Revert "[datadog_user] Add service account support (#1490)" (#1586)

This reverts commit 26bab4c.

Author: skarimo

datadog/resource_datadog_application_key.go

@@ -2,7 +2,6 @@ package datadog
 
 import (
 	"context"
-	"net/http"
 
 	"github.com/terraform-providers/terraform-provider-datadog/datadog/internal/utils"
 
@@ -28,12 +27,6 @@ func resourceDatadogApplicationKey() *schema.Resource {
 				Type:        schema.TypeString,
 				Required:    true,
 			},
-			"service_account": {
-				Description: "ID of a service account that owns the Application Key.",
-				Type:        schema.TypeString,
-				ForceNew:    true,
-				Optional:    true,
-			},
 			"key": {
 				Description: "The value of the Application Key.",
 				Type:        schema.TypeString,
@@ -73,32 +66,12 @@ func updateApplicationKeyState(d *schema.ResourceData, applicationKeyData *datad
 	return nil
 }
 
-func updatePartialApplicationKeyState(d *schema.ResourceData, applicationKeyData *datadogV2.PartialApplicationKey) diag.Diagnostics {
-	applicationKeyAttributes := applicationKeyData.GetAttributes()
-
-	if err := d.Set("name", applicationKeyAttributes.GetName()); err != nil {
-		return diag.FromErr(err)
-	}
-	return nil
-}
-
 func resourceDatadogApplicationKeyCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	providerConf := meta.(*ProviderConfiguration)
 	apiInstances := providerConf.DatadogApiInstances
 	auth := providerConf.Auth
 
-	var resp datadogV2.ApplicationKeyResponse
-	var httpResponse *http.Response
-	var err error
-
-	req := buildDatadogApplicationKeyCreateV2Struct(d)
-
-	if v, ok := d.GetOk("service_account"); ok {
-		resp, httpResponse, err = apiInstances.GetServiceAccountsApiV2().CreateServiceAccountApplicationKey(auth, v.(string), *req)
-	} else {
-		resp, httpResponse, err = apiInstances.GetKeyManagementApiV2().CreateCurrentUserApplicationKey(auth, *req)
-	}
-
+	resp, httpResponse, err := apiInstances.GetKeyManagementApiV2().CreateCurrentUserApplicationKey(auth, *buildDatadogApplicationKeyCreateV2Struct(d))
 	if err != nil {
 		return utils.TranslateClientErrorDiag(err, httpResponse, "error creating application key")
 	}
@@ -114,68 +87,37 @@ func resourceDatadogApplicationKeyRead(ctx context.Context, d *schema.ResourceDa
 	apiInstances := providerConf.DatadogApiInstances
 	auth := providerConf.Auth
 
-	if v, ok := d.GetOk("service_account"); ok {
-		resp, httpResponse, err := apiInstances.GetServiceAccountsApiV2().GetServiceAccountApplicationKey(auth, v.(string), d.Id())
-		if err != nil {
-			if httpResponse != nil && httpResponse.StatusCode == 404 {
-				d.SetId("")
-				return nil
-			}
-			return utils.TranslateClientErrorDiag(err, httpResponse, "error getting application key")
-		}
-		applicationKeyData := resp.GetData()
-		return updatePartialApplicationKeyState(d, &applicationKeyData)
-	} else {
-		resp, httpResponse, err := apiInstances.GetKeyManagementApiV2().GetCurrentUserApplicationKey(auth, d.Id())
-		if err != nil {
-			if httpResponse != nil && httpResponse.StatusCode == 404 {
-				d.SetId("")
-				return nil
-			}
-			return utils.TranslateClientErrorDiag(err, httpResponse, "error getting application key")
+	resp, httpResponse, err := apiInstances.GetKeyManagementApiV2().GetCurrentUserApplicationKey(auth, d.Id())
+	if err != nil {
+		if httpResponse != nil && httpResponse.StatusCode == 404 {
+			d.SetId("")
+			return nil
 		}
-		applicationKeyData := resp.GetData()
-		return updateApplicationKeyState(d, &applicationKeyData)
+		return utils.TranslateClientErrorDiag(err, httpResponse, "error getting application key")
 	}
+	applicationKeyData := resp.GetData()
+	return updateApplicationKeyState(d, &applicationKeyData)
 }
 
 func resourceDatadogApplicationKeyUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	providerConf := meta.(*ProviderConfiguration)
 	apiInstances := providerConf.DatadogApiInstances
 	auth := providerConf.Auth
 
