myjfrog_private_connection resource required

[dhrapson]

Is your feature request related to a problem? Please describe.
We have multiple AWS accounts from which we want to pull images from Artifactory using Private Endpoints.
It is frustrating that I have to manually add the VPC endpoint for each one manually via the MyJFrog UI as a Private Connection.
In some cases the account contents will be periodically disposed to encourage good practice for using IaC.
Not being able to recreate these Private Connections via Terraform means we cannot fully tear down the VPC endpoints, and hence not the VPC either, which risks the leaving around of remnants from previous periods.

Describe the solution you'd like
A new resource called platform_myjfrog_ip_private_connection with a single attribute vpc_endpoint

Describe alternatives you've considered
A workaround of a HTTP-based terraform provider or local-exec that executes curl could work if I knew what API to invoke, however I wasn't able to find that in the JFrog REST API docs.

Additional context
None

[alexhung]

@dhrapson Thanks for the suggestion. You're correct that currently there's no REST API to set the private connection for AWS. I'll create an internal feature request ticket with the MyJFrog team. I encourage you to also mention this to your JFrog contact.

[dlorych]

Hi,

I'm experiencing the same issue. After investigating the issue, it looks that the problem is with the provider left in the not initialized state.
As part of its initialization, an Artifactory version is checked and if it could not be resolved, e.g. because of modified myjfrog_ip_allowlist resource, a warning is being logged and initialization is interrupted leaving the provider in invalid state. See this code.

	version, err := util.GetArtifactoryVersion(platformClient)
	if err != nil {
		resp.Diagnostics.AddWarning(
			"Error getting Artifactory version",
			fmt.Sprintf("The provider functionality might be affected by the absence of Artifactory version in the context. %v", err),
		)
		return
	}

In my terraform project, I'm using only myjfrog_ip_allowlist resource and I'm not accessing any platform or any artifactory API - in such case, in my opinion, the provider should be initialized correctly with myjfrog client, but possibly without platform client.
Alternatively, myjfrog functionality should be moved into its own provider.

[alexhung]

@dlorych Thanks for the report! That's definitely a bug. I've added this to our schedule to be fixed.

[alexhung]

Provider issues are fixed in jfrog/terraform-provider-platform#97

[alexhung]

@dhrapson Sorry it has been a while. The MyJFrog team would like to learn more about your request so please contact your JFrog customer support person and make the same feature request.