From 7a682b8374d727faaf7dd7856422d238ee7e70fd Mon Sep 17 00:00:00 2001
From: William <3422794+FriedCircuits@users.noreply.github.com>
Date: Thu, 10 Mar 2022 06:22:35 +0000
Subject: [PATCH] Jumpcloud user and group management module

---
 README.md                                   |  3 ++
 modules/jumpcloud/users-groups/README.md    | 28 +++++++++++++++
 modules/jumpcloud/users-groups/main.tf      | 39 +++++++++++++++++++++
 modules/jumpcloud/users-groups/outputs.tf   |  7 ++++
 modules/jumpcloud/users-groups/variables.tf | 19 ++++++++++
 modules/jumpcloud/users-groups/versions.tf  | 10 ++++++
 6 files changed, 106 insertions(+)
 create mode 100644 modules/jumpcloud/users-groups/README.md
 create mode 100644 modules/jumpcloud/users-groups/main.tf
 create mode 100644 modules/jumpcloud/users-groups/outputs.tf
 create mode 100644 modules/jumpcloud/users-groups/variables.tf
 create mode 100644 modules/jumpcloud/users-groups/versions.tf

diff --git a/README.md b/README.md
index f53a039..2dfdbc2 100644
--- a/README.md
+++ b/README.md
@@ -9,3 +9,6 @@ Hodgepodge of Terraform modules.
     * K8s-At-Home     - Deploy a chart from the k8s-at-home helm repo
     * Traefik Ingress - Creats Ingress CRDs for host based routing
     * Helm Chart      - Deploy any helm chart
+
+* JumpCloud
+   * Users and Groups - Manage users and group membership
diff --git a/modules/jumpcloud/users-groups/README.md b/modules/jumpcloud/users-groups/README.md
new file mode 100644
index 0000000..5e29d02
--- /dev/null
+++ b/modules/jumpcloud/users-groups/README.md
@@ -0,0 +1,28 @@
+# JumpCloud User and Group Management Module
+
+Using the JumpCloud provider this module will create users and groups, and assign them appropriately.
+
+
+## Users and Groups Variable Format
+
+```hcl
+groups = ["group1", "group2"]
+
+users = {
+    user1 = {
+      email     = "user1@example.com"
+      lastname  = "smith"
+      firstname = "john"
+      groups    = ["group1","group2"]
+      mfa       = true
+    },
+    user2 = {
+      email     = "user2@example.com"
+      lastname  = "smith"
+      firstname = "jane"
+      groups    = ["group1"]
+      mfa       = false
+    }
+  }
+}
+```
diff --git a/modules/jumpcloud/users-groups/main.tf b/modules/jumpcloud/users-groups/main.tf
new file mode 100644
index 0000000..c618c68
--- /dev/null
+++ b/modules/jumpcloud/users-groups/main.tf
@@ -0,0 +1,39 @@
+provider "jumpcloud" {
+  org_id  = var.jumpcloud_org_id
+  api_key = var.jumpcloud_api
+}
+
+resource "jumpcloud_user" "users" {
+  for_each = var.users
+
+  username   = each.key
+  email      = each.value["email"]
+  firstname  = title(each.value["firstname"])
+  lastname   = title(each.value["lastname"])
+  enable_mfa = each.value["mfa"]
+}
+
+resource "jumpcloud_user_group" "groups" {
+  for_each = toset(var.groups)
+  name     = each.value
+}
+
+locals {
+  group_matrix = [ for user in keys(var.users) :
+    setproduct([jumpcloud_user.users[user].id], [for group in var.users[user].groups : jumpcloud_user_group.groups[group].id] )
+  ]
+  group_flat = flatten([
+    for sets in local.group_matrix : [
+      for set in sets : {
+        user  = set[0]
+        group = set[1]
+      }
+    ]
+  ])
+}
+
+resource "jumpcloud_user_group_membership" "members" {
+  for_each = { for index, set in local.group_flat: index => set }
+  user_id  = each.value.user
+  group_id = each.value.group
+}
diff --git a/modules/jumpcloud/users-groups/outputs.tf b/modules/jumpcloud/users-groups/outputs.tf
new file mode 100644
index 0000000..17825a0
--- /dev/null
+++ b/modules/jumpcloud/users-groups/outputs.tf
@@ -0,0 +1,7 @@
+output "groups" {
+  value =[for value in jumpcloud_user_group.groups : {(value.name)=value.id}]
+}
+
+output "users" {
+  value = [for value in jumpcloud_user.users : {(value.username)=value.id}]
+}
diff --git a/modules/jumpcloud/users-groups/variables.tf b/modules/jumpcloud/users-groups/variables.tf
new file mode 100644
index 0000000..3ee441f
--- /dev/null
+++ b/modules/jumpcloud/users-groups/variables.tf
@@ -0,0 +1,19 @@
+variable "jumpcloud_org_id" {
+  description = "JumpCloud Orginzation ID found in the console."
+  type        = string
+}
+
+variable "jumpcloud_api" {
+  description = "JumpCloud API key found in the console."
+  type        = string
+}
+
+variable "groups" {
+  description = "Map of groups to create."
+  type        = any
+}
+
+variable "users" {
+  description = "Map of users and their groups to create."
+  type        = any
+}
diff --git a/modules/jumpcloud/users-groups/versions.tf b/modules/jumpcloud/users-groups/versions.tf
new file mode 100644
index 0000000..5f0d6a3
--- /dev/null
+++ b/modules/jumpcloud/users-groups/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    jumpcloud = {
+      source = "sagewave/jumpcloud"
+      version = "~> 0.2"
+    }
+  }
+}