Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Add Access Key API Methods #88

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

chore: Add Access Key API Methods #88

wants to merge 2 commits into from

Conversation

hi-artem
Copy link

@hi-artem hi-artem commented Jul 24, 2024
edited
Loading

Description

See this for reference: https://pan.dev/prisma-cloud/api/cspm/access-keys/

Examples:

// List all keys
res, err := accesskey.List(client)

// Get a key with id 0146edc0-99ec-4418-979f-82173c5271c8
res, err := accesskey.Get(client, "0146edc0-99ec-4418-979f-82173c5271c8")

// Create a key with name TestKey1 as a service account Terraform with expiration date
accKey := accesskey.AccessKey{Name: "TestKey1", ServiceAccountName: "Terraform", ExpiresOn: 1888661848528}
res, err := accesskey.Create(client, accKey)

// Delete a key with id 4ec889a8-26c7-4c59-8846-50b663cd6a28
err := accesskey.Delete(client, "4ec889a8-26c7-4c59-8846-50b663cd6a28")

// Update a key with id 04cbf090-2299-4c5d-ab3c-edb9bea6260d status to inactive
accKey := accesskey.AccessKey{Id: "04cbf090-2299-4c5d-ab3c-edb9bea6260d", Status: false}
err := accesskey.Update(client, accKey)

Motivation and Context

Blocks PaloAltoNetworks/terraform-provider-prismacloud#295

How Has This Been Tested?

See above

  • New feature (non-breaking change which adds functionality)

Checklist

  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes if appropriate.
  • All new and existing tests passed.

@hi-artem hi-artem mentioned this pull request Jul 24, 2024
Open
@hi-artem
Copy link
Author

@AnushreeHS can i get a review on this?

@hi-artem
Copy link
Author

@AnushreeHS any updates on this? I see you actively merging other PRs.

@AnushreeHS
Copy link
Contributor

Hi @hi-artem Thank you for your contribution. While the pull request addresses part of the feature, further implementation of the resource and data source is necessary to fully support it. We appreciate your effort and will plan to implement this feature.

@ftbrecordspan
Copy link

@hi-artem After review, the team has determined that this approach raises concerns both regarding persistence of secret material and that the idempotency of the resulting resources. As a result, the recommendation for automated Access Key Management at this time is to work directly with the Access Key API to integrate with the secrets manager of your choice.

@hi-artem
Copy link
Author

hi-artem commented Sep 18, 2024
edited
Loading

@AnushreeHS I can implement the terraform provider support once this is merged. You can see my contributions to https://github.com/PaloAltoNetworks/terraform-provider-prismacloudcompute/graphs/contributors to get my prior experience.

I am currently waiting on merging this pull requests so I can start updating the provider. Thank you.

@hi-artem
Copy link
Author

@ftbrecordspan can you elaborate on the issue using Terraform provider to provision keys? IMO it is better for you as a vendor to implement this feature in the Terraform provider safely, rather than leave it as customer responsibility.

Furthermore, this is a blocker for people using Terraform and wanting to manage keys in automated manner.

Looking forward to your response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hi-artem @AnushreeHS @ftbrecordspan