Add BYOK resource

Author: emerkle826

docs/data-sources/cloud_accounts.md

@@ -0,0 +1,35 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "astra_cloud_accounts Data Source - terraform-provider-astra"
+subcategory: ""
+description: |-
+  Retrieve a list of Cloud Accounts within an Organization
+---
+
+# astra_cloud_accounts (Data Source)
+
+Retrieve a list of Cloud Accounts within an Organization
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `cloud_provider` (String) The cloud provider where the Customer Key exists (Currently supported: aws, gcp)
+- `region` (String) Cloud provider region
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `results` (List of Object) The list of Cloud Accounts for the given Organization. (see [below for nested schema](#nestedatt--results))
+
+<a id="nestedatt--results"></a>
+### Nested Schema for `results`
+
+Read-Only:
+
+- `organization_id` (String)
+- `provider` (String)
+- `provider_id` (String)

docs/data-sources/customer_key.md

@@ -0,0 +1,27 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "astra_customer_key Data Source - terraform-provider-astra"
+subcategory: ""
+description: |-
+  Retrieve a Customer Key for a given cloud provider and region
+---
+
+# astra_customer_key (Data Source)
+
+Retrieve a Customer Key for a given cloud provider and region
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `cloud_provider` (String) The cloud provider where the Customer Key exists (Currently supported: aws, gcp)
+- `region` (String) Cloud provider region
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `key_id` (String) The Customer Key ID
+- `organization_id` (String) Organization ID

docs/data-sources/customer_keys.md

@@ -0,0 +1,31 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "astra_customer_keys Data Source - terraform-provider-astra"
+subcategory: ""
+description: |-
+  Retrieve a list of Customer Keys within an Organization
+---
+
+# astra_customer_keys (Data Source)
+
+Retrieve a list of Customer Keys within an Organization
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `results` (List of Object) The list of Customer Keys for the given Organization. (see [below for nested schema](#nestedatt--results))
+
+<a id="nestedatt--results"></a>
+### Nested Schema for `results`
+
+Read-Only:
+
+- `cloud_provider` (String)
+- `key_id` (String)
+- `organization_id` (String)
+- `region` (String)

docs/data-sources/database.md

@@ -39,7 +39,7 @@ data "astra_database" "db" {
 - `keyspace` (String) Initial keyspace
 - `name` (String) Database name (user provided)
 - `node_count` (Number) Node count (not relevant for serverless databases)
-- `organization_id` (String) Ordg id (system generated)
+- `organization_id` (String) Organization id (system generated)
 - `owner_id` (String) Owner id (system generated)
 - `regions` (List of String) Cloud provider region. Get list of supported regions from regions data-source
 - `replication_factor` (Number) Replication Factor (not relevant for serverless databases)

docs/data-sources/databases.md

@@ -28,7 +28,7 @@ output "existing_dbs" {
 ### Optional
 
 - `cloud_provider` (String) The cloud provider
-- `status` (String) Status flter. Only return databases with matching status, if supplied. Otherwise return all databases matching other requirements
+- `status` (String) Status filter. Only return databases with matching status, if supplied. Otherwise return all databases matching other requirements
 
 ### Read-Only
 

docs/resources/customer_key.md

@@ -0,0 +1,27 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "astra_customer_key Resource - terraform-provider-astra"
+subcategory: ""
+description: |-
+  astra_customer_key provides a Customer Key resource for Astra's Bring Your Own Key (BYOK).
+---
+
+# astra_customer_key (Resource)
+
+`astra_customer_key` provides a Customer Key resource for Astra's Bring Your Own Key (BYOK).
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `cloud_provider` (String) The cloud provider where the Customer Key exists (Currently supported: aws, gcp)
+- `key_id` (String) Customer Key ID.
+- `region` (String) Region in which the Customer Key exists.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `organization_id` (String) The Astra organization ID (this is derived from the token used to create the Customer Key).

go.mod

@@ -3,7 +3,7 @@ module github.com/datastax/terraform-provider-astra/v2
 go 1.18
 
 require (
-	github.com/datastax/astra-client-go/v2 v2.2.51
+	github.com/datastax/astra-client-go/v2 v2.2.52
 	github.com/datastax/pulsar-admin-client-go v0.0.0-20230707040954-1a4745e07587
 	github.com/google/uuid v1.3.1
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320

go.sum

@@ -97,8 +97,8 @@ github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEM
 github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
-github.com/datastax/astra-client-go/v2 v2.2.51 h1:Eptn/UNQiHT6uT9Tzg1iZUOmkyzdZpeXPJBIuzTIvZA=
-github.com/datastax/astra-client-go/v2 v2.2.51/go.mod h1:zxXWuqDkYia7PzFIL3T7RmjChc9LN81UnfI2yB4kE7M=
+github.com/datastax/astra-client-go/v2 v2.2.52 h1:gpW7tRA3FvTX55SNeKbgOz+67T9XYm5OIvjLguhQzJw=
+github.com/datastax/astra-client-go/v2 v2.2.52/go.mod h1:zxXWuqDkYia7PzFIL3T7RmjChc9LN81UnfI2yB4kE7M=
 github.com/datastax/pulsar-admin-client-go v0.0.0-20230707040954-1a4745e07587 h1:3jv+O0hWcz3oj3sZ9/Ov9/m1Vaqx8Ql8jp5ZeA13O5A=
 github.com/datastax/pulsar-admin-client-go v0.0.0-20230707040954-1a4745e07587/go.mod h1:guL8YZ5gJINN+h5Kmja1AnuzhxLU3sHQL8o/8HYLtqk=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=

