diff --git a/README.md b/README.md index 161e0d0..a8ed13f 100644 --- a/README.md +++ b/README.md @@ -147,7 +147,7 @@ You need the following permissions to run this module. | [active\_session\_timeout](#input\_active\_session\_timeout) | Specify how long (seconds) a user is allowed to work continuously in the account | `number` | `"86400"` | no | | [allowed\_ip\_addresses](#input\_allowed\_ip\_addresses) | List of the IP addresses and subnets from which IAM tokens can be created for the account. | `list(any)` | `[]` | no | | [api\_creation](#input\_api\_creation) | When restriction is enabled, only users, including the account owner, assigned the User API key creator role on the IAM Identity Service can create API keys. Allowed values are 'RESTRICTED', 'NOT\_RESTRICTED', or 'NOT\_SET' (to 'unset' a previous set value). | `string` | `"RESTRICTED"` | no | -| [cbr\_zones](#input\_cbr\_zones) | A list of CBR zones created by the module |
list(object({| `[]` | no | +| [cbr\_zones](#input\_cbr\_zones) | A list of CBR zones created by the module |
account_id = optional(string)
addresses = optional(list(object({
type = optional(string)
value = optional(string)
ref = optional(object({
account_id = string
location = optional(string)
service_instance = optional(string)
service_name = optional(string)
service_type = optional(string)
}))
})), [])
excluded_addresses = optional(list(object({
type = optional(string)
value = optional(string)
})), [])
name = string
zone_description = optional(string, null)
}))
list(object({| `[]` | no | | [enforce\_allowed\_ip\_addresses](#input\_enforce\_allowed\_ip\_addresses) | If true IP address restriction will be enforced, If false, traffic originated outside specified allowed IP address set is monitored with audit events sent to SIEM and Activity Tracker. After running in monitored mode to test this variable, it should then explicitly be set to true to enforce IP allow listing. | `bool` | `true` | no | | [inactive\_session\_timeout](#input\_inactive\_session\_timeout) | Specify how long (seconds) a user is allowed to stay logged in the account while being inactive/idle | `string` | `"7200"` | no | | [max\_sessions\_per\_identity](#input\_max\_sessions\_per\_identity) | Defines the maximum allowed sessions per identity required by the account. Supports any whole number greater than '0', or 'NOT\_SET' to unset account setting and use service default. | `string` | `"NOT_SET"` | no | @@ -157,7 +157,7 @@ You need the following permissions to run this module. | [serviceid\_creation](#input\_serviceid\_creation) | When restriction is enabled, only users, including the account owner, assigned the Service ID creator role on the IAM Identity Service can create service IDs. Allowed values are 'RESTRICTED', 'NOT\_RESTRICTED', or 'NOT\_SET' (to 'unset' a previous set value). | `string` | `"RESTRICTED"` | no | | [shell\_settings\_enabled](#input\_shell\_settings\_enabled) | Enable global shell settings to all users in the account. If `skip_cloud_shell_calls` is set to true, then this setting is ignored. | `bool` | `false` | no | | [skip\_cloud\_shell\_calls](#input\_skip\_cloud\_shell\_calls) | Skip Cloud Shell calls in the account. | `bool` | `false` | no | -| [user\_mfa](#input\_user\_mfa) | Specify Multi-Factor Authentication method for specific users the account. Supported valid values are 'NONE' (No MFA trait set), 'TOTP' (For all non-federated IBMId users), 'TOTP4ALL' (For all users), 'LEVEL1' (Email based MFA for all users), 'LEVEL2' (TOTP based MFA for all users), 'LEVEL3' (U2F MFA for all users). Example of format is available here > https://github.com/terraform-ibm-modules/terraform-ibm-iam-account-settings#usage |
account_id = optional(string)
addresses = optional(list(object({
type = optional(string)
value = optional(string)
ref = optional(object({
account_id = string
location = optional(string)
service_instance = optional(string)
service_name = optional(string)
service_type = optional(string)
}))
})), [])
excluded_addresses = optional(list(object({
type = optional(string)
value = optional(string)
})), [])
name = string
zone_description = optional(string, null)
}))
set(object({| `[]` | no | +| [user\_mfa](#input\_user\_mfa) | Specify Multi-Factor Authentication method for specific users the account. Supported valid values are 'NONE' (No MFA trait set), 'TOTP' (For all non-federated IBMId users), 'TOTP4ALL' (For all users), 'LEVEL1' (Email based MFA for all users), 'LEVEL2' (TOTP based MFA for all users), 'LEVEL3' (U2F MFA for all users). Example of format is available here > https://github.com/terraform-ibm-modules/terraform-ibm-iam-account-settings#usage |