-	if v, ok := d.GetOk("service_account"); ok {
-		resp, httpResponse, err := apiInstances.GetServiceAccountsApiV2().UpdateServiceAccountApplicationKey(auth, v.(string), d.Id(), *buildDatadogApplicationKeyUpdateV2Struct(d))
-		if err != nil {
-			return utils.TranslateClientErrorDiag(err, httpResponse, "error updating application key")
-		}
-		applicationKeyData := resp.GetData()
-		return updatePartialApplicationKeyState(d, &applicationKeyData)
-	} else {
-		resp, httpResponse, err := apiInstances.GetKeyManagementApiV2().UpdateCurrentUserApplicationKey(auth, d.Id(), *buildDatadogApplicationKeyUpdateV2Struct(d))
-		if err != nil {
-			return utils.TranslateClientErrorDiag(err, httpResponse, "error updating application key")
-		}
-		applicationKeyData := resp.GetData()
-		return updateApplicationKeyState(d, &applicationKeyData)
+	resp, httpResponse, err := apiInstances.GetKeyManagementApiV2().UpdateCurrentUserApplicationKey(auth, d.Id(), *buildDatadogApplicationKeyUpdateV2Struct(d))
+	if err != nil {
+		return utils.TranslateClientErrorDiag(err, httpResponse, "error updating application key")
 	}
+	applicationKeyData := resp.GetData()
+	return updateApplicationKeyState(d, &applicationKeyData)
 }
 
 func resourceDatadogApplicationKeyDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	providerConf := meta.(*ProviderConfiguration)
 	apiInstances := providerConf.DatadogApiInstances
 	auth := providerConf.Auth
 
-	var httpResponse *http.Response
-	var err error
-
-	if v, ok := d.GetOk("service_account"); ok {
-		httpResponse, err = apiInstances.GetServiceAccountsApiV2().DeleteServiceAccountApplicationKey(auth, v.(string), d.Id())
-	} else {
-		httpResponse, err = apiInstances.GetKeyManagementApiV2().DeleteCurrentUserApplicationKey(auth, d.Id())
-	}
-
-	if err != nil {
+	if httpResponse, err := apiInstances.GetKeyManagementApiV2().DeleteCurrentUserApplicationKey(auth, d.Id()); err != nil {
 		return utils.TranslateClientErrorDiag(err, httpResponse, "error deleting application key")
 	}
 

datadog/resource_datadog_user.go

@@ -3,7 +3,6 @@ package datadog
 import (
 	"context"
 	"log"
-	"net/http"
 
 	"github.com/terraform-providers/terraform-provider-datadog/datadog/internal/utils"
 
@@ -56,14 +55,6 @@ func resourceDatadogUser() *schema.Resource {
 					return d.Id() != ""
 				},
 			},
-			"service_account": {
-				Description:   "Whether the user is a service account.",
-				Type:          schema.TypeBool,
-				Optional:      true,
-				Default:       false,
-				ForceNew:      true,
-				ConflictsWith: []string{"send_user_invitation"},
-			},
 			"verified": {
 				Description: "Returns `true` if the user is verified.",
 				Type:        schema.TypeBool,
@@ -78,7 +69,16 @@ func resourceDatadogUser() *schema.Resource {
 	}
 }
 
-func buildDatadogUserV2UserRelationships(d *schema.ResourceData) *datadogV2.UserRelationships {
+func buildDatadogUserV2Struct(d *schema.ResourceData) *datadogV2.UserCreateRequest {
+	userAttributes := datadogV2.NewUserCreateAttributesWithDefaults()
+	userAttributes.SetEmail(d.Get("email").(string))
+	if v, ok := d.GetOk("name"); ok {
+		userAttributes.SetName(v.(string))
+	}
+
+	userCreate := datadogV2.NewUserCreateDataWithDefaults()
+	userCreate.SetAttributes(*userAttributes)
+
 	roles := d.Get("roles").(*schema.Set).List()
 	rolesData := make([]datadogV2.RelationshipToRoleData, len(roles))
 	for i, role := range roles {
@@ -92,46 +92,14 @@ func buildDatadogUserV2UserRelationships(d *schema.ResourceData) *datadogV2.User
 
