|
| 1 | +# Example to create spaces + get registration token |
| 2 | + |
| 3 | +This example creates 3 different Mondoo Spaces in a given Mondoo Organisation and provides the user for each Space a non-expiring Mondoo Registration Token. |
| 4 | + |
| 5 | +## Prereqs |
| 6 | + |
| 7 | +- [Mondoo Platform account](https://mondoo.com/docs/platform/start/plat-start-acct/) |
| 8 | +- [Mondoo Organisation](https://mondoo.com/docs/platform/start/organize/overview/) |
| 9 | +- [Mondoo API Token](https://mondoo.com/docs/platform/maintain/access/api-tokens/) |
| 10 | + |
| 11 | +## Usage |
| 12 | + |
| 13 | +Adjust the variables `space_names` and `org_id` in `terraform.tfvars`: |
| 14 | + |
| 15 | +```coffee |
| 16 | +space_names = ["Terraform Mondoo1", "Terraform Mondoo2", "Terraform Mondoo3"] |
| 17 | +org_id = "love-mondoo-131514041515" |
| 18 | +``` |
| 19 | + |
| 20 | +Set the Mondoo API token |
| 21 | + |
| 22 | +```bash |
| 23 | +export MONDOO_API_TOKEN="InsertTokenHere" |
| 24 | +``` |
| 25 | + |
| 26 | +Initialize a working directory containing Terraform configuration files. |
| 27 | + |
| 28 | +```bash |
| 29 | +terraform init |
| 30 | + |
| 31 | +Initializing the backend... |
| 32 | + |
| 33 | +Initializing provider plugins... |
| 34 | +- Finding latest version of mondoo/mondoo... |
| 35 | +- Installing mondoo/mondoo v1.0.0... |
| 36 | +- Installed mondoo/mondoo v1.0.0 (unauthenticated) |
| 37 | + |
| 38 | +Terraform has created a lock file .terraform.lock.hcl to record the provider |
| 39 | +selections it made above. Include this file in your version control repository |
| 40 | +so that Terraform can guarantee to make the same selections by default when |
| 41 | +you run "terraform init" in the future. |
| 42 | + |
| 43 | +â•· |
| 44 | +│ Warning: Incomplete lock file information for providers |
| 45 | +│ |
| 46 | +│ Due to your customized provider installation methods, Terraform was forced to calculate lock file checksums locally for the following providers: |
| 47 | +│ - mondoo/mondoo |
| 48 | +│ |
| 49 | +│ The current .terraform.lock.hcl file only includes checksums for darwin_arm64, so Terraform running on another platform will fail to install these providers. |
| 50 | +│ |
| 51 | +│ To calculate additional checksums for another platform, run: |
| 52 | +│ terraform providers lock -platform=linux_amd64 |
| 53 | +│ (where linux_amd64 is the platform to generate) |
| 54 | +╵ |
| 55 | + |
| 56 | +Terraform has been successfully initialized! |
| 57 | + |
| 58 | +You may now begin working with Terraform. Try running "terraform plan" to see |
| 59 | +any changes that are required for your infrastructure. All Terraform commands |
| 60 | +should now work. |
| 61 | + |
| 62 | +If you ever set or change modules or backend configuration for Terraform, |
| 63 | +rerun this command to reinitialize your working directory. If you forget, other |
| 64 | +commands will detect it and remind you to do so if necessary. |
| 65 | +``` |
| 66 | +
|
| 67 | +Create an execution plan, which lets you preview the changes that the Terraform plan makes to your Mondoo Organisation: |
| 68 | +
|
| 69 | +```bash |
| 70 | +terraform plan -out plan.out |
| 71 | + |
| 72 | +Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: |
