NewRelicPS

1.0.2-beta

NewRelicPS.Configuration.SyntheticSecureCredential.psm1

                                <#

.Synopsis

  Idempotently applies New Relic synthetic secure credential configurations

.Description

  Idempotently applies New Relic synthetic secure credential configurations.

.Example

  Set-SyntheticSecureCredential -AdminAPIKey $AdminAPIKey -DefinedSytheticSecureCredentials $Config.SyntheticSecureCredentials

  Uses New Relic APIs to update synthetic secure credentials to match the configuration defined in $Config.SyntheticSecureCredentials.  Any existing secure credentials that are not defined will be removed.

.Parameter AdminAPIAPIKey

  Must be an admin user's API Key, not an account-level REST API Key.  See more here: https://docs.newrelic.com/docs/apis/get-started/intro-apis/types-new-relic-api-keys

.Parameter DefinedSyntheticSecureCredentials

  An array of secure credential objects which define the desired configuration state for New Relic synthetic secure credentials.

#>

Function Set-NRSyntheticSecureCredentialConfiguration {

  [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSShouldProcess", '', Justification = "All CMDLets being called have ShouldProcess in place and the preference is passed to them." )]

  [CMDLetBinding(SupportsShouldProcess = $true)]

  Param (

    [Parameter (Mandatory = $true)]

    [string] $AdminAPIKey,

    [array] $DefinedSyntheticSecureCredentials

  )

  # Iterate over each defined secure credential

  [System.Collections.ArrayList]$existingSecureCredentials = @(Get-NRSyntheticSecureCredential -APIKey $AdminAPIKey)

  Write-Verbose "There are currently $($DefinedSyntheticSecureCredentials.count) defined Synthetic secure credentials and $($existingSecureCredentials.key.count) existing Synthetic secure credentials."

  Foreach ($secureCredential in $DefinedSyntheticSecureCredentials) {

    $existingSecureCredential = $existingSecureCredentials | Where-Object {$_.key -eq $secureCredential.key}

    $Params = @{

      APIKey = $AdminAPIKey

      Key = $secureCredential.Key.TOUPPER()

      Value = $secureCredential.Value

      Description = $secureCredential.Description

    }

    If ($existingSecureCredential) {

      # The secure credentials API does not return the secret value so there is no way to check it.  Therefore, update existing keys on each run.

      Write-Verbose "Updating secure credential $($secureCredential.key.ToUpper())"

      Update-NRSyntheticSecureCredential @Params -Whatif:$WhatIfPreference | Out-Null

      # Any extra existing secure credentials that are not defined will be removed later

      $existingSecureCredentials.Remove($existingSecureCredential)

    }

    # Otherwise, create secure credential

    Else {

      Write-Verbose "Creating secure credential $($secureCredential.Key.ToUpper())"

      New-NRSyntheticSecureCredential @Params -Whatif:$WhatIfPreference | Out-Null

    }

  }

  # Check for existing secure credentials not in the definition and remove them

  # Note that the Synthetic API returns an object with empty properties rather than null when no secure credentials exist so check using the key property

  If ($existingSecureCredentials.key) {

    Write-Verbose "Removing secure credential(s) $($existingSecureCredentials.Key.ToUpper() -join (','))"

    $existingSecureCredentials.Key | Remove-NRSyntheticSecureCredential $AdminAPIKey  -Whatif:$WhatIfPreference | Out-Null

  }

}