512` characters. The minimum length is `0` characters. The value must match regular expression `/^crn:v[0-9](:([A-Za-z0-9-._~!$&'()*+,;=@\/]|%[0-9A-Z]{2})*){8}|$/`. + * `updated_on` - (Computed, String) The date when the bucket connection was updated. + +## Attribute Reference + +After your resource is created, you can read values from the listed arguments and the following attributes. + +* `id` - The unique identifier of the scc_instance_settings. + +## Import + +You can import the `ibm_scc_instance_settings` resource by using `instance_id`. The unique identifier of the scc_instance_settings. + +# Syntax +``` +$ terraform import ibm_scc_instance_settings.scc_instance_settings +```