examples: improve the examples

Author: shanye997

examples/complete/main.tf

@@ -2,33 +2,15 @@ provider "alicloud" {
   region = "cn-shanghai"
 }
 
-// create a new directory
-module "cloud_sso_directory" {
-  source = "../../"
-
-  #alicloud_cloud_sso_directory
-  create_directory = true
-
-  directory_name                       = var.directory_name
-  mfa_authentication_status            = var.mfa_authentication_status
-  scim_synchronization_status          = var.scim_synchronization_status
-  saml_identity_provider_configuration = var.saml_identity_provider_configuration
-
-  #alicloud_cloud_sso_group
-  create_group = false
-
-  #alicloud_cloud_sso_user
-  create_user = false
-
-  #alicloud_cloud_sso_user_attachment
-  add_user_to_group = false
+data "alicloud_cloud_sso_directories" "default" {
 
-  #alicloud_cloud_sso_access_configuration
-  create_access_configuration = false
+}
 
+locals {
+  directory_id = try(data.alicloud_cloud_sso_directories.default.directories[0].id, "")
 }
 
-// create a new group using existing directory
+# create a new group using existing directory
 module "cloud_sso_group" {
   source = "../../"
 
@@ -38,7 +20,7 @@ module "cloud_sso_group" {
   #alicloud_cloud_sso_group
   create_group = true
 
-  directory_id = module.cloud_sso_directory.directory_id
+  directory_id = local.directory_id
   group_name   = var.group_name
   description  = var.description
 
@@ -53,7 +35,7 @@ module "cloud_sso_group" {
 
 }
 
-// create a list new users and add users into existing group
+# create a list new users and add users into existing group
 module "cloud_sso_user" {
   source = "../../"
 
@@ -66,7 +48,7 @@ module "cloud_sso_user" {
   #alicloud_cloud_sso_user
   create_user = true
 
-  directory_id = module.cloud_sso_directory.directory_id
+  directory_id = local.directory_id
   users        = var.users
 
   #alicloud_cloud_sso_user_attachment
@@ -79,7 +61,7 @@ module "cloud_sso_user" {
 
 }
 
-// create a list new access configurations
+# create a list new access configurations
 module "cloud_sso_access_configuration" {
   source = "../../"
 
@@ -98,7 +80,7 @@ module "cloud_sso_access_configuration" {
   #alicloud_cloud_sso_access_configuration
   create_access_configuration = true
 
-  directory_id          = module.cloud_sso_directory.directory_id
+  directory_id          = local.directory_id
   access_configurations = var.access_configurations
 
 }

examples/complete/outputs.tf

@@ -1,6 +1,6 @@
 output "directory_id" {
   description = "The id of cloud sso directory."
-  value       = module.cloud_sso_directory.directory_id
+  value       = local.directory_id
 }
 
 output "group_id" {
@@ -26,4 +26,4 @@ output "user_resource_ids" {
 output "access_configuration_ids" {
   description = "List of ids of cloud sso access configuration."
   value       = module.cloud_sso_access_configuration.access_configuration_ids
-}
+}

examples/complete/variables.tf

@@ -1,34 +1,3 @@
-#####################
-# Cloud SSO Directory
-#####################
-variable "directory_name" {
-  description = "The name of a new cloud sso directory."
-  type        = string
-  default     = "tf-testacc-directory"
-}
-
-variable "mfa_authentication_status" {
-  description = "The mfa authentication status. Valid values: Enabled or Disabled. Default to Enabled."
-  type        = string
-  default     = "Enabled"
-}
-
-variable "scim_synchronization_status" {
-  description = "The scim synchronization status. Valid values: Enabled or Disabled. Default to Disabled."
-  type        = string
-  default     = "Disabled"
-}
-
-variable "saml_identity_provider_configuration" {
-  description = "The saml identity provider configuration. See: https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cloud_sso_directory#saml_identity_provider_configuration"
-  type        = list(map(string))
-  default = [
-    {
-      sso_status                = "Disabled"
-      encoded_metadata_document = ""
-    }
-  ]
-}
 