| 73 | + + create |
| 74 | + |
| 75 | +Terraform will perform the following actions: |
| 76 | + |
| 77 | + # mondoo_registration_token.token[0] will be created |
| 78 | + + resource "mondoo_registration_token" "token" { |
| 79 | + + description = "Get a mondoo registration token" |
| 80 | + + expires_at = (known after apply) |
| 81 | + + mrn = (known after apply) |
| 82 | + + no_exipration = true |
| 83 | + + result = (sensitive value) |
| 84 | + + revoked = (known after apply) |
| 85 | + + space_id = (known after apply) |
| 86 | + } |
| 87 | + |
| 88 | + # mondoo_registration_token.token[1] will be created |
| 89 | + + resource "mondoo_registration_token" "token" { |
| 90 | + + description = "Get a mondoo registration token" |
| 91 | + + expires_at = (known after apply) |
| 92 | + + mrn = (known after apply) |
| 93 | + + no_exipration = true |
| 94 | + + result = (sensitive value) |
| 95 | + + revoked = (known after apply) |
| 96 | + + space_id = (known after apply) |
| 97 | + } |
| 98 | + |
| 99 | + # mondoo_registration_token.token[2] will be created |
| 100 | + + resource "mondoo_registration_token" "token" { |
| 101 | + + description = "Get a mondoo registration token" |
| 102 | + + expires_at = (known after apply) |
| 103 | + + mrn = (known after apply) |
| 104 | + + no_exipration = true |
| 105 | + + result = (sensitive value) |
| 106 | + + revoked = (known after apply) |
| 107 | + + space_id = (known after apply) |
| 108 | + } |
| 109 | + |
| 110 | + # mondoo_space.my_space[0] will be created |
| 111 | + + resource "mondoo_space" "my_space" { |
| 112 | + + id = (known after apply) |
| 113 | + + name = "Terraform Mondoo1" |
| 114 | + + org_id = "love-mondoo-131514041515" |
| 115 | + } |
| 116 | + |
| 117 | + # mondoo_space.my_space[1] will be created |
| 118 | + + resource "mondoo_space" "my_space" { |
| 119 | + + id = (known after apply) |
| 120 | + + name = "Terraform Mondoo2" |
| 121 | + + org_id = "love-mondoo-131514041515" |
| 122 | + } |
| 123 | + |
| 124 | + # mondoo_space.my_space[2] will be created |
| 125 | + + resource "mondoo_space" "my_space" { |
| 126 | + + id = (known after apply) |
| 127 | + + name = "Terraform Mondoo3" |
| 128 | + + org_id = "love-mondoo-131514041515" |
| 129 | + } |
| 130 | + |
| 131 | +Plan: 6 to add, 0 to change, 0 to destroy. |
| 132 | + |
| 133 | +Changes to Outputs: |
| 134 | + + complete_space_setup = (sensitive value) |
| 135 | + |
| 136 | +──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── |
| 137 | + |
| 138 | +Saved the plan to: plan.out |
| 139 | + |
| 140 | +To perform exactly these actions, run the following command to apply: |
| 141 | + terraform apply "plan.out" |
| 142 | +``` |
| 143 | +
|
| 144 | +Execute the actions proposed in the Terraform plan |
| 145 | +
|
| 146 | +```bash |
| 147 | +terraform apply -auto-approve plan.out |
| 148 | + |
| 149 | +mondoo_space.my_space[2]: Creating... |
| 150 | +mondoo_space.my_space[1]: Creating... |
| 151 | +mondoo_space.my_space[0]: Creating... |
| 152 | +mondoo_space.my_space[1]: Creation complete after 1s [id=admiring-wiles-299863] |
| 153 | +mondoo_space.my_space[2]: Creation complete after 1s [id=inspiring-tesla-178593] |