 	userRelationships := datadogV2.NewUserRelationships()
 	userRelationships.SetRoles(*toRoles)
-	return userRelationships
-}
-
-func buildDatadogUserV2Struct(d *schema.ResourceData) *datadogV2.UserCreateRequest {
-	userAttributes := datadogV2.NewUserCreateAttributesWithDefaults()
-	userAttributes.SetEmail(d.Get("email").(string))
-	if v, ok := d.GetOk("name"); ok {
-		userAttributes.SetName(v.(string))
-	}
-
-	userCreate := datadogV2.NewUserCreateDataWithDefaults()
-	userCreate.SetAttributes(*userAttributes)
-
-	userCreate.SetRelationships(*buildDatadogUserV2UserRelationships(d))
+	userCreate.SetRelationships(*userRelationships)
 
 	userRequest := datadogV2.NewUserCreateRequestWithDefaults()
 	userRequest.SetData(*userCreate)
 
 	return userRequest
 }
 
-func buildDatadogServiceAccountV2Struct(d *schema.ResourceData) *datadogV2.ServiceAccountCreateRequest {
-	serviceAccountAttributes := datadogV2.NewServiceAccountCreateAttributesWithDefaults()
-	serviceAccountAttributes.SetServiceAccount(true)
-	serviceAccountAttributes.SetEmail(d.Get("email").(string))
-	if v, ok := d.GetOk("name"); ok {
-		serviceAccountAttributes.SetName(v.(string))
-	}
-
-	serviceAccountCreate := datadogV2.NewServiceAccountCreateDataWithDefaults()
-	serviceAccountCreate.SetAttributes(*serviceAccountAttributes)
-
-	serviceAccountCreate.SetRelationships(*buildDatadogUserV2UserRelationships(d))
-
-	serviceAccountRequest := datadogV2.NewServiceAccountCreateRequestWithDefaults()
-	serviceAccountRequest.SetData(*serviceAccountCreate)
-
-	return serviceAccountRequest
-}
-
 func buildDatadogUserV2UpdateStruct(d *schema.ResourceData, userID string) *datadogV2.UserUpdateRequest {
 	userAttributes := datadogV2.NewUserUpdateAttributesWithDefaults()
 	userAttributes.SetEmail(d.Get("email").(string))
@@ -189,24 +157,13 @@ func resourceDatadogUserCreate(ctx context.Context, d *schema.ResourceData, meta
 	apiInstances := providerConf.DatadogApiInstances
 	auth := providerConf.Auth
 
+	userRequest := buildDatadogUserV2Struct(d)
 	var userID string
 	updated := false
 
-	var createResponse datadogV2.UserResponse
-	var httpresp *http.Response
-	var err error
-
-	if d.Get("service_account").(bool) {
-		d.Set("send_user_invitation", false)
-		serviceAccountRequest := buildDatadogServiceAccountV2Struct(d)
-		createResponse, httpresp, err = apiInstances.GetUsersApiV2().CreateServiceAccount(auth, *serviceAccountRequest)
-	} else {
-		userRequest := buildDatadogUserV2Struct(d)
-		createResponse, httpresp, err = apiInstances.GetUsersApiV2().CreateUser(auth, *userRequest)
-	}
-
 	// Datadog does not actually delete users, so CreateUser might return a 409.
 	// We ignore that case and proceed, likely re-enabling the user.
+	createResponse, httpresp, err := apiInstances.GetUsersApiV2().CreateUser(auth, *userRequest)
 	if err != nil {
 		if httpresp == nil || httpresp.StatusCode != 409 {
 			return utils.TranslateClientErrorDiag(err, httpresp, "error creating user")
@@ -227,7 +184,7 @@ func resourceDatadogUserCreate(ctx context.Context, d *schema.ResourceData, meta
 		responseData := listResponse.GetData()
 		if len(responseData) > 1 {
 			for _, user := range responseData {
-				if user.Attributes.GetEmail() == email && user.Attributes.GetServiceAccount() == d.Get("service_account").(bool) {
+				if user.Attributes.GetEmail() == email {
 					existingUser = &user
 					break
 				}
@@ -337,9 +294,6 @@ func updateUserStateV2(d *schema.ResourceData, user *datadogV2.UserResponse) dia
 	if err := d.Set("disabled", userAttributes.GetDisabled()); err != nil {
 		return diag.FromErr(err)
 	}
-	if err := d.Set("service_account", userAttributes.GetServiceAccount()); err != nil {
-		return diag.FromErr(err)
-	}
 	roles := make([]string, len(userRoles))
 	for i, userRole := range userRoles {
 		roles[i] = userRole.GetId()