internal/provider/data_source_cloud_accounts.go

@@ -0,0 +1,101 @@
+package provider
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+
+	"github.com/datastax/astra-client-go/v2/astra"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/id"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+)
+
+func dataSourceCloudAccounts() *schema.Resource {
+	return &schema.Resource{
+		Description: "Retrieve a list of Cloud Accounts within an Organization",
+
+		ReadContext: dataSourceCloudAccountsRead,
+
+		Schema: map[string]*schema.Schema{
+			// Required inputs
+			"cloud_provider": {
+				Description:      "The cloud provider where the Customer Key exists (Currently supported: aws, gcp)",
+				Type:             schema.TypeString,
+				Required:         true,
+				ForceNew:         true,
+				ValidateFunc:     validation.StringInSlice(availableBYOKCloudProviders, true),
+				DiffSuppressFunc: ignoreCase,
+			},
+            "region": {
+				Description:  "Cloud provider region",
+				Type:         schema.TypeString,
+				Required:     true,
+			},
+			// Computed outputs
+			"results": {
+				Type:        schema.TypeList,
+				Description: "The list of Cloud Accounts for the given Organization.",
+				Computed:    true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"organization_id": {
+							Description: "Organization ID",
+							Type:        schema.TypeString,
+							Computed:    true,
+						},
+						"provider": {
+							Description: "The cloud provider",
+							Type:        schema.TypeString,
+							Required:    true,
+						},
+						"provider_id": {
+							Description: "The provider account ID",
+							Type:        schema.TypeString,
+							Computed:    true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func dataSourceCloudAccountsRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(astraClients).astraClient.(*astra.ClientWithResponses)
+	provider := d.Get("cloud_provider").(string)
+	region := d.Get("region").(string)
+
+	cloudAccounts, err := listCloudAccounts(ctx, client, provider, region)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	if err := d.Set("results", cloudAccounts); err != nil {
+		return diag.FromErr(err)
+	}
+
+	d.SetId(id.UniqueId())
+	return nil
+}
+
+func listCloudAccounts(ctx context.Context, client *astra.ClientWithResponses, cloudProvider, region string) ([]map[string]interface{}, error) {
+	resp, err := client.GetCloudAccountsWithResponse(ctx, cloudProvider, region)
+	if err != nil {
+		return nil, err
+	}
+	if resp.StatusCode() != http.StatusOK {
+		return nil, fmt.Errorf("Error fetching Customer Keys. Status: %d, Message: %s", resp.StatusCode(), (resp.Body))
+	}
+	cloudAccounts := resp.JSON200
+	result := make([]map[string]interface{}, 0, len(*cloudAccounts))
+	for _, account := range *cloudAccounts {
+		result = append(result, map[string]interface{}{
+			"organization_id" : account.OrganizationId,
+			"provider"        : account.Provider,
+			"provider_id"     : account.ProviderId,
+		})
+	}
+	return result, nil
+}

internal/provider/data_source_customer_key.go

@@ -0,0 +1,72 @@
+package provider
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	"github.com/datastax/astra-client-go/v2/astra"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+)
+
+func dataSourceCustomerKey() *schema.Resource {
+	return &schema.Resource{
+		Description: "Retrieve a Customer Key for a given cloud provider and region",
+
+		ReadContext: dataSourceCustomerKeyRead,
+
+		Schema: map[string]*schema.Schema{
+			// Required inputs
+			"cloud_provider": {
+				Description:      "The cloud provider where the Customer Key exists (Currently supported: aws, gcp)",
+				Type:             schema.TypeString,
+				Required:         true,
+				ForceNew:         true,
+				ValidateFunc:     validation.StringInSlice(availableBYOKCloudProviders, true),
+				DiffSuppressFunc: ignoreCase,
+			},
+            "region": {
+				Description:      "Cloud provider region",
+				Type:             schema.TypeString,
+				Required:         true,
+			},
+			// Computed outputs
+			"organization_id": {
+				Description: "Organization ID",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
+			"key_id": {
+				Description: "The Customer Key ID",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
+		},
+	}
+}
+
+func dataSourceCustomerKeyRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(astraClients).astraClient.(*astra.ClientWithResponses)
+	cloudProvider := d.Get("cloud_provider").(string)
+	region := d.Get("region").(string)
+
+	customerKeys, err := listCustomerKeys(ctx, client)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	for _, key := range customerKeys {
+		if strings.EqualFold(cloudProvider, key["cloud_provider"].(string)) &&
+		    region == key["region].(string)"] {
+				orgId := key["organization_id"].(string)
+				keyId := key["key_id"].(string)
+				d.Set("organization_id", orgId)
+				d.Set("key_id", keyId)
+				d.SetId(fmt.Sprintf("%s/%s/%s", orgId, cloudProvider, region))
+				return nil
+		}
+	}
+	// key not found
+	return diag.Errorf("No Customer Key found for provider: %s, region: %s", cloudProvider, region)
+}