| 154 | +mondoo_space.my_space[0]: Creation complete after 1s [id=sad-wescoff-418523] |
| 155 | +mondoo_registration_token.token[2]: Creating... |
| 156 | +mondoo_registration_token.token[0]: Creating... |
| 157 | +mondoo_registration_token.token[1]: Creating... |
| 158 | +mondoo_registration_token.token[0]: Creation complete after 0s |
| 159 | +mondoo_registration_token.token[1]: Creation complete after 0s |
| 160 | +mondoo_registration_token.token[2]: Creation complete after 0s |
| 161 | + |
| 162 | +Apply complete! Resources: 6 added, 0 changed, 0 destroyed. |
| 163 | + |
| 164 | +Outputs: |
| 165 | + |
| 166 | +complete_space_setup = <sensitive> |
| 167 | +``` |
| 168 | +
|
| 169 | +Extract the value of the output variable `complete_space_setup` from the state file. |
| 170 | +
|
| 171 | +```bash |
| 172 | +terraform output -json complete_space_setup | jq |
| 173 | + |
| 174 | +[ |
| 175 | + { |
| 176 | + "space-id": "sad-wescoff-418523", |
| 177 | + "space-name": "Terraform Mondoo1", |
| 178 | + "token": "eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJhcGlfZW5kcG9pbnQiOiJodHRwczovL3VzLmFwaS5tb25kb28uY29tIiwiYXVkIjpbIm1vbmRvbyJdLCJjZXJ0X3ZhbGlkX3VudGlsIjoiOTk5OS0xMi0zMVQyMzo1OTo1OVoiLCJkZXNjIjoiR2V0IGEgbW9uZG9vIHJlZ2lzdHJhdGlvbiB0b2tlbiIsImlhdCI6MTY5OTA5NDA3MiwiaXNzIjoibW9uZG9vL2FtcyIsImxhYmVscyI6bnVsbCwibmJmIjoxNjk5MDk0MDcyLCJvd25lciI6IiIsInNjb3BlIjoiLy4NTI1Iiwic3ViIjoiLy9hZ2VudHMuYXBpLm1vbmRvby5hcHAvb3JnYW5pemF0aW9ucy9zdHVwZWZpZWQtam9obnNvbi02MzExNTUvc2VydmljZWFjY291bnRzLzJYZmxFU3NJN3VPbHc2VVhUMXlsbXdhUGRrciJ9.ajcJeYC5WTX7TwJdIO8wBITXwIGHuhxp2qGVgAWKaRgKTUlbEUkua898PBJWpseDDUpRZVKMBZpQjd78xglJtd0nUiBvg2b4py3XIPlutxBAhNHar" |
| 179 | + }, |
| 180 | + { |
| 181 | + "space-id": "admiring-wiles-299863", |
| 182 | + "space-name": "Terraform Mondoo2", |
| 183 | + "token": "eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJhcGlfZW5kcG9pbnQiOiJodHRwczovL3VzHJhdGlvbiB0b2tlbiIsImlhdCI6MTY5OTA5NDA3MiwiaXNzIjoibW9uZG9vL2FtcyIsImxhYmVscyI6bnVsbCwibmJmIjoxNjk5MDk0MDcyLCJvd25lciI6IiIsInNjb3BlIjoiLy9jYXB0YWluLmFwaS5tb25kb28uYXBwL3NwYWNlcy9hZG1pcmluZy13aWxlcy0yOTk4NjQiLCJzcGFjZSI6Ii8vY2FwdGFpbi5hcGkubW9uZG9vLmFwcC9zcGFjZXMvYWRtaXJpbmctd2lsZXMtMjk5ODY0Iiwic3ViIjoiLy9hZ2VudHMuYXBpLm1vbmRvby5hcHAvb3JnYW5pemF0aW9ucy9zdHVwZWZpZWQtam9obnNvbi02MzExNTUvc2VydmljZWFjY291bnRzLzJYZmxFU3NJN3VPbHc2VVhUMXlsbXdhUGRrciJ9.Dq98j1sWXShNxhWXJC0aqZsbcqcOyDH3SQdwU7S67bh_qQMgYS8WSQgM_0QmbVNOBYg3mNVEr2lwB45w105zXkvADk_KBpXgfIHS3rXQXJIK" |
| 184 | + }, |
| 185 | + { |
| 186 | + "space-id": "inspiring-tesla-178593", |
| 187 | + "space-name": "Terraform Mondoo3", |
| 188 | + "token": "eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJhcGlfZW5kcG9pbnQiOiJodHRwczovL3VzLmFwaS5tb25kb28uY29tIiwiYXVkIjpbIm1vbmRvbyJdLCJjZXJ0X3ZhbGlkX3VudGlsIjoiOTk5OS0xMi0zMVQyMzo1OTo1OVoiLCJkZXNjIjoiR2V0IGEgbW9uZG9vIHJlZ2lzdHJhdGlvbiB0b2tlbiIsImlhdCI6MTY5OTA5NDA3MiwiaXNzIjoibW9uZG9vL2FtcyIsImxhYmVscyI6bnVsbCwibmJmIjoxNjk5MDk0MDcyLCJvd25lciI6IiIsInNjb3BlIjopcmluZy10ZXNsYS0xNzg1OTIiLCJzdWIiOiIvL2FnZW50cy5hcGkubW9uZG9vLmFwcC9vcmdhbml6YXRpb25zL3N0dXBlZmllZC1qb2huc29uLTYzMTE1NS9zZXJ2aWNlYWNjb3VudHMvMlhmbEVTc0k3dUmaFeCIKxr6xbSDqNRIzEwSDVlx7TO2AVQm9w-k0hy8jCkfjXk6VBGwFOtz9TiWHeoQZz8igh5pOoeQwc-TjglUZx" |
| 189 | + } |
| 190 | +] |
| 191 | +``` |
0 commit comments