iam_id = string
mfa = string
}))
set(object({| `[]` | no | | [user\_mfa\_reset](#input\_user\_mfa\_reset) | Set to true to delete all user MFA settings configured in the targeted account, and ignoring entries declared in var `user_mfa` | `bool` | `false` | no | ### Outputs diff --git a/common-dev-assets b/common-dev-assets index a37321f..0685378 160000 --- a/common-dev-assets +++ b/common-dev-assets @@ -1 +1 @@ -Subproject commit a37321f54a2c540e57a6f5d7340d92695c73a233 +Subproject commit 0685378a4627ae6f3e5eb43ed9e7658aadeac39d diff --git a/tests/go.mod b/tests/go.mod index 0d9c726..4195aae 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -1,12 +1,12 @@ module github.com/terraform-ibm-modules/terraform-ibm-iam-account-settings -go 1.22 +go 1.22.0 toolchain go1.23.1 require ( github.com/stretchr/testify v1.9.0 - github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.38.2 + github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.38.3 ) require ( @@ -17,10 +17,10 @@ require ( cloud.google.com/go/storage v1.30.1 // indirect dario.cat/mergo v1.0.0 // indirect github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be // indirect - github.com/IBM-Cloud/power-go-client v1.7.1 // indirect + github.com/IBM-Cloud/power-go-client v1.8.1 // indirect github.com/IBM/cloud-databases-go-sdk v0.7.0 // indirect github.com/IBM/go-sdk-core/v5 v5.17.5 // indirect - github.com/IBM/platform-services-go-sdk v0.69.0 // indirect + github.com/IBM/platform-services-go-sdk v0.69.1 // indirect github.com/IBM/project-go-sdk v0.3.0 // indirect github.com/IBM/vpc-go-sdk v1.0.2 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect diff --git a/tests/go.sum b/tests/go.sum index 0e082f2..3f8cc73 100644 --- a/tests/go.sum +++ b/tests/go.sum @@ -191,15 +191,15 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be h1:USOcBHkYQ4o/ccoEvoHinrba8NQthLJpFXnAoBY+MI4= github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be/go.mod h1:/7hMjdZA6fEpd/dQAOEABxKEwN0t72P3PlpEDu0Y7bE= -github.com/IBM-Cloud/power-go-client v1.7.1 h1:LDEqMGH3KoxgoYfWWM/hG+2fBzy05KFCWygis2fcT3M= -github.com/IBM-Cloud/power-go-client v1.7.1/go.mod h1:bJZ0gP3MHPNewMFVDXW73/8lJFxXOf8MQR8JaeTyrYo= +github.com/IBM-Cloud/power-go-client v1.8.1 h1:tx1aPJmIQrNru1MD1VHGNasGx3eRIs0zzPZ0KvdFQrg= +github.com/IBM-Cloud/power-go-client v1.8.1/go.mod h1:N4RxrsMUvBQjSQ/qPk0iMZ8zK+fZPRTnHi/gTaASw0g= github.com/IBM/cloud-databases-go-sdk v0.7.0 h1:prvLebKD1kcIk81D6yRhOr/TWp1VQJGLhGAasQr7RtA= github.com/IBM/cloud-databases-go-sdk v0.7.0/go.mod h1:JYucI1PdwqbAd8XGdDAchxzxRP7bxOh1zUnseovHKsc= github.com/IBM/go-sdk-core/v5 v5.9.2/go.mod h1:YlOwV9LeuclmT/qi/LAK2AsobbAP42veV0j68/rlZsE= github.com/IBM/go-sdk-core/v5 v5.17.5 h1:AjGC7xNee5tgDIjndekBDW5AbypdERHSgib3EZ1KNsA= github.com/IBM/go-sdk-core/v5 v5.17.5/go.mod h1:KsAAI7eStAWwQa4F96MLy+whYSh39JzNjklZRbN/8ns= -github.com/IBM/platform-services-go-sdk v0.69.0 h1:SYpLydPWawyhfFxgDTAc5JqWHywkrzJeIsKtc7t/2YE= -github.com/IBM/platform-services-go-sdk v0.69.0/go.mod h1:6rYd3stLSnotYmZlxclw45EJPaQuLmh5f7c+Mg7rOg4= +github.com/IBM/platform-services-go-sdk v0.69.1 h1:Wb8BYVpsPIppWbOQCgF7ytm+BbSOXdWWCf9zcZ6xGA4= +github.com/IBM/platform-services-go-sdk v0.69.1/go.mod h1:ZP3zUDxR1qRdUqzFdnJOlQN0QpVYol2eOUCv4uk03Jc= github.com/IBM/project-go-sdk v0.3.0 h1:lZR4wT6UCsOZ8QkEBITrfM6OZkLlL70/HXiPxF/Olt4= github.com/IBM/project-go-sdk v0.3.0/go.mod h1:FOJM9ihQV3EEAY6YigcWiTNfVCThtdY8bLC/nhQHFvo= github.com/IBM/vpc-go-sdk v1.0.2 h1:WhI1Cb8atA8glUdFg0SEUh9u8afjnKHxZAj9onQBi04= @@ -613,8 +613,8 @@ github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.38.2 h1:iTmJxQFJriMnKTDtwtaHpdPU79NJCyCNfdUfUcMWkcE= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.38.2/go.mod h1:N5Dykk5JzqG1Z3fnxpX4P6zCWLzUYVpnNN/wyF2X4NQ= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.38.3 h1:OqAlDE4JQQrevxNcz3DYhuRSlbM+nd99OkcLoBsYaM4= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.38.3/go.mod h1:C2QuvDK/lX7xwDu8hwSszpGW4gTbeTRXKymSAMDjAKA= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmccombs/hcl2json v0.5.0 h1:cT2sXStOzKL06c8ZTf9vh+0N8GKGzV7+9RUaY5/iUP8= github.com/tmccombs/hcl2json v0.5.0/go.mod h1:B0ZpBthAKbQur6yZRKrtaqDmYLCvgnwHOBApE0faCpU=
iam_id = string
mfa = string
}))