 #####################
 # Cloud SSO Group

examples/complete/versions.tf

@@ -0,0 +1,8 @@
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+    alicloud = {
+      source = "hashicorp/alicloud"
+    }
+  }
+}

locals.tf

@@ -1,6 +1,6 @@
 locals {
   # Get ID of cloud sso resources
-  this_directory_id = var.create_directory ? concat(alicloud_cloud_sso_directory.this.*.id, [""])[0] : var.directory_id
-  this_user_ids     = var.create_user ? alicloud_cloud_sso_user.this.*.user_id : var.add_user_to_group ? var.users.*.user_id : []
-  this_group_id     = var.create_group ? concat(alicloud_cloud_sso_group.this.*.group_id, [""])[0] : var.group_id
+  this_directory_id = var.create_directory ? concat(alicloud_cloud_sso_directory.this[*].id, [""])[0] : var.directory_id
+  this_user_ids     = var.create_user ? alicloud_cloud_sso_user.this[*].user_id : var.add_user_to_group ? var.users[*].user_id : []
+  this_group_id     = var.create_group ? concat(alicloud_cloud_sso_group.this[*].group_id, [""])[0] : var.group_id
 }

main.tf

@@ -26,7 +26,7 @@ resource "alicloud_cloud_sso_group" "this" {
 resource "alicloud_cloud_sso_user" "this" {
   count        = var.create_user ? length(var.users) : 0
   directory_id = local.this_directory_id
-  user_name    = lookup(var.users[count.index], "user_name", )
+  user_name    = var.users[count.index]["user_name"]
   description  = lookup(var.users[count.index], "description", null)
   display_name = lookup(var.users[count.index], "display_name", null)
   email        = lookup(var.users[count.index], "email", null)
@@ -47,17 +47,17 @@ resource "alicloud_cloud_sso_user_attachment" "this" {
 resource "alicloud_cloud_sso_access_configuration" "this" {
   count                     = var.create_access_configuration ? length(var.access_configurations) : 0
   directory_id              = local.this_directory_id
-  access_configuration_name = lookup(var.access_configurations[count.index], "access_configuration_name", )
-  description               = lookup(var.access_configurations[count.index], "description", )
+  access_configuration_name = var.access_configurations[count.index]["access_configuration_name"]
+  description               = var.access_configurations[count.index]["description"]
   dynamic "permission_policies" {
-    for_each = lookup(var.access_configurations[count.index], "permission_policies", )
+    for_each = var.access_configurations[count.index]["permission_policies"]
     content {
       permission_policy_document = permission_policies.value.permission_policy_document
       permission_policy_type     = lookup(permission_policies.value, "permission_policy_type", "Inline")
       permission_policy_name     = permission_policies.value.permission_policy_name
     }
   }
-  relay_state                      = lookup(var.access_configurations[count.index], "relay_state", )
-  session_duration                 = lookup(var.access_configurations[count.index], "session_duration", )
+  relay_state                      = var.access_configurations[count.index]["relay_state"]
+  session_duration                 = var.access_configurations[count.index]["session_duration"]
   force_remove_permission_policies = lookup(var.access_configurations[count.index], "force_remove_permission_policies", true)
 }

outputs.tf

@@ -25,5 +25,5 @@ output "user_resource_ids" {
 
 output "access_configuration_ids" {
   description = "List of ids of cloud sso access configuration."
-  value       = alicloud_cloud_sso_access_configuration.this.*.access_configuration_id
+  value       = alicloud_cloud_sso_access_configuration.this[*].access_configuration_id
 }

versions.tf

@@ -1,3 +1,8 @@
 terraform {
   required_version = ">= 0.13"
-}
+  required_providers {
+    alicloud = {
+      source = "hashicorp/alicloud"
+    }
+  }
+}