terraform-provider-datadog
terraform-provider-datadog copied to clipboard
DataDog
Feature Request: Add support to upload the SAML IdP metadata
Hi,
It would be useful to have a resource to update the SAML IdP metadata. We can configure everything around SAML with datadog_organization_settings, except the IdP metadata.
This is the API that can be used: https://docs.datadoghq.com/api/latest/organizations/#upload-idp-metadata
Thanks.
Can we have an code for idp_metadata_file upload for datadog_organisation in terraform?
I am also looking for the ability to work with this API endpoint in terraform.
Does anyone have a decent work around in the meantime? Maybe a proof of concept for running some sort of local-exec that makes a curl/python/etc. call to the API directly?
I am also looking for the ability to work with this API endpoint in terraform.
Does anyone have a decent work around in the meantime? Maybe a proof of concept for running some sort of local-exec that makes a curl/python/etc. call to the API directly?
We're using this at the moment. Also takes into account rate limiting that Datadog has implemented.
idp_metadata_url = "https://login.microsoftonline.com/<AZURE_TENANT_ID>/federationmetadata/2007-06/federationmetadata.xml?appid=<AZURE_APP_ID>"
provisioner "local-exec" {
environment = {
DD_API_KEY = ""
DD_APPLICATION_KEY = ""
}
command = <<-EOC
curl --silent --fail --request POST "https://api.datadoghq.eu/api/v2/saml_configurations/idp_metadata" \
--header "Content-Type: application/xml" \
--header "DD-API-KEY: $DD_API_KEY" \
--header "DD-APPLICATION-KEY: $DD_APPLICATION_KEY" \
--retry 5 \
--retry-delay 30 \
--data "$(curl --silent --fail "${local.idp_metadata_url}" | tail -c +4)"
EOC
}
}
tail -c +4 is in there because Azure adds an XML BOM to the download which isn't accepted by Datadog's API. Funny fact, the BOM isn't in there when you download it via your browser 🤨 .
