660 add rate limit configuration resource

.changelog/1176.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+pingone_rate_limit_configuration
+```

docs/resources/rate_limit_configuration.md

@@ -0,0 +1,51 @@
+---
+page_title: "pingone_rate_limit_configuration Resource - terraform-provider-pingone"
+subcategory: "Platform"
+description: |-
+  Resource to create and manage rate limit configurations in PingOne. Rate limit configurations allow you to exclude specific IP addresses or CIDR ranges from rate limiting.
+---
+
+# pingone_rate_limit_configuration (Resource)
+
+Resource to create and manage rate limit configurations in PingOne. Rate limit configurations allow you to exclude specific IP addresses or CIDR ranges from rate limiting.
+
+## Example Usage
+
+```terraform
+resource "pingone_environment" "my_environment" {
+  # ...
+}
+
+resource "pingone_rate_limit_configuration" "my_rate_limit_configuration" {
+  environment_id = pingone_environment.my_environment.id
+
+  type  = "WHITELIST"
+  value = "192.0.2.0/24"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `environment_id` (String) The ID of the environment to create the rate limit configuration in.  Must be a valid PingOne resource ID.  This field is immutable and will trigger a replace plan if changed.
+- `value` (String) The IP address (IPv4 or IPv6), or a CIDR range, for the IP address or addresses to be excluded from rate limiting.
+
+### Optional
+
+- `type` (String) The type of rate limit configuration. Currently, the only type supported is `WHITELIST`, indicating that the IP address in `value` is to be excluded from rate limiting.  Defaults to `WHITELIST`.
+
+### Read-Only
+
+- `created_at` (String) A string that specifies the time the resource was created.
+- `id` (String) The ID of this resource.
+- `updated_at` (String) A string that specifies the time the resource was last updated.
+
+## Import
+
+Import is supported using the following syntax, where attributes in `<>` brackets are replaced with the relevant ID.  For example, `<environment_id>` should be replaced with the ID of the environment to import from.
+
+```shell
+terraform import pingone_rate_limit_configuration.example <environment_id>/<rate_limit_configuration_id>
+```

examples/resources/pingone_rate_limit_configuration/import.sh

@@ -0,0 +1 @@
+terraform import pingone_rate_limit_configuration.example <environment_id>/<rate_limit_configuration_id>

examples/resources/pingone_rate_limit_configuration/resource.tf

@@ -0,0 +1,10 @@
+resource "pingone_environment" "my_environment" {
+  # ...
+}
+
+resource "pingone_rate_limit_configuration" "my_rate_limit_configuration" {
+  environment_id = pingone_environment.my_environment.id
+
+  type  = "WHITELIST"
+  value = "192.0.2.0/24"
+}

go.mod

@@ -28,7 +28,7 @@ require (
 	github.com/patrickcping/pingone-go-sdk-v2 v0.14.3
 	github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.2
 	github.com/patrickcping/pingone-go-sdk-v2/credentials v0.12.0
-	github.com/patrickcping/pingone-go-sdk-v2/management v0.62.0
+	github.com/patrickcping/pingone-go-sdk-v2/management v0.62.1-0.20251203115510-4232d8f7d174
 	github.com/patrickcping/pingone-go-sdk-v2/mfa v0.23.2
 	github.com/patrickcping/pingone-go-sdk-v2/risk v0.21.0
 	github.com/patrickcping/pingone-go-sdk-v2/verify v0.10.0

go.sum

@@ -1480,8 +1480,8 @@ github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.2 h1:9tsJMj3aHOaF4Bdxvg
 github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.2/go.mod h1:42Te708LzeYC5z8axZopRPvQseDb1cvmWn8VNxO+YUc=
 github.com/patrickcping/pingone-go-sdk-v2/credentials v0.12.0 h1:NH1rJ4RuciyKEjV8WQ6chOSdwNbtTPuCUOedHX7GKas=
 github.com/patrickcping/pingone-go-sdk-v2/credentials v0.12.0/go.mod h1:oUdH/pGBp9JI/k0ptDgdprs/peruIwLurEHinuHDK90=
-github.com/patrickcping/pingone-go-sdk-v2/management v0.62.0 h1:wO018lINer2iNWjM0RwqMH0/fiNQ4xOnUV+MtOmIYmk=
-github.com/patrickcping/pingone-go-sdk-v2/management v0.62.0/go.mod h1:AuR8b02ntdqjAzgEYFFEeaOLig+LcsdQXmnpbG/1S2A=
+github.com/patrickcping/pingone-go-sdk-v2/management v0.62.1-0.20251203115510-4232d8f7d174 h1:/Cw4CgWgN/4NR/KCoXpY4Q8ExPPG25mZC8K6x4tJV+o=
+github.com/patrickcping/pingone-go-sdk-v2/management v0.62.1-0.20251203115510-4232d8f7d174/go.mod h1:AuR8b02ntdqjAzgEYFFEeaOLig+LcsdQXmnpbG/1S2A=
 github.com/patrickcping/pingone-go-sdk-v2/mfa v0.23.2 h1:V2iW5DT7JUZd7HBRcF8cOMjRCJ+UG9MCckWVZYVSA/0=
 github.com/patrickcping/pingone-go-sdk-v2/mfa v0.23.2/go.mod h1:2c47ma7Nu7X+hQTuBcB70FosnlUxjhsWPmlm/ErEJ80=
 github.com/patrickcping/pingone-go-sdk-v2/risk v0.21.0 h1:oW3EPdempOpVQXlCfKBqhQKusbeIZZMO3exImxXOFp4=

internal/acctest/service/base/rate_limit_configuration.go

@@ -0,0 +1,88 @@
+// Copyright © 2025 Ping Identity Corporation
+
+package base
+
+import (
+	"context"
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-plugin-testing/terraform"
+	"github.com/patrickcping/pingone-go-sdk-v2/management"
+	"github.com/pingidentity/terraform-provider-pingone/internal/acctest"
+	"github.com/pingidentity/terraform-provider-pingone/internal/acctest/legacysdk"
+)
+
+func RateLimitConfiguration_CheckDestroy(s *terraform.State) error {
+	var ctx = context.Background()
+
+	p1Client, err := legacysdk.TestClient(ctx)
+
+	if err != nil {
+		return err
+	}
+
+	apiClient := p1Client.API.ManagementAPIClient
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "pingone_rate_limit_configuration" {
+			continue
+		}
+
+		shouldContinue, err := legacysdk.CheckParentEnvironmentDestroy(ctx, apiClient, rs.Primary.Attributes["environment_id"])
+		if err != nil {
+			return err
+		}
+
+		if shouldContinue {
+			continue
+		}
+
+		_, r, err := apiClient.RateLimitingApi.ReadOneRateLimitConfiguration(ctx, rs.Primary.Attributes["environment_id"], rs.Primary.ID).Execute()
+
+		shouldContinue, err = acctest.CheckForResourceDestroy(r, err)
+		if err != nil {
+			return err
+		}
+
+		if shouldContinue {
+			continue
+		}
+
+		return fmt.Errorf("PingOne Rate Limit Configuration %s still exists", rs.Primary.ID)
+	}
+
+	return nil
+}
+
+func RateLimitConfiguration_GetIDs(resourceName string, environmentID, resourceID *string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+
+		rs, ok := s.RootModule().Resources[resourceName]
+		if !ok {
+			return fmt.Errorf("Resource Not found: %s", resourceName)
+		}
+
+		if resourceID != nil {
+			*resourceID = rs.Primary.ID
+		}
+
+		if environmentID != nil {
+			*environmentID = rs.Primary.Attributes["environment_id"]
+		}
+
+		return nil
+	}
+}
+
+func RateLimitConfiguration_RemovalDrift_PreConfig(ctx context.Context, apiClient *management.APIClient, t *testing.T, environmentID, rateLimitConfigurationID string) {
+	if environmentID == "" || rateLimitConfigurationID == "" {
+		t.Fatalf("One of environment ID or rate limit configuration ID cannot be determined. Environment ID: %s, Rate Limit Configuration ID: %s", environmentID, rateLimitConfigurationID)
+	}
+
+	_, err := apiClient.RateLimitingApi.DeleteRateLimitConfiguration(ctx, environmentID, rateLimitConfigurationID).Execute()
+	if err != nil {
+		t.Fatalf("Failed to delete rate limit configuration: %v", err)
+	